rc.apparmor.functions should not mount /sys/kernel/security inside a chroot environment
Bug #1965923 reported by
Daniel Richard G.
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apparmor (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
This concerns apparmor 3.0.4-2ubuntu2 in Ubuntu jammy.
When I run a command like aa-teardown(8), it will mount securityfs on /sys/kernel/
On bare metal, this is reasonable. But in a chroot environment, the command should probably exit without taking any action, not unlike what systemd does: "Running in chroot, ignoring command 'daemon-reload'".
I see that the functions script already has logic addressing AppArmor in container environments, but it appears that the chroot scenario has not been addressed.
tags: | added: jammy |
To post a comment you must log in.