© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
7020100
(Get the code!)
AppArmor's signal handling is a bit more involved than eg capabilities or file accesses: both the sender profile and receiver profile need to have signal rules to allow sending the signal or receiving the signal, as appropriate.
23.10 and 24.04 LTS have introduced restrictions on unprivileged namespaces to try to mitigate against kernel exploits. The details have changed between 23.10 and 24.04 LTS, so it's possible that upgrading to 24.04 LTS will be sufficient to fix this -- especially if the AppArmor profiles have been updated during the development cycle.
I'm not sure what exactly to suggest as I don't know the various kinds of Docker available, where the profiles live, etc. But hopefully these hints will help you get to a fix.
Thanks