Please unrevert the apparmor audit rule filtering feature

Bug #1898280 reported by Jamie Strandboge
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
High
John Johansen

Bug Description

Ubuntu carried a patch to apparmor for audit rule filtering, but it was reverted due to conflicts related to secids with earlier LSM stacking patchsets. The upstream LSM stacking patchset is believed to resolve these issues and groovy now carries the updated LSM stacking patchset.As such, please re-enable the audit rule filtering feature in apparmor.

CORRECTION: groovy's stacking patchset was revved but doesn't have the latest so we'd need to refresh the full stack to reenable the audit rule filtering feature.

Changed in linux (Ubuntu):
importance: Undecided → High
assignee: nobody → John Johansen (jjohansen)
status: New → Triaged
description: updated
description: updated
summary: - Please unrevert the audit rule filtering feature
+ Please unrevert the apparmor audit rule filtering feature
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

After more discussion with John, while groovy does have a newer stacking patchset, it doesn't have the latest patchset that resolves the audit subsystem. Unfortunately, as of today, all of those patches haven't been signed-off on yet so there might be future changes.

description: updated
description: updated
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

FYI, John refreshed the patchset to v20 and reenabled audit rule filtering and submitted to https://lists.ubuntu.com/archives/kernel-team/2020-October/113932.html. Since this is a significant change, it will be considered for a stable release update (SRU) after groovy release (to allow for peer review, QA, etc).

Changed in linux (Ubuntu):
status: Triaged → In Progress
milestone: none → groovy-updates
Changed in linux (Ubuntu):
status: In Progress → Fix Released
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Thanks John! :)

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers