Update AppArmor template to allow confined runc to kill containers
Bug #2065423 reported by
Sebastian Podjasek
This bug affects 7 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
containerd-app (Ubuntu) |
Fix Released
|
High
|
Lucas Kanashiro | ||
Focal |
Confirmed
|
Undecided
|
Unassigned | ||
Jammy |
Confirmed
|
Undecided
|
Unassigned | ||
Noble |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
Is there any chance that this PR can be implemented to current Ubuntu release?
Because as for now apparmor denies signals from runc and this results in many pods kept in Terminating state:
audit: type=1400 audit(171534295
Changed in containerd-app (Ubuntu): | |
status: | Confirmed → Triaged |
tags: | added: server-todo |
Changed in containerd-app (Ubuntu): | |
importance: | Undecided → High |
Changed in containerd-app (Ubuntu): | |
assignee: | nobody → Lucas Kanashiro (lucaskanashiro) |
To post a comment you must log in.
Status changed to 'Confirmed' because the bug affects multiple users.