change_profile incorrect when using namespaces with a compound stack
Bug #1677959 reported by
John Johansen
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
AppArmor |
New
|
Undecided
|
Unassigned | ||
linux (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Xenial |
Confirmed
|
Undecided
|
Unassigned | ||
Yakkety |
Won't Fix
|
Undecided
|
Unassigned | ||
Zesty |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
When a compound label is used as part of a target namespace the change profile will result in a bad change
a task confined by profile lxd doing
change_
results in a change_profile to
:ns://foo
and
unconfined
causing the local system profile to change instead of setting up a stack in the sub namespace
ie.
unconfined/
instead of the expected
lxd//
CVE References
Changed in linux (Ubuntu Zesty): | |
status: | Incomplete → Fix Committed |
Changed in linux (Ubuntu Xenial): | |
status: | Incomplete → Confirmed |
Changed in linux (Ubuntu Yakkety): | |
status: | Incomplete → Confirmed |
To post a comment you must log in.
This bug is missing log files that will aid in diagnosing the problem. From a terminal window please run:
apport-collect 1677959
and then change the status of the bug to 'Confirmed'.
If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.
This change has been made by an automated script, maintained by the Ubuntu Kernel Team.