For bionic I had to change the script a bit to be able to launch a lxd bionic VM. In bionic I also didn't always get an apparmor DENIED with the dpkg --print-foreign-architectures, but I did get it when I logged in interactively. Since the other checks produced a DENIED message, and later with the update did not, I decided it was not worth debugging further.
Same with xenial.
# Testing series bionic
###########################################
Creating bionic-2067810
Device config added to bionic-2067810
Waiting for container IP
Waiting for container ssh
Connection to 10.0.102.136 22 port [tcp/ssh] succeeded!
Waiting for cloud-init to be done
timeout: unrecognized option '--verbose'
Try 'timeout --help' for more information.
cloud-init status --wait failed on container bionic-2067810
dpkg-preconfigure: unable to re-open stdin: No such file or directory
For bionic I had to change the script a bit to be able to launch a lxd bionic VM. In bionic I also didn't always get an apparmor DENIED with the dpkg --print- foreign- architectures, but I did get it when I logged in interactively. Since the other checks produced a DENIED message, and later with the update did not, I decided it was not worth debugging further.
Same with xenial.
# Testing series bionic ####### ####### ####### ####### ####### #
#######
Creating bionic-2067810
Device config added to bionic-2067810
Waiting for container IP
Waiting for container ssh
Connection to 10.0.102.136 22 port [tcp/ssh] succeeded!
Waiting for cloud-init to be done
timeout: unrecognized option '--verbose'
Try 'timeout --help' for more information.
cloud-init status --wait failed on container bionic-2067810
dpkg-preconfigure: unable to re-open stdin: No such file or directory
# Latest u-a-t is installed ####### ####### ####### ####### ####### # advantage- tools: archive. ubuntu. com/ubuntu bionic-updates/main amd64 Packages dpkg/status archive. ubuntu. com/ubuntu bionic/main amd64 Packages ####### ####### ####### ####### ####### #
#######
ubuntu-
Installed: 32.3~18.04
Candidate: 32.3~18.04
Version table:
*** 32.3~18.04 500
500 http://
100 /var/lib/
17 500
500 http://
#######
# Creating conditions for the bug ####### ####### ####### ####### ####### # ####### ####### ####### ####### ####### #
#######
#######
# Reproducing the bug ####### ####### ####### ####### ####### #
#######
# Triggering apparmor DENIED messages ####### ####### ####### ####### ####### #
#######
# aa-exec -p ubuntu_ pro_esm_ cache// dpkg dpkg --print- foreign- architectures
# dmesg:
# aa-exec -p ubuntu_ pro_esm_ cache apt-cache policy | head dpkg/status security. ubuntu. com/ubuntu bionic- security/ multiverse amd64 Packages o=Ubuntu, a=bionic- security, n=bionic, l=Ubuntu, c=multiverse, b=amd64 security. ubuntu. com/ubuntu bionic- security/ universe amd64 Packages o=Ubuntu, a=bionic- security, n=bionic, l=Ubuntu, c=universe, b=amd64 security. ubuntu. com/ubuntu bionic- security/ restricted amd64 Packages
Package files:
100 /var/lib/
release a=now
500 http://
release v=18.04,
origin security.ubuntu.com
500 http://
release v=18.04,
origin security.ubuntu.com
500 http://
# dmesg: 1.644:28) : apparmor="DENIED" operation="open" profile= "ubuntu_ pro_esm_ cache// dpkg" name="/ var/lib/ dpkg/arch" pid=2251 comm="dpkg" requested_mask="r" denied_mask="r" fsuid=0 ouid=0 1.664:29) : apparmor="DENIED" operation="open" profile= "ubuntu_ pro_esm_ cache// dpkg" name="/ var/lib/ dpkg/arch" pid=2252 comm="dpkg" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[Fri Jun 21 22:13:00 2024] audit: type=1400 audit(171900798
[Fri Jun 21 22:13:00 2024] audit: type=1400 audit(171900798
# esm-cache.service test ####### ####### ####### ####### ####### #
#######
# /var/lib/ apt/periodic/ contents ####### ####### ####### ####### ####### #
#######
total 8
drwxr-xr-x 2 root root 4096 Jun 21 22:13 .
drwxr-xr-x 5 root root 4096 Jun 21 22:12 ..
# systemctl start esm-cache.service
# dmesg: 4.315:30) : apparmor="DENIED" operation="open" profile= "ubuntu_ pro_esm_ cache// dpkg" name="/ var/lib/ dpkg/arch" pid=2284 comm="dpkg" requested_mask="r" denied_mask="r" fsuid=0 ouid=0 4.319:31) : apparmor="DENIED" operation="open" profile= "ubuntu_ pro_esm_ cache// dpkg" name="/ var/lib/ dpkg/arch" pid=2285 comm="dpkg" requested_mask="r" denied_mask="r" fsuid=0 ouid=0 4.322:32) : apparmor="DENIED" operation="open" profile= "ubuntu_ pro_esm_ cache// dpkg" name="/ var/lib/ dpkg/arch" pid=2289 comm="dpkg" requested_mask="r" denied_mask="r" fsuid=0 ouid=0 4.949:33) : apparmor="DENIED" operation="open" profile= "ubuntu_ pro_esm_ cache// apt_methods_ gpgv" name="/ var/lib/ dpkg/arch" pid=2300 comm="dpkg" requested_mask="r" denied_mask="r" fsuid=104 ouid=0 4.949:34) : apparmor="DENIED" operation="open" profile= "ubuntu_ pro_esm_ cache// apt_methods_ gpgv" name="/ var/lib/ dpkg/arch" pid=2302 comm="dpkg" requested_mask="r" denied_mask="r" fsuid=104 ouid=0 4.953:35) : apparmor="DENIED" operation="open" profile= "ubuntu_ pro_esm_ cache// apt_methods_ gpgv" name="/ var/lib/ dpkg/arch" pid=2304 comm="dpkg" requested_mask="r" denied_mask="r" fsuid=104 ouid=0 4.957:36) : apparmor="DENIED" operation="open" profile= "ubuntu_ pro_esm_ cache// apt_methods_ gpgv" name="/ var/lib/ dpkg/arch" pid=2306 comm="dpkg" requested_mask="r" denied_mask="r" fsuid=104 ouid=0 4.957:37) : apparmor="DENIED" operation="open" profile= "ubuntu_ pro_esm_ cache// apt_methods_ gpgv" name="/ var/lib/ dpkg/arch" pid=2309 comm="dpkg" requested_mask="r" denied_mask="r" fsuid=104 ouid=0
[Fri Jun 21 22:13:03 2024] audit: type=1400 audit(171900798
[Fri Jun 21 22:13:03 2024] audit: type=1400 audit(171900798
[Fri Jun 21 22:13:03 2024] audit: type=1400 audit(171900798
[Fri Jun 21 22:13:04 2024] audit: type=1400 audit(171900798
[Fri Jun 21 22:13:04 2024] audit: type=1400 audit(171900798
[Fri Jun 21 22:13:04 2024] audit: type=1400 audit(171900798
[Fri Jun 21 22:13:04 2024] audit: type=1400 audit(171900798
[Fri Jun 21 22:13:04 2024] audit: type=1400 audit(171900798
# Updating to proposed ####### ####### ####### ####### ####### # archive. ubuntu. com/ubuntu bionic-proposed main advantage- tools: archive. ubuntu. com/ubuntu bionic- proposed/ main amd64 Packages dpkg/status archive. ubuntu. com/ubuntu bionic-updates/main amd64 Packages archive. ubuntu. com/ubuntu bionic/main amd64 Packages
#######
deb http://
dpkg-preconfigure: unable to re-open stdin: No such file or directory
ubuntu-
Installed: 32.3.1~18.04
Candidate: 32.3.1~18.04
Version table:
*** 32.3.1~18.04 500
500 http://
100 /var/lib/
32.3~18.04 500
500 http://
17 500
500 http://
# Now there must be no apparmor DENIED messages ####### ####### ####### ####### ####### #
#######
# Triggering apparmor DENIED messages ####### ####### ####### ####### ####### #
#######
# aa-exec -p ubuntu_ pro_esm_ cache// dpkg dpkg --print- foreign- architectures
# dmesg:
# aa-exec -p ubuntu_ pro_esm_ cache apt-cache policy | head dpkg/status archive. ubuntu. com/ubuntu bionic- proposed/ main amd64 Packages o=Ubuntu, a=bionic- proposed, n=bionic, l=Ubuntu, c=main, b=amd64 security. ubuntu. com/ubuntu bionic- security/ multiverse amd64 Packages o=Ubuntu, a=bionic- security, n=bionic, l=Ubuntu, c=multiverse, b=amd64 security. ubuntu. com/ubuntu bionic- security/ universe amd64 Packages
Package files:
100 /var/lib/
release a=now
500 http://
release v=18.04,
origin archive.ubuntu.com
500 http://
release v=18.04,
origin security.ubuntu.com
500 http://
# dmesg:
# esm-cache.service test ####### ####### ####### ####### ####### #
#######
# /var/lib/ apt/periodic/ contents ####### ####### ####### ####### ####### #
#######
total 8
drwxr-xr-x 2 root root 4096 Jun 21 22:13 .
drwxr-xr-x 5 root root 4096 Jun 21 22:13 ..
# systemctl start esm-cache.service
# dmesg:
TEST SUCCEEDED