Package: tomoyo-tools Version: stable Severity: critical Justification: breaks the whole system X-Debbugs-Cc: p...@futureware.at
When tomoyo-tools is installed in a LXC container (both Host and Container being Debian stable), and there is no tomoyo-tools installed on the host, then the Linux kernel panics or freezes as soon as the container is started next time, which brings the whole system and all LXC containers down. I have experienced this on a production system first, where a kernel panic occured, so I tried to reproduce the problem on a QEMU based simulation with a bare Debian install, and there I was able to fully reproduce kernel freezes. In the beginning I was suspecting an incompatibility between AppArmor which runs on the host and tomoyo which runs inside the container, but then I tried to combine AppArmor and tomoyo on the host and had no problem there, so it seems to be primarily the problem that tomoyo does not expect to be run inside a LXC container. A photo of the kernel panic is available on https://www2.futureware.at/ftp/db/b894dd8a3ebd3edaf577ac9526901fcc77bef2ab/upload.jpg Please let me know if you need help to reproduce it. -- System Information: Debian Release: 12.8 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 6.1.0-28-amd64 (SMP w/2 CPU threads; PREEMPT) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages tomoyo-tools depends on: ii debconf 1.5.82 ii libc6 2.36-9+deb12u9 pn libncurses6 <none> ii libtinfo6 6.4-4 pn libtomoyotools3 <none> tomoyo-tools recommends no packages. tomoyo-tools suggests no packages.
