After some discussion with Kamal,
Although this MANDATORY_FILE_LOCKING is considered to be a "very common
feature", we decided not to enable it since its on its way to being
removed altogether (unless some customer were to ask for it, then I'd
say switch it on for sure).
Thanks
** Changed in: linux-kvm (Ubuntu)
Status: New => Won't Fix
** Changed in: linux-kvm (Ubuntu Bionic)
Status: New => Won't Fix
** Also affects: ubuntu-kernel-tests
Importance: Undecided
Status: New
** Changed in: ubuntu-kernel-tests
Status: New => Fix Released
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1765025
Title:
apparmor mount regression test fails when
CONFIG_MANDATORY_FILE_LOCKING is disabled
Status in AppArmor:
Fix Released
Status in QA Regression Testing:
Fix Released
Status in ubuntu-kernel-tests:
Fix Released
Status in linux package in Ubuntu:
Invalid
Status in linux-kvm package in Ubuntu:
Won't Fix
Status in linux source package in Bionic:
Invalid
Status in linux-kvm source package in Bionic:
Won't Fix
Bug description:
Like bug 1760672, the test_regression_testsuite in ubuntu_qrt_apparmor
failed with 4.15.0-1004-kvm
But the error message is a little bit different. The "mount" test
failed in this case.
FAIL: test_regression_testsuite (__main__.ApparmorTestsuites)
Run kernel regression tests
----------------------------------------------------------------------
Traceback (most recent call last):
File "./test-apparmor.py", line 1716, in test_regression_testsuite
self.assertEqual(expected, rc, result + report)
AssertionError: Got exit code 2, expected 0
running aa_exec
running access
xfail: ACCESS file rx (r)
xfail: ACCESS file rwx (r)
xfail: ACCESS file r (wx)
xfail: ACCESS file rx (wx)
xfail: ACCESS file rwx (wx)
xfail: ACCESS dir rwx (r)
xfail: ACCESS dir r (wx)
xfail: ACCESS dir rx (wx)
xfail: ACCESS dir rwx (wx)
running at_secure
running introspect
running capabilities
(ptrace)
(sethostname)
(setdomainname)
(setpriority)
(setscheduler)
(reboot)
(chroot)
(mlockall)
(net_raw)
(ioperm)
(iopl)
running changeprofile
running onexec
running changehat
running changehat_fork
running changehat_misc
*** A 'Killed' message from bash is expected for the following test
/tmp/testlibvqbxov/source/bionic/apparmor-2.12/tests/regression/apparmor/prologue.inc:
line 264: 3444 Killed $testexec "$@" > $outfile 2>&1
*** A 'Killed' message from bash is expected for the following test
/tmp/testlibvqbxov/source/bionic/apparmor-2.12/tests/regression/apparmor/prologue.inc:
line 264: 3481 Killed $testexec "$@" > $outfile 2>&1
running chdir
running clone
running coredump
*** A 'Segmentation Fault' message from bash is expected for the following
test
/tmp/testlibvqbxov/source/bionic/apparmor-2.12/tests/regression/apparmor/prologue.inc:
line 264: 3769 Segmentation fault (core dumped) $testexec "$@" >
$outfile 2>&1
*** A 'Segmentation Fault' message from bash is expected for the following
test
/tmp/testlibvqbxov/source/bionic/apparmor-2.12/tests/regression/apparmor/prologue.inc:
line 264: 3803 Segmentation fault $testexec "$@" > $outfile 2>&1
*** A 'Segmentation Fault' message from bash is expected for the following
test
/tmp/testlibvqbxov/source/bionic/apparmor-2.12/tests/regression/apparmor/prologue.inc:
line 264: 3842 Segmentation fault $testexec "$@" > $outfile 2>&1
*** A 'Segmentation Fault' message from bash is expected for the following
test
/tmp/testlibvqbxov/source/bionic/apparmor-2.12/tests/regression/apparmor/prologue.inc:
line 264: 3881 Segmentation fault $testexec "$@" > $outfile 2>&1
*** A 'Segmentation Fault' message from bash is expected for the following
test
/tmp/testlibvqbxov/source/bionic/apparmor-2.12/tests/regression/apparmor/prologue.inc:
line 264: 3920 Segmentation fault $testexec "$@" > $outfile 2>&1
XFAIL: Error: corefile present when not expected -- COREDUMP (ix
confinement)
running deleted
running environ
running exec
running exec_qual
running fchdir
running fd_inheritance
running fork
running i18n
running link
running link_subset
running mkdir
running mmap
running mount
Error: mount failed. Test 'MOUNT (unconfined)' was expected to 'pass'.
Reason for failure 'FAIL: mount /dev/loop0 on
/tmp/sdtest.2351-23651-C7r5Aj/mountpoint failed - Operation not permitted'
using mount rules ...
Error: mount failed. Test 'MOUNT (confined cap mount:ALL)' was expected to
'pass'. Reason for failure 'FAIL: mount /dev/loop0 on
/tmp/sdtest.2351-23651-C7r5Aj/mountpoint failed - Operation not permitted'
Error: mount failed. Test 'MOUNT (confined cap mount -> mntpnt)' was
expected to 'pass'. Reason for failure 'FAIL: mount /dev/loop0 on
/tmp/sdtest.2351-23651-C7r5Aj/mountpoint failed - Operation not permitted'
Error: mount failed. Test 'MOUNT (confined cap mount fstype)' was expected
to 'pass'. Reason for failure 'FAIL: mount /dev/loop0 on
/tmp/sdtest.2351-23651-C7r5Aj/mountpoint failed - Operation not permitted'
running mult_mount
running named_pipe
running namespaces
running net_raw
running open
running openat
running pipe
running pivot_root
kernel does not support pivot_root domain transitions - skipping tests
...
running ptrace
using ptrace v6 tests ...
running pwrite
running query_label
running regex
running rename
running readdir
running rw
running socketpair
running swap
mkswap: /tmp/sdtest.342-4732-I1N8gh/swapfile: insecure permissions 0644,
0600 suggested.
swapon: /tmp/sdtest.342-4732-I1N8gh/swapfile: insecure permissions 0644,
0600 suggested.
running sd_flags
running setattr
running symlink
running syscall
WARNING: syscall sysctl not implemented, skipping tests ...
running tcp
running unix_fd_server
running unix_socket_pathname
xpass: AF_UNIX pathname socket (dgram); confined server w/ access (rw)
xpass: AF_UNIX pathname socket (dgram); confined client w/ access (rw)
running unix_socket_abstract
running unix_socket_unnamed
xpass: AF_UNIX unnamed socket (dgram); confined server (peer label w/
implicit perms)
xpass: AF_UNIX unnamed socket (dgram); confined server (peer label w/
explicit perms)
xpass: AF_UNIX unnamed socket (dgram); confined server (peer label, peer
addr)
xpass: AF_UNIX unnamed socket (dgram); confined server (type, peer label,
peer addr)
xpass: AF_UNIX unnamed socket (dgram); confined server (type, addr, peer
label)
xpass: AF_UNIX unnamed socket (dgram); confined server (type, addr, peer
label, peer addr)
running unlink
running xattrs
Required feature 'file/xattr' not available.. Skipping tests ...
running longpath
XFAIL: This version of AppArmor does not support changing buffer size.
running dbus_eavesdrop
dbus[1212]: Unable to set up transient service directory: XDG_RUNTIME_DIR
"/run/user/1000" is owned by uid 1000, not our uid 0
running dbus_message
dbus[1540]: Unable to set up transient service directory: XDG_RUNTIME_DIR
"/run/user/1000" is owned by uid 1000, not our uid 0
running dbus_service
dbus[2320]: Unable to set up transient service directory: XDG_RUNTIME_DIR
"/run/user/1000" is owned by uid 1000, not our uid 0
running dbus_unrequested_reply
dbus[2754]: Unable to set up transient service directory: XDG_RUNTIME_DIR
"/run/user/1000" is owned by uid 1000, not our uid 0
running aa_policy_cache
running exec_stack
running stackonexec
running stackprofile
Makefile:303: recipe for target 'tests' failed
make: *** [tests] Error 1
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: linux-image-4.15.0-1004-kvm 4.15.0-1004.4
ProcVersionSignature: User Name 4.15.0-1004.4-kvm 4.15.15
Uname: Linux 4.15.0-1004-kvm x86_64
ApportVersion: 2.20.9-0ubuntu5
Architecture: amd64
Date: Wed Apr 18 10:36:57 2018
ProcEnviron:
TERM=xterm-256color
PATH=(custom, no user)
XDG_RUNTIME_DIR=<set>
LANG=C.UTF-8
SHELL=/bin/bash
SourcePackage: linux-kvm
UpgradeStatus: No upgrade log present (probably fresh install)
To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1765025/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
