After more discussion with John, while groovy does have a newer stacking patchset, it doesn't have the latest patchset that resolves the audit subsystem. Unfortunately, as of today, all of those patches haven't been signed-off on yet so there might be future changes.
** Description changed: Ubuntu carried a patch to apparmor for audit rule filtering, but it was reverted due to conflicts related to secids with earlier LSM stacking patchsets. The upstream LSM stacking patchset is believed to resolve - these issues and groovy now carries the updated LSM stacking patchset. + these issues and groovy now carries the updated LSM stacking patchset + (CORRECTION: groovy's stacking patchset was revved but doesn't have the + latest so we'd need to refresh the full stack to reenable the feature). As such, please re-enable the audit rule filtering feature in apparmor. While this could be an SRU, having it in groovy release would be ideal. ** Description changed: Ubuntu carried a patch to apparmor for audit rule filtering, but it was reverted due to conflicts related to secids with earlier LSM stacking patchsets. The upstream LSM stacking patchset is believed to resolve - these issues and groovy now carries the updated LSM stacking patchset - (CORRECTION: groovy's stacking patchset was revved but doesn't have the - latest so we'd need to refresh the full stack to reenable the feature). - As such, please re-enable the audit rule filtering feature in apparmor. + these issues and groovy now carries the updated LSM stacking patchset.As + such, please re-enable the audit rule filtering feature in apparmor. - While this could be an SRU, having it in groovy release would be ideal. + CORRECTION: groovy's stacking patchset was revved but doesn't have the + latest so we'd need to refresh the full stack to reenable the audit rule + filtering feature. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1898280 Title: Please unrevert the apparmor audit rule filtering feature Status in linux package in Ubuntu: Triaged Bug description: Ubuntu carried a patch to apparmor for audit rule filtering, but it was reverted due to conflicts related to secids with earlier LSM stacking patchsets. The upstream LSM stacking patchset is believed to resolve these issues and groovy now carries the updated LSM stacking patchset.As such, please re-enable the audit rule filtering feature in apparmor. CORRECTION: groovy's stacking patchset was revved but doesn't have the latest so we'd need to refresh the full stack to reenable the audit rule filtering feature. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1898280/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
