http://bugzilla.opensuse.org/show_bug.cgi?id=1061195
http://bugzilla.opensuse.org/show_bug.cgi?id=1061195#c8
Doug Smythies
We can't be the only ones seeing this issue.
I am seeing issues, not exactly the same, with Ubuntu. My test Ubuntu 16.04.3 server fails to start mysql and libvirtd due to many apparmor "DENIED" errors. My Ubuntu 17.10 development desktop VM fails to acquire an IP address due to dhclient apparmor "DENIED" errors. The problems came up between kernels 4.14-rc1 and 4.14-rc2, and via kernel bisection was isolated to commit 651e28c5537abb39076d3949fb7618536f1d242e - apparmor: add base infastructure for socket mediation. I found this thread: https://lkml.org/lkml/2017/10/3/2 , which pointed me here. The thread debates if this is a kernel regression or not. In my opinion it is a kernel regression. I have passed my information along to the author of the commit. Jeff wrote:
We've carried the network mediation patches for a while. They landed upstream in -rc2, which must've been in a slightly different form.
I'm told that Ubuntu has carried them for awhile also. And yes, there are significant differences between Ubuntu kernel 4.13.0.12 and what ended up in mainline kernel 4.14-rc2. -- You are receiving this mail because: You are on the CC list for the bug.