tomp
August 20, 2024, 3:30pm
1
The LXD 5.21/stable
channel is being updated to include interim fixes since the LXD 5.21.2 LTS release .
It will become available progressively as snap version: 5.21.2-22f93f4
in the 5.21/stable
channel.
Fixes:
2 Likes
tomp
September 3, 2024, 7:42am
3
Due to changes in the default behaviour of the updated vendored apparmor parser we have released an additional interim release (5.21.2-2f4ba6b
) to address 2 regressions.
canonical:main
← mihalicyn:apparmor_allow_unpriv_procfs
opened 09:14AM - 28 Aug 24 UTC
A new AppArmor includes security fixes and our ruleset become stricter, while th… e source code remains unchanged.
procfs was always available for unprivileged containers because of AppArmor bugs like [1]. Let's now allow it back by explicit rule.
[1] https://bugs.launchpad.net/apparmor/+bug/1597017
canonical:main
← mihalicyn:apparmor_unpriv_allow_more_fs
opened 12:42PM - 29 Aug 24 UTC
A new AppArmor includes security fixes and our ruleset become stricter, while th… e source code remains unchanged.
sysfs was always available for unprivileged containers because of AppArmor bugs like [1]. Let's now allow it back by explicit rule.
[1] https://bugs.launchpad.net/apparmor/+bug/1597017
Fixes:
https://discourse.ubuntu.com/t/mount-root-sysfs-cannot-mount-sysfs-read-only-with-lxd-5-21-2-22f93f4-from-snap/47563
2 Likes