=== cpaelzer__ is now known as cpaelzer
=== cpaelzer__ is now known as cpaelzer
=== cpaelzer__ is now known as cpaelzer
[21:06] <sdeziel> hello, in LP: #1844186,  jjohansen  was kind enough to provide test kernel builds addressing the issue for various releases/kernels. Most patches ended up in official kernels but not those for 4.4.0 and 4.15.0
[21:06] <ubot5> Launchpad bug 1844186 in linux (Ubuntu Bionic) "[regression] NoNewPrivileges incompatible with Apparmor" [Undecided,Confirmed] https://launchpad.net/bugs/1844186
[21:07] <sdeziel> yet, those were tested to be working and fixing the problem so I'd appreciate if someone could integrate them, please
[21:22] <sarnold> sdeziel: any chance you recall if those fixes broke snapd or similar? my memory is too fuzzy
[21:23] <sdeziel> sarnold: definitely not in a user visible way for the 5.0+ kernels as I test them with lxd's snap
[21:23] <sdeziel> sarnold: but for the older kernels, I didn't specifically tested snapd
[21:26] <sdeziel> sarnold: I could test 4.15.0 with lxd's snap if that can make that bug progress, should I do that?
[21:27] <sarnold> sdeziel: I can't promise anything, I just have a vague memory that an apparmor security fix broke something in snapd so we had to revert it.. it's possible that a comment "this patch didn't break these snapd use cases for me..." would help, but I'm not on the decision path thtere..
[21:32] <sdeziel> sarnold: OK, I'll try to do that test and report back. Ultimately I would have like if jjohansen could comment on why only 3 of his 5 patches were integrated ;)
[21:33] <sdeziel> he's worked on those patches so it be too bad to not see them integrated ;)
[21:34] <sarnold> a sadly all too common fate :(