From 2995899af8e984015cf5025530502cbeaa2fa19f Mon Sep 17 00:00:00 2001 From: Ankush Pathak Date: Thu, 18 Apr 2024 21:46:52 -0500 Subject: [PATCH 1/2] feat(apparmor): Add policy:unconfined_restrictions feature to 6.5 kernel Failing CPC tests show that the preseeded apparmor features don't include policy:unconfined_restrictions for the 6.5 kernel. This change adds the feature preseed. Fixes LP: #2062929 --- .../apparmor/6.5/policy/unconfined_restrictions/change_profile | 0 live-build/apparmor/6.5/policy/unconfined_restrictions/io_uring | 0 live-build/apparmor/6.5/policy/unconfined_restrictions/userns | 0 3 files changed, 0 insertions(+), 0 deletions(-) create mode 100644 live-build/apparmor/6.5/policy/unconfined_restrictions/change_profile create mode 100644 live-build/apparmor/6.5/policy/unconfined_restrictions/io_uring create mode 100644 live-build/apparmor/6.5/policy/unconfined_restrictions/userns diff --git a/live-build/apparmor/6.5/policy/unconfined_restrictions/change_profile b/live-build/apparmor/6.5/policy/unconfined_restrictions/change_profile new file mode 100644 index 00000000..e69de29b diff --git a/live-build/apparmor/6.5/policy/unconfined_restrictions/io_uring b/live-build/apparmor/6.5/policy/unconfined_restrictions/io_uring new file mode 100644 index 00000000..e69de29b diff --git a/live-build/apparmor/6.5/policy/unconfined_restrictions/userns b/live-build/apparmor/6.5/policy/unconfined_restrictions/userns new file mode 100644 index 00000000..e69de29b From 8c91f615641cf7ec04ea2306dccea19c78c934e0 Mon Sep 17 00:00:00 2001 From: Ankush Pathak Date: Fri, 26 Apr 2024 15:56:11 -0500 Subject: [PATCH 2/2] Update d/ch for 23.10.60 release --- debian/changelog | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/debian/changelog b/debian/changelog index 998bf67a..b2ac2dc6 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +livecd-rootfs (23.10.60) mantic; urgency=medium + + * Add policy:unconfined_restrictions feature to 6.5 kernel (LP: #2062929) + + -- Ankush Pathak Fri, 26 Apr 2024 12:37:55 -0500 + livecd-rootfs (23.10.59) mantic; urgency=medium * Use Ubuntu policy default channel "latest" for preseeded snaps