This bug is awaiting verification that the linux-gke/6.8.0-1004.7 kernel
in -proposed solves the problem. Please test the kernel and update this
bug with the results. If the problem is solved, change the tag
'verification-needed-noble-linux-gke' to 'verification-done-noble-linux-
gke'. If the problem still exists, change the tag 'verification-needed-
noble-linux-gke' to 'verification-failed-noble-linux-gke'.
If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.
See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!
** Tags added: kernel-spammed-noble-linux-gke-v2 verification-needed-noble-linux-gke
--
You received this bug notification because you are subscribed to linux
in Ubuntu.
Matching subscriptions: Bgg, Bmail, Nb
https://bugs.launchpad.net/bugs/2061851
Title:
linux-gcp 6.8.0-1005.5 (+ others) Noble kernel regression with new
apparmor profiles/features
Status in chrony package in Ubuntu:
Invalid
Status in linux package in Ubuntu:
Fix Released
Status in linux-aws package in Ubuntu:
Fix Released
Status in linux-azure package in Ubuntu:
Fix Released
Status in linux-gcp package in Ubuntu:
Fix Released
Status in linux-ibm package in Ubuntu:
Fix Released
Status in linux-oracle package in Ubuntu:
Fix Released
Status in snapd package in Ubuntu:
Invalid
Status in chrony source package in Noble:
Invalid
Status in linux source package in Noble:
Fix Released
Status in linux-aws source package in Noble:
Fix Released
Status in linux-azure source package in Noble:
Fix Released
Status in linux-gcp source package in Noble:
Fix Released
Status in linux-ibm source package in Noble:
Fix Released
Status in linux-oracle source package in Noble:
Fix Released
Status in snapd source package in Noble:
Invalid
Bug description:
* Canonical Public Cloud discovered that `chronyc -c sources` now fails with `506 Cannot talk to daemon` with the latest kernels. We are seeing this in linux-azure and linux-gcp kernels (6.8.0-1005.5)
* Disabling AppArmor (`sudo systemctl stop apparmor`) completely results in no regression and `chronyc -c sources` returns as expected
* Disabling the apparmor profile for `chronyd` only results in no regression and `chronyc -c sources` returns as expected
* There are zero entries in dmesg when this occurs
* There are zero entries in dmesg when this occurs if the apparmor profile for `chronyd` is placed in complain mode instead of enforce mode
* We changed the time server from the internal GCP metadata.google.internal to the ubuntu time server ntp.ubuntu.com with no change in behaviour
We also noted issues with DNS resolution in snaps like `google-cloud-cli` in GCE images.
* Disabling apparmor completely for snaps too (`sudo systemctl stop
snapd.apparmor`) results in no regression and calling the snaps
returns as expected.
The same issues are present in azure kernel `linux-azure` `6.8.0-1005.5` and the -proposed `6.8.0-25.25` generic kernel.
This is a release blocker for Noble release
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chrony/+bug/2061851/+subscriptions
Комментариев нет:
Отправить комментарий