action #161996
openAdd apparmor smoke test after maintenance updates are installed
0%
Description
The apparmor profile included in pasta|passt uncovered an issue that disabled Apparmor for all:
https://bugzilla.opensuse.org/show_bug.cgi?id=1226031
A simple smoke test could have helped here.
https://suse.slack.com/archives/C02DR0C5XUY/p1717932745148109
Updated by ph03nix 20 days ago
rbranco wrote:
The apparmor profile included in pasta|passt uncovered an issue that disabled Apparmor for all:
https://bugzilla.opensuse.org/show_bug.cgi?id=1226031A simple smoke test could have helped here.
https://suse.slack.com/archives/C02DR0C5XUY/p1717932745148109
We're running more than a smoke test for podman on Tumbleweed, which includes also the pasta|passt
network stack. What are we missing?
Updated by rbranco 20 days ago ยท Edited
ph03nix wrote in #note-1:
rbranco wrote:
The apparmor profile included in pasta|passt uncovered an issue that disabled Apparmor for all:
https://bugzilla.opensuse.org/show_bug.cgi?id=1226031A simple smoke test could have helped here.
https://suse.slack.com/archives/C02DR0C5XUY/p1717932745148109
We're running more than a smoke test for podman on Tumbleweed, which includes also the
pasta|passt
network stack. What are we missing?
We need a smoke test for Apparmor after all the maintenance updates are applied.
This command failed on my recent Tumbleweed installation because of the "problematic" passt Apparmor profile:
aa-complain /usr/sbin/dnsmasq
ERROR: Can't parse mount rule mount "" -> "/",
I think we could've catched this earlier with a smoke test for Apparmor running aa-complain...