mbox series

[SRU,N:raspi,O:raspi,0/1] On Pi desktop, numerous reports of lack of landlock supported ABI (LP: #2066885)

Message ID 20241028161216.226888-1-juerg.haefliger@canonical.com
Headers show
Series On Pi desktop, numerous reports of lack of landlock supported ABI (LP: #2066885) | expand

Message

Juerg Haefliger Oct. 28, 2024, 4:12 p.m. UTC
BugLink: https://bugs.launchpad.net/bugs/2066885

[Impact]

On the Ubuntu noble desktop for Raspberry Pi, the system journal has numerous of the following entries:

May 23 10:30:29 kermit tracker-miner-f[11130]: Could not get landlock supported ABI: Operation not supported
May 23 10:30:29 kermit tracker-miner-f[11130]: Refusing to extract file data since Landlock could not be enabled. Update your kernel to fix this warning.

These appear to be written every time a file in my home directory is modified. The kernel is the stock noble kernel from linux-raspi, 6.8.0-1004-raspi.

[Test Case]

Ubuntu desktop image with tracker-miner should not produce any log entries like the ones above.

$ sudo dmesg | grep landl
[    0.002208] LSM: initializing lsm=lockdown,capability,landlock,yama,apparmor,ima,evm
[    0.002531] landlock: Up and running.

[Where Problems Could Occur]

Kernel issues (crashes, stack traces) at boot and/or when userspace invokes the LSM ABI.

Juerg Haefliger (1):
  UBUNTU: [Config] raspi: Enable landlock LSM by default

 debian.raspi/config/annotations | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Agathe Porte Oct. 29, 2024, 2:39 p.m. UTC | #1
2024-10-28 17:13 CET, Juerg Haefliger:
> BugLink: https://bugs.launchpad.net/bugs/2066885
> 
> [Impact]
> 
> On the Ubuntu noble desktop for Raspberry Pi, the system journal has numerous of the following entries:
> 
> May 23 10:30:29 kermit tracker-miner-f[11130]: Could not get landlock supported ABI: Operation not supported
> May 23 10:30:29 kermit tracker-miner-f[11130]: Refusing to extract file data since Landlock could not be enabled. Update your kernel to fix this warning.
> 
> These appear to be written every time a file in my home directory is modified. The kernel is the stock noble kernel from linux-raspi, 6.8.0-1004-raspi.
> 
> [Test Case]
> 
> Ubuntu desktop image with tracker-miner should not produce any log entries like the ones above.
> 
> $ sudo dmesg | grep landl
> [    0.002208] LSM: initializing lsm=lockdown,capability,landlock,yama,apparmor,ima,evm
> [    0.002531] landlock: Up and running.
> 
> [Where Problems Could Occur]
> 
> Kernel issues (crashes, stack traces) at boot and/or when userspace invokes the LSM ABI.
> 
> Juerg Haefliger (1):
>   UBUNTU: [Config] raspi: Enable landlock LSM by default
> 
>  debian.raspi/config/annotations | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)

Acked-by: Agathe Porte <agathe.porte@canonical.com>
Guoqing Jiang Oct. 29, 2024, 3:11 p.m. UTC | #2
Acked-by: Guoqing Jiang <guoqing.jiang@canonical.com>

On 10/28/24 17:12, Juerg Haefliger wrote:
> BugLink: https://bugs.launchpad.net/bugs/2066885
>
> [Impact]
>
> On the Ubuntu noble desktop for Raspberry Pi, the system journal has numerous of the following entries:
>
> May 23 10:30:29 kermit tracker-miner-f[11130]: Could not get landlock supported ABI: Operation not supported
> May 23 10:30:29 kermit tracker-miner-f[11130]: Refusing to extract file data since Landlock could not be enabled. Update your kernel to fix this warning.
>
> These appear to be written every time a file in my home directory is modified. The kernel is the stock noble kernel from linux-raspi, 6.8.0-1004-raspi.
>
> [Test Case]
>
> Ubuntu desktop image with tracker-miner should not produce any log entries like the ones above.
>
> $ sudo dmesg | grep landl
> [    0.002208] LSM: initializing lsm=lockdown,capability,landlock,yama,apparmor,ima,evm
> [    0.002531] landlock: Up and running.
>
> [Where Problems Could Occur]
>
> Kernel issues (crashes, stack traces) at boot and/or when userspace invokes the LSM ABI.
>
> Juerg Haefliger (1):
>    UBUNTU: [Config] raspi: Enable landlock LSM by default
>
>   debian.raspi/config/annotations | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
>
Juerg Haefliger Nov. 21, 2024, 3:25 p.m. UTC | #3
Applied to N/O:linux-raspi master-next branch.

...Juerg


On Mon, 28 Oct 2024 17:12:15 +0100
Juerg Haefliger <juerg.haefliger@canonical.com> wrote:

> BugLink: https://bugs.launchpad.net/bugs/2066885
> 
> [Impact]
> 
> On the Ubuntu noble desktop for Raspberry Pi, the system journal has numerous of the following entries:
> 
> May 23 10:30:29 kermit tracker-miner-f[11130]: Could not get landlock supported ABI: Operation not supported
> May 23 10:30:29 kermit tracker-miner-f[11130]: Refusing to extract file data since Landlock could not be enabled. Update your kernel to fix this warning.
> 
> These appear to be written every time a file in my home directory is modified. The kernel is the stock noble kernel from linux-raspi, 6.8.0-1004-raspi.
> 
> [Test Case]
> 
> Ubuntu desktop image with tracker-miner should not produce any log entries like the ones above.
> 
> $ sudo dmesg | grep landl
> [    0.002208] LSM: initializing lsm=lockdown,capability,landlock,yama,apparmor,ima,evm
> [    0.002531] landlock: Up and running.
> 
> [Where Problems Could Occur]
> 
> Kernel issues (crashes, stack traces) at boot and/or when userspace invokes the LSM ABI.
> 
> Juerg Haefliger (1):
>   UBUNTU: [Config] raspi: Enable landlock LSM by default
> 
>  debian.raspi/config/annotations | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>