Verification passed for jammy-linux-hwe-6.5. I ran the AppArmor QA Regression Tests [1] checked file permissions for /proc/sys/kernel/*unprivileged*.
georgia@sec-jammy-amd64:~$ uname -a
Linux sec-jammy-amd64 6.5.0-14-generic #14~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Mon Nov 20 18:15:30 UTC 2 x86_64 x86_64 x86_64 GNU/Linux
georgia@sec-jammy-amd64:~$ ll /proc/sys/kernel/*unprivileged*
-rw------- 1 root root 0 Jan 12 14:07 /proc/sys/kernel/apparmor_restrict_unprivileged_io_uring
-rw-r--r-- 1 root root 0 Jan 12 14:07 /proc/sys/kernel/apparmor_restrict_unprivileged_unconfined
-rw-r--r-- 1 root root 0 Jan 12 14:07 /proc/sys/kernel/apparmor_restrict_unprivileged_userns
-rw------- 1 root root 0 Jan 12 14:07 /proc/sys/kernel/apparmor_restrict_unprivileged_userns_complain
-rw------- 1 root root 0 Jan 12 14:07 /proc/sys/kernel/apparmor_restrict_unprivileged_userns_force
-rw-r--r-- 1 root root 0 Jan 12 14:07 /proc/sys/kernel/unprivileged_bpf_disabled
-rw------- 1 root root 0 Jan 12 14:07 /proc/sys/kernel/unprivileged_userns_apparmor_policy
-rw-r--r-- 1 root root 0 Jan 12 14:06 /proc/sys/kernel/unprivileged_userns_clone
Verification passed for jammy-linux- hwe-6.5. I ran the AppArmor QA Regression Tests [1] checked file permissions for /proc/sys/ kernel/ *unprivileged* .
georgia@ sec-jammy- amd64:~ $ uname -a
Linux sec-jammy-amd64 6.5.0-14-generic #14~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Mon Nov 20 18:15:30 UTC 2 x86_64 x86_64 x86_64 GNU/Linux
georgia@ sec-jammy- amd64:~ $ ll /proc/sys/ kernel/ *unprivileged* kernel/ apparmor_ restrict_ unprivileged_ io_uring kernel/ apparmor_ restrict_ unprivileged_ unconfined kernel/ apparmor_ restrict_ unprivileged_ userns kernel/ apparmor_ restrict_ unprivileged_ userns_ complain kernel/ apparmor_ restrict_ unprivileged_ userns_ force kernel/ unprivileged_ bpf_disabled kernel/ unprivileged_ userns_ apparmor_ policy kernel/ unprivileged_ userns_ clone
-rw------- 1 root root 0 Jan 12 14:07 /proc/sys/
-rw-r--r-- 1 root root 0 Jan 12 14:07 /proc/sys/
-rw-r--r-- 1 root root 0 Jan 12 14:07 /proc/sys/
-rw------- 1 root root 0 Jan 12 14:07 /proc/sys/
-rw------- 1 root root 0 Jan 12 14:07 /proc/sys/
-rw-r--r-- 1 root root 0 Jan 12 14:07 /proc/sys/
-rw------- 1 root root 0 Jan 12 14:07 /proc/sys/
-rw-r--r-- 1 root root 0 Jan 12 14:06 /proc/sys/
georgia@ sec-jammy- amd64:~ /qrt-test- apparmor$ sudo ./test-apparmor.py
..... ------- ------- ------- ------- ------- ------- ------- ------- -------
-------
Ran 62 tests in 1360.734s
OK (skipped=2)
[1] https:/ /launchpad. net/qa- regression- testing