many: switch to apparmor 5.x with 4 ABI by zyga · Pull Request #16781 · canonical/snapd

zyga · 2026-03-18T09:10:19Z

This is apparmor 5.x release with ABI 4.0, which should theoretically be a drop-in replacement over current apparmor 4.1.7.

Note that the beta release we are using is not up-to-date with some fixes from 4.1.7 (new 5.x release is pending) so some failures are expected.

For apparmor master with 5 abi please see: #16780
For apparmor 5.x with 5 ABI please see: #15967
For apparmor 5.x with 4 ABI please see: #16781

Copilot

Pull request overview

Updates the snapd snap build to use AppArmor userspace 5.0.0 beta1 (ABI 4 series per PR description) as a drop-in replacement for the previously pinned 4.1.7, aligning the snapcraft build inputs and the autoconf pkg-config expectations.

Changes:

Bump the snapcraft build of AppArmor from 4.1.7 to 5.0.0-beta1 (including checksum update).
Adjust cmd/configure.ac to require the newer libapparmor version when building under snapcraft.
Build libapparmor/parser with static-linking-oriented flags in the snapcraft part.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

File	Description
`cmd/configure.ac`	Updates snapcraft-specific libapparmor pkg-config check to target AppArmor 5 beta.
`build-aux/snap/snapcraft.yaml`	Switches AppArmor source tarball/checksum to 5.0.0-beta1 and tweaks build flags for static linking.

You can also share your feedback on Copilot code review. Take the survey.

cmd/configure.ac

-        PKG_CHECK_MODULES([APPARMOR4], [libapparmor = 4.1.7], [
-            AC_DEFINE([HAVE_APPARMOR], [1], [Build with apparmor4 support])], [
-            AC_MSG_ERROR([unable to find apparmor4 for snap build of snapd])])], [
+        PKG_CHECK_MODULES([APPARMOR4], [libapparmor = 5.0.0~beta1], [


github-actions · 2026-03-18T09:21:46Z

Mon Mar 23 12:43:42 UTC 2026
The following results are from: https://github.com/canonical/snapd/actions/runs/23354231709

Failures:

Executing:

openstack:centos-9-64:tests/main/selinux-clean
openstack:fedora-42-64:tests/main/selinux-clean
openstack:opensuse-tumbleweed-selinux-64:tests/main/selinux-classic-confinement
openstack:opensuse-tumbleweed-selinux-64:tests/main/cgroup-devices-v2

Skipped tests from snapd-testing-skip

garden:ubuntu-22.04-64:tests/main/apparmor-prompting-integration-tests:create_multiple_actioned_by_other_pid_always_allow
garden:ubuntu-22.04-64:tests/main/apparmor-prompting-integration-tests:create_multiple_actioned_by_other_pid_always_deny
garden:ubuntu-22.04-64:tests/main/apparmor-prompting-integration-tests:create_multiple_allow
garden:ubuntu-22.04-64:tests/main/apparmor-prompting-integration-tests:create_multiple_deny
garden:ubuntu-22.04-64:tests/main/apparmor-prompting-integration-tests:create_multiple_not_actioned_by_other_pid_single_allow
garden:ubuntu-22.04-64:tests/main/apparmor-prompting-integration-tests:create_multiple_not_actioned_by_other_pid_single_deny
garden:ubuntu-22.04-64:tests/main/apparmor-prompting-integration-tests:download_file_conflict
garden:ubuntu-22.04-64:tests/main/apparmor-prompting-integration-tests:download_file_defaults
garden:ubuntu-22.04-64:tests/main/apparmor-prompting-integration-tests:download_file_safer
garden:ubuntu-22.04-64:tests/main/apparmor-prompting-integration-tests:read_single_allow
garden:ubuntu-22.04-64:tests/main/apparmor-prompting-integration-tests:read_single_deny
garden:ubuntu-22.04-64:tests/main/apparmor-prompting-integration-tests:timespan_allow
garden:ubuntu-22.04-64:tests/main/apparmor-prompting-integration-tests:timespan_deny
garden:ubuntu-22.04-64:tests/main/apparmor-prompting-integration-tests:write_read_multiple_actioned_by_other_pid_allow_deny
garden:ubuntu-22.04-64:tests/main/apparmor-prompting-integration-tests:write_read_multiple_actioned_by_other_pid_deny_allow
garden:ubuntu-22.04-64:tests/main/apparmor-prompting-integration-tests:write_single_allow
garden:ubuntu-22.04-64:tests/main/apparmor-prompting-integration-tests:write_single_deny
garden:ubuntu-25.10-64:tests/main/apparmor-prompting-support
openstack-arm:ubuntu-24.04-arm-64:tests/main/apparmor-prompting-integration-tests:create_multiple_actioned_by_other_pid_always_allow
openstack-arm:ubuntu-24.04-arm-64:tests/main/apparmor-prompting-integration-tests:create_multiple_actioned_by_other_pid_always_deny
openstack-arm:ubuntu-24.04-arm-64:tests/main/apparmor-prompting-integration-tests:create_multiple_allow
openstack-arm:ubuntu-24.04-arm-64:tests/main/apparmor-prompting-integration-tests:create_multiple_deny
openstack-arm:ubuntu-24.04-arm-64:tests/main/apparmor-prompting-integration-tests:create_multiple_not_actioned_by_other_pid_single_allow
openstack-arm:ubuntu-24.04-arm-64:tests/main/apparmor-prompting-integration-tests:create_multiple_not_actioned_by_other_pid_single_deny
openstack-arm:ubuntu-24.04-arm-64:tests/main/apparmor-prompting-integration-tests:download_file_conflict
openstack-arm:ubuntu-24.04-arm-64:tests/main/apparmor-prompting-integration-tests:download_file_defaults
openstack-arm:ubuntu-24.04-arm-64:tests/main/apparmor-prompting-integration-tests:download_file_safer
openstack-arm:ubuntu-24.04-arm-64:tests/main/apparmor-prompting-integration-tests:read_single_allow
openstack-arm:ubuntu-24.04-arm-64:tests/main/apparmor-prompting-integration-tests:read_single_deny
openstack-arm:ubuntu-24.04-arm-64:tests/main/apparmor-prompting-integration-tests:timespan_allow
openstack-arm:ubuntu-24.04-arm-64:tests/main/apparmor-prompting-integration-tests:timespan_deny
openstack-arm:ubuntu-24.04-arm-64:tests/main/apparmor-prompting-integration-tests:write_read_multiple_actioned_by_other_pid_allow_deny
openstack-arm:ubuntu-24.04-arm-64:tests/main/apparmor-prompting-integration-tests:write_read_multiple_actioned_by_other_pid_deny_allow
openstack-arm:ubuntu-24.04-arm-64:tests/main/apparmor-prompting-integration-tests:write_single_allow
openstack-arm:ubuntu-24.04-arm-64:tests/main/apparmor-prompting-integration-tests:write_single_deny
openstack-arm:ubuntu-24.04-arm-64:tests/main/i18n
openstack-arm:ubuntu-core-24-arm-64:tests/main/i18n
openstack:debian-sid-64:tests/main/interfaces-network-status-classic
openstack:ubuntu-20.04-64:tests/main/apparmor-prompting-integration-tests:create_multiple_actioned_by_other_pid_always_allow
openstack:ubuntu-20.04-64:tests/main/apparmor-prompting-integration-tests:create_multiple_actioned_by_other_pid_always_deny
openstack:ubuntu-20.04-64:tests/main/apparmor-prompting-integration-tests:create_multiple_allow
openstack:ubuntu-20.04-64:tests/main/apparmor-prompting-integration-tests:create_multiple_deny
openstack:ubuntu-20.04-64:tests/main/apparmor-prompting-integration-tests:create_multiple_not_actioned_by_other_pid_single_allow
openstack:ubuntu-20.04-64:tests/main/apparmor-prompting-integration-tests:create_multiple_not_actioned_by_other_pid_single_deny
openstack:ubuntu-20.04-64:tests/main/apparmor-prompting-integration-tests:download_file_conflict
openstack:ubuntu-20.04-64:tests/main/apparmor-prompting-integration-tests:download_file_defaults
openstack:ubuntu-20.04-64:tests/main/apparmor-prompting-integration-tests:download_file_safer
openstack:ubuntu-20.04-64:tests/main/apparmor-prompting-integration-tests:read_single_allow
openstack:ubuntu-20.04-64:tests/main/apparmor-prompting-integration-tests:read_single_deny
openstack:ubuntu-20.04-64:tests/main/apparmor-prompting-integration-tests:timespan_allow
openstack:ubuntu-20.04-64:tests/main/apparmor-prompting-integration-tests:timespan_deny
openstack:ubuntu-20.04-64:tests/main/apparmor-prompting-integration-tests:write_read_multiple_actioned_by_other_pid_allow_deny
openstack:ubuntu-20.04-64:tests/main/apparmor-prompting-integration-tests:write_read_multiple_actioned_by_other_pid_deny_allow
openstack:ubuntu-20.04-64:tests/main/apparmor-prompting-integration-tests:write_single_allow
openstack:ubuntu-20.04-64:tests/main/apparmor-prompting-integration-tests:write_single_deny
openstack:ubuntu-22.04-64:tests/main/apparmor-prompting-integration-tests:create_multiple_actioned_by_other_pid_always_allow
openstack:ubuntu-22.04-64:tests/main/apparmor-prompting-integration-tests:create_multiple_actioned_by_other_pid_always_deny
openstack:ubuntu-22.04-64:tests/main/apparmor-prompting-integration-tests:create_multiple_allow
openstack:ubuntu-22.04-64:tests/main/apparmor-prompting-integration-tests:create_multiple_deny
openstack:ubuntu-22.04-64:tests/main/apparmor-prompting-integration-tests:create_multiple_not_actioned_by_other_pid_single_allow
openstack:ubuntu-22.04-64:tests/main/apparmor-prompting-integration-tests:create_multiple_not_actioned_by_other_pid_single_deny
openstack:ubuntu-22.04-64:tests/main/apparmor-prompting-integration-tests:download_file_conflict
openstack:ubuntu-22.04-64:tests/main/apparmor-prompting-integration-tests:download_file_defaults
openstack:ubuntu-22.04-64:tests/main/apparmor-prompting-integration-tests:download_file_safer
openstack:ubuntu-22.04-64:tests/main/apparmor-prompting-integration-tests:read_single_allow
openstack:ubuntu-22.04-64:tests/main/apparmor-prompting-integration-tests:read_single_deny
openstack:ubuntu-22.04-64:tests/main/apparmor-prompting-integration-tests:timespan_allow
openstack:ubuntu-22.04-64:tests/main/apparmor-prompting-integration-tests:timespan_deny
openstack:ubuntu-22.04-64:tests/main/apparmor-prompting-integration-tests:write_read_multiple_actioned_by_other_pid_allow_deny
openstack:ubuntu-22.04-64:tests/main/apparmor-prompting-integration-tests:write_read_multiple_actioned_by_other_pid_deny_allow
openstack:ubuntu-22.04-64:tests/main/apparmor-prompting-integration-tests:write_single_allow
openstack:ubuntu-22.04-64:tests/main/apparmor-prompting-integration-tests:write_single_deny
openstack:ubuntu-24.04-64:tests/main/apparmor-prompting-integration-tests:create_multiple_actioned_by_other_pid_always_allow
openstack:ubuntu-24.04-64:tests/main/apparmor-prompting-integration-tests:create_multiple_actioned_by_other_pid_always_deny
openstack:ubuntu-24.04-64:tests/main/apparmor-prompting-integration-tests:create_multiple_allow
openstack:ubuntu-24.04-64:tests/main/apparmor-prompting-integration-tests:create_multiple_deny
openstack:ubuntu-24.04-64:tests/main/apparmor-prompting-integration-tests:create_multiple_not_actioned_by_other_pid_single_allow
openstack:ubuntu-24.04-64:tests/main/apparmor-prompting-integration-tests:create_multiple_not_actioned_by_other_pid_single_deny
openstack:ubuntu-24.04-64:tests/main/apparmor-prompting-integration-tests:download_file_conflict
openstack:ubuntu-24.04-64:tests/main/apparmor-prompting-integration-tests:download_file_defaults
openstack:ubuntu-24.04-64:tests/main/apparmor-prompting-integration-tests:download_file_safer
openstack:ubuntu-24.04-64:tests/main/apparmor-prompting-integration-tests:read_single_allow
openstack:ubuntu-24.04-64:tests/main/apparmor-prompting-integration-tests:read_single_deny
openstack:ubuntu-24.04-64:tests/main/apparmor-prompting-integration-tests:timespan_allow
openstack:ubuntu-24.04-64:tests/main/apparmor-prompting-integration-tests:timespan_deny
openstack:ubuntu-24.04-64:tests/main/apparmor-prompting-integration-tests:write_read_multiple_actioned_by_other_pid_allow_deny
openstack:ubuntu-24.04-64:tests/main/apparmor-prompting-integration-tests:write_read_multiple_actioned_by_other_pid_deny_allow
openstack:ubuntu-24.04-64:tests/main/apparmor-prompting-integration-tests:write_single_allow
openstack:ubuntu-24.04-64:tests/main/apparmor-prompting-integration-tests:write_single_deny
openstack:ubuntu-24.04-64:tests/main/i18n
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-flag-restart
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-integration-tests:create_multiple_actioned_by_other_pid_always_allow
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-integration-tests:create_multiple_actioned_by_other_pid_always_deny
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-integration-tests:create_multiple_allow
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-integration-tests:create_multiple_deny
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-integration-tests:create_multiple_not_actioned_by_other_pid_single_allow
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-integration-tests:create_multiple_not_actioned_by_other_pid_single_deny
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-integration-tests:download_file_conflict
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-integration-tests:download_file_defaults
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-integration-tests:download_file_safer
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-integration-tests:read_single_allow
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-integration-tests:read_single_deny
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-integration-tests:timespan_allow
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-integration-tests:timespan_deny
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-integration-tests:write_read_multiple_actioned_by_other_pid_allow_deny
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-integration-tests:write_read_multiple_actioned_by_other_pid_deny_allow
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-integration-tests:write_single_allow
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-integration-tests:write_single_deny
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-prompt-restoration
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-smoke:audiorecord_allow_forever
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-smoke:audiorecord_allow_session
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-smoke:audiorecord_allow_single
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-smoke:audiorecord_allow_timespan
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-smoke:audiorecord_deny_forever
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-smoke:audiorecord_deny_session
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-smoke:audiorecord_deny_single
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-smoke:audiorecord_deny_timespan
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-smoke:camera_allow_forever
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-smoke:camera_allow_session
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-smoke:camera_allow_single
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-smoke:camera_allow_timespan
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-smoke:camera_deny_forever
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-smoke:camera_deny_session
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-smoke:camera_deny_single
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-smoke:camera_deny_timespan
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-smoke:home_allow_forever
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-smoke:home_allow_session
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-smoke:home_allow_single
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-smoke:home_allow_timespan
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-smoke:home_deny_forever
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-smoke:home_deny_session
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-smoke:home_deny_single
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-smoke:home_deny_timespan
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-snapd-startup
openstack:ubuntu-25.10-64:tests/main/apparmor-prompting-support
openstack:ubuntu-25.10-64:tests/main/interfaces-requests-activates-handlers
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-flag-restart
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-integration-tests:create_multiple_actioned_by_other_pid_always_allow
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-integration-tests:create_multiple_actioned_by_other_pid_always_deny
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-integration-tests:create_multiple_allow
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-integration-tests:create_multiple_deny
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-integration-tests:create_multiple_not_actioned_by_other_pid_single_allow
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-integration-tests:create_multiple_not_actioned_by_other_pid_single_deny
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-integration-tests:download_file_conflict
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-integration-tests:download_file_defaults
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-integration-tests:download_file_safer
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-integration-tests:read_single_allow
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-integration-tests:read_single_deny
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-integration-tests:timespan_allow
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-integration-tests:timespan_deny
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-integration-tests:write_read_multiple_actioned_by_other_pid_allow_deny
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-integration-tests:write_read_multiple_actioned_by_other_pid_deny_allow
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-integration-tests:write_single_allow
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-integration-tests:write_single_deny
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-prompt-restoration
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-smoke:audiorecord_allow_forever
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-smoke:audiorecord_allow_session
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-smoke:audiorecord_allow_single
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-smoke:audiorecord_allow_timespan
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-smoke:audiorecord_deny_forever
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-smoke:audiorecord_deny_session
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-smoke:audiorecord_deny_single
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-smoke:audiorecord_deny_timespan
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-smoke:camera_allow_forever
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-smoke:camera_allow_session
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-smoke:camera_allow_single
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-smoke:camera_allow_timespan
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-smoke:camera_deny_forever
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-smoke:camera_deny_session
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-smoke:camera_deny_single
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-smoke:camera_deny_timespan
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-smoke:home_allow_forever
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-smoke:home_allow_session
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-smoke:home_allow_single
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-smoke:home_allow_timespan
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-smoke:home_deny_forever
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-smoke:home_deny_session
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-smoke:home_deny_single
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-smoke:home_deny_timespan
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-snapd-startup
openstack:ubuntu-26.04-64:tests/main/apparmor-prompting-support
openstack:ubuntu-26.04-64:tests/main/i18n
openstack:ubuntu-26.04-64:tests/main/interfaces-requests-activates-handlers
openstack:ubuntu-core-26-64:tests/core/netplan
openstack:ubuntu-core-26-64:tests/main/debug-confinement
openstack:ubuntu-core-26-64:tests/main/interfaces-network-manager
openstack:ubuntu-core-26-64:tests/main/interfaces-posix-mq
openstack:ubuntu-core-26-64:tests/main/security-device-cgroups-jailmode
openstack:ubuntu-core-26-64:tests/main/snaps-state
openstack:ubuntu-core-26-64:tests/regression/lp-1641885
openstack:ubuntu-core-26-64:tests/regression/lp-1667385:jailmode
openstack:ubuntu-core-26-64:tests/smoke/sandbox

codecov · 2026-03-19T05:51:36Z

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 77.56%. Comparing base (f7a2921) to head (c9742e3).

Additional details and impacted files

@@            Coverage Diff             @@
##           master   #16781      +/-   ##
==========================================
- Coverage   77.56%   77.56%   -0.01%     
==========================================
  Files        1366     1365       -1     
  Lines      188489   188418      -71     
  Branches     2446     2446              
==========================================
- Hits       146199   146141      -58     
+ Misses      33460    33449      -11     
+ Partials     8830     8828       -2

Flag	Coverage Δ
unittests	`77.56% <ø> (-0.01%)`	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

Switch the copy of apparmor bundled with snapd snap to the new 5 alpha 2 release. This keeps the old ABI intact so our profiles should retain old semantics. Jira: https://warthogs.atlassian.net/browse/SNAPDENG-35412 Signed-off-by: Zygmunt Krynicki <zygmunt.krynicki@canonical.com>

Signed-off-by: Zygmunt Krynicki <zygmunt.krynicki@canonical.com>

Disable support for building libapparmor.so and force static linking of libapparmor.a into apparmor_parser. Note that early in the 5.x series, apparmor userspace depends on libzstd for loading compressed profiles. Signed-off-by: Zygmunt Krynicki <zygmunt.krynicki@canonical.com>

Copilot AI review requested due to automatic review settings March 18, 2026 09:10

Copilot started reviewing on behalf of zyga March 18, 2026 09:10 View session

zyga changed the title ~~Rfc/apparmor 5 abi 4~~ many: switch to apparmor 5.x with 4 ABI Mar 18, 2026

This was referenced Mar 18, 2026

many: switch to apparmor master with 5 ABI (DO NOT MERGE) #16780

Open

many: switch to apparmor 5.x with 5 ABI #15967

Open

Copilot AI reviewed Mar 18, 2026

View reviewed changes

cmd/configure.ac

PKG_CHECK_MODULES([APPARMOR4], [libapparmor = 4.1.7], [

AC_DEFINE([HAVE_APPARMOR], [1], [Build with apparmor4 support])], [

AC_MSG_ERROR([unable to find apparmor4 for snap build of snapd])])], [

PKG_CHECK_MODULES([APPARMOR4], [libapparmor = 5.0.0~beta1], [

zyga closed this Mar 19, 2026

zyga reopened this Mar 19, 2026

zyga force-pushed the rfc/apparmor-5-abi-4 branch from 079fd1d to 37363bb Compare March 20, 2026 11:36

zyga added 7 commits March 20, 2026 18:15

cmd: expect apparmor 5 alpha 2

65c4d5e

Signed-off-by: Zygmunt Krynicki <zygmunt.krynicki@canonical.com>

build-aux: update to apparmor 5 alpha 6

db1112f

Signed-off-by: Zygmunt Krynicki <zygmunt.krynicki@canonical.com>

cmd: expect apparmor 5 alpha 6

96b16b0

Signed-off-by: Zygmunt Krynicki <zygmunt.krynicki@canonical.com>

build-aux: update to apparmor 5 beta 1

28d5370

Signed-off-by: Zygmunt Krynicki <zygmunt.krynicki@canonical.com>

cmd: expect apparmor 5 beta 1

0058421

Signed-off-by: Zygmunt Krynicki <zygmunt.krynicki@canonical.com>

zyga force-pushed the rfc/apparmor-5-abi-4 branch from 37363bb to c9742e3 Compare March 20, 2026 17:16

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

many: switch to apparmor 5.x with 4 ABI#16781

many: switch to apparmor 5.x with 4 ABI#16781
zyga wants to merge 7 commits intocanonical:masterfrom
zyga:rfc/apparmor-5-abi-4

zyga commented Mar 18, 2026 •

edited

Loading

Uh oh!

Copilot AI left a comment

Uh oh!

github-actions bot commented Mar 18, 2026 •

edited

Loading

Uh oh!

codecov bot commented Mar 19, 2026 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

zyga commented Mar 18, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Copilot AI left a comment

Choose a reason for hiding this comment

Pull request overview

Reviewed changes

Uh oh!

github-actions bot commented Mar 18, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Failures:

Executing:

Skipped tests from snapd-testing-skip

Uh oh!

codecov bot commented Mar 19, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Codecov Report

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

zyga commented Mar 18, 2026 •

edited

Loading

github-actions bot commented Mar 18, 2026 •

edited

Loading

codecov bot commented Mar 19, 2026 •

edited

Loading