In journalctl -rkb, the kernel is complaining about: « landlock: Disabled but requested by user space. You should enable Landlock at boot time: https://docs.kernel.org/userspace-api/landlock.html#boot-time-configuration » What I can see, is that it seems supported: $ zgrep LANDLOCK /proc/config.gz CONFIG_SECURITY_LANDLOCK=y But it may be missing here: $ zgrep CONFIG_LSM= /proc/config.gz CONFIG_LSM="yama" Actually, I do not have any knowledge about landlock. Reproducible: Always Steps to Reproduce: 1. boot gentoo-kernel Actual Results: kernel complaining about landlock Expected Results: kernel not complaining about landlock I don't know how long this issue has been there.
I've been seeing this for a while too and kept meaning to file a bug for it. I think we need to add it to CONFIG_LSM indeed but not verified.
(This shows up especially often on systems because `xz` uses Landlock, so it shows up whenever a distfile is first unpacked..)
You can just enable this via kernel cmdline "lsm=landlock", works on my end to suppress this warning.
(In reply to Nowa Ammerlaan from comment #3) > You can just enable this via kernel cmdline "lsm=landlock", works on my end > to suppress this warning. Sure, I just think it makes sense for us to enable it too.
