Hi, I tried again to build the version of the package that was failing (3.1.6+ds-10) and it built *successfully* in an environment similar to the one I used for the initial test (except it was updated to the current state of unstable).
In the failed build log, there was: Making check in tests make[2]: Entering directory '/<<PKGBUILDDIR>>/tests' make check-local make[3]: Entering directory '/<<PKGBUILDDIR>>/tests' ./unittest ./firehol ./fireqos ./link-balancer ./update-ipsets ./vnetbuild unshare: unshare failed: Operation not permitted make[3]: *** [Makefile:588: check-local] Error 1 make[3]: Leaving directory '/<<PKGBUILDDIR>>/tests' make[2]: *** [Makefile:471: check-am] Error 2 make[2]: Leaving directory '/<<PKGBUILDDIR>>/tests' make[1]: *** [Makefile:447: check-recursive] Error 1 make[1]: Leaving directory '/<<PKGBUILDDIR>>' dh_auto_test: error: make -j1 check VERBOSE=1 returned exit code 2 make: *** [debian/rules:8: binary] Error 25 In the successful log, there's: Making check in tests make[2]: Entering directory '/<<PKGBUILDDIR>>/tests' make check-local make[3]: Entering directory '/<<PKGBUILDDIR>>/tests' echo "Unprivileged user namespaces not enabled - not running tests" Unprivileged user namespaces not enabled - not running tests make[3]: Leaving directory '/<<PKGBUILDDIR>>/tests' make[2]: Leaving directory '/<<PKGBUILDDIR>>/tests' make[2]: Entering directory '/<<PKGBUILDDIR>>' make[2]: Nothing to be done for 'check-am'. make[2]: Leaving directory '/<<PKGBUILDDIR>>' make[1]: Leaving directory '/<<PKGBUILDDIR>>' I don't understand why, in the failing build, the userns were detected as being enabled. It might be that another package (built previously) was enabling them during build (or during installation of one of its build-depends). But I find that surprising, given all builds are performed as an unprivileged user... In any case, I can confirm that setting /proc/sys/kernel/unprivileged_userns_clone to 1 makes the failure reproducible (still on a 4.19 kernel). And 3.1.7+ds-1 is also affected. Lucas
