Hey Aaron, yes there are many packages that now require an apparmor
profile. There is a shortcut, in between profile that can be used atm so
that a full profile doesn't need to be developed to get applications
that require unprivileged user namespaces working. I will get a patch
together to add these to the set of known applications that need
unprivileged user namespaces that we are now shipping profiles for.
You should be able to fix your immediate issues by adding the following
to your system,
$ cat /etc/apparmor.d/falkon
abi <abi/4.0>,
include <tunables/global>
profile falkon /usr/bin/falkon flags=(unconfined) {
userns,
# Site-specific additions and overrides. See local/README for details.
include if exists <local/falkon>
}
$ cat /etc/apparmor.d/epiphany
abi <abi/4.0>,
include <tunables/global>
profile epiphany /usr/bin/epiphany flags=(unconfined) {
userns,
# Site-specific additions and overrides. See local/README for details.
include if exists <local/epiphany>
}
$ cat /etc/apparmor.d/qutebrowser
abi <abi/4.0>,
include <tunables/global>
profile qutebrowser /usr/bin/qutebrowser flags=(unconfined) {
userns,
# Site-specific additions and overrides. See local/README for details.
include if exists <local/qutebrowser>
}
and then reloading your profiles via.
$ sudo systemctl reload apparmor
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/2046844
Title:
AppArmor user namespace creation restrictions cause many applications
to crash with SIGTRAP
Status in apparmor package in Ubuntu:
Confirmed
Status in digikam package in Ubuntu:
Confirmed
Status in epiphany-browser package in Ubuntu:
Confirmed
Status in falkon package in Ubuntu:
Confirmed
Status in qutebrowser package in Ubuntu:
Confirmed
Bug description:
Hi, I run Ubuntu development branch 24.04 and I have a problem with
Epiphany browser 45.1-1 (Gnome Web): program doesn't launch, and I get
this error
$ epiphany
bwrap: Creating new namespace failed: Permission denied
** (epiphany:12085): ERROR **: 14:44:35.023: Failed to fully launch
dbus-proxy: Le processus fils s’est terminé avec le code 1
Trappe pour point d'arrêt et de trace (core dumped)
$ epiphany
bwrap: Creating new namespace failed: Permission denied
** (epiphany:30878): ERROR **: 22:22:26.926: Failed to fully launch
dbus-proxy: Le processus fils s’est terminé avec le code 1
Trappe pour point d'arrêt et de trace (core dumped)
Thanks for your help!
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2046844/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
