Ah thank for noticing that John, it entirely slipped by me - so in that case I don't think this is the appropriate fix - the AppArmor team has worked hard to remove the busybox and other similar profiles that allowed this bypass so I don't think we should do the same for os- prober. Instead, since os-prober is not used by default anymore, and the original use of unshare in os-prober was to make it more robust on desktop systems etc - why not just remove the use of unshare from it? I feel this has a small risk of regression AND it avoids introducing an escape hatch for the unprivileged userns restrictions.
-- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/2099811 Title: Os-prober segmentation fault one message for each partition on same PC Status in apparmor package in Ubuntu: Confirmed Status in os-prober package in Ubuntu: Confirmed Bug description: Reporting this bug on os-prober, my bug https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/2099662 was incorrectly attributed to grub corrado@corrado-n3-pp-0223:~$ sudo os-prober [sudo] password for corrado: find: Failed to restore initial working directory: /home/corrado: Permission denied Segmentation fault Segmentation fault Segmentation fault Segmentation fault Segmentation fault Segmentation fault Segmentation fault Segmentation fault Segmentation fault Segmentation fault Segmentation fault Segmentation fault Segmentation fault Segmentation fault Segmentation fault Segmentation fault Segmentation fault Segmentation fault Segmentation fault corrado@corrado-n3-pp-0223:~$ Attaching related journal ProblemType: Bug DistroRelease: Ubuntu 25.04 Package: os-prober 1.83ubuntu2 ProcVersionSignature: Ubuntu 6.12.0-15.15-generic 6.12.11 Uname: Linux 6.12.0-15-generic x86_64 ApportVersion: 2.31.0+git20250220-0ubuntu2 Architecture: amd64 CasperMD5CheckResult: unknown CurrentDesktop: ubuntu:GNOME Date: Sun Feb 23 15:46:27 2025 InstallationDate: Installed on 2025-02-23 (0 days ago) InstallationMedia: Ubuntu 25.04 "Plucky Puffin" - Daily amd64 (20250223) ProcEnviron: LANG=en_US.UTF-8 PATH=(custom, no user) SHELL=/bin/bash TERM=xterm-256color XDG_RUNTIME_DIR=<set> SourcePackage: os-prober UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2099811/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
