Based on the log lines in comment #2, it looks like "only" executing of
/usr/lib/cargo/bin/coreutils/mktemp gets denied. The profile needs to
allow this in the same way as it already allows /usr/bin/mktemp.
That said - the new coreutils paths probably break several profiles, not
only os-prober.
Therefore an alternative would be to create aliases for all the
coreutils (maybe in tunables/alias.d/rust-coreutils):
alias /usr/bin/mktemp -> /usr/lib/cargo/bin/coreutils/mktemp
# + similar lines for all coreutils
or just create an alias for the directory to cover all at once:
alias /usr/bin/ -> /usr/lib/cargo/bin/coreutils/
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/2122633
Title:
os-prober is broken (mktemp: Permission denied) on Questing due to
apparmor misconfiguration
Status in apparmor package in Ubuntu:
Confirmed
Status in os-prober package in Ubuntu:
Confirmed
Status in rust-coreutils package in Ubuntu:
Confirmed
Bug description:
os=prober fails to function Questing.
It appears that apparmor blocks temp directory creation (mktemp from
rust-coreutils) in context of os-prober.
Just renaming os-prober script to anything else allows it to function.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2122633/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
