[Bug 2098906] [NEW] apparmor breaks sbuild with unshare on plucky

Wed, 19 Feb 2025 14:40:59 -0800 

Public bug reported:

After today's apparmor updates and restarting my computer, I can no
longer use sbuild's unshare backend. This breaks the (newly) recommended
way to build .deb packages locally from Ubuntu 25.04. (See
https://lists.ubuntu.com/archives/ubuntu-devel/2024-December/043193.html
)

Journal excerpt
======
Feb 19 17:24:29 kernel: audit: type=1400 audit: apparmor="AUDIT" 
operation="exec" class="file" info="ix fallback" profile="unshare" 
name="/usr/bin/newuidmap" pid=10846 comm="unshare" requested_mask="x" 
fsuid=1000 ouid=0 target="unpriv_unshare//&unshare"
Feb 19 17:24:29 kernel: audit: type=1400 audit: apparmor="DENIED" 
operation="capable" class="cap" profile="unpriv_unshare" comm="newuidmap" 
capability=1  capname="dac_override"

ProblemType: Bug
DistroRelease: Ubuntu 25.04
Package: apparmor 4.1.0~beta5-0ubuntu2
ProcVersionSignature: Ubuntu 6.12.0-15.15-generic 6.12.11
Uname: Linux 6.12.0-15-generic x86_64
ApportVersion: 2.31.0-0ubuntu5
Architecture: amd64
CasperMD5CheckResult: pass
CurrentDesktop: ubuntu:GNOME
Date: Wed Feb 19 17:25:41 2025
InstallationDate: Installed on 2024-04-12 (313 days ago)
InstallationMedia: Ubuntu 24.04 LTS "Noble Numbat" - Beta amd64 (20240410.2)
ProcEnviron:
 LANG=en_US.UTF-8
 PATH=(custom, no user)
 SHELL=/bin/bash
 TERM=xterm-256color
 XDG_RUNTIME_DIR=<set>
ProcKernelCmdline: BOOT_IMAGE=/boot/vmlinuz-6.12.0-15-generic 
root=UUID=7a431ed1-30e4-4377-bb6e-1f81480f31ba ro quiet splash 
crashkernel=2G-4G:320M,4G-32G:512M,32G-64G:1024M,64G-128G:2048M,128G-:4096M 
vt.handoff=7
SourcePackage: apparmor
UpgradeStatus: Upgraded to plucky on 2024-12-18 (63 days ago)

** Affects: apparmor (Ubuntu)
     Importance: Critical
         Status: New


** Tags: amd64 apport-bug plucky wayland-session

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2098906

Title:
  apparmor breaks sbuild with unshare on plucky

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2098906/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to