[Bug 2103595] Re: apparmor policy prevents unshare --user --map-auto
Alessandro Astone
2103595 at bugs.launchpad.net
Thu Mar 20 09:44:57 UTC 2025
*** This bug is a duplicate of bug 2102081 ***
https://bugs.launchpad.net/bugs/2102081
** This bug has been marked a duplicate of bug 2102081
tests using unshare are failing on ubuntu 25.04
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to util-linux in Ubuntu.
https://bugs.launchpad.net/bugs/2103595
Title:
apparmor policy prevents unshare --user --map-auto
Status in util-linux package in Ubuntu:
New
Bug description:
In plucky:
$ unshare --user --map-auto
newuidmap: open of uid_map failed: Permission denied
The journal shows:
audit: type=1400 audit(1742379629.731:1072): apparmor="AUDIT" operation="exec" class="file" info="ix fallback" profile="unshare" name="/usr/bin/newuidmap" pid=9897 comm="unshare" requested_mask="x" fsuid=1000 ouid=0 target="unpriv_unshare//&unshare"
audit: type=1400 audit(1742379629.734:1073): apparmor="DENIED" operation="capable" class="cap" profile="unpriv_unshare" pid=9897 comm="newuidmap" capability=1 capname="dac_override"
This also prevents the execution of `autopkgtest -- unshare`, although
somehow `sbuild --run-autopkgtest` makes it work.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/2103595/+subscriptions
More information about the foundations-bugs
mailing list