If you want you can test the attached profile. It will allow bwrap to work in
most situations. There are a few places Where it will still cause failures
1. if the child that bwrao launches requires privilege in the unprivileged user
namespace.
2. if the child profile has issues due to no-new-priv
I see. So with my profile, bwrap could be used to bypass the restricted
unpriv userns, right? Makes sense to not use this. Thanks for your
reply.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2089378
This profile bypasses the restriction of unprivileged user namespaces,
therefore Ubuntu cannot ship it, and we recommend you don't use it as
well. If an application calls bwrap with a valid use of unpriv userns,
then a profile for that app should be created instead. Let me know if
you need any help
