If you want you can test the attached profile. It will allow bwrap to work in most situations. There are a few places Where it will still cause failures 1. if the child that bwrao launches requires privilege in the unprivileged user namespace. 2. if the child profile has issues due to no-new-privileges 3. some applications that use bwrap to setup their sandbox may break for various reasons. Eg. this is known to cause some issues with flatpaks. The solution for these is a profile for those applications. In the case of flatpak its profile needs to be updated.
Both of those should be ** Attachment added: "update bwrap profile" https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2089378/+attachment/5839551/+files/bwrap-userns-restrict -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2089378 Title: bwrap needs an apparmor profile to work To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2089378/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
