For the thunderbird issue I have created
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2064363
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2046844
Title:
AppArmor user
@u-jjohansen:
```
$ sudo dmesg | grep DENIED
[ 20.729222] audit: type=1400 audit(1714359674.872:42): apparmor="DENIED"
operation="open" class="file" profile="snap-update-ns.firefox"
name="/usr/local/share/" pid=2002 comm="6" requested_mask="r" denied_mask="r"
fsuid=0 ouid=0
[ 20.743227]
@u-dal:
the problem with firefox (it has a snap profile and is allowed access to
user namespaces) is different than with chrome (no profile loaded), but
still might be apparmor related. Can you look in dmesg for apparmor
denials
```
sudo dmesg | grep DENIED
```
--
You received this bug
@u-jjohansen:
Also, I'm having this Thunderbird problem going on simultaneously --
https://forum.snapcraft.io/t/unexplained-thunderbird-already-running-
but-is-not-responding-message/39990 -- which might be related to the
issues from my Chrome comments?
--
You received this bug notification
@u-jjohansen:
Yes, live environment only. Sorry, I thought I'd included that in my
first comment but now I see that I neglected to do so. I added an EDIT:
to my first comment to make it clear.
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is
@u-dal:
are you running in a live cd environment? Something odd is happening on your
system, with some profiles loaded and systemctl reporting
ConditionPathExists=!/rofs/etc/apparmor.d
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to
@jjohansen:
```
$ sudo aa-status
apparmor module is loaded.
56 profiles are loaded.
54 profiles are in enforce mode.
/snap/snapd/21465/usr/lib/snapd/snap-confine
/snap/snapd/21465/usr/lib/snapd/snap-confine//mount-namespace-capture-helper
/usr/lib/snapd/snap-confine
@u-dal:
This sounds like the apparmor policy is not being loaded can you please
provide the output of
```
sudo aa-status
```
and
```
sudo systemctl status apparmor
```
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
I seem to have the same apparmor problem with Chrome under Lubuntu
24.04. From "$ journalctl | grep apparmor | grep chrome" I got
info="Userns create restricted - failed to find unprivileged_userns
profile" (among other things). And it's been reproduced by another as
the following relates.
Can
** Also affects: guix (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2046844
Title:
AppArmor user namespace creation restrictions
Balena Etcher 1.18 dpkg won't install on 24.04 due to dependency issues,
1.19.16 installs fine and runs, but in a degraded sandbox mode. So
adding a profile for it would be beneficial
The appimage version of Belena Etcher unfortunately fails to run. We can not
provide a default profile for the
The Wike fix is coming in the next SRU.
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2046844
Title:
AppArmor user namespace creation restrictions cause many applications
to crash
I had no problem running Balena Etcher on Ubuntu 24.04 LTS.
Do you have the latest version of Etcher?
1.19.16
https://github.com/balena-io/etcher/blob/master/CHANGELOG.md
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug
Can we manually add support for Balena Etcher, just like VS Code? Etcher
is used by hundreds of thousands of users.
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2046844
Title:
https://gitlab.com/apparmor/apparmor/-/merge_requests/1212
** Changed in: wike (Ubuntu)
Status: New => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2046844
https://gitlab.com/apparmor/apparmor/-/merge_requests/1209
** Also affects: wike (Ubuntu)
Importance: Undecided
Status: New
** Also affects: foliate (Ubuntu)
Importance: Undecided
Status: New
** Changed in: foliate (Ubuntu)
Status: New => Fix Committed
--
You
** Changed in: wike
Status: Unknown => New
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2046844
Title:
AppArmor user namespace creation restrictions cause many applications
** Bug watch added: github.com/hugolabe/Wike/issues #181
https://github.com/hugolabe/Wike/issues/181
** Also affects: wike via
https://github.com/hugolabe/Wike/issues/181
Importance: Unknown
Status: Unknown
--
You received this bug notification because you are a member of Ubuntu
@arraybolt3: Answer to your question. bwrap requires capabilities within
the user namespace. unshare is a little more forgiving in that what it
requires depends on the options passed but most of the options also
require capabilities within the user namespace.
The potential solution I mention is
@arraybolt3 is correct. Both unshare and bwrap will not get a unconfined
profile, as that allows for an arbitrary by-pass of the restriction.
There is a potential solution in the works that will allow for bwrap and
unshare to function as long as the child task does not require
permissions but at
I believe bwrap was ignored intentionally, as the point of the apparmor
change was to prevent arbitrary apps from making unprivileged user
namespaces with capabilities. Allowing Bubblewrap to do so would provide
a loophole. Same reason `unshare` isn't allowed to make unprivileged
namespaces with
Hi - ok - very long thread so not quite sure how best to resolve.
I note bubblewrap is marked as confirmed but no resolution.
For budgie-control-center - backgrounds - Add Picture I found that the
gnome-desktop library libgnome-desktop-3-20 is calling bwrap and that
this was failing due to
We have an update of the firefox profile coming that supports the
/opt/firefox/firefox location used as the default install for the
firefox downloaded directly from mozilla.org
If you are running firefox out of your home directory, that will not be
directly supported and you will need to chose to
@coeur-noir:
Are you installing firefox to /opt/ as recommended or using it local in
your user account?
as for bwarp, maybe it is known to be problematic. It is allowed to run and to
create a user namespace but it is denied all capabilities within the namespace.
Can you run
sudo dmesg |
Ubuntu 24.04 installed today.
Firefox autonomous archive downloaded from
https://www.mozilla.org/fr/firefox/all/#product-desktop-release
And « ooops… » in any tab,
terminal says :
[Parent 5931, IPC I/O Parent] WARNING: process 6020 exited on signal 11: file
loupe problem solved with apparmor 4.0.0-beta3-0ubuntu2
https://bugs.launchpad.net/ubuntu/+source/loupe/+bug/2054142
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2046844
Title:
@ajg-charlbury: no apparmor beta3 has not landed in proposed yet, we are
working on the upload now. firefox separately have added a bug fix that
will detect when the user namespace/capabilities are denied and fallback
without crashing but it disables the full sandbox.
the apparmor-beta3 fix
I have just tried running firefox from the firefox-nightly download and all
runs well using that version
125.0a1 (2024-03-17) (64-bit).
I assume the beta3 you speak of is the new version of apparmor; is that
the same version as the current apparmor-proposed version?
--
You received this bug
@ajg-charlbury: yes, firefox we are well aware of the problem, the
firefox profile has been tweaked for beta3 (landing this week) so that
it should work with the new deb.
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
I have seen the problem with firefox tabs crashing in the .deb installation
and when running direct from the downloaded .tar.bz from Mozilla.
Firefox opens but tabs show error saying "Tab crashed"
This has forced me to use the snap version which works fine though I prefer not
to use snaps at
@arraybolt3: qutebrowser should be fixed in beta3
** Changed in: qutebrowser (Ubuntu)
Assignee: (unassigned) => John Johansen (jjohansen)
** Changed in: qmapshack (Ubuntu)
Assignee: (unassigned) => John Johansen (jjohansen)
** Changed in: notepadqq (Ubuntu)
Assignee:
@kc2bez: qmapshack should be fixed in beta3
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2046844
Title:
AppArmor user namespace creation restrictions cause many applications
to
@kc2bez: I have been able to verify that privacybrowser is not working.
However it is not due to the apparmor user namespace restrictions.
I get the following segfault out of dmesg
[ 1591.466016] privacybrowser[7743]: segfault at 8 ip 70bb4dd11ccc sp
7ffd5c6587e0 error 4 in
@kc2bez: pageedit should be fixed in beta3
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2046844
Title:
AppArmor user namespace creation restrictions cause many applications
to
@kc2bez: notepadqq should be fixed in beta3
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2046844
Title:
AppArmor user namespace creation restrictions cause many applications
to
@kc2bez:
there are no updated deb packages in the ppa for kiwix.
the kiwix appimage worked for me.
kiwix flatpak worked for me.
I am not sure what you were seeing. But I we are going to need more
information.
** Changed in: kiwix (Ubuntu)
Status: Confirmed => Incomplete
--
You
hi @vvaleryan-24,
I have been able to replicate the crash you are seeing but it is not do
to the user namespace restriction. The restrictions logging does not
happen, and I can put it in an unconfined profile and it still doesn't
help. From dmesg I find the following segfault
[79854.520976]
Georgia,
RE: tuxedo-control-center
That works perfectly.
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2046844
Title:
AppArmor user namespace creation restrictions cause many
Hi, for Gnome-packagekit it's related to this behavior :
https://bugs.launchpad.net/ubuntu/+source/gnome-packagekit/+bug/2046843
I run Ubuntu development branch 24.04 and I have a problem with Gnome
PackageKit 43.0-2 : application launches well, but if I write a program
/ package name in the
sorry this won't be fixed in Beta3 that note was for goldendict
** Changed in: gnome-packagekit (Ubuntu)
Assignee: John Johansen (jjohansen) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
this will be fixed in Beta
** Changed in: kchmviewer (Ubuntu)
Assignee: (unassigned) => John Johansen (jjohansen)
** Changed in: rssguard (Ubuntu)
Assignee: (unassigned) => John Johansen (jjohansen)
** Changed in: supercollider (Ubuntu)
Assignee: (unassigned) => John Johansen
Will be fixed in Beta3
** Changed in: goldendict-webengine (Ubuntu)
Assignee: (unassigned) => John Johansen (jjohansen)
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2046844
we will be fixed in Beta3
** Changed in: gnome-packagekit (Ubuntu)
Assignee: (unassigned) => John Johansen (jjohansen)
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2046844
I have tested gnome-packagekit and it never trigger unprivileged user
namespace mediation. Can you please provide more information on how you
triggered it.
** Changed in: gnome-packagekit (Ubuntu)
Status: Confirmed => Incomplete
--
You received this bug notification because you are a
** Changed in: loupe (Ubuntu)
Assignee: (unassigned) => Georgia Garcia (georgiag)
** Changed in: geary (Ubuntu)
Assignee: (unassigned) => Georgia Garcia (georgiag)
** Changed in: firefox (Ubuntu)
Assignee: (unassigned) => Georgia Garcia (georgiag)
--
You received this bug
supercollider will work on current noble. Since it is using QTWebEngine
it has a graceful fallback when capabilities within the user namespace
are denied.
supercollider will have a profile and be fixed in Beta3, so it doesn't
even have to do the fallback.
--
You received this bug notification
I have tried freecad and unprivileged user namespace restrictions are
not the problem. freecad snap works, freecad ppa does not have a noble
build yet but the mantic build can be made to work.
freecad daily appimage: works
freecad appimage: stable fails with mesa or qt errors depending on
@sudipmuk loupe should be fixed in Beta3
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2046844
Title:
AppArmor user namespace creation restrictions cause many applications
to crash
@eeickmeyer geary should be fixed in Beta3
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2046844
Title:
AppArmor user namespace creation restrictions cause many applications
to
@guyster, @eldmannen+launchpad, @valeryan-24
Firefox dailies now have a work around, by detecting and disabling the
user namespace. The proper fix that should allow firefox to still use
the user namespace for its sandbox will land in Beta3, landing early
next week.
--
You received this bug
Erich Eickmeyer, I don't have a Tuxedo Computer to test, so could you
please check if the following profile works for you?
$ echo "# This profile allows everything and only exists to give the
# application a name instead of having the label "unconfined"
abi ,
include
profile
@valeryan-24 ModuleNotFoundError: No module named 'imp'" says that your
Gpodder issue is not related to this bug. You are missing a dependency
the 'imp' module. If Gpodder is packaged it will need to add that as
part of its install dependencies.
--
You received this bug notification because you
Fix released for Firrefox (Nightly) 125.
Since a few days, I can't launch Gpodder (podcast program) anymore, is it also
related to this bug or is it something different ?
"[gpodder.log] ERROR: Uncaught exception: Traceback (most recent call last):
File "/usr/bin/gpodder", line 181, in
** Changed in: steam (Ubuntu)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2046844
Title:
AppArmor user namespace creation restrictions
Before I saw your post about the environment variable, I edited the
profile in /etc/apparmor.d/firefox to reflect /opt/firefox. If I launch
from a mate desktop icon, or from the menu, all is well. If I click on a
link, from say an email, I get the tab crashed bug again. Is there a way
to work
A workaround is to set the environment variable MOZ_ASSUME_USER_NS=0.
You can run it as:
env MOZ_ASSUME_USER_NS=0 /home/bob/Downloads/firefox/firefox
--name=firefox-nightly %u
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug
I have read in a couple other pages that I can edit
/etc/apparmor.d/firefox. Since I'm using version 124 beta 9, and my
firefox is installed in /opt/firefox, do I just adjust the path in that
file to make it work? Thanks much in advance for the help.
--
You received this bug notification because
I am seeing this also, as of updating all packages, about fifteen
minutes ago. Is there a definite fix released? This doesn't mean we have
to resort to using firefox from snap, right?
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the
I reported the bug upstream for Firefox - if you have a Bugzilla account
on Mozilla and are affected, you could confirm it please :
https://bugzilla.mozilla.org/show_bug.cgi?id=1884347
** Bug watch added: Mozilla Bugzilla #1884347
https://bugzilla.mozilla.org/show_bug.cgi?id=1884347
--
You
** Also affects: loupe (Ubuntu)
Importance: Undecided
Status: New
** Changed in: loupe (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
** Also affects: apparmor
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2046844
Title:
AppArmor user namespace creation restrictions cause
Yes, since today's updates, Firefox Nightly 125.0a1 from Mozilla
repositery which worked very fined until now, stopped : program still
well starts, but every tab gets a crash error and doesn't laod the page
(even the start about:blank one)…
--
You received this bug notification because you are a
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: firefox (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
@scarlet I think it is fair to mark these as Fixed released as they are
part of apparmor-alpha4 that is in noble.
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2046844
Title:
This is part of the apparmor alpha4 release in noble
** Changed in: plasma-desktop (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
This is part of the alpha4 release in noble
** Changed in: kdeplasma-addons (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2046844
I am seeing this with the (relatively new) Mozilla-provided Firefox deb
package (https://support.mozilla.org/en-US/kb/install-firefox-
linux#w_install-firefox-deb-package-for-debian-based-distributions).
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which
** Also affects: firefox (Ubuntu)
Importance: Undecided
Status: New
** Changed in: firefox (Ubuntu)
Milestone: None => ubuntu-24.04
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
I've experienced this
(https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/2056190) in
Kubuntu 24.04:
- related to Firefox and Firefox-based browsers (Waterfox, Librewolf,
Midori, Floorp, Mullvad) installed from deb, running locally
("portable"), or as appimage, while flatpak and snap versions
plasma-desktop and kdeplasma-addons are in the main apparmor package and
fixed. Is it ok to make those are fix-released?
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2046844
Title:
Also would like to note that tuxedo-control-center, a third-party
Electron app for Tuxedo Computers, is affected by this.
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2046844
Title:
Geary is seeded in Edubuntu as its main email client, so this is
definitely something we'd like fixed.
** Also affects: geary (Ubuntu)
Importance: Undecided
Status: New
** Changed in: geary (Ubuntu)
Status: New => Confirmed
** Changed in: geary (Ubuntu)
Importance: Undecided
** Changed in: angelfish (Ubuntu)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2046844
Title:
AppArmor user namespace creation
We had a mitigation for this in glibc but the latest change from simply
denying the unshare() call to allowing it but then denying anything
requiring capabilities *presumably* broke the glibc test suite again.
I'm only basing this from looking at the test logs, as I'm temporarily
unable to run
This bug was fixed in the package ghostwriter - 23.08.5+ds-0ubuntu1
---
ghostwriter (23.08.5+ds-0ubuntu1) noble; urgency=medium
* New upstream release (23.08.5)
ghostwriter (23.08.4+ds-0ubuntu2) noble; urgency=medium
* Add apparmor profile to fix userns. (LP: #2046844)
--
** Merge proposal linked:
https://code.launchpad.net/~p-pisati/britney/+git/hints-ubuntu/+merge/461043
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2046844
Title:
AppArmor user
This bug was fixed in the package kgeotag - 1.5.0-1ubuntu1
---
kgeotag (1.5.0-1ubuntu1) noble; urgency=medium
* Add apparmor profile to fix userns. Ref: (LP: #2046844)
-- Scarlett Moore Thu, 15 Feb 2024 00:06:50 -0700
** Changed in: kgeotag (Ubuntu)
Status: In Progress
This bug was fixed in the package akonadiconsole - 4:23.08.5-0ubuntu2
---
akonadiconsole (4:23.08.5-0ubuntu2) noble; urgency=medium
* Add apparmor profile to fix userns. Ref: (LP: #2046844)
-- Scarlett Moore Sun, 25 Feb 2024 01:25:04 -0700
** Changed in: akonadiconsole
This bug was fixed in the package plasma-welcome - 5.27.10-1ubuntu1
---
plasma-welcome (5.27.10-1ubuntu1) noble; urgency=low
[ Ubuntu Merge-o-Matic ]
* Merge from Debian unstable. Remaining changes:
- Kubuntu Vcs and maintainer fields.
[ Scarlett Moore ]
* Add apparmor
** Changed in: devhelp (Ubuntu)
Status: Confirmed => Fix Released
** Changed in: devhelp (Ubuntu)
Assignee: (unassigned) => Georgia Garcia (georgiag)
** Changed in: epiphany-browser (Ubuntu)
Status: Confirmed => Fix Released
** Changed in: epiphany-browser (Ubuntu)
** Changed in: ghostwriter (Ubuntu)
Status: Fix Released => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2046844
Title:
AppArmor user namespace creation
** Also affects: akonadiconsole (Ubuntu)
Importance: Undecided
Status: New
** Changed in: akonadiconsole (Ubuntu)
Importance: Undecided => High
** Changed in: akonadiconsole (Ubuntu)
Status: New => In Progress
** Changed in: akonadiconsole (Ubuntu)
Milestone: None =>
This bug was fixed in the package apparmor - 4.0.0~alpha4-0ubuntu1
---
apparmor (4.0.0~alpha4-0ubuntu1) noble; urgency=medium
[Georgia Garcia]
* New upstream release.
* Add unconfined profiles to support the use unprivileged user namespace
(LP: #2052297, LP: #2046844)
-
** Changed in: steam (Ubuntu)
Status: Confirmed => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2046844
Title:
AppArmor user namespace creation restrictions
So appimages are interesting. They don't all need a profile. I have run
several that are not using user namespaces, or only need to be able to
create the user namespace and don't need capabilities so the default
unpriviled_userns profile works for them.
It is applications that need privileges
Scarlett, Simon and I had discussed preparing a small program that could
prepare a wrapper profile: given a path to an appimage, it could emit a
small profile to /etc/apparmor.d/ for the file, with the right
attachment path and then load the profile.
As I understand our new strategy, it would
Sorry if I missed it the comments. What is the solution for appimages?
Thanks,
Scarlett
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2046844
Title:
AppArmor user namespace creation
** Also affects: plasma-welcome (Ubuntu)
Importance: Undecided
Status: New
** Changed in: plasma-welcome (Ubuntu)
Importance: Undecided => High
** Changed in: plasma-welcome (Ubuntu)
Status: New => In Progress
** Changed in: plasma-welcome (Ubuntu)
Assignee:
** Changed in: kontact (Ubuntu)
Status: In Progress => Fix Released
** Changed in: konqueror (Ubuntu)
Status: In Progress => Fix Released
** Changed in: marble (Ubuntu)
Status: In Progress => Fix Released
** Changed in: kgeotag (Ubuntu)
Status: Confirmed => In
Erich,
yes the archive version is based on the ppa, with a couple small fixes
in the packaging. The ppa is going to get updated based the new archive
version + a few more patches.
Do you have some higher priority electron apps that you can point us at.
We will look into the Visual Studo and
kgeotag is also affected by #2052491
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2046844
Title:
AppArmor user namespace creation restrictions cause many applications
to crash
** Also affects: kgeotag (Ubuntu)
Importance: Undecided
Status: New
** Changed in: kgeotag (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
John,
The version in the PPA is now older than the version in the repository
so no further testing can be done unless the changes in the PPA have now
been uploaded (?).
That said, regarding electron apps, it does appear as though the .deb
versions of Visual Studio Code and Element Desktop are
** Changed in: kmail (Ubuntu)
Status: In Progress => Fix Released
** Changed in: ghostwriter (Ubuntu)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
** Changed in: kalgebra (Ubuntu)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2046844
Title:
AppArmor user namespace creation restrictions
One more addition, the current state of how unconfined deals with
unprivileged user namespaces is a temporary limitation. The afore
mentioned improvement will allow for more customization at the policy
level. The current fixed behavior will be the default.
--
You received this bug notification
So the answer is it depends on how they are using unprivileged user
namespaces and how they react to them being denied, not every
application needs to patched separately.
Generally speaking gnome has been better tested than KDE had because
gnome being the Ubuntu default saw a lot more opt in
Hi, sorry for this newbie question: I see many KDE applications for
which a fix is released, great news. Does it mean that every program has
to be patched separately, and not directly AppArmor ?
If yes, are Gnome developers aware oh this bug upstream ?…
--
You received this bug notification
** Changed in: akregator (Ubuntu)
Status: In Progress => Fix Released
** Changed in: cantor (Ubuntu)
Status: In Progress => Fix Released
** Changed in: digikam (Ubuntu)
Status: In Progress => Fix Released
** Changed in: falkon (Ubuntu)
Status: In Progress => Fix
** Also affects: marble (Ubuntu)
Importance: Undecided
Status: New
** Changed in: marble (Ubuntu)
Importance: Undecided => High
** Changed in: marble (Ubuntu)
Status: New => In Progress
** Changed in: marble (Ubuntu)
Milestone: None => ubuntu-24.04-feature-freeze
**
1 - 100 of 126 matches
Mail list logo