Bisecting the failing it started with this commit https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=afef3ef1
'Change the definition of 'all' to be all named capabilities. [This will be included in libcap-2.29.] This change concerns the text formating functions: C: cap_to_text(), cap_from_text() Go: cap.FromText() and cap.Set.String() Prior to this commit, "all" meant every bit of the capability vector was raised - both named, and unnamed capabilities.' ** Bug watch added: github.com/containers/bubblewrap/issues #353 https://github.com/containers/bubblewrap/issues/353 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libcap2 in Ubuntu. https://bugs.launchpad.net/bugs/1863733 Title: Bubblewrap upstream-as-root test fails on libcap2 1:2.31-1 and later Status in bubblewrap package in Ubuntu: New Status in libcap2 package in Ubuntu: New Bug description: The bubblewrap upstream-as-root test started failing after libcap2 1:2.31-1 got synced from Debian. The same failure can be seen with 1:2.32-1. I have reproduced the issue locally on focal - when using the focal-proposed version, the aforementioned test fails, where with the release version (1:2.27-1) it passes. It seems to fail here already: bwrap --bind / / --tmpfs /tmp --as-pid-1 --cap-drop CAP_KILL --cap-drop CAP_FOWNER --unshare-pid capsh --print assert_not_file_has_content caps.test '^Current: =.*cap_kill' It looks like the requested caps did not get dropped, as the logs show that both cap_kill and cap_fowner are still there. This is only for the upstream-as-root test, i.e. executing tests/test-run.sh as root. This might be an issue with bubblewrap, but seeing that it all works fine with the release version, it all feels weird. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bubblewrap/+bug/1863733/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
