Here is a straced syscall sequence broken by the bwrap profile: 176 openat(AT_FDCWD, "…/.var/app/com.valvesoftware.Steam/.local/share/Steam/ubuntu12_64/steam-runtime-sniper/var/tmp-O9I2Q2", O_RDONLY|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW|O_CLOEXEC|O_DIRECTORY) = 8 … 176 openat(8, "usr/etc", O_WRONLY|O_CLOEXEC|O_TMPFILE, 0600) = 10 176 fchmod(10, 0600) = 0 176 fallocate(10, 0, 0, 64) = 0 176 write(10, "pcm.!default {\n type pulse\n}\nctl.!default {\n type pulse\n}\n", 64) = 64 176 fchmod(10, 0644) = 0 … 176 linkat(AT_FDCWD, "/proc/self/fd/10", 8, "usr/etc/tmp.xwx1yI", AT_SYMLINK_FOLLOW) = -1 ENOENT (No such file or directory) 176 close(10) = 0
From https://github.com/flathub/com.valvesoftware.Steam/issues/1318#issuecomment-2226807108 Basically, creating an anonymous file with O_TMPFILE and linking it later (for atomicity) is broken. This breaks the Steam Flatpak. ** Bug watch added: github.com/flathub/com.valvesoftware.Steam/issues #1318 https://github.com/flathub/com.valvesoftware.Steam/issues/1318 ** Tags added: regression-update -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2072811 Title: Apparmor: New update broke flatpak with `apparmor="DENIED"` To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2072811/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs