ubuntustudio-bugs team mailing list archive

Thread
Date

[Bug 2046844] Re: AppArmor user namespace creation restrictions cause many applications to crash with SIGTRAP

To: ubuntustudio-bugs@xxxxxxxxxxxxxxxxxxx
From: John Johansen <2046844@xxxxxxxxxxxxxxxxxx>
Date: Fri, 22 Dec 2023 01:45:41 -0000
Reply-to: Bug 2046844 <2046844@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx

Agreed we can't ask for a user to create a profile for every
application, apparmor profiles can be shared, and having a generic
profile that can be opted into makes sense. We are working towards it,
this is just the first iteration. One of the things we are working on is
abstracting what the current set needs in the way of permissions so we
can refine the profiles. Some will remain individual application
profiles some will become more generic as this evolves.

One of the things that will help is if we can move this from an esoteric
log message to a user prompt. We want to be really careful with user
prompts but once we have the main set of applications covered prompting
the user that the application requires this additional permission,
similar to how Mac's ask about whether you really want to run an
application downloaded from the internet, and doing the profile
setup/tagging in the backgound instead of having the user do it makes
this a lot more usable.

-- 
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2046844

Title:
  AppArmor user namespace creation restrictions cause many applications
  to crash with SIGTRAP

Status in apparmor package in Ubuntu:
  Confirmed
Status in digikam package in Ubuntu:
  Confirmed
Status in epiphany-browser package in Ubuntu:
  Confirmed
Status in falkon package in Ubuntu:
  Confirmed
Status in qutebrowser package in Ubuntu:
  Confirmed

Bug description:
  Hi, I run Ubuntu development branch 24.04 and I have a problem with
  Epiphany browser 45.1-1 (Gnome Web): program doesn't launch, and I get
  this error

  $ epiphany
  bwrap: Creating new namespace failed: Permission denied

  ** (epiphany:12085): ERROR **: 14:44:35.023: Failed to fully launch dbus-proxy: Le processus fils s’est terminé avec le code 1
  Trappe pour point d'arrêt et de trace (core dumped)

  $ epiphany
  bwrap: Creating new namespace failed: Permission denied

  ** (epiphany:30878): ERROR **: 22:22:26.926: Failed to fully launch dbus-proxy: Le processus fils s’est terminé avec le code 1
  Trappe pour point d'arrêt et de trace (core dumped)

  Thanks for your help!

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2046844/+subscriptions