[Touch-packages] [Bug 2057927] Re: lxd vga console throws "Operation not permitted" error
I just tested 5.21/stable and couldn't reproduce as it properly disable the /proc/sys/kernel/apparmor_restrict_unprivileged_userns and /proc/sys/kernel/apparmor_restrict_unprivileged_unconfined that would otherwise have caused those denials. Marking as incomplete until you can reproduce with 5.21/stable (5.20 being EOL). Thanks ** Changed in: lxd (Ubuntu) Status: Confirmed => Incomplete -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/2057927 Title: lxd vga console throws "Operation not permitted" error Status in apparmor package in Ubuntu: Confirmed Status in lxd package in Ubuntu: Incomplete Bug description: Since I upgraded to Noble the lxd vga console doesn't work anymore. I am using the lxd latest/stable snap (5.20-f3dd836). When trying to attach a vga console to an lxd vm I get: unshare: write failed /proc/self/uid_map: Operation not permitted It seems to be related to apparmor, I can see a matching DENIAL message in dmesg: [ 4735.233989] audit: type=1400 audit(1710419600.517:300): apparmor="DENIED" operation="capable" class="cap" profile="unprivileged_userns" pid=13157 comm="unshare" capability=21 capname="sys_admin" To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2057927/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2057927] Re: lxd vga console throws "Operation not permitted" error
Please can you confirm if still an issue on lxd 5.21/stable as this is the current supported version. Thanks -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/2057927 Title: lxd vga console throws "Operation not permitted" error Status in apparmor package in Ubuntu: Confirmed Status in lxd package in Ubuntu: Confirmed Bug description: Since I upgraded to Noble the lxd vga console doesn't work anymore. I am using the lxd latest/stable snap (5.20-f3dd836). When trying to attach a vga console to an lxd vm I get: unshare: write failed /proc/self/uid_map: Operation not permitted It seems to be related to apparmor, I can see a matching DENIAL message in dmesg: [ 4735.233989] audit: type=1400 audit(1710419600.517:300): apparmor="DENIED" operation="capable" class="cap" profile="unprivileged_userns" pid=13157 comm="unshare" capability=21 capname="sys_admin" To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2057927/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2057927] Re: lxd vga console throws "Operation not permitted" error
I see a basically identical message (and dmesg apparmor output) with "lxc profile edit default": unshare: write failed /proc/self/uid_map: Operation not permitted And the dmesg entry: [ 194.625507] audit: type=1400 audit(1711709095.424:293): apparmor="DENIED" operation="capable" class="cap" profile="unprivileged_userns" pid=6885 comm="unshare" capability=21 capname="sys_admin" -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/2057927 Title: lxd vga console throws "Operation not permitted" error Status in apparmor package in Ubuntu: Confirmed Status in lxd package in Ubuntu: Confirmed Bug description: Since I upgraded to Noble the lxd vga console doesn't work anymore. I am using the lxd latest/stable snap (5.20-f3dd836). When trying to attach a vga console to an lxd vm I get: unshare: write failed /proc/self/uid_map: Operation not permitted It seems to be related to apparmor, I can see a matching DENIAL message in dmesg: [ 4735.233989] audit: type=1400 audit(1710419600.517:300): apparmor="DENIED" operation="capable" class="cap" profile="unprivileged_userns" pid=13157 comm="unshare" capability=21 capname="sys_admin" To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2057927/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2057927] Re: lxd vga console throws "Operation not permitted" error
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: lxd (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/2057927 Title: lxd vga console throws "Operation not permitted" error Status in apparmor package in Ubuntu: Confirmed Status in lxd package in Ubuntu: Confirmed Bug description: Since I upgraded to Noble the lxd vga console doesn't work anymore. I am using the lxd latest/stable snap (5.20-f3dd836). When trying to attach a vga console to an lxd vm I get: unshare: write failed /proc/self/uid_map: Operation not permitted It seems to be related to apparmor, I can see a matching DENIAL message in dmesg: [ 4735.233989] audit: type=1400 audit(1710419600.517:300): apparmor="DENIED" operation="capable" class="cap" profile="unprivileged_userns" pid=13157 comm="unshare" capability=21 capname="sys_admin" To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2057927/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2057927] Re: lxd vga console throws "Operation not permitted" error
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: apparmor (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/2057927 Title: lxd vga console throws "Operation not permitted" error Status in apparmor package in Ubuntu: Confirmed Status in lxd package in Ubuntu: Confirmed Bug description: Since I upgraded to Noble the lxd vga console doesn't work anymore. I am using the lxd latest/stable snap (5.20-f3dd836). When trying to attach a vga console to an lxd vm I get: unshare: write failed /proc/self/uid_map: Operation not permitted It seems to be related to apparmor, I can see a matching DENIAL message in dmesg: [ 4735.233989] audit: type=1400 audit(1710419600.517:300): apparmor="DENIED" operation="capable" class="cap" profile="unprivileged_userns" pid=13157 comm="unshare" capability=21 capname="sys_admin" To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2057927/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
