I'll add some context and explanation. Bitbake can use user namespaces
to disconnect the networking for specific worker processes, which is an
important isolation feature that would be unfortunate to have to disable
on ubuntu hosts.
This is a very similar situation to buildah, which already has a
The following profile works for me, using ** because user might put the
code anywhere, this might could match any path entry.
$ cat /etc/apparmor.d/bitbake
abi ,
include
profile bitbake /**/bitbake/bin/bitbake flags=(unconfined) {
userns,
}
$ sudo apparmor_parser -r /etc/apparmor.d/bitba
Tried some the above without success, but ended up with this profile
that works.
file: /etc/apparmor.d/bitbake
Content:
abi ,
include
/home/**/bitbake/bin/bitbake-worker flags=(unconfined) {
userns,
}
--
You received this bug notification because you are a member of Ubuntu
Bugs, whic
I believe the issue is not in dash but in apparmor lacking a profile for
bitbake
** Package changed: dash (Ubuntu) => apparmor (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2056555
Title:
This seems to work (based on a note here:
https://discourse.ubuntu.com/t/ubuntu-24-04-lts-noble-numbat-release-
notes/39890):
sudo vi /etc/apparmor.d/bitbake
containing:
abi ,
include
/home/**/bitbake/bin/bitbake flags=(unconfined) {
userns,
}
and reload the profile:
sudo apparmor_pa
Forget that, it doesn't work, don't know why.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2056555
Title:
Python can't write to /proc files
To manage notifications about this bug go to:
https://bu
chatgpt in this case suggests to Create a Custom AppArmor Profile:
sudo nano /etc/apparmor.d/local/bitbake
containing:
home/**/bitbake/bin/bitbake-worker {
# Include the basic AppArmor abstractions
#include
/proc/self/uid_map rw,
capability sys_admin,
}
and reload the profile:
Same issue here, Imai's workaround seems to fix Yocto building for me.
24.04 is rather frustrating. They also removed libtinfo5 from the
default sources and that's required for Vivado.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
ht
This issue seems to be caused by App Armor's profile
"unprivileged_userns".
dmesg has the following report.
-
[ 2229.188009] audit: type=1400 audit(1714466038.573:555): apparmor="DENIED"
operation="capable" class="cap" profile="unprivileged_userns" pid=20223
comm="texinfo-dummy-n" capabilit
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: dash (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2056555
Title:
Pytho
** Package changed: ubuntu => dash (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2056555
Title:
Python can't write to /proc files
To manage notifications about this bug go to:
https://bugs
History log.
** Attachment added: "history.log"
https://bugs.launchpad.net/ubuntu/+bug/2056555/+attachment/5754041/+files/history.log
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2056555
Title:
12 matches
Mail list logo