** Summary changed: - firejail not working, presumably SUID missing + [SRU] firejail missing the setuid bit
** Description changed: [Impact] - * the `firejail` binary, which is the main thing this package does, is + * the `firejail` binary, which is the main thing this package does, is inoperable. - * For some reason that I couldn't quickly determine the current build - of 0.9.64.4-2 doesn't have the +s flag on the binary that it should have + * Most likely due to LP: #1938886 the current build of 0.9.64.4-2 + doesn't have the +s flag on the binary that it should have - * It's most likely due to some kind of toolchain bug of back then when - this was built, as a no-change rebuild (what I'm proposing here) fixes - the problem + * Since the above bug is not fixed, a no-change rebuild (what I'm + proposing here) fixes the problem [Test Plan] - * install the package + * install the package - * run whatever command under firejail, currently it errors out, and it + * run whatever command under firejail, currently it errors out, and it should not. [Where problems could occur] - * This is no-change rebuild, if something were to break doing that it + * This is no-change rebuild, if something were to break doing that it would be problematic in many bigger ways than this single package... - [Original report] - Try e.g. firejail --debug --version Expected outcome firejail working Observed outcome Error mkdir: util.c:1019 create_empty_dir_as_root: Permission denied Likely this is because the SUID bit is not set for /usr/bin/firejail. It was set in, at least, 21.04, is set in all checked debian packaged, "Firejail is a SUID security sandbox program (...)" and firejail works if it is set manually. Also compare to https://github.com/netblue30/firejail/issues/4609 VERSIONS Description: Ubuntu 21.10 Release: 21.10 firejail: 0.9.64.4-2 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1948480 Title: [SRU] firejail missing the setuid bit To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firejail/+bug/1948480/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs