There is a bug ticket about this at https://bugs.launchpad.net/ubuntu/+source/guix/+bug/2064115.
An example line in syslog would be for example: 2025-05-25T18:19:46.226032+02:00 scrooge kernel: audit: type=1400 audit(1748189986.224:21753): apparmor="DENIED" operation="mount" class="mount" info="failed mntpnt match" error=-13 profile="unprivileged_userns" name="/tmp/guix-directory.ZSoURB/" pid=2859270 comm="guile" fstype="tmpfs" srcname="none" What I'm trying to do is to run `guix shell --container` which opens a shell with guix and required dependencies inside a container, which is a very common operation for guix. The error message I get on the user side is: error: mount: mount "none" on "/tmp/guix-directory.V6IzTc": Permission denied (see also the referenced bug, where another user posted identical log messages). GNU guix is packaged in Ubuntu universe and it's binary is installed as /usr/bin/guix. It is quite common however, to use `guix home` which would compile new binaries of guix and install it within `/gnu/store/`. The directory will contain an unpredictable hash, depending on the version compiled, and I tried to reflect that in my apparmor definition. guix is also written in guile/scheme and uses the guile binary a lot to interpret code, so on my system I actually had to add guile to the definition as well to get everything working. Let me know please if I can provide any more info. Thanks nomike -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2111753 Title: Add profile for GNU guix To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2111753/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
