The unprivileged userns is disabled at the kernel level on boot. To enable the unpriviled userns restriction. AppArmor installs 10-apparmor.conf
into /usr/lib/sysctl.d/ we have 3 ways to address this for the livecd 1. Conditional detect package install is for livecd, and not install it using a maintainer script or rules file 2. Conditional detect package install is for livecd, and drop in a higher priority 20-apparmor.conf to disable. 3. use maintainer script of rules file to drop in a symlink to disable/white-out the installed sysctl file ln -s /dev/null /etc/sysctl.d/10-apparmor.conf 4. update the livecd check in /usr/lib/apparmor/profile-load, to disable the user ns restriction before bailing out on the profile load -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2122675 Title: Cannot unshare userns in livecd To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2122675/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
