Those would be the rules addable to silence the denials, though they should go into /etc/apparmor.d/local/fusermount3 in order to enable /etc/apparmor.d/fusermount3 to be updateable without manual intervention.
However, I am reluctant to grant fusermount3 CAP_DAC_OVERRIDE and CAP_SETUID. Can you test whether adding just the utab.lock rule is enough to make flatpack work again, or are the capabilities also needed? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2122161 Title: error: Failed to install org.gnome.Platform: Could not unmount revokefs-fuse filesystem at /var/tmp/flatpak- cache-4EB3B3/org.gnome.Platform-EM6KC3: Child process exited with code 1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2122161/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
