Community Packages

Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!
Tasklist

FS#68189 - [firejail] fix for apparmor 3.0.0-2

Attached to Project: Community Packages
Opened by helle vaanzinn (glitsj16) - Saturday, 10 October 2020, 21:22 GMT
Last edited by Sergej Pupykin (sergej) - Thursday, 12 November 2020, 20:39 GMT
Task Type Bug Report
Category Packages
Status Closed
Assigned To Sergej Pupykin (sergej)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 1
Private No

Details

Description:
A fix for apparmor 3.0.0-2 is available upstream. Please consider backporting it to the current firejail package.

Additional info:
* package version(s)
$ pacman -Q apparmor firejail
apparmor 3.0.0-2
firejail 0.9.62.4-1
* config and/or log files etc.
* link to upstream bug report, if any
https://github.com/netblue30/firejail/issues/3659
https://github.com/netblue30/firejail/commit/9bf6e0ead189b924e5fca099b35d88be091bd009

Steps to reproduce:
$ sudo aa-status
This task depends upon

Closed by  Sergej Pupykin (sergej)
Thursday, 12 November 2020, 20:39 GMT
Reason for closing:  Fixed
Comment by helle vaanzinn (glitsj16) - Saturday, 10 October 2020, 21:23 GMT
See https://bbs.archlinux.org/viewtopic.php?id=259718 for a user report.
Comment by David Runge (dvzrv) - Monday, 12 October 2020, 15:49 GMT
Related to  FS#68220 
Comment by (IrvineHimself) (IrvineHimself) - Monday, 12 October 2020, 16:40 GMT
Can confirm that applying the linked patch to the firejail-default apparmor profile fixes the problem

See https://github.com/netblue30/firejail/commit/bba750c73469ea315d859464ddd19e495d830a72

Irvine
Comment by T.J. Townsend (blakkheim) - Saturday, 17 October 2020, 18:32 GMT
I also just hit this bug. Can it be backported before a new firejail release?
Comment by David Runge (dvzrv) - Sunday, 18 October 2020, 10:18 GMT
@sergej: Please fix this, as it currently renders firejail useless.

For all others: This problem seems to not affect the loading of other profiles: https://gitlab.com/apparmor/apparmor/-/issues/127
However, the returned error message is not (yet) informative enough to provide sufficient answer as to what exactly went wrong: https://gitlab.com/apparmor/apparmor/-/issues/123
Comment by Sergej Pupykin (sergej) - Sunday, 18 October 2020, 12:40 GMT
Please try firejail-0.9.64rc1-1
Comment by David Runge (dvzrv) - Sunday, 18 October 2020, 15:04 GMT
@sergej: Why switch to a non-stable version if the fix *literally* involves adding one include to a profile file?
Comment by sekret (sekret) - Sunday, 18 October 2020, 20:08 GMT
After updating firejail to 0.9.64rc1-1 today I get

$ firejail firefox
Error: too long environment variables

Happens, no matter what arguments I use, even if I only execute firejail by itself. Researching this output leads to absolutely no results.

Is this related? For me everything worked just fine before this update.

If it's not related, I'd be happy to open a new bug report.
Comment by (IrvineHimself) (IrvineHimself) - Sunday, 18 October 2020, 20:18 GMT
@sekret, the "Firejail" error you are getting is nothing to do with this bug-report, which is an "AppArmor" crash being caused by "Firejail".

Your best bet is to ask advice in the forum until you gain more info.
Irvine

Edit: I just noticed that the package has been updated again to firejail "0.9.64rc1-2"
Comment by sekret (sekret) - Sunday, 18 October 2020, 20:21 GMT
Thanks mate and sorry for the noise!
Comment by Sergej Pupykin (sergej) - Thursday, 22 October 2020, 15:22 GMT
switched to new stable 0.9.64 which includes this patch

Loading...