[Bug 1863733] Re: Bubblewrap upstream-as-root test fails on libcap2 1:2.31-1 and later
Christian Ehrhardt
1863733 at bugs.launchpad.net
Thu Feb 27 07:26:17 UTC 2020
The MP was approved and I uploaded but it seems Lukasz did the same upload already.
=> https://launchpad.net/ubuntu/+source/bubblewrap/0.4.0-1ubuntu3
I now marked the MP as rejected.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to libcap2 in Ubuntu.
https://bugs.launchpad.net/bugs/1863733
Title:
Bubblewrap upstream-as-root test fails on libcap2 1:2.31-1 and later
Status in bubblewrap package in Ubuntu:
New
Status in libcap2 package in Ubuntu:
New
Status in bubblewrap package in Debian:
Unknown
Bug description:
The bubblewrap upstream-as-root test started failing after libcap2
1:2.31-1 got synced from Debian. The same failure can be seen with
1:2.32-1. I have reproduced the issue locally on focal - when using
the focal-proposed version, the aforementioned test fails, where with
the release version (1:2.27-1) it passes.
It seems to fail here already:
bwrap --bind / / --tmpfs /tmp --as-pid-1 --cap-drop CAP_KILL --cap-drop CAP_FOWNER --unshare-pid capsh --print
assert_not_file_has_content caps.test '^Current: =.*cap_kill'
It looks like the requested caps did not get dropped, as the logs show
that both cap_kill and cap_fowner are still there. This is only for
the upstream-as-root test, i.e. executing tests/test-run.sh as root.
This might be an issue with bubblewrap, but seeing that it all works
fine with the release version, it all feels weird.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/bubblewrap/+bug/1863733/+subscriptions
More information about the foundations-bugs
mailing list