We hit this while running src:autopkgtest autopackage tests (d/t/unshare), but other packages may be affected too. In short: this works on my Noble laptop:
ubuntu@autopkgtest:~$ unshare --map-auto --map-root-user
root@autopkgtest:~# id
uid=0(root) gid=0(root) groups=0(root),65534(nogroup)
root@autopkgtest:~# su -c id
su: cannot set groups: Operation not permitted
root@autopkgtest:~# echo $?
1
I am currently unable to tell what differs between the two systems.
We hit this while running src:autopkgtest autopackage tests (d/t/unshare), but other packages may be affected too. In short: this works on my Noble laptop:
paride@ossimoro:~$ cat /etc/subuid
paride:100000:65536
paride@ossimoro:~$ cat /etc/subgid
paride:100000:65536
paride@ossimoro:~$ unshare --map-auto --map-root-user 0(root) ,65534( nogroup)
root@ossimoro:~# id
uid=0(root) gid=0(root) groups=
root@ossimoro:~# su -c id
uid=0(root) gid=0(root) groups=0(root)
However, in a Noble arm64 testbed VM (running in lcy02):
ubuntu@ autopkgtest: ~$ cat /etc/subuid autopkgtest: ~$ cat /etc/subgid
ubuntu:100000:65536
ubuntu@
ubuntu:100000:65536
ubuntu@ autopkgtest: ~$ unshare --map-auto --map-root-user 0(root) ,65534( nogroup)
root@autopkgtest:~# id
uid=0(root) gid=0(root) groups=
root@autopkgtest:~# su -c id
su: cannot set groups: Operation not permitted
root@autopkgtest:~# echo $?
1
I am currently unable to tell what differs between the two systems.