I have just upgraded to 24.04 from 23.10 and I'd like to emphasize that for the Firefox case, the comments on that thread mentions "AppArmor should fix it with beta3" is inaccurate and incomplete: it only partially fixes the issue since it only covers packaged versions.
Anybody relying on the tarball should have something similar (assuming you install in $HOME/bin/firefox)
> $ cat /etc/apparmor.d/firefox-bin
> # This profile allows everything and only exists to give the
> # application a name instead of having the label "unconfined"
>
> abi <abi/4.0>,
> include <tunables/global>
>
> profile firefox /home/XXX/bin/firefox/firefox flags=(unconfined) {
> userns,
>
> # Site-specific additions and overrides. See local/README for details.
> include if exists <local/firefox>
> }
I have just upgraded to 24.04 from 23.10 and I'd like to emphasize that for the Firefox case, the comments on that thread mentions "AppArmor should fix it with beta3" is inaccurate and incomplete: it only partially fixes the issue since it only covers packaged versions.
Anybody relying on the tarball should have something similar (assuming you install in $HOME/bin/firefox) d/firefox- bin bin/firefox/ firefox flags=(unconfined) {
> $ cat /etc/apparmor.
> # This profile allows everything and only exists to give the
> # application a name instead of having the label "unconfined"
>
> abi <abi/4.0>,
> include <tunables/global>
>
> profile firefox /home/XXX/
> userns,
>
> # Site-specific additions and overrides. See local/README for details.
> include if exists <local/firefox>
> }