Comment 7 for bug 2051454

I dug into the relevant code, and found that in file debian/patches/ubuntu/Add-missing-files.patch, when aa_getpeercon(fd, &aa_label, &snap_confinement) returns -1, the value of errno is ENOPROTOOPT.

This means that something went wrong in https://gitlab.com/apparmor/apparmor/-/blob/253eace57316aadd4dd01e3da7797d97b590d62e/libraries/libapparmor/src/kernel.c#L1039

I added a patch and recompiled the pipewire package, pipewire-pulse works again.
--- a/src/modules/module-protocol-pulse/snap-policy.c
+++ b/src/modules/module-protocol-pulse/snap-policy.c
@@ -61,7 +61,7 @@ pw_sandbox_access_t pw_snap_get_audio_permissions(struct client *client, int fd,
     assert(client != NULL);

     if (aa_getpeercon(fd, &aa_label, &snap_confinement) == -1) {
- if (errno == EINVAL) {
+ if (errno == EINVAL || errno == ENOPROTOOPT) {
             // if apparmor isn't enabled, we can safely assume that there are no SNAPs in the system
             return PW_SANDBOX_ACCESS_NOT_A_SANDBOX;
         }