The profile firejail installs to /etc/apparmor.d/firejail-default is incompatible with apparmor 3.0.0 that recently landed in Gentoo, causing the apparmor.service to fail to load. See https://bugs.gentoo.org/74761 for the bug caused by this profile. This problem has been identified and fixed upstream: https://github.com/netblue30/firejail/commit/9bf6e0ead189b924e5fca099b35d88be091bd009 Reproducible: Always
(In reply to Gregory Beauregard from comment #0) > The profile firejail installs to /etc/apparmor.d/firejail-default is > incompatible with apparmor 3.0.0 that recently landed in Gentoo, causing the > apparmor.service to fail to load. See https://bugs.gentoo.org/74761 for the > bug caused by this profile. > > This problem has been identified and fixed upstream: > https://github.com/netblue30/firejail/commit/ > 9bf6e0ead189b924e5fca099b35d88be091bd009 > > Reproducible: Always Typo, bug caused by the profile is here: https://bugs.gentoo.org/747613
Thank you for your reports. There some workaround for this? And it is not possible to build firejail-9999 with this fix currently https://bugs.gentoo.org/751466.
(In reply to reagentoo from comment #2) > Thank you for your reports. There some workaround for this? > And it is not possible to build firejail-9999 with this fix currently > https://bugs.gentoo.org/751466. You can modify the apparmor profile to be valid, but note the firejail versions in repo have oustanding CVEs.
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f23fe664f064159ec4460c36c114ff5858c3033b commit f23fe664f064159ec4460c36c114ff5858c3033b Author: Hank Leininger <hlein@korelogic.com> AuthorDate: 2020-10-14 17:36:50 +0000 Commit: Joonas Niilola <juippis@gentoo.org> CommitDate: 2020-11-11 07:50:10 +0000 sys-apps/firejail: Version bump for CVEs, fixes, add proxy maintainer Version bump to address outstanding CVEs. Confirmed the current release includes the fixes for several open bugs, so closing those. Updated to address feedback in https://github.com/gentoo/gentoo/pull/17929 Signed-off-by: Hank Leininger <hlein@korelogic.com> Closes: https://bugs.gentoo.org/698062 Closes: https://bugs.gentoo.org/747859 Closes: https://bugs.gentoo.org/747613 Closes: https://bugs.gentoo.org/747859 Bug: https://bugs.gentoo.org/736816 Package-Manager: Portage-3.0.8, Repoman-3.0.2 Closes: https://github.com/gentoo/gentoo/pull/17929 Signed-off-by: Joonas Niilola <juippis@gentoo.org> sys-apps/firejail/Manifest | 1 + sys-apps/firejail/firejail-0.9.64.ebuild | 83 ++++++++++++++++++++++++++++++++ sys-apps/firejail/metadata.xml | 10 +++- 3 files changed, 93 insertions(+), 1 deletion(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f23fe664f064159ec4460c36c114ff5858c3033b commit f23fe664f064159ec4460c36c114ff5858c3033b Author: Hank Leininger <hlein@korelogic.com> AuthorDate: 2020-10-14 17:36:50 +0000 Commit: Joonas Niilola <juippis@gentoo.org> CommitDate: 2020-11-11 07:50:10 +0000 sys-apps/firejail: Version bump for CVEs, fixes, add proxy maintainer Version bump to address outstanding CVEs. Confirmed the current release includes the fixes for several open bugs, so closing those. Updated to address feedback in https://github.com/gentoo/gentoo/pull/17929 Signed-off-by: Hank Leininger <hlein@korelogic.com> Closes: https://bugs.gentoo.org/698062 Closes: https://bugs.gentoo.org/747859 Closes: https://bugs.gentoo.org/747613 Closes: https://bugs.gentoo.org/747859 Bug: https://bugs.gentoo.org/736816 Package-Manager: Portage-3.0.8, Repoman-3.0.2 Closes: https://github.com/gentoo/gentoo/pull/17929 Signed-off-by: Joonas Niilola <juippis@gentoo.org> sys-apps/firejail/Manifest | 1 + sys-apps/firejail/firejail-0.9.64.ebuild | 83 ++++++++++++++++++++++++++++++++ sys-apps/firejail/metadata.xml | 10 +++- 3 files changed, 93 insertions(+), 1 deletion(-)