Skip to content

fix: add apparmor userns sysctl to release build job for aarch64#68

Merged
sc2ben merged 1 commit into
mainfrom
fix/release-bwrap-aarch64
Jun 6, 2026
Merged

fix: add apparmor userns sysctl to release build job for aarch64#68
sc2ben merged 1 commit into
mainfrom
fix/release-bwrap-aarch64

Conversation

@sc2ben

@sc2ben sc2ben commented Jun 6, 2026

Copy link
Copy Markdown
Contributor

Summary

  • Add sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0 || true to the release build job
  • Ubuntu 24.04 ARM restricts unprivileged user namespaces by default, causing bwrap: setting up uid map: Permission denied when building zig2nix; CI already had this step, release didn't
  • Tested against tag v0.7.1-rc2: aarch64 build passes ✅

@tsunaminoai
fix: add apparmor userns sysctl to release build job for aarch64
3feb671 
bwrap fails with 'setting up uid map: Permission denied' on
ubuntu-24.04-arm because AppArmor restricts unprivileged user
namespaces by default. CI already has this sysctl; release didn't.
@sc2ben sc2ben merged commit 21832ea into main Jun 6, 2026
8 checks passed
@sc2ben sc2ben deleted the fix/release-bwrap-aarch64 branch June 6, 2026 20:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@sc2ben @tsunaminoai