Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

opam broken on ubuntu 24.04 (bwrap: operation not permitted) #5968

Open
dlesbre opened this issue May 22, 2024 · 2 comments
Open

opam broken on ubuntu 24.04 (bwrap: operation not permitted) #5968

dlesbre opened this issue May 22, 2024 · 2 comments
Labels
AREA: SANDBOX

Comments

@dlesbre
Copy link

dlesbre commented May 22, 2024

I've recently upgraded my computer from kubuntu 23.10 to kubuntu 24.04. This lead to errors with opam. Specifically, opam upgrade failed at trying to build the first package (dune.3.15.2), and opam switch create 4.14.1 also failed with the same error message:

bwrap: loopback: Failed RTM_NEWADDR: Operation not permitted

Doing some digging, it seems to be related to ubuntu deciding to restrict unprivileged user namespaces https://ubuntu.com/blog/ubuntu-23-10-restricted-unprivileged-user-namespaces. I found a fix, detailed here: https://etbe.coker.com.au/2024/04/24/ubuntu-24-04-bubblewrap/ which got opam working again.

Config:

<include here the output of `opam config report`, if applicable>
# opam config report
# opam-version         2.1.5 
# self-upgrade         no
# system               arch=x86_64 os=linux os-distribution=ubuntu os-version=24.04
# solver               builtin-mccs+glpk
# install-criteria     -removed,-count[avoid-version,changed],-count[version-lag,request],-count[version-lag,changed],-count[missing-depexts,changed],-changed
# upgrade-criteria     -removed,-count[avoid-version,changed],-count[version-lag,solution],-count[missing-depexts,changed],-new
# jobs                 19
# repositories         2 (http) (default repo at 76de4586)
# pinned               1 (rsync)
# current-switch       4.14
# ocaml:native         true
# ocaml:native-tools   true
# ocaml:native-dynlink true
# ocaml:stubsdir       /home/dorian/.opam/4.14/lib/ocaml/stublibs:/home/dorian/.opam/4.14/lib/ocaml
# ocaml:preinstalled   false
# ocaml:compiler       4.14.1
@shonfeder shonfeder mentioned this issue May 22, 2024
Closed
@michael-schwarz michael-schwarz mentioned this issue May 27, 2024
Open
@cuihtlauac
Copy link

cuihtlauac commented Jun 6, 2024
edited
Loading

Thanks @dlesbre, I've experienced the same issue. Upgrade to 24.04, and then opam upgrade failure. Doing as suggested by @etbe worked. I'm copying his suggestion here:

To resolve that you could upgrade to SE Linux, but the other option is to create a file named /etc/apparmor.d/bwrap with the following contents:

abi <abi/4.0>,
include <tunables/global>

profile bwrap /usr/bin/bwrap flags=(unconfined) {
  userns,

  # Site-specific additions and overrides. See local/README for details.
  include if exists <local/bwrap>
}

Then run systemctl reload apparmor.

@samvv
Copy link

samvv commented Jun 11, 2024

I can confirm that the solution posted by @cuihtlauac worked. Might be worthwhile to add it to the docs?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
AREA: SANDBOX
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@cuihtlauac @rjbou @dlesbre @samvv