GNU bug report logs - #71226
‘guix shell -C’ doesn’t work on Ubuntu 24.04

Previous Next

Package: guix;

Reported by: Ludovic Courtès <ludovic.courtes <at> inria.fr>

Date: Mon, 27 May 2024 14:56:01 UTC

Severity: important

Full log

Message #46 received at 71226 <at> debbugs.gnu.org (full text, mbox):

From: Marek Felšöci <marek <at> felsoci.sk>
To: 71226 <at> debbugs.gnu.org
Subject: ‘guix shell -C’ doesn’t work on Ubuntu 24.04
Date: Fri, 28 Mar 2025 13:25:16 +0100

Hello to all,

I have got some news on the subject. Recently, I found this gist: 
https://gist.github.com/laanwj/cddb2ec7d18e71066d21e5ee993fe971

It proposes an AppArmor profile for Guix together with some explanations.

After adapting the path to the `guix` executable like so

```
abi <abi/4.0>,

include <tunables/global>

profile guix /gnu/store/{*-guix-command,*/bin/guix} flags=(unconfined) {
  userns,
  # Site-specific additions and overrides. See local/README for details.
  include if exists <local/guix>
}
```

and loading the profile into AppArmor, I am able to run `guix shell -C bash -- 
bash`. Possibly too permissive, the profile works though. It may at least 
provide a temporary solution for those, like me, for who the container 
functionality is critical on daily basis.

Best regards,
Marek
This bug report was last modified 22 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.