Skip to content

Bug 41153: Update README for Ubuntu 24.04 unprivileged user namespace changes

NoisyCoil requested to merge NoisyCoil/tor-browser-build:bug_41153 into main

Merge Info

Related Issues

Backporting

Timeline

  • Immediate: patchset needed as soon as possible
  • Next Minor Stable Release: patchset that needs to be verified in nightly before backport
  • Eventually: patchset that needs to be verified in alpha before backport
  • No Backport (preferred): patchset for the next major stable

(Optional) Justification

  • Emergency security update: patchset fixes CVEs, 0-days, etc
  • Censorship event: patchset enables censorship circumvention
  • Critical bug-fix: patchset fixes a bug in core-functionality
  • Consistency: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
  • Sponsor required: patchset required for sponsor
  • Other: please explain

Issue Tracking

Review

Request Reviewer

  • Request review from an applications developer depending on modified system:
    • NOTE: if the MR modifies multiple areas, please /cc all the relevant reviewers (since gitlab only allows 1 reviewer)
    • accessibility : henry
    • android : clairehurst, dan
    • build system : boklm
    • extensions : ma1
    • firefox internals (XUL/JS/XPCOM) : jwilde, ma1
    • fonts : pierov
    • frontend (implementation) : henry
    • frontend (review) : donuts, richard
    • localization : henry, pierov
    • macOS : clairehurst, dan
    • nightly builds : boklm
    • rebases/release-prep : boklm, dan, ma1, pierov, richard
    • security : jwilde, ma1
    • signing : boklm, richard
    • updater : pierov
    • windows : jwilde, richard
    • misc/other : pierov, richard

Change Description

This MR updates the README to account for the Ubuntu 24.04 changes described in #41153 (closed). I specified the Ubuntu version because AFAIK the apparmor_restrict_unprivileged_userns kernel setting did not exist before 23.10 (but the feature was only made default starting from 24.04), so trying to set it on older systems may fail.

How Tested

Builds on Ubuntu 24.04 were reported to succeed using these instructions. I myself could verify that the unprivileged user namespace restrictions are disabled as expected using the new instructions.

Edited by boklm

Merge request reports

Loading