From 849ba4de6a98e09352c09e63adffe91de2e908a8 Mon Sep 17 00:00:00 2001 From: Lutz Reinhardt Date: Mon, 13 Apr 2026 10:03:15 +0000 Subject: [PATCH 1/2] make linux-sandbox settings persistent across reboots --- README.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 71a8212..a06ae29 100644 --- a/README.md +++ b/README.md @@ -113,7 +113,8 @@ Canonical [decided to restrict user namespaces for security reasons](https://dis To still be able to use `linux-sandbox` without disabling `apparmor` run the following commands on your host: ```bash -sudo tee /etc/apparmor.d/bazel-linux-sandbox > /dev/null < /dev/null <, include @@ -121,10 +122,10 @@ profile linux-sandbox /var/cache/bazel/install/*/linux-sandbox flags=(unconfined userns, # Site-specific additions and overrides. See local/README for details. - include if exists + include if exists } EOF -sudo apparmor_parser -r /etc/apparmor.d/bazel-linux-sandbox +sudo apparmor_parser -r /etc/apparmor.d/aaa-bazel-linux-sandbox ``` When done From 81d30c47cb869893a95a93cd396f4af89ae7c599 Mon Sep 17 00:00:00 2001 From: Lutz Reinhardt Date: Mon, 13 Apr 2026 10:19:15 +0000 Subject: [PATCH 2/2] write permissions for pr title workflow --- .github/workflows/pr-title-semantic.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-title-semantic.yaml b/.github/workflows/pr-title-semantic.yaml index 7a33211..51f999f 100644 --- a/.github/workflows/pr-title-semantic.yaml +++ b/.github/workflows/pr-title-semantic.yaml @@ -20,7 +20,7 @@ on: - reopened - synchronize permissions: - pull-requests: read + pull-requests: write jobs: semantic-pr-title: name: Semantic PR Title