This assumed it would be run as root, so has been broken since we stopped running application scripts as root inside img/app VMs. Reported-by: Johannes Süllner <johannes.suellner@mailbox.org> Link: https://matrix.to/#/!xSysqhzbOZImdvGpix:fairydust.space/$9psDI3BIP00EIzW-qOq... Fixes: 8bfcbf9 ("img/app: run applications as non-root") Signed-off-by: Alyssa Ross <hi@alyssa.is> --- vm/app/systemd-sysupdate/download-update | 1 + 1 file changed, 1 insertion(+) diff --git a/vm/app/systemd-sysupdate/download-update b/vm/app/systemd-sysupdate/download-update index eada41c..335e389 100755 --- a/vm/app/systemd-sysupdate/download-update +++ b/vm/app/systemd-sysupdate/download-update @@ -3,6 +3,7 @@ # SPDX-FileCopyrightText: 2025 Demi Marie Obenour <demiobenour@gmail.com> export LC_ALL C export LANGUAGE C +unshare -rUm if { mount -toverlay -olowerdir=/run/virtiofs/virtiofs0/etc:/etc -- overlay /etc } backtick tmpdir { mktemp -d /tmp/sysupdate-XXXXXX } # Not a useless use of cat: if there are NUL bytes in the URL base-commit: 9f33ec29d39df59589ed7c1b85d54e116e135df8 -- 2.51.0