Provisioning: Fix bwrap with apparmor on Ubuntu 24.04

Ubuntu 23.10 introduced new apparmor features and those prevent bwrap
to work correctly until a apparmor configuration file is installed.

Change-Id: Ie02bd98adb9e55c930c399e5e209c0c612907233
Reviewed-by: Robert Griebl <robert.griebl@qt.io>
Reviewed-by: Toni Saario <toni.saario@qt.io>
Reviewed-by: Tero Heikkinen <tero.heikkinen@qt.io>
(cherry picked from commit f7a8184c17)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
Reviewed-by: Aku Pietikäinen <aku.pietikainen@qt.io>

coin/provisioning/common/linux/fix-bwrap-apparmor.sh

@@ -0,0 +1,21 @@
+#!/usr/bin/env bash
+#Copyright (C) 2024 The Qt Company Ltd
+#SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
+
+# See https://ubuntu.com/blog/ubuntu-23-10-restricted-unprivileged-user-namespaces
+# and https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2046844/comments/89
+sudo bash -c 'cat > /etc/apparmor.d/bwrap' << EOF
+# This profile allows everything and only exists to give the
+# application a name instead of having the label "unconfined"
+
+abi <abi/4.0>,
+include <tunables/global>
+
+profile bwrap /usr/bin/bwrap flags=(unconfined) {
+  userns,
+
+  # Site-specific additions and overrides. See local/README for details.
+  include if exists <local/bwrap>
+}
+EOF
+

coin/provisioning/qtci-linux-Ubuntu-24.04-aarch64/03-fix-bwrap-apparmor.sh

@@ -0,0 +1,6 @@
+#!/usr/bin/env bash
+# Copyright (C) 2024 The Qt Company Ltd.
+# SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
+
+# shellcheck source=../common/linux/fix-bwrap-apparmor.sh
+source "${BASH_SOURCE%/*}/../common/linux/fix-bwrap-apparmor.sh"