Version in base suite: 6.0.4-2+deb13u1
Version in overlay suite: 6.0.4-2+deb13u2

Base version: incus_6.0.4-2+deb13u2
Target version: incus_6.0.4-2+deb13u3
Base file: /srv/ftp-master.debian.org/ftp/pool/main/i/incus/incus_6.0.4-2+deb13u2.dsc
Target file: /srv/ftp-master.debian.org/policy/pool/main/i/incus/incus_6.0.4-2+deb13u3.dsc

 changelog                                       |    6 ++
 patches/008-cherry-pick-fix-nested-docker.patch |   72 ++++++++++++++++++++++++
 patches/series                                  |    1 
 3 files changed, 79 insertions(+)

diff -Nru incus-6.0.4/debian/changelog incus-6.0.4/debian/changelog
--- incus-6.0.4/debian/changelog	2025-11-10 13:32:56.000000000 +0000
+++ incus-6.0.4/debian/changelog	2025-11-22 15:21:53.000000000 +0000
@@ -1,3 +1,9 @@
+incus (6.0.4-2+deb13u3) trixie; urgency=medium
+
+  * Backport fix for running nested docker in containers (Closes: #1121011)
+
+ -- Mathias Gibbens <gibmat@debian.org>  Sat, 22 Nov 2025 15:21:53 +0000
+
 incus (6.0.4-2+deb13u2) trixie-security; urgency=high
 
   * Backport upstream fix for GHSA-56mx-8g9f-5crf
diff -Nru incus-6.0.4/debian/patches/008-cherry-pick-fix-nested-docker.patch incus-6.0.4/debian/patches/008-cherry-pick-fix-nested-docker.patch
--- incus-6.0.4/debian/patches/008-cherry-pick-fix-nested-docker.patch	1970-01-01 00:00:00.000000000 +0000
+++ incus-6.0.4/debian/patches/008-cherry-pick-fix-nested-docker.patch	2025-11-22 15:21:53.000000000 +0000
@@ -0,0 +1,72 @@
+From 1fbe4bffb9748cc3b07aaf5db310d463c1e827d0 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgraber@stgraber.org>
+Date: Wed, 5 Nov 2025 20:24:47 -0500
+Subject: [PATCH] incusd/apparmor/lxc: Don't bother with sys/proc protections
+ when nesting enabled
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+When nesting is enabled, it's possible for the container to get a clean
+copy of /proc or /sys mounted anywhere without AppArmor being able to
+mediate. So there's little point in trying to apply safety checks on top
+of the main /proc and /sys.
+
+On top of that, we've recently discovered that AppArmor doesn't properly
+handle file access relative to a file descriptor, causing a bunch of
+those checks to deny access when they shouldn't.
+
+Closes #2623
+
+Signed-off-by: Stéphane Graber <stgraber@stgraber.org>
+Rebased-by: Mathias Gibbens <gibmat@debian.org>
+---
+ internal/server/apparmor/instance_lxc.profile.go | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/internal/server/apparmor/instance_lxc.profile.go b/internal/server/apparmor/instance_lxc.profile.go
+index 5c46e8af0..417eb6f97 100644
+--- a/internal/server/apparmor/instance_lxc.profile.go
++++ b/internal/server/apparmor/instance_lxc.profile.go
+@@ -329,6 +329,7 @@ profile "{{ .name }}" flags=(attach_disconnected,mediate_deleted) {
+   mount options=(rw,move) /sy[^s]*{,/**},
+   mount options=(rw,move) /sys?*{,/**},
+ 
++{{- if not .nesting }}
+   # Block dangerous paths under /proc/sys
+   deny /proc/sys/[^fkn]*{,/**} wklx,
+   deny /proc/sys/f[^s]*{,/**} wklx,
+@@ -424,6 +425,7 @@ profile "{{ .name }}" flags=(attach_disconnected,mediate_deleted) {
+   deny /sys/fs/cgrou[^p]*{,/**} wklx,
+   deny /sys/fs/cgroup?*{,/**} wklx,
+   deny /sys/fs?*{,/**} wklx,
++{{- end }}
+ 
+ {{- if .feature_unix }}
+ 
+@@ -446,6 +448,7 @@ profile "{{ .name }}" flags=(attach_disconnected,mediate_deleted) {
+ 
+ {{- if .feature_stacking }}
+ 
++{{- if not .nesting }}
+   ### Feature: apparmor stacking
+   deny /sys/k[^e]*{,/**} wklx,
+   deny /sys/ke[^r]*{,/**} wklx,
+@@ -471,14 +474,17 @@ profile "{{ .name }}" flags=(attach_disconnected,mediate_deleted) {
+   deny /sys/kernel/security/apparmor?*{,/**} wklx,
+   deny /sys/kernel/security?*{,/**} wklx,
+   deny /sys/kernel?*{,/**} wklx,
++{{- end }}
+ 
+   change_profile -> ":{{ .namespace }}:*",
+   change_profile -> ":{{ .namespace }}://*",
+ {{- else }}
+ 
+   ### Feature: apparmor stacking (not present)
++{{- if not .nesting }}
+   deny /sys/k*{,/**} wklx,
+ {{- end }}
++{{- end }}
+ 
+ {{- if .nesting }}
+ 
diff -Nru incus-6.0.4/debian/patches/series incus-6.0.4/debian/patches/series
--- incus-6.0.4/debian/patches/series	2025-11-10 13:32:50.000000000 +0000
+++ incus-6.0.4/debian/patches/series	2025-11-22 15:21:53.000000000 +0000
@@ -5,6 +5,7 @@
 005-cherry-pick-qemu-socket-cleanup.patch
 006-cherry-pick-agent-mount-retry.patch
 007-cherry-pick-usb-hotplug-fix.patch
+008-cherry-pick-fix-nested-docker.patch
 100-CVE-2025-54293.patch
 101-CVE-2025-54287.patch
 102-CVE-2025-54288.patch