** Also affects: snap-confine (Ubuntu)
   Importance: Undecided
       Status: New

** Changed in: snap-confine (Ubuntu)
       Status: New => Fix Released

** Also affects: snap-confine (Ubuntu Xenial)
   Importance: Undecided
       Status: New

You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs

  snap-confine doesn't work with new snap-run/snap-exec flow

Status in Snappy Launcher:
  Fix Released
Status in snap-confine package in Ubuntu:
  Fix Released
Status in snap-confine source package in Xenial:

Bug description:

  The architecture changes in snapd that involve the new snap-run ->
  snap-confine -> snap-exec flow require changes to the apparmor profile
  of snap-confine to function.

  This bug was fixed by a member of the security team.

  For more information about the execution environment, please see this
  article http://www.zygoon.pl/2016/08/snap-execution-environment.html

  [Test Case]

  The test case is that snap applications continue to work normally,
  which they do since this change is already in Ubuntu.

  Since this is a fundamental aspect of running snap applications this
  aspect is tested with each and every pull request and release by
  nearly every test (because each test tries to run snap applications).

  [Regression Potential]

   * Regression potential is minimal as the alternative is that snap
  applications cannot start at all.

  * The fix was tested on Ubuntu with spread, successfully.

  [Other Info]

  * This bug is a part of a major SRU that brings snap-confine in Ubuntu
  16.04 in line with the current upstream release 1.0.41.

  * This bug was included in an earlier SRU and is now fixed in Ubuntu.
  I am updating the template here to ensure that the process is fully
  documented from 1.0.38 all the way up to the current upstream release

  * snap-confine is technically an integral part of snapd which has an
  SRU exception and is allowed to introduce new features and take
  advantage of accelerated procedure. For more information see

  == # Pre-SRU bug description follows # ==

  snap-confine used to be invoked directly to run a set of applications
  under confinement. With the new flow in snapd the actual order of
  execution changed to:

  snap-run -> snap-confine -> snap-exec -> application code

  This requires tweaks to the apparmor policy of snap-confine.

To manage notifications about this bug go to:

Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to     : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

Reply via email to