** Also affects: snap-confine (Ubuntu)
** Also affects: snap-confine (Ubuntu Xenial)
** Changed in: snap-confine (Ubuntu)
Status: New => Fix Released
** Changed in: snap-confine (Ubuntu Xenial)
Status: New => In Progress
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
Add support for capability-based permissions
Status in Snappy Launcher:
Status in snap-confine package in Ubuntu:
Status in snap-confine source package in Xenial:
snap-confine relies on being a setuid root executable to perform
privileged operations. This bug is about using linux capabilities
stored in extended filesysystem attributes. The patch was essentially
moved from the Fedora package where it was crated to the mainline
branch. It consists of a build-time decision that does the required
build system changes.
snap-confine can be used as a non-setuid root executable (e.g. using
the current code in the fedora package from which this patch
This change does not affect the Ubuntu package.
* This bug is a part of a major SRU that brings snap-confine in Ubuntu
16.04 in line with the current upstream release 1.0.41.
* snap-confine is technically an integral part of snapd which has an
SRU exception and is allowed to introduce new features and take
advantage of accelerated procedure. For more information see
== # Pre-SRU bug description follows # ==
Fedora has moved away from setuid executables and instead relies on
extended attributes to grant additional permissions to applications
that require this.
The 1.0.39 release has been patched in Fedora to use CAP_SYS_ADMIN
instead of the setuid bit without (so far) any adverse effects. This
patch should be a compile-time option.
To manage notifications about this bug go to:
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : firstname.lastname@example.org
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help : https://help.launchpad.net/ListHelp