Bug#1001263: logind: IdleAction=ignore not effective
Package: systemd Version: 249.7-1 Severity: normal X-Debbugs-Cc: andreakarim...@gmail.com Dear Maintainer, changing IdleAction options inside /etc/systemd/logind.conf does not have any effect on automatic sleep. In addition, even specifying a command that should explicitly prevent the system from going to sleep on idle has also no effect: # systemd-inhibit --what=idle bash -c 'sleep 999' # systemd-inhibit --list WHO UID USER PIDCOMMWHAT WHY MODE ModemManager 0root 1213 ModemManagersleep ModemManager needs to reset devices delay NetworkManager 0root 1150 NetworkManager sleep NetworkManager needs to turn off networks delay Unattended Upgrades Shutdown 0root 1273 unattended-upgr shutdown Stop ongoing upgrades or perform upgrades before shutdown delay bash -c sleep 9991000 karimo 2530 systemd-inhibit idle Unknown reasonblock Bests! -- Package-specific info: -- System Information: Debian Release: bookworm/sid APT prefers stable-security APT policy: (500, 'stable-security'), (500, 'unstable'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.15.0-2-amd64 (SMP w/16 CPU threads) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages systemd depends on: ii adduser 3.118 ii libacl1 2.3.1-1 ii libapparmor1 3.0.3-6 ii libaudit11:3.0.6-1+b1 ii libblkid12.37.2-4 ii libc62.32-4 ii libcap2 1:2.44-1 ii libcrypt11:4.4.26-1 ii libcryptsetup12 2:2.4.2-1 ii libgcrypt20 1.9.4-4 ii libgnutls30 3.7.2-2 ii libgpg-error01.42-3 ii libip4tc21.8.7-1 ii libkmod2 29-1 ii liblz4-1 1.9.3-2 ii liblzma5 5.2.5-2 ii libmount12.37.2-4 ii libpam0g 1.4.0-10 ii libseccomp2 2.5.3-2 ii libselinux1 3.3-1+b1 ii libsystemd0 249.7-1 ii libzstd1 1.4.8+dfsg-3 ii mount2.37.2-4 ii util-linux 2.37.2-4 Versions of packages systemd recommends: ii dbus [default-dbus-system-bus] 1.12.20-3 ii systemd-timesyncd [time-daemon] 249.7-1 Versions of packages systemd suggests: ii policykit-10.105-31 pn systemd-container Versions of packages systemd is related to: pn dracut ii initramfs-tools 0.140 ii libnss-systemd 249.7-1 ii libpam-systemd 249.7-1 ii udev 249.7-1 -- Configuration Files: /etc/systemd/journald.conf changed: [Journal] SystemMaxUse=5G /etc/systemd/logind.conf changed: [Login] IdleAction=ignore IdleActionSec=120min -- no debconf information
Bug#993783: snapd: AppArmor profile breaks snaps
Package: snapd Version: 2.51.7-1 Severity: grave Justification: renders package unusable X-Debbugs-Cc: andreakarim...@gmail.com Dear Maintainer, * What led up to the situation? Trying to run a "classic" snap. * What exactly did you do (or not do) that was effective (or ineffective)? Just tried to run the snap. * What was the outcome of this action? AppArmor DENIED and snap not starting * What outcome did you expect instead? Snap to run properly The AppArmor profile for /usr/lib/snapd/snap-confine prevents snaps such as slack and spotify to run at all: $ slack cannot change profile for the next exec call: No such file or directory $ spotify WARNING: cgroup v2 is not fully supported yet, proceeding with partial confinement cannot change profile for the next exec call: No such file or directory snap-update-ns failed with code 1 Sep 06 13:47:04 XXX kernel: audit: type=1400 audit(1630928824.498:38): apparmor="DENIED" operation="change_onexec" info="label not found" error=-2 profile="/usr/lib/snapd/snap-confine" name="snap-update-ns.spotify" pid=10039 comm="snap-confine" Sep 06 13:47:04 XXX kernel: audit: type=1400 audit(1630928824.498:37): apparmor="DENIED" operation="capable" profile="/usr/lib/snapd/snap-confine" pid=10025 comm="snap-confine" capability=4 capname="fsetid" Sep 06 13:47:04 XXX audit[10039]: AVC apparmor="DENIED" operation="change_onexec" info="label not found" error=-2 profile="/usr/lib/snapd/snap-confine" name="snap-update-ns.spotify" pid=10039 comm="snap-confine" Sep 06 13:47:04 XXX audit[10025]: AVC apparmor="DENIED" operation="capable" profile="/usr/lib/snapd/snap-confine" pid=10025 comm="snap-confine" capability=4 capname="fsetid" Sep 06 13:46:59 XXX audit[9942]: AVC apparmor="DENIED" operation="change_onexec" info="label not found" error=-2 profile="/usr/lib/snapd/snap-confine" name="snap.slack.slack" pid=9942 comm="snap-confine" Sep 06 13:46:59 XXX kernel: audit: type=1400 audit(1630928819.269:36): apparmor="DENIED" operation="change_onexec" info="label not found" error=-2 profile="/usr/lib/snapd/snap-confine" name="snap.slack.slack" pid=9942 comm="snap-confine" -- System Information: Debian Release: bookworm/sid APT prefers stable-security APT policy: (500, 'stable-security'), (500, 'unstable'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-8-amd64 (SMP w/16 CPU threads) Kernel taint flags: TAINT_OOT_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages snapd depends on: ii adduser 3.118 ii apparmor 3.0.3-2 ii ca-certificates 20210119 ii gnupg2.2.27-2 ii libapparmor1 3.0.3-2 ii libc62.32-1 ii libcap2 1:2.44-1 ii libseccomp2 2.5.1-1 ii libudev1 247.9-1 ii openssh-client 1:8.4p1-6 ii squashfs-tools 1:4.5-2 ii systemd 247.9-1 ii udev 247.9-1 Versions of packages snapd recommends: ii gnupg 2.2.27-2 Versions of packages snapd suggests: ii zenity 3.32.0-7 -- no debconf information