[Desktop-packages] [Bug 1593407] Re: Guest session cannot run snaps
Hi Alberto, the audit log output when starting firefox is the following: Sep 23 06:49:13 ub22mate audit[5486]: AVC apparmor="DENIED" operation="mkdir" profile="/snap/snapd/16778/usr/lib/snapd/snap-confine" name="/tmp/guest-tikhhx/" pid=5486 comm="snap-confine" requested_mask="c" denied_mask="c" fsuid=997 ouid=997 The permissions of the created directory are: guest-tikhhx@ub22mate:~$ ls -la /tmp/guest-tikhhx/snap/firefox/ insgesamt 0 drwxr-xr-x 4 guest-tikhhx guest-tikhhx 100 Sep 23 06:49 . drwx-- 3 guest-tikhhx guest-tikhhx 60 Sep 23 06:49 .. drwxr-xr-x 2 guest-tikhhx guest-tikhhx 40 Sep 23 06:49 1860 drwxr-xr-x 2 guest-tikhhx guest-tikhhx 40 Sep 23 06:49 common lrwxrwxrwx 1 guest-tikhhx guest-tikhhx 4 Sep 23 06:49 current -> 1860 And just to be clear: this seems to be a Snap problem, not a Firefox problem, as the Snaps of Chromium, Opera and Skype show same behaviour. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to lightdm in Ubuntu. https://bugs.launchpad.net/bugs/1593407 Title: Guest session cannot run snaps Status in Light Display Manager: Confirmed Status in Snappy: Confirmed Status in Ubuntu MATE: Confirmed Status in Desktop: New Status in firefox package in Ubuntu: Confirmed Status in lightdm package in Ubuntu: Confirmed Status in snapd package in Ubuntu: Confirmed Status in firefox source package in Xenial: Confirmed Status in lightdm source package in Xenial: Confirmed Status in snapd source package in Xenial: Confirmed Bug description: I'm using Ubuntu 16.04. The guest session cannot execute snaps, because of a permission error. The LightDM's guest session AppArmor profile is not allowing access to /snap and other needed files and folders. To manage notifications about this bug go to: https://bugs.launchpad.net/lightdm/+bug/1593407/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1593407] Re: Guest session cannot run snaps
I don't know if somebody changed something since 2022-05-03 (Comment #6 form @nrbrtx ), but my error message when starting firefox (snap) on Ubuntu Mate 22.04 in a guest session is different: guest-qd9nle@ubrio22:~$ firefox cannot create user data directory: /tmp/guest-qd9nle/snap/firefox/1860: Permission denied I don't understand why there appears this Permission denied, as in /etc/apparmor.d/abstractions/lightdm the permission is: "owner /tmp/** rwlkmix,", so it seems to be ok. And more: the directory /tmp/guest- qd9nle/snap/firefox/1860 is created, despite the message. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to lightdm in Ubuntu. https://bugs.launchpad.net/bugs/1593407 Title: Guest session cannot run snaps Status in Light Display Manager: Confirmed Status in Snappy: Confirmed Status in Ubuntu MATE: Confirmed Status in Desktop: New Status in firefox package in Ubuntu: Confirmed Status in lightdm package in Ubuntu: Confirmed Status in snapd package in Ubuntu: Confirmed Status in firefox source package in Xenial: Confirmed Status in lightdm source package in Xenial: Confirmed Status in snapd source package in Xenial: Confirmed Bug description: I'm using Ubuntu 16.04. The guest session cannot execute snaps, because of a permission error. The LightDM's guest session AppArmor profile is not allowing access to /snap and other needed files and folders. To manage notifications about this bug go to: https://bugs.launchpad.net/lightdm/+bug/1593407/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
