There seems to be two related but independent problems here. The first one is the original problem reported in the description above: the snap user directory is inaccessible to the snap itself. This should indeed be fixed, and there's apparently no reason for us to move this data out of $HOME that is set for uid=0 (proposal #2), as that's what we have for every other user.
The second problem is that sudo works as it usually does, with some of the environment from the calling user. The answer to this one feels slightly less obvious, but I'm tempted to suggest following the usual route of setting the data path to the effective user id, to avoid this sort of ownership problem. Unfortunately, this also implies that applications will no longer run with the context of the calling user under sudo, and I'm not sure of the implications that this will unfold at this point, but perhaps it's okay to try and see. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1466234 Title: Apparmor denial for access to SNAP_APP_USER_DATA_PATH as root To manage notifications about this bug go to: https://bugs.launchpad.net/snappy/+bug/1466234/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
