Latest snap-confine seem break the lxd snap function. It used to work until recent update.
snap-confine 2.22.6 lxd 2.12-0ubuntu3~ubuntu16.04.1~ppa1 linux-image-4.4.0-72-generic 4.4.0-72.93 Apr 18 15:33:22 snapbox audit[15919]: AVC apparmor="DENIED" operation="file_inherit" namespace="root//lxd-devbox_<var-lib-lxd>" profile="/usr/lib/snapd/snap-confine" name="/dev/tty" pid=15919 comm="snap-confine" requested_mask="wr" denied_mask="wr" fsuid=265536 ouid=0 Apr 18 15:33:22 snapbox audit[15919]: SYSCALL arch=c000003e syscall=59 success=yes exit=0 a0=c820161b00 a1=c820194150 a2=c82008bb20 a3=0 items=2 ppid=15917 pid=15919 auid=4294967295 uid=265536 gid=265536 euid=265536 suid=265536 fsuid=265536 egid=265536 sgid=265536 fsgid=265536 tty=(none) ses=4294967295 comm="snap-confine" exe="/usr/lib/snapd/snap-confine" key=(null) Apr 18 15:33:22 snapbox audit: BPRM_FCAPS fver=0 fp=0000000000000000 fi=0000000000000000 fe=0 old_pp=0000003ffdfcffff old_pi=0000000000000000 old_pe=0000003ffdfcffff new_pp=0000003ffdfcffff new_pi=0000000000000000 new_pe=0000003ffdfcffff Apr 18 15:33:22 snapbox audit: EXECVE argc=4 a0="/usr/lib/snapd/snap-confine" a1="snap.hello-world.hello-world" a2="/usr/lib/snapd/snap-exec" a3="hello-world" Apr 18 15:33:22 snapbox audit: CWD cwd="/home/ubuntu" Apr 18 15:33:22 snapbox audit: PATH item=0 name="/usr/lib/snapd/snap-confine" inode=27527378 dev=08:02 mode=0104755 ouid=265536 ogid=265536 rdev=00:00 nametype=NORMAL Apr 18 15:33:22 snapbox audit: PATH item=1 name="/lib64/ld-linux-x86-64.so.2" inode=19678033 dev=08:02 mode=0100755 ouid=265536 ogid=265536 rdev=00:00 nametype=NORMAL -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1611078 Title: Support snaps inside of lxd containers To manage notifications about this bug go to: https://bugs.launchpad.net/snappy/+bug/1611078/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
