FYI, if people need to workaround this to get real work done, you can
add something like this to your bashrc:
snap_workaround() {
fn="/var/lib/snapd/apparmor/snap-confine/lp1849753"
test -e "$fn" && return
tmpfn=$(mktemp)
cat > "$tmpfn" <<EOM
# lp1849753
unix,
owner /** rw,
ptrace readby peer=unconfined,
EOM
echo "Moving workaround rules to '$fn'"
sudo mv "$tmpfn" "$fn"
echo "Reloading snap-confine policy"
sudo apparmor_parser -r /etc/apparmor.d/*snap-confine*
/var/lib/snapd/apparmor/profiles/snap-confine.*
# another mysterious issue where sometimes all the policy isn't loaded (eg,
with rustup)
echo "Reloading all snap.* policy (work around missing profiles)"
sudo apparmor_parser -r /var/lib/snapd/apparmor/profiles/snap.*
}
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1849753
Title:
AppArmor profile prohibits classic snap from inheriting file
descriptors
To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1849753/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
