Public bug reported:
Hi,
each time I boot my system, the Linux kernel outputs the following audit
messages.
Would it be possible to get rid of the "DENIED" messages by updating the
snap-confine AppArmor profile ?
# dmesg | grep snap-confine
[ 16.156481] audit: type=1400 audit(1749048206.042:249): apparmor="STATUS"
operation="profile_load" profile="unconfined"
name="/snap/core/17210/usr/lib/snapd/snap-confine" pid=2996
comm="apparmor_parser"
[ 29.009413] audit: type=1400 audit(1749048218.894:459): apparmor="STATUS"
operation="profile_replace" profile="unconfined"
name="/snap/snapd/24505/usr/lib/snapd/snap-confine" pid=6094
comm="apparmor_parser"
[ 29.021705] audit: type=1400 audit(1749048218.907:460): apparmor="STATUS"
operation="profile_replace" profile="unconfined"
name="/snap/snapd/24505/usr/lib/snapd/snap-confine//mount-namespace-capture-helper"
pid=6094 comm="apparmor_parser"
[ 36.611637] audit: type=1400 audit(1749048226.497:685): apparmor="DENIED"
operation="capable" class="cap"
profile="/snap/snapd/24505/usr/lib/snapd/snap-confine" pid=7541
comm="snap-confine" capability=12 capname="net_admin"
[ 36.612432] audit: type=1400 audit(1749048226.497:686): apparmor="DENIED"
operation="capable" class="cap"
profile="/snap/snapd/24505/usr/lib/snapd/snap-confine" pid=7541
comm="snap-confine" capability=38 capname="perfmon"
$ snap version
snap 2.68.4
snapd 2.68.4
series 16
ubuntu 25.04
kernel 6.14.0-15-generic
PS : I tried to use ubuntu-bug from apport to report this bug. It tried
to report a bug to Github and failed.
** Affects: snapd (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2112478
Title:
apparmor="DENIED" audit messages
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/2112478/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
