[Bug 2154378] Re: Snaps lost internet access after updating snapd to 2.75.2 on Ubuntu 26.04

Sat, 30 May 2026 16:15:35 -0700 

The diff to the snap firefox profile on my end is larger, not what I would 
expect to cause networking issues.

-# Description: Can query system mount and disk quota information. This is
-# restricted because it gives privileged read access to mount arguments and
-# should only be used with trusted apps.
-
-# Support coreutils paths (LP: #2123870)
-@{SNAP_COREUTIL_DIRS}df ixr,
-
-# Needed by 'df'. This is an information leak
-@{PROC}/mounts r,
-# Needed by 'htop' to detect whether it's running under lxc/lxd/docker
-@{PROC}/1/mounts r,
-
-owner @{PROC}/@{pid}/mounts r,
-owner @{PROC}/@{pid}/mountinfo r,
-owner @{PROC}/@{pid}/mountstats r,
-
-# some processes might read mount* from /proc/thread-self/ instead
-# and those resolve to the following: (no mountstats here)
-owner @{PROC}/@{pid}/task/@{tid}/mounts r,
-owner @{PROC}/@{pid}/task/@{tid}/mountinfo r,
-
-/sys/devices/*/block/{,**} r,
-
-# Needed by 'htop' to calculate RAM usage more accurately (and informational 
purposes, if enabled)
-@{PROC}/spl/kstat/zfs/arcstats r,
-
-@{PROC}/swaps r,
-
-# This is often out of date but some apps insist on using it
-/etc/mtab r,
-/etc/fstab r,
-
-# some apps also insist on consulting utab
-/run/mount/utab r,
-
-


 
+# Allow non-owner read to non-hidden and non-snap files and directories
+capability dac_read_search,
+# TODO: use GenerateAAREExclusionPatterns for this - though the first
+# rule here complicates using it slightly from the inclusion of the "." to
+# prevent reading dotfiles
+@{HOME}/               r,
+@{HOME}/[^s.]**        r,
+@{HOME}/s[^n]**        r,
+@{HOME}/sn[^a]**       r,
+@{HOME}/sna[^p]**      r,
+@{HOME}/snap[^/]**     r,
+@{HOME}/{s,sn,sna}{,/} r,
+
+

and the difference in the dbus name
-# bind to a well-known DBus name: org.mozilla.firefox
+# bind to a well-known DBus name: org.mozilla.firefox_nightly
 dbus (bind)
     bus=session
-    name=org.mozilla.firefox,
+    name=org.mozilla.firefox_nightly,

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2154378

Title:
  Snaps lost internet access after updating snapd to 2.75.2 on Ubuntu
  26.04

To manage notifications about this bug go to:
https://bugs.launchpad.net/snapd/+bug/2154378/+subscriptions


-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to