/proc/self/smaps_rollup is a harmless, aggregate unprivileged read for
memory statistics. Instead of forcing every downstream developer and
package maintainer (Chromium, Brave, Spotify, Nextcloud, etc.) to
manually patch out memory metrics from their source code to prevent
gigabytes of syslog spam, this rule should be added globally to the
snapd default base profile.

Until snapd handles these aggregate /proc reads properly (or silences
them with deny flags=(quiet)), application wrappers are just playing
endless whack-a-mole with AppArmor denials. Other projects are facing
the exact same log spam, as seen on Brave's tracking issue:
https://github.com/brave/brave-browser/issues/51948

** Bug watch added: github.com/brave/brave-browser/issues #51948
   https://github.com/brave/brave-browser/issues/51948

** Also affects: snapd (Ubuntu)
   Importance: Undecided
       Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2110510

Title:
  New AppArmor logspam under snap v136.0.7103.92

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/2110510/+subscriptions


-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to