[regression?] 3.1.5 DENIES bind mounts
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
AppArmor |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
In our snapd tests we noticed that that with 3.1.5 on arch we now get new denials:
"""
$ spread -debug -v google:
...
+ test-snapd-
cannot update snap namespace: cannot create writable mimic over "/etc": permission denied
snap-update-ns failed with code 1
# dmesg
[ 808.531909] audit: type=1400 audit(168675957
# grep .snap/etc /var/lib/
"/tmp/.snap/etc/" rw,
mount options=(rw, rbind) "/etc/" -> "/tmp/.snap/etc/",
"""
this is turning out to be more complicated than expected.
what is the kernel version, and can you attach the full profile.