snapd

cannot compile snap-confine apparmor profile on openSUSE Leap 42.3

Bug #1805485 reported by Zygmunt Krynicki on 2018-11-27

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	snapd	Fix Released	Critical	Zygmunt Krynicki	snapd 2.36.3

Bug Description

By debugging something else we noticed that on openSUSE Leap 42.3 we cannot compile snap-confine apparmor profile (even though we are not re-executing snap-confine there).

error: cannot perform the following tasks:
- Setup snap "core" (6016) security profiles (cannot setup apparmor for snap "core": cannot create host snap-confine apparmor configuration: cannot reload snap-confine apparmor profile: cannot load apparmor profiles: exit status 1
apparmor_parser output:
AppArmor parser error for /var/lib/snapd/apparmor/profiles/snap-confine.core.6016 in /var/lib/snapd/apparmor/profiles/snap-confine.core.6016 at line 103: Exec condition must begin with '/'.
)
- Setup snap "core" (6016) security profiles (cannot create host snap-confine apparmor configuration: cannot reload snap-confine apparmor profile: cannot load apparmor profiles: exit status 1
apparmor_parser output:
AppArmor parser error for /var/lib/snapd/apparmor/profiles/snap-confine.core.6016 in /var/lib/snapd/apparmor/profiles/snap-confine.core.6016 at line 103: Exec condition must begin with '/'.

Zygmunt Krynicki (zyga) on 2018-11-29

Changed in snapd:
milestone:	2.36.2 → 2.36.3

Revision history for this message

Zygmunt Krynicki (zyga) wrote on 2018-11-29:

A "master" version of the fix is proposed in https://github.com/snapcore/snapd/pull/6244 - the one for the release branch will be a small subset of that, with just the essential part.