Ubuntu
snap-confine package

  1. Xenial (16.04)
  2. Bug #1630789
  3. Comment #6

Comment 6 for bug 1630789

Revision history for this message
Tyler Hicks (tyhicks) wrote :

I made an unfortunate typo in the following sentence found in comment #4:

This explains the AppArmor denial from comment #3 containing "fsuid=296608 ouid=0". The setuid-container-root snap-confine task is correctly running as fsuid 296608 (container_ns root) but the mountinfo inode is correctly assigned uid 0 (init_ns root).

It should have read:

This explains the AppArmor denial from comment #3 containing "fsuid=296608 ouid=0". The setuid-container-root snap-confine task is correctly running as fsuid 296608 (container_ns root) but the mountinfo inode is *incorrectly* assigned uid 0 (init_ns root).