Canonical Juju

Error in Juju 3 snap confinement

Bug #1998791 reported by Jon Seager
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Canonical Juju
Triaged
Medium
Unassigned

Bug Description

In a recent deployment of Juju, I noticed the following in the `dmesg` output for my machine:

```
[ 504.869006] audit: type=1400 audit(1670250134.005:323): apparmor="DENIED" operation="open" profile="snap.juju.juju" name="/proc/49988/cpuset" pid=49988 comm="juju" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[ 506.037731] audit: type=1400 audit(1670250135.173:324): apparmor="DENIED" operation="open" profile="snap.juju.juju" name="/proc/50650/cpuset" pid=50650 comm="juju" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[ 507.183638] audit: type=1400 audit(1670250136.319:325): apparmor="DENIED" operation="open" profile="snap.juju.juju" name="/proc/51388/cpuset" pid=51388 comm="juju" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[ 508.360325] audit: type=1400 audit(1670250137.496:326): apparmor="DENIED" operation="open" profile="snap.juju.juju" name="/proc/52093/cpuset" pid=52093 comm="juju" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[ 509.514507] audit: type=1400 audit(1670250138.650:327): apparmor="DENIED" operation="open" profile="snap.juju.juju" name="/proc/53645/cpuset" pid=53645 comm="juju" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[ 510.632388] audit: type=1400 audit(1670250139.768:328): apparmor="DENIED" operation="open" profile="snap.juju.juju" name="/proc/54499/cpuset" pid=54499 comm="juju" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[ 511.778064] audit: type=1400 audit(1670250140.914:329): apparmor="DENIED" operation="open" profile="snap.juju.juju" name="/proc/55110/cpuset" pid=55110 comm="juju" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[ 512.960995] audit: type=1400 audit(1670250142.097:330): apparmor="DENIED" operation="open" profile="snap.juju.juju" name="/proc/56069/cpuset" pid=56069 comm="juju" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[ 514.096466] audit: type=1400 audit(1670250143.232:331): apparmor="DENIED" operation="open" profile="snap.juju.juju" name="/proc/56955/cpuset" pid=56955 comm="juju" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[ 515.232184] audit: type=1400 audit(1670250144.368:332): apparmor="DENIED" operation="open" profile="snap.juju.juju" name="/proc/57838/cpuset" pid=57838 comm="juju" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
```

This is `3.0.3-10fda27` from `3.0/edge`.

Looks like a missing snap interface auto-connection, but needs investigating either way. The messages are *very* numerous!

Joseph Phillips (manadart)
Changed in juju:
status: New → Triaged
importance: Undecided → Medium
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.