cannot create mount point for file /tmp/snap.rootfs_
This bug report will be marked for expiration in 47 days if no further activity occurs. (find out why)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
snapd |
Incomplete
|
Undecided
|
Unassigned |
Bug Description
# snap --version
snap 2.62+22.04
snapd 2.62+22.04
series 16
ubuntu 22.04
kernel 6.5.0-1020-aws
Attempting to start snap package:
~# ssh-audit version
cannot create mount point for file "/tmp/snap.
Contents of /tmp/
# ls -l /tmp/
total 84
drwx------ 2 root root 4096 May 19 10:24 snap-private-tmp
drwx------ 2 root root 4096 May 19 10:30 snap.rootfs_1P4Kmn
drwx------ 2 root root 4096 May 19 10:24 snap.rootfs_DiD5AX
drwx------ 2 root root 4096 May 19 10:24 snap.rootfs_Jjr3EU
drwx------ 2 root root 4096 May 19 10:33 snap.rootfs_LEA0ic
drwx------ 2 root root 4096 May 19 10:25 snap.rootfs_LqTJvt
drwx------ 2 root root 4096 May 19 10:40 snap.rootfs_Pfd36j
drwx------ 2 root root 4096 May 19 10:35 snap.rootfs_QGPUKe
drwx------ 2 root root 4096 May 19 10:44 snap.rootfs_QZaClr
drwx------ 2 root root 4096 May 19 10:24 snap.rootfs_QZjfkv
drwx------ 2 root root 4096 May 19 10:25 snap.rootfs_Qdv2Cj
drwx------ 2 root root 4096 May 19 10:24 snap.rootfs_UyxaGE
drwx------ 2 root root 4096 May 19 10:24 snap.rootfs_WcgzpB
drwx------ 2 root root 4096 May 19 10:29 snap.rootfs_a6X4fm
drwx------ 2 root root 4096 May 19 10:24 snap.rootfs_cZVQlD
drwx------ 2 root root 4096 May 19 10:32 snap.rootfs_o1qFYW
drwx------ 2 root root 4096 May 19 11:46 snap.rootfs_ttB1w4
drwx------ 2 root root 4096 May 19 11:23 snap.rootfs_xoAXG6
~# sudo aa-status |grep snapd
/snap/
/snap/
/snap/
/snap/
/snap/
/snap/
/usr/
/usr/
# dmesg | grep DENIED
Returns no data *empty*
# snap debug confinement
strict
Other snap packages seem to be working but fresh install does not work for ssh-audit
https:/
The server is hardened to CIS Level 2 standard.
Anyone come across this before?
Hello.
It's surprising that there's nothing in dmesg, especially that there are routinely ignored denials that we have known about. Can you triple check that dmesg is really not showing any denials when running other snap applications?