Worth noting that the process does call chown based on strace output:
bind(7, {sa_family=AF_UNIX, sun_path="/var/snap/snap-store-proxy/78/snapproxy/snapproxy.sock"}, 56) = 0 chown("/var/snap/snap-store-proxy/78/snapproxy/snapproxy.sock", 0, 0) = -1 EPERM (Operation not permitted)
I can't easily tell if in the working case, apparmor just allows that call or if the process is somehow not issuing the chown call, but that's certainly a bit odd.
Worth noting that the process does call chown based on strace output:
bind(7, {sa_family=AF_UNIX, sun_path= "/var/snap/ snap-store- proxy/78/ snapproxy/ snapproxy. sock"}, 56) = 0 /var/snap/ snap-store- proxy/78/ snapproxy/ snapproxy. sock", 0, 0) = -1 EPERM (Operation not permitted)
chown("
I can't easily tell if in the working case, apparmor just allows that call or if the process is somehow not issuing the chown call, but that's certainly a bit odd.