Refreshing a snap using core18 to one using core16 confuses the snap apps

I've reproduced this issue.

It seems that there's something wrong with the base transition detector. Some correlated output:

Loopback devices:

/dev/loop0 0 0 0 1 /writable/system-data/var/lib/snapd/snaps/core_8594.snap
/dev/loop5 0 0 1 1 /var/lib/snapd/snaps/core_8594.snap
/dev/loop20 0 0 1 1 /var/lib/snapd/snaps/core18_1671.snap

Preserved (stale) mount namespace:

1974 1643 7:20 / / ro,nodev,relatime master:284 - squashfs /dev/loop20 ro
2067 2064 7:5 / /snap/core/8594 ro,nodev,relatime master:230 - squashfs /dev/loop5 ro

Diagnostic message during detection:

DEBUG: block device of snap core, revision 8594 is 7:5
DEBUG: preserved mount is not stale, reusing

So snap-confine was correctly looking for presence of 7:5 (corresponding to core) but failed to observe that in the mount namespace the root filesystem is 7:20 (corresponding to core18).

There is an integration test for this feature so it must be something more subtle.

It seems this was never implemented for UC16 systems. The comment in snap-confine ns-support.c reads:

        // TODO: enable this for core distributions. This is complex because on
        // core the rootfs is mounted in initrd and is _not_ changed (no
        // pivot_root) and the base snap is again mounted (2nd time) by
        // systemd. This makes us end up in a situation where the outer base
        // snap will never match the rootfs inside the mount namespace.

The code is guarded with a check for "normal" mode (which is used everywhere except for UC16)

        if (inv->is_normal_mode
            && should_discard_current_ns(base_snap_dev)) {

I'll look at correcting this.

This is now fixed by the following pull request https://github.com/snapcore/snapd/pull/8093

This fix will be backported to 2.43.3

The snapd 2.43.3 release has been in the stable channel for a while. Marking as released.