Noisy NetworkManager AppArmor denials
Bug #1980119 reported by
Miguel Pires
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
snapd |
Confirmed
|
Low
|
Alfonso Sanchez-Beato |
Bug Description
A user has reported an issue where their snap interacts with network-manager via the dbus API and, despite everything functioning correctly, the log is full of AppArmor denials like:
Jun 23 11:50:00 <redacted> audit[1060]: AVC apparmor="DENIED" operation="ptrace" profile=
I redacted the hostname and the user's snap name. This issue is very similar to this report https:/
Changed in snapd: | |
assignee: | nobody → Alfonso Sanchez-Beato (alfonsosanchezbeato) |
importance: | Undecided → Low |
status: | New → Confirmed |
To post a comment you must log in.
We currently have in the network-manager interface
deny ptrace (trace) peer=## #PLUG_SECURITY_ TAGS### ,
maybe it should be
deny ptrace (trace,read) peer=## #PLUG_SECURITY_ TAGS### ,
I've created https:/ /github. com/snapcore/ snapd/pull/ 12546 to test this hypothesis.