Snappy

snapd system-observe interface is missing rules to allow memory usage analysis

Bug #1644810 reported by Martin Wimpress 
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Snappy
Fix Released
Medium
Unassigned

Bug Description

Last night I created a snap for ps_mem [1] a memory usage analyser I often use. It runs in devmode but when confined the `system-observe` interface is missing rules that allow deeper memory usage analysis, for example ps_mem wants read access to:

 - /sys/kernel/osrelease
 - /proc/<pid>/smaps
 - /proc/<pid>/cmdline
 - /proc/<pid>/exe
 - /proc/meminfo

I'll prepare a pull request.

[1] - https://github.com/pixelb/ps_mem

Zygmunt Krynicki (zyga)
Changed in snappy:
status: New → Triaged
Revision history for this message
Michael Vogt (mvo) wrote :

https://github.com/snapcore/snapd/pull/2365

Changed in snappy:
importance: Undecided → Critical
importance: Critical → Medium
Revision history for this message
Michael Vogt (mvo) wrote :

I added the missing bits to system-observer in the linked branch. Note that it appears to be /*proc*/sys/kernel/osrelease (instead of just /sys/kernel/osrelease)

Revision history for this message
Martin Wimpress  (flexiondotorg) wrote :

@mvo Thanks for submitting the pull request. However, I don't see `/proc/<pid>/cmdline` in there?

Revision history for this message
Martin Wimpress  (flexiondotorg) wrote :

Oh, actually, yes I do. Pre-existing. Sorry for the noise.

Michael Vogt (mvo)
Changed in snappy:
status: Triaged → Fix Committed
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

2.20 fixes this issue.

Changed in snappy:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.