bind mounts related to content interface plugs remain stale on snap disconnect/connect or snap updates
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Snappy |
Fix Released
|
Undecided
|
Unassigned | ||
Bug Description
To reproduce:
snap install --edge test-snapd-
snap install --edge test-snapd-
snap disconnect test-snapd-
test-snapd-
"
Please run:
sudo snap connect content-
if you see an permission denied error
cat: /snap/test-
"
This is fine so far, as the plug is disconnected, but now try connecting the plug
snap connect test-snapd-
albaguirre@
Please run:
sudo snap connect content-
if you see an permission denied error
cat: /snap/test-
The same issue occurs when a snap updates to a new revision and the content plug is auto-connected. The bind mount will be stale and point to the old destination directory.
| Alberto Aguirre (albaguirre) wrote | #1 |
| Alberto Aguirre (albaguirre) wrote | #2 |
| Zygmunt Krynicki (zyga) wrote | #3 |
| Changed in snappy: | |
| status: | New → Fix Committed |
| Changed in snappy: | |
| status: | Fix Committed → Fix Released |
It looks like snap-confine has no way of checking that the fstab mnt entries generated by the snapd mount security backend have been changed or removed.
Probably easier to have snapd call snap-discard-ns on any content i/f connects/