© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
Thank you Oliver for looking at this today. In discussion with him we determined this is a kernel issue fixed in newer kernels. The workaround is to upgrade to newer kernels. For example, the pi2-kernel in stable (r22, 4.4.0-1030-3) is broken and upgrading to beta (r30, 4.4.0-1051.52) fixes the issue. The pi2-kernel (I'm told) is used on both pi2 and pi3, so upgrading to that should resolve the issue. IMPORTANT: upgrading the kernels on pi2 and pi3 may not always work because there isn't yet an updated gadget snap for them. See https:/
Triage of issue:
- classic snap is in complain mode
- kernel logs:
audit: type=1400 audit(149397914
- classic snap's profile has a matching rule in its profile:
@{SNAP_
owner @{HOME}
- the kernel is logging an ALLOWED message indicates that it doesn't think
/var/
- the access is denied indicates there is bug with complain mode (the kernel should've
allowed it)
In recent months there were several fixes to the kernel surrounding complain mode, which is why booting into a new kernel will fix the issue. At the time the bug was originally filed, the dragonboard kernel wasn't updated yet, but the amd64, i386 and armhf with linux-bbb kernels all were. Because of the boot asset/gadget snap/kernel snap issues, the pi2/pi3 devices are all continuing to run the 'stable' channel kernel which has the bug. It is my understanding that the snappy team is now focusing on resolving the issues surrounding the boot asset/gadget snap/kernel snap so that they can get updated stable kernels.