© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
> So, I feel snapd tracker should somewhat be able to track that an app
> changed its cgroup and move it back to what it belongs, but as discussed
> in https:/
> telling us that right now.
There is no "snapd tracker". It's the "snap run" code that moves itself to a new cgroup before setting up the sandbox, dropping privileges, and executing the confined application. At that point, it has no permission to talk to systemd.
It's basically working like "systemd-run --scope" would: it sets up the environment appropriately and then lets the app take over.