Comment 36 for bug 2011806

We've been seeing reports of problems launching snap applications on the Ubuntu 23.04 development release that seem to relate to this race condition. At first we thought it was only a gnome-shell problem, but some KDE users also encountered the problem and I discovered the same racy behaviour in kio. The Ubuntu bug is being tracked here:

https://bugs.launchpad.net/bugs/2011806

The race causes problems for snap applications because it uses cgroups as part of its sandboxing to control device access. The "snap run" launcher moves itself to a new cgroup via systemd's StartTransientUnit call, with some later code setting up the sandbox performing a sanity check to make sure the process is in the expected cgroup. If kio issues its own StartTransientUnit call after "snap run"'s one, the sanity check can fail with an error like:

/user.slice/user-1000.slice/user@1000.service/app.slice/app-slack_slack-4ff6abb389164e52b614e40762b46557.scope is not a snap cgroup

To remove the race, the child process would need to be moved to the new cgroup before the application process is started via exec(). It's also not enough to wait for the StartTransientUnit D-Bus call to complete: you need to wait for the corresponding JobRemoved signal.

If it is of interest, here's the upstream GNOME bug report I filed (different code, but implementing the same race condition):

https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/6565