Snap policy module denies recording access to classic snaps
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
pulseaudio (Ubuntu) |
Fix Released
|
High
|
James Henstridge |
Bug Description
With the recent updates to the snap policy module, recording access is denied to clients with a snap AppArmor label when that snap doesn't have a connected plug for "pulseaudio" or "audio-record".
This is not appropriate for classic confinement snaps, which will have an AppArmor label but should still have access to recording even when there is no plug, as described by @jdstrand:
https:/
This is broken with the 1:12.2-0ubuntu2 release, as can be seen with e.g.:
$ aa-exec -p snap.skype.skype /usr/bin/parecord foo.wav
Stream error: Access denied
[note that the Skype app itself still functions because it bypasses PulseAudio all together]
The above command should result in audio being recorded from the microphone.
Related branches
- Ubuntu Audio Development Team: Pending requested
-
Diff: 163 lines (+62/-19)2 files modifieddebian/changelog (+6/-1)
debian/patches/0700-modules-add-snappy-policy-module.patch (+56/-18)
tags: | added: patch |
Here is a debdiff based on the attached branch.