Activity log for bug #1572463

Date Who What changed Old value New value Message
2016-04-20 09:20:55 Michael Vogt bug added bug
2016-04-20 09:24:25 Michael Vogt description When the same snap is sideloaded two times the security profile stops working: ``` $ sudo snap install youtube-dl_2016.03.27_amd64.snap [\] Setup snap "youtube-dl" security profiles $ youtube-dl.run WARNING: Assuming --restrict-filenames since file system encoding cannot encode all characters. Set the LC_ALL environment variable to fix this. Usage: youtube-dl [OPTIONS] URL [URL...] youtube-dl: error: You must provide at least one URL. Type youtube-dl --help to see a list of all options. $ sudo snap install youtube-dl_2016.03.27_amd64.snap [-] Copy snap "youtube-dl" data $ youtube-dl.run /bin/sh: 0: Can't open /snap/youtube-dl/100002/command-run.wrapper $ dmesg|tail -n1 [13348.347319] audit: type=1400 audit(1461143833.011:132): apparmor="DENIED" operation="open" profile="snap.youtube-dl.run" name="/snap/youtube-dl/100002/command-run.wrapper" pid=28849 comm="command-run.wra" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 $ grep SNAP_REVISION}= /var/lib/snapd/apparmor/profiles/snap.youtube-dl.run @{SNAP_REVISION}="100001" ``` When the same snap is sideloaded two times the security profile stops working: ``` $ sudo snap install youtube-dl_2016.03.27_amd64.snap [\] Setup snap "youtube-dl" security profiles $ youtube-dl.run WARNING: Assuming --restrict-filenames since file system encoding cannot encode all characters. Set the LC_ALL environment variable to fix this. Usage: youtube-dl [OPTIONS] URL [URL...] youtube-dl: error: You must provide at least one URL. Type youtube-dl --help to see a list of all options. $ sudo snap install youtube-dl_2016.03.27_amd64.snap [-] Copy snap "youtube-dl" data $ youtube-dl.run /bin/sh: 0: Can't open /snap/youtube-dl/100002/command-run.wrapper $ dmesg|tail -n1 [13348.347319] audit: type=1400 audit(1461143833.011:132): apparmor="DENIED" operation="open" profile="snap.youtube-dl.run" name="/snap/youtube-dl/100002/command-run.wrapper" pid=28849 comm="command-run.wra" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 $ grep SNAP_REVISION}= /var/lib/snapd/apparmor/profiles/snap.youtube-dl.run @{SNAP_REVISION}="100001" ``` $ snap changes|grep sideload 6 Done 2016-04-20T09:17:02Z 2016-04-20T09:17:03Z Install "/tmp/snapd-sideload-pkg-620395148" snap file 7 Done 2016-04-20T09:17:10Z 2016-04-20T09:17:11Z Install "/tmp/snapd-sideload-pkg-340731359" snap file
2016-04-20 09:34:10 Zygmunt Krynicki summary Installing a new two times leaves it with no security profiles Installing a new two times leaves it with profiles referring to older revision
2016-04-20 10:02:08 Zygmunt Krynicki summary Installing a new two times leaves it with profiles referring to older revision setup-profile configures security based on snap.Info from DisconnectSnap, which still sees older revision
2016-04-20 10:07:57 Zygmunt Krynicki snapd (Ubuntu): status New In Progress
2016-04-20 10:07:59 Zygmunt Krynicki snapd (Ubuntu): importance Undecided High
2016-04-20 10:08:01 Zygmunt Krynicki snapd (Ubuntu): assignee Zygmunt Krynicki (zyga)
2016-04-20 10:25:24 Michael Vogt nominated for series Ubuntu Xenial
2016-04-20 10:25:24 Michael Vogt bug task added snapd (Ubuntu Xenial)
2016-04-20 10:57:05 Zygmunt Krynicki bug task added snappy
2016-04-26 16:09:00 Michael Vogt snappy: milestone sru-1
2016-04-26 16:09:02 Michael Vogt snappy: status New Triaged
2016-04-26 16:09:04 Michael Vogt snappy: importance Undecided High
2016-04-26 20:44:43 Zygmunt Krynicki snappy: status Triaged Fix Committed
2016-04-26 20:44:51 Zygmunt Krynicki snappy: assignee Zygmunt Krynicki (zyga)
2016-04-29 09:18:27 Michael Vogt snapd (Ubuntu): status In Progress Fix Committed
2016-04-29 09:18:29 Michael Vogt snapd (Ubuntu Xenial): status In Progress Fix Committed
2016-05-09 21:32:17 Adam Conrad bug added subscriber Ubuntu Stable Release Updates Team
2016-05-09 21:32:19 Adam Conrad bug added subscriber SRU Verification
2016-05-09 21:32:30 Adam Conrad tags verification-needed
2016-05-12 15:56:10 John Lenton tags verification-needed verification-done
2016-05-12 19:03:03 Launchpad Janitor snapd (Ubuntu Xenial): status Fix Committed Fix Released
2016-05-12 19:03:28 Steve Langasek removed subscriber Ubuntu Stable Release Updates Team
2016-07-27 08:02:00 Launchpad Janitor snapd (Ubuntu): status Fix Committed Fix Released
2016-11-29 14:23:28 Michael Vogt snappy: status Fix Committed Fix Released