skype snap does not work when home directory is not located in /home
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
snapd (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
Hi
similar to this bug around libreoffice (https:/
cannot create user data directory: /data/home/
despite the directory being writeable.
It would really be advisable to make apparmor specific errors, else end-users will never determine where the error comes from.
The error is here:
Mar 23 22:35:08 breeze kernel: [6580445.024083] audit: type=1400 audit(152184090
I tried to remove the problem like this:
sudo apparmor_parser -R /etc/apparmor.
Which gives a new issue
$ skype
snap-confine has elevated permissions and is not confined but should be. Refusing to continue to avoid permission escalation attacks
ProblemType: Bug
DistroRelease: Ubuntu 17.10
Package: apparmor 2.11.0-2ubuntu17
ProcVersionSign
Uname: Linux 4.10.0-42-generic x86_64
ApportVersion: 2.20.7-0ubuntu3.7
Architecture: amd64
CurrentDesktop: XFCE
Date: Fri Mar 23 22:38:16 2018
InstallationDate: Installed on 2017-09-20 (184 days ago)
InstallationMedia: Xubuntu 17.04 "Zesty Zapus" - Release amd64 (20170412)
JournalErrors:
Error: command ['journalctl', '-b', '--priority=
Users in the 'systemd-journal' group can see all messages. Pass -q to
turn off this notice.
No journal files were opened due to insufficient permissions.
ProcKernelCmdline: BOOT_IMAGE=
SourcePackage: apparmor
UpgradeStatus: Upgraded to artful on 2018-01-31 (50 days ago)
Just as a quick info - to get things working with non-default home directory locations, edit /etc/apparmor. d/tunables/ home (or add a file to /etc/apparmor. d/tunables/ home.d/ ) and add your custom path ("/data/home/") to the @{HOMEDIRS} variable.
I'm not sure why read access to /data/ was requested (do you have something besides the home directory in /data/ that could be needed by snap or skype?) and if it is really needed, therefore I'd recommend to re-check if this denial still happens after adjusting @{HOMEDIRS}.