After reboot, snap-confine has elevated permissions and is not confined but should be
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
snapd (Ubuntu) |
Invalid
|
Undecided
|
Zygmunt Krynicki |
Bug Description
I have installed eclipse, using
snap install eclipse --classic
After a reboot, eclipse now has this error:
$ eclipse
snap-confine has elevated permissions and is not confined but should be. Refusing to continue to avoid permission escalation attacks
There is a work-around, but it's quite ugly:
sudo apt purge snapd snap-confine && sudo apt install -y snapd
snap install eclipse --classic
ProblemType: Bug
DistroRelease: Ubuntu 18.10
Package: snapd 2.35.5+18.10
ProcVersionSign
Uname: Linux 4.18.0-10-generic x86_64
NonfreeKernelMo
ApportVersion: 2.20.10-0ubuntu13
Architecture: amd64
CurrentDesktop: XFCE
Date: Wed Nov 14 17:47:20 2018
EcryptfsInUse: Yes
InstallationDate: Installed on 2015-05-18 (1276 days ago)
InstallationMedia: Ubuntu 15.04 "Vivid Vervet" - Release amd64 (20150422)
SourcePackage: snapd
UpgradeStatus: Upgraded to cosmic on 2018-11-01 (13 days ago)
Thank you for reporting this bug.
FYI, the workaround need not be so drastic. You should be able to simply:
$ sudo apparmor_parser -r /etc/apparmor. d/*snap- confine*