FYI, if people need to workaround this to get real work done, you can add something like this to your bashrc:
snap_workaround() { fn="/var/lib/snapd/apparmor/snap-confine/lp1849753" test -e "$fn" && return
tmpfn=$(mktemp) cat > "$tmpfn" <<EOM # lp1849753 unix, owner /** rw, ptrace readby peer=unconfined, EOM echo "Moving workaround rules to '$fn'" sudo mv "$tmpfn" "$fn" echo "Reloading snap-confine policy" sudo apparmor_parser -r /etc/apparmor.d/*snap-confine* /var/lib/snapd/apparmor/profiles/snap-confine.* # another mysterious issue where sometimes all the policy isn't loaded (eg, with rustup) echo "Reloading all snap.* policy (work around missing profiles)" sudo apparmor_parser -r /var/lib/snapd/apparmor/profiles/snap.* sudo apparmor_parser -r /var/lib/snapd/apparmor/profiles/snap-update-ns.* }
FYI, if people need to workaround this to get real work done, you can add something like this to your bashrc:
snap_workaround() { "/var/lib/ snapd/apparmor/ snap-confine/ lp1849753"
fn=
test -e "$fn" && return
tmpfn=$(mktemp) d/*snap- confine* /var/lib/ snapd/apparmor/ profiles/ snap-confine. * snapd/apparmor/ profiles/ snap.* snapd/apparmor/ profiles/ snap-update- ns.*
cat > "$tmpfn" <<EOM
# lp1849753
unix,
owner /** rw,
ptrace readby peer=unconfined,
EOM
echo "Moving workaround rules to '$fn'"
sudo mv "$tmpfn" "$fn"
echo "Reloading snap-confine policy"
sudo apparmor_parser -r /etc/apparmor.
# another mysterious issue where sometimes all the policy isn't loaded (eg, with rustup)
echo "Reloading all snap.* policy (work around missing profiles)"
sudo apparmor_parser -r /var/lib/
sudo apparmor_parser -r /var/lib/
}