[COUCHDB-3226] Build under snap container is denied access to /bindf - ASF JIRA

Details

Type: Bug
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: None
Fix Version/s: None
Component/s: Build System
Labels:
None

Description

dmesg is logging "audit: type=1400 audit(1478517224.548:198): apparmor="DENIED" operation="exec" profile="snap.couchdb.couchdb" name="/bin/df" pid=16227 comm="sh" requested_mask="x" denied_mask="x" fsuid=0 ouid=0"

Activity

Ascending order - Click to sort in descending order

Hide

Permalink

Michael Hall added a comment - 03/Dec/16 14:44

This should be fixed in snapd 2.18, if using the mount-observe plug the application will be allowed to call df

Show

Michael Hall added a comment - 03/Dec/16 14:44 This should be fixed in snapd 2.18, if using the mount-observe plug the application will be allowed to call df

Hide

Permalink

Michael Hall added a comment - 05/Dec/16 17:52

I've added the mount-observe interface to the snapcraft.yaml generated by the configure script

https://github.com/apache/couchdb/pull/446

Show

Michael Hall added a comment - 05/Dec/16 17:52 I've added the mount-observe interface to the snapcraft.yaml generated by the configure script https://github.com/apache/couchdb/pull/446

People

Assignee:

Unassigned

Reporter:

Simon C Klassen

Votes:

0 Vote for this issue

Watchers:

2 Start watching this issue

Dates

Created:

07/Nov/16 12:52

Updated:

05/Dec/16 17:52

Development

Agile

View on Board