I made an unfortunate typo in the following sentence found in comment #4: This explains the AppArmor denial from comment #3 containing "fsuid=296608 ouid=0". The setuid-container-root snap-confine task is correctly running as fsuid 296608 (container_ns root) but the mountinfo inode is correctly assigned uid 0 (init_ns root).
It should have read: This explains the AppArmor denial from comment #3 containing "fsuid=296608 ouid=0". The setuid-container-root snap-confine task is correctly running as fsuid 296608 (container_ns root) but the mountinfo inode is *incorrectly* assigned uid 0 (init_ns root). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1630789 Title: normal users can't run snaps inside of LXD containers To manage notifications about this bug go to: https://bugs.launchpad.net/snappy/+bug/1630789/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs