Re: [Bug 1971491] Re: After reboot firefox refuses to run snap-confine has elevated permissions and is not confined but should be. Refusing to continue to avoid permission escalation attacks
Hi Maciej, Here are the results of aa-status glenn@LinuxBox:~$ sudo aa-status | grep snap-confine [sudo] password for glenn: /snap/snapd/15177/usr/lib/snapd/snap-confine /snap/snapd/15177/usr/lib/snapd/snap-confine//mount-namespace-capture-helper /snap/snapd/15534/usr/lib/snapd/snap-confine /snap/snapd/15534/usr/lib/snapd/snap-confine//mount-namespace-capture-helper /usr/lib/snapd/snap-confine /usr/lib/snapd/snap-confine//mount-namespace-capture-helper Thanks, --glenn On Tue, May 3, 2022 at 11:21 PM Maciej Borzecki <1971...@bugs.launchpad.net> wrote: > AFAIU this happens when appamor.service is disabled and does not start > during the boot or there is no apparmor profile for snap-confine. Can > you make sure that `systemctl show apparmor.service` shows that it's > enabled, and attach the output of `sudo aa-status |grep snap-confine` ? > > ** Changed in: snapd (Ubuntu) >Status: New => Incomplete > > -- > You received this bug notification because you are subscribed to the bug > report. > https://bugs.launchpad.net/bugs/1971491 > > Title: > After reboot firefox refuses to run snap-confine has elevated > permissions and is not confined but should be. Refusing to continue to > avoid permission escalation attacks > > Status in snapd package in Ubuntu: > Incomplete > > Bug description: > ubuntu 22.04 > > Snap packages will not run after a reboot stating the below. > > snap-confine has elevated permissions and is not confined but should > be. Refusing to continue to avoid permission escalation attacks > > Reinstalling snapd cures the problem. > > Thanks, > --glenn > > To manage notifications about this bug go to: > https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1971491/+subscriptions > > -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1971491 Title: After reboot firefox refuses to run snap-confine has elevated permissions and is not confined but should be. Refusing to continue to avoid permission escalation attacks To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1971491/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1971491] Re: After reboot firefox refuses to run snap-confine has elevated permissions and is not confined but should be. Refusing to continue to avoid permission escalation attacks
AFAIU this happens when appamor.service is disabled and does not start during the boot or there is no apparmor profile for snap-confine. Can you make sure that `systemctl show apparmor.service` shows that it's enabled, and attach the output of `sudo aa-status |grep snap-confine` ? ** Changed in: snapd (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1971491 Title: After reboot firefox refuses to run snap-confine has elevated permissions and is not confined but should be. Refusing to continue to avoid permission escalation attacks To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1971491/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1971491] Re: After reboot firefox refuses to run snap-confine has elevated permissions and is not confined but should be. Refusing to continue to avoid permission escalation attacks
snap2.55.3+22.04ubuntu1 snapd 2.55.3+22.04ubuntu1 series 16 ubuntu 22.04 kernel 5.15.0-27-generic -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1971491 Title: After reboot firefox refuses to run snap-confine has elevated permissions and is not confined but should be. Refusing to continue to avoid permission escalation attacks To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1971491/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1971491] Re: After reboot firefox refuses to run snap-confine has elevated permissions and is not confined but should be. Refusing to continue to avoid permission escalation attacks
20.04 LTS -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1971491 Title: After reboot firefox refuses to run snap-confine has elevated permissions and is not confined but should be. Refusing to continue to avoid permission escalation attacks To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1971491/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs