Thank you for reporting a bug. A few things: - unconfined apps should be able to read /dev/random-- it should be: $ ls -l /dev/urandom crw-rw-rw- 1 root root 1, 9 May 8 17:55 /dev/urandom - confined apps should have read permissions on /dev/urandom. It is allowed by the apparmor policy and added to the devices cgroup via the launcher. - the getrandom() syscall is not recognized by libseccomp so it will be denied by default. This is in the process of being fixed and is bug #1450642
It is unclear why you believe the app doesn't have read access to the device? Is this a confined app (ie, installed via a snap)? An elf executable you copied over to your device? Something else? ** Package changed: ubuntu => snappy-ubuntu ** Changed in: snappy-ubuntu Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1452402 Title: getrandom() stucks when process has no read permission on /dev/urandom To manage notifications about this bug go to: https://bugs.launchpad.net/snappy-ubuntu/+bug/1452402/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs