Robert, your comment "Enabling network access for all snaps just to make
them compatible with NFS don't seems to be a perfect solution from the
security perspective" is exactly right. It is not possible (currently)
to only allow networking for NFS. This may be possible at some point in
the future with fine-grained network mediation.
Based on your report, in the meantime, you can add this to
/etc/apparmor.d/abstractions/base which will apply to all snaps and for
snap-confine, to /etc/apparmor.d/usr.lib.snapd.snap-confine:
network inet,
network inet6,
Then reboot (this will trigger a profile recompile for everything). As
mentioned, this is unfortunate but the only workaround atm.
** Changed in: snapd (Ubuntu)
Status: Incomplete => Triaged
** Summary changed:
- snaps don't work with NFS home /home/u/user.name
+ snaps don't work with NFS home
** Changed in: snapd (Ubuntu)
Importance: Undecided => Medium
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1662552
Title:
snaps don't work with NFS home
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1662552/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
