Interesting, thank you for the feedback. So we have snapd that is not re-executing (snap 2.37.1.1+18.04) and using snap-confine from the distribution (denials have profile="/usr/lib/snapd/snap-confine") that somehow doesn't allow snap- confine to operate:
Feb 06 11:39:56 cnb012 kernel: audit: type=1400 audit(1549449596.241:315): apparmor="DENIED" operation="ptrace" profile="/usr/lib/snapd/snap-confine" pid=14442 comm="snap-confine" requested_mask="trace" denied_mask="trace" peer="unconfined" Feb 06 12:24:24 cnb012 audit[25395]: AVC apparmor="DENIED" operation="capable" profile="/usr/lib/snapd/snap-confine" pid=25395 comm="snap-confine" capability=19 capname="sys_ptrace" Dear reporters, can you please check how many files you have in /etc/apparmor.d/ that match *snap-confine*? My hunch: there are more than one, the old one is loaded after the new one. Here by old and new I mean past releases vs current release. Perhaps we renamed a conf-file and now pay the price? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1814141 Title: fail to run any snap after snapd refresh, reinstalling snapd from the archive is a temporary fix To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1814141/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs