nvidia-xdriver-xxxx

Dan Ryan Tue, 11 Feb 2020 12:06:27 -0800

Public bug reported:

As of yesterday, launching gui-enabled snaps reliably triggers apparmor
denials communicating with nvidia drivers.



$ lsb_release -a
Distributor ID: Ubuntu
Description:    Ubuntu Focal Fossa (development branch)
Release:        20.04
Codename:       focal

$ snap version
snap    2.43.2
snapd   2.43.2
series  16
ubuntu  20.04
kernel  5.4.0-12-generic

The denials look like the following:

Feb 11 02:27:47 utumno audit[855860]: AVC apparmor="DENIED" operation="sendmsg" 
profile="snap.simplenote.simplenote" pid=855860 comm="simplenote" family="unix" 
sock_type="dgram" protocol=0 requested_mask="send" denied_mask="send" addr=none 
peer_addr="@7661722F72756E2F6E76696469612D786472697665722D66383137376439660000000000000000000000000000000000000000000000000000000000000000"
 peer="unconfined"
Feb 11 02:27:47 utumno audit[855860]: AVC apparmor="DENIED" operation="sendmsg" 
profile="snap.simplenote.simplenote" name="/run/nvidia-xdriver-f8177d9f" 
pid=855860 comm="simplenote" requested_mask="w" denied_mask="w" fsuid=1000 
ouid=0
Feb 11 02:27:47 utumno kernel: audit: type=1400 audit(1581406067.880:2542): 
apparmor="DENIED" operation="sendmsg" profile="snap.simplenote.simplenote" 
pid=855860 comm="simplenote" family="unix" sock_type="dgram" protocol=0 
requested_mask="send" denied_mask="send" addr=none 
peer_addr="@7661722F72756E2F6E76696469612D786472697665722D66383137376439660000000000000000000000000000000000000000000000000000000000000000"
 peer="unconfined"
Feb 11 02:27:47 utumno kernel: audit: type=1400 audit(1581406067.880:2543): 
apparmor="DENIED" operation="sendmsg" profile="snap.simplenote.simplenote" 
name="/run/nvidia-xdriver-f8177d9f" pid=855860 comm="simplenote" 
requested_mask="w" denied_mask="w" fsuid=1000 ouid=0
Feb 10 19:31:58 utumno audit[484729]: AVC apparmor="DENIED" operation="sendmsg" 
profile="snap.pomotroid.pomotroid" pid=484729 comm="pomotroid" family="unix" 
sock_type="dgram" protocol=0 requested_mask="send" denied_mask="send" addr=none 
peer_addr="@7661722F72756E2F6E76696469612D786472697665722D66383137376439660000000000000000000000000000000000000000000000000000000000000000"
 peer="unconfined"
Feb 10 19:31:58 utumno audit[484729]: AVC apparmor="DENIED" operation="sendmsg" 
profile="snap.pomotroid.pomotroid" name="/run/nvidia-xdriver-f8177d9f" 
pid=484729 comm="pomotroid" requested_mask="w" denied_mask="w" fsuid=1000 ouid=0
Feb 10 19:31:58 utumno kernel: audit: type=1400 audit(1581381118.124:340): 
apparmor="DENIED" operation="sendmsg" profile="snap.pomotroid.pomotroid" 
pid=484729 comm="pomotroid" family="unix" sock_type="dgram" protocol=0 
requested_mask="send" denied_mask="send" addr=none 
peer_addr="@7661722F72756E2F6E76696469612D786472697665722D66383137376439660000000000000000000000000000000000000000000000000000000000000000"
 peer="unconfined"
Feb 10 19:31:58 utumno kernel: audit: type=1400 audit(1581381118.124:341): 
apparmor="DENIED" operation="sendmsg" profile="snap.pomotroid.pomotroid" 
name="/run/nvidia-xdriver-f8177d9f" pid=484729 comm="pomotroid" 
requested_mask="w" denied_mask="w" fsuid=1000 ouid=0
Feb 11 13:08:13 utumno audit[1447768]: AVC apparmor="DENIED" 
operation="sendmsg" profile="snap.pomotroid.pomotroid" pid=1447768 
comm="pomotroid" family="unix" sock_type="dgram" protocol=0 
requested_mask="send" denied_mask="send" addr=none 
peer_addr="@7661722F72756E2F6E76696469612D786472697665722D66383137376439660000000000000000000000000000000000000000000000000000000000000000"
 peer="unconfined"
Feb 11 13:08:13 utumno kernel: audit: type=1400 audit(1581444493.290:9448): 
apparmor="DENIED" operation="sendmsg" profile="snap.pomotroid.pomotroid" 
pid=1447768 comm="pomotroid" family="unix" sock_type="dgram" protocol=0 
requested_mask="send" denied_mask="send" addr=none 
peer_addr="@7661722F72756E2F6E76696469612D786472697665722D66383137376439660000000000000000000000000000000000000000000000000000000000000000"
 peer="unconfined"
Feb 11 13:08:13 utumno kernel: audit: type=1400 audit(1581444493.290:9449): 
apparmor="DENIED" operation="sendmsg" profile="snap.pomotroid.pomotroid" 
name="/run/nvidia-xdriver-f8177d9f" pid=1447768 comm="pomotroid" 
requested_mask="w" denied_mask="w" fsuid=1000 ouid=0
Feb 11 13:08:13 utumno audit[1447768]: AVC apparmor="DENIED" 
operation="sendmsg" profile="snap.pomotroid.pomotroid" 
name="/run/nvidia-xdriver-f8177d9f" pid=1447768 comm="pomotroid" 
requested_mask="w" denied_mask="w" fsuid=1000 ouid=0
Feb 11 13:59:41 utumno audit[1505247]: AVC apparmor="DENIED" 
operation="sendmsg" profile="snap.pomotroid.pomotroid" pid=1505247 
comm="pomotroid" family="unix" sock_type="dgram" protocol=0 
requested_mask="send" denied_mask="send" addr=none 
peer_addr="@7661722F72756E2F6E76696469612D786472697665722D66383137376439660000000000000000000000000000000000000000000000000000000000000000"
 peer="unconfined"
Feb 11 13:59:41 utumno audit[1505247]: AVC apparmor="DENIED" 
operation="sendmsg" profile="snap.pomotroid.pomotroid" 
name="/run/nvidia-xdriver-f8177d9f" pid=1505247 comm="pomotroid" 
requested_mask="w" denied_mask="w" fsuid=1000 ouid=0
Feb 11 13:59:41 utumno kernel: audit: type=1400 audit(1581447581.792:10272): 
apparmor="DENIED" operation="sendmsg" profile="snap.pomotroid.pomotroid" 
pid=1505247 comm="pomotroid" family="unix" sock_type="dgram" protocol=0 
requested_mask="send" denied_mask="send" addr=none 
peer_addr="@7661722F72756E2F6E76696469612D786472697665722D66383137376439660000000000000000000000000000000000000000000000000000000000000000"
 peer="unconfined"
Feb 11 13:59:41 utumno kernel: audit: type=1400 audit(1581447581.792:10273): 
apparmor="DENIED" operation="sendmsg" profile="snap.pomotroid.pomotroid" 
name="/run/nvidia-xdriver-f8177d9f" pid=1505247 comm="pomotroid" 
requested_mask="w" denied_mask="w" fsuid=1000 ouid=0

** Affects: snapd
     Importance: Medium
         Status: Triaged

** Affects: snapd (Ubuntu)
     Importance: Medium
         Status: Triaged

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1862832

Title:
  Latest snapd triggers apparmor denials on 'sendmsg' name=/run/nvidia-
  xdriver-xxxx

To manage notifications about this bug go to:
https://bugs.launchpad.net/snapd/+bug/1862832/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1862832] [NEW] Latest snapd triggers apparmor denials on 'sendmsg' name=/run/nvidia-xdriver-xxxx

Reply via email to