Fonts issue (was: Re: App denied access to /lib and crashes)
Pawel Stolowski
pawel.stolowski at canonical.com
Wed Jun 29 10:18:57 UTC 2016
Hi,
On 28.06.2016 15:21, Jamie Strandboge wrote:
> On Tue, 2016-06-28 at 10:44 +0200, Pawel Stolowski wrote:
>> Hi,
>>
>> I've been trying to create a snap package for Scid-vs-PC (and old-style
>> TCL/TK based app) but have only been able to get it working in devmode.
>> In the strict mode it crashes in libtk8.6.so and the segfault appears
>> right after a denied access to read "/lib", in dmesg which makes me
>> think that tcl/tk doesn't handle such (unexpected) scenario very well.
>>
>> When running in the devmode I get:
>> [ 4039.752903] audit: type=1400 audit(1467102032.459:56):
>> apparmor="ALLOWED" operation="open" profile="snap.scid-vs-pc.scidvspc"
>> name="/lib/" pid=18523 comm="tkscid" requested_mask="r" denied_mask="r"
>> fsuid=1000 ouid=0
>> (and the app runs fine).
>>
>> I suspect that just making "/lib" readable to my snap would make that
>> app happy, so a couple of questions:
>> - can I somehow expose "/lib" in read-only mode to my snap under
>> "strict" confinement?
>> - or can I somehow simulate the presence of "/lib" (and let it be empty)?
> Can you file a bug and add the 'snapd-interface' tag? For now you can workaround
> this in strict mode by adding to /var/lib/snapd/apparmor/profiles/snap.scid-vs-
> pc.scidvspc:
>
> /lib/ r, # trailing '/' is important
>
> then do:
> $ sudo apparmor_parser -r /var/lib/snapd/apparmor/profiles/snap.scid-vs-
> pc.scidvspc
>
> Then try again. Depending on what the program does, you might have to add
> '/usr/lib/', '/usr/local/lib/', etc. Please report all the accesses needed in
> the bug and I can get this fixed up.
Ok, here you go: https://bugs.launchpad.net/snappy/+bug/1597259. I've
only seen it with /lib so far.
Now, it seems the real problem is not with /lib access, but it's
font-related...
After succesfully running the app in devmode yesterday, this morning
after booting my PC it doesn't work anymore :O, looks like I was just
lucky yesterday and the app is unstable due to a problem with fonts.
I managed to run it with gdb inside the container and got this
stacktrace on crash:
#0 0x00007ffff759ee53 in TkpGetFontFamilies () from
/snap/scid-vs-pc/x2/lib/libtk8.6.so
#1 0x00007ffff74f3dc5 in Tk_FontObjCmd () from
/snap/scid-vs-pc/x2/lib/libtk8.6.so
#2 0x00007ffff7848e07 in TclNRRunCallbacks () from
/snap/scid-vs-pc/x2/lib/libtcl8.6.so
#3 0x00007ffff784ae75 in TclEvalEx () from
/snap/scid-vs-pc/x2/lib/libtcl8.6.so
#4 0x00007ffff7902908 in Tcl_FSEvalFileEx () from
/snap/scid-vs-pc/x2/lib/libtcl8.6.so
#5 0x00007ffff74fca9e in Tk_MainEx () from
/snap/scid-vs-pc/x2/lib/libtk8.6.so
#6 0x00000000004045aa in main ()
I'm trying to guess what font-related stuff may be missing. I've the
following packages installed via stage-packages:
- ttf-ubuntu-font-family
- xfonts-base
- xfonts-scalable
- fontconfig-config
Any idea what else to try?
Thanks,
Pawel
More information about the Snapcraft
mailing list