snapd and semaphores
Jamie Strandboge
jamie at canonical.com
Tue Jan 3 19:21:05 UTC 2017
On Mon, 2017-01-02 at 16:34 +0100, Olivier Tilloy wrote:
> Hi everyone, and happy new year!
>
> I’m snapping an app that makes use of semaphores¹ and seeing an
> apparmor denial. The glibc implementation of sem_open calls
> SHM_GET_NAME(EINVAL,SEM_FAILED,SEM_SHM_PREFIX) where SEM_SHM_PREFIX is
> "sem.", so it tries to create /dev/shm/sem.{name}, which fails because
> snapd only allows /dev/shm/snap.@{SNAP_NAME}.**.
> At a quick glance, there’s no mechanism (e.g. env var) to customize
> the prefix ("sem.").
> Is this an issue others have run into? Is there a recommended solution?
>
> Thanks in advance!
>
Reading sem_overview, it seems that we should also allow:
'/dev/shm/sem.snap.@{SNAP_NAME}.*'. In this manner, we namespace /dev/shm/sem.*
by snap name just like we do other parts of the OS. Please file a bug and we'll
get this fixed.
Thanks!
--
Jamie Strandboge | http://www.canonical.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/snapcraft/attachments/20170103/084fa4c3/attachment.sig>
More information about the Snapcraft
mailing list