snapd and semaphores

Jamie Strandboge jamie at
Tue Jan 3 19:21:05 UTC 2017

On Mon, 2017-01-02 at 16:34 +0100, Olivier Tilloy wrote:
> Hi everyone, and happy new year!
> I’m snapping an app that makes use of semaphores¹ and seeing an
> apparmor denial. The glibc implementation of sem_open calls
> "sem.", so it tries to create /dev/shm/sem.{name}, which fails because
> snapd only allows /dev/shm/snap.@{SNAP_NAME}.**.
> At a quick glance, there’s no mechanism (e.g. env var) to customize
> the prefix ("sem.").
> Is this an issue others have run into? Is there a recommended solution?
> Thanks in advance!

Reading sem_overview, it seems that we should also allow:
'/dev/shm/sem.snap.@{SNAP_NAME}.*'. In this manner, we namespace /dev/shm/sem.*
by snap name just like we do other parts of the OS. Please file a bug and we'll
get this fixed.


Jamie Strandboge             |

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part
URL: <>

More information about the Snapcraft mailing list