Permission Denied and AppArmor Denial

Seth Arnold seth.arnold at
Tue Oct 27 03:10:21 UTC 2015

On Mon, Oct 26, 2015 at 09:46:59PM -0500, Ted Gould wrote:
> > Oct 26 23:48:11 localhost kernel: [  655.094769] audit: type=1400 
> > audit(1445903291.119:15): apparmor="DENIED" operation="getattr" 
> > info="Failed name lookup - disconnected path" error=-13 
> > profile="/usr/bin/ubuntu-core-launcher" name="dev/pts/0" pid=1001 
> > comm="ubuntu-core-lau" requested_mask="r" denied_mask="r" fsuid=1000 
> > ouid=1000

> Hard to say from just your email, if you could post the files somewhere
> that would be helpful. My guess would be that the shell script isn't
> marked as executable. You can change that before building the snap by
> using "chmod +x hello". You might also check that you put the hello
> script in the bin directory of the snap. Lastly I'd look at your #! to
> ensure that you're using an interpreter that is installed on the system.

I think instead the launcher isn't expecting the script to write anything
to the terminal that was used to spawn the thing. There's a few points
that are confusing, of course:

- why the comm is still the ubuntu-core-launcher process at that point
- why the /dev/pts/0 device isn't in the filesystem namespace when the
  error is generated
- why the permissions don't have the attach_disconnected flag to work
  around the above
- why is this the first report?

Anyway, I suspect the script and interpreter are all properly executable.
I just don't know what to concretely recommend instead.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: Digital signature
URL: <>

More information about the snappy-app-devel mailing list