Permission Denied and AppArmor Denial

Jamie Strandboge jamie at
Tue Oct 27 13:22:18 UTC 2015

On 10/26/2015 07:32 PM, robert_joslyn at wrote:
> I'm trying to get a simple hello world snap working, but I'm getting a 
> permission denied error when trying to run the program.
> (amd64)ubuntu at localhost:~$ hello.hello
> execv failed: Permission denied
> It seems that AppArmor is blocking this, as this message appears in the 
> kernel log:
> Oct 26 23:48:11 localhost kernel: [  655.094769] audit: type=1400 
> audit(1445903291.119:15): apparmor="DENIED" operation="getattr" 
> info="Failed name lookup - disconnected path" error=-13 
> profile="/usr/bin/ubuntu-core-launcher" name="dev/pts/0" pid=1001 
> comm="ubuntu-core-lau" requested_mask="r" denied_mask="r" fsuid=1000 
> ouid=1000
> My package.yaml is:
> name: hello
> version: 0.0.1
> vendor: none
> binaries:
>  - name: bin/hello
> The hello binary is simply a shell script that prints hello world. I'm 
> creating the snap with snappy build, but making it with snapcraft results 
> in the same error (except it triggers on the wrapper). I've also tried 
> setting security-template to unconfined, but still get the same error. Any 
> thoughts as to what I'm doing wrong here? 
Like Seth said, the apparmor denial doesn't have anything to do with your
program-- it is a problem with the launcher's profile. This was fixed in LP:
#1471862, but it appears the change was dropped. I'll catch up with the snappy
core team and see what happened and get that fixed.

Jamie Strandboge       

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the snappy-app-devel mailing list