Recent changes and apparmor policy loads

Jamie Strandboge jamie at
Tue Apr 12 21:42:52 UTC 2016


Recent snapd changes broke apparmor profile loading:

 * - the apparmor systemd unit
   is looking in the wrong place for policy and doesn't load it on boot any 
   more. This was caused by the recent path renames. Tyler Hicks is preparing 
   an apparmor upload for this.
 * - snapd no longer detects 
   apparmor changes on upgrade. This was caused by the removal of a check. I'm
   not sure if interfaces is intended to handle this, but I don't think they
   will properly in their current form and I'm not sure how they could handle
   parser changes

The first should've been caught in an integration test (install a snap,
determine the loaded profiles, reboot, see if they loaded).

Jamie Strandboge             |

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part
URL: <>

More information about the snappy-devel mailing list