More in context: In a classic Ubuntu (but inside a LXD container) I run: ubuntu@thorough-bear:~$ hello-world.sh
This gives me a bash inside a snap environment. There I run: bash-4.3$ mkfifo --help bash: /usr/bin/mkfifo: Permission denied If I run dmesg (outside the snap environment) it reports: [94156.909950] audit: type=1400 audit(1486206367.506:1768): apparmor="DENIED" operation="exec" namespace="root//lxd-thorough-bear_<var-lib-lxd>" profile="snap.hello-world.sh" name="/usr/bin/mkfifo" pid=7925 comm="bash" requested_mask="x" denied_mask="x" fsuid=101000 ouid=100000 [94156.910123] audit: type=1400 audit(1486206367.506:1769): apparmor="DENIED" operation="open" namespace="root//lxd-thorough-bear_<var-lib-lxd>" profile="snap.hello-world.sh" name="/usr/bin/mkfifo" pid=7925 comm="bash" requested_mask="r" denied_mask="r" fsuid=101000 ouid=100000 On Sat, Feb 4, 2017 at 12:02 PM, Luca Dionisi <luca.dion...@gmail.com> wrote: > Well, it seems that the problem is the userspace tool itself. > bash-4.3$ mkfifo --help > bash: /usr/bin/mkfifo: Permission denied > > On Sat, Feb 4, 2017 at 12:00 PM, Luca Dionisi <luca.dion...@gmail.com> wrote: >> On Sat, Feb 4, 2017 at 11:43 AM, Oliver Grawert <o...@ubuntu.com> wrote: >>> hi, >>> Am Freitag, den 03.02.2017, 21:04 +0100 schrieb Luca Dionisi: >>>> What is the best place to write (and read) a temporary FIFO file from >>>> a confined snap application? >>>> This is for simple IPC between 2 processes of the same snap. >>>> Before attempting to snap the application I was using a fixed >>>> filename >>>> in /tmp. Admittedly poor solution. >>>> The solution should be usable also with another packaging system. >>>> >>> well ... in case of snaps /tmp is a private directory that only your >>> snap can access so it is actually a good place for such stuff ... >> >> It's worse than that, Jim! >> >> Inside the snap environment I can write files and directories both in >> /tmp and in $XDG_RUNTIME_DIR. >> What I cannot do anywhere is create a FIFO. >> >> bash-4.3$ mkfifo a >> bash: /usr/bin/mkfifo: Permission denied >> >> What's the problem here? >> >> To be honest I should say that my tests have been conducted in LXD >> containers. I don't know if the situation holds true also in real >> machines. -- Snapcraft mailing list Snapcraft@lists.snapcraft.io Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/snapcraft
