Latest snap-confine seem break the lxd snap function. It used to work until recent update.
snap-confine 2.22.6 lxd 2.12-0ubuntu3~ubuntu16.04.1~ppa1 linux-image-4.4.0-72-generic 4.4.0-72.93 Apr 18 15:33:22 snapbox audit[15919]: AVC apparmor="DENIED" operation="file_inherit" namespace="root//lxd-devbox_<var-lib-lxd>" profile="/usr/lib/snapd/snap-confine" name="/dev/tty" pid=15919 comm="snap-confine" requested_mask="wr" denied_mask="wr" fsuid=265536 ouid=0 Apr 18 15:33:22 snapbox audit[15919]: SYSCALL arch=c000003e syscall=59 success=yes exit=0 a0=c820161b00 a1=c820194150 a2=c82008bb20 a3=0 items=2 ppid=15917 pid=15919 auid=4294967295 uid=265536 gid=265536 euid=265536 suid=265536 fsuid=265536 egid=265536 sgid=265536 fsgid=265536 tty=(none) ses=4294967295 comm="snap-confine" exe="/usr/lib/snapd/snap-confine" key=(null) Apr 18 15:33:22 snapbox audit: BPRM_FCAPS fver=0 fp=0000000000000000 fi=0000000000000000 fe=0 old_pp=0000003ffdfcffff old_pi=0000000000000000 old_pe=0000003ffdfcffff new_pp=0000003ffdfcffff new_pi=0000000000000000 new_pe=0000003ffdfcffff Apr 18 15:33:22 snapbox audit: EXECVE argc=4 a0="/usr/lib/snapd/snap-confine" a1="snap.hello-world.hello-world" a2="/usr/lib/snapd/snap-exec" a3="hello-world" Apr 18 15:33:22 snapbox audit: CWD cwd="/home/ubuntu" Apr 18 15:33:22 snapbox audit: PATH item=0 name="/usr/lib/snapd/snap-confine" inode=27527378 dev=08:02 mode=0104755 ouid=265536 ogid=265536 rdev=00:00 nametype=NORMAL Apr 18 15:33:22 snapbox audit: PATH item=1 name="/lib64/ld-linux-x86-64.so.2" inode=19678033 dev=08:02 mode=0100755 ouid=265536 ogid=265536 rdev=00:00 nametype=NORMAL -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1611078 Title: Support snaps inside of lxd containers Status in Snappy: Fix Released Status in apparmor package in Ubuntu: Fix Released Status in linux package in Ubuntu: Fix Released Status in lxd package in Ubuntu: Fix Released Status in apparmor source package in Xenial: Fix Released Status in linux source package in Xenial: Fix Released Status in lxd source package in Xenial: Fix Committed Status in apparmor source package in Yakkety: Fix Released Status in linux source package in Yakkety: Fix Released Status in lxd source package in Yakkety: Fix Released Bug description: I tried following the instructions on snapcraft.io and got a failure. See the output below. I've also attached the relevant output from running "journalctl -xe". uname: Linux 3.19.0-65-generic x86_64 release: Ubuntu 16.04 package: snapd 2.11+0.16.04 Notably, I'm running this in an LXD container (version: 2.0.0.rc9). --------------------- $ sudo snap install hello-world 64.75 MB / 64.75 MB [==========================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================] 100.00 % 2.85 MB/s error: cannot perform the following tasks: - Mount snap "ubuntu-core" (122) ([start snap-ubuntu\x2dcore-122.mount] failed with exit status 1: Job for snap-ubuntu\x2dcore-122.mount failed. See "systemctl status "snap-ubuntu\\x2dcore-122.mount"" and "journalctl -xe" for details. ) $ ls -la /snap total 4K drwxr-xr-x 3 root root 4096 Aug 8 17:49 ubuntu-core $ ls -la /snap/ubuntu-core/ total 4K drwxr-xr-x 2 root root 4096 Aug 8 17:49 122 $ ls -la /snap/ubuntu-core/122/ total 0K $ systemctl status "snap-ubuntu\\x2dcore-122.mount" ● snap-ubuntu\x2dcore-122.mount - Mount unit for ubuntu-core Loaded: loaded (/etc/systemd/system/snap-ubuntu\x2dcore-122.mount; enabled; vendor preset: enabled) Active: failed (Result: exit-code) since Mon 2016-08-08 17:49:36 UTC; 6min ago Where: /snap/ubuntu-core/122 What: /var/lib/snapd/snaps/ubuntu-core_122.snap Process: 31781 ExecMount=/bin/mount /var/lib/snapd/snaps/ubuntu-core_122.snap /snap/ubuntu-core/122 -t squashfs (code=exited, status=32) Aug 08 17:49:35 my-host systemd[1]: Mounting Mount unit for ubuntu-core... Aug 08 17:49:35 my-host mount[31781]: mount: /snap/ubuntu-core/122: mount failed: Unknown error -1 Aug 08 17:49:36 my-host systemd[1]: snap-ubuntu\x2dcore-122.mount: Mount process exited, code=exited status=32 Aug 08 17:49:36 my-host systemd[1]: Failed to mount Mount unit for ubuntu-core. Aug 08 17:49:36 my-host systemd[1]: snap-ubuntu\x2dcore-122.mount: Unit entered failed state. To manage notifications about this bug go to: https://bugs.launchpad.net/snappy/+bug/1611078/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
