Note: I also add plugs: "shutdown,core-support, process-control",but it is no longer effective.
Thanks for any help! -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1738155 Title: Calling reboot or poweroff on a node-red snap is fail Status in apparmor package in Ubuntu: New Bug description: OS:Ubuntu 16.04.3-amd64 when I run command "reboot" or "poweroff" in the node-red snap.It is no longer effective. my snapcraft.yaml: name: nodered version: 1.00 summary: A visual tool for wiring the Internet of Things description: Node-RED is a tool for wiring together hardware devices, APIs and online services in new and interesting ways. confinement: strict grade: stable apps: red: daemon: simple command: bin/launch plugs: - network-bind - network - network-observe parts: red: plugin: nodejs node-packages: - node-red - node-red-dashboard filesets: othermodules: [ -lib/node_modules/npm ] stage: [ $othermodules ] settings: plugin: dump source: settings filesets: settings: - . organize: start.sh : bin/launch snap: - . filesets: all: [ . ] ---------------------------------------------------------------------------- when I run "poweroff" in the node-red snap, the syslog will show: Dec 14 04:07:34 zy-PR-VR4 bor.red[1905]: 14 Dec 04:07:34 - [info] [exec:command] poweroff Dec 14 04:07:34 zy-PR-VR4 kernel: [ 186.060923] kauditd_printk_skb: 25 callbacks suppressed Dec 14 04:07:34 zy-PR-VR4 kernel: [ 186.060927] audit: type=1400 audit(1513242454.177:329): apparmor="ALLOWED" operation="exec" profile="snap.bor.red" name="/bin/systemctl" pid=2453 comm="sh" requested_mask="x" denied_mask="x" fsuid=0 ouid=0 target="snap.bor.red//null-/bin/systemctl" Dec 14 04:07:34 zy-PR-VR4 kernel: [ 186.061474] audit: type=1400 audit(1513242454.177:330): apparmor="ALLOWED" operation="file_inherit" profile="snap.bor.red//null-/bin/systemctl" pid=2453 comm="poweroff" family="unix" sock_type="stream" protocol=0 requested_mask="send receive" denied_mask="send receive" addr=none peer_addr=none Dec 14 04:07:34 zy-PR-VR4 kernel: [ 186.061480] audit: type=1400 audit(1513242454.181:331): apparmor="ALLOWED" operation="file_inherit" profile="snap.bor.red" pid=2453 comm="poweroff" family="unix" sock_type="stream" protocol=0 requested_mask="send receive" denied_mask="send receive" addr=none peer_addr=none peer="snap.bor.red//null-/bin/systemctl" Dec 14 04:07:34 zy-PR-VR4 kernel: [ 186.061483] audit: type=1400 audit(1513242454.181:332): apparmor="ALLOWED" operation="file_inherit" profile="snap.bor.red//null-/bin/systemctl" pid=2453 comm="poweroff" family="unix" sock_type="stream" protocol=0 requested_mask="send receive" denied_mask="send receive" addr=none peer_addr=none Dec 14 04:07:34 zy-PR-VR4 kernel: [ 186.061487] audit: type=1400 audit(1513242454.181:333): apparmor="ALLOWED" operation="file_inherit" profile="snap.bor.red" pid=2453 comm="poweroff" family="unix" sock_type="stream" protocol=0 requested_mask="send receive" denied_mask="send receive" addr=none peer_addr=none peer="snap.bor.red//null-/bin/systemctl" Dec 14 04:07:34 zy-PR-VR4 kernel: [ 186.061489] audit: type=1400 audit(1513242454.181:334): apparmor="ALLOWED" operation="file_inherit" profile="snap.bor.red//null-/bin/systemctl" pid=2453 comm="poweroff" family="unix" sock_type="stream" protocol=0 requested_mask="send receive" denied_mask="send receive" addr=none peer_addr=none Dec 14 04:07:34 zy-PR-VR4 kernel: [ 186.061493] audit: type=1400 audit(1513242454.181:335): apparmor="ALLOWED" operation="file_inherit" profile="snap.bor.red" pid=2453 comm="poweroff" family="unix" sock_type="stream" protocol=0 requested_mask="send receive" denied_mask="send receive" addr=none peer_addr=none peer="snap.bor.red//null-/bin/systemctl" Dec 14 04:07:34 zy-PR-VR4 kernel: [ 186.061496] audit: type=1400 audit(1513242454.181:336): apparmor="ALLOWED" operation="file_mmap" profile="snap.bor.red//null-/bin/systemctl" name="/bin/systemctl" pid=2453 comm="poweroff" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0 it looks the command is runing in the ubuntu 16.04.3, but it does not effective. ------------------------------------------------------------------- when I run "dmesg" in the node-red snap, the syslog will show: bor.red[1905]: 14 Dec 04:10:02 - [info] [exec:command] dmesg Dec 14 04:10:02 zy-PR-VR4 kernel: [ 334.739205] kauditd_printk_skb: 90 callbacks suppressed Dec 14 04:10:02 zy-PR-VR4 kernel: [ 334.739207] audit: type=1400 audit(1513242602.837:463): apparmor="ALLOWED" operation="exec" profile="snap.bor.red" name="/bin/dmesg" pid=2552 comm="sh" requested_mask="x" denied_mask="x" fsuid=0 ouid=0 target="snap.bor.red//null-/bin/dmesg" Dec 14 04:10:02 zy-PR-VR4 kernel: [ 334.739385] audit: type=1400 audit(1513242602.837:464): apparmor="ALLOWED" operation="file_inherit" profile="snap.bor.red//null-/bin/dmesg" pid=2552 comm="dmesg" family="unix" sock_type="stream" protocol=0 requested_mask="send receive" denied_mask="send receive" addr=none peer_addr=none Dec 14 04:10:02 zy-PR-VR4 kernel: [ 334.739387] audit: type=1400 audit(1513242602.837:465): apparmor="ALLOWED" operation="file_inherit" profile="snap.bor.red" pid=2552 comm="dmesg" family="unix" sock_type="stream" protocol=0 requested_mask="send receive" denied_mask="send receive" addr=none peer_addr=none peer="snap.bor.red//null-/bin/dmesg" Dec 14 04:10:02 zy-PR-VR4 kernel: [ 334.739389] audit: type=1400 audit(1513242602.837:466): apparmor="ALLOWED" operation="file_inherit" profile="snap.bor.red//null-/bin/dmesg" pid=2552 comm="dmesg" family="unix" sock_type="stream" protocol=0 requested_mask="send receive" denied_mask="send receive" addr=none peer_addr=none Dec 14 04:10:02 zy-PR-VR4 kernel: [ 334.739390] audit: type=1400 audit(1513242602.837:467): apparmor="ALLOWED" operation="file_inherit" profile="snap.bor.red" pid=2552 comm="dmesg" family="unix" sock_type="stream" protocol=0 requested_mask="send receive" denied_mask="send receive" addr=none peer_addr=none peer="snap.bor.red//null-/bin/dmesg" Dec 14 04:10:02 zy-PR-VR4 kernel: [ 334.739391] audit: type=1400 audit(1513242602.837:468): apparmor="ALLOWED" operation="file_inherit" profile="snap.bor.red//null-/bin/dmesg" pid=2552 comm="dmesg" family="unix" sock_type="stream" protocol=0 requested_mask="send receive" denied_mask="send receive" addr=none peer_addr=none Dec 14 04:10:02 zy-PR-VR4 kernel: [ 334.739393] audit: type=1400 audit(1513242602.837:469): apparmor="ALLOWED" operation="file_inherit" profile="snap.bor.red" pid=2552 comm="dmesg" family="unix" sock_type="stream" protocol=0 requested_mask="send receive" denied_mask="send receive" addr=none peer_addr=none peer="snap.bor.red//null-/bin/dmesg" Dec 14 04:10:02 zy-PR-VR4 kernel: [ 334.739395] audit: type=1400 audit(1513242602.837:470): apparmor="ALLOWED" operation="file_mmap" profile="snap.bor.red//null-/bin/dmesg" name="/bin/dmesg" pid=2552 comm="dmesg" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0 Dec 14 04:10:02 zy-PR-VR4 kernel: [ 334.739397] audit: type=1400 audit(1513242602.837:471): apparmor="ALLOWED" operation="file_mmap" profile="snap.bor.red//null-/bin/dmesg" name="/lib/x86_64-linux-gnu/ld-2.23.so" pid=2552 comm="dmesg" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0 Dec 14 04:10:02 zy-PR-VR4 kernel: [ 334.739936] audit: type=1400 audit(1513242602.837:472): apparmor="ALLOWED" operation="open" profile="snap.bor.red//null-/bin/dmesg" name="/etc/ld.so.cache It will show a lot dmesg info to me. ---------------------------------------------------------- Thanks for any help! To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1738155/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
