[Touch-packages] [Bug 1871148] Re: services start before apparmor profiles are loaded

Fri, 13 May 2022 17:06:05 -0700 

With snapd 2.55.3+22.04ubuntu1 and apparmor 3.0.4-2ubuntu2 from Ubuntu
22.04 (Jammy Jellyfish) :

-  On a machine with a powerful i7-7700 HQ processor, the issue did NOT
appear yet.

-  On a machine with the slower AMD FX-8370E processor, the issue occurs
systematically after each reboot.

   $ sudo  systemd-analyze  critical-chain  apparmor.service
snapd.service

   apparmor.service +396ms
   └─local-fs.target @3.660s

   snapd.service +529ms
   └─basic.target @4.509s
     └─sockets.target @4.509s
       └─snapd.socket @4.505s +3ms
         └─sysinit.target @4.307s
           └─systemd-timesyncd.service @3.813s +494ms
             └─systemd-tmpfiles-setup.service @3.726s +77ms
               └─local-fs.target @3.660s

   Workaround :  After each reboot :
   $ sudo  apparmor_parser  -r  /var/lib/snapd/apparmor/profiles/*

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1871148

Title:
  services start before apparmor profiles are loaded

Status in AppArmor:
  Invalid
Status in snapd:
  Fix Released
Status in apparmor package in Ubuntu:
  Fix Released
Status in snapd package in Ubuntu:
  Fix Released
Status in zsys package in Ubuntu:
  Invalid
Status in apparmor source package in Focal:
  Fix Released
Status in snapd source package in Focal:
  Fix Released
Status in zsys source package in Focal:
  Invalid

Bug description:
  Per discussion with Zyga in #snapd on Freenode, I have hit a race
  condition where services are being started by the system before
  apparmor has been started. I have a complete log of my system showing
  the effect somewhere within at https://paste.ubuntu.com/p/Jyx6gfFc3q/.
  Restarting apparmor using `sudo systemctl restart apparmor` is enough
  to bring installed snaps back to full functionality.

  Previously, when running any snap I would receive the following in the
  terminal:

  ---
  cannot change profile for the next exec call: No such file or directory
  snap-update-ns failed with code 1: File exists
  ---

  Updated to add for Jamie:

  $ snap version
  snap    2.44.2+20.04
  snapd   2.44.2+20.04
  series  16
  ubuntu  20.04
  kernel  5.4.0-21-generic

To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1871148/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : [email protected]
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to