From https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1590720/comments/3:
" Thank you for filing a bug. It is actually seccomp (not AppArmor) that is blocking this call. You can workaround this for now by installing with --devmode. We don't allow the chown family of syscalls at this time because that would open holes in the sandbox. Today, you can adjust your program to not use fchown or to create a small LD_PRELOAD library that you can ship with your that implements a no-op for fchown. Soon we will have seccomp argument filtering in our sandbox which will allow us to then, for example, allow apps to chown files to their own UID and GID, but we'd need to figure out a way to do this dynamically (perhaps the launcher could unconditionally add chown calls for the UID/GID, this needs more thought). Alternatively, the designed-but-not-yet-implemented snappy preload library could do something with chown so developers wouldn't have to. " -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1581310 Title: ubuntu-core doesn't allow sed -i (fchown syscall) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1581310/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
