Note that for opengl client rendering the graphics driver uses the so called 'render' nodes in '/dev/dri'. On my system, this directory contains :
$ll /dev/dri/ total 0 drwxr-xr-x 2 root root 160 Jul 22 11:47 ./ drwxr-xr-x 20 root root 4700 Jul 22 11:47 ../ crw-rw----+ 1 root video 226, 0 Jul 22 11:47 card0 crw-rw----+ 1 root video 226, 1 Jul 22 11:47 card1 crw-rw---- 1 root video 226, 64 Jul 22 11:47 controlD64 crw-rw---- 1 root video 226, 65 Jul 22 11:47 controlD65 crw-rw----+ 1 root video 226, 128 Jul 22 11:47 renderD128 crw-rw----+ 1 root video 226, 129 Jul 22 11:47 renderD129 The driver uses udev to discover these nodes and needs access to the following files /run/udev/data/c226:128 /run/udev/data/c226:129 in order to obtain the PCI information contained therein. Therefore, composing the list of apparmor entries for the 'opengl' interface should query these render nodes. It can then form the paths by using the <major> and <minor> device numbers. I.e. /run/udev/data/c<major>:<minor> -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1605768 Title: incomplete 'opengl' interface To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1605768/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
