group.of.nepali.translators team mailing list archive
-
group.of.nepali.translators team
-
Mailing list archive
-
Message #07048
[Bug 1612291] Re: cannot create $SNAP_USER_DATA when using ecryptfs and sudo
This is fixed with the 1.0.40 upload to yakkety
** Changed in: snap-confine (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1612291
Title:
cannot create $SNAP_USER_DATA when using ecryptfs and sudo
Status in Snappy Launcher:
Fix Released
Status in snap-confine package in Ubuntu:
Fix Released
Status in snap-confine source package in Xenial:
Fix Committed
Bug description:
Because of the two apparmor rules on snap-confine, attempts to create
user data directory from snap-confine will fail when the user is using
new-style encrypted home directory and sudo to start a snap.
TEST CASE:
1. sudo adduser --encrypt-home test-encrypted
2. Ensure that the test-encrypted user can use sudo, e.g. add it to the sudo group
3. Log in as test-encrypted user
4. Install the hello-world snap
5. Run sudo /snap/bin/hello-world
6. Verify that `hello-world` fails to run
7. Install snap-confine from xenial-propsoed
8. verify that `hello-world` runs now
The following patch makes the problem go away:
diff --git a/debian/usr.bin.snap-confine b/debian/usr.bin.snap-confine
index f3e6308..aeb17bd 100644
--- a/debian/usr.bin.snap-confine
+++ b/debian/usr.bin.snap-confine
@@ -155,6 +155,6 @@
owner @{HOME}/.Private/ r,
owner @{HOME}/.Private/** mrixwlk,
# new-style encrypted $HOME
- owner @{HOMEDIRS}/.ecryptfs/*/.Private/ r,
- owner @{HOMEDIRS}/.ecryptfs/*/.Private/** mrixwlk,
+ @{HOMEDIRS}/.ecryptfs/*/.Private/ r,
+ @{HOMEDIRS}/.ecryptfs/*/.Private/** mrixwlk,
}
To manage notifications about this bug go to:
https://bugs.launchpad.net/snap-confine/+bug/1612291/+subscriptions
