Join GitHub today
GitHub is home to over 20 million developers working together to host and review code, manage projects, and build software together.
cmd: select what socket to use in cmd/snap{,ctl} #3098
Conversation
All checks have failed
mvo5
referenced this pull request
Mar 28, 2017
Merged
interfaces/seccomp: add bind to default seccomp template for hooks #3091
mvo5
added this to the
2.23.6 milestone
Mar 28, 2017
pedronis
changed the title from
cmd: Select what socket to use in cmd/snap{,ctl}
to
cmd: select what socket to use in cmd/snap{,ctl}
Mar 28, 2017
Some checks were not successful
mvo5
referenced this pull request
Mar 28, 2017
Closed
interfaces/seccomp: add bind as part of the default seccomp policy (backport) #3097
|
Thank you for this! Can you refer to https://bugs.launchpad.net/snapd/+bug/1675812 since this should fix the noisy denial in that bug? +1 on the approach (I didn't do an in depth code review). |
|
LGTM! |
mvo5
requested review from
niemeyer and
kyrofa
Mar 29, 2017
pedronis
approved these changes
Mar 29, 2017
lgtm, seems also the correct thing because of now DisableAuth: true
mvo5
added some commits
Mar 29, 2017
Some checks were not successful
mvo5
referenced this pull request
Mar 29, 2017
Merged
cmd: explicit use of snapd sockets (for 2.23) #3101
mvo5
added some commits
Mar 29, 2017
Some checks were not successful
mvo5
merged commit 3505b6a
into
snapcore:master
Mar 29, 2017
2 of 6 checks passed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
mvo5 commentedMar 28, 2017
•
Edited 1 time
-
mvo5
Mar 29, 2017
So far we relied on apparmor to figure out what snap socket we
can use. However this fails on distributions without apparmor
support. Here the snapctl code tries to open the snapd.socket and is
successful - when instead if should talk to the snapd-snap.socket.
This should also fix https://bugs.launchpad.net/snapd/+bug/1675812,
at least the confusing apparmor denial from snapctl.