Hmm, one way of doing that would be to edit the apparmor profile of snap-confine in /etc/apparmor.d to be permissive (effectively switching them into complain mode). You can do that by editing the files so that they have the text ,complain just immediately after attach_disconnected. After doing that please run sudo apparmor_parser -r with the pathname of the file you edited.
zyga@fyke:~$ head /etc/apparmor.d/snap.core.4321.usr.lib.snapd.snap-confine
# Author: Jamie Strandboge <jamie@canonical.com>
#include <tunables/global>
/snap/core/4321/usr/lib/snapd/snap-confine (attach_disconnected) {
# Include any additional files that snapd chose to generate.
# - for $HOME on NFS
# - for $HOME on encrypted media
#
# Those are discussed on https://forum.snapcraft.io/t/snapd-vs-upstream-kernel-vs-apparmor
# and https://forum.snapcraft.io/t/snaps-and-nfs-home/
NOTE: you may need to do this change to all the snap-confine files there.
Confused there because my existing snap shouldn’t have stopped working without reasons no ? as only thing that happened was a snap update I guess that prevented them from working from one day to another !
@vincen That’s independent from @zyga-snapd’s point or the point you made earlier. The point still holds: snaps do not depend on snapd for running. You can give it a shot yourself: install a snap and then shutdown the daemon. Try to use the snap.
oki thanks I checked documentations on snap website and if I understand well the daemon is only used to download/install/upgrade them and handle the automatic background update right ?
If so how is that possible that suddenly all snaps on my system were no more working ?? Snapd update itself can be the reason ?
Yes, the snapd snap got updated, which triggers a security profile rebuild because that changes the whole tooling used to run the snap in the first place (snap-confine, etc), which means new security profiles may be required to be able to function properly and without errors.
By the way, thanks for using the beta and thanks for reporting this. Really happy that we’re getting so much testing on these releases well before they go into the stable channel.