Apparmor DENIED capability net_admin and perfmon

I’m getting several instances of the below DENIED sequence. Also similar entries related to cupsd. In very general: I understand that apparmor is preventing a snap from doing/accessing something that it wanted to. Doesn’t such thing create a testing nightmare? Will those messages be worked on? Basically, I would prefer a clean syslog, so that I can examine it for other problems.

kernel: audit: type=1400 audit(1670869866.092:107): apparmor=“DENIED” operation=“capable” profile="/snap/snapd/17883/usr/lib/snapd/snap-confine" pid=2775 comm=“snap-confine” capability=38 capname=“perfmon”

audit[2868]: AVC apparmor=“DENIED” operation=“capable” profile="/snap/snapd/17883/usr/lib/snapd/snap-confine" pid=2868 comm=“snap-confine” capability=12 capname=“net_admin”

audit[2868]: AVC apparmor=“DENIED” operation=“capable” profile="/snap/snapd/17883/usr/lib/snapd/snap-confine" pid=2868 comm=“snap-confine” capability=38 capname=“perfmon”

kernel: audit: type=1400 audit(1670869870.564:108): apparmor=“DENIED” operation=“capable” profile="/snap/snapd/17883/usr/lib/snapd/snap-confine" pid=2868 comm=“snap-confine” capability=12 capname=“net_admin”

Any reading suggestions also welcome.

1 Like

I’m seeing the same thing. No helpful solution either.

This is a harmless (but admittedly noisy) false positive of an internal snapd tool (snap-confine) that the snapd team should eventually quieten, you can ignore it … regarding getting the same messages from the cups snap, here you should file a bug/issue …