I have a non default dns setup on my host to make my dnscrypt-proxy dns
server setting stick across network interfaces, wifi access point
changes in network-manager, and reboots.
rm /etc/resolvconf/resolv.conf cat <<EOF > sudo tee /etc/resolvconf/resolv.conf.d/head nameserver <ip-of-my-local-dnscrypt-proxy-instance> EOF
This causes the following when running my snap which uses the
= AppArmor = Time: Oct 30 08:48:34 Log: apparmor="DENIED" operation="open" profile="snap.btcd.daemon" name="/etc/resolvconf/resolv.conf.d/head" pid=27224 comm="btcd" requested_mask="r" denied_mask="r" fsuid=584788 ouid=0 File: /etc/resolvconf/resolv.conf.d/head (read)
Which (I think) in turn causes this
INF] CMGR: DNS discovery failed on seed seed.bitcoin.sipa.be: lookup seed.bitcoin.sipa.be on [::1]:53: read udp [::1]:34651->[::1]:53: read: connection refused
Are these events related? What is the correct fix?
My initial guess is that I need to add
network-bind for the snap to be able to listen for incoming UDP packets. Is that correct?
I’ve tried to look at the apparmor profile configuration, but I don’t find any file for my snap in /etc/apparmor.d, only a profile listed in the aa-status output.