Application fails to start after snap reinstall

peterzen · October 10, 2023, 3:26pm

I have packaged an application which runs correctly both in devmode and strict confinements. I did come across a problem I can’t seem to find the cause of: when the snap is upgraded to a new version, or indeed the same snap is reinstalled, the binary bails out (this is a GUI application that starts a GNOME systray process, then launches itself/the binary again to open the main app window). This exec() is where the process stops with exit status 2 (potentially indicating a permission problem).

When I do a snap remove and then snap install the same snap again, the binary runs correctly. So it sounds like this may be somehow related to a change in the sandbox environment/permissions after the new revision of the same package is installed.

What I did so far to track down the issue:

compared the $HOME/snap//{x1, x2} directories, they are identical
/snap//{x1,x2} are identical as well
no error message from APPARMOR
diffing the strace outputs of both the x1 and x2 installs there is one difference:

newfstatat(AT_FDCWD, "/snap/dexc/x2/meta/hooks", {st_mode=S_IFDIR|0755, st_size=32, ...}, 0) = 0
openat(AT_FDCWD, "/snap/dexc/x2/meta/hooks", O_RDONLY|O_CLOEXEC) = 7
epoll_ctl(4, EPOLL_CTL_ADD, 7, {events=EPOLLIN|EPOLLOUT|EPOLLRDHUP|EPOLLET, data={u32=2356876648, u64=139863671903592}}) = -1 EPERM (Operation not permitted)
--- SIGURG {si_signo=SIGURG, si_code=SI_TKILL, si_pid=352448, si_uid=1000} ---
rt_sigreturn({mask=[]})                 = -1 EPERM (Operation not permitted)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
getdents64(7, 0xc00035a000 /* 3 entries */, 8192) = 80
newfstatat(AT_FDCWD, "/snap/dexc/x2/meta/hooks/configure", {st_mode=S_IFREG|0755, st_size=12, ...}, AT_SYMLINK_NOFOLLOW) = 0
getdents64(7, 0xc00035a000 /* 0 entries */, 8192) = 0

I’m stuck at this point and would appreciate any advice or clues on what this might be and how to investigate further.

Many thanks in advance!

soumyaDghosh · October 13, 2023, 6:06pm

Please share the manifest

peterzen · October 13, 2023, 8:05pm

Please see below:

name: dexc
base: core22 
version: '0.7.0'
summary: summary
description: description
grade: stable
confinement: strict
architectures:
  - build-on: amd64
compression: lzo

plugs:
  dbus-svc:
    bus: system
    interface: dbus
    name: org.freedesktop.portal

apps:
  dexc:
    command: usr/lib/dexc/dexc
    desktop: usr/share/applications/dexc.desktop
    extensions: [gnome]
    environment:
      GTK_USE_PORTAL: "1"
    plugs: 
      - home
      - opengl
      - x11
      - desktop
      - desktop-legacy
      - network
      - network-status
      - browser-support
      - screen-inhibit-control
      - dbus-svc

parts:
  dexc-desktop:
    plugin: dump
    source: ./build/dexc_0.7.0-pre-0_amd64.deb
    source-type: deb
    prime:
      - -usr/lib/x86_64-linux-gnu/libEGL_mesa*
      - -usr/lib/x86_64-linux-gnu/libGLX_mesa*
      - -usr/lib/x86_64-linux-gnu/libcaca++*
      - -usr/lib/x86_64-linux-gnu/libcolordprivate*
      - -usr/lib/x86_64-linux-gnu/libdconf*
      - -usr/lib/x86_64-linux-gnu/libexslt*
      - -usr/lib/x86_64-linux-gnu/libgstcheck-1.0*
      - -usr/lib/x86_64-linux-gnu/libgstcontroller-1.0*
      - -usr/lib/x86_64-linux-gnu/libicuio*
      - -usr/lib/x86_64-linux-gnu/libicutest*
      - -usr/lib/x86_64-linux-gnu/libjacknet*
      - -usr/lib/x86_64-linux-gnu/libjackserver*
      - -usr/lib/x86_64-linux-gnu/liborc-test-0.4*
      - -usr/lib/x86_64-linux-gnu/libpulse-simple*
      - -usr/lib/x86_64-linux-gnu/libunwind-coredump*
      - -usr/lib/x86_64-linux-gnu/libunwind-ptrace*
      - -usr/lib/x86_64-linux-gnu/libunwind-x86_64*
      - -usr/lib/x86_64-linux-gnu/libwoff2enc*
      - -usr/lib/x86_64-linux-gnu/libicutu*
      - -usr/lib/x86_64-linux-gnu/libsamplerate*
      - -usr/lib/x86_64-linux-gnu/libxcb-dri2*
      - -usr/lib/x86_64-linux-gnu/libxcb-glx*
      - -usr/lib/x86_64-linux-gnu/libxcb-present*
      - -usr/lib/x86_64-linux-gnu/libxcb-randr*
      - -usr/lib/x86_64-linux-gnu/libxcb-sync*
      - -usr/lib/x86_64-linux-gnu/libxcb-xfixes*
      - -usr/lib/x86_64-linux-gnu/libxshmfence*

    stage-packages:
      - desktop-file-utils
      - libwebkit2gtk-4.0-37
      - libgtk-3-0

soumyaDghosh · October 13, 2023, 9:22pm

Need the deb package to test it. Kindly link that too.

peterzen · October 14, 2023, 8:27am

https://github.com/peterzen/dcrdex/releases/download/0.7.0-snap/dexc_0.7.0-pre-0_amd64.deb

This is the source project:

github.com

peterzen/dcrdex/blob/snapcraft-builder/client/cmd/dexc-desktop/snap/snapcraft.yaml

name: dexc
base: core22 
version: '0.7.0'
summary: Decentralized cryptocurrency exchange
description: |
  Trade Bitcoin, USDC, Ethereum, Decred, Dogecoin, Zcash and more peer-to-peer using atomic swaps. 

grade: stable
license: BlueOak-1.0.0
confinement: strict
architectures:
  - build-on: amd64
compression: lzo

plugs:
  dbus-svc:
    bus: system
    interface: dbus
    name: org.freedesktop.portal

This file has been truncated. show original

Thanks!