Hei,
what could be the solution for getting rid of the snap audit issue on hugepages.
I have this entry in my snapcraft.yaml
, so I though I would be covered already.
edge-info:
command: bin/edge-info
plugs:
- edge-identity-file
- mount-observe
- network-bind
- login-session-observe
- steam-support
- procps
Procps is there, which I think should then cover the command free
which I am guessing (I can see hugepages accessed in the code) is causing the issue.
So, why am I still getting this?
audit[27424]: AVC apparmor="DENIED" operation="open" profile="snap.pelion-edge.version" name="/sys/kernel/mm/hugepages/" pid=27424 comm="kubelet" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Interestingly, I can’t see that anything would be missing from the edge-info command output, so what is really getting blocked?
This gets printed anyway:
- Physical Memory: 8105 MB
The value is also correct.