The juju-db snap packages mongodb and is deployed as the database used by the Juju controller. It is meant to only be used on Juju controller instances.
As per https://bugs.launchpad.net/juju/+bug/1927098, the logs are filled with lots of repeated apparmor denials :
audit: type=1400 audit(1620133548.999:75999): apparmor="DENIED" operation="open" profile="snap.juju-db.daemon" name="/proc/3219/net/netstat" pid=1605657 comm="ftdc" requested_mask="r" denied_mask="r"
audit: type=1400 audit(1620133548.999:76000): apparmor="DENIED" operation="open" profile="snap.juju-db.daemon" name="/proc/3219/net/snmp" pid=1605657 comm="ftdc" requested_mask="r" denied_mask="r"
audit: type=1400 audit(1633081268.998:1248): apparmor="DENIED" operation="open" profile="snap.juju-db.daemon" name="/proc/vmstat" pid=4516 comm="ftdc" requested_mask="r" denied_mask="r"
Adding the interfaces
- network-observe
- system-observe
to the snap and connecting them manually solves the issue.
Is it possible to have these auto connect please?