Right. The commit adding the /var/lib/snapd/lib/gl32 is only part of 2.30 and later, while Ubuntu 17.10 has 2.29.x in the repos.
1 Like
This is now fixed in https://github.com/snapcore/snapd/releases/tag/2.32.3 available in the beta channel of the core snap. To refresh just snap refresh core --beta
On my development server these fixes don’t work. I did the updates that stgraber suggested and switched to the snaps beta channel. Still can’t install lxd 3.0.0:
root@dev ~ # snap refresh core --edge
2018-05-04T09:29:00+02:00 INFO Waiting for restart…
core (edge) 16-2.32.6+git708.581b2ba from ‘canonical’ refreshed
root@dev ~ # snap install lxd
error: cannot perform the following tasks:
- Run configure hook of “lxd” snap if present (run hook “configure”: cannot perform operation: mount --rbind /var/tmp /tmp/snap.rootfs_oimvhN//var/tmp: Permission denied)
root@dev ~ # mount |grep oimvhN
/dev/md2 on /tmp/snap.rootfs_oimvhN type ext4 (rw,relatime,stripe=32748,data=ordered)
Doesn’t seem to be an apparmor problem because there is no denied message in de log:
[ 1405.272744] audit: type=1400 audit(1525419764.351:470): apparmor=“STATUS” operation=“profile_replace” info=“same as current profile, skipping” profile=“unconfined” name=“snap-update-ns.lxd” pid=8672 comm=“apparmor_parser”
[ 1405.321432] audit: type=1400 audit(1525419764.400:471): apparmor=“STATUS” operation=“profile_replace” info=“same as current profile, skipping” profile=“unconfined” name=“snap.lxd.benchmark” pid=8674 comm=“apparmor_parser”
[ 1405.372145] audit: type=1400 audit(1525419764.451:472): apparmor=“STATUS” operation=“profile_replace” info=“same as current profile, skipping” profile=“unconfined” name=“snap.lxd.check-kernel” pid=8676 comm=“apparmor_parser”
[ 1405.422149] audit: type=1400 audit(1525419764.501:473): apparmor=“STATUS” operation=“profile_replace” info=“same as current profile, skipping” profile=“unconfined” name=“snap.lxd.daemon” pid=8678 comm=“apparmor_parser”
[ 1405.482469] audit: type=1400 audit(1525419764.561:474): apparmor=“STATUS” operation=“profile_replace” info=“same as current profile, skipping” profile=“unconfined” name=“snap.lxd.hook.configure” pid=8680 comm=“apparmor_parser”
[ 1405.532447] audit: type=1400 audit(1525419764.611:475): apparmor=“STATUS” operation=“profile_replace” info=“same as current profile, skipping” profile=“unconfined” name=“snap.lxd.lxc” pid=8683 comm=“apparmor_parser”
[ 1405.582235] audit: type=1400 audit(1525419764.661:476): apparmor=“STATUS” operation=“profile_replace” info=“same as current profile, skipping” profile=“unconfined” name=“snap.lxd.lxd” pid=8685 comm=“apparmor_parser”
[ 1405.632079] audit: type=1400 audit(1525419764.711:477): apparmor=“STATUS” operation=“profile_replace” info=“same as current profile, skipping” profile=“unconfined” name=“snap.lxd.migrate” pid=8687 comm=“apparmor_parser”
[ 1405.961802] audit: type=1400 audit(1525419765.040:478): apparmor=“STATUS” operation=“profile_replace” info=“same as current profile, skipping” profile=“unconfined” name="/snap/core/4600/usr/lib/snapd/snap-confine" pid=8723 comm=“apparmor_parser”
[ 1405.961818] audit: type=1400 audit(1525419765.040:479): apparmor=“STATUS” operation=“profile_replace” info=“same as current profile, skipping” profile=“unconfined” name="/snap/core/4600/usr/lib/snapd/snap-confine//mount-namespace-capture-helper" pid=8723 comm=“apparmor_parser”
With the help of Stéphane Graber I fixed it! The problem was that on this machine there was an /var/tmp that was a link to /tmp. And /tmp is an mounted (noexec) file (for security reasons). After restoring /var/tmp to a normal directory I could install lxd 3.0.0 without further issues.
1 Like