Hi @emitorino,
Thanks for taking the time to help me.
I tried this, but didn’t get any useful results. I got the following message multiple times:
= AppArmor = Time: Aug XX XX:XX:XX Log: apparmor=“DENIED” operation=“open” profile=“snap.multipass.multipass” name=“/etc/ssh/ssh_config” pid=XXXX comm=“multipass” requested_mask=“r” denied_mask=“r” fsuid=XXXX ouid=0 File: /etc/ssh/ssh_config (read) Suggestions:
- adjust program to read necessary files from $SNAP, $SNAP_DATA, $SNAP_COMMON, > $SNAP_USER_DATA or $SNAP_USER_COMMON
- adjust snap to use snap layouts (Snap layouts)
- add ‘ssh-keys’ to ‘plugs’
From what I understand, this has nothing to do with my app specifically. It is not using ssh in any way. It looks like it’s something multipass related?
avdl does not need to access any files except from ones that are part of the avdl package, or files specified by the user (which I’m happy to restrict to the home directory only).
The issue I’m having is that I want to make a new snap package, that contains source code compile-able by avdl. I’m doing that by adding build-snaps: avdl to my snapcraft.yml. Then when I use snapcraft to compile the project, it installs the avdl snap properly, but then it tries to compile the new snap package in /root/parts/my-part/ which avdl has no permission to access.
In case it helps, here’s a sample snapcraft.yml file that I’m trying to make. It’s source link points to a project written in avdl.
name: rue
base: core18
version: '0.0.2'
summary: Summary Text
description: |
This is my-snap's description. You have a paragraph or two to tell the
most important story about your snap. Keep it under 100 words though,
we live in tweetspace and your description wants to look good in the snap
store.
grade: devel # must be 'stable' to release into candidate/stable channels
confinement: devmode # use 'strict' once you have the right plugs and slots
parts:
my-part:
source: https://notabug.org/tomtsagk/rue/archive/v0.0.2.tar.gz
plugin: make
make-parameters: [ 'prefix=' ]
build-snaps:
- avdl
When I try to build this by running the snapcraft command, it installs the avdl snap as expected, but I get this error during compilation:
+ snapcraftctl build
make -j2 prefix=
mkdir -p build/native
mkdir -p build/native/objects
mkdir -p build/native/output/assets
mkdir -p build/native/output
avdl -c src/game.dd -o build/native/objects/game.o -I include/ --install-loc "/share/rue/"
avdl -c src/card.dd -o build/native/objects/card.o -I include/ --install-loc "/share/rue/"
avdl error: Unable to open 'src/game.dd': Permission denied
makefile:66: recipe for target 'build/native/objects/game.o' failed
make: *** [build/native/objects/game.o] Error 255
make: *** Waiting for unfinished jobs....
avdl error: Unable to open 'src/card.dd': Permission denied
makefile:66: recipe for target 'build/native/objects/card.o' failed
make: *** [build/native/objects/card.o] Error 255
Failed to run 'make -j2 prefix=' for 'my-part': Exited with code 2.
Verify that the part is using the correct parameters and try again.
The two lines containing avdl -c src/file.dd are the lines that start compiling the project, and both of them generate shortly after the two avdl error: lines, that they have no permission on those files.
To my understanding, this happens because avdl doesn’t have permissions for /root/parts/my-part/ (where compilation takes place for the new package when I run snapcraft). I’m not sure what’s an optimal confinement to allow this functionality.
I hope this makes sense. Sorry for the wall of text. The snapcraft.yml I provided can be used to reproduce this issue.