Classic confinement request for hw-probe

lucyllewy · September 26, 2018, 8:48pm

Apparmor logs messages with details about what data it used to make a decision regarding whether to allow or deny an action. @chipaca is asking you to run your application both with, and without, the raw-usb plug and paste the log messages from Apparmor showing the denial decisions.

linuxhw · September 27, 2018, 5:41am

No denials printed by snappy-debug.security or dmesg. Just silently reduces output of lsusb -v if raw-usb is not connected.

Thank you.

jdstrand · September 28, 2018, 12:39pm

raw-usb grants more than just ‘observe’ to the snap and IMO, the lack of information when raw-usb is not connected is ‘ok’. If the user wants full information, then the user can manually connect it. -1 to auto-connect raw-usb.

+1 to:

hardware-observe
mount-observe
network-observe
system-observe
upower-observe
log-observe

-1 to physical-memory-observe. This is pretty powerful and the user can manually connect for biosdecode.

jdstrand · September 28, 2018, 12:39pm

@alexmurray, @natalia, @sergiusens and @Wimpress - can one/all of you vote on this?

alexmurray · October 2, 2018, 1:46am

Not directly related to the request for interfaces - but can you instead use the udisks2 interface to get the SMART data? This then might require less specific access for hw-probe itself.

jdstrand · October 9, 2018, 2:00pm

@linuxhw - can you answer @alexmurray’s question?

@alexmurray, @natalia, @sergiusens and @Wimpress - can one/all of you vote on this?

linuxhw · October 9, 2018, 8:18pm

@alexmurray @jdstrand

Currently I’m learning how to query SMART attributes via DBus [1, 2] or udisksctl. But this is a temp solution. I’m looking forward to get report of smartctl -x /dev/sdX in future since it’s used in the HDD/SSD Real-Life Reliability Test study and by the smartmontools project team to improve drivesdb.h.

Thank you.

jdstrand · October 18, 2018, 4:14pm

Now that Alex’s question was answered, @alexmurray, @natalia, @sergiusens and @Wimpress - can one/all of you vote on this?

alexmurray · October 18, 2018, 11:32pm

@jdstrand - I concur with your votes above (-1 raw-usb and physical-memory-observe, +1 hardware-observe mount-observe network-observe system-observe upower-observe log-observe)

jdstrand · October 19, 2018, 11:52am

2 vote for and 0 votes against:

hardware-observe
mount-observe
network-observe
system-observe
upower-observe
log-observe

Granting use of these interfaces. This is now live.

0 votes for and 2 votes against physical-memory-observe and raw-usb.