Is there a way to solve this warning from a snap running in strict confinement (o/p from snappy-debug)
Log: apparmor=“DENIED” operation=“open” profile=“snap.epi-logstream.main” name="/proc/5466/coredump_filter" pid=5467 comm=“java” requested_mask=“wr” denied_mask=“wr” fsuid=1000 ouid=1000 File: /proc/5466/coredump_filter (write) Suggestion:
* adjust program to not access ‘@{PROC}/@{pid}/coredump_filter’
I am currently using the following plugs:
# Define a system-files plug
# The java program needs read access to /sys/fs/cgroup/memory
plugs:
sys-cgroup-memory-files:
interface: system-files
read:
- /sys/fs/cgroup/memory
apps:
main:
command: bin/wrapper
daemon: simple
restart-condition: always
plugs:
- daemon-notify
- log-observe
- microstack-support
- mount-observe
- network
- network-bind
- network-control
- system-observe
- system-trace
- sys-cgroup-memory-files
- time-control