File permissions issue on virtual machine running Ubuntu 16lts Server with non-root user


#1

I have a user trying to install nift/nsm on a virtual machine running Ubuntu Server 16lts using a non-root user and nift doesn’t seem to be able to create files or set email/username settings with Git. I’ve had them try both ‘snap install nift’ and ‘sudo snap install nift’.

The problem comes with trying to run:

nift clone https://n-ham@bitbucket.org/html5up-nsm-templates/dimension.git

It works fine on my machine (ubuntu 18.04 on a macbook air with root user), both using sudo and without. I’m guessing it’s a problem with snap setting up home:network, but I’m not really sure. Does anyone have any ideas on what the problem might be?

They do get the following when installing snapd

	The following NEW packages will be installed:
  snapd
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 13.1 MB of archives.
After this operation, 63.4 MB of additional disk space will be used.
Get:1 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 snapd amd64 2.40 [13.1 MB]
Fetched 13.1 MB in 2s (4,672 kB/s)
Selecting previously unselected package snapd.
(Reading database ... 92697 files and directories currently installed.)
Preparing to unpack .../archives/snapd_2.40_amd64.deb ...
Unpacking snapd (2.40) ...
Processing triggers for mime-support (3.59ubuntu1) ...
Processing triggers for man-db (2.7.5-1) ...
Setting up snapd (2.40) ...
md5sum: /etc/apparmor.d/usr.lib.snapd.snap-confine: No such file or directory
snapd.failure.service is a disabled or a static unit, not starting it.
snapd.snap-repair.service is a disabled or a static unit, not starting it.

#2

Where is nift trying to save the files (presumably it’s checking out a git repository)? If it is a user-defined location such as “Current working directory” then they are likely executing the command from a directory that is not permitted by the apparmor rules (set up by the interfaces that you plug).


#3

I will check with them and report back, thanks for responding :).


#4

They never got back to me, it’s a fairly uncommon edge case anyway so probably nothing to really worry about for the moment.