I have a post-refresh hook in place for my snap.
It generates the following strict confinement warning:
Log: apparmor=“ALLOWED” operation=“capable” info=“optional: no audit” error=-1 profile=“snap.epi-zaphost.hook.post-refresh” pid=31521 comm=“snap-exec” capability=12 capname=“net_admin”
adjust program to not require ‘CAP_NET_ADMIN’ (see ‘man 7 capabilities’)
add one of ‘bluetooth-control, firewall-control, netlink-audit, netlink-connector, network-control’ to ‘plugs’
do nothing if using systemd utility (eg, timedatectl): Managing time, date and timezone in Ubuntu Core
do nothing (https://launchpad.net/bugs/1465724)
I removed everything from my post refresh hook script but it seems just the presence of the script causes the warning.
Is there a known issue here?
Because the operation is ALLOWED does it mean I can ignore it?