Problems with snap install/snap remove in CentOS 8

snapd
1

I recently installed the Nvidia drivers on my CentOS 8 Installation. This caused CentOS 8 to force X11 instead of Wayland. And with this came problems with snap.

I previously installed snapd when I used Wayland and nouveau and everything worked fine. But after the Nvidia drivers was installed, I could not find my snaps anymore. So I purged the system of anything related to snap and snapd and tried to re-install.

Installing snapd

First, some details about my system:

System information (click to view) 
$ snap version
snap    2.43.3-1.el8
snapd   2.43.3-1.el8
series  16
centos  8
kernel  4.18.0-147.5.1.el8_1.x86_64

$ uname -a
Linux 4.18.0-147.5.1.el8_1.x86_64 #1 SMP Wed Feb 5 02:00:39 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux

$ cat /etc/os-release
NAME="CentOS Linux"
VERSION="8 (Core)"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="8"
PLATFORM_ID="platform:el8"
PRETTY_NAME="CentOS Linux 8 (Core)"
CPE_NAME="cpe:/o:centos:centos:8"

$ bash --version | grep version
GNU bash, version 4.4.19(1)-release (x86_64-redhat-linux-gnu)

Gnome Version 3.32.2

I have tried to install snap both using sudo, and without (having to enter the password in elevated mode). Bot produce errors, albeit different ones:

Installation process (click to view)

I install as follows:

# dnf install snap

I follow the written instructions here:

# systemctl enable --now snapd.socket
# ln -s /var/lib/snapd/snap /snap

Then I check my paths:

$ printenv PATH
/home/MYUSER/.local/bin:/home/MYUSER/bin:/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/var/lib/snapd/snap/bin
# printenv PATH
/sbin:/bin:/usr/sbin:/usr/bin:/var/lib/snapd/snap/bin

Note: I had to add snap to visudo (secure_path) manually. Which I read about somewhere here on the forum.

As you can see, everything checks out so far. The problems start when I try to install snaps (snap-store as example):

Installing snap-store

How I install snap-store (click to view)

I can now install snap-store, if I do

$ snap install snap-store

It fetch core18, gnome-3-28-1804 and gtk-common-themes, before it grabs snap-store. It returns:

snap-store 20191114.a9948d5 from Canonical✓ installed

Out of the gate, I cannot find it in Applications or by searching for it in Gnome. And when I try to run it from the terminal, I get this:

11:32:14:0511 Gtk Failed to load module "pk-gtk-module"
11:32:14:0514 Gtk Failed to load module "pk-gtk-module"
11:32:14:0569 Gs  enabled plugins: odrs, rewrite-resource, snap, icons, key-colors, key-colors-metadata
11:32:14:0569 Gs  disabled plugins: appstream, desktop-categories, desktop-menu-path, dpkg, dummy, epiphany, fedora-pkgdb-collections, generic-updates, hardcoded-blacklist, hardcoded-featured, hardcoded-popular, modalias, os-release, provenance, provenance-license, repos, shell-extensions
11:32:52:0323 Gs  failed to create an app for */*/*/*/system/*
11:32:52:0324 Gs  updates-shell: failed to get updates: no plugin could handle get-updates
11:32:52:0324 Gs  failed to create an app for */*/*/*/system/*
11:32:52:0324 Gs  failed to get system app
11:32:52:0328 GsPluginSnap Failed to load snap icon: local snap has no icon

However, the snap-store loads, and I can search for things. But this does not add snap-store to the app launcher as expected either - and it is not obvious to me that snap-store was properly installed.

Removing snap-store

Removal process (click to view)

removing snap-store with the command

$ snap remove snap-store

will produce

snap-store removed

But also a load of SELinux, such as:

The source process /usr/libexec/snap/snapd 
Attempted this access: rmdir 
On this directory: dconf

Here are all the alerts I get:

image

Installing Spotify

Installation process (click to view)

If I try to install Spotify, I do not get any errors in the terminal, but it is not added to app launcher. If I start with snap run spotify I get the following messages:

Gtk-Message: 13:19:20.757: Failed to load module "pk-gtk-module"
Gtk-Message: 13:19:20.758: Failed to load module "canberra-gtk-module"

If I also drop the spotify folder i backed up from my home directory under ~/snap/ It will reuse the old session and I am logged in to my spotify account, so there seems that snapd is correctly linking the snaps to the configs located there.

Notes on sudo

If I do the sudo route as instructed in the documentation, I get a totally different set of issues:

# snap install snap-store
# snap run snap-store

I get this:

11:49:25:0897 GLib-GIO g_app_info_get_name: assertion 'G_IS_APP_INFO (appinfo)' failed
11:49:25:0925 Gtk Failed to load module "pk-gtk-module"
11:49:25:0928 Gtk Failed to load module "pk-gtk-module"
11:49:25:0928 GLib-GIO g_dbus_proxy_new_sync: assertion 'G_IS_DBUS_CONNECTION (connection)' failed
11:49:25:0938 Gs  enabled plugins: odrs, rewrite-resource, snap, icons, key-colors, key-colors-metadata
11:49:25:0938 Gs  disabled plugins: appstream, desktop-categories, desktop-menu-path, dpkg, dummy, epiphany, fedora-pkgdb-collections, generic-updates, hardcoded-blacklist, hardcoded-featured, hardcoded-popular, modalias, os-release, provenance, provenance-license, repos, shell-extensions
Segmentation fault

and I also get the same SELinux problems when I remove snap-store using sudo.

Is there anyone who can shed a light on what I am doing wrong here? I have no clue why snapd fails to add the icons and links in applauncher, and I dont understand why I am seeing these errors during run.

2

At least, I can add the snaps to Desktop by using the following command in terminal:

$ ln -s /var/lib/snapd/desktop/applications/ ~/.local/share/applications/snap

Why this fails when installing snapd is beyond me, unfortunately.

3

The location of desktop files from snaps is added to your enviornment via /usr/lib/environment.d, which in turn is read by systemd-environment-d-generator. It’s also added to the shell env via a drop-in file in /etc/profile.d. Maybe you need to restart your session to it to be picked up?

As for SELinux denials on remove, we’ve made some tweaks in the policy for 2.44 (to be released soonish) which should make some of those go away. For reference can you post the output of ausearch -m AVC from around the time you removed the snap? (with -ts -te switches you should be able to limit the log to a very specific time window).

4

Thank you for the reply, much appreciated.

After I purged and re-installed, I did a full reboot, just to make sure. Which is why I do not understand why I am having these issues.

As for your request, here they are.

Click to view the log 
----
time->Wed Mar 11 12:04:50 2020
type=PROCTITLE msg=audit(1583924690.032:305): proctitle=2F7573722F6C6962657865632F736E6170642F736E61702D7570646174652D6E7300736E61702D73746F7265
type=SYSCALL msg=audit(1583924690.032:305): arch=c000003e syscall=257 success=yes exit=8 a0=7 a1=c0001330a0 a2=b0000 a3=0 items=0 ppid=9388 pid=19014 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="snap-update-ns" exe="/usr/libexec/snapd/snap-update-ns" subj=system_u:system_r:snappy_mount_t:s0 key=(null)
type=AVC msg=audit(1583924690.032:305): avc:  denied  { read } for  pid=19014 comm="snap-update-ns" name="snap" dev="dm-1" ino=3139766 scontext=system_u:system_r:snappy_mount_t:s0 tcontext=system_u:object_r:snappy_var_lib_t:s0 tclass=dir permissive=1
----
time->Wed Mar 11 12:04:50 2020
type=PROCTITLE msg=audit(1583924690.032:306): proctitle=2F7573722F6C6962657865632F736E6170642F736E61702D7570646174652D6E7300736E61702D73746F7265
type=SYSCALL msg=audit(1583924690.032:306): arch=c000003e syscall=165 success=yes exit=0 a0=c000133250 a1=c000196460 a2=c000133256 a3=0 items=0 ppid=9388 pid=19014 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="snap-update-ns" exe="/usr/libexec/snapd/snap-update-ns" subj=system_u:system_r:snappy_mount_t:s0 key=(null)
type=AVC msg=audit(1583924690.032:306): avc:  denied  { mount } for  pid=19014 comm="snap-update-ns" name="/" dev="tmpfs" ino=482983 scontext=system_u:system_r:snappy_mount_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=filesystem permissive=1
----
time->Wed Mar 11 12:04:50 2020
type=PROCTITLE msg=audit(1583924690.032:307): proctitle=2F7573722F6C6962657865632F736E6170642F736E61702D7570646174652D6E7300736E61702D73746F7265
type=SYSCALL msg=audit(1583924690.032:307): arch=c000003e syscall=257 success=yes exit=10 a0=9 a1=c0001332a8 a2=b0000 a3=0 items=0 ppid=9388 pid=19014 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="snap-update-ns" exe="/usr/libexec/snapd/snap-update-ns" subj=system_u:system_r:snappy_mount_t:s0 key=(null)
type=AVC msg=audit(1583924690.032:307): avc:  denied  { read } for  pid=19014 comm="snap-update-ns" name="/" dev="tmpfs" ino=482983 scontext=system_u:system_r:snappy_mount_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=dir permissive=1
----
time->Wed Mar 11 12:04:50 2020
type=PROCTITLE msg=audit(1583924690.032:308): proctitle=2F7573722F6C6962657865632F736E6170642F736E61702D7570646174652D6E7300736E61702D73746F7265
type=SYSCALL msg=audit(1583924690.032:308): arch=c000003e syscall=258 success=yes exit=0 a0=a a1=c0001332ac a2=1ed a3=0 items=0 ppid=9388 pid=19014 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="snap-update-ns" exe="/usr/libexec/snapd/snap-update-ns" subj=system_u:system_r:snappy_mount_t:s0 key=(null)
type=AVC msg=audit(1583924690.032:308): avc:  denied  { create } for  pid=19014 comm="snap-update-ns" name="bin" scontext=system_u:system_r:snappy_mount_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=dir permissive=1
type=AVC msg=audit(1583924690.032:308): avc:  denied  { add_name } for  pid=19014 comm="snap-update-ns" name="bin" scontext=system_u:system_r:snappy_mount_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=dir permissive=1
type=AVC msg=audit(1583924690.032:308): avc:  denied  { write } for  pid=19014 comm="snap-update-ns" name="/" dev="tmpfs" ino=482983 scontext=system_u:system_r:snappy_mount_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=dir permissive=1
----
time->Wed Mar 11 12:04:50 2020
type=PROCTITLE msg=audit(1583924690.032:309): proctitle=2F7573722F6C6962657865632F736E6170642F736E61702D7570646174652D6E7300736E61702D73746F7265
type=SYSCALL msg=audit(1583924690.032:309): arch=c000003e syscall=93 success=yes exit=0 a0=7 a1=0 a2=0 a3=0 items=0 ppid=9388 pid=19014 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="snap-update-ns" exe="/usr/libexec/snapd/snap-update-ns" subj=system_u:system_r:snappy_mount_t:s0 key=(null)
type=AVC msg=audit(1583924690.032:309): avc:  denied  { setattr } for  pid=19014 comm="snap-update-ns" name="bin" dev="tmpfs" ino=482984 scontext=system_u:system_r:snappy_mount_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=dir permissive=1
----
time->Wed Mar 11 12:04:50 2020
type=PROCTITLE msg=audit(1583924690.032:310): proctitle=2F7573722F6C6962657865632F736E6170642F736E61702D7570646174652D6E7300736E61702D73746F7265
type=SYSCALL msg=audit(1583924690.032:310): arch=c000003e syscall=165 success=yes exit=0 a0=c0001964c0 a1=c0001964e0 a2=c000133328 a3=5000 items=0 ppid=9388 pid=19014 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="snap-update-ns" exe="/usr/libexec/snapd/snap-update-ns" subj=system_u:system_r:snappy_mount_t:s0 key=(null)
type=AVC msg=audit(1583924690.032:310): avc:  denied  { mounton } for  pid=19014 comm="snap-update-ns" path="/snap/snap-store/209/bin" dev="tmpfs" ino=482984 scontext=system_u:system_r:snappy_mount_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=dir permissive=1
----
time->Wed Mar 11 12:04:50 2020
type=PROCTITLE msg=audit(1583924690.032:311): proctitle=2F7573722F6C6962657865632F736E6170642F736E61702D7570646174652D6E7300736E61702D73746F7265
type=SYSCALL msg=audit(1583924690.032:311): arch=c000003e syscall=257 success=yes exit=7 a0=a a1=c000196500 a2=a00c0 a3=1ed items=0 ppid=9388 pid=19014 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="snap-update-ns" exe="/usr/libexec/snapd/snap-update-ns" subj=system_u:system_r:snappy_mount_t:s0 key=(null)
type=AVC msg=audit(1583924690.032:311): avc:  denied  { read open } for  pid=19014 comm="snap-update-ns" path="/snap/snap-store/209/command-snap-store.wrapper" dev="tmpfs" ino=482986 scontext=system_u:system_r:snappy_mount_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=file permissive=1
type=AVC msg=audit(1583924690.032:311): avc:  denied  { create } for  pid=19014 comm="snap-update-ns" name="command-snap-store.wrapper" scontext=system_u:system_r:snappy_mount_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=file permissive=1
----
time->Wed Mar 11 12:04:50 2020
type=PROCTITLE msg=audit(1583924690.032:312): proctitle=2F7573722F6C6962657865632F736E6170642F736E61702D7570646174652D6E7300736E61702D73746F7265
type=SYSCALL msg=audit(1583924690.032:312): arch=c000003e syscall=93 success=yes exit=0 a0=7 a1=0 a2=0 a3=0 items=0 ppid=9388 pid=19014 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="snap-update-ns" exe="/usr/libexec/snapd/snap-update-ns" subj=system_u:system_r:snappy_mount_t:s0 key=(null)
type=AVC msg=audit(1583924690.032:312): avc:  denied  { setattr } for  pid=19014 comm="snap-update-ns" name="command-snap-store.wrapper" dev="tmpfs" ino=482986 scontext=system_u:system_r:snappy_mount_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=file permissive=1
----
time->Wed Mar 11 12:04:50 2020
type=PROCTITLE msg=audit(1583924690.032:313): proctitle=2F7573722F6C6962657865632F736E6170642F736E61702D7570646174652D6E7300736E61702D73746F7265
type=SYSCALL msg=audit(1583924690.032:313): arch=c000003e syscall=5 success=yes exit=0 a0=b a1=c00018b290 a2=0 a3=0 items=0 ppid=9388 pid=19014 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="snap-update-ns" exe="/usr/libexec/snapd/snap-update-ns" subj=system_u:system_r:snappy_mount_t:s0 key=(null)
type=AVC msg=audit(1583924690.032:313): avc:  denied  { getattr } for  pid=19014 comm="snap-update-ns" path="/snap/snap-store/209/command-snap-store.wrapper" dev="tmpfs" ino=482986 scontext=system_u:system_r:snappy_mount_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=file permissive=1
----
time->Wed Mar 11 12:04:50 2020
type=PROCTITLE msg=audit(1583924690.032:314): proctitle=2F7573722F6C6962657865632F736E6170642F736E61702D7570646174652D6E7300736E61702D73746F7265
type=SYSCALL msg=audit(1583924690.032:314): arch=c000003e syscall=165 success=yes exit=0 a0=c000196560 a1=c000196580 a2=c000133410 a3=1000 items=0 ppid=9388 pid=19014 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="snap-update-ns" exe="/usr/libexec/snapd/snap-update-ns" subj=system_u:system_r:snappy_mount_t:s0 key=(null)
type=AVC msg=audit(1583924690.032:314): avc:  denied  { mounton } for  pid=19014 comm="snap-update-ns" path="/snap/snap-store/209/command-snap-store.wrapper" dev="tmpfs" ino=482986 scontext=system_u:system_r:snappy_mount_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=file permissive=1
----
time->Wed Mar 11 12:04:50 2020
type=PROCTITLE msg=audit(1583924690.050:315): proctitle=2F7573722F6C6962657865632F736E6170642F736E61702D7570646174652D6E7300736E61702D73746F7265
type=SYSCALL msg=audit(1583924690.050:315): arch=c000003e syscall=165 success=yes exit=0 a0=c000133d50 a1=c000196960 a2=c000133d55 a3=1021 items=0 ppid=9388 pid=19014 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="snap-update-ns" exe="/usr/libexec/snapd/snap-update-ns" subj=system_u:system_r:snappy_mount_t:s0 key=(null)
type=AVC msg=audit(1583924690.050:315): avc:  denied  { remount } for  pid=19014 comm="snap-update-ns" scontext=system_u:system_r:snappy_mount_t:s0 tcontext=system_u:object_r:snappy_snap_t:s0 tclass=filesystem permissive=1
----
time->Wed Mar 11 12:04:50 2020
type=PROCTITLE msg=audit(1583924690.113:316): proctitle=2F7573722F6C6962657865632F736E6170642F736E61702D7570646174652D6E7300736E61702D73746F7265
type=SYSCALL msg=audit(1583924690.113:316): arch=c000003e syscall=263 success=yes exit=0 a0=ffffffffffffff9c a1=c00012d740 a2=200 a3=0 items=0 ppid=9388 pid=19028 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="snap-update-ns" exe="/usr/libexec/snapd/snap-update-ns" subj=system_u:system_r:snappy_mount_t:s0 key=(null)
type=AVC msg=audit(1583924690.113:316): avc:  denied  { rmdir } for  pid=19028 comm="snap-update-ns" name="var" dev="tmpfs" ino=482994 scontext=system_u:system_r:snappy_mount_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=dir permissive=1
type=AVC msg=audit(1583924690.113:316): avc:  denied  { remove_name } for  pid=19028 comm="snap-update-ns" name="var" dev="tmpfs" ino=482994 scontext=system_u:system_r:snappy_mount_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=dir permissive=1
----
time->Wed Mar 11 12:04:50 2020
type=PROCTITLE msg=audit(1583924690.170:317): proctitle=2F7573722F6C6962657865632F736E6170642F736E61702D7570646174652D6E7300736E61702D73746F7265
type=SYSCALL msg=audit(1583924690.170:317): arch=c000003e syscall=263 success=yes exit=0 a0=ffffffffffffff9c a1=c000019830 a2=0 a3=0 items=0 ppid=9388 pid=19028 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="snap-update-ns" exe="/usr/libexec/snapd/snap-update-ns" subj=system_u:system_r:snappy_mount_t:s0 key=(null)
type=AVC msg=audit(1583924690.170:317): avc:  denied  { unlink } for  pid=19028 comm="snap-update-ns" name="flavor-select" dev="tmpfs" ino=482988 scontext=system_u:system_r:snappy_mount_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=file permissive=1
----
time->Wed Mar 11 12:04:50 2020
type=PROCTITLE msg=audit(1583924690.287:320): proctitle=746172002D2D637265617465002D2D737061727365002D2D677A6970002D2D6469726563746F7279002F686F6D652F6F6C65642F736E61702F736E61702D73746F72652F0032303900636F6D6D6F6E
type=SYSCALL msg=audit(1583924690.287:320): arch=c000003e syscall=262 success=yes exit=0 a0=a a1=55e04ab6777f a2=7ffd5c2fceb8 a3=100 items=0 ppid=19042 pid=19043 auid=4294967295 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=(none) ses=4294967295 comm="tar" exe="/usr/bin/tar" subj=system_u:system_r:snappy_t:s0 key=(null)
type=AVC msg=audit(1583924690.287:320): avc:  denied  { getattr } for  pid=19043 comm="tar" path="/home/XXXXXXXXXX/snap/snap-store/209/.config/user-dirs.locale" dev="dm-3" ino=1611381206 scontext=system_u:system_r:snappy_t:s0 tcontext=unconfined_u:object_r:config_home_t:s0 tclass=file permissive=1
----
time->Wed Mar 11 12:04:50 2020
type=PROCTITLE msg=audit(1583924690.287:321): proctitle=746172002D2D637265617465002D2D737061727365002D2D677A6970002D2D6469726563746F7279002F686F6D652F6F6C65642F736E61702F736E61702D73746F72652F0032303900636F6D6D6F6E
type=SYSCALL msg=audit(1583924690.287:321): arch=c000003e syscall=257 success=yes exit=11 a0=a a1=55e04ab6777f a2=a0900 a3=0 items=0 ppid=19042 pid=19043 auid=4294967295 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=(none) ses=4294967295 comm="tar" exe="/usr/bin/tar" subj=system_u:system_r:snappy_t:s0 key=(null)
type=AVC msg=audit(1583924690.287:321): avc:  denied  { open } for  pid=19043 comm="tar" path="/home/XXXXXXXXXX/snap/snap-store/209/.config/user-dirs.locale" dev="dm-3" ino=1611381206 scontext=system_u:system_r:snappy_t:s0 tcontext=unconfined_u:object_r:config_home_t:s0 tclass=file permissive=1
type=AVC msg=audit(1583924690.287:321): avc:  denied  { read } for  pid=19043 comm="tar" name="user-dirs.locale" dev="dm-3" ino=1611381206 scontext=system_u:system_r:snappy_t:s0 tcontext=unconfined_u:object_r:config_home_t:s0 tclass=file permissive=1
----
time->Wed Mar 11 12:04:50 2020
type=PROCTITLE msg=audit(1583924690.406:324): proctitle="/usr/libexec/snapd/snapd"
type=SYSCALL msg=audit(1583924690.406:324): arch=c000003e syscall=263 success=yes exit=0 a0=d a1=c0004beb60 a2=0 a3=0 items=0 ppid=1 pid=9388 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="snapd" exe="/usr/libexec/snapd/snapd" subj=system_u:system_r:snappy_t:s0 key=(null)
type=AVC msg=audit(1583924690.406:324): avc:  denied  { unlink } for  pid=9388 comm="snapd" name="user-dirs.locale" dev="dm-3" ino=1611381206 scontext=system_u:system_r:snappy_t:s0 tcontext=unconfined_u:object_r:config_home_t:s0 tclass=file permissive=1
----
time->Wed Mar 11 12:04:50 2020
type=PROCTITLE msg=audit(1583924690.409:325): proctitle="/usr/libexec/snapd/snapd"
type=SYSCALL msg=audit(1583924690.409:325): arch=c000003e syscall=262 success=yes exit=0 a0=c a1=c000336f20 a2=c0003fba20 a3=100 items=0 ppid=1 pid=9388 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="snapd" exe="/usr/libexec/snapd/snapd" subj=system_u:system_r:snappy_t:s0 key=(null)
type=AVC msg=audit(1583924690.409:325): avc:  denied  { getattr } for  pid=9388 comm="snapd" path="/run/user/1000/snap.snap-store/dconf" dev="tmpfs" ino=484910 scontext=system_u:system_r:snappy_t:s0 tcontext=unconfined_u:object_r:config_home_t:s0 tclass=dir permissive=1
----
time->Wed Mar 11 12:04:50 2020
type=PROCTITLE msg=audit(1583924690.409:326): proctitle="/usr/libexec/snapd/snapd"
type=SYSCALL msg=audit(1583924690.409:326): arch=c000003e syscall=257 success=yes exit=13 a0=c a1=c000336f26 a2=80000 a3=0 items=0 ppid=1 pid=9388 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="snapd" exe="/usr/libexec/snapd/snapd" subj=system_u:system_r:snappy_t:s0 key=(null)
type=AVC msg=audit(1583924690.409:326): avc:  denied  { open } for  pid=9388 comm="snapd" path="/run/user/1000/snap.snap-store/dconf" dev="tmpfs" ino=484910 scontext=system_u:system_r:snappy_t:s0 tcontext=unconfined_u:object_r:config_home_t:s0 tclass=dir permissive=1
type=AVC msg=audit(1583924690.409:326): avc:  denied  { read } for  pid=9388 comm="snapd" name="dconf" dev="tmpfs" ino=484910 scontext=system_u:system_r:snappy_t:s0 tcontext=unconfined_u:object_r:config_home_t:s0 tclass=dir permissive=1
----
time->Wed Mar 11 12:04:50 2020
type=PROCTITLE msg=audit(1583924690.409:327): proctitle="/usr/libexec/snapd/snapd"
type=SYSCALL msg=audit(1583924690.409:327): arch=c000003e syscall=263 success=yes exit=0 a0=d a1=c000336f40 a2=0 a3=0 items=0 ppid=1 pid=9388 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="snapd" exe="/usr/libexec/snapd/snapd" subj=system_u:system_r:snappy_t:s0 key=(null)
type=AVC msg=audit(1583924690.409:327): avc:  denied  { remove_name } for  pid=9388 comm="snapd" name="user" dev="tmpfs" ino=484911 scontext=system_u:system_r:snappy_t:s0 tcontext=unconfined_u:object_r:config_home_t:s0 tclass=dir permissive=1
type=AVC msg=audit(1583924690.409:327): avc:  denied  { write } for  pid=9388 comm="snapd" name="dconf" dev="tmpfs" ino=484910 scontext=system_u:system_r:snappy_t:s0 tcontext=unconfined_u:object_r:config_home_t:s0 tclass=dir permissive=1
type=AVC msg=audit(1583924690.409:327): avc:  denied  { search } for  pid=9388 comm="snapd" name="dconf" dev="tmpfs" ino=484910 scontext=system_u:system_r:snappy_t:s0 tcontext=unconfined_u:object_r:config_home_t:s0 tclass=dir permissive=1
----
time->Wed Mar 11 12:04:50 2020
type=PROCTITLE msg=audit(1583924690.409:328): proctitle="/usr/libexec/snapd/snapd"
type=SYSCALL msg=audit(1583924690.409:328): arch=c000003e syscall=263 success=yes exit=0 a0=c a1=c000336f46 a2=200 a3=0 items=0 ppid=1 pid=9388 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="snapd" exe="/usr/libexec/snapd/snapd" subj=system_u:system_r:snappy_t:s0 key=(null)
type=AVC msg=audit(1583924690.409:328): avc:  denied  { rmdir } for  pid=9388 comm="snapd" name="dconf" dev="tmpfs" ino=484910 scontext=system_u:system_r:snappy_t:s0 tcontext=unconfined_u:object_r:config_home_t:s0 tclass=dir permissive=1
----