Hei,
we have a custom snapcraft, which runs actually docker/kubernetes. We need to be able to kill the pods we’ve created and this requires sending a kill signal. However, snap is now blocking that.
= AppArmor =
Time: May 29 13:22:52
Log: apparmor="DENIED" operation="signal" profile="docker-default" pid=17618 comm="docker-runc" requested_mask="receive" denied_mask="receive" signal=kill peer="snap.pelion-edge.dockerd"
Signal: kill (receive)
Suggestions:
* add 'process-control' to 'plugs'
* adjust program to only send signals to itself
Is there any way around this? I have already given the plug process-control and it’s also visible in the snap connections list.
$ snap connections |grep process-control
process-control pelion-edge:process-control :process-control manual