@jdstrand / @lucyllewy – If I may ask: What’s the current status of /dev/shm access for confined snaps? I’ve read this topic as well as Shared memory in /dev/shm rewriting and saw the app armor exceptions for FF/Chrome in this commit by jdstrand.
Background: I’ve built a snap for WPE Webkit intended as a kiosk browser on mir-kiosk. All works fine if I use snapcraft-preload + a desktop-launcher, but that slows down startup considerably from ~1s to about 10s. Without preload/launch, logs indicate that WPE can’t access /dev/shm and thus fails to run properly (e.g. can’t find libraries and is just overall unpredictable). I’m rather new to this, so maybe its my fault for missing something obvious, but I was wondering if there’s maybe just a tiny issue I’m oblivious to.
Log message without snapcraft-preload + desktop-launch:
2019-05-15T12:20:18Z wpe-webkit-mir-kiosk.browser[27748]: Failed to create shared memory file /WK2SharedMemory.3252455929: Permission denied