Our app uses QtWebEngine version 5.11.2 which we recompile by ourselves.
However, it seems that Chromium (which is bundled into QtWebEngine) is blocked by AppArmor:
= AppArmor = Time: Sep 19 10:30:05 Log: apparmor="DENIED" operation="open" profile="snap.webots.webots" name="/sys/devices/pci0000:00/0000:00:17.0/resource" pid=2918 comm="webots-bin" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 File: /sys/devices/pci0000:00/0000:00:17.0/resource (read) Suggestions: * adjust program to not access '/sys/devices/pci0000:00/0000:00:17.0/resource' * adjust program to not access '/sys/devices/pci[0-9]*:[0-9]*/[0-9]*:[0-9]*:[0-9]*.[0-9]*/resource'
We can fix this problem with:
snap connect webots:hardware-observe
However, it’s a pity to request a auto-connect only for that.
I don’t know why QtWebEngine tries to read this PCI bus, but that seems unnecessary in our case (we don’t use webcams or other PCI related hardware in our application).
Are others experiencing the same problem with QtWebEngine?
Is there a recommended way to get a strictly confined app run with QtWebEngine without the need to auto-connect hardware-observe?