I’ve created some snap based on GStreamer and when running it on Raspberry Pi I see huge amount of repeated audit errors in /var/log/kern.log and almost 100% CPU load
That’s ppoll_time64. The seccomp system will cause the app to see a “permission denied” response and might not be an issue other than noise in the logs.
I’ve moved this thread to the snapd topic so that a snapd developer can weigh-in about whether this syscall should be added to the whitelist or an appropriate interface.
There you go, your snapd is very outdated … i’m not sure if RaspiOS supports re-exec but you could try installing the snapd snap to get to a newer version.
well, no idea what the update philosophy of RaspiOS is … but it is likely they take a snapshot of the debian archive at some point in time and then stabilize that for their hacks and patches … so it might not get updated at all … you got to ask them
but try installing the snapd snap and see if it re-execs (current snapd is at 2.51)
pi@raspberrypi:~ $ sudo snap install core18
core18 20210611 from Canonical✓ installed
pi@raspberrypi:~ $ sudo snap install snapd
error: cannot install "snapd": cannot install snapd snap on a model without a base snap yet
well, pehaps i’m recommending something wrong here, lets see if @mborzecki has another hint … i know using the snapd snap should work on plain debian …
pi@raspberrypi:~ $ SNAPD_DEBUG=1 snap run hello-world
2021/06/28 10:26:03.933666 cmd_linux.go:212: DEBUG: restarting into "/snap/core/current/usr/bin/snap"
So the snap command reexecs into the core snap. Can you do snap list core? And maybe followed by snap refresh core, and finally run snap version and attach the output?