soarc
1
Hi,
I’m want to make chameleon snap classic. The main reason why I want classic - I wasn’t able to run properly under strict confinment.
Here are some technical details. Chameleon is electron app, which spawns aspnet core 3.0 self contained back-end for serving its UI content.
With devmode app runs perfectly, but with strict backend child process fails to start.
I was able to track down problem to this syslog message
SECCOMP auid=1000 uid=1000 gid=1000 ses=1 pid=4917 comm="chameleon-backe" exe="/snap/chameleon/7/resources/backend/chameleon-backend" sig=0 arch=c000003e syscall=203 compat=0 ip=0x7fd4de28cef7 code=0x50000
As I understand dotnetcore calls sched_setaffinity kernel function, which is not allowed by seccomp rules and i don’t have any control on it 
Hello,
Have you tried using the process-control interface which provides access to that syscall?
soarc
3
Yes. But it didn’t help. Maybe I did something wrong.
gor@ubuntux64vm:~/Desktop/chameleon-browser/cert$ snap connections chameleon
Interface Plug Slot Notes
browser-support chameleon:browser-support :browser-support -
content[gnome-3-28-1804] chameleon:gnome-3-28-1804 gnome-3-28-1804:gnome-3-28-1804 -
content[gtk-3-themes] chameleon:gtk-3-themes gtk-common-themes:gtk-3-themes -
content[icon-themes] chameleon:icon-themes gtk-common-themes:icon-themes -
content[sound-themes] chameleon:sound-themes gtk-common-themes:sound-themes -
desktop chameleon:desktop :desktop -
desktop-legacy chameleon:desktop-legacy :desktop-legacy -
gsettings chameleon:gsettings :gsettings -
home chameleon:home :home -
network chameleon:network :network -
opengl chameleon:opengl :opengl -
process-control chameleon:process-control - -
pulseaudio chameleon:pulseaudio :pulseaudio -
unity7 chameleon:unity7 :unity7 -
wayland chameleon:wayland :wayland -
x11 chameleon:x11 :x11
That output indicates the interface is not connected. You need to connect the interface with:
$ snap connect chameleon:process-control
1 Like
soarc
5
That helps. But how can I make that interface auto-connects? So my users should not do that manually.
soarc
6
Found the doc describing auto-connect process. @ijohnson thanks for help. I will create another thread for requesting auto-connect.
You can re-use this topic if you’d prefer, that’s quite common.
