Has anyone been able to make this work? The OVS snap available in the community doesn’t appear to work.
Can you identify the snap in question (openvswitch?) and describe in more detail what does not work? Do the snap services start? Do they fail with some permission error?
Hi @mborzecki:
Thanks for the quick response. I work with @serge_maskalik and I am running into issues using https://snapcraft.io/openvswitch
I am using a fresh installation of ubuntu core running on a KVM.
Installation is failing: Below is output.
bhuvaneshne@ubuntu:~$ sudo snap install --edge openvswitch
error: cannot perform the following tasks:
- Start snap "openvswitch" (14) services (systemctl command [start snap.openvswitch.ovs-vswitchd.service] failed with exit status 1: Job for snap.openvswitch.ovs-vswitchd.service failed because the control process exited with error code.
See "systemctl status snap.openvswitch.ovs-vswitchd.service" and "journalctl -xe" for details.
)
In the journalctl, I see that the apparmor is denying access - Parts in question is in snipped below. Also pasted full logs at end of this reply.
aa-status output below: Even though the installation failed, I see apparmor profiles persisting.
bhuvaneshne@ubuntu:~$ sudo aa-status
apparmor module is loaded.
21 profiles are loaded.
21 profiles are in enforce mode.
/snap/snapd/12398/usr/lib/snapd/snap-confine
/snap/snapd/12398/usr/lib/snapd/snap-confine//mount-namespace-capture-helper
/snap/snapd/14978/usr/lib/snapd/snap-confine
/snap/snapd/14978/usr/lib/snapd/snap-confine//mount-namespace-capture-helper
/usr/lib/NetworkManager/nm-dhcp-client.action
/usr/lib/NetworkManager/nm-dhcp-helper
/usr/lib/connman/scripts/dhclient-script
/{,usr/}sbin/dhclient
lsb_release
nvidia_modprobe
nvidia_modprobe//kmod
snap-update-ns.openvswitch
snap-update-ns.pc
snap.openvswitch.hook.install
snap.openvswitch.ovs-appctl
snap.openvswitch.ovs-dpctl
snap.openvswitch.ovs-ofctl
snap.openvswitch.ovs-vsctl
snap.openvswitch.ovs-vswitchd
snap.openvswitch.ovsdb-server
snap.pc.hook.configure
0 profiles are in complain mode.
0 processes have profiles defined.
0 processes are in enforce mode.
0 processes are in complain mode.
0 processes are unconfined but have a profile defined.
Since I am using ubuntu core and new to it, I am not aware of any methods to circumvent this. Can you please help guide.
Thanks much! -Bhuvan
------------------------- LOGS -----------------------
Mar 17 08:47:47 ubuntu sudo[1545]: bhuvaneshne : TTY=pts/0 ; PWD=/home/bhuvaneshne ; USER=root ; COMMAND=/usr/bin/snap install --edge openvswitch
Mar 17 08:47:47 ubuntu sudo[1545]: pam_unix(sudo:session): session opened for user root by bhuvaneshne(uid=0)
Mar 17 08:47:47 ubuntu snapd[823]: api_snaps.go:307: Installing snap "openvswitch" revision unset
Mar 17 08:47:48 ubuntu snapd[823]: storehelpers.go:721: cannot refresh: snap has no updates available: "core20", "pc", "pc-kernel"
Mar 17 08:47:55 ubuntu systemd[1]: Reloading.
Mar 17 08:47:55 ubuntu systemd[1]: Reloading.
Mar 17 08:47:55 ubuntu systemd[1]: Mounting Mount unit for openvswitch, revision 14...
Mar 17 08:47:55 ubuntu systemd[1]: Mounted Mount unit for openvswitch, revision 14.
Mar 17 08:47:56 ubuntu audit[1763]: AVC apparmor="STATUS" operation="profile_load" profile="unconfined" name="snap-update-ns.openvswitch" pid=1763 comm="apparmor_parser"
Mar 17 08:47:56 ubuntu kernel: kauditd_printk_skb: 3 callbacks suppressed
Mar 17 08:47:56 ubuntu kernel: audit: type=1400 audit(1647506876.325:15): apparmor="STATUS" operation="profile_load" profile="unconfined" name="snap-update-ns.openvswitch" pid=1763 comm="apparmor_parser"
Mar 17 08:47:56 ubuntu audit[1766]: AVC apparmor="STATUS" operation="profile_load" profile="unconfined" name="snap.openvswitch.ovs-dpctl" pid=1766 comm="apparmor_parser"
Mar 17 08:47:56 ubuntu kernel: audit: type=1400 audit(1647506876.405:16): apparmor="STATUS" operation="profile_load" profile="unconfined" name="snap.openvswitch.ovs-dpctl" pid=1766 comm="apparmor_parser"
Mar 17 08:47:56 ubuntu audit[1765]: AVC apparmor="STATUS" operation="profile_load" profile="unconfined" name="snap.openvswitch.ovs-appctl" pid=1765 comm="apparmor_parser"
Mar 17 08:47:56 ubuntu audit[1767]: AVC apparmor="STATUS" operation="profile_load" profile="unconfined" name="snap.openvswitch.ovs-ofctl" pid=1767 comm="apparmor_parser"
Mar 17 08:47:56 ubuntu kernel: audit: type=1400 audit(1647506876.413:17): apparmor="STATUS" operation="profile_load" profile="unconfined" name="snap.openvswitch.ovs-appctl" pid=1765 comm="apparmor_parser"
Mar 17 08:47:56 ubuntu kernel: audit: type=1400 audit(1647506876.417:18): apparmor="STATUS" operation="profile_load" profile="unconfined" name="snap.openvswitch.ovs-ofctl" pid=1767 comm="apparmor_parser"
Mar 17 08:47:56 ubuntu audit[1769]: AVC apparmor="STATUS" operation="profile_load" profile="unconfined" name="snap.openvswitch.ovs-vswitchd" pid=1769 comm="apparmor_parser"
Mar 17 08:47:56 ubuntu audit[1764]: AVC apparmor="STATUS" operation="profile_load" profile="unconfined" name="snap.openvswitch.hook.install" pid=1764 comm="apparmor_parser"
Mar 17 08:47:56 ubuntu audit[1768]: AVC apparmor="STATUS" operation="profile_load" profile="unconfined" name="snap.openvswitch.ovs-vsctl" pid=1768 comm="apparmor_parser"
Mar 17 08:47:56 ubuntu kernel: audit: type=1400 audit(1647506876.421:19): apparmor="STATUS" operation="profile_load" profile="unconfined" name="snap.openvswitch.ovs-vswitchd" pid=1769 comm="apparmor_parser"
Mar 17 08:47:56 ubuntu kernel: audit: type=1400 audit(1647506876.421:20): apparmor="STATUS" operation="profile_load" profile="unconfined" name="snap.openvswitch.hook.install" pid=1764 comm="apparmor_parser"
Mar 17 08:47:56 ubuntu kernel: audit: type=1400 audit(1647506876.421:21): apparmor="STATUS" operation="profile_load" profile="unconfined" name="snap.openvswitch.ovs-vsctl" pid=1768 comm="apparmor_parser"
Mar 17 08:47:56 ubuntu audit[1770]: AVC apparmor="STATUS" operation="profile_load" profile="unconfined" name="snap.openvswitch.ovsdb-server" pid=1770 comm="apparmor_parser"
Mar 17 08:47:56 ubuntu kernel: audit: type=1400 audit(1647506876.425:22): apparmor="STATUS" operation="profile_load" profile="unconfined" name="snap.openvswitch.ovsdb-server" pid=1770 comm="apparmor_parser"
Mar 17 08:47:56 ubuntu systemd[1]: Reloading.
Mar 17 08:47:57 ubuntu audit[1830]: AVC apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="/snap/snapd/14978/usr/lib/snapd/snap-confine" pid=1830 comm="apparmor_parser"
Mar 17 08:47:57 ubuntu audit[1830]: AVC apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="/snap/snapd/14978/usr/lib/snapd/snap-confine//mount-namespace-capture-helper" pid=1830 comm="apparmor_parser"
Mar 17 08:47:57 ubuntu kernel: audit: type=1400 audit(1647506877.529:23): apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="/snap/snapd/14978/usr/lib/snapd/snap-confine" pid=1830 comm="apparmor_parser"
Mar 17 08:47:57 ubuntu kernel: audit: type=1400 audit(1647506877.529:24): apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="/snap/snapd/14978/usr/lib/snapd/snap-confine//mount-namespace-capture-helper" pid=1830 comm="apparmor_parser"
Mar 17 08:47:57 ubuntu audit[1833]: AVC apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap.openvswitch.ovs-dpctl" pid=1833 comm="apparmor_parser"
Mar 17 08:47:57 ubuntu audit[1832]: AVC apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap.openvswitch.ovs-appctl" pid=1832 comm="apparmor_parser"
Mar 17 08:47:57 ubuntu audit[1835]: AVC apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap.openvswitch.ovs-vsctl" pid=1835 comm="apparmor_parser"
Mar 17 08:47:57 ubuntu audit[1837]: AVC apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap.openvswitch.ovsdb-server" pid=1837 comm="apparmor_parser"
Mar 17 08:47:57 ubuntu audit[1836]: AVC apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap.openvswitch.ovs-vswitchd" pid=1836 comm="apparmor_parser"
Mar 17 08:47:57 ubuntu audit[1834]: AVC apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap.openvswitch.ovs-ofctl" pid=1834 comm="apparmor_parser"
Mar 17 08:47:57 ubuntu audit[1839]: AVC apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="snap-update-ns.openvswitch" pid=1839 comm="apparmor_parser"
Mar 17 08:47:57 ubuntu audit[1840]: AVC apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="snap.openvswitch.hook.install" pid=1840 comm="apparmor_parser"
Mar 17 08:47:57 ubuntu systemd[1]: Started snap.openvswitch.hook.install.6668ea76-cdaa-4821-a28d-73f441bb679c.scope.
Mar 17 08:47:58 ubuntu systemd[1467]: tmp-snap.rootfs_EUH5go.mount: Succeeded.
Mar 17 08:47:58 ubuntu systemd[1]: tmp-snap.rootfs_EUH5go.mount: Succeeded.
Mar 17 08:47:58 ubuntu systemd[1]: snap.openvswitch.hook.install.6668ea76-cdaa-4821-a28d-73f441bb679c.scope: Succeeded.
Mar 17 08:47:58 ubuntu systemd[1]: Reloading.
Mar 17 08:47:58 ubuntu systemd[1]: Reloading.
Mar 17 08:47:58 ubuntu systemd[1]: Starting Service for snap application openvswitch.ovsdb-server...
Mar 17 08:47:59 ubuntu audit[1960]: AVC apparmor="DENIED" operation="exec" profile="snap.openvswitch.ovsdb-server" name="/usr/bin/systemctl" pid=1960 comm="ovs-ctl" requested_mask="x" denied_mask="x" fsuid=0 ouid=0
Mar 17 08:47:59 ubuntu audit[1960]: AVC apparmor="DENIED" operation="exec" profile="snap.openvswitch.ovsdb-server" name="/usr/bin/systemctl" pid=1960 comm="ovs-ctl" requested_mask="x" denied_mask="x" fsuid=0 ouid=0
Mar 17 08:47:59 ubuntu openvswitch.ovsdb-server[1921]: * /var/snap/openvswitch/common/etc/openvswitch/conf.db does not exist
Mar 17 08:47:59 ubuntu openvswitch.ovsdb-server[1921]: * Creating empty database /var/snap/openvswitch/common/etc/openvswitch/conf.db
Mar 17 08:47:59 ubuntu audit[1976]: SECCOMP auid=4294967295 uid=0 gid=0 ses=4294967295 pid=1976 comm="nice" exe="/usr/bin/nice" sig=0 arch=c000003e syscall=141 compat=0 ip=0x7f84a38e834b code=0x50000
Mar 17 08:47:59 ubuntu openvswitch.ovsdb-server[1976]: nice: cannot set niceness: Operation not permitted
Mar 17 08:47:59 ubuntu audit[1977]: SECCOMP auid=4294967295 uid=0 gid=0 ses=4294967295 pid=1977 comm="ovsdb-server" exe="/snap/openvswitch/14/usr/sbin/ovsdb-server" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f84d242d89d code=0x50000
Mar 17 08:47:59 ubuntu openvswitch.ovsdb-server[1921]: * Starting ovsdb-server
Mar 17 08:47:59 ubuntu ovs-vsctl[1978]: ovs|00001|vsctl|INFO|Called as ovs-vsctl --no-wait -- init -- set Open_vSwitch . db-version=8.2.0
Mar 17 08:47:59 ubuntu openvswitch.ovsdb-server[1921]: * system ID not configured, please use --system-id
Mar 17 08:47:59 ubuntu ovs-vsctl[1982]: ovs|00001|vsctl|INFO|Called as ovs-vsctl --no-wait set Open_vSwitch . ovs-version=2.13.3 "external-ids:system-id=\"\"" "external-ids:rundir=\"/var/snap/openvswitch/common/run/openvswitch\"" "system-type=\"unknown\"" "system-version=\"unknown\""
Mar 17 08:47:59 ubuntu openvswitch.ovsdb-server[1921]: * Configuring Open vSwitch system IDs
Mar 17 08:47:59 ubuntu openvswitch.ovsdb-server[1921]: * Enabling remote OVSDB managers
Mar 17 08:47:59 ubuntu systemd[1]: Started Service for snap application openvswitch.ovsdb-server.
Mar 17 08:47:59 ubuntu ovs-vsctl[1988]: ovs|00001|vsctl|INFO|Called as ovs-vsctl --no-wait add Open_vSwitch . external-ids hostname=ubuntu
Mar 17 08:47:59 ubuntu systemd[1]: Starting Service for snap application openvswitch.ovs-vswitchd...
Mar 17 08:47:59 ubuntu audit[2016]: AVC apparmor="DENIED" operation="exec" profile="snap.openvswitch.ovs-vswitchd" name="/usr/bin/systemctl" pid=2016 comm="ovs-ctl" requested_mask="x" denied_mask="x" fsuid=0 ouid=0
Mar 17 08:47:59 ubuntu audit[2016]: AVC apparmor="DENIED" operation="exec" profile="snap.openvswitch.ovs-vswitchd" name="/usr/bin/systemctl" pid=2016 comm="ovs-ctl" requested_mask="x" denied_mask="x" fsuid=0 ouid=0
Mar 17 08:47:59 ubuntu audit[2033]: AVC apparmor="DENIED" operation="exec" profile="snap.openvswitch.ovs-vswitchd" name="/usr/bin/systemctl" pid=2033 comm="ovs-kmod-ctl" requested_mask="x" denied_mask="x" fsuid=0 ouid=0
Mar 17 08:47:59 ubuntu audit[2033]: AVC apparmor="DENIED" operation="exec" profile="snap.openvswitch.ovs-vswitchd" name="/usr/bin/systemctl" pid=2033 comm="ovs-kmod-ctl" requested_mask="x" denied_mask="x" fsuid=0 ouid=0
Mar 17 08:47:59 ubuntu audit[2035]: AVC apparmor="DENIED" operation="exec" profile="snap.openvswitch.ovs-vswitchd" name="/usr/bin/kmod" pid=2035 comm="ovs-kmod-ctl" requested_mask="x" denied_mask="x" fsuid=0 ouid=0
Mar 17 08:47:59 ubuntu audit[2035]: AVC apparmor="DENIED" operation="exec" profile="snap.openvswitch.ovs-vswitchd" name="/usr/bin/kmod" pid=2035 comm="ovs-kmod-ctl" requested_mask="x" denied_mask="x" fsuid=0 ouid=0
Mar 17 08:47:59 ubuntu openvswitch.ovs-vswitchd[2035]: /snap/openvswitch/14/usr/share/openvswitch/scripts/ovs-kmod-ctl: 112: modprobe: Permission denied
Mar 17 08:47:59 ubuntu openvswitch.ovs-vswitchd[2028]: * Inserting openvswitch module
Mar 17 08:47:59 ubuntu systemd[1]: snap.openvswitch.ovs-vswitchd.service: Control process exited, code=exited, status=1/FAILURE
Mar 17 08:47:59 ubuntu systemd[1]: snap.openvswitch.ovs-vswitchd.service: Failed with result 'exit-code'.
Mar 17 08:47:59 ubuntu systemd[1]: Failed to start Service for snap application openvswitch.ovs-vswitchd.
Mar 17 08:47:59 ubuntu systemd[1]: snapd.service: Got notification message from PID 1989, but reception only permitted for main PID 823
Mar 17 08:47:59 ubuntu systemd[1]: Stopped Service for snap application openvswitch.ovs-vswitchd.
Mar 17 08:48:00 ubuntu systemd[1]: Stopping Service for snap application openvswitch.ovsdb-server...
Mar 17 08:48:00 ubuntu audit[2065]: AVC apparmor="DENIED" operation="exec" profile="snap.openvswitch.ovsdb-server" name="/usr/bin/systemctl" pid=2065 comm="ovs-ctl" requested_mask="x" denied_mask="x" fsuid=0 ouid=0
Mar 17 08:48:00 ubuntu audit[2065]: AVC apparmor="DENIED" operation="exec" profile="snap.openvswitch.ovsdb-server" name="/usr/bin/systemctl" pid=2065 comm="ovs-ctl" requested_mask="x" denied_mask="x" fsuid=0 ouid=0
Mar 17 08:48:00 ubuntu openvswitch.ovsdb-server[2040]: * Exiting ovsdb-server (1977)
Mar 17 08:48:00 ubuntu systemd[1]: snap.openvswitch.ovsdb-server.service: Succeeded.
Mar 17 08:48:00 ubuntu systemd[1]: Stopped Service for snap application openvswitch.ovsdb-server.
Mar 17 08:48:00 ubuntu systemd[1]: Reloading.
Mar 17 08:48:00 ubuntu systemd[1]: Reloading.
Mar 17 08:48:01 ubuntu snapd[823]: taskrunner.go:271: [change 4 "Start snap \"openvswitch\" (14) services" task] failed: systemctl command [start snap.openvswitch.ovs-vswitchd.service] failed with exit status 1: Job for snap.openvswitch.ovs-vswitchd.service failed because the control process exited with error code.
Mar 17 08:48:01 ubuntu snapd[823]: See "systemctl status snap.openvswitch.ovs-vswitchd.service" and "journalctl -xe" for details.
Mar 17 08:48:01 ubuntu audit[2125]: AVC apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="/snap/snapd/14978/usr/lib/snapd/snap-confine" pid=2125 comm="apparmor_parser"
Mar 17 08:48:01 ubuntu audit[2125]: AVC apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="/snap/snapd/14978/usr/lib/snapd/snap-confine//mount-namespace-capture-helper" pid=2125 comm="apparmor_parser"
Mar 17 08:48:01 ubuntu kernel: kauditd_printk_skb: 20 callbacks suppressed
Mar 17 08:48:01 ubuntu kernel: audit: type=1400 audit(1647506881.393:45): apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="/snap/snapd/14978/usr/lib/snapd/snap-confine" pid=2125 comm="apparmor_parser"
Mar 17 08:48:01 ubuntu kernel: audit: type=1400 audit(1647506881.393:46): apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="/snap/snapd/14978/usr/lib/snapd/snap-confine//mount-namespace-capture-helper" pid=2125 comm="apparmor_parser"
Mar 17 08:48:01 ubuntu audit[2127]: AVC apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="snap-update-ns.openvswitch" pid=2127 comm="apparmor_parser"
Mar 17 08:48:01 ubuntu kernel: audit: type=1400 audit(1647506881.401:47): apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="snap-update-ns.openvswitch" pid=2127 comm="apparmor_parser"
Mar 17 08:48:01 ubuntu audit[2134]: AVC apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="snap.openvswitch.ovsdb-server" pid=2134 comm="apparmor_parser"
Mar 17 08:48:01 ubuntu audit[2128]: AVC apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="snap.openvswitch.hook.install" pid=2128 comm="apparmor_parser"
Mar 17 08:48:01 ubuntu kernel: audit: type=1400 audit(1647506881.405:48): apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="snap.openvswitch.ovsdb-server" pid=2134 comm="apparmor_parser"
Mar 17 08:48:01 ubuntu kernel: audit: type=1400 audit(1647506881.405:49): apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="snap.openvswitch.hook.install" pid=2128 comm="apparmor_parser"
Mar 17 08:48:01 ubuntu kernel: audit: type=1400 audit(1647506881.405:50): apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="snap.openvswitch.ovs-dpctl" pid=2130 comm="apparmor_parser"
Mar 17 08:48:01 ubuntu audit[2130]: AVC apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="snap.openvswitch.ovs-dpctl" pid=2130 comm="apparmor_parser"
Mar 17 08:48:01 ubuntu audit[2133]: AVC apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="snap.openvswitch.ovs-vswitchd" pid=2133 comm="apparmor_parser"
Mar 17 08:48:01 ubuntu audit[2132]: AVC apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="snap.openvswitch.ovs-vsctl" pid=2132 comm="apparmor_parser"
Mar 17 08:48:01 ubuntu audit[2131]: AVC apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="snap.openvswitch.ovs-ofctl" pid=2131 comm="apparmor_parser"
Mar 17 08:48:01 ubuntu audit[2129]: AVC apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="snap.openvswitch.ovs-appctl" pid=2129 comm="apparmor_parser"
Mar 17 08:48:01 ubuntu kernel: audit: type=1400 audit(1647506881.409:51): apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="snap.openvswitch.ovs-vswitchd" pid=2133 comm="apparmor_parser"
Mar 17 08:48:01 ubuntu kernel: audit: type=1400 audit(1647506881.409:52): apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="snap.openvswitch.ovs-vsctl" pid=2132 comm="apparmor_parser"
Mar 17 08:48:01 ubuntu kernel: audit: type=1400 audit(1647506881.409:53): apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="snap.openvswitch.ovs-ofctl" pid=2131 comm="apparmor_parser"
Mar 17 08:48:01 ubuntu kernel: audit: type=1400 audit(1647506881.409:54): apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="snap.openvswitch.ovs-appctl" pid=2129 comm="apparmor_parser"
Mar 17 08:48:01 ubuntu systemd[1]: run-snapd-ns-openvswitch.mnt.mount: Succeeded.
Mar 17 08:48:01 ubuntu systemd[1467]: run-snapd-ns-openvswitch.mnt.mount: Succeeded.
Mar 17 08:48:01 ubuntu systemd[1]: Reloading.
Mar 17 08:48:02 ubuntu systemd[1]: Reloading.
Mar 17 08:48:02 ubuntu systemd[1]: Reloading.
Mar 17 08:48:02 ubuntu systemd[1467]: writable-system\x2ddata-snap-openvswitch-14.mount: Succeeded.
Mar 17 08:48:02 ubuntu systemd[1467]: snap-openvswitch-14.mount: Succeeded.
Mar 17 08:48:02 ubuntu systemd[1]: writable-system\x2ddata-snap-openvswitch-14.mount: Succeeded.
Mar 17 08:48:02 ubuntu systemd[1]: snap-openvswitch-14.mount: Succeeded.
Mar 17 08:48:03 ubuntu systemd[1]: Reloading.
Mar 17 08:48:03 ubuntu systemd[1]: Reloading.
Mar 17 08:48:03 ubuntu systemd[1]: snapd.service: Got notification message from PID 2237, but reception only permitted for main PID 823
Mar 17 08:48:05 ubuntu snapd[823]: handlers.go:644: Reported install problem for "openvswitch" as f511bbf0-a5ce-11ec-a1e3-fa163ef35206 OOPSID
Mar 17 08:48:05 ubuntu sudo[1545]: pam_unix(sudo:session): session closed for user root
Mar 17 08:49:12 ubuntu sudo[2265]: bhuvaneshne : TTY=pts/0 ; PWD=/home/bhuvaneshne ; USER=root ; COMMAND=/usr/sbin/aa-status
Mar 17 08:49:12 ubuntu sudo[2265]: pam_unix(sudo:session): session opened for user root by bhuvaneshne(uid=0)
Mar 17 08:49:12 ubuntu sudo[2265]: pam_unix(sudo:session): session closed for user rootLooks like this snap is still in development (the fact that it is only published to edge somehow indicates that 
) perhaps @jamespage (being listed as publisher) could unlist it while it is still in development, so it does not show up in searches …
I think the challenge here is Core vs Classic - the snap relies on an interface (openvswitch-support) which I think is only provided on Classic installations - this ensures that the required kernel modules are loaded.
or it might be that an Ubuntu Core install does not have the required kernel module?
the interface is clearly there on UC20 and since the UC kernels are just a re-pack of the binary kernel deb i would also expect that all required modules are available …
the package description does not mention that you need to connect openvswitch-support and there does not seem to be a snap declaration in the store to auto-connect that interface at install time …
seemingly the snapcraft.yaml does also not define …
apps:
[...]
daemon: ...
install-mode: disable
[...]
… or use an install hook that checks if the interface is connected to prevent the daemon from starting … thus snapd will simply refuse to install and roll back when the daemon fails.
Thank you all for the responses.
Is it possible to disable the apparmor profiles of OVS or move it to complain mode to check how far it proceeds?
Thanks, Bhuvan
An update:
When I used --devmode installation is going through. Also tried some samples (like setting up bridge) - it works!
Wanted to understand the relationship between using devmode and apparmor.
-------------- LOGS ---------------
Mar 17 11:46:46 ubuntu sudo[4139]: bhuvaneshne : TTY=pts/0 ; PWD=/home/bhuvaneshne ; USER=root ; COMMAND=/usr/bin/snap install --edge --devmode openvswitch
Mar 17 11:46:46 ubuntu sudo[4139]: pam_unix(sudo:session): session opened for user root by bhuvaneshne(uid=0)
Mar 17 11:46:46 ubuntu snapd[823]: api_snaps.go:307: Installing snap "openvswitch" revision unset
Mar 17 11:46:48 ubuntu systemd[1]: Reloading.
Mar 17 11:46:48 ubuntu systemd[1]: Starting Automatically fetch and run repair assertions...
Mar 17 11:46:48 ubuntu systemd[1]: Reloading.
Mar 17 11:46:48 ubuntu systemd[1]: Mounting Mount unit for openvswitch, revision 14...
Mar 17 11:46:48 ubuntu systemd[1]: Mounted Mount unit for openvswitch, revision 14.
Mar 17 11:46:49 ubuntu systemd[1]: snapd.snap-repair.service: Succeeded.
Mar 17 11:46:49 ubuntu systemd[1]: Finished Automatically fetch and run repair assertions.
Mar 17 11:46:49 ubuntu audit[4376]: AVC apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="snap-update-ns.openvswitch" pid=4376 comm="apparmor_parser"
Mar 17 11:46:49 ubuntu kernel: audit: type=1400 audit(1647517609.451:75): apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="snap-update-ns.openvswitch" pid=4376 comm="apparmor_parser"
Mar 17 11:46:49 ubuntu audit[4380]: AVC apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap.openvswitch.ovs-ofctl" pid=4380 comm="apparmor_parser"
Mar 17 11:46:49 ubuntu kernel: audit: type=1400 audit(1647517609.543:76): apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap.openvswitch.ovs-ofctl" pid=4380 comm="apparmor_parser"
Mar 17 11:46:49 ubuntu audit[4383]: AVC apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap.openvswitch.ovsdb-server" pid=4383 comm="apparmor_parser"
Mar 17 11:46:49 ubuntu audit[4381]: AVC apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap.openvswitch.ovs-vsctl" pid=4381 comm="apparmor_parser"
Mar 17 11:46:49 ubuntu kernel: audit: type=1400 audit(1647517609.547:77): apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap.openvswitch.ovsdb-server" pid=4383 comm="apparmor_parser"
Mar 17 11:46:49 ubuntu kernel: audit: type=1400 audit(1647517609.547:78): apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap.openvswitch.ovs-vsctl" pid=4381 comm="apparmor_parser"
Mar 17 11:46:49 ubuntu audit[4377]: AVC apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap.openvswitch.hook.install" pid=4377 comm="apparmor_parser"
Mar 17 11:46:49 ubuntu audit[4378]: AVC apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap.openvswitch.ovs-appctl" pid=4378 comm="apparmor_parser"
Mar 17 11:46:49 ubuntu audit[4379]: AVC apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap.openvswitch.ovs-dpctl" pid=4379 comm="apparmor_parser"
Mar 17 11:46:49 ubuntu kernel: audit: type=1400 audit(1647517609.551:79): apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap.openvswitch.hook.install" pid=4377 comm="apparmor_parser"
Mar 17 11:46:49 ubuntu kernel: audit: type=1400 audit(1647517609.551:80): apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap.openvswitch.ovs-appctl" pid=4378 comm="apparmor_parser"
Mar 17 11:46:49 ubuntu kernel: audit: type=1400 audit(1647517609.551:81): apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap.openvswitch.ovs-dpctl" pid=4379 comm="apparmor_parser"
Mar 17 11:46:49 ubuntu audit[4382]: AVC apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap.openvswitch.ovs-vswitchd" pid=4382 comm="apparmor_parser"
Mar 17 11:46:49 ubuntu kernel: audit: type=1400 audit(1647517609.555:82): apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap.openvswitch.ovs-vswitchd" pid=4382 comm="apparmor_parser"
Mar 17 11:46:49 ubuntu systemd[1]: Reloading.
Mar 17 11:46:50 ubuntu audit[4441]: AVC apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="/snap/snapd/14978/usr/lib/snapd/snap-confine" pid=4441 comm="apparmor_parser"
Mar 17 11:46:50 ubuntu audit[4441]: AVC apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="/snap/snapd/14978/usr/lib/snapd/snap-confine//mount-namespace-capture-helper" pid=4441 comm="apparmor_parser"
Mar 17 11:46:50 ubuntu kernel: audit: type=1400 audit(1647517610.579:83): apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="/snap/snapd/14978/usr/lib/snapd/snap-confine" pid=4441 comm="apparmor_parser"
Mar 17 11:46:50 ubuntu kernel: audit: type=1400 audit(1647517610.579:84): apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="/snap/snapd/14978/usr/lib/snapd/snap-confine//mount-namespace-capture-helper" pid=4441 comm="apparmor_parser"
Mar 17 11:46:50 ubuntu audit[4445]: AVC apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap.openvswitch.ovs-ofctl" pid=4445 comm="apparmor_parser"
Mar 17 11:46:50 ubuntu audit[4443]: AVC apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap.openvswitch.ovs-appctl" pid=4443 comm="apparmor_parser"
Mar 17 11:46:50 ubuntu audit[4447]: AVC apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap.openvswitch.ovs-vswitchd" pid=4447 comm="apparmor_parser"
Mar 17 11:46:50 ubuntu audit[4448]: AVC apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap.openvswitch.ovsdb-server" pid=4448 comm="apparmor_parser"
Mar 17 11:46:50 ubuntu audit[4446]: AVC apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap.openvswitch.ovs-vsctl" pid=4446 comm="apparmor_parser"
Mar 17 11:46:50 ubuntu audit[4444]: AVC apparmor="STATUS" operation="profile_replace" profile="unconfined" name="snap.openvswitch.ovs-dpctl" pid=4444 comm="apparmor_parser"
Mar 17 11:46:50 ubuntu audit[4450]: AVC apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="snap-update-ns.openvswitch" pid=4450 comm="apparmor_parser"
Mar 17 11:46:50 ubuntu audit[4451]: AVC apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" name="snap.openvswitch.hook.install" pid=4451 comm="apparmor_parser"
Mar 17 11:46:51 ubuntu systemd[1]: Started snap.openvswitch.hook.install.de40da29-b6a4-4e73-9ed6-5773d2e9e0d3.scope.
Mar 17 11:46:51 ubuntu systemd[1]: tmp-snap.rootfs_HtaVUP.mount: Succeeded.
Mar 17 11:46:51 ubuntu systemd[1467]: tmp-snap.rootfs_HtaVUP.mount: Succeeded.
Mar 17 11:46:51 ubuntu systemd[1]: snap.openvswitch.hook.install.de40da29-b6a4-4e73-9ed6-5773d2e9e0d3.scope: Succeeded.
Mar 17 11:46:51 ubuntu systemd[1]: Reloading.
Mar 17 11:46:51 ubuntu systemd[1]: Reloading.
Mar 17 11:46:51 ubuntu systemd[1]: Starting Service for snap application openvswitch.ovsdb-server...
Mar 17 11:46:51 ubuntu audit[4571]: AVC apparmor="ALLOWED" operation="exec" profile="snap.openvswitch.ovsdb-server" name="/usr/bin/systemctl" pid=4571 comm="ovs-ctl" requested_mask="x" denied_mask="x" fsuid=0 ouid=0 target="snap.openvswitch.ovsdb-server//null-/usr/bin/systemctl"
Mar 17 11:46:51 ubuntu audit[4571]: AVC apparmor="ALLOWED" operation="file_inherit" profile="snap.openvswitch.ovsdb-server//null-/usr/bin/systemctl" name="/dev/null" pid=4571 comm="systemctl" requested_mask="w" denied_mask="w" fsuid=0 ouid=0
Mar 17 11:46:51 ubuntu audit[4571]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovsdb-server//null-/usr/bin/systemctl" name="/usr/bin/systemctl" pid=4571 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:51 ubuntu audit[4571]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovsdb-server//null-/usr/bin/systemctl" name="/usr/lib/x86_64-linux-gnu/ld-2.31.so" pid=4571 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:51 ubuntu audit[4571]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovsdb-server//null-/usr/bin/systemctl" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/libc-2.31.so" pid=4571 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:51 ubuntu audit[4571]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovsdb-server//null-/usr/bin/systemctl" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/libc-2.31.so" pid=4571 comm="systemctl" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0
Mar 17 11:46:51 ubuntu audit[4571]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovsdb-server//null-/usr/bin/systemctl" name="/etc/ld.so.cache" pid=4571 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:51 ubuntu audit[4571]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovsdb-server//null-/usr/bin/systemctl" name="/usr/lib/x86_64-linux-gnu/libselinux.so.1" pid=4571 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:51 ubuntu audit[4571]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovsdb-server//null-/usr/bin/systemctl" name="/usr/lib/x86_64-linux-gnu/libselinux.so.1" pid=4571 comm="systemctl" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0
Mar 17 11:46:51 ubuntu audit[4571]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovsdb-server//null-/usr/bin/systemctl" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/liblzma.so.5.2.4" pid=4571 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:51 ubuntu audit[4571]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovsdb-server//null-/usr/bin/systemctl" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/liblzma.so.5.2.4" pid=4571 comm="systemctl" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0
Mar 17 11:46:51 ubuntu audit[4571]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovsdb-server//null-/usr/bin/systemctl" name="/snap/openvswitch/14/usr/lib/x86_64-linux-gnu/liblz4.so.1.9.2" pid=4571 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:51 ubuntu audit[4571]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovsdb-server//null-/usr/bin/systemctl" name="/snap/openvswitch/14/usr/lib/x86_64-linux-gnu/liblz4.so.1.9.2" pid=4571 comm="systemctl" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0
Mar 17 11:46:51 ubuntu audit[4571]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovsdb-server//null-/usr/bin/systemctl" name="/usr/lib/x86_64-linux-gnu/libblkid.so.1.1.0" pid=4571 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:51 ubuntu audit[4571]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovsdb-server//null-/usr/bin/systemctl" name="/usr/lib/x86_64-linux-gnu/libblkid.so.1.1.0" pid=4571 comm="systemctl" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0
Mar 17 11:46:51 ubuntu audit[4571]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovsdb-server//null-/usr/bin/systemctl" name="/snap/openvswitch/14/usr/lib/x86_64-linux-gnu/libgcrypt.so.20.2.5" pid=4571 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:51 ubuntu audit[4571]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovsdb-server//null-/usr/bin/systemctl" name="/snap/openvswitch/14/usr/lib/x86_64-linux-gnu/libgcrypt.so.20.2.5" pid=4571 comm="systemctl" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0
Mar 17 11:46:51 ubuntu audit[4571]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovsdb-server//null-/usr/bin/systemctl" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/libpthread-2.31.so" pid=4571 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:51 ubuntu audit[4571]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovsdb-server//null-/usr/bin/systemctl" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/libpthread-2.31.so" pid=4571 comm="systemctl" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0
Mar 17 11:46:51 ubuntu audit[4571]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovsdb-server//null-/usr/bin/systemctl" name="/usr/lib/x86_64-linux-gnu/libpcre2-8.so.0.9.0" pid=4571 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:51 ubuntu audit[4571]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovsdb-server//null-/usr/bin/systemctl" name="/usr/lib/x86_64-linux-gnu/libpcre2-8.so.0.9.0" pid=4571 comm="systemctl" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0
Mar 17 11:46:51 ubuntu audit[4571]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovsdb-server//null-/usr/bin/systemctl" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/libdl-2.31.so" pid=4571 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:51 ubuntu audit[4571]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovsdb-server//null-/usr/bin/systemctl" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/libdl-2.31.so" pid=4571 comm="systemctl" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0
Mar 17 11:46:51 ubuntu audit[4571]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovsdb-server//null-/usr/bin/systemctl" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/libgpg-error.so.0.28.0" pid=4571 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:51 ubuntu audit[4571]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovsdb-server//null-/usr/bin/systemctl" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/libgpg-error.so.0.28.0" pid=4571 comm="systemctl" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0
Mar 17 11:46:51 ubuntu audit[4571]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovsdb-server//null-/usr/bin/systemctl" name="/proc/filesystems" pid=4571 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:51 ubuntu audit[4571]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovsdb-server//null-/usr/bin/systemctl" name="/proc/4571/stat" pid=4571 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:51 ubuntu audit[4571]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovsdb-server//null-/usr/bin/systemctl" name="/proc/sys/kernel/osrelease" pid=4571 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:51 ubuntu audit[4571]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovsdb-server//null-/usr/bin/systemctl" name="/proc/1/environ" pid=4571 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:51 ubuntu audit[4571]: AVC apparmor="ALLOWED" operation="capable" profile="snap.openvswitch.ovsdb-server//null-/usr/bin/systemctl" pid=4571 comm="systemctl" capability=19 capname="sys_ptrace"
Mar 17 11:46:51 ubuntu audit[4571]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovsdb-server//null-/usr/bin/systemctl" name="/proc/1/sched" pid=4571 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:51 ubuntu audit[4571]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovsdb-server//null-/usr/bin/systemctl" name="/proc/cmdline" pid=4571 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu openvswitch.ovsdb-server[4533]: * /var/snap/openvswitch/common/etc/openvswitch/conf.db does not exist
Mar 17 11:46:52 ubuntu openvswitch.ovsdb-server[4533]: * Creating empty database /var/snap/openvswitch/common/etc/openvswitch/conf.db
Mar 17 11:46:52 ubuntu audit[4587]: SECCOMP auid=4294967295 uid=0 gid=0 ses=4294967295 pid=4587 comm="nice" exe="/usr/bin/nice" sig=0 arch=c000003e syscall=141 compat=0 ip=0x7ff7eebac34b code=0x7ffc0000
Mar 17 11:46:52 ubuntu audit[4587]: AVC apparmor="ALLOWED" operation="capable" profile="snap.openvswitch.ovsdb-server" pid=4587 comm="nice" capability=23 capname="sys_nice"
Mar 17 11:46:52 ubuntu audit[4588]: SECCOMP auid=4294967295 uid=0 gid=0 ses=4294967295 pid=4588 comm="ovsdb-server" exe="/snap/openvswitch/14/usr/sbin/ovsdb-server" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f1bfb32889d code=0x7ffc0000
Mar 17 11:46:52 ubuntu audit[4588]: AVC apparmor="ALLOWED" operation="capable" profile="snap.openvswitch.ovsdb-server" pid=4588 comm="ovsdb-server" capability=21 capname="sys_admin"
Mar 17 11:46:52 ubuntu openvswitch.ovsdb-server[4533]: * Starting ovsdb-server
Mar 17 11:46:52 ubuntu ovs-vsctl[4589]: ovs|00001|vsctl|INFO|Called as ovs-vsctl --no-wait -- init -- set Open_vSwitch . db-version=8.2.0
Mar 17 11:46:52 ubuntu openvswitch.ovsdb-server[4533]: * system ID not configured, please use --system-id
Mar 17 11:46:52 ubuntu ovs-vsctl[4593]: ovs|00001|vsctl|INFO|Called as ovs-vsctl --no-wait set Open_vSwitch . ovs-version=2.13.3 "external-ids:system-id=\"\"" "external-ids:rundir=\"/var/snap/openvswitch/common/run/openvswitch\"" "system-type=\"unknown\"" "system-version=\"unknown\""
Mar 17 11:46:52 ubuntu openvswitch.ovsdb-server[4533]: * Configuring Open vSwitch system IDs
Mar 17 11:46:52 ubuntu openvswitch.ovsdb-server[4533]: * Enabling remote OVSDB managers
Mar 17 11:46:52 ubuntu systemd[1]: Started Service for snap application openvswitch.ovsdb-server.
Mar 17 11:46:52 ubuntu ovs-vsctl[4599]: ovs|00001|vsctl|INFO|Called as ovs-vsctl --no-wait add Open_vSwitch . external-ids hostname=ubuntu
Mar 17 11:46:52 ubuntu systemd[1]: Starting Service for snap application openvswitch.ovs-vswitchd...
Mar 17 11:46:52 ubuntu audit[4627]: AVC apparmor="ALLOWED" operation="exec" profile="snap.openvswitch.ovs-vswitchd" name="/usr/bin/systemctl" pid=4627 comm="ovs-ctl" requested_mask="x" denied_mask="x" fsuid=0 ouid=0 target="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl"
Mar 17 11:46:52 ubuntu audit[4627]: AVC apparmor="ALLOWED" operation="file_inherit" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/dev/null" pid=4627 comm="systemctl" requested_mask="w" denied_mask="w" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4627]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/usr/bin/systemctl" pid=4627 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4627]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/usr/lib/x86_64-linux-gnu/ld-2.31.so" pid=4627 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4627]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/libc-2.31.so" pid=4627 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4627]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/libc-2.31.so" pid=4627 comm="systemctl" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4627]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/etc/ld.so.cache" pid=4627 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4627]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/usr/lib/x86_64-linux-gnu/libselinux.so.1" pid=4627 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4627]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/usr/lib/x86_64-linux-gnu/libselinux.so.1" pid=4627 comm="systemctl" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4627]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/liblzma.so.5.2.4" pid=4627 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4627]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/liblzma.so.5.2.4" pid=4627 comm="systemctl" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4627]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/snap/openvswitch/14/usr/lib/x86_64-linux-gnu/liblz4.so.1.9.2" pid=4627 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4627]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/snap/openvswitch/14/usr/lib/x86_64-linux-gnu/liblz4.so.1.9.2" pid=4627 comm="systemctl" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4627]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/usr/lib/x86_64-linux-gnu/libblkid.so.1.1.0" pid=4627 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4627]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/usr/lib/x86_64-linux-gnu/libblkid.so.1.1.0" pid=4627 comm="systemctl" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4627]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/snap/openvswitch/14/usr/lib/x86_64-linux-gnu/libgcrypt.so.20.2.5" pid=4627 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4627]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/snap/openvswitch/14/usr/lib/x86_64-linux-gnu/libgcrypt.so.20.2.5" pid=4627 comm="systemctl" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4627]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/libpthread-2.31.so" pid=4627 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4627]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/libpthread-2.31.so" pid=4627 comm="systemctl" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4627]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/usr/lib/x86_64-linux-gnu/libpcre2-8.so.0.9.0" pid=4627 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4627]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/usr/lib/x86_64-linux-gnu/libpcre2-8.so.0.9.0" pid=4627 comm="systemctl" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4627]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/libdl-2.31.so" pid=4627 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4627]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/libdl-2.31.so" pid=4627 comm="systemctl" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4627]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/libgpg-error.so.0.28.0" pid=4627 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4627]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/libgpg-error.so.0.28.0" pid=4627 comm="systemctl" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4627]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/proc/filesystems" pid=4627 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4627]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/proc/4627/stat" pid=4627 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4627]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/proc/sys/kernel/osrelease" pid=4627 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4627]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/proc/1/environ" pid=4627 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4627]: AVC apparmor="ALLOWED" operation="capable" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" pid=4627 comm="systemctl" capability=19 capname="sys_ptrace"
Mar 17 11:46:52 ubuntu audit[4627]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/proc/1/sched" pid=4627 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4627]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/proc/cmdline" pid=4627 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4644]: AVC apparmor="ALLOWED" operation="exec" profile="snap.openvswitch.ovs-vswitchd" name="/usr/bin/systemctl" pid=4644 comm="ovs-kmod-ctl" requested_mask="x" denied_mask="x" fsuid=0 ouid=0 target="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl"
Mar 17 11:46:52 ubuntu audit[4644]: AVC apparmor="ALLOWED" operation="file_inherit" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/dev/null" pid=4644 comm="systemctl" requested_mask="w" denied_mask="w" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4644]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/usr/bin/systemctl" pid=4644 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4644]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/usr/lib/x86_64-linux-gnu/ld-2.31.so" pid=4644 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4644]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/libc-2.31.so" pid=4644 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4644]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/libc-2.31.so" pid=4644 comm="systemctl" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4644]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/etc/ld.so.cache" pid=4644 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4644]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/usr/lib/x86_64-linux-gnu/libselinux.so.1" pid=4644 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4644]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/usr/lib/x86_64-linux-gnu/libselinux.so.1" pid=4644 comm="systemctl" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4644]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/liblzma.so.5.2.4" pid=4644 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4644]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/liblzma.so.5.2.4" pid=4644 comm="systemctl" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4644]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/snap/openvswitch/14/usr/lib/x86_64-linux-gnu/liblz4.so.1.9.2" pid=4644 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4644]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/snap/openvswitch/14/usr/lib/x86_64-linux-gnu/liblz4.so.1.9.2" pid=4644 comm="systemctl" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4644]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/usr/lib/x86_64-linux-gnu/libblkid.so.1.1.0" pid=4644 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4644]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/usr/lib/x86_64-linux-gnu/libblkid.so.1.1.0" pid=4644 comm="systemctl" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4644]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/snap/openvswitch/14/usr/lib/x86_64-linux-gnu/libgcrypt.so.20.2.5" pid=4644 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4644]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/snap/openvswitch/14/usr/lib/x86_64-linux-gnu/libgcrypt.so.20.2.5" pid=4644 comm="systemctl" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4644]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/libpthread-2.31.so" pid=4644 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4644]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/libpthread-2.31.so" pid=4644 comm="systemctl" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4644]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/usr/lib/x86_64-linux-gnu/libpcre2-8.so.0.9.0" pid=4644 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4644]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/usr/lib/x86_64-linux-gnu/libpcre2-8.so.0.9.0" pid=4644 comm="systemctl" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4644]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/libdl-2.31.so" pid=4644 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4644]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/libdl-2.31.so" pid=4644 comm="systemctl" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4644]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/libgpg-error.so.0.28.0" pid=4644 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4644]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/libgpg-error.so.0.28.0" pid=4644 comm="systemctl" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4644]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/proc/filesystems" pid=4644 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4644]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/proc/4644/stat" pid=4644 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4644]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/proc/sys/kernel/osrelease" pid=4644 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4644]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/proc/1/environ" pid=4644 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4644]: AVC apparmor="ALLOWED" operation="capable" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" pid=4644 comm="systemctl" capability=19 capname="sys_ptrace"
Mar 17 11:46:52 ubuntu audit[4644]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/proc/1/sched" pid=4644 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4644]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/systemctl" name="/proc/cmdline" pid=4644 comm="systemctl" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="exec" profile="snap.openvswitch.ovs-vswitchd" name="/usr/bin/kmod" pid=4646 comm="ovs-kmod-ctl" requested_mask="x" denied_mask="x" fsuid=0 ouid=0 target="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod"
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/usr/bin/kmod" pid=4646 comm="modprobe" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/usr/lib/x86_64-linux-gnu/ld-2.31.so" pid=4646 comm="modprobe" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/liblzma.so.5.2.4" pid=4646 comm="modprobe" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/liblzma.so.5.2.4" pid=4646 comm="modprobe" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/etc/ld.so.cache" pid=4646 comm="modprobe" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/usr/lib/x86_64-linux-gnu/libcrypto.so.1.1" pid=4646 comm="modprobe" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/usr/lib/x86_64-linux-gnu/libcrypto.so.1.1" pid=4646 comm="modprobe" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/libc-2.31.so" pid=4646 comm="modprobe" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/libc-2.31.so" pid=4646 comm="modprobe" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/libpthread-2.31.so" pid=4646 comm="modprobe" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/libpthread-2.31.so" pid=4646 comm="modprobe" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/libdl-2.31.so" pid=4646 comm="modprobe" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="file_mmap" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/snap/openvswitch/14/lib/x86_64-linux-gnu/libdl-2.31.so" pid=4646 comm="modprobe" requested_mask="rm" denied_mask="rm" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/etc/modprobe.d/" pid=4646 comm="modprobe" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/usr/lib/modprobe.d/" pid=4646 comm="modprobe" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/usr/lib/modprobe.d/aliases.conf" pid=4646 comm="modprobe" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/etc/modprobe.d/blacklist-ath_pci.conf" pid=4646 comm="modprobe" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/etc/modprobe.d/blacklist-firewire.conf" pid=4646 comm="modprobe" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/etc/modprobe.d/blacklist-framebuffer.conf" pid=4646 comm="modprobe" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/etc/modprobe.d/blacklist-rare-network.conf" pid=4646 comm="modprobe" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/etc/modprobe.d/blacklist.conf" pid=4646 comm="modprobe" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/usr/lib/modprobe.d/fbdev-blacklist.conf" pid=4646 comm="modprobe" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/etc/modprobe.d/iwlwifi.conf" pid=4646 comm="modprobe" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/usr/lib/modules/5.4.0-104-generic/modules.softdep" pid=4646 comm="modprobe" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/usr/lib/modprobe.d/systemd.conf" pid=4646 comm="modprobe" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/proc/cmdline" pid=4646 comm="modprobe" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/usr/lib/modules/5.4.0-104-generic/modules.dep.bin" pid=4646 comm="modprobe" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/usr/lib/modules/5.4.0-104-generic/modules.alias.bin" pid=4646 comm="modprobe" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/usr/lib/modules/5.4.0-104-generic/modules.symbols.bin" pid=4646 comm="modprobe" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/usr/lib/modules/5.4.0-104-generic/modules.builtin.alias.bin" pid=4646 comm="modprobe" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/usr/lib/modules/5.4.0-104-generic/modules.builtin.bin" pid=4646 comm="modprobe" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/sys/module/libcrc32c/initstate" pid=4646 comm="modprobe" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/sys/module/nf_defrag_ipv4/initstate" pid=4646 comm="modprobe" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/sys/module/nf_defrag_ipv6/initstate" pid=4646 comm="modprobe" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/sys/module/nf_conntrack/initstate" pid=4646 comm="modprobe" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/sys/module/nf_nat/initstate" pid=4646 comm="modprobe" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/usr/lib/modules/5.4.0-104-generic/kernel/net/netfilter/nf_conncount.ko" pid=4646 comm="modprobe" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: SECCOMP auid=4294967295 uid=0 gid=0 ses=4294967295 pid=4646 comm="modprobe" exe="/usr/bin/kmod" sig=0 arch=c000003e syscall=313 compat=0 ip=0x7f795086f89d code=0x7ffc0000
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="capable" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" pid=4646 comm="modprobe" capability=16 capname="sys_module"
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/usr/lib/modules/5.4.0-104-generic/kernel/net/nsh/nsh.ko" pid=4646 comm="modprobe" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: SECCOMP auid=4294967295 uid=0 gid=0 ses=4294967295 pid=4646 comm="modprobe" exe="/usr/bin/kmod" sig=0 arch=c000003e syscall=313 compat=0 ip=0x7f795086f89d code=0x7ffc0000
Mar 17 11:46:52 ubuntu audit[4646]: AVC apparmor="ALLOWED" operation="open" profile="snap.openvswitch.ovs-vswitchd//null-/usr/bin/kmod" name="/usr/lib/modules/5.4.0-104-generic/kernel/net/openvswitch/openvswitch.ko" pid=4646 comm="modprobe" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 17 11:46:52 ubuntu audit[4646]: SECCOMP auid=4294967295 uid=0 gid=0 ses=4294967295 pid=4646 comm="modprobe" exe="/usr/bin/kmod" sig=0 arch=c000003e syscall=313 compat=0 ip=0x7f795086f89d code=0x7ffc0000
Mar 17 11:46:52 ubuntu kernel: openvswitch: Open vSwitch switching datapath
Mar 17 11:46:52 ubuntu openvswitch.ovs-vswitchd[4639]: * Inserting openvswitch module
Mar 17 11:46:52 ubuntu audit[4649]: SECCOMP auid=4294967295 uid=0 gid=0 ses=4294967295 pid=4649 comm="nice" exe="/usr/bin/nice" sig=0 arch=c000003e syscall=141 compat=0 ip=0x7f4ae3e1e34b code=0x7ffc0000
Mar 17 11:46:52 ubuntu audit[4649]: AVC apparmor="ALLOWED" operation="capable" profile="snap.openvswitch.ovs-vswitchd" pid=4649 comm="nice" capability=23 capname="sys_nice"
Mar 17 11:46:52 ubuntu audit[4650]: AVC apparmor="ALLOWED" operation="capable" profile="snap.openvswitch.ovs-vswitchd" pid=4650 comm="ovs-vswitchd" capability=12 capname="net_admin"
Mar 17 11:46:52 ubuntu audit[4650]: AVC apparmor="ALLOWED" operation="capable" profile="snap.openvswitch.ovs-vswitchd" pid=4650 comm="ovs-vswitchd" capability=11 capname="net_broadcast"
Mar 17 11:46:52 ubuntu audit[4650]: SECCOMP auid=4294967295 uid=0 gid=0 ses=4294967295 pid=4650 comm="ovs-vswitchd" exe="/snap/openvswitch/14/usr/sbin/ovs-vswitchd" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1149f4e90b code=0x7ffc0000
Mar 17 11:46:52 ubuntu audit[4650]: SECCOMP auid=4294967295 uid=0 gid=0 ses=4294967295 pid=4650 comm="ovs-vswitchd" exe="/snap/openvswitch/14/usr/sbin/ovs-vswitchd" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1149f4e90b code=0x7ffc0000
Mar 17 11:46:52 ubuntu audit[4650]: SECCOMP auid=4294967295 uid=0 gid=0 ses=4294967295 pid=4650 comm="ovs-vswitchd" exe="/snap/openvswitch/14/usr/sbin/ovs-vswitchd" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1149f4e90b code=0x7ffc0000
Mar 17 11:46:52 ubuntu audit[4650]: SECCOMP auid=4294967295 uid=0 gid=0 ses=4294967295 pid=4650 comm="ovs-vswitchd" exe="/snap/openvswitch/14/usr/sbin/ovs-vswitchd" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1149f4e90b code=0x7ffc0000
Mar 17 11:46:52 ubuntu audit[4650]: SECCOMP auid=4294967295 uid=0 gid=0 ses=4294967295 pid=4650 comm="ovs-vswitchd" exe="/snap/openvswitch/14/usr/sbin/ovs-vswitchd" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1149f4e90b code=0x7ffc0000
Mar 17 11:46:52 ubuntu audit[4650]: SECCOMP auid=4294967295 uid=0 gid=0 ses=4294967295 pid=4650 comm="ovs-vswitchd" exe="/snap/openvswitch/14/usr/sbin/ovs-vswitchd" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1149f4e90b code=0x7ffc0000
Mar 17 11:46:52 ubuntu audit[4650]: SECCOMP auid=4294967295 uid=0 gid=0 ses=4294967295 pid=4650 comm="ovs-vswitchd" exe="/snap/openvswitch/14/usr/sbin/ovs-vswitchd" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1149f4e90b code=0x7ffc0000
Mar 17 11:46:52 ubuntu audit[4650]: SECCOMP auid=4294967295 uid=0 gid=0 ses=4294967295 pid=4650 comm="ovs-vswitchd" exe="/snap/openvswitch/14/usr/sbin/ovs-vswitchd" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1149f4e90b code=0x7ffc0000
Mar 17 11:46:52 ubuntu openvswitch.ovs-vswitchd[4601]: * Starting ovs-vswitchd
Mar 17 11:46:52 ubuntu ovs-vsctl[4658]: ovs|00001|vsctl|INFO|Called as ovs-vsctl --no-wait add Open_vSwitch . external-ids hostname=ubuntu
Mar 17 11:46:52 ubuntu openvswitch.ovs-vswitchd[4601]: * Enabling remote OVSDB managers
Mar 17 11:46:52 ubuntu systemd[1]: Started Service for snap application openvswitch.ovs-vswitchd.
Mar 17 11:46:52 ubuntu sudo[4139]: pam_unix(sudo:session): session closed for user rootwell, as you already found, --devmode turns the apparmor profile to complain mode … but that indeed also means you drop the confinement, the package should be fixed instead …
after you installed in devmode you can now connect the interface though, to at least drop the log spam …
Thank you very much!
sounds like its not far off working - I’ve raised:
2 Likes