This is probably a question for @jdstrand
I’ve made a snap of MAME (the Multi Arcade Machine Emulator) which has no audio when strictly confined but plays audio fine when in devmode
.
You can test this with
snap install mame --candidate
(with and without --devmode
).
mkdir -p ~/snap/mame/common/roms
Then copy roms you have into ~/snap/mame/common/roms
.
Launch mame from the command line.
I notice this in the output of snappy-debug.security scanlog
.
= Seccomp =
Time: Feb 22 10:07:21
Log: auid=1000 uid=1000 gid=1000 ses=4 pid=2492 comm="PulseHotplug" exe="/snap/mame/63/mame" sig=31 arch=c000003e 141(setpriority) compat=0 ip=0x7ff9a77c6d67 code=0x0
Syscall: setpriority
Suggestion:
* add one of 'browser-support, process-control' to 'plugs'
= Seccomp =
Time: Feb 22 10:07:21
Log: auid=1000 uid=1000 gid=1000 ses=4 pid=2492 comm="SDLAudioDev1" exe="/snap/mame/63/mame" sig=31 arch=c000003e 141(setpriority) compat=0 ip=0x7ff9a77c6d67 code=0x0
Syscall: setpriority
Suggestion:
* add one of 'browser-support, process-control' to 'plugs'
process-control
and browser-support
seem like the wrong things to be adding here. Is there some other solution?
Also, getting a ton of these, which may be related?
= AppArmor =
Time: Feb 22 10:07:21
Log: apparmor="DENIED" operation="open" profile="snap.mame.mame" name="/sys/devices/pci0000:00/0000:00:01.0/0000:01:00.1/sound/card1/input18/capabilities/ev" pid=2492 comm="mame" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
File: /sys/devices/pci0000:00/0000:00:01.0/0000:01:00.1/sound/card1/input18/capabilities/ev (read)
Suggestions:
* adjust program to not access '/sys/devices/pci0000:00/0000:00:01.0/0000:01:00.1/sound/card1/input18/capabilities/ev'
* adjust program to not access '/sys/devices/pci[0-9]*:[0-9]*/[0-9]*:[0-9]*:[0-9]*.[0-9]*/[0-9]*:[0-9]*:[0-9]*.[0-9]*/sound/card[0-9]*/input[0-9]*/capabilities/ev'
= AppArmor =
Time: Feb 22 10:07:21
Log: apparmor="DENIED" operation="open" profile="snap.mame.mame" name="/sys/devices/pci0000:00/0000:00:01.0/0000:01:00.1/sound/card1/input19/capabilities/ev" pid=2492 comm="mame" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
File: /sys/devices/pci0000:00/0000:00:01.0/0000:01:00.1/sound/card1/input19/capabilities/ev (read)
Suggestions:
* adjust program to not access '/sys/devices/pci0000:00/0000:00:01.0/0000:01:00.1/sound/card1/input19/capabilities/ev'
* adjust program to not access '/sys/devices/pci[0-9]*:[0-9]*/[0-9]*:[0-9]*:[0-9]*.[0-9]*/[0-9]*:[0-9]*:[0-9]*.[0-9]*/sound/card[0-9]*/input[0-9]*/capabilities/ev'
= AppArmor =
Time: Feb 22 10:07:21
Log: apparmor="DENIED" operation="open" profile="snap.mame.mame" name="/sys/devices/pci0000:00/0000:00:01.0/0000:01:00.1/sound/card1/input20/capabilities/ev" pid=2492 comm="mame" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
File: /sys/devices/pci0000:00/0000:00:01.0/0000:01:00.1/sound/card1/input20/capabilities/ev (read)
Suggestions:
* adjust program to not access '/sys/devices/pci0000:00/0000:00:01.0/0000:01:00.1/sound/card1/input20/capabilities/ev'
* adjust program to not access '/sys/devices/pci[0-9]*:[0-9]*/[0-9]*:[0-9]*:[0-9]*.[0-9]*/[0-9]*:[0-9]*:[0-9]*.[0-9]*/sound/card[0-9]*/input[0-9]*/capabilities/ev'
= AppArmor =
Time: Feb 22 10:07:21
Log: apparmor="DENIED" operation="open" profile="snap.mame.mame" name="/sys/devices/pci0000:00/0000:00:01.0/0000:01:00.1/sound/card1/input21/capabilities/ev" pid=2492 comm="mame" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
File: /sys/devices/pci0000:00/0000:00:01.0/0000:01:00.1/sound/card1/input21/capabilities/ev (read)
Suggestions:
* adjust program to not access '/sys/devices/pci0000:00/0000:00:01.0/0000:01:00.1/sound/card1/input21/capabilities/ev'
* adjust program to not access '/sys/devices/pci[0-9]*:[0-9]*/[0-9]*:[0-9]*:[0-9]*.[0-9]*/[0-9]*:[0-9]*:[0-9]*.[0-9]*/sound/card[0-9]*/input[0-9]*/capabilities/ev'
Finally, as a bonus, getting these which maybe related to joystick
?
= AppArmor =
Time: Feb 22 10:07:21
Log: apparmor="DENIED" operation="open" profile="snap.mame.mame" name="/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0D:00/input/input2/capabilities/ev" pid=2492 comm="mame" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
File: /sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0D:00/input/input2/capabilities/ev (read)
Suggestions:
* adjust program to not access '/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0D:00/input/input2/capabilities/ev'
* adjust program to not access '/sys/devices/LNXSYSTM:[0-9]*/LNXSYBUS:[0-9]*/PNP[0-9]*C[0-9]*D:[0-9]*/input/input[0-9]*/capabilities/ev'