Our Prometheus node-exporter is generating the following errors (stripped out common lines):
That’s how lines look like
apparmor="DENIED" operation="open" profile="snap.<redacted>.node-exporter" name="/sys/devices/platform/coretemp.0/hwmon/hwmon2/temp1_crit" pid=some-pid comm="node_exporter" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
The list of all paths:
name="/sys/devices/platform/coretemp.0/hwmon/hwmon2/temp1_crit"
name="/sys/devices/platform/coretemp.0/hwmon/hwmon2/temp1_crit_alarm"
name="/sys/devices/platform/coretemp.0/hwmon/hwmon2/temp1_input"
name="/sys/devices/system/clocksource/clocksource0/available_clocksource"
name="/sys/devices/virtual/powercap/intel-rapl/intel-rapl:0/intel-rapl:0:0/name"
name="/sys/devices/virtual/powercap/intel-rapl/intel-rapl:0/intel-rapl:0:1/name"
name="/sys/devices/virtual/powercap/intel-rapl/intel-rapl:0/intel-rapl:0:2/name"
name="/sys/devices/virtual/powercap/intel-rapl/intel-rapl:0/name"
name="/sys/devices/virtual/thermal/thermal_zone0/hwmon0/name"
name="/sys/devices/virtual/thermal/thermal_zone0/hwmon0/temp1_crit"
name="/sys/devices/virtual/thermal/thermal_zone0/hwmon0/temp1_input"
name="/sys/devices/virtual/thermal/thermal_zone0/temp"
name="/sys/devices/virtual/thermal/thermal_zone0/type"
name="/sys/devices/virtual/thermal/thermal_zone1/hwmon1/name"
name="/sys/devices/virtual/thermal/thermal_zone1/hwmon1/temp1_input"
name="/sys/devices/virtual/thermal/thermal_zone1/temp"
Could you please suggest how I enable access to those files (I need read-only access)?