Hi,
I’m seeing this error whenever I try to run a snap, despite attempts to reinstall snapd:
“snap-confine has elevated permissions and is not confined but should be. Refusing to continue to avoid permission escalation attacks”
Any ideas?
luciadecastro@sebastian:~$ sudo apt install --reinstall snapd
sudo: unable to resolve host sebastian
[sudo] password for luciadecastro:
Reading package lists… Done
Building dependency tree
Reading state information… Done
The following packages were automatically installed and are no longer required:
libllvm3.8 linux-headers-4.4.0-81 linux-headers-4.4.0-81-generic linux-headers-4.4.0-83
linux-headers-4.4.0-83-generic linux-headers-4.4.0-87 linux-headers-4.4.0-87-generic linux-headers-4.4.0-89
linux-headers-4.4.0-89-generic linux-headers-4.4.0-91 linux-headers-4.4.0-91-generic linux-headers-4.4.0-92
linux-headers-4.4.0-92-generic linux-headers-4.4.0-93 linux-headers-4.4.0-93-generic
linux-image-4.4.0-81-generic linux-image-4.4.0-83-generic linux-image-4.4.0-87-generic
linux-image-4.4.0-89-generic linux-image-4.4.0-91-generic linux-image-4.4.0-92-generic
linux-image-4.4.0-93-generic linux-image-extra-4.4.0-81-generic linux-image-extra-4.4.0-83-generic
linux-image-extra-4.4.0-87-generic linux-image-extra-4.4.0-89-generic linux-image-extra-4.4.0-91-generic
linux-image-extra-4.4.0-92-generic linux-image-extra-4.4.0-93-generic linux-signed-image-4.4.0-81-generic
linux-signed-image-4.4.0-83-generic linux-signed-image-4.4.0-87-generic linux-signed-image-4.4.0-89-generic
linux-signed-image-4.4.0-91-generic linux-signed-image-4.4.0-92-generic linux-signed-image-4.4.0-93-generic
Use ‘sudo apt autoremove’ to remove them.
0 to upgrade, 0 to newly install, 1 reinstalled, 0 to remove and 45 not to upgrade.
Need to get 10.7 MB of archives.
After this operation, 0 B of additional disk space will be used.
Get:1 http://gb.archive.ubuntu.com/ubuntu xenial-updates/main amd64 snapd amd64 2.27.5 [10.7 MB]
Fetched 10.7 MB in 2s (4,215 kB/s)
(Reading database … 472617 files and directories currently installed.)
Preparing to unpack …/snapd_2.27.5_amd64.deb …
Warning: Stopping snapd.service, but it can still be activated by:
snapd.socket
Unpacking snapd (2.27.5) over (2.27.5) …
Processing triggers for man-db (2.7.5-1) …
Setting up snapd (2.27.5) …
luciadecastro@sebastian:~$ ls -la /usr/lib/snapd/snap-confine
-rwsr-xr-x 1 root root 81672 Aug 31 06:17 /usr/lib/snapd/snap-confine
luciadecastro@sebastian:~$ notes
snap-confine has elevated permissions and is not confined but should be. Refusing to continue to avoid permission escalation attacks
luciadecastro@sebastian:~$ ls -la /usr/lib/snapd
total 37736
drwxr-xr-x 2 root root 4096 Oct 6 13:29 .
drwxr-xr-x 153 root root 12288 Sep 13 09:24 …
-rw-r–r-- 1 root root 4814 Aug 24 02:46 complete.sh
-rwxr-xr-x 1 root root 6243 Aug 24 02:46 etelpmoc.sh
-rw-r–r-- 1 root root 15 Aug 31 06:14 info
-rwsr-xr-x 1 root root 81672 Aug 31 06:17 snap-confine
-rwxr-xr-x 1 root root 20031344 Aug 31 06:17 snapd
-rwxr-xr-x 1 root root 2273 Aug 31 06:17 snapd.core-fixup.sh
-rwxr-xr-x 1 root root 39864 Aug 31 06:17 snap-discard-ns
-rwxr-xr-x 1 root root 5461304 Aug 31 06:17 snap-exec
-rwxr-xr-x 1 root root 3263832 Aug 31 06:17 snap-repair
-rwxr-xr-x 1 root root 3867256 Aug 31 06:17 snap-seccomp
-rwxr-xr-x 1 root root 4986008 Aug 31 06:17 snap-update-ns
-rwxr-xr-x 1 root root 852928 Aug 31 06:17 system-shutdown
luciadecastro@sebastian:~$ file /usr/lib/snapd/snap-confine
/usr/lib/snapd/snap-confine: setuid ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.6.32, BuildID[sha1]=6f8ebeee19e88c2b883b1c6cb4b541601d58f6f8, stripped