Thanks, added camera and CRAFT, but still no luck.
That is log I am facing in strict mode
[196797.398057] audit: type=1326 audit(1693770070.754:22949180): auid=1000 uid=0 gid=0 ses=3 subj=snap.test.qaapp pid=79864 comm="main" exe="/snap/test/x1/main/main" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9fa0532ceb code=0x50000
while in devmode, it’s giving these warnings
[197020.066207] audit: type=1326 audit(1693770293.419:22949208): auid=1000 uid=0 gid=0 ses=3 subj=snap.test.qaapp pid=80440 comm="main" exe="/snap/test/x1/main/main" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe6a0078ceb code=0x7ffc0000
[197020.066276] audit: type=1400 audit(1693770293.419:22949209): apparmor="ALLOWED" operation="open" class="file" profile="snap.test.qaapp" name="/sys/bus/usb/devices/" pid=80440 comm="main" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[197020.066280] audit: type=1400 audit(1693770293.419:22949210): apparmor="ALLOWED" operation="open" class="file" profile="snap.test.qaapp" name="/sys/devices/pci0000:00/0000:00:14.0/usb2/2-3/busnum" pid=80440 comm="main" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[197020.066330] audit: type=1400 audit(1693770293.419:22949211): apparmor="ALLOWED" operation="open" class="file" profile="snap.test.qaapp" name="/sys/devices/pci0000:00/0000:00:14.0/usb2/2-3/devnum" pid=80440 comm="main" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[197020.066334] audit: type=1400 audit(1693770293.419:22949212): apparmor="ALLOWED" operation="open" class="file" profile="snap.test.qaapp" name="/sys/devices/pci0000:00/0000:00:14.0/usb2/2-3/speed" pid=80440 comm="main" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[197020.066337] audit: type=1400 audit(1693770293.419:22949213): apparmor="ALLOWED" operation="open" class="file" profile="snap.test.qaapp" name="/sys/devices/pci0000:00/0000:00:14.0/usb2/2-3/descriptors" pid=80440 comm="main" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[197020.066351] audit: type=1400 audit(1693770293.419:22949214): apparmor="ALLOWED" operation="open" class="file" profile="snap.test.qaapp" name="/sys/devices/pci0000:00/0000:00:14.0/usb2/busnum" pid=80440 comm="main" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[197020.066402] audit: type=1400 audit(1693770293.419:22949215): apparmor="ALLOWED" operation="open" class="file" profile="snap.test.qaapp" name="/sys/devices/pci0000:00/0000:00:14.0/usb2/devnum" pid=80440 comm="main" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[197020.066406] audit: type=1400 audit(1693770293.419:22949216): apparmor="ALLOWED" operation="open" class="file" profile="snap.test.qaapp" name="/sys/devices/pci0000:00/0000:00:14.0/usb2/speed" pid=80440 comm="main" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[197020.066408] audit: type=1400 audit(1693770293.419:22949217): apparmor="ALLOWED" operation="open" class="file" profile="snap.test.qaapp" name="/sys/devices/pci0000:00/0000:00:14.0/usb2/descriptors" pid=80440 comm="main" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[197020.066463] audit: type=1400 audit(1693770293.419:22949218): apparmor="ALLOWED" operation="open" class="file" profile="snap.test.qaapp" name="/sys/devices/pci0000:00/0000:00:14.0/usb1/1-7/busnum" pid=80440 comm="main" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[197020.066468] audit: type=1400 audit(1693770293.419:22949219): apparmor="ALLOWED" operation="open" class="file" profile="snap.test.qaapp" name="/sys/devices/pci0000:00/0000:00:14.0/usb1/1-7/devnum" pid=80440 comm="main" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[197020.066470] audit: type=1400 audit(1693770293.419:22949220): apparmor="ALLOWED" operation="open" class="file" profile="snap.test.qaapp" name="/sys/devices/pci0000:00/0000:00:14.0/usb1/1-7/speed" pid=80440 comm="main" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[197020.066527] audit: type=1400 audit(1693770293.419:22949221): apparmor="ALLOWED" operation="open" class="file" profile="snap.test.qaapp" name="/sys/devices/pci0000:00/0000:00:14.0/usb1/1-7/descriptors" pid=80440 comm="main" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[197020.066532] audit: type=1400 audit(1693770293.419:22949222): apparmor="ALLOWED" operation="open" class="file" profile="snap.test.qaapp" name="/sys/devices/pci0000:00/0000:00:14.0/usb1/busnum" pid=80440 comm="main" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[197020.066534] audit: type=1400 audit(1693770293.419:22949223): apparmor="ALLOWED" operation="open" class="file" profile="snap.test.qaapp" name="/sys/devices/pci0000:00/0000:00:14.0/usb1/devnum" pid=80440 comm="main" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[197020.066536] audit: type=1400 audit(1693770293.419:22949224): apparmor="ALLOWED" operation="open" class="file" profile="snap.test.qaapp" name="/sys/devices/pci0000:00/0000:00:14.0/usb1/speed" pid=80440 comm="main" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[197020.066548] audit: type=1400 audit(1693770293.419:22949225): apparmor="ALLOWED" operation="open" class="file" profile="snap.test.qaapp" name="/sys/devices/pci0000:00/0000:00:14.0/usb1/descriptors" pid=80440 comm="main" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[197020.066599] audit: type=1400 audit(1693770293.419:22949226): apparmor="ALLOWED" operation="open" class="file" profile="snap.test.qaapp" name="/sys/devices/pci0000:00/0000:00:14.0/usb1/busnum" pid=80440 comm="main" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[197020.066604] audit: type=1400 audit(1693770293.419:22949227): apparmor="ALLOWED" operation="open" class="file" profile="snap.test.qaapp" name="/sys/devices/pci0000:00/0000:00:14.0/usb1/devnum" pid=80440 comm="main" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[197020.066606] audit: type=1400 audit(1693770293.419:22949228): apparmor="ALLOWED" operation="open" class="file" profile="snap.test.qaapp" name="/sys/devices/pci0000:00/0000:00:14.0/usb1/1-1/busnum" pid=80440 comm="main" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[197020.066661] audit: type=1400 audit(1693770293.419:22949229): apparmor="ALLOWED" operation="open" class="file" profile="snap.test.qaapp" name="/sys/devices/pci0000:00/0000:00:14.0/usb1/1-1/devnum" pid=80440 comm="main" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[197020.066665] audit: type=1400 audit(1693770293.419:22949230): apparmor="ALLOWED" operation="open" class="file" profile="snap.test.qaapp" name="/sys/devices/pci0000:00/0000:00:14.0/usb1/1-1/speed" pid=80440 comm="main" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[197020.066668] audit: type=1400 audit(1693770293.419:22949231): apparmor="ALLOWED" operation="open" class="file" profile="snap.test.qaapp" name="/sys/devices/pci0000:00/0000:00:14.0/usb1/1-1/descriptors" pid=80440 comm="main" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[197020.066683] audit: type=1400 audit(1693770293.419:22949232): apparmor="ALLOWED" operation="open" class="file" profile="snap.test.qaapp" name="/sys/devices/pci0000:00/0000:00:14.0/usb2/busnum" pid=80440 comm="main" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[197020.066739] audit: type=1400 audit(1693770293.419:22949233): apparmor="ALLOWED" operation="open" class="file" profile="snap.test.qaapp" name="/sys/devices/pci0000:00/0000:00:14.0/usb2/devnum" pid=80440 comm="main" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[197020.066843] audit: type=1400 audit(1693770293.419:22949234): apparmor="ALLOWED" operation="capable" class="cap" profile="snap.test.qaapp" pid=80440 comm="main" capability=23 capname="sys_nice"
[197020.070875] audit: type=1400 audit(1693770293.423:22949235): apparmor="ALLOWED" operation="open" class="file" profile="snap.test.qaapp" name="/sys/devices/pci0000:00/0000:00:14.0/usb2/2-3/bConfigurationValue" pid=80440 comm="main" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[197020.070883] audit: type=1400 audit(1693770293.423:22949236): apparmor="ALLOWED" operation="open" class="file" profile="snap.test.qaapp" name="/sys/devices/pci0000:00/0000:00:14.0/usb2/2-3/bConfigurationValue" pid=80440 comm="main" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[197020.070927] audit: type=1400 audit(1693770293.423:22949237): apparmor="ALLOWED" operation="open" class="file" profile="snap.test.qaapp" name="/dev/bus/usb/002/003" pid=80440 comm="main" requested_mask="wr" denied_mask="wr" fsuid=0 ouid=0
[197020.077631] audit: type=1400 audit(1693770293.431:22949238): apparmor="ALLOWED" operation="open" class="file" profile="snap.test.qaapp" name="/dev/bus/usb/002/003" pid=80440 comm="main" requested_mask="wr" denied_mask="wr" fsuid=0 ouid=0
[197020.631554] audit: type=1400 audit(1693770293.987:22949239): apparmor="ALLOWED" operation="capable" class="cap" profile="snap.test.qaapp" pid=80440 comm="CUxStream::Xfer" capability=23 capname="sys_nice"
and the strange thing is that, in snappy-debug, it’s printing these warnings,
= AppArmor =
Time: Sep 3 21:44:53
Log: apparmor="ALLOWED" operation="open" class="file" profile="snap.test.qaapp" name="/sys/bus/usb/devices/" pid=80440 comm="main" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
File: /sys/bus/usb/devices/ (read)
Suggestions:
* adjust program to not access '/sys/bus/usb/devices/'
* add one of 'camera, raw-usb' to 'plugs'
= AppArmor =
Time: Sep 3 21:44:53
Log: apparmor="ALLOWED" operation="open" class="file" profile="snap.test.qaapp" name="/sys/devices/pci0000:00/0000:00:14.0/usb2/2-3/busnum" pid=80440 comm="main" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
File: /sys/devices/pci0000:00/0000:00:14.0/usb2/2-3/busnum (read)
Suggestions:
* adjust program to not access '/sys/devices/pci0000:00/0000:00:14.0/usb2/2-3/busnum'
* adjust program to not access '/sys/devices/pci[0-9]*:[0-9]*/[0-9]*:[0-9]*:[0-9]*.[0-9]*/usb[0-9]*/[0-9]*-[0-9]*/busnum'
= AppArmor =
Time: Sep 3 21:44:53
Log: apparmor="ALLOWED" operation="open" class="file" profile="snap.test.qaapp" name="/sys/devices/pci0000:00/0000:00:14.0/usb2/2-3/devnum" pid=80440 comm="main" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
File: /sys/devices/pci0000:00/0000:00:14.0/usb2/2-3/devnum (read)
Suggestions:
* adjust program to not access '/sys/devices/pci0000:00/0000:00:14.0/usb2/2-3/devnum'
* adjust program to not access '/sys/devices/pci[0-9]*:[0-9]*/[0-9]*:[0-9]*:[0-9]*.[0-9]*/usb[0-9]*/[0-9]*-[0-9]*/devnum'
although I added camera, and raw-usb into plugs
plugs:
- raw-usb
- home
- network
- network-bind
- camera
- system-backup
- process-control