I have been trying to distribute our electron app in snap store and the publishing part has been smooth. But I have facing several issues post installing through snap and have been trying to fix them one by one.
Here, I need help with the error snap-confine has elevated permissions and is not confined but should be. Refusing to continue to avoid permission escalation attacks
How did I get the error?
Installed my app sudo snap install sdpclient
Restarted the PC.
Tried running the app $ sdpclient
I noticed that the snapd service was not running so I started it, but the error prevails. (Also, why does the service not start automatically even after enabling it?)
Then I went through this thread with the same issue: https://forum.snapcraft.io/t/snap-confine-has-elevated-permissions-error/2391
The solution there was to install Ubuntu kernel, but I am running Kali and Kali kernel is already installed.
This is the result of snap version ::
snap 2.42.5
snapd 2.42.5
series 16
kali 2019.4
kernel 5.3.0-kali2-amd64
Am I missing something? How to ensure this error does not happen to my customers?
SNAPD_DEBUG=1 SNAP_CONFINE_DEBUG=1 snap run hello-world
2019/12/20 13:06:23.958539 cmd_linux.go:224: DEBUG: restarting into "/snap/snapd/current/usr/bin/snap"
2019/12/20 13:06:24.011980 cmd_run.go:364: DEBUG: SELinux not enabled
DEBUG: umask reset, old umask was 022
DEBUG: security tag: snap.hello-world.hello-world
DEBUG: executable: /usr/lib/snapd/snap-exec
DEBUG: confinement: non-classic
DEBUG: base snap: core
DEBUG: ruid: 1000, euid: 0, suid: 0
DEBUG: rgid: 1000, egid: 0, sgid: 0
DEBUG: apparmor label on snap-confine is: unconfined
DEBUG: apparmor mode is: (null)
snap-confine has elevated permissions and is not confined but should be. Refusing to continue to avoid permission escalation attacks
Can you make sure that systemctl status apparmor.service shows that it’s active, if not please start and enable the service. Once it’s active, the following command: