Hello,
I am part of a team developing a Ubuntu Core-based embedded product. So, we make heavy use of a full development environment in the “classic” snap. However, this logs apparmor messages at such a rate that systemd-journald nearly pegs a core, and the in-ram journal rotates every few minutes! Example:
Sep 01 16:49:38 bar8 audit[16421]: AVC apparmor=“ALLOWED” operation=“recvmsg” profile=“snap.classic.classic” pid=16421 comm=“ssh” laddr=::1 lport=45712 faddr=::1 fport=2222 family=“inet6” sock_type=“stream” protocol=6 requested_mask=“receive” denied_mask=“receive”
Sep 01 16:49:38 bar8 audit[19176]: AVC apparmor=“ALLOWED” operation=“sendmsg” profile=“snap.classic.classic” pid=19176 comm=“python” laddr=10.210.232.212 lport=43630 faddr=10.210.232.212 fport=43990 family=“inet” sock_type=“stream” protocol=6 requested_mask=“send” denied_mask=“send”
Basically, it appears that every send or receive of network traffic from any application in classic generates an apparmor warning. Our application is based on ROS, which involves heavy network traffic.
Would it help to rebuild the classic snap locally, declaring network related plug(s)? Other ideas?