Unable to install snap from store or locally

keshavnrj · March 23, 2018, 2:22pm

Hi, am unable to install any snap using snap install command. am getting Apparmor errors
snap install natural-reader_1_amd64.snap --dangerous error: cannot perform the following tasks:

Setup snap “core” (4206) security profiles (cannot setup apparmor for snap “core”: cannot load apparmor profile “snap.core.hook.configure”: cannot load apparmor profile: exit status 1 apparmor_parser output: AppArmor parser error for /var/lib/snapd/apparmor/profiles/snap.core.hook.configure in /etc/apparmor.d/tunables/global at line 15: Could not open ‘tunables/home’ )
Setup snap “core” (4206) security profiles (cannot load apparmor profile “snap.core.hook.configure”: cannot load apparmor profile: exit status 1 apparmor_parser output: AppArmor parser error for /var/lib/snapd/apparmor/profiles/snap.core.hook.configure in /etc/apparmor.d/tunables/global at line 15: Could not open ‘tunables/home’ )

I also tried to install package from online store and am getting same error. Please help

My snap version details: snap 2.29.4.2 snapd 2.29.4.2 series 16 ubuntu 16.04 kernel 4.4.0-116-generic

Output of aa-status sudo aa-status apparmor module is loaded. 0 profiles are loaded. 0 profiles are in enforce mode. 0 profiles are in complain mode. 0 processes have profiles defined. 0 processes are in enforce mode. 0 processes are in complain mode. 0 processes are unconfined but have a profile defined.

systemctl status apparmor.service https://paste.ubuntu.com/p/XqS2Qzw4TB/

Output of journalctl -xe https://paste.ubuntu.com/p/fqH5Yk5qbs/

keshavnrj · March 24, 2018, 11:01am

Anyone to help me on this still not able to fix this issue am using ubuntu 16.04

kyleN · March 26, 2018, 1:16pm

Is the snap published on stable in the global store (amd64 does not seem to be):

$ snap info natural-reader
error: no snap found for "natural-reader"

keshavnrj · March 26, 2018, 1:28pm

It a local snap if application i developed. It is not yet uploaded in store.

kyleN · March 26, 2018, 1:33pm

The title says “From Store” though

sparkiegeek · March 26, 2018, 1:39pm

As per https://wiki.ubuntu.com/DebuggingApparmor#Adjusting_Tunables did you customize the tunable for home?

Is your home on the local disk in /home/ ?

keshavnrj · March 26, 2018, 1:50pm

And also from locally cgeck again.

keshavnrj · March 26, 2018, 1:51pm

Yes it is there, i migrated from hdd to sdd before all this came up
.

jdstrand · March 26, 2018, 6:17pm

Do you have the /etc/apparmor.d/tunables/home file? If so, what are its contents? What is the output of stat /etc/apparmor.d/tunables/home?

keshavnrj · March 30, 2018, 12:08pm

stat: cannot stat ‘/etc/apparmor.d/tunables/home’: No such file or directory

jdstrand · March 30, 2018, 12:35pm

This required file was accidentally removed from your system and you need to restore it. For your convenience, here is the contents of that file from a 16.04 system:

$ cat /etc/apparmor.d/tunables/home
# ------------------------------------------------------------------
#
#    Copyright (C) 2006-2009 Novell/SUSE
#    Copyright (C) 2010 Canonical Ltd.
#
#    This program is free software; you can redistribute it and/or
#    modify it under the terms of version 2 of the GNU General Public
#    License published by the Free Software Foundation.
#
# ------------------------------------------------------------------

# @{HOME} is a space-separated list of all user home directories. While
# it doesn't refer to a specific home directory (AppArmor doesn't
# enforce discretionary access controls) it can be used as if it did
# refer to a specific home directory
@{HOME}=@{HOMEDIRS}/*/ /root/

# @{HOMEDIRS} is a space-separated list of where user home directories
# are stored, for programs that must enumerate all home directories on a
# system.
@{HOMEDIRS}=/home/

# Also, include files in tunables/home.d for site-specific adjustments to
# @{HOMEDIRS}.
#include <tunables/home.d>

If you find other files are missing, I suggest reinstalling apparmor with:

$ sudo dpkg --purge --force-depends apparmor
$ sudo apt-get install apparmor
$ sudo reboot

This will of course delete modifications to files in /etc that apparmor ships.

keshavnrj · March 30, 2018, 12:39pm

i found this file on internet and saved it in place but the error was not solved, am reinstalling apparmor and snapd. I dont know if this will solve the issue

keshavnrj · March 30, 2018, 12:45pm

hi @jdstrand i reinstalled apparmor but sudo apparmor_status outputs as below :

sudo apparmor_status 
apparmor module is loaded.
0 profiles are loaded.
0 profiles are in enforce mode.
0 profiles are in complain mode.
0 processes have profiles defined.
0 processes are in enforce mode.
0 processes are in complain mode.
0 processes are unconfined but have a profile defined.

keshavnrj · March 30, 2018, 12:54pm

i solved it by reinstalling apparmor and snapd followed by a fresh boot. Thanks all

keshavnrj · March 30, 2018, 12:59pm

Instructions if someone else get similar situation on Ubuntu 16.04 :

sudo apt-get purge apparmor
sudo apt-get purge apparmor-profiles
sudo apt-get purge apparmor-utils
sudo apt-get remove snapd snapd-confine

Now Install back them all:

sudo apt-get install apparmor-utils
sudo apt install apparmor-profiles apparmor-profiles-extra vim-addon-manager
sudo apt install snapd snapd-login-service snap-confine

Reboot System and test with

sudo apparmor_status

You will see apparmor profiles are now loaded and snap install command also working

sudo snap install hello-world

jdstrand · March 30, 2018, 1:02pm

Yeah, I mentioned the reboot on purpose. It is possible to do it all without a reboot, but the reinstall and reboot is much easier. You shouldn’t have had to remove snapd, but I’m glad you got it sorted!