I’m currently making a snap for this project: https://github.com/imsnif/bandwhich
It visualizes the amount of traffic used by applications by cross-referencing process names in /proc and the observing traffic passing through network interfaces.
I thought using the following plugs would be enough, but after changing the confinement to strict, AppArmor prevents it from opening a raw socket:
apps: bandwhich: command: bandwhich plugs: - network - network-bind - system-observe = AppArmor = Time: Jan 14 13:58:02 Log: apparmor="DENIED" operation="create" profile="snap.bandwhich-carroarmato0.bandwhich" pid=30386 comm="bandwhich" family="packet" sock_type="raw" protocol=768 requested_mask="create" denied_mask="create"
Any suggestions on how to deal with that?