Seccomp violation when pairing and controlling devices #8

farshidtz · 2023-07-19T09:58:03Z

There may be some permission issues, but they don't appear to affect functionality.

Here is the debug info from snappy-debug when trying to pair with chip-tool pairing ble-thread:

= AppArmor =
Time: 2023-07-19T11:2
Log: apparmor="DENIED" operation="capable" class="cap" profile="/snap/snapd/19457/usr/lib/snapd/snap-confine" pid=36414 comm="snap-confine" capability=12  capname="net_admin"
Capability: net_admin
Suggestions:
* adjust program to not require 'CAP_NET_ADMIN' (see 'man 7 capabilities')
* add one of 'bluetooth-control, firewall-control, netlink-audit, netlink-connector, network-control, qualcomm-ipc-router' to 'plugs'
* do nothing if using systemd utility (eg, timedatectl): https://forum.snapcraft.io/t/managing-time-date-and-timezone-in-ubuntu-core/408/44
* do nothing (https://launchpad.net/bugs/1465724)

= AppArmor =
Time: 2023-07-19T11:2
Log: apparmor="DENIED" operation="capable" class="cap" profile="/snap/snapd/19457/usr/lib/snapd/snap-confine" pid=36414 comm="snap-confine" capability=38  capname="perfmon"
Capability: perfmon
Suggestions:
* adjust program to not require 'CAP_PERFMON' (see 'man 7 capabilities')
* do nothing if program otherwise works properly

= Seccomp =
Time: 2023-07-19T11:2
Log: auid=1000 uid=0 gid=0 ses=4 subj=snap.chip-tool.chip-tool pid=36414 comm="gmain-matter" exe="/snap/chip-tool/19/bin/chip-tool" sig=0 arch=c000003e 314(sched_setattr) compat=0 ip=0x7fe5c1e50a3d code=0x50000
Syscall: sched_setattr
Suggestion:
* add 'process-control' to 'plugs'

During onoff toggle:

= AppArmor =
Time: 2023-07-25T13:1
Log: apparmor="DENIED" operation="capable" class="cap" profile="/snap/snapd/19457/usr/lib/snapd/snap-confine" pid=48260 comm="snap-confine" capability=12  capname="net_admin"
Capability: net_admin
Suggestions:
* adjust program to not require 'CAP_NET_ADMIN' (see 'man 7 capabilities')
* add one of 'bluetooth-control, firewall-control, netlink-audit, netlink-connector, network-control, qualcomm-ipc-router' to 'plugs'
* do nothing if using systemd utility (eg, timedatectl): https://forum.snapcraft.io/t/managing-time-date-and-timezone-in-ubuntu-core/408/44
* do nothing (https://launchpad.net/bugs/1465724)

= AppArmor =
Time: 2023-07-25T13:1
Log: apparmor="DENIED" operation="capable" class="cap" profile="/snap/snapd/19457/usr/lib/snapd/snap-confine" pid=48260 comm="snap-confine" capability=38  capname="perfmon"
Capability: perfmon
Suggestions:
* adjust program to not require 'CAP_PERFMON' (see 'man 7 capabilities')
* do nothing if program otherwise works properly

The text was updated successfully, but these errors were encountered:

farshidtz added the bug Something isn't working label Jul 19, 2023

farshidtz closed this as completed Jul 19, 2023

farshidtz reopened this Jul 19, 2023

farshidtz changed the title ~~Unable to commission using onboard bluetooth device~~ AppArmor denials when pairing and controlling devices Jul 25, 2023

MonicaisHer mentioned this issue Oct 11, 2023

Add process control plug #14

Merged

farshidtz changed the title ~~AppArmor denials when pairing and controlling devices~~ Seccomp violation when pairing and controlling devices Oct 16, 2023

farshidtz closed this as completed in #14 Oct 16, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Seccomp violation when pairing and controlling devices #8

Seccomp violation when pairing and controlling devices #8

farshidtz commented Jul 19, 2023 •

edited

Loading

Seccomp violation when pairing and controlling devices #8

Seccomp violation when pairing and controlling devices #8

Comments

farshidtz commented Jul 19, 2023 • edited Loading

farshidtz commented Jul 19, 2023 •

edited

Loading