canonical / meta-snapd

Yocto meta-layer for snapd
MIT License
10 stars 6 forks source link

scarthgap branch needs the kernel apparmor patches #60

Open om26er opened 2 weeks ago

om26er commented 2 weeks ago

I am using scarthgap with raspberrypi which has linux 6.6 -- snapd works, though it's logs show

AppArmor status: apparmor is enabled but some kernel features are missing: dbus, network

I guess we need to first find the patches that will apply cleanly to linux 6.6

om26er commented 2 weeks ago
root@scarthgap:~# snap debug sandbox-features
apparmor:             kernel:caps kernel:domain kernel:file kernel:mount kernel:namespaces kernel:network_v8 kernel:policy kernel:ptrace kernel:query kernel:rlimit kernel:signal parser:cap-audit-read parser:cap-bpf parser:qipcrtr-socket parser:unsafe parser:xdp policy:default support-level:partial
confinement-options:  classic devmode
dbus:                 mediated-bus-access
kmod:                 mediated-modprobe
mount:                layouts mount-namespace per-snap-persistency per-snap-profiles per-snap-updates per-snap-user-profiles stale-base-invalidation
seccomp:              bpf-actlog bpf-argument-filtering kernel:allow kernel:errno kernel:kill_process kernel:kill_thread kernel:log kernel:trace kernel:trap kernel:user_notif
udev:                 tagging