Closed farshidtz closed 4 months ago
Apr 24 16:00:51 neptune openthread-border-router.remove[19774]: Start Apr 24 16:00:51 neptune openthread-border-router.remove[19775]: Remove the firewall config Apr 24 16:00:51 neptune kernel: audit: type=1400 audit(1713974451.024:1807): apparmor="DENIED" operation="exec" class="file" profile="snap.openthread-border-router.hook.remove" name="/usr/bin/systemctl" pid=19780 comm="otbr-firewall" requested_mask="x" denied_mask="x" fsuid=0 ouid=0 Apr 24 16:00:51 neptune kernel: audit: type=1400 audit(1713974451.024:1808): apparmor="DENIED" operation="open" class="file" profile="snap.openthread-border-router.hook.remove" name="/usr/bin/systemctl" pid=19780 comm="otbr-firewall" requested_mask="r" denied_mask="r" fsuid=0 ouid=0 Apr 24 16:00:51 neptune kernel: audit: type=1400 audit(1713974451.028:1809): apparmor="DENIED" operation="exec" class="file" profile="snap.openthread-border-router.hook.remove" name="/usr/bin/plymouth" pid=19782 comm="otbr-firewall" requested_mask="x" denied_mask="x" fsuid=0 ouid=0 Apr 24 16:00:51 neptune kernel: audit: type=1400 audit(1713974451.032:1810): apparmor="DENIED" operation="open" class="file" profile="snap.openthread-border-router.hook.remove" name="/usr/bin/plymouth" pid=19782 comm="otbr-firewall" requested_mask="r" denied_mask="r" fsuid=0 ouid=0 Apr 24 16:00:51 neptune kernel: audit: type=1400 audit(1713974451.036:1811): apparmor="DENIED" operation="exec" class="file" profile="snap.openthread-border-router.hook.remove" name="/usr/sbin/xtables-nft-multi" pid=19784 comm="otbr-firewall" requested_mask="x" denied_mask="x" fsuid=0 ouid=0 Apr 24 16:00:51 neptune kernel: audit: type=1400 audit(1713974451.036:1812): apparmor="DENIED" operation="open" class="file" profile="snap.openthread-border-router.hook.remove" name="/usr/sbin/xtables-nft-multi" pid=19784 comm="otbr-firewall" requested_mask="r" denied_mask="r" fsuid=0 ouid=0 Apr 24 16:00:51 neptune kernel: audit: type=1400 audit(1713974451.036:1813): apparmor="DENIED" operation="exec" class="file" profile="snap.openthread-border-router.hook.remove" name="/usr/sbin/xtables-nft-multi" pid=19785 comm="otbr-firewall" requested_mask="x" denied_mask="x" fsuid=0 ouid=0 Apr 24 16:00:51 neptune kernel: audit: type=1400 audit(1713974451.036:1814): apparmor="DENIED" operation="open" class="file" profile="snap.openthread-border-router.hook.remove" name="/usr/sbin/xtables-nft-multi" pid=19785 comm="otbr-firewall" requested_mask="r" denied_mask="r" fsuid=0 ouid=0 Apr 24 16:00:51 neptune kernel: audit: type=1326 audit(1713974451.040:1815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=snap.openthread-border-router.hook.remove pid=19786 comm="ipset" exe="/snap/openthread-border-router/54/usr/sbin/ipset" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffffa5be82cc code=0x50000 Apr 24 16:00:51 neptune kernel: audit: type=1326 audit(1713974451.040:1816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=snap.openthread-border-router.hook.remove pid=19787 comm="ipset" exe="/snap/openthread-border-router/54/usr/sbin/ipset" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff886d82cc code=0x50000 Apr 24 16:00:51 neptune systemd[1]: snap.openthread-border-router.hook.remove-a9b11a7c-c14c-4967-a5b7-b5106a1aa75d.scope: Deactivated successfully. Apr 24 16:00:51 neptune snapd[788]: context.go:318: ERROR task 2780 (Run remove hook of "openthread-border-router" snap if present): ignoring failure in hook "remove": Apr 24 16:00:51 neptune snapd[788]: /snap/openthread-border-router/54/bin/script/otbr-firewall: line 76: /usr/sbin/ip6tables: Permission denied Apr 24 16:00:51 neptune snapd[788]: /snap/openthread-border-router/54/bin/script/otbr-firewall: line 80: /usr/sbin/ip6tables: Permission denied Apr 24 16:00:51 neptune snapd[788]: rm: cannot remove '/run/snap.openthread-border-router': Is a directory
Possibly related to missing interface connections for the remove hook.
The error prevent reverting some system changes: https://github.com/canonical/openthread-border-router-snap/blob/b5b0ac9da18f573a8a450a6535ce6f5ffa2c93b9/snap/hooks/remove#L9-L14
Possibly related to missing interface connections for the remove hook.
The error prevent reverting some system changes: https://github.com/canonical/openthread-border-router-snap/blob/b5b0ac9da18f573a8a450a6535ce6f5ffa2c93b9/snap/hooks/remove#L9-L14