Vault operator rekey fails "permission denied"

[somebehemoth]

I am running Ubuntu 18.04.1 LTS. Vault client works for all operations I have tried except for 'rekey'. Here is the command I am using with some fake key names:

$ vault operator rekey -backup=true -key-shares=2 -key-threshold=2 -pgp-keys="keyname@org.com.gpg,keyname2@org.com.gpg"
invalid value "keyname@org.com.gpg,keyname2@org.com.gpg" for flag -pgp-keys: open keyname@org.com.gpg: permission denied

When i use the Vault binary from https://releases.hashicorp.com/vault/0.11.1/vault_0.11.1_linux_amd64.zip the above command works as expected. As another data point the same command works on a mac using homebrew Vault cilent as well.

Thank you for making this snap.

[forty]

I think the error is more general: the snap cannot access the local file system and this is problematic for all commands that need file system access (for example I'm trying to sign my SSH key, and this fails) I think it is needed to add an "interface" so we can "plug" it

[sirianni]

Same issue when vault tries to open a browser:

Error attempting to automatically open browser: 'fork/exec /usr/bin/xdg-open: permission denied'.

[javacruft]

It would be useful to have the output of the kernel log file when you attempt todo this - we can use this to create a vault specific profile for access to SSH and GPG related files.

[gruyaume]

Closing this as this has been stale for a while now.