I would like to use snapcraft to create a snap package, but things does not end in the way I wanted, but at least I have a good snap + apparmor installation
I read many articles about how to install snap but I saw in many skipping the proper installation of apparmor.
Snap uses apparmor for sandbox, is installed as dependency, but does not “just works”, it needs to be enabled at kernel level.
Install packages
sudo pacman -Syu snapd
Apparmor is installed automatically as dependency.
Enable services
Enable systemd services using the following commands:
sudo systemctl enable apparmor --now
sudo systemctl enable snapd --now
sudo systemctl enable snapd.apparmor --now
enable
will allow service to be loaded automatically, and
--now
try to initialize it immediately, avoiding a second call to start it.Enable Apparmor at Kernel level
Apparmor current status
You can check the current status of Apparmor using the following command.
If you receive a “No”, read next “Enable apparmor - GRUB Config”.
Enable Apparmor - GRUB Config
You have to edit file located /etc/default/grub. Inside this file you have multiple variales, you have to add at the end of the line GRUB_CMD_LINE_LINUX the following:
apparmor=1 security=apparmor
Don’t forget space between apparmor=1 and the original string.
Now call update-grub to apply your changes:
sudo update-grub
update-grub
is successful, if not try to fix the issue before continue.Reboot, and check status again using aa-enabled:
Yes means Apparmor is now working correctly.
Issue with “classic snap” installation
Some packages like snapcraft needs to be installed as “classic installation” using the --classic parameter, and need this symlink to make it work:
sudo ln -s /snap /var/lib/snapd/snap
Try your installation again.
Issues using Snapcraft (not resolved)
I installed snapcraft, it’s a tool to build snaps. It uses multipass as dependency.
TL;DR; I have no idea how to solve this, I have multipass running correctly, but does not work if I try to use snapcraft.
Requisites:
- You need your CPU virtualization enabled
- KVM kernel module loaded
“Cannot connect to multipass socket”
Multipass socket was not working, was because virtualization in bios was disabled.
The error was:
- $ snapcraft
- launch failed: cannot connect to the multipass socket
- Please ensure `multipassd` is running and `/var/snap/multipass/common/multipass_socket` is accessible
Multipass not working when is used by snapcraft
Then multipass does not work when I called through snapcraft command, but works when called standalone.
I did initialize multipass, using multipass tray icon (multipass.gui), I used the shell option. It launches a console and starts an image.
I did try to use snapcraft again:
- $ snapcraft
- Launching a VM.
- Build environment is in unknown state, cleaning first.
- info failed: The following errors occurred:
- instance "x" does not exist
- launch failed: Remote "snapcraft" is unknown or unreachable.
- An error occurred with the instance when trying to launch with 'multipass': returned exit code 2.
- Ensure that 'multipass' is setup correctly and try again.
At this point, I stop trying.
Next steps
I’ll setup in the future a Docker image with Ubuntu, I think it should work seamlessly, enough time wasted but at least I had proper snap + apparmor working for other less complex snap packages.
UPDATE 20230417: I did try to create a docker image to run snapcraft, and seems more complicated than I thought, I found there are official images for snapcraft but are too old, are based on Ubuntu Xenial.
UPDATE 20230418: I just did Ubuntu server VM on QEMU, and I’m getting the same error. I give up.
Issue with Apparmor and Samba shares
Apparmor does not allow to smb service to work properly, a quick solution (not best) is to run the following command:
sudo aa-complain /etc/apparmor.d/usr.sbin.smbd
A better solution will be this
Thanks for reading!
Namaste.