[Bug 2009317] [NEW] All Snaps Broken After Release Upgrade
Brett Holman
2009317 at bugs.launchpad.net
Mon Mar 6 02:01:04 UTC 2023
Public bug reported:
isa~ lsb_release -rd
No LSB modules are available.
Description: Ubuntu Lunar Lobster (development branch)
Release: 23.04
Expected behavior:
==================
Installed snaps worked before do-release-upgrade (from Kinetic to Lunar), they should also work after.
Actual behavior:
==================
Snaps worked before do-release-upgrade, NONE work after. Printed warning is useless. Debugging requires secondary device. This should be a trivial fix (re-enable apparmor service at the end of do-release-upgrade).
isa~ firefox
snap-confine has elevated permissions and is not confined but should be. Refusing to continue to avoid permission escalation attacks
Please make sure that the snapd.apparmor service is enabled and started.
isa~ systemctl status snapd.apparmor
● snapd.apparmor.service - Load AppArmor profiles managed internally by snapd
Loaded: loaded (/lib/systemd/system/snapd.apparmor.service; enabled; preset: enabled)
Active: active (exited) since Sun 2023-03-05 18:27:10 MST; 10min ago
Main PID: 826 (code=exited, status=0/SUCCESS)
CPU: 43.722s
Mar 05 18:27:10 isa systemd[1]: Finished Load AppArmor profiles managed internally by snapd.
Notice: journal has been rotated since unit was started, output may be incomplete.
It looks like during the release upgrade apparmor was disabled and needs
to be re-enabled.
isa~ systemctl status apparmor
○ apparmor.service - Load AppArmor profiles
Loaded: loaded (/lib/systemd/system/apparmor.service; disabled; preset: enabled)
Active: inactive (dead)
Docs: man:apparmor(7)
https://gitlab.com/apparmor/apparmor/wikis/home/
isa~ systemctl start apparmor
Notes:
======
This is a reoccurring bug, I hit it when upgrading to Kinetic as well on the same device. This does NOT happen on all devices (my other device didn't hit this issue when upgrading Jammy->Kinetic->Lunar). This is a bad user experience - debugging requires a secondary device because Ubuntu browsers are snap-based.
** Affects: ubuntu-release-upgrader (Ubuntu)
Importance: Undecided
Status: New
** Affects: ubuntu-release-upgrader (Ubuntu Jammy)
Importance: Undecided
Status: New
** Affects: ubuntu-release-upgrader (Ubuntu Kinetic)
Importance: Undecided
Status: New
** Also affects: ubuntu-release-upgrader (Ubuntu Kinetic)
Importance: Undecided
Status: New
** Also affects: ubuntu-release-upgrader (Ubuntu Jammy)
Importance: Undecided
Status: New
** Description changed:
isa~ lsb_release -rd
No LSB modules are available.
Description: Ubuntu Lunar Lobster (development branch)
Release: 23.04
Expected behavior:
==================
- Installed snaps worked before do-release-upgrade, they should also work after.
+ Installed snaps worked before do-release-upgrade (from Kinetic to Lunar), they should also work after.
Actual behavior:
==================
Snaps worked before do-release-upgrade, NONE work after. Printed warning is useless. Debugging requires secondary device. This should be a trivial fix (re-enable apparmor service at the end of do-release-upgrade).
- isa~ firefox
+ isa~ firefox
snap-confine has elevated permissions and is not confined but should be. Refusing to continue to avoid permission escalation attacks
Please make sure that the snapd.apparmor service is enabled and started.
- isa~ systemctl status snapd.apparmor
+ isa~ systemctl status snapd.apparmor
● snapd.apparmor.service - Load AppArmor profiles managed internally by snapd
- Loaded: loaded (/lib/systemd/system/snapd.apparmor.service; enabled; preset: enabled)
- Active: active (exited) since Sun 2023-03-05 18:27:10 MST; 10min ago
- Main PID: 826 (code=exited, status=0/SUCCESS)
- CPU: 43.722s
+ Loaded: loaded (/lib/systemd/system/snapd.apparmor.service; enabled; preset: enabled)
+ Active: active (exited) since Sun 2023-03-05 18:27:10 MST; 10min ago
+ Main PID: 826 (code=exited, status=0/SUCCESS)
+ CPU: 43.722s
Mar 05 18:27:10 isa systemd[1]: Finished Load AppArmor profiles managed internally by snapd.
Notice: journal has been rotated since unit was started, output may be incomplete.
It looks like during the release upgrade apparmor was disabled and needs
to be re-enabled.
- isa~ systemctl status apparmor
+ isa~ systemctl status apparmor
○ apparmor.service - Load AppArmor profiles
- Loaded: loaded (/lib/systemd/system/apparmor.service; disabled; preset: enabled)
- Active: inactive (dead)
- Docs: man:apparmor(7)
- https://gitlab.com/apparmor/apparmor/wikis/home/
+ Loaded: loaded (/lib/systemd/system/apparmor.service; disabled; preset: enabled)
+ Active: inactive (dead)
+ Docs: man:apparmor(7)
+ https://gitlab.com/apparmor/apparmor/wikis/home/
isa~ systemctl start apparmor
-
Notes:
======
This is a reoccurring bug, I hit it when upgrading to Kinetic as well on the same device. This does NOT happen on all devices (my other device didn't hit this issue when upgrading Jammy->Kinetic->Lunar). This is a bad user experience - debugging requires a secondary device because Ubuntu browsers are snap-based.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to ubuntu-release-upgrader in
Ubuntu.
https://bugs.launchpad.net/bugs/2009317
Title:
All Snaps Broken After Release Upgrade
Status in ubuntu-release-upgrader package in Ubuntu:
New
Status in ubuntu-release-upgrader source package in Jammy:
New
Status in ubuntu-release-upgrader source package in Kinetic:
New
Bug description:
isa~ lsb_release -rd
No LSB modules are available.
Description: Ubuntu Lunar Lobster (development branch)
Release: 23.04
Expected behavior:
==================
Installed snaps worked before do-release-upgrade (from Kinetic to Lunar), they should also work after.
Actual behavior:
==================
Snaps worked before do-release-upgrade, NONE work after. Printed warning is useless. Debugging requires secondary device. This should be a trivial fix (re-enable apparmor service at the end of do-release-upgrade).
isa~ firefox
snap-confine has elevated permissions and is not confined but should be. Refusing to continue to avoid permission escalation attacks
Please make sure that the snapd.apparmor service is enabled and started.
isa~ systemctl status snapd.apparmor
● snapd.apparmor.service - Load AppArmor profiles managed internally by snapd
Loaded: loaded (/lib/systemd/system/snapd.apparmor.service; enabled; preset: enabled)
Active: active (exited) since Sun 2023-03-05 18:27:10 MST; 10min ago
Main PID: 826 (code=exited, status=0/SUCCESS)
CPU: 43.722s
Mar 05 18:27:10 isa systemd[1]: Finished Load AppArmor profiles managed internally by snapd.
Notice: journal has been rotated since unit was started, output may be incomplete.
It looks like during the release upgrade apparmor was disabled and
needs to be re-enabled.
isa~ systemctl status apparmor
○ apparmor.service - Load AppArmor profiles
Loaded: loaded (/lib/systemd/system/apparmor.service; disabled; preset: enabled)
Active: inactive (dead)
Docs: man:apparmor(7)
https://gitlab.com/apparmor/apparmor/wikis/home/
isa~ systemctl start apparmor
Notes:
======
This is a reoccurring bug, I hit it when upgrading to Kinetic as well on the same device. This does NOT happen on all devices (my other device didn't hit this issue when upgrading Jammy->Kinetic->Lunar). This is a bad user experience - debugging requires a secondary device because Ubuntu browsers are snap-based.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-release-upgrader/+bug/2009317/+subscriptions
More information about the foundations-bugs
mailing list