[Kernel-packages] [Bug 2103578] [NEW] AppArmor notifications loose state when listener crashes

Tue, 18 Mar 2025 23:10:58 -0700 

Public bug reported:

When snapd crashes or restarts it closes its connection to the kernel
and the listener state, and all existing notifications are lost.

This is a problem for snapd as it means prompt information is lost,
causing failures for the user, and a need to re-prompt the user. The
user experience is also poor, as this causes extra prompts, denials
after a prompt was allowed and general poor user experience.

Prompts that occur during a crash/restart are immediately denied leading
to further issues.

While snapd could store some of the lost state for each prompt received,
the only way to ensure notification received during crash recovery or
restart is to have the kernel listener to continue to queue
notifications.

This requires apparmor to gain the ability to delay listener cleanup and
continue to receive notifications while snapd restarts.

** Affects: linux (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/2103578

Title:
  AppArmor notifications loose state when listener crashes

Status in linux package in Ubuntu:
  New

Bug description:
  When snapd crashes or restarts it closes its connection to the kernel
  and the listener state, and all existing notifications are lost.

  This is a problem for snapd as it means prompt information is lost,
  causing failures for the user, and a need to re-prompt the user. The
  user experience is also poor, as this causes extra prompts, denials
  after a prompt was allowed and general poor user experience.

  Prompts that occur during a crash/restart are immediately denied
  leading to further issues.

  While snapd could store some of the lost state for each prompt
  received, the only way to ensure notification received during crash
  recovery or restart is to have the kernel listener to continue to
  queue notifications.

  This requires apparmor to gain the ability to delay listener cleanup
  and continue to receive notifications while snapd restarts.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2103578/+subscriptions


-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to