LP: 1944004 described an issue where a libc transition caused snapd seccomp profiles to reference a path that no longer existed, leading to permission denied errors. The committed fix for snapd then raised an issue where running `snapd debug seeding` would present a preseed-system-key and seed-restart-system-key due to a mismatch between the running kernel capabilities and the profiles being loaded by snapd. By mounting a cgroup2 type to /sys/fs/cgroup, the capabilities match for snapd as mounted in the chroot. This is done similarly to live-build/functions:138-140 where apparmour and seccomp actions are mounted after updating the buildd.impish-sru-lp-1946520
parent
271d498ab6
commit
9c3851d401
Loading…
Reference in new issue