Created attachment 1481889 [details] Detailed SELinux messages when trying to install snapd and simple "hello" package. Description of problem: I received several SELinux alerts when install the "snapd" RPM and a basic snap package. Version-Release number of selected component (if applicable): snapd-2.35-1.fc28.x86_64 How reproducible: Steps to Reproduce: 1. Install "snapd" using "sudo dnf install snapd" 2. Following the suggestion from https://docs.snapcraft.io/core/install-fedora, I ran "sudo ln -s /var/lib/snapd/snap /snap" 3. Run "snap install hello" (will ask for root authentication). Actual results: The snapd package was installed properly, but I received several SELinux alerts. including: SELinux is preventing snap-confine from getattr access on the filesystem /. SELinux is preventing snapd from getattr access on the directory /home/username/snap. SELinux is preventing snapd from read access on the directory snap. SELinux is preventing snapd from open access on the directory /home/username/snap. Note that "hello" and "hello.universe" do run properly. Expected results: No SELinux warnings/messages. Additional info: Note that I have tried using snap packages a few times on Fedora 28, but I ran into similar errors and gave up, not reporting the problems. I figured I would finally report the bug report. I have tried installing a few other snap packages, but I thought I would start with a basic one.
This appears to be fixed in a recent update to Fedora 29 (maybe an update to the snapd-selinux package fixed this). I did recently reinstall my Fedora desktop which has been upgraded from Fedora 23 (or so) through Fedora 29. I did see some SELinux warnings related to snapd (something about updating man pages, as I remember). The reinstallation was done with with Fedora 29 KDE Spin and so far no issues with SELinux warnings. This issue can be closed for now.