Package Details: snapd 2.75.2-1

Git Clone URL: https://aur.archlinux.org/snapd.git (read-only, click to copy)
Package Base: snapd
Description: Service and tools for management of snap packages.
Upstream URL: https://github.com/snapcore/snapd
Licenses: GPL3
Conflicts: snap-confine
Submitter: Barthalion
Maintainer: bboozzoo (zyga)
Last Packager: bboozzoo
Votes: 231
Popularity: 3.42
First Submitted: 2018-01-07 17:37 (UTC)
Last Updated: 2026-04-20 08:01 (UTC)

Pinned Comments

bboozzoo commented on 2018-10-25 11:56 (UTC) (edited on 2025-07-10 11:42 (UTC) by bboozzoo)

Package update notes

2.36

2.36 is the first release with AppArmor enabled by default on Arch.

If you do not have AppArmor enabled at boot there should be no functional changes visible.

If you wish to use snaps with Apparmor, first make sure that Apparmor is enabled during boot, see https://wiki.archlinux.org/index.php/AppArmor for details. After upgrading the package, you need to do the following steps:

  • Reload the profiles: systemctl restart apparmor.service
  • Restart snapd: systemctl restart snapd.service
  • Load profiles for snaps: systemctl enable --now snapd.apparmor.service
2.62

Since 2.62 snapd generated additional files describing the sandbox. The snapd service needs to be restarted after the update for snaps to continue working (unless the system is rebooted after the update, in which case no additional steps are needed). To restart, run systemctl restart snapd.service

2.70

Snapd 2.70 drops setuid permissions on /usr/lib/snapd/snap-confine in favor of explicit file capabilities. After an upgrade to 2.70, the users are prompted to restart the apparmor.service otherwise attempts to run snaps will error with cannot set capabilities message.

Latest Comments

« First ‹ Previous 1 2 3 4 5 6 7 .. 28 Next › Last »

atleeit commented on 2026-02-08 05:11 (UTC) (edited on 2026-02-08 05:12 (UTC) by atleeit)

I'm running LTS kernels.

Last few kernel updates I've had to fix snap packages, i.e. failing to load, even though updates rebuilt kernels, I had to manually rebuild.

sudo mkinitcpio -P sometimes fixed things, assuming apparmor=1 security=apparmor is a part of the CMDLINE.

Today again it failed once more, complained about: snap-confine has elevated permissions and is not confined but should be. Refusing to continue to avoid permission escalation attacks xyz.app[4244]: Please make sure that the snapd.apparmor service is enabled and started.

The following fixed it: sudo apparmor_parser -r /etc/apparmor.d/snap-confine sudo apparmor_parser -r /var/lib/snapd/apparmor/profiles/snap-confine*

bboozzoo commented on 2026-01-20 06:25 (UTC)

@Edu4500 snaps are squashfs images so kernel squashfs support is needed. The default Arch kernels have it enabled as a module. Perhaps you've updated the kernel packae but forgot to reboot? In this case the module for your current kernel would not be found, a reboot will solve that.

Or you could be using a different kernel which does not have squashfs enabled. If it's something you built, make sure to enable squashfs.

Alternatively the error could be coming from libmount directly, in which case I would suggesting downloading a snap, e.g. snap download bare and then try to mount the snap file on the side somewhere to see what's going on. You can add LIBMOUNT_DEBUG=all which will make libmount produce a lot of debug output, maybe you can then figure out what's wrong. The command snaps calls to check for squashfs support is roughtly mount -t squashfs <snap-file>.snap <some-random-tmp-location>.

Edu4500 commented on 2026-01-20 05:35 (UTC)

snap refresh

error: system does not fully support snapd: cannot mount squashfs image using "squashfs": mount: /tmp/syscheck-mountpoint-888825572: failed to setup loop device for /tmp/syscheck-squashfs-3026784151.

is that a problem in the package or in my installation? what can I do to fix it?

dominikzogg commented on 2025-12-14 22:48 (UTC)

2.73

diff --git a/.SRCINFO b/.SRCINFO
index e1b605d..a46705b 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,6 +1,6 @@
 pkgbase = snapd
    pkgdesc = Service and tools for management of snap packages.
-   pkgver = 2.72
+   pkgver = 2.73
    pkgrel = 1
    url = https://github.com/snapcore/snapd
    install = snapd.install
@@ -30,9 +30,7 @@ pkgbase = snapd
    options = !strip
    options = emptydirs
    options = !lto
-   source = snapd-2.72.tar.xz::https://github.com/snapcore/snapd/releases/download/2.72/snapd_2.72.vendor.tar.xz
-   source = 0001-cmd-snap-confine-snap-confine-update-AppArmor-profil.patch
-   sha256sums = 53d74e663527bae667a254da8a029aa4b0b8f559ca515d214da8dbb29dc6ccc7
-   sha256sums = 3584cdfabde12d1739342bc1bd73705bb5d9d3aed4ab038a478657fd4ede7364
+   source = snapd-2.73.tar.xz::https://github.com/snapcore/snapd/releases/download/2.73/snapd_2.73.vendor.tar.xz
+   sha256sums = c47fe0c00df5e153b312b5f6dabec49158c8c872ed1eae5e342229bb229a5d85

 pkgname = snapd
diff --git a/0001-cmd-snap-confine-snap-confine-update-AppArmor-profil.patch b/0001-cmd-snap-confine-snap-confine-update-AppArmor-profil.patch
deleted file mode 100644
index 6a35127..0000000
--- a/0001-cmd-snap-confine-snap-confine-update-AppArmor-profil.patch
+++ /dev/null
@@ -1,46 +0,0 @@
-From 079605bdacc82243efdd44ec6d81bc4a93d2859f Mon Sep 17 00:00:00 2001
-Message-ID: <079605bdacc82243efdd44ec6d81bc4a93d2859f.1760438845.git.maciej.borzecki@canonical.com>
-From: Maciej Borzecki <maciej.borzecki@canonical.com>
-Date: Mon, 13 Oct 2025 19:15:54 +0200
-Subject: [PATCH] cmd/snap-confine/snap-confine: update AppArmor profile to
- allow read/write to journal (#16131)
-
-Update the AppArmor profile of snap-confine to allow read-write access
-to the journal provided stdout. This scenario occurs when snap-confine
-is invoked to set up a sandbox for snap services.
-
-Fixes: LP#2127244 LP#2121169
-Related: SNAPDENG-35767
-
-Signed-off-by: Maciej Borzecki <maciej.borzecki@canonical.com>
----
- cmd/snap-confine/snap-confine.apparmor.in | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/cmd/snap-confine/snap-confine.apparmor.in b/cmd/snap-confine/snap-confine.apparmor.in
-index a653f1f70f7a7abfadc6414fb78a6c8ae3273e67..51964ad7ec2bdc714292310cee507de34498eacf 100644
---- a/cmd/snap-confine/snap-confine.apparmor.in
-+++ b/cmd/snap-confine/snap-confine.apparmor.in
-@@ -66,6 +66,9 @@
-     /dev/pts/[0-9]* rw,
-     /dev/tty rw,
- 
-+    # Stdout may be inherited from systemd. This is normally provided by <abstractions/base>
-+    /{,var/}run/systemd/journal/stdout rw,
-+
-     # SNAP_MOUNT_DIR probe logic
-     /proc/1/root/snap r,
- 
-@@ -546,6 +549,9 @@
-         /dev/random r,
-         /dev/urandom r,
- 
-+        # Stdout may be inherited from systemd. This is normally provided by <abstractions/base>
-+        /{,var/}run/systemd/journal/stdout rw,
-+
-         capability dac_override,
-         capability sys_ptrace,
-         capability sys_admin,
--- 
-2.51.0
-
diff --git a/PKGBUILD b/PKGBUILD
index 352ad87..324f96e 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -8,7 +8,7 @@ pkgdesc="Service and tools for management of snap packages."
 depends=('squashfs-tools' 'libseccomp' 'libsystemd' 'libcap' 'apparmor')
 optdepends=('bash-completion: bash completion support'
             'xdg-desktop-portal: desktop integration')
-pkgver=2.72
+pkgver=2.73
 pkgrel=1
 arch=('x86_64' 'i686' 'armv7h' 'aarch64')
 url="https://github.com/snapcore/snapd"
@@ -19,12 +19,9 @@ options=('!strip' 'emptydirs' '!lto')
 install=snapd.install
 source=(
   "$pkgname-$pkgver.tar.xz::https://github.com/snapcore/${pkgname}/releases/download/${pkgver}/${pkgname}_${pkgver}.vendor.tar.xz"
-  "0001-cmd-snap-confine-snap-confine-update-AppArmor-profil.patch"
 )

-sha256sums=('53d74e663527bae667a254da8a029aa4b0b8f559ca515d214da8dbb29dc6ccc7'
-           '3584cdfabde12d1739342bc1bd73705bb5d9d3aed4ab038a478657fd4ede7364')
-
+sha256sums=('c47fe0c00df5e153b312b5f6dabec49158c8c872ed1eae5e342229bb229a5d85')

 prepare() {
   cd "$pkgname-$pkgver"

ixvari commented on 2025-10-14 13:07 (UTC)

@bboozzoo Well, it seems it was an issue with paru. I ran this with makepkg -sriL in terminal, in order to generate the log and it seemed to work properly. So I'm not really sure what the issue, but I'll make sure to run things like this through makepkg explicitly first next time. Sorry for the false positive!

bboozzoo commented on 2025-10-14 12:44 (UTC)

@ixvari can you share the actual log? it builds for me locally, in a clean chroot and in CI on github, so I'm a loss why it fails to build for you.

ixvari commented on 2025-10-14 12:10 (UTC)

Package was working fine, but is randomly failing to build / update on latest 2.72-1. The last version (2.71-1) worked fine without issue. Most of the build llooks fine, but it exits with "make: *** [Makefile:1427: all] Error 2"

xuiqzy commented on 2025-07-21 10:50 (UTC)

@bboozzoo You can rename the file that is downloaded with the sth::https:://... syntax in the url variable, like in the firefoy-nightly and other packages where the upstream filename stays the same. See warning box here for more info: https://wiki.archlinux.org/title/PKGBUILD#source But one could also argue makepkg or the AUR helper should just delete and retry ideally if the checksum doesn't match.

bboozzoo commented on 2025-07-17 18:26 (UTC) (edited on 2025-07-17 18:55 (UTC) by bboozzoo)

@MissRin my guess is you managed to update snapd before the upstream replaced the tarball. Since the file name is identical, makepkg won't download the file again, so it takes the file you have in the source directory, attempts to verify the checksum and fails. Eh, what a mess. Let me see if I can provide a reasonable upgrade path.

MissRin commented on 2025-07-17 17:42 (UTC)

snapd-2.70.tar.xz is failing the validity check still attempting to upgrade from 2.70-1 to 2.70-2

« First ‹ Previous 1 2 3 4 5 6 7 .. 28 Next › Last »