ubuntu - 如何使用 SNAP 安装 VSCode?ERROR= snap-confine 具有提升的权限
问题描述
在 Ubuntu 16 Xenial 上。尝试安装 VSCode 。
dhankar@dhankar2:~$ sudo snap install --classic code
[sudo] password for dhankar:
error: unknown flag `classic'
dhankar@dhankar2:~$ sudo snap install --code
error: unknown flag `code'
dhankar@dhankar2:~$ sudo snap install code
136.66 MB / 136.66 MB [================================================================================================] 100.00 % 1.68 MB/s
error: cannot perform the following tasks:
- Make snap "ubuntu-core" available to the system (no state entry for key)
- Mount snap "code" (snap "code" requires classic or confinement override)
dhankar@dhankar2:~$
看到错误 - 谷歌搜索,发现 snap 可能不适用于某些架构/
dhankar@dhankar2:~$ arch
x86_64
dhankar@dhankar2:~$ sudo snap login
....登陆成功
dhankar@dhankar2:~$ sudo snap install code
error: This revision of snap "code" was published using classic confinement and thus may perform
arbitrary system changes outside of the security sandbox that snaps are usually confined to,
which may put your system at risk.
If you understand and want to proceed repeat the command including --classic.
dhankar@dhankar2:~$ sudo snap install --classic code
Warning: /snap/bin was not found in your $PATH. If you've not restarted your session since you
installed snapd, try doing that. Please see https://forum.snapcraft.io/t/9469 for more
details.
code b37e54c9 from Visual Studio Code (vscode*) installed
dhankar@dhankar2:~$
dhankar@dhankar2:~$ code .
snap-confine has elevated permissions and is not confined but should be. Refusing to continue to avoid permission escalation attacks
dhankar@dhankar2:~$ sudo code .
sudo: code: command not found
dhankar@dhankar2:~$ whereis code
code: /snap/bin/code /snap/bin/code.url-handler
dhankar@dhankar2:~$
dhankar@dhankar2:~$ cd /snap/bin/
dhankar@dhankar2:/snap/bin$ ls
code code.url-handler
在谷歌搜索了一些之后-在快照上看到了这个答案-论坛https://forum.snapcraft.io/t/snap-confine-has-elevated-permissions-and-is-not-confined-but-should-be-refusing -to-continue-to-avoid-permission-escalation-attacks/5557/6。因此
$ code .
snap-confine has elevated permissions and is not confined but should be. Refusing to continue to avoid permission escalation attacks
dhankar@dhankar2:~$ sudo cat /sys/kernel/security/apparmor/profiles[
建议更改 apparmor 配置文件/检查 apparmor 中的snap条目,如下所示。不知道他们应该有什么效果。
dhankar@dhankar2:~$ sudo cat /sys/kernel/security/apparmor/profiles | grep snap
snap.core.hook.configure (enforce)
dhankar@dhankar2:~$ code .
snap-confine has elevated permissions and is not confined but should be. Refusing to continue to avoid permission escalation attacks
dhankar@dhankar2:~$
dhankar@dhankar2:~$ snap version
snap 2.41
snapd 2.41
series 16
ubuntu 16.04
kernel 4.4.0-31-generic
我的快照版本如上所示。谢谢
解决方案
推荐阅读
- php - 带有 laravel POST 400 错误请求的 Socket.io
- javascript - 无法使用反应将文件和字符串发送到nodejs
- php - 删除所有在 cakePHP 中的限制和订单
- bash - 如何处理双重密码提示
- c - 构建自定义redis客户端
- flutter - 在 Flutter 中将图像添加到 ListTile
- javascript - '字段列表'中的未知列'beginVol'使用sequelize
- java - 使用 kotlin 语言的倒数计时器
- php - 使用 findAll() 时,codeigniter 中的 mysqli_sql_exception 未知列
- python - 导入问题 python/pyqt