interfaces/apparmor/template: add setpriv to the base template

[userMaximilian]

The Snapcraft documentation on system usernames states that snap developers can use setpriv to drop privileges and run a snapped daemon as a non-root user, such as _daemon_.

Whilst setpriv is present in the core20/core22/core24 base snaps, it isn't possible to run the base snap's copy within the environment of a strictly confined snap. (The documentation doesn't refer to this particular issue, but it does suggest that developers add the util-linux package to the daemon snap.) This PR seeks to overcome this issue by adding /usr/bin/setpriv to the AppArmor template.

If there are any reasons against doing this - particularly if there is a better way to run a snapped daemon as a non-root user (or if there will be a better way soon) - then please let me know, and I would be more than happy for this PR to be closed off.

For completeness, this PR relates to Launchpad issue #2072987.

[github-actions]

Everyone contributing to this PR have now signed the CLA. Thanks!

[userMaximilian]

For what it's worth, I signed the CLA earlier today - does it take time for the signature to propagate to the database that the GitHub action checks? I'm happy to sign again if needed.

Edit: the CLA checker now states that I'm a signatory.

[bboozzoo]

Thanks for the patch and sorry it we missed it before. I tried rebasing the branch on top of current master, but I think the 'changes from maintainers' option is disabled. Can you rebase the branch and force push?

[userMaximilian]

Hi @bboozzoo - that's absolutely no problem at all. I have just rebased and force pushed as you suggested. (The reason for force pushing twice was that I needed to undo an accidental merge commit - if anything looks unusual at your end, please let me know.)

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 79.03%. Comparing base (96ea7b0) to head (4ec9658).
Report is 133 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff             @@
##           master   #14362      +/-   ##
==========================================
+ Coverage   78.95%   79.03%   +0.07%     
==========================================
  Files        1084     1087       +3     
  Lines      146638   147756    +1118     
==========================================
+ Hits       115773   116773    +1000     
- Misses      23667    23751      +84     
- Partials     7198     7232      +34     

Flag	Coverage Δ
unittests	79.03% <ø> (+0.07%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[alexmurray]

LGTM - although then we should update the https://snapcraft.io/docs/system-usernames#dropping-privileges documentation to remove the reference to staging util-linux etc and the $SNAP prefix for the setpriv invocations.

[bboozzoo]

LGTM

[userMaximilian]

Thanks! I'm more than happy to work on the documentation too. (See also canonical/open-documentation-academy#93.)

[zyga]

I understand the rationale and the resulting (lack) of security impact. Setpriv is not a privileged executable. LGTM.

Please let us know if you need a hand in merging this in case tests are broken somewhere.

[ernestl]

Failures:

• spread opensuse / run-spread | not related to changes

• spread ubuntu-daily / run-spread | already fixed on master

• spread ubuntu-fips / run-spread | already fixed on master