2 files changed, 14 insertions, 0 deletions

diff --git a/interfaces/builtin/network_manager.go b/interfaces/builtin/network_manager.go
index 8304491415..c86096966d 100644
--- a/interfaces/builtin/network_manager.go
+++ b/interfaces/builtin/network_manager.go
@@ -250,6 +250,11 @@ dbus (receive, send)
 peer=(label=###SLOT_SECURITY_TAGS###),
 `
 
+const networkManagerConnectedPlugSecComp = `
+# Description: This is needed to talk to the network-manager service
+socket AF_NETLINK - NETLINK_KOBJECT_UEVENT
+`
+
 const networkManagerPermanentSlotSecComp = `
 # Description: Allow operating as the NetworkManager service. This gives
 # privileged access to the system.
@@ -467,6 +472,11 @@ func (iface *networkManagerInterface) SanitizeSlot(slot *interfaces.Slot) error
	return nil
 }
 
+func (iface *networkManagerInterface) SecCompConnectedPlug(spec *seccomp.Specification, plug *interfaces.Plug, plugAttrs map[string]interface{}, slot *interfaces.Slot, slotAttrs map[string]interface{}) error {
+	spec.AddSnippet(networkManagerConnectedPlugSecComp)
+	return nil
+}
+
 func (iface *networkManagerInterface) AutoConnect(*interfaces.Plug, *interfaces.Slot) bool {
	// allow what declarations allowed
	return true
diff --git a/tests/main/install-store/task.yaml b/tests/main/install-store/task.yaml
index 2cbe65c42a..7c89d1c63c 100644
--- a/tests/main/install-store/task.yaml
+++ b/tests/main/install-store/task.yaml
@@ -36,3 +36,7 @@ execute: |
 expected="(?s)$DEVMODE_SNAP .*"
 actual=$(snap install --channel beta --devmode $DEVMODE_SNAP)
 echo "$actual" | grep -Pzq "$expected"
+
+ echo "Install network-manager and do basic smoke test"
+ snap install network-manager
+ network-manager.nmcli d show