Using sudo from within a snap
Oliver Grawert
ogra at ubuntu.com
Mon Aug 8 09:27:03 UTC 2016
hi,
Am Montag, den 08.08.2016, 09:36 +0200 schrieb Simon Fels:
> On 06.08.2016 15:54, Chris Wayne wrote:
> >
> > Hi guys,
> >
> > I seem to be having some issues while running anything as sudo from
> > within a
> > snap (namely bug https://bugs.launchpad.net/ubuntu/+source/snapd/+b
> > ug/1610292).
> If you package sudo within your snap snapcraft will strip the
> necessary
> suid bit from it so it wont work anymore. Only way to use sudo is to
> use
> the one from the core snap.
>
how would you hook into /etc/sudoers (or /etc/sudoers.d/) ?
snapd would have to install or bind-mount a sudoers file above the one
from the core snap ... you also need to make sure that your user exists
in the password db ... both gets very hairy in an all-snap image where
the core snap is actually the rootfs (and both of the above files are
required for having the system functional)
i could imagine a sudo interface here (for the binary) and shipping a
generic /etc/sudoers.d/snapd mountpoint in the core snap where
snapd/snap-confine could bind-mount a shipped sudoers snippet, but that
still leaves the passwd db issue open...
ciao
oli
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/snapcraft/attachments/20160808/6cc592e0/attachment.sig>
More information about the Snapcraft
mailing list