Only Docker snap is allowed to use "docker" and "docker-control" interfaces?
Gustavo Niemeyer
gustavo.niemeyer at canonical.com
Wed Dec 14 02:40:20 UTC 2016
Hey Peng,
We've overlooked a detail in the new interface system which makes it super
inconvenient for you to develop with that interface. We're fixing that in
the release due to go into proposal this week.
Here is the short background, if you're interested: snapd blocks the
connection because it knows the permissions granted by that specific
interface into your system are way too wide. So it's protecting your system
from an unknown snap that wants to do too much. That's a great thing!
What's bad is that this is your own snap, of course. :-)
So, the release this week will allow you to say --dangerous when installing
it (thanks to John), and snapd will ignore that issue at your discretion.
In the future, we'll make the mechanism even nicer by allowing you to sign
the snap, and snapd will be able to correlate the fact this is your system
with your signature and let it go through.
On Wed, Dec 14, 2016 at 12:05 AM, Peng Liu <pengliu.mail at gmail.com> wrote:
> Already, in the source code (snapd/interfaces/builtin/docker_support.go),
> I found the docker-control interface is "reserved". Does that mean
> third-party snap can not use it?
>
> On Tue, Dec 13, 2016 at 8:01 PM, Peng Liu <pengliu.mail at gmail.com> wrote:
>
>> Hi Folks,
>>
>> I am trying to build a snap which needs the permission to access docker
>> related system files. I can build the snap successfully with snapcraft, but
>> when I tried to installed it, the snap command report error "installation
>> not allowed by "support" plug rule of interface "docker-support"
>>
>> Does snap command disable the support for "docker" and "docker-support"
>> interfaces for all snaps except docker snap?
>>
>> Thanks.
>>
>> Peng
>>
>
>
> --
> Snapcraft mailing list
> Snapcraft at lists.snapcraft.io
> Modify settings or unsubscribe at: https://lists.ubuntu.com/
> mailman/listinfo/snapcraft
>
>
--
gustavo @ http://niemeyer.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/snapcraft/attachments/20161214/d993d8a0/attachment-0001.html>
More information about the Snapcraft
mailing list