content interface, DENIED mounting $SNAP/mydir

[knitzsche]

Hi,

I am trying to use the wifi-ap content sharing interface.

It is DENIED (see below) when I try to use a $SNAP directory.

It works when I instead use $SNAP_DATA directory for the content 
sharing. But, I have to create that directory at run time: I can't 
figure out so far how to create (from snapcraft.yaml) an empty dir in 
$SNAP_COMMON or $SNAP_DATA at install time. (Knowing this would solve my 
problem.)

To auto connect the interface (via a store snap declaration), I suppose 
the directory must be present at install time. So  creating the dir at 
run time does not seem sufficient for the auto-connect requirement.

Help appreciated.

== Details when trying to use SNAP dir for content sharing:

snapcraft.yaml snippet:

apps:
   wifi-ap:
     command: bin/wifi-ap
     plugs: [control, content]

plugs:
   control:
     interface: content
     content: socket-directory
     target: $SNAP/sockets
parts:
   controldir:
     plugin: dump
     source: .
     prime:
       - sockets

I connect my snap to the interface apparently successfully:
$ sudo snap connect serv:control wifi-ap:control

Verify connection:
$ snap interfaces | grep serv | grep "wifi-ap:"
wifi-ap:control           serv

But the bind mount was DENIED:
Mar 02 18:01:02 localhost.localdomain kernel: audit: type=1400 
audit(1488477662.292:350110): apparmor="DENIED" operation="mount" 
info="failed srcname match" error=-13 
profile="/usr/lib/snapd/snap-confine" name="/snap/serv/x3/sockets/" 
pid=11461 comm="snap-confine" srcname="/var/snap/wifi-ap/94/sockets/" 
flags="rw, bind"

Both wifi-ap snap and my snap seem to have the required directories:
$ ls /var/snap/wifi-ap/94/sockets/
control
knitzsche at localhost:~$ ls /snap/serv/x3/
bin  command-run.wrapper  command-scan.wrapper  command-wifi-ap.wrapper 
meta  snap  sockets

Cheers,
kyleN