content interface, DENIED mounting $SNAP/mydir
Roberto Mier Escandón
roberto.escandon at canonical.com
Fri Mar 3 08:43:41 UTC 2017
Hey Kyle,
If this is of help, you can check how I did it in the case of Collabora
Office snap [1] using Nextcloud [2] docs in write mode. I created the
target folder into "snap/<thefolder>" and then I referred it in
snapcraft.yaml plug skipping "snap" parent, like this:
target: <thefolder>
though the folder was indeed at $SNAP/snap/<thefolder>
in CODE snapcraft.yaml you'll find
plugs:
nextcloud-data:
content: nextcloud-documents
default-provider: nextcloud
interface: content
target: nextcloud-data
in Nextcloud .yaml you'll find
slots:
nextcloud-data:
content: nextcloud-documents
interface: content
write:
- $SNAP_COMMON/nextcloud/data
Cheers.
[1]
https://github.com/rmescandon/loolwsd-snap/blob/master/snap/snapcraft.yaml
[2]
https://github.com/rmescandon/nextcloud-snap/blob/content-share/snapcraft.yaml
On 02/03/17 19:33, knitzsche wrote:
> Hi,
>
> I am trying to use the wifi-ap content sharing interface.
>
> It is DENIED (see below) when I try to use a $SNAP directory.
>
> It works when I instead use $SNAP_DATA directory for the content
> sharing. But, I have to create that directory at run time: I can't
> figure out so far how to create (from snapcraft.yaml) an empty dir in
> $SNAP_COMMON or $SNAP_DATA at install time. (Knowing this would solve my
> problem.)
>
> To auto connect the interface (via a store snap declaration), I suppose
> the directory must be present at install time. So creating the dir at
> run time does not seem sufficient for the auto-connect requirement.
>
> Help appreciated.
>
> == Details when trying to use SNAP dir for content sharing:
>
> snapcraft.yaml snippet:
>
> apps:
> wifi-ap:
> command: bin/wifi-ap
> plugs: [control, content]
>
> plugs:
> control:
> interface: content
> content: socket-directory
> target: $SNAP/sockets
> parts:
> controldir:
> plugin: dump
> source: .
> prime:
> - sockets
>
> I connect my snap to the interface apparently successfully:
> $ sudo snap connect serv:control wifi-ap:control
>
> Verify connection:
> $ snap interfaces | grep serv | grep "wifi-ap:"
> wifi-ap:control serv
>
> But the bind mount was DENIED:
> Mar 02 18:01:02 localhost.localdomain kernel: audit: type=1400
> audit(1488477662.292:350110): apparmor="DENIED" operation="mount"
> info="failed srcname match" error=-13
> profile="/usr/lib/snapd/snap-confine" name="/snap/serv/x3/sockets/"
> pid=11461 comm="snap-confine" srcname="/var/snap/wifi-ap/94/sockets/"
> flags="rw, bind"
>
> Both wifi-ap snap and my snap seem to have the required directories:
> $ ls /var/snap/wifi-ap/94/sockets/
> control
> knitzsche at localhost:~$ ls /snap/serv/x3/
> bin command-run.wrapper command-scan.wrapper command-wifi-ap.wrapper
> meta snap sockets
>
> Cheers,
> kyleN
>
>
>
>
More information about the Snapcraft
mailing list