content interface, DENIED mounting $SNAP/mydir

Roberto Mier Escandón  roberto.escandon at canonical.com
Fri Mar 3 08:43:41 UTC 2017 

Hey Kyle,

If this is of help, you can check how I did it in the case of Collabora
Office snap [1] using Nextcloud [2] docs in write mode. I created the
target folder into "snap/<thefolder>" and then I referred it in
snapcraft.yaml plug skipping "snap" parent, like this:

target: <thefolder>

though the folder was indeed at $SNAP/snap/<thefolder>


in CODE snapcraft.yaml you'll find
plugs:
  nextcloud-data:
    content: nextcloud-documents
    default-provider: nextcloud
    interface: content
    target: nextcloud-data

in Nextcloud .yaml you'll find
slots:
  nextcloud-data:
    content: nextcloud-documents
    interface: content
    write:
     - $SNAP_COMMON/nextcloud/data


Cheers.

[1]
https://github.com/rmescandon/loolwsd-snap/blob/master/snap/snapcraft.yaml
[2]
https://github.com/rmescandon/nextcloud-snap/blob/content-share/snapcraft.yaml

On 02/03/17 19:33, knitzsche wrote:
> Hi,
> 
> I am trying to use the wifi-ap content sharing interface.
> 
> It is DENIED (see below) when I try to use a $SNAP directory.
> 
> It works when I instead use $SNAP_DATA directory for the content
> sharing. But, I have to create that directory at run time: I can't
> figure out so far how to create (from snapcraft.yaml) an empty dir in
> $SNAP_COMMON or $SNAP_DATA at install time. (Knowing this would solve my
> problem.)
> 
> To auto connect the interface (via a store snap declaration), I suppose
> the directory must be present at install time. So  creating the dir at
> run time does not seem sufficient for the auto-connect requirement.
> 
> Help appreciated.
> 
> == Details when trying to use SNAP dir for content sharing:
> 
> snapcraft.yaml snippet:
> 
> apps:
>   wifi-ap:
>     command: bin/wifi-ap
>     plugs: [control, content]
> 
> plugs:
>   control:
>     interface: content
>     content: socket-directory
>     target: $SNAP/sockets
> parts:
>   controldir:
>     plugin: dump
>     source: .
>     prime:
>       - sockets
> 
> I connect my snap to the interface apparently successfully:
> $ sudo snap connect serv:control wifi-ap:control
> 
> Verify connection:
> $ snap interfaces | grep serv | grep "wifi-ap:"
> wifi-ap:control           serv
> 
> But the bind mount was DENIED:
> Mar 02 18:01:02 localhost.localdomain kernel: audit: type=1400
> audit(1488477662.292:350110): apparmor="DENIED" operation="mount"
> info="failed srcname match" error=-13
> profile="/usr/lib/snapd/snap-confine" name="/snap/serv/x3/sockets/"
> pid=11461 comm="snap-confine" srcname="/var/snap/wifi-ap/94/sockets/"
> flags="rw, bind"
> 
> Both wifi-ap snap and my snap seem to have the required directories:
> $ ls /var/snap/wifi-ap/94/sockets/
> control
> knitzsche at localhost:~$ ls /snap/serv/x3/
> bin  command-run.wrapper  command-scan.wrapper  command-wifi-ap.wrapper
> meta  snap  sockets
> 
> Cheers,
> kyleN
> 
> 
> 
>

More information about the Snapcraft mailing list