Only Docker snap is allowed to use "docker" and "docker-control" interfaces?

Wed Dec 14 19:24:48 UTC 2016

Hi Gustavo,

Thanks for the information! Looking forward to the new release this week!

Peng

On Tue, Dec 13, 2016 at 8:41 PM, Gustavo Niemeyer <
gustavo.niemeyer at canonical.com> wrote:

> One detail: note that once your snap goes into the store and passes
> reviews, that issue goes away. Actual users of your snap in the wild don't
> have to say --dangerous.
>
> On Wed, Dec 14, 2016 at 12:40 AM, Gustavo Niemeyer <
> gustavo.niemeyer at canonical.com> wrote:
>
>> Hey Peng,
>>
>> We've overlooked a detail in the new interface system which makes it
>> super inconvenient for you to develop with that interface. We're fixing
>> that in the release due to go into proposal this week.
>>
>> Here is the short background, if you're interested: snapd blocks the
>> connection because it knows the permissions granted by that specific
>> interface into your system are way too wide. So it's protecting your system
>> from an unknown snap that wants to do too much. That's a great thing!
>> What's bad is that this is your own snap, of course. :-)
>>
>> So, the release this week will allow you to say --dangerous when
>> installing it (thanks to John), and snapd will ignore that issue at your
>> discretion. In the future, we'll make the mechanism even nicer by allowing
>> you to sign the snap, and snapd will be able to correlate the fact this is
>> your system with your signature and let it go through.
>>
>>
>> On Wed, Dec 14, 2016 at 12:05 AM, Peng Liu <pengliu.mail at gmail.com>
>> wrote:
>>
>>> Already, in the source code (snapd/interfaces/builtin/docker_support.go),
>>> I found the docker-control interface is "reserved". Does that mean
>>> third-party snap can not use it?
>>>
>>> On Tue, Dec 13, 2016 at 8:01 PM, Peng Liu <pengliu.mail at gmail.com>
>>> wrote:
>>>
>>>> Hi Folks,
>>>>
>>>> I am trying to build a snap which needs the permission to access docker
>>>> related system files. I can build the snap successfully with snapcraft, but
>>>> when I tried to installed it, the snap command report error "installation
>>>> not allowed by "support" plug rule of interface "docker-support"
>>>>
>>>> Does snap command disable the support for "docker" and "docker-support"
>>>> interfaces for all snaps except docker snap?
>>>>
>>>> Thanks.
>>>>
>>>> Peng
>>>>
>>>
>>>
>>> --
>>> Snapcraft mailing list
>>> Snapcraft at lists.snapcraft.io
>>> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailm
>>> an/listinfo/snapcraft
>>>
>>>
>>
>>
>> --
>> gustavo @ http://niemeyer.net
>>
>
>
>
> --
> gustavo @ http://niemeyer.net
>
> --
> Snapcraft mailing list
> Snapcraft at lists.snapcraft.io
> Modify settings or unsubscribe at: https://lists.ubuntu.com/
> mailman/listinfo/snapcraft
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/snapcraft/attachments/20161214/c3bedf35/attachment-0001.html>