How to make pre-installed snaps work with --devmode from u-d-f ?
Gustavo Niemeyer
gustavo.niemeyer at canonical.com
Fri May 20 13:39:47 UTC 2016
In principle it feels fine to allow people to build images with snaps in
devmode. If one is willing to go over the trouble to create an image with
the offending snap baked in, surely the prompt informing of what it means
to install it in the first place was seen several times by then.
Then, it should be very easy to have a flag on ubuntu-image itself:
ubuntu-image --devmode, which would also have exactly the same semantics of
either prompting interactively, or forcing the user to specify
--i-completely-trust=dev1,dev2,dev3. So both ways to get a snap into the
image would have the same behavior and awareness of the sensitivity of such
operations.
On Fri, May 20, 2016 at 10:11 AM, Jamie Strandboge <jamie at canonical.com>
wrote:
> On Fri, 2016-05-20 at 09:07 +0200, Zygmunt Krynicki wrote:
> > Hi
> >
> > The way images are built is being reorganized now. What this means for
> > you in practice:
> > - you will be able to define what an image should contain in a simple
> > file (model assertion)
> > - the new ubuntu-image tool will take that assertion and create an image
> > - on first boot, everything will be installed by snapd
> > - if your snap has confinement: devmode it will be installed as such
> > (I'll confirm with the rest of the team to be sure)
> >
> I'm not sure if you are talking about the image generation process only,
> but I
> thought for normal install the 'confinement' flag in the yaml indicates
> that the
> snap cannot be installed without specifying --devmode. If it is instead
> simply a
> way to tell 'snap install' to install in devmode without specifying
> --devmode,
> then we've effectively reintroduced 'unconfined' and people might install
> things
> thinking they are confined when they are not.
>
> Speaking of which-- do we indicate anywhere that a snap is operating in
> devmode?
> I just installed hello-world with --devmode and I don't see in 'snap list'
> or
> 'snap interfaces' anything indicating it is in devmode.
>
> --
> Jamie Strandboge | http://www.canonical.com
>
>
> --
> Snapcraft mailing list
> Snapcraft at lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/snapcraft
>
>
--
gustavo @ http://niemeyer.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/snapcraft/attachments/20160520/45de292a/attachment.html>
More information about the Snapcraft
mailing list