Snappy Confinement and AppArmor
Mark Shuttleworth
mark at ubuntu.com
Wed Feb 25 09:37:28 UTC 2015
On 23/02/15 11:17, Oliver Grawert wrote:
> $SNAPP_APP_USER_DATA_PATH though beware ! if your app runs as root
> this will be /root/apps/<pkgname>/ by default.
Something in me is as allergic to /root/<app>/ as it is to
/home/ubuntu/<app>.
Would it make sense to make the home directory for the app point to
/var/lib/apps/<package> when running as root? My rationale would be that
anything which is running as a service and writing data that is not
user-specific should be doing so in /var/lib/apps/<app>/. This is
equally true for a service running as a non-root, but non-real user, to
the extent we want to enable those.
Mark
More information about the snappy-devel
mailing list