Snappy Confinement and AppArmor

Mark Shuttleworth mark at
Wed Feb 25 09:37:28 UTC 2015

On 23/02/15 11:17, Oliver Grawert wrote:
> $SNAPP_APP_USER_DATA_PATH though beware ! if your app runs as root
> this will be /root/apps/<pkgname>/ by default.

Something in me is as allergic to /root/<app>/ as it is to

Would it make sense to make the home directory for the app point to
/var/lib/apps/<package> when running as root? My rationale would be that
anything which is running as a service and writing data that is not
user-specific should be doing so in /var/lib/apps/<app>/. This is
equally true for a service running as a non-root, but non-real user, to
the extent we want to enable those.


More information about the snappy-devel mailing list