REST API for creating baby capabilities

[Zygmunt Krynicki]

Hey everyone.

I'm slowly progressing towards having an API for capabilities. The API
is very simple, all you can do is create, list and remove capablity
objects. This is still pre-usefulness stage. Still, I'd love to
solicit feedback from those that are interested in the topic.

To give you some overview, patch [1] adds three new API methods:

GET /1.0/capabilities

 This produces a JSON list of all the capabilities. Each capability is
an object with tree fields:
 Name: the unique identifier for programmatic access, like 'debug-serial-port'
 Label: the arbitrary text intended for humans, like "Debug serial port"
 Type: the type of the capability (more on that later), here it'd be a
"file" because that's all we have now

POST /1.0/capabilities

 This can be used to create capabilities. Plain and simple. Just POST
a JSON object with the three fields listed above (Name, Label and
Type)

DELETE /1.0/capabilities/{name}

 Simple enough this just removes the capability.

This will be available for review shortly (just observe pull requests
on the upstream project at [2]).

Obviously those are very basic. I'd like to explore adding them to the
'snappy' command line interface (or perhaps to create a small
dedicated tool for testing / development as I don't think I want to
put _more_ internal commands before they are discussed more broadly
yet).

My plans for the next few days need some internal discussions but I'm
open towards exploring persistence of state and assigning capabilities
to snaps. That will set the stage for a very interesting discussion on
capability "attributes" (I'm using a new word deliberately as it
carries no semantics yet) that I want to use to interact with the
security system. But more on that later.

Best regards
ZK

[1] https://github.com/zyga/snappy/commit/a514614fbb2a9ce4e69491d5430465f07378d98f
[2] https://github.com/ubuntu-core/snappy/pulls