/var/lib/snapd/hostfs can be read using system-backup.
I would be surprised if the snap mount namespace contains the real host’s /usr/share/dpkg - so instead I think it would be best to use a layout and use stage-packages to include dpkg within your snap and then you can use that instead without needing system-files.
Finally, that only leaves /var/lib/snapd/hostfs/var/cache/apt - would it be possible to instead take a copy of this (via the access provided by system-backup) and place it in say $SNAP_COMMON/cache/apt or somesuch so that it is then writable and then use this snap-specific local path within your snap?
Thank for you suggestions, I applied them and was able to rewrite my charm without using system-files and to release my snap on Snapstore.
The snap now use system-backup to access apt and dpkg files and generate Prometheus metric exposed through an HTTP server. Generating Prometheus metric needs the system-backup interface connected before first startup.
Please grant system-backup auto-connections for this snap.
Apologies @hicham - after looking at this a second time I wonder if perhaps the use of system-backup may be the wrong approach - since this grants read access to everything on the device including private data etc - so perhaps your original approach of using system-files for the contents required under /var/lib/ and /etc/apt etc would be better as it ensures that only these files can be read by the snap rather than everything on the device.
Would it be possible to change back to using system-files for these files?
In that case, +1 from me for use-of and auto-connect of a system-files named host-apt-contents with read access to:
I see the changes have been incorporated and the lasts revisions are successfully published. I am then removing this requests from our review queue. Let us know if you have any further question.
