Thanks for the useful suggestions.
There was indeed an open :network-manager connection, all others seem to have been autoconnected. Connecting that indeed fixes the audit errors. However, I do wonder:
- If Spotify only queries the network state, it would be more appropriate for it to declare
network-manager-observe, to not allow access to modify the network config? I tried connecting the existingnetwork-managerplug to the:network-manager-observeslot, but as expected that doesn’t work. - Even if Spotify might in some cases modify NM settings (i.e. add port forwards or QOS settings or whatnot), I suspect it might be appropriate for the snap to declare both a
:network-managerand:network-manager-observeplug and allow the user to decide how much access to grant. - I see
:network-manager-observeis also not autoconnected, even though that seems like a fairly harmless permission. Is there any documentation about such a decision? - If such an interface is not connected, wouldn’t it make sense to add explicit (silent) deny rules rather than deferring to the default (noisy) denial for these requests? Or is a snap that declares such an interface expected to ask snapd whether the interface is connected and if not, refrain from making these requests?
- Would/should the installation of this snap have asked me about making this connection? I can’t recall, but I think it didn’t ask (though the “software” GUI tool on this Ubuntu system stopped working (keeps loading indefinitely), so I can’t check there now).
For the file accesses, snappy-debug says:
- adjust program to read necessary files from $SNAP, $SNAP_DATA, $SNAP_COMMON, $SNAP_USER_DATA or $SNAP_USER_COMMON
- add ‘personal-files (see https://forum.snapcraft.io/t/the-personal-files-interface for acceptance criteria)’ to ‘plugs’
But I’m not sure how appropriate these are. Adding personal-files seems overkill, since I suspect spotify is not actually accessing files, just letting GTK/Glib or some other library do its default initialisation (which probably also complicates applying the first suggestion). I could report a bug, but as I said, these are not quite that annoying and probably don’t apply to 99% of the users, so I think I’ll let these slide.