I am following up on a human review request.
snap store listing: https://dashboard.snapcraft.io/snaps/network-sports-icarus/
snap name: network-sports-icarus
We are developing an electronic dart cabinet snap that uses an electronic dart board that connects to computer which uses our snap app. The electronic dart board registers each dart input and lets the computer know through serial port which segment was inputed. The snap is set to private as its in development and we are now moving away from devmode and test in other channels.
The snap needs privileged access to an interface that is not automatically connected (
At the moment, I’d like to publish to the snap store (beta) to test out installing the snap and playing darts game with the electronic board. This is still in development.
hello, can i get help with this?
+1 from me - this is a core function for this snap.
+1 from me too, for auto-connection of
serial-port, as this is required for data input into the
+2 votes for, 0 votes against, granting auto-connect of
serial-port with greedy plugs - note for this to work best you may want to enable hotplug as well (or if you are using a custom gadget snap which provides the
serial-port slot then instead we can look at granting a store declaration for this gadget snap to specify auto-connect for
network-sports-icarus on the slot side as that would be more specific).
I notice the snap now declares it’s own serial port slot - this doesn’t make sense as serial-ports can only be provided by gadget snaps (or the system when using hotplug as detailed above). So please remove this serial-port slot and any reference to it (but keep the serial-port plug entry) and it should then pass automated review.
following instructions I modified the .yaml file and left plugs: [serial-port].
When trying to run the application it crashed and the system logs i could see several apparmor DENIED logs. Reading through the forums I was able to clear some apparmor DENIED logs by adding desktop, desktop-legacy, network, network-control plugs etc, etc.
One issue I have is apparmor DENIED for ‘/run/systemd/resolve/resolv.conf’. A suggestion on How to modify name resolution parameters from a snap? is to add the plug for system-files and this requires to be manual reviews.
Can I get system-files permissions to pass automatically? @alexmurray
Can you please provide details as to why access to this file is needed and also whether you are requesting permission just to read it or to read/write to it? Thanks.
Also I took a quick look at your latest uploaded snap - to use the
system-files interface you can’t just declare
plugs: system-files - please take a closer look at the documentation for this interface at The system-files interface.
Instead you need to define a
system-files plug for your own snap which declares what file paths are being accessed and what permissions are being used and you need to give that interface a nice user-understandable name - for instance you could use something like the following if you need just read access to this file:
If however you wish to have read+write access then change the
But can you please elaborate on why your snap requires access to this file and for what purpose so we can properly understand this request? Thanks.
Thanks for the reply and the example, I appreciate it much. I’m new to snapcraft and learning in the way.
The application needs to access system files because the game is developed in react and mounted in electron, I believe the services required are used by chromium, in the link you sent me the example says that
The Firefox, Chromium and Thunderbird snaps use this interface to enable access to system-installed policies to customise each respective application.
I am using electron-builder top-level snap key contains set of options to build the snap.
I cant seem to find a way to use
apps: option like your example but I managed to upload a new snap build configured this way:
bumping this thread waiting for reply.
Ok, so it looks like you are correctly defining your
systems-files plug correctly now, which is good.
However, I am wondering if you actually need this
system-files plug at all:
read access to
/run/systemd/resolve/stub-resolv.conf is already provided when plugging
/etc/hosts.conf is not normally required by snaps - can you please show any errors which occur when running your snap for this file?
- Finally if you plug the
gsettings interface your snap should gain the access for
So in summary: since your snap already plugs
network you can remove the
/run/systemd/resolve/stub-resolve.conf - and if you plug
gsettings you can remove
/home/darts/.config/dconf/user - and I suspect
/etc/hosts should not actually be required either so please can you provide more info regarding that.
Hey @dguerrero5 could you analyze @alexmurray suggestions?
Hello @emitorino, I will check this today, test and reply the post!
Hello @alexmurray and @emitorino,
I changed my snap configuration to suggested. The snap application is not crashing anymore and I was able to run the application on beta channel.
When I tested I am not able to register any kind of input using serial port. When I check the logs this is the permission denied i am getting. Can you please assist me what could i be missing? Thanks in advanced!
I enabled hotplugs using command
$ sudo snap set system experimental.hotplug=true
I still get the same error
Permission denied, cannot open /dev/ttyS0
Do I need to do additional configuration like adding slots to the .yaml?
does your app have
serial-port defined in
plugs: and did you use
snap connect ... to connect your app to the hotpluggable slot as described in the hotplug doc ?
(also, is your user in the “dialout” group ? snap interfaces do not change permissions so if your user can not write to the interface outside of the snap env, it wont be able to do that inside either)
oh, then hotplug wont help i fear, it currently only works for usb-serial devices i think…