Hi, I’d like to request autoconnections for the tcpdump snap. The project is in github.
These are required for the snap to run at all:
- network-control - for NETLINK_ROUTE, promiscuous mode, etc
- bluetooth-control - for AF_BLUETOOTH
- firewall-control - for NETLINK_NETFILTER
This is needed to operate correctly:
- hardware-observe - for /sys/devices/virtual/net/*, etc
The snap uses the snap_daemon user by default and I’ve setup a captures directory in SNAP_COMMON for pcap files to be written to (ie, with -w) that works with this user or when running with -Z root. Writing pcap files in $HOME requires additional steps (see the above github page) due to snap_daemon and DAC_OVERRIDE, so I’d prefer if the home interface not be auto-connected. Ie, please issue this snap declaration:
{
"home": {
"allow-auto-connection": "false"
}
}
Finally, for future reference, I don’t want removable-media auto-connected in the future for the same reasons as home (unless I change my mind ;)). I also setup a writable content interface for the captures directory in SNAP_COMMON so other snaps can integrate with this snap, but I’m not seeking a global auto-connect or the tcpdump snap declaration to be updated to allow other snaps to auto-connect on principle since sharing pcap files should be a deliberate administrative action IMO (of course, a brand store, gadgets, etc can do what they want).
Thanks!
