I can implement the example that @jaydensmith provided, but it won’t be a valid solution for our situation either as we will run into the same hardware interfacing issues.
Are there other electron app on the snap store currently?
I added $SNAP/bin/drop-snap-daemon.sh to the wrapper script along with the drop-snap-daemon.sh from @jaydensmith to the build directory. Is there anything else required?
You will have to update the drop-snap-daemon.sh file to include your app name not pcds. You’d also have to add it to your command chain in snapcraft.yaml
Is there a way to test if the privileges have been dropped properly? Thanks for all your work. @jaydensmith
@jaydensmith is there a setpriv script missing from the example repo you provided? Also, do you happen to know how to test for dropped privileges?
It isn’t doing anything in your repo though, as you have not added drop-snap-daemon.sh to your command chain.
I have just noticed it in your wrapper, it won’t work like that though. You need to add it to the command chain.
@flightknight22 apologies for the delay in getting back to you on this request - given the difficulties in trying to make a electron based snap use the snap_daemon user we are trying to find a way forward for your snap to potentially be published as a regular root daemon and still use browser-support. If you are able to get snap_daemon working that is even better but I just wanted to let you know that we hope to be able to find a way forward regardless. Please let me know if you do get snap_daemon working in the meantime.
Hey @alexmurray! Any progress on this? I haven’t been successful getting out app to run with dropped privileges.
Thanks for the update @flightknight22 - at this stage then I think we should proceed with publisher vetting as that is required regardless of whether snap_daemon is used or not. @advocacy could you please help with this? Thanks.
+1 from me, I’ve verified the publisher.
Thanks @Igor - +1 from me for the use of browser-support with daemon for reveldigital from me. Can other @reviewers please vote too? Thanks.
Just bumping this thread again. Has there been new progress? I’m wondering if I need to start a new thread to request auto-connect for Wayland?
As it is difficult to configure an electron-based snap to use the snap_daemon user with dropped privileges, I concur with the proposal to use the regular root daemon along with browser-support. Therefore, I give my vote of approval with a +1.
Thanks
@flightknight22, I have made the necessary change to the review-tools to allow your snap to pass automated review, but that change is not in production yet. Please request a manual review for your revision or upload a new revision and we’ll manually approve it and any new revisions until the change is in production.
Thanks
Thank you so much. We have uploaded a new version and request that it is manually approved.
@flightknight22, in your recent version 0+git.f5b57f7-dirty, you have used the x11-plug plug interface which is not valid, can you please correct this and upload a new version
This is the list of supported interfaces: Supported interfaces
Thanks
I have uploaded a new version (2.7.4). I confirmed x11-plug is not referenced anywhere in the snapcraft.yaml file.