Hi! Thanks for the request. What exactly fails when strictly confined? You can use snappy-debug as detailed in the “Identifying missing interfaces” section of the debugging documentation.
If you use devmode rather than classic what errors occur in snappy-debug?
pursue new interface for working with smart cards - I claim ignorance here and would need someone with hardware and some know-how to tell me how those are exposed in Linux first
pursue classic confinement
Traditionally we would lean towards 1) because interfaces are typically not that hard to add and using an interface over classic confinement is really beneficial for the application developer. Making classic snaps is very difficult in practice.
Can you tell me what PC/SC-daemon needs to access to operate? I already noticed a socket in /run but is there something else? How would the presence of the daemon inside your snap affect someone who already has that deamon running as a part of their IT setup / distribution (I assume that would be common for users of smart cards).
Well, per the other post, it is possible to ship the PC/SC-daemon as the other snap does. Classic is not required. An interface could help people, but there is no guarantee that the PC/SC-daemon will be running on the classic distro system, so it makes some sense to ship it in the snap.
Yes but it’s a kind of thing where I would expect the workstation to handle the daemon side since you are already probably using it for authentication. Smart cards smell of enterprise Fortune 500 companies and I think it would make sense to click into that rather than trying to ship it in a snap.
I don’t oppose being able to ship the daemon there but I think that’s a separate and lower priority project.
@lewix - from what I can see above charta will ship it’s own ps/sc daemon so there is no need for classic confinement for this snap - so I am removing this request for classic confinement for charta from our internal queue.