I am going to prepare and publish a snap package(-s) for our software (https://www.ivpn.net/apps). But, before doing that, I want to consult about some questions.
The software I want to publish is an open-source VPN client (https://github.com/ivpn/desktop-app).
It is split into two general parts:
- a daemon, which works as a system service with privileged user rights (and also a small CLI tool). The privileged environment is required for daemon because of various reasons: to be able to establish a VPN connection, to control DNS configuration, to control firewall rules (iptables), to monitor changes in network interfaces… etc.
- a UI which is an Electron application that is communicating with daemon over the localhost socket interface.
Here are the questions I want to consult with you:
- Due to the reasons described above, I see the only way to make ‘daemon’ work is to use ‘Classic’ confinement for the snap. Is there any chance for such a package to be approved for publishing on the Snapcraft store?
- It seems, in general, that UI can work in ‘Strict’ snap confinement. So I assume that the UI can be packed into a separate snap with strict confinement.
The only problem which I have to solve: the UI needs to have read access to a single file in the filesystem (the file were created by daemon). This file is common for all users in a system, so saving it in the
homefolder is not a solution. What is the best way to solve it? Additionally, I want to avoid any manual work from the user side. So, I do not want users to connect snap interfaces manually.
- Can the UI be packed together with a daemon into one snap (using Classic confinement)? I mean, can such a snap be approved for publishing on the Snapcraft store?