For the next release of MiniZinc we were hoping to add the snap store as a new distribution medium for the MiniZinc bundle. We created a snap named minizinc that contains both the MiniZinc compiler/driver and the MiniZinc IDE.
We would like to request classic confinement for this snap as were currently running into various limitations. One of MiniZinc’s main features is to interface with various optimisation solvers. Not all of these solvers are reachable in the strict confinement as they might be installed anywhere on the system. The IDE itself also doesn’t behave as expected within the strict confinement as it for instance cannot access the filesystem as the user knows it.
Let us know if there is any more information is required
Hi there, thanks for working on a snap of MiniZinc. Can you share a link to your snapcraft.yaml, please? It is possible that it can be strictly confined and we can take a quick look.
name: minizinc
version: latest
version-script: cat version.txt
summary: The MiniZinc bundle
icon: shared/icon.png
description: |
MiniZinc is a free and open-source constraint modeling language. You can
use MiniZinc to model constraint satisfaction and optimization problems in
a high-level, solver-independent way, taking advantage of a large library
of pre-defined constraints. Your model is then compiled into FlatZinc, a
solver input language that is understood by a wide range of solvers.
confinement: classic
parts:
minizinc:
plugin: dump
source: package/
after: [desktop-qt5]
stage-packages:
- libdouble-conversion1v5
- libgstreamer1.0-0
- libgstreamer-plugins-base1.0-0
- libicu55
- liblzma5
- libxml2
- libxslt1.1
apps:
minizinc:
command: minizinc
ide:
command: bash $SNAP/MiniZincIDE.sh
desktop: MiniZincIDE.desktop
We initially tried the strict confinement and used the interfaces plugs home, network, opengl, x11 (also prepending desktop-launch to the MiniZincIDE command). This gave us some basic functionality, but gave some strange errors. We also got feedback for some initial testers that IDE behaved strangely and that you can not connect to solvers that are not in your home directory.
Ping @moderators. Would anyone be able to give us an update on the process or at least provide us with a timeline for when we can expect some feedback on what to do with our snap?
Ping @Wimpress - Just trying one last time. We’re planning the release for the beginning of next week so we’re really hoping to hear something back soon.
@MiniZinc Sorry for the delay in replying, it is holiday and conference season. I’ve downloaded the MiniZinc tarball bundle and had an experiment. I now better appreciate why classic confinement is desirable for you.
I’m happy to +1 the request for classic confinement but I would like to collaborate with you after the initial release to work towards strictly confining it as I think that will be possible in the near term.
@Wimpress I’m glad to have the support. We’d be happy to look into the option of using a strict confinement if it won’t limit the functionality.
@jdstrand, I don’t know what kind of vetting is required, but we did have to acquire the “minizinc” name for the snap, so maybe some of this work has already been done.
