For example, one can use the
sudo wimlib.wimcapture /dev/sdXN Windows10_20180927.wim command to back-up a Microsoft Windows
C: drive/volume to a WIM image and restore it later using the
sudo wimlib.wimapply Windows10_20180927.wim /dev/sdXN command. These two commands, in particular, require raw read/write access to internal storage devices’ block device.
Here’s an example output of the
$ sudo wimlib.wimcapture /dev/sda3 sda3.wim --compress=none
Capturing WIM image from NTFS filesystem on "/dev/sda3"
Excluding "/$Recycle.Bin" from capture
26 MiB scanned (896 files, 356 directories)
Excluding "/pagefile.sys" from capture
9 GiB scanned (58807 files, 7341 directories)
Excluding "/swapfile.sys" from capture
Excluding "/System Volume Information" from capture
31 GiB scanned (225927 files, 40757 directories)
Archiving file data: 26 GiB of 29 GiB (90%) done
Archiving file data: 28 GiB of 28 GiB (100%) done
For other exposed commands such as
wimlib.wiminfo Windows10_20180927.wim for querying information of a WIM image only regular file access is required, yet classic confinement can’t be constrained to certain app commands of a snap.