Classic confinement request for Voxelizer


#1

Hi,

I’d like to release an experimental version of Voxelizer, our voxel-based 3d manufacturing software (https://voxelizer.com) to the snap store.

One of the secondary functionalities of the application is establishing a direct connection to the 3d manufacturing machine (usually a 3d printer) in order to control it directly. The machine is connected via either a serial connection (emulated over USB or Bluetooth) or as a generic HID interface. Due to the large variety of 3d printers and system configurations, it’s impossible to know up-front which serial or HID device will be needed for the connection - the program needs to be able to scan all the devices and let the user choose the right one.

We have experimented with strict confinement, and while it works fine for the primary functionalities of the program, it doesn’t seem to be possible to use it for generic connection to an arbitrary serial port / HID device with arbitrary VID and PID - hence a need for classic confinement.


#2

@pstolowski is working on a feature called dynamic hotplugging that might help here. @pstolowski, can you comment?


#3

Indeed, hotplug support (which is gradually landing, but not ready to use yet) may help with that, although it may not address the above scenario to the letter.

The basic idea is that with hotplug snapd will dynamically create slots for concrete devices, and will keep track of them (e.g. if device path changes on next reboot, the slot will be updated internally and still grant permissions to that particular device). A plug connected to such slot will only see that one device. Interface hooks may be used by the snap to integrate with this mechanism (e.g. invoke custom logic as plug gets connected to given device via the slot). Hotplug will initially be supported by serial-port interface (this includes USB UART adapters) and USB cameras. Enumeration of all existing devices from the snap is a separate issue and will likely be considered on case-by-case basis when interfaces get updated for hotplug.