Is it possible for a confined application to use a normal system daemon via socket-connection?
Yes.
@glasen77 that’s exactly what interfaces are for.
And if i want to connect to a daemon without an interface?
Could you be a bit more specific? Then we might be able to help…
I’m packaging a snap for the german “AusweisApp2”. At the moment i also deliver the PC/SC-lite-daemon and all needed drivers with this snap-package. This works good enough but produces some annoying problems:
There are some card-carders with binary-only Linux-drivers and i cannot ship them with the snap because of licensing issues and problems with hard-coded paths.
The second problem is that programs which are installed normally cannot connect to the snapped pscsd-daemon. There is a workaround but not every program works with it.
My question is now:
Can i connect a sandboxed snap to pcscd which was installed with the normal package-manager?
This likely needs a pcscd interface that would be an implicit classic interface. If you are so inclined, you could submit a PR to the snapd project for this. You might look at the ppp interface for inspiration.
You can test this by installing a client snap with --devmode and looking at policy violations in the logs (which will otherwise be allowed).