Hey! I’m helping to package and distribute a nice, geeky little gadget called WhatPulse that monitors stats like number of keystrokes, mouse clicks, amounts of data down- and uploaded through network interfaces etc.
It’s actually already available in the snap store: https://snapcraft.io/whatpulse. However, there’s a bunch of things not working properly yet and most importantly - it’s not confined at this point. The reason I’m writing this post is because, to be honest, I’m wondering if snap is indeed the smartest way to distribute this software and I was hoping you people may give me for example an early warning if there is some dead end that I’m not aware of yet, but will inevitably trash our efforts.
Currently the most obvious issue, at least in my opinion, is that this software relies on getting its hand on a load of various interfaces… And snaps in a way are built to make it easier to limit how much given piece of software can interact with the host OS. Will it be possible to confine WhatPulse in a snap built according to all the snappy best practices and still keep all the functionality of counting clicks, keys, network traffic etc.? I’m not sure if there are interfaces for all of those functionalities and if some are missing - are they missing, because nobody developed them yet, or are they missing on purpose and will never be created because of the snap confinement philosophy?
This post is intended to be general. I’m mostly interested with your overall thoughts about the idea, but still I’d like to drop some specifics as sort of a “second part” of this wall of text - WhatPulse was previously distributed as a standalone binary and worked nicely on Linux, but at one point there was this huge change in OpenSSL libraries that broke backwards compatibility and there was sort of a rift between distros that kept old libs for a long time and these more on the bleeding edge that transitioned quickly… Then there was also some stuff about a segfault in SQLite part of the Qt framework and that caused the author of this app to just say “screw it” and drop his efforts on Linux support. So distributing WhatPulse as a snap is mostly about bundling a set of libraries that are known to work with it to avoid this compatibility hell… Well - I’m writing “mostly” but come to think of that - this is the sole motivation
At the moment it’s working as an experimental, unconfined snap and if we got all the functionality to work this way, maybe there is no reason to ever go into confinement in the first place? What do you think about that, is that “permissible”, so to say, to keep a snap experimental and unconfined forever for people to use as long as they known what they sign up for? And last bit - at the moment even though the snap is not confined, it’s not able to count network traffic. It’s using pfring, pcap or /proc “files” as a fallback depending on what’s available and it seems like none of these solutions work at the moment. Do you have any suggestions as to how to start fixing that?