Exposing shared library contained in snap to host system

Hi everyone, i have a very specific question. I am currently working on a project which enables users to digitally sign the document using their ID card by using the external signing application. In order to sign the document we use our custom PKCS11 wrapper library that will be shipped with the application. The signing scenario is as follows:

  • User start external signing application
  • User specifies the PATH to our PKCS11 wrapper library shipped alongside the application
  • User is prompted to enter 2 security codes to confirm his identity
  • Document signed!

The PKCS11 shared library is also dependent on other shared libraries shipped alongside the application.

So my questions are:

Is there any way I can expose our PKCS11 library to the host system?

If so can i make the path to the PKCS11 library always be the same on all distros and different hosts?

If you’re shipping the library along with the application then why do you need to expose the library to the system?

Hi, thank you for your reply. Its because the external independent app is the one that uses this library. And it uses it by selecting (browsing) the path to our PKCS11 library

you could use an install hook to put the lib into $SNAP_COMMON and then tell your users to point their authentication app to /var/snap/<snapname>/common (which the variable translates to) … though i’m not sure how you actually plan to make your app communicate with the signing app, confinement might get in your way here …

1 Like

Thank you for your reply i will look into this.