This will require the personal-files interface, see https://snapcraft.io/docs/personal-files-interface for more details and how to request store approval for usage of this interface.
For these types of commands, are you shipping these commands in the snap? If not, while basic shell utilities like
mv you can use what’s in the rootfs from your snap’s base snap (i.e. core or core18), things like
git will need to be included in the snap to be usable in your snap.
If you know that all of the programs the user will need will exist in subdirectories of $HOME that are not prefixed with “.” (i.e. nothing that starts with
$HOME/.xyz/...) then you should be able to do this with the home interface connected. Note however that all of those programs would need to be smart enough to be executed without the normal rootfs available to them (i.e. they wouldn’t be able to run
/usr/bin/git directly, they would need to use
$PATH to pickup
If however this requirement expands to needing to be able to run any arbitrary program from the user’s $PATH, then this is not currently doable with strict confinement and you would need to request classic confinement, explaining why your application cannot predict the location of the binaries on the user’s system and the application’s need to use the arbitrary binaries from the host filesystem rather than just shipping the binaries in your snap.
This is doable, even for the binaries from $HOME, they will inherit the same confinement as your snap when launched from inside your snap and as such will be able to use this directory provided you use the personal-files interface as described above.
Can you elaborate on this requirement a bit more? What are the expected locations that these tools would normally write to?