Hi everyone, I’d like to call the “snap” command (e.g. “snap info <snap_name>” or “snap install <snap_name>”) from within another snap written in golang.
If I call the “snap” command with this:
cmd := exec.Command("snap", "info", snap_name)
out, err := cmd.CombinedOutput()
if err != nil {
return string(out), err
} else {
return string(out), nil
it returns “fork/exec /usr/bin/snap: permission denied”.
If I set “confinement:devmode” it perfectly works but if I run it in “confinement:strict” it doesn’t.
Am i missing something?
This is my snapcraft.yaml:
name: test
summary: test.
description: |
Test.
version: '1.0'
grade: devel
confinement: strict
apps:
agent:
command: bin/Agent
plugs:
- snapd-control
- home
- network
daemon: simple
restart-condition: always
parts:
poc-root:
plugin: go
go-packages:
- test/Agent
source: .
source-type: local
go-importpath: test
build-packages: [ gcc ]
architectures:
- build-on: amd64
run-on: [amd64, arm64]
Thank you