Issue installing LXD locally due to lack of lxd-support interface

I have been trying to install LXD locally with the --dangerous option without success as documented here. This was mainly a way for us to make the LXD installation not track a remote channel so it doesn’t automatically refresh.

Is there a way to attach the lxd-support interface during the installation of the local snap? Following is an example output of the issue in question:

root@lxd-test:~# snap download lxd --channel=4.0/stable
Fetching snap "lxd"
Fetching assertions for "lxd"
Install the snap with:
   snap ack lxd_22753.assert
   snap install lxd_22753.snap
root@lxd-test:~# snap install lxd_22753.snap --dangerous
error: cannot perform the following tasks:
- Run configure hook of "lxd" snap if present (run hook "configure": 
cat: /proc/self/attr/current: Permission denied
/snap/lxd/x1/snap/hooks/configure: 5: exec: aa-exec: Permission denied

can you attach the full output of snap version ?

Here it goes:

root@lxd-test:~# snap version
snap    2.55.3
snapd   2.55.3
series  16
ubuntu  20.04
kernel  5.4.0-109-generic

oh, you are trying to run lxd inside lxd ? i think that only works if your outer lxd container is fully privileged … (i could be wrong though, perhaps @stgraber can chime in here)

Oh no, the host is a VirtualBox VM, but I tested it with a physical host too with the same results. The snap version output of the physical host is the same as the one I posted above.

One possible workaround I found for this issue is to not remove the default LXD installation that comes with Ubuntu. This way I can install a local LXD snap over the existing installation with the --dangerous option without running into issues with non attached interfaces.

It sounds like the “configure” hook (which is run during the install process) expects the lxd-support plug to already be plugged, which won’t be the case if you install using --dangerous.

If you run the snap ack command like snap download recommends, you should have all the assertions installed to install the snap without --dangerous. It will be recognised as being trusted by the store then, and subject to automated updates.

Maybe the solution to your problem is to customise the update schedule as discussed here:

That way you can delay the updates to a time that suits you.

Thank you for the response, I have tested the snap ack command before and the same error appears when LXD is not installed:

We wanted to have it so that the LXD snap would only be updated when strictly needed to prevent any issues from happening in production servers. In order for that to happen we had to install it locally with the --dangerous option.

If the default LXD installation is not removed we can install over it with the --dangerous without running snap ack and automatic updates won’t happen as it won’t track a remote channel in this scenario:

root@lxd-test:~# lxc --version
root@lxd-test:~# snap install lxd_22753.snap --dangerous
lxd 4.0.9-8e2046b installed
root@lxd-test:~# snap refresh lxd
error: local snap "lxd" is unknown to the store, use --amend to proceed anyway

The solution for my use case in particular was to not uninstall the default LXD version in the first place and download and install the latest LXD version in 4.0/stable with the --dangerous option for new servers.