In my snapcraft.yaml I have the following layouts:
layout:
/etc/greengrass: bind: $SNAP_DATA/greengrass
/run/greengrass: bind: $SNAP_DATA/greengrass
The first one with etc works fine. The second one with run gets the following error:
"Cannot pack snap: error: cannot validate snap “thio”: layout “/run/greengrass” defines a new top-level directory “/run”
Why is this? Is this a bug? They are identical binds and I am not creating /run I am simply putting a bind in it just like /etc.
Help?
/run is a verbotten top-level path for layouts (doc).
The error message is weird, however; I’d expect it to say something else. Is this coming from snapd or snapcraft (does it happen if you run snap pack on the prime/ directory)?
Its coming from snapcraft. What I am starting to find in snapcraft doc is /var is disallowed. This makes no sense to me when trying to use this for sockets – which is what it is often used for. I mean I get not being able to write to the ACTUAL /run but I thought this was what layouts were all about – being able to symlink or bind writeable areas inside the snap to root dirs many applications expect to see/use
The validation is from snapd.git that is built into snapcraft (the snap pack validation logic). Indeed layouts on /run are not allowed.
This layout, even if it did work, would cause the mount namespace to have to be updated on each snap refresh as $SNAP_DATA contains $SNAP_REVISION. I would suggest using $SNAP_COMMON to make the mount profile fixed across refreshes
