I think dm-crypt is providing more accesses than the ones required by visual-lvm-remote but seems to be the more appropiate iface to grant access to /dev/mapper/control as needed.
@isaac.clack: Does visual-lvm-remote require this access for basic operations or it is needed for some specific use cases? I ask since I will then be +1 for use of dm-crypt but since its a super privileged interface, I would avoid auto-connect unless this is required for the snap to properly operate on general use cases.
Following a similar reasoning, since this snap is not the owner of /run/lvm, I vote +1 for use (and not auto-connect) of system-files. Also, I suggest you rename the iface reference access to run-lvm to better represent to the user the access being granted.
Can other @reviewers please vote? Thanks!