Manual review request

The latest Visual LVM Remote submitted.
We have tried best to remove interfaces as instructions.
The current version is the one that uses the least interface, and we hope it can pass the review.
thank you

i moved your post to the store-requests category so the reviewers see it …

Hey @weLees,

Please remember there is a process to request auto-connections. When creating a post, you should explain which interfaces you are requesting auto-connection, and the technical reason behind that request.

Still, I found there is a related post where you already provided explanation but the latest snap declaration is not matching the original request.

Also, by taking a look at the latest version, I see you are still using system-files for accesses we already mentioned other interfaces should be used instead. The system-files interface is typically used to provide read-only access to system configuration directories created by a non-snap version of an application now running from an equivalent snap which is not this case.

Did you try plugging system-observe and hardware-observe (or others) as suggested?

I recommend running snappy-debug while troubleshooting, it will recommend interfaces based on the behavior it observes in your snap.

@weLees ping, can you please provide the requested information?

Hi emitorino, Sorry for the late reply, but we are currently solving an urgent issue of Visual LVM, we will try after completion

1 Like

Hi, the new version(4.4) submitted, we remove system-files interface. Please review thanks

I notice your snap is still using system-files:

plugs:
  etc-lvm-backup:
    interface: system-files
    read:
    - /run/lvm
    - /sys/firmware/dmi/tables
    - /sys/devices
    - /proc
    write:
    - /etc/visual_lvm
    - /dev/mapper
    - /run/lvm
    - /run
    - /dev
    - /sys/devices/virtual/bdi
  null-device:
    interface: system-files
    write:
    - /dev/null

So this has not been removed. Can you please clarify?

In the latest version 4.4.779 We try best to remove system-files referencing, only 3 left

interface: system-files
write:
  - /dev    ------for fdisk enumerate disk
read:
  - /sys/devices    --------to get disk information(vendor/type)
  - /proc           ---------to enumerate md(raid) device

Without them, we can’t show user the storage information

Hello @weLees, did you try to use the system-observe and hardware-observe as mentioned in the previous comments?

Yes, we have tried but fail…

@weLees apologize for this long discussion but we are trying to help you follow the best practices for snapping your application.

It is not correct to grant the wide access to /proc, /dev etc without really understanding why you are not able to make your snap work using the suggested interfaces. Can you please try to use them and share here the AppArmor denials you are seeing? This will be very helpful for us to get a better understanding and hopefully help you make your snap work the correct way.

If this helps, this is a recent application we have granted declarations Approval request for list-filesystem - lfs and is able to list drives utilization by plugging some of the interfaces we have suggested.

Thanks!

@weLees - hello, can you please provide the requested information? What denial messages are you seeing?