My snap when installed says "dpkg error Permission denied"

Hello developers,

First time posting here, sorry if I missed something. So I have a shell script that helps users install & configure Apache2 server easily (Easy Apache). I have this same package built as a deb package. Now when I install Easy Apache using the deb package it runs all good, but recently I built it for snap and when I install it through snap I always see an error

and am stuck with this, can someone help me understand and fix this, please?
If it helps here is the Easy Apache Github link so you can see what am doing

The snap sandbox used to run applications is intended to prevent them from interfering with other applications or destabilising the operating system. A script that tries to install and reconfigure packages with apt is not going to be able to run in that sandbox.

The curl failure in the script is also a result of sandbox restrictions: as you haven’t declared that your application needs network access, the access is blocked.

You can probably get your script running under classic confinement, which is closer to the environment the deb packaged version runs under. It would need to pass an approval process to publish to the store, and it seems unlikely to succeed (“3rd party installer snaps” is listed as unsupported).

One alternative is if you wanted to ship a snap that ships a version of Apache configured to run in the strict confinement sandbox that your script can manage. One benefit of this is that it would run on any system snaps support, rather than just Debian/Ubuntu derived ones.


Hey Jamesh, thanks for replying and making me understand.

I use dpkg only to check if {X} package is installed or not, so maybe I’ll find some other way to check (or suggest me if you know any better way).

I have 1 last question, I do echo -e "Some string" multiple times in my script, when installed through snap the -e in echo statement is also getting printed in the output (see below image, highlighted with the red circle)

Any guesses on why this would be happening?

It looks like your script is running under /bin/sh (dash), where the builtin echo command does not support the argument (since it is not part of POSIX). If you want your script to run under bash, try adding #!/bin/bash as the first line of the script.

As far using dpkg goes, as well as not being able to install packages you won’t be able to see what is installed on the system from strict confinement. For example, Apache is installed on my system:

$ ls /usr/sbin/apache2

But if I try the same for a shell running inside a snap’s sandbox, I get a different answer:

$ snap run --shell chromium
To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.

$ ls /usr/sbin/apache2
ls: cannot access '/usr/sbin/apache2': No such file or directory

This is because the strict confinement sandbox uses a private mount namespace to give the app a consistent runtime environment, no matter which distro release it is installed on. In addition to simple binaries like this, it means the snap won’t be able to see the host system’s package database.

1 Like

Thank you so much Jamesh. You also made me understand a few other things through your answer. Appreciate your help :slight_smile: thanks again.

1 Like