Personal-files request for git-confined snap

git-confined is Git for Ubuntu Core & Ubuntu Touch, running as a strictly confined Snap.

I’ve gotten the request to add a personal-files plug to it for accessing $HOME/.local/src, argued with as a reflection of the system-wide /usr/src or /usr/local/src equivalent. As such I request permission to connect this interface in the Snap Store.

PR implementing the change: add the personal-files plug by Fuseteam · Pull Request #2 · fredldotme/git-confined-snap · GitHub

Hello @beidl , about $HOME/.local/src, can’t you use the ~/snap/git-confined/common/ directory? For /usr/src access, you can use the system-source-code interface.

The user proposing the change in the PR compares ~/.local/src to be the user-equivalent to /usr/src, sort of like how ~/.local/share reflects /usr/share.

Hey @beidl

If this is snap is only expected to be used on Ubuntu Core/Ubuntu touch systems, you probably don’t need this plug.

According to SNAP environment variables documentation, $HOME points to the per-snap home directory ( SNAP_USER_DATA), typically /home/_user_name_/snap/_snap_name_/_snap_revision_. Thus, if your code tries to access $HOME/.local/src, it should be effectively accessing /home/_user_name_/snap/_snap_name_/_snap_revision_/.local/src and you should not need any plug to access this location.

The real user directory needs to be accessed via SNAP_REAL_HOME. AFAIK, this is mainly needed when the snap is going to be run on systems where a previous non-snap installation (e.g. .deb) may exists, so the snap can use the existent user configuration seamlessly. However, this is not likely to be the case on Core/touch system I think. Does it make sense?

having tested this, i cannot access ~/.local/src without this plug i.e.

cd ~/.local/src
git-confined clone https://github.com/user/repo

it is my preferred workflow to mirror /usr/src to ~/.local/src because it acts like an extension of https://www.freedesktop.org/software/systemd/man/file-hierarchy.html#Home%20Directory and it allows me to more cleanly manage my files

Hey @fuseteam

It seems I initially misunderstood the purpose of the interface, now it is clear.

So the request is a bit tricky. In general, personal-files is only granted to directories that are clearly owned by the snap (and ~/.local/src is clearly not) or the publisher is vetted as member of the upstream project (git in this case). Could you please clarify if the snap publisher is member of the git project?

According to the initial comment in your PR, I assume you are requesting manual connection for this interface. If that’s the case, I could still support this request unless other @reviewers strongly oppose.

I am not a member of upstream Git development.

yes manual connection is fine for my usecase

Thanks @beidl @fuseteam for confirming :slight_smile:

1 Like

I can also support this interface request with manual connection so +1 from me

1 Like

+2 for, 0 against granting manual connection to the requested personal-files interface (./local/src). To finish this request, a new revision for the snap including the requested plug needs to be uploaded to the store.

Could you please also update the snap description describing this new feature and how to the user can manually connect this interface?

Thanks

1 Like

Permissions have been updated in the store. This is now live.

Again, thank you a lot!