I have a snap that wants to copy a file to /etc/udev/rules.d directory in refresh and on install. I ipt.have been granted permission to connect to the system-files interface for this purpose.
I have added the copy line to the post-refresh and the install script.
I am using a brand store so my snap gets refreshed from the store. However it seems that I still do not have the correct permissions:
2023-01-18T14:06:40Z INFO Waiting for “snap.epi-zaphost.main.service” to stop.
error: cannot perform the following tasks:
Run post-refresh hook of “epi-zaphost” snap if present (run hook “post-refresh”:
I can see that the snap-declaration is updated for the snap as expected.
Is it to do with the order, does the post-refresh hook run before the auto-connect of the interface happens?
Hi,
Yes, I think my problems were related to the snap declaration not being refreshed at the time I installed the new version.
However out of interest, do you think it is better to declare the exact file I plan to write (as you did) or the directory like I did here?
I guess it’s more convenient to get write access to the entire directory, but if you are wanting to stay more secure you could argue that limiting the write access is better, and would ensure you don’t overwrite any other files that get managed there.
But, I think you have to use whatever path you have had approved interface connection policy, which you should be able to see in the store.