Replace a file in existing snap


I’m in the process of converting a process which would build then dynamically update a Debian package to one which builds a series of snap packages, one of which will need to be dynamically updated. There currently is no yaml or push to deploy via some store and there definitely won’t be the last part, ever. This is a kiosk type application which allows users of it to upload custom content. The content currently gets put into a zip file of a specific name and then gets stuck into an existing ISO or Debian. We pop them apart, replace the file, then put them back together.

Is there an approved method of popping apart a snap to replace a single file without installing it somewhere? If so, can someone please provide a link.

What would you do with the snap once you replace the file?

Someone would pull it down and install it 1-N times. The file is a bunch of content for the app to display. Much of that content can be uploaded by the user so it is specific to them.

“pull it down” from where?

Your question really has no bearing on the answer. I asked how to pop a snap open and replace a single file.

If you must know, the application is part of a rather large system where users of the software log onto a Web site. They choose various content options and upload some of their own content. All of that content gets zipped up into one file which gets replaced, today, in the Debian package. They then download the Debian and install it on however many machines they want.

I just want to know how to pop open a snap on a headless server and replace the same file. I can already do this in both an ISO and a Debian package. In order for snap to be a viable alternative I need to be able to do the same thing.

snap packages are gpg signed squashfs filesystems, you can unpack them like any other squashfs using unsquashfs from the squashfs-tools package …

you can re-pack a snap using the snapcraft snap command in the toplevel of the unpacked dir but indeed lose the complete gpg signature (which is applied by the store using a trusted archive key snapd understands), so this snap would only be installable with the --dangerous option and not be upgradeable.


It was never going to the store so the --dangerous thing is a non-issue. Currently, every time the user changes the content they get a new Debian package with the lastest of everything. Some do that every week, others every month or so. This is not a set-it-and-forget-it thing. At most 1 in 7 of the ocean of machines it is installed on have any Internet connection. Most get it via sneaker-net.