Replacing setuid functionality in snap


I’m working on packaging log-user-session, which provides a tamper-proof log of commands run during an SSH session. It’s useful for running on a bastion host and is not currently packaged.

To do it’s job, it needs to observe commands run by users. I’ve started to create a snapcraft.yaml file for it, but it fails when it gets to the step where the binary would be chowned with the setuid bit.

I’m guessing this should be replaced with a plug in snap, perhaps of type system-observe, but I’m not sure. The source code is linked above is if someone is able to help confirm. It’s a short bit of C.

Assuming there’s a correct “plug” to help with this, do I use override-build to strip out the chown command then?


I’m not sure that the application will work in a snap as-is, unless you are granted the ability to use classic mode, which means your snap will only work on normal distros (not all-snap distros like Ubuntu Core, e.g.). This is because setuid is not permitted by the rules of the snap store.

The alternative is to rewrite the application into a client-server pair where the user-level process (cilent) ships it’s logs to a daemon (server) running as root to save those logs to disk.

1 Like


If the snap only works on Ubuntu, that’s fine with me. I’m a user of the app, not the author and am not a position to rewrite it. What would need to happen if I only want the snap to work on normal distros?

I don’t think setuid (nor fscaps) are allowed in non-base snaps, never mind their confinement.

1 Like