Need to have classic confinement for our reemd gateway app since our application is a gateway for users to login to their IoT and Linux devices remotely. reemd opens tty terminals and forwards them to the remote user and they can access their devices through a web app, very similar to TeamViewer, but without GUIs. reemd needs full access to the OS to function properly.
reemotly is a remote connectivity and IoT Platform.
One point I forgot to mention, reemd is to run as a daemon or service
What access is required that is not covered by current interfaces?
reemd needs the ability to start shells (bash, sh, zshā¦). The main functionality of reemd is to act as a gateway to start CLI/terminal/shell sessions remotely through a web browser using our cloud platform. We need the ability spawn these shells (processes).
Iām new to snapcraft I canāt seem to find an interface that would allow the app to execute or start other programs in the OS. Is this correct? Is there a way to do this through strict confinement?
Remote users will have the ability to access their files remotely as well, so a read access to the entire filesystem would be good.
reemd will also provide stats on hardware, cpu, disk space, memory usage. Access to observe hardware is required for this, which I think it already exists as an interface of snap.
What happens when that access is denied? (does your app crash, have missing functionalityā¦?)
The app will have missing functionality
Can you post denial messages from apparmor when you try to run your app under strict confinement?
Hi daniel! Jacek Jaworski here - I am failed to send email to you. It seems your address not exists on bang-on.net . If you want serve your consultancy for me - then please let me know some working email addressā¦
Yes! You sent from bang-on.net - please send me dumb email to jaworski1978@adres.pl . I wrote prepositions of our colaboration. I will send you this document as son as you send me valid your email address.
" ā¦the use cases reported matches with a class of problems that weāve been avoiding classic confinement, at least for the time being: open-ended access into the whole device by remote parties, for management purposes.
Our suggestion for these problems right now is to continue packaging them as deb packages, and offering them through a PPA or other form of custom repository.
" ā @niemeyer
You mentioned IoT several times in your request-- is this snap meant to run on Ubuntu Core? If so, please understand that classic confinement is not available on Ubuntu Core and packaging your application as a snap would need a new snapd interface that your snap would āplugsā. This would need some design. Please comment on your intended deployments and any other details that might be helpful.
We want to deploy our app in as many distributions as possible, and that can be either traditional OS or IoT focused, such as openWRT or Raspberry Pi. I do understand that for Ubuntu Core it wonāt currently work, unless some āplugsā are designed. Iām looking into this possibility.
Our customers are asking for terminal/CLI remote connectivity solutions to their IoT / Headless devices and the Snap Store seemed like the best solution to distribute them to many different distributions while at the same time have automatic updates.
Hopefully we could deploy at with Classic confinement (excluding Ubuntu Core) for now. Looking forward to hear your decision.
@jdstrand@pedronis@niemeyer - Any news on this? Iām okay without deploying to Ubuntu Core, but Classic Confinement is needed for other traditional distributions. Let me know. This is very important for us.
@jdstrand@pedronis@niemeyer@lucyllewy hey guys, sorry to bother. Just checking in on this request. We really need classic confinement to deploy our app. Please respond.
Sorry this fell off the radar and only getting back to you now.
We discussed this in January and came to the conclusion that this application falls under the broad category of āremote management applicationsā which are currently not candidates for distribution as classic snaps in the Global snap store. Since your application is meant to manage devices, you may want to consider a Brand store since they are specifically designed to give Brand owners management control over their devices and snap content.
