can you clarify how it is not working?
BTW, for reviewers or others who come here looking for an example of using the docker snap from another strict snap, I made an example snap here: https://github.com/anonymouse64/docker-snap-usage-example that can be used as reference
Yes, sorry. Itās the same error as in post #9.
File "/snap/wilfred/x1/lib/python3.6/site-packages/docker/transport/unixconn.py", line 43, in connect
sock.connect(self.unix_socket)
PermissionError: [Errno 13] Permission denied
Is the user this is running as in the docker group?
Yes, my user on the system is in the docker group.
Any news regarding this? Still no change as far as I can see.
No sorry I donāt know why itās not working for you and unfortunately I donāt have much time to investigate this at the moment
Alright, I understand.
Maybe I misunderstood something but I thought this was an issue with how snap deals with the Docker interface. As per this post (by @jdstrand), I thought that this would be fixed in 2.44. I just want to know whether there have plans to solve this or not. If not, or not within the near future, then Iād like to request the classic confinement for my snap.
This was not completed in time for 2.45, but I will be submitting a PR for this by midweek for 2.45 inclusion. Iāll post the PR link here when I submit it.
I looked into this again, and @zyga-snapd is right. If I add implicitOnClassic: true then install the docker snap on a classic distro system, then ādocker:docker-cliā plug does not auto-connect because there are two slot providers: snapd and the docker snap itself. This can be easily fixed in the docker snapās snap declaration (to use slot-snap-id) and any plugging snaps that have an auto-connection (to use greedy plugs), but weād need to query the store for those.
I have loosely been following the conversation on that pull request but it seems it was now closed. If no changes to snapd are proposed Iād like to revive my request for the classic confinement for my snap.
@pedronis closed that PR until a conversation could be had on moving forward, which is expected to happen soonish. As for granting classic in the meantime, weāve not historically granted classic confinement for this since your snap would be expected to work with the docker snap today and that support for docker-from-traditional-packaging would come after we resolve the remaining issues. Iām not sure if @pedronis has more to add or wants to weigh in.
Alright, I see. Letās say I want to prepare my snap package for using the strict confinement. Is there any other request I need to make in order for my snap to be able to access the plugs/interfaces required?
This is the full snap/snapcraft.yml file which I hope works after this change you mention is implemented.
name: wilfred
base: core18
version: git # set version on release ('v0.1.0') and use 'git' during dev
summary: A CLI for managing game servers using Docker # 79 char long summary
description: |
Wilfred is a command-line interface for running game servers locally. It uses Docker to run game servers in containers, which means they are completely separated. Wilfred can run any game that can run in Docker.
Wilfred is currently under development and should not be considered stable. Features may break or may not be implemented yet. Use with caution.
grade: devel # 'stable' on release ('devel' during dev)
confinement: strict
parts:
wilfred:
override-build: |
sed -i "s/development/`git log -1 --format="%H"`/g" wilfred/version.py
sed -i "s/YYYY-MM-DD/`git log -1 --format="%at" | xargs -I{} date -d @{} +%Y-%m-%d`/g" wilfred/version.py
snapcraftctl build
plugin: python
source: .
build-packages:
- python3-distutils
- build-essential
apps:
wilfred:
command: bin/wilfred
plugs:
- home
- removable-media
- docker
- network
environment:
PYTHONIOENCODING: utf-8
LC_ALL: C.UTF-8
LANG: C.UTF-8