I would like to be able to use the “classic” value for the “confinement” attribute. I’m developing a tool for VPN and I need different permissions to manipulate VPNs. With the “classic” option I can do all VPN operations, Create, update, delete and connect.
Snap name: j-ovpn-ui.
Difficulty making an application work under strict confinement is not a sufficient reason for the use of classic confinement as per Process for reviewing classic confinement snaps.
Other VPN tools have been successfully created using strict confinement - likely you will need to plug firewall-control or some similar interface - please see https://snapcraft.io/docs/debug-snaps for more details on how to figure out which interfaces to plug - in particular the use of snappy-debug. Thanks.
Core18 with the installation of the network-manager package does not have the external plugin “org.vpn.freedesktop” for VPN. core20 does not have Maven, and core22 also throws errors.
Is there any other alternative ?
@diego.armange.costa hey,
It’s been a while since we last discussed. I am checking the status of this request. Did you make any progress with making j-ovpn-ui work under strict confimenet?
I made no progress. I couldn’t find any documentation that could help. Since it’s been a while, I don’t remember the details anymore, but I didn’t find any solution. In all the tests I did, it failed. I abandoned the project due to lack of support for Snap.
There are quite a few VPN clients in the store that work fine under strict confinement, did you consider just taking a look at their snapcraft.yaml ? The snap ecosystem should provide all your app needs through its different network, system and hardware related interfaces.
Yes. I could look at some files.
Will you point me to a specific YML?
Thanks.
This is one example: ike/snap/snapcraft.yaml at master · xlinuxmanx/ike · GitHub
I found it by searching on the store: https://snapcraft.io/search?q=VPN+client, and then inspecting the developer side link. I just shared the first I clicked on, not sure if it serve your needs (but you can keep searching the other results or even search here in the forum for similar keywords)
Could you check the sample provided?
@diego.armange.costa - ping, this request cannot proceed without the requested information?
@diego.armange.costa - ping, this request cannot proceed without the requested information
@diego.armange.costa - ping, this request cannot proceed without the requested information
@diego.armange.costa - since we’ve not heard back from you, we are removing this request from our review queue. When you have more time to respond, simply do so here and we can add the request back to the queue. Thanks!
