Classic confinement for mosh

msis · October 3, 2017, 8:26pm

The mosh snap needs to be set to classic to allow the user to do ssh-things when connected.

Description and source can be found in the call for testing.

Wimpress · October 4, 2017, 10:26am

I’ve just checked the mosh store review and the use of classic was approved by @evan on September 29th

jdstrand · October 4, 2017, 1:49pm

@Wimpress - the request seems to be for https://dashboard.snapcraft.io/dev/snaps/8487 and I don’t see any feedback indicating it was accepted. There is another mosh snap in the store, but it is using devmode.

niemeyer · October 5, 2017, 5:53pm

@msis It would actually be nice to have this one fully confined. It’d mean being able to use it from more distributions and also from Ubuntu Core. Can you provide some details about why the confinement is being an issue there?

Wimpress · October 6, 2017, 8:37am

No access to ~/.ssh unless you use classic confinement is the cited reason. Not the first time we’ve seen developers use classic for applications requiring access to ssh or gnupg keys.

niemeyer · October 6, 2017, 12:41pm

We can easily introduce interfaces for that. Perhaps ssh-keys and gnupg-keys?

Is there anything else?

niemeyer · October 6, 2017, 1:42pm

A post was split to a new topic: Access to dotfiles from IntelliJ

Wimpress · October 6, 2017, 2:46pm

@niemeyer Those interface names sound sensible to me and are the only two examples of dot directory access that has prevented snap publishers from staying strictly confined.

niemeyer · October 6, 2017, 2:52pm

@jdstrand What do you think of those interfaces? Should we split them up, maybe:

private-ssh-keys (gives access to both private and public keys)
public-ssh-keys (public only)
private-gnupg-keys (private and public keyrings)
public-gnupg-keys (public keyring only)

niemeyer · October 6, 2017, 4:34pm

Alternatively, ssh-public-keys, ssh-private-keys, etc, so it sorts properly.

jdstrand · October 6, 2017, 8:35pm

I wonder if this would be better:

ssh-public-keys (public only and safe config)
ssh-keys (public, private and all config)
gpg-public-keys (public only and safe config)
gpg-keys (public, private and all config)

I agree that ‘private’ should include private and public and leaving ‘private’ out of the name conveys that better to me.

If you agree to the naming, I can add this to my backlog. I’d like to study typical accesses a little.

jdstrand · October 27, 2017, 9:39pm

In the interest of time, I created https://github.com/snapcore/snapd/pull/4100 so we can discuss how best to proceed.

@msis - I would be curious on your input in that PR. If you want, you can install your snap in strict mode, then adjust /var/lib/snapd/apparmor/profiles/snap.mosh.mosh (or whatever makes sense) with what is in ‘ssh-keys’ in that PR, then load into the kernel with: sudo apparmor_parser -r /var/lib/snapd/apparmor/profiles/snap.mosh.mosh. Importantly, if you install/refresh/remove/reboot/etc the changes will be overwritten.

jdstrand · December 8, 2017, 6:14pm

This is now committed to master and will be in 2.30.