Request for snapd-control interface: spm


I was trying out electron and made a small GUI for Snap Store in the process called “spm”.
Due to the use of “snapd-control” interface it was not approved in the public store. Using this interface was necessary to keep the application in strict confinement while communicating with “/run/snapd.socket”.
I think this application would be useful for people who doesn’t have or use “Ubuntu Software” in their distros, since it is standalone and cross-platform.
I was wondering if it’s possible to publish it in the public store?


1 Like

The snapd-control interface is reserved for snaps that require device ownership and the ability to control all aspects of snaps on the system. Uploads to the public store are therefore automatically rejected. I suggest considering using a brand store which will limit the snap to the devices associated with your brand store. Please contact and for information on brand stores. If this snap is useful to people other than your device’s users, please describe why the snap should be in the public store instead of a brand store. Thanks!

Thank you for your response.

I have got the same response for this application during its auto and manual review and therefore made this post in the forum.
As I explained in the initial post, this app is intended as a cross-platform and standalone GUI for the public snap store. I believe it will be useful for people who want to use the snap store with a GUI but doesn’t (have/need/want) the “Ubuntu Software” in their operating systems.


1 Like

The Ubuntu Desktop team are currently working on a snap-store snap which does this as well. It’s a build of GNOME Software with just the snap and ODRS (for reviews) backends enabled. This will provide a GUI for browsing the store and managing the snaps installed on the system.


@jdstrand @kenvandine
I have been trying to get my application approved for the public store. And it has gone for nearly a month without any final answer. At this point a solid “Yes” or “No” would be helpful.

i think @jdstrand’s answer was pretty clear, it is a “No” for the public store but a “Yes” if your app goes into a brand store in case you want to run it on a specifc set of (IoT) devices you own.

@jdstrand’s answer is in fact the same auto generated answer that I’ve got twice, before posting in the forum.
And I’m trying to answer the following part of it:

Therefore I don’t see it as:

Thank you for your response

Well, the problem is that this interface will effectively grant something similar to full root access to the host system for your app.

snapd-control allows you to connect interfaces, start and stop snap services etc etc, it gives full control over all snaps and all their security mechanisms, even if you only want to use snap list/install/remove in your app …

perhaps a new more restricted “snap-install-control” interface would be a good idea here to allow apps like yours in the public store.

This would also grant root, since one could install classic snaps.

Note that I, as a store reviewer, enforce the guidelines set out for snap declarations, but others may participate. These guidelines state that snaps like yours typically require a brand store since, like others have said, granting access in the public store would grant your snap device ownership of every system that has snapd and your snap installed. Part of the review process is determining the use cases the requester is trying to support, so I asked for more information to see if perhaps there was another recommendation beyond use of snapd-control could be made, but you need it for what it is designed for: to install arbitrary snaps. At this time I am denying the request for use of the snapd-control interface in the public store.

In addition to considering using a brand store, as @kenvandine mentioned, there are other opportunities to have a ‘non-Ubuntu’ snap store frontend, and you may want to collaborate with them on this work. If you feel this judgement is in error, you can request that an architect re-review the decision.

Thank you for your complete answer @jdstrand.
Part of my plan was to make the source code available through github. Will it help if I configure my snapcraft account to do the builds from my github account or is there any way to publish apps after reviewing their source code?
I know snapd-control sets off alarms because it is specific, but it’s not worst than using the classic confinement which is not rare.

classic snaps can not be installed on Ubuntu Core IoT devices, while confined snaps using the snapd-control interface can… your snap would be able to take over millions of routers, webcams, home automation systems etc etc … essentially every IoT device out there that uses the main store additionally to its brand store (or just the main store because no brand store exists).

Also, classic snaps require the user to explicitly acknowledge that they’re installing as such, where this request for access to, and auto connection of, snapd-control would not.

@ogra @lucyllewy Interesting points.
Then is it safe to say that I have a better chance of approval if I remove the “snapd-control” and publish with the “classic confinement”?
If that is the case, I will try it soon.

No; it is safe to say that classic confinement would be denied for a snap trying to use it to gain snapd-control.

1 Like