Hello, I’m learning how packaging of snap applications is done and I’ve been going through the process of packaging the CLI portion of my tracex-parser Python library.
The CLI program parse-trx needs read-only local file access in order to do its job - parsing ThreadX trace files into a human friendly format. To do this I’ve leveraged the system-files interface with read access to /home and /media (two places where a user might put ThreadX trace files): https://github.com/julianneswinoga/tracex_parser/blob/js/add-snap-build/snap/snapcraft.yaml#L30. Ideally I could allow read access to /tmp and /opt as well but I don’t believe that is currently possible with snaps.
So in order to publish my snap (tracex-parser) I require this human review: human review required due to 'allow-installation' constraint (bool)
You do not need system-files here, the home and removable-media interfaces grant you access to /home and /media… that way your snap will not go into manual review…
Thank you for the reply! Since I only need read access though, is there a way to lock down the home and removable-media interfaces to not default to rw?
For awareness, the removable-media interface is considered sensitive, which means not only does it’s use require specific permission from the reviewers team here, but also that the publisher be vetted. There are some guidelines on the process for auto-connections page (search for removable-media).
The home interface of course is auto-connected once you plug that, but typically removable-media remains a manual connection unless the criteria linked above are satisfied (I mention this especially because you mention you’re just learning how to package snaps).
Hey @julesinspaaace , I see that tracex-parser has passed the automatic review and does not need manual review anymore. Therefore, I’ll go ahead and remove this request from our reviewing queue. Please let us know in case you need further assistance. Thanks.
