Request review for auto connections for interfaces -Personal files, System files & Hardware observe for MqttDesk snap

@emitorino Iam sorry for that.
Let me explain it again.

there is issue when we read & write $HOME/.local/share/data/bconf/data.conf
so we are trying to drop the dot files access for snap.

We need help into the right absolute path for HOME -plug interface where we can keep the file and read & write from that directory path. As we are trying to access the multiple different paths but getting no permission to write access errors .

Can you please suggest the right absolute path which does have write access to home -plug?

The personal-files doc have some examples about it. Did you take a look? So you should have something like:

plugs:
  dot-local-share-data-bconf-data-conf:
    interface: personal-files
    write:
    - $HOME/.local/share/data/bconf/data.conf

Otherwise, share your snapcraft declaration and we can review it.

Actually , we have succeeded in that for the dot files plug interface, but issues is that we are using one more file into same directory for licencing usage and we have to include that file too with personal-file plug interface. We have tried snappy-debug too and received the same information .

Atlast we would upload the snap in few minutes again for review.

@emitorino
Uploaded new version with review requested.
Iam hereby requesting review for Strict - confinement with below requesitions for interfaces.

Personal files - Auto connection/ read-write

1. dot-local-share-bconf
   $HOME/.local/share/data/bconf
2. dot-local-share-temp
   $HOME/.local/share/data/bconf_temp

System files - Auto connections/read
1./sys/devices/virtual/dmi/id/bios_vendor
2./sys/devices/virtual/dmi/id/product_serial
3./sys/devices/virtual/dmi/id/product_name

Hardware observe- Auto connections/read

Please review them.

base: core18
grade: stable
confinement: strict
plugs:
gnome-3-28-1804:
interface: content
target: $SNAP/gnome-platform
default-provider: gnome-3-28-1804
gtk-3-themes:
interface: content
target: $SNAP/data-dir/themes
default-provider: gtk-common-themes
icon-themes:
interface: content
target: $SNAP/data-dir/icons
default-provider: gtk-common-themes
sound-themes:
interface: content
target: $SNAP/data-dir/sounds
default-provider: gtk-common-themes
dot-local-share-bconf:
interface: personal-files
write:
- $HOME/.local/share/data/bconf/data.conf
dot-local-bconf-temp:
interface: personal-files
write:
- $HOME/.local/share/data/bconf/data.conf_temp
read-sys-devices-virtual-dmi-id-bios-vendor:
interface: system-files
read:
- /sys/devices/virtual/dmi/id/bios_vendor
read-sys-devices-virtual-dmi-id-product-serial:
interface: system-files
read:
- /sys/devices/virtual/dmi/id/product_serial
read-sys-devices-virtual-dmi-id-product-name:
interface: system-files
read:
- /sys/devices/virtual/dmi/id/product_name
name: mqttdesk
version: 2.1.0
title: MqttDesk
summary: MqttDesk
description: MqttDesk
architectures:

• amd64
  apps:
  mqttdesk:
  command: command.sh
  plugs:
  • desktop
  • desktop-legacy
  • home
  • x11
  • wayland
  • unity7
  • browser-support
  • network
  • gsettings
  • audio-playback
  • pulseaudio
  • opengl
  • hardware-observe
  • dot-local-share-bconf
  • dot-local-bconf-temp
  • read-sys-devices-virtual-dmi-id-bios-vendor
  • read-sys-devices-virtual-dmi-id-product-serial
  • read-sys-devices-virtual-dmi-id-product-name
    environment:
    DISABLE_WAYLAND: ‘1’

Please review the manifest too.
Thanks in advance.

Hi @newbee_snap - so there are a couple simplifications I think you can make - for the personal-files instance, you could just declare a single write location of the directory as follows:

 dot-local-share-data-bconf:
    interface: personal-files
    write:
      - $HOME/.local/share/data/bconf

Which will then allow you to write whichever files you require within this directory as in this case.

However, as mqttdesk is not the clear owner of this path (ie there is no mqttdesk path component here) +1 from me for use of this personal-files instance as I have declared it above, BUT not for auto-connect of this. If instead this could be located within a path such as ~/.local/share/mqttdesk/data/bconf or similar then I think it would be appropriate for this to be auto-connected.

Regarding the system-files instances, +1 from me for auto-connect and use of these paths for mqttdesk.

Can you please update the snap yaml to make this change to combine the two personal-files instances down to a single one as above? And can other @reviewers please vote too? Thanks.

@alexmurray
Thanks , I will change the files to directory write- personal-files interface.

Agreed on your comments.

@alexmurray
@reviewers

Please find the below updated snap yaml & we have dropped the request for personal-files, so we dont need personal-files permission.
We need below interface requested for snap. Please review them .

System files & Hardware-observe- Auto connections/read
1./sys/devices/virtual/dmi/id/bios_vendor
2./sys/devices/virtual/dmi/id/product_serial
3./sys/devices/virtual/dmi/id/product_name
4.Hardware observe- Auto connections/read

Below is the yaml file for review…

grade: stable
confinement: strict
plugs:
  gnome-3-28-1804:
    interface: content
    target: $SNAP/gnome-platform
    default-provider: gnome-3-28-1804
  gtk-3-themes:
    interface: content
    target: $SNAP/data-dir/themes
    default-provider: gtk-common-themes
  icon-themes:
    interface: content
    target: $SNAP/data-dir/icons
    default-provider: gtk-common-themes
  sound-themes:
    interface: content
    target: $SNAP/data-dir/sounds
    default-provider: gtk-common-themes
  read-sys-devices-virtual-dmi-id-bios-vendor:
    interface: system-files
    read:
      - /sys/devices/virtual/dmi/id/bios_vendor
  read-sys-devices-virtual-dmi-id-product-serial:
    interface: system-files
    read:
      - /sys/devices/virtual/dmi/id/product_serial
  read-sys-devices-virtual-dmi-id-product-name:
    interface: system-files
    read:
      - /sys/devices/virtual/dmi/id/product_name
name: mqttdesk
version: 2.1.0
title: MqttDesk
summary: MqttDesk
description: MqttDesk
architectures:
  - amd64
apps:
  mqttdesk:
    command: command.sh
    plugs:
      - desktop
      - desktop-legacy
      - home
      - x11
      - wayland
      - unity7
      - browser-support
      - network
      - gsettings
      - audio-playback
      - pulseaudio
      - opengl
      - hardware-observe
      - read-sys-devices-virtual-dmi-id-bios-vendor
      - read-sys-devices-virtual-dmi-id-product-serial
      - read-sys-devices-virtual-dmi-id-product-name
    environment:
      DISABLE_WAYLAND: '1

@reviewers

Can please someone look into this?

Thanks

@newbee_snap sorry for all the back-and-forth - can you please just make one more adjustment? Please remove the read- prefix on the names for these system-files instances?

Once this is done, +1 from me for use-of and auto-connect of these 3 system-files instances, plus auto-connect of hardware-observe as well for mqttdesk.

@alexmurray
Thanks
But after removing ‘read prefix’ , I cant make system files plug and the code is not working even after that.

Are you asking to change this ‘read’ prefix or the above one which is used to define the slot?

@alexmurray

Please find the below changed .yaml file.

base: core18
grade: stable
confinement: strict
plugs:
  gnome-3-28-1804:
    interface: content
    target: $SNAP/gnome-platform
    default-provider: gnome-3-28-1804
  gtk-3-themes:
    interface: content
    target: $SNAP/data-dir/themes
    default-provider: gtk-common-themes
  icon-themes:
    interface: content
    target: $SNAP/data-dir/icons
    default-provider: gtk-common-themes
  sound-themes:
    interface: content
    target: $SNAP/data-dir/sounds
    default-provider: gtk-common-themes
  sys-devices-virtual-dmi-id-bios-vendor:
    interface: system-files
    read:
      - /sys/devices/virtual/dmi/id/bios_vendor
  sys-devices-virtual-dmi-id-product-serial:
    interface: system-files
    read:
      - /sys/devices/virtual/dmi/id/product_serial
  sys-devices-virtual-dmi-id-product-name:
    interface: system-files
    read:
      - /sys/devices/virtual/dmi/id/product_name
name: mqttdesk
version: 2.1.0
title: MqttDesk
summary: MqttDesk
description: MqttDesk
architectures:
  - amd64
apps:
  mqttdesk:
    command: command.sh
    plugs:
      - desktop
      - desktop-legacy
      - home
      - x11
      - wayland
      - unity7
      - browser-support
      - network
      - gsettings
      - audio-playback
      - pulseaudio
      - opengl
      - hardware-observe
      - sys-devices-virtual-dmi-id-bios-vendor
      - sys-devices-virtual-dmi-id-product-serial
      - sys-devices-virtual-dmi-id-product-name
    environment:
      DISABLE_WAYLAND: '1'

@emitorino
@alexmurray
@reviewers

Can anyone please look into it for approval?
Iam struggling to get approve for store for many days. I know there may be many request for reviews and permissions.
Please look into this.

Thanks in advance.

Hey @newbee_snap,

Apologize for the delay. I went ahead and checked your snap latest revision, and I dont see what’s being discussed here already applied. Can you please upload a new revision, including all changes requested so we can move fw with granting the accesses required?

My votes for the process are: +1 for use of the personal-files interface (but not for auto-connect since the snap is not the clear owner of such dir).+1 for use and auto-connect of the 3 system-files instances requested. +1 for auto-connect of hardware-observe

App upload has been done and as discussed above to @alexmurray that personal files interface has been dropped and only system-files 3 instances & hardware-observe has been used and need to allow for those only. Thanks

+2 votes for auto-connect of hardware-observe and the 3 system-files instances as above, 0 votes against. This is now live.

@alexmurray
@emitorino

Thanks for your time and approvals.