Request: system-backup auto-connection for zffanalyze

ph0llux · July 17, 2022, 7:49pm

zffanalyze is a tool for analyzing files in the forensic file format Zff. Since such forensic dumps are usually created with privileged rights (mostly by reading out /dev/xxx-devices), such zff containers are often stored outside of their own /home in practice.

To be able to analyze such files, which can also be located somewhere else in the file system (using zffanalyze), read-only access to those is required. This should be fulfilled with an auto-connection for system-backup. The project itself is open source, you can check for yourself that not a single io::Write operation is performed, only io::Read operations.

I therefore request system-backup auto-connection for the snap zffanalyze.

emitorino · July 20, 2022, 7:37pm

Hey @ph0llux,

I did a quick check of the code in https://github.com/ph0llux/zffanalyze and I did not find any reference to /var/lib/snapd/hostfs (which is the location where the entire host filesystem is mounted via system-backup). Is this correct?

I apologize if I am misunderstanding how zffanalyze works, I am just trying to see how the snap is trying to analyze zff files.

ph0llux · July 21, 2022, 7:25am

Hello @emitorino,

I’m the one who has to apologize here - I had assumed in the system-backup interface that I would get read access to files in hostfs - but had probably misunderstood that this has to be done via /var/lib/snapd/hostfs. I ask for your forgiveness, this is my first snap for which I request interface connection

I extended my code accordingly and wrote a small patch that sets the prefix of the inputfiles to /var/lib/snapd/hostfs when building a snap (the patch is used in snapcraft.yaml from the snap folder. The code to concatenate the paths is in src/bin/lib/mod.rs or src/bin/lib/constants.rs).

I will think of a more elegant solution in the future, but this one works just fine for now.

Thanks for your answer.

alexmurray · July 28, 2022, 8:33am

+1 from me for use of and auto-connect of system-backup for zffanalyze.

rayveldkamp · August 5, 2022, 5:43am

+1 from me too for auto-connect of the system-backup interface, given that this application only performs read operations, and this is required for usability.

pfsmorigo · August 11, 2022, 5:21pm

2 votes for, 0 votes against, granting auto-connect of system-backup to zffanalyze. This is now live.