Request to allow classic confinement on the fzf-slowday snap

Fzf is a general purpose command line fuzzy finder - you pipe a list of data in and it presents a curses interface which allows you to fuzzy search and select, then returns the results to stdout.

If fzf is invoked on its own (without piping data in) it will attempt to invoke either a hardcoded find command or the contents of the $FZF_DEFAULT_COMMAND envar.

This will fail if using strict confinement in the snap, fzf will run but the search window will not be populated.

The vim plugin for fzf will also fail to return results as it relies on fzf directly spawning the command to return search data.

Fzf is a general purpose command line tool, its functionality is enhanced when it has access to shell environment variables, the ability to spawn other processes and access to all locations on the filesystem.

IMHO it is not well suited to the strict confinement model.

Sorry for the delay on your request. Reading the request, it seems like the snap could ship its own find command if the system one doesn’t work for you (but the system find is available to the snap). It seems like the vim plugin could be modified to execute /snap/fzf and the snap could ship this .vim file with instructions on where to put it.

If the above doesn’t help address the issues, can you comment and gives security policy violations (eg from journalctl)?