Request to allow connection to x11 slot of ubuntu-desktop-session snap

jamesh · March 1, 2023, 6:09am

This request is similar to my previous one related to the wayland and desktop interfaces. This time, I’d like to request the same permission for the snap’s x11 slot. I hadn’t requested it at that time, as we had some issues with the X11 support at the time. Those issues have since been resolved.

The rationale is basically the same as last time: the snap acts as the desktop session of the user on an graphical Ubuntu Core system. We’d like X11 application snaps to work out of the box on the system. The suggested snap-declaration should be similar to the existing wayland and desktop slots:

slots:
  x11:
    allow-installation: true
    allow-connection:
      on-classic: false
    allow-auto-connection:
      on-classic: false

The on-classic: false conditions prevent the slot from being treated as a connection candidate, should someone happen to install the snap on a non-Core system.

The current snap declaration includes a plug-snap-id condition for the slot. That should not be included in the new declaration, since we want to allow other snaps to connect to the slot. I think Alex added that to silence some automated review warnings, while keeping the slot locked down until we asked for a proper declaration.

alexmurray · March 1, 2023, 10:25am

+1 from me - this is expected given the snap is entirely designed to provide a desktop session on Ubuntu Core and hence an X server.

emitorino · March 7, 2023, 6:35pm

+1 from me as well for the requested auto connection to make x11 app snaps to work out of the box in the system as explained.

alexmurray · March 8, 2023, 4:43am

+2 votes for, 0 votes against, granting use of x11 slot for ubuntu-desktop-session. This is now live.

FYI the previous use of plug-snap-id was there to constrain the slot to only being able to be connected to by this same snap - this was a misconception on my part as I assumed it was to fit the usual use-case for Ubuntu Core where a snap ships Xwayland and would use say mir-kiosk as the Wayland server. So the snap in that case needs to both plug and slot x11 so it can use Xwayland but it should connect its plug to its own slot. Apologies.

jamesh · March 10, 2023, 3:13am

For future reference, we didn’t need this kind of self-connection because the base template AppArmor rules allow unrestricted communication over unix domain sockets between processes that are part of the same snap:

github.com

snapcore/snapd/blob/67e693bf50031903353aada0fbf57106ddc4f2f4/interfaces/apparmor/template.go#L387-L390


# Allow apps from the same package to communicate with each other via an
# abstract or anonymous socket
unix (bind, listen) addr="@snap.@{SNAP_INSTANCE_NAME}.**",
unix peer=(label=snap.@{SNAP_INSTANCE_NAME}.*),

Combined with the wayland interface permanent slot rules allowing the snap to create the listening socket, and we don’t need the self-connection to let Xwayland connect to gnome-shell as the wayland compositor. The reverse is also true in the x11 case with gnome-shell connecting to Xwayland to act as a window manager.