Resolve absolute paths in snap

I am very new to snap application development.

I have a snap parts directory called secrets (which holds tls certificates for my application). squashfs on my snapped application reveals this (secrets) directory in the first level of squashfs-root directory. In the snap application, I have tried to access my tls certificates with $SNAP/secrets/* but failed 100% of the time.

What is the correct way to resolve absolute file paths within a snap?

Could you perhaps share your snapcraft.yaml?

1 Like
name: ventio 
version: '0.0.2'
summary: Single-line elevator pitch for your amazing snap
description: |
  You have a paragraph or two to tell the
  most important story about your snap. Keep it under 100 words though,
  we live in tweetspace and your description wants to look good in the snap

base: core18
grade: devel
confinement: devmode 

        plugin: python
        source: .
        requirements: ['requirements.txt']

        plugin: dump
        source: .


      command: bin/ventio
        PATH: $SNAP/usr/bin:$SNAP/bin/:$PATH
        PYTHONPATH: $SNAP/usr/lib/python3/site-packages:$SNAP/usr/local/lib/python3.6/dist-packages:$PYTHONPATH

it helps if you add three backticks ``` in the line above and below text you paste, that way the indentation stays intact and it becomes better readable for us …

1 Like

One thing that can help resolve such situations is to get a command-line shell in the snapped environment to poke around:

snap run --shell ventio

This will allow you to check, for example, ls $SNAP/secrets/* and gain a better understanding of what is happening with your application packaging.

1 Like

Inside the snap, ls $SNAP/secrets reveals my files. But then, would you suggest doing stuff like this:



I used the first, and I’m now imagining if the double quotes mess up the path resolution

You can try echo ${keyfile} and see what happens. :wink:

Gives nothing. ‘keyfile’ is not an env variable.

If I don’t know what keyfile is, or the context in which you are setting it, I don’t know how I can help.

It’s just a file that holds a TLS key for use in the app. It is located in the secrets dump as shown in the yaml file.

To access files within snap packages use $SNAP variable followed by the relative path of file.

Who is @johntk005 ?

His/her suggestions always seem offset or orthogonal to the discussion thread.

The fact is that you do not have read or write access to files inside your snap. But, if you’re packaging some extra files that you need to access later, the correct solution is to use layout in snapcraft.yaml : Snap layouts | Snapcraft documentation In my case,



       bind: $SNAP/secrets

With this, I could read my key file from /etc/termi/keyfilename

This makes it look as if the file is coming from outside the snap.

Thanks for your responses