I like the idea of simplifying the desktop scripts and making things appear in more expected locations. I’m wary of the idea of making /run/user/$uid
read/write in apparmor, however. Could there be mileage in a half-way method of using the user-mount capability to expose the relevant sockets from their true locations (either another snap’s $XDG_RUNTIME_DIR
or the system $XDG_RUNTIME_DIR
depending on whether the plug is against $OTHER_SNAP_NAME:slot
or system:slot
) as proposed but making them appear at /run/user/$uid/snap.$SNAP_INSTANCE
and still overriding the $XDG_RUNTIME_DIR
to point at a snap-specific location?