Installation, connection and auto-connection are different and the base declaration is where different constraints are defined. For example, by default snaps from the store:
- are not allowed to
plugs: [ snapd-control ] - are allowed to
plugs: [ network-manager ], but the interface must be manually connected after installation - are allowed to
plugs: [ network ]and the interface is automatically connected at install time
In addition to the base declaration, the store may include in the snap declaration constraints for installation, connection and auto-connection constraints for this particular snap that snapd should apply. For example, a snap declaration is issued for the snapweb snap to allow it to be installable with plugs: [ snapd-control ] and to auto-connect snapd-control at installation, thus overriding the base declaration. A snap declaration may allow or deny any constraints from the base declaration.
When installing unasserted snaps with --dangerous, snapd will consider the base declaration but it will make different decisions (for example, you may always install a snap that plugs: [ snapd-control ] when supplying --dangerous but the interface will not be auto-connected). --dangerous is very useful for development of snaps and interfaces, but you don’t want to install randomly downloaded snaps with --dangerous.
What constraints are included in the base declaration and why are discussed in the code review for the interface. What is included in snap declarations is handled by our store processes.
For interfaces, in general it is easiest to look at https://github.com/snapcore/snapd/wiki/Interfaces or https://snapcraft.io/docs/reference/interfaces since they will list whether or not a snap is auto-connected.
For individual snaps, today you can:
$ snap download foo # downloads foo_<version>.snap and foo_<version>.assert
$ unsquashfs ./foo_<version>.snap meta/snap.yaml # extract the snap.yaml
$ cat ./squashfs-root/meta/snap.yaml # examine the snap.yaml
$ cat ./foo_*.assert # examine any snap declaration constraints
Other links you may find helpful when understanding interfaces: