Set system-proxy from custom SNAP service


we are building a simple network-configuration UI/restapi for a customer. Our service configures the network interfaces via the NetworkManager.

How can we set a system-wide proxy which also is used by snapd (for snap-store installations/upgrades)?

We must set it via our daemon: simple service running inside a SNAP package. Setting it manually as root is not an option.

Best regards

I fear that currently only works via snapd-control … which in turn would force you into using a brand store (snapd-control is generally denied in the public store) to be able to call the right snap set commands …

I wonder if splitting out a separate interface that allows access to such settings to not require snapd-control wouldnt make sense here …

Thanks for the quick answer, our customer has a brand-store, so this should be fine then.

1 Like

Now one more question: What is the best way to read these system proxy settings in a different snap?

I realized that by default the snaps do not have the environment variables from /etc/environment set. My experiments with the (still undocumented) “environment:” snapcraft.yaml section also weren’t successful.

As a workaround I do the following now in the wrapper script inside the snap which needs to read the proxy settings, but is there a better way?

for i in $(grep "proxy" /etc/environment); do export $i; done

@ogra how can I set the proxy inside my snap with snapd-control interface?

I used a snap set core proxy.http="http://foo:1234"commandline call in my snap in devmode which worked like a charm, but in strict mode I get always:
/usr/bin/snap: Permission denied

 AppArmor =
Time: Aug 24 11:27:16
Log: apparmor="DENIED" operation="exec" profile="snap.mysnap.mysnap-service" name="/usr/bin/snap" pid=13540 comm="mysnap" requested_mask="x" denied_mask="x" fsuid=0 ouid=0

The interface seems to be connected correctly:

root@localhost:~# snap interfaces -i snapd-control
Slot            Plug
:snapd-control  mysnap

I think you need to use the REST API: