Should you be able to call `getifaddrs()` without `network-observe` permission?

We have seen that a test NodeJs simple snap daemon is able to call os.networkInterfaces() without any special app permissions. os.networkInterfaces() calls getifaddrs() ( under the covers.

Is this expected? You can’t get the MAC address through sysfs unless you have network-observe so it seems strange that it would work with other methods.

I’ve seen some other forum posts where posters were seeing the call fail when the snap didn’t have permissions but that was a few years ago:

1 Like

Ignore. It looks like you do need network-observe which I’m glad to see. Sorry for the noise.

Actually, it turns out that if you have network, you do have access to getifaddrs but not to /sys/class/net/*/address. Should this be consistent?

Just to provide context, we have a custom Ubuntu Core device and looking for a unique device identifier to send logs up to a cloud service. So we need network anyways but we’d found that we don’t get any entries until the network interface has an IP address. Not so good when the first thing our snaps do is get the unique identifier to start logging (which are buffered until network is available). Using sysfs allows us to get MAC address sooner but then needs the extra network-observe connection which seems like overkill.