Snap arm64 on linuxondex


#1

I see one can build in the snapcraft build cloud for arm64 without arm64 hardware. Are those snaps compatible with Samsung’s Linux On Dex?


#2

According to the web site’s description, I see no reason why it isn’t compatible.

UPDATE: As ijohnson mentioned the kernel support might be a problem.


#3

You may run into difficulties with confinement due to the additional SELinux component from Android, I’m not sure how compatible snapd is these days with SELinux in general, or with the version from Android which AIUI is slightly different than other Linux OS’s.


#4

Last time I checked Matthew Garrett started a discussion about providing confinement via SELinux on platforms where SELinux is available instead of AppArmor.

On the implementation side this would require snapd to generate policies using more sophisticated methods, i.e abstracting policy generation away while - where simple template-based string insertion is used now - describing interfaces (user-visible) which are already very abstract through even more abstract means (internally).

Additionally, if it’s possible to have hierarchy-based implications within SELinux policies (context/label x implies y as y being a subset of x) then the path-based nature of AppArmor could indeed be mapped onto SELinux policies.