We have a snap that exposes a gRPC server over a Unix socket so other snaps can call it. We provide this API through a content interface like the content interface doc talks about. However, just using this interface is not enough - it fails to bind. We don’t want to use network-bind interface for this because this implies that the snap could expose something on an ethernet interface - which we don’t want to do from a mandatory access control policy point of view.
Is there a better interface that just allows bind? If not, should one be added? Or perhaps a specific unix socket interface that is like a content interface but adds binding?
.