Thanks @ogra. This is working:
$ cat Dockerfile
FROM ubuntu:16.04
ENV container docker
ENV PATH /snap/bin:$PATH
ADD snap /usr/local/bin/snap
RUN apt-get update
RUN apt-get install -y snapd squashfuse fuse
RUN systemctl enable snapd
STOPSIGNAL SIGRTMIN+3
CMD [ "/sbin/init" ]
And:
$ cat snap
#!/bin/sh -e
while ! kill -0 $(pidof snapd) 2>/dev/null; do
echo "Waiting for snapd to start."
sleep 1
done
/usr/bin/snap $@
$ chmod +x snap
Now, build it:
$ docker build -t snapd .
Run it:
$ docker run --name=snapd -ti -d \
--tmpfs /run --tmpfs /run/lock --tmpfs /tmp \
--privileged \ # [1]
-v /lib/modules:/lib/modules:ro \ # [2]
snapd
And install some snaps:
$ docker exec -it snapd snap install emoj
$ docker exec -it snapd emoj success
✔ ✅ ☑ 📚 👌 🎓 💰
Notes:
-
Otherwise systemd complains about /sys not being writable when reloading udev rules (ConditionPathIsReadWrite=/sys was not met)
-
Otherwise strictly confined snaps fail to execute:
$ docker exec -it snapd emoj
cannot perform operation: mount --rbind /lib/modules /tmp/snap.rootfs_NCx2ET//lib/modules: No such file or directory