yeah I was aware of that. The question is more: my snap needs (read/write?) access to /this/path. Is there an interface that provides it? How do I find that interface?
you simply install the snappy-debug snap and run it alongside of your app, it will print interface suggestions for all DENIED messages that appear when your app tries to access the dirs …
…or you could clone the snapd source and grep through the interfaces/builtin directory, permitted filesystem locations are usually explicitly mentioned in the code or at least have a regex that starts with the toplevel dir:
Yes it is possible to get a store declaration to auto-connect ssh-keys - can you please provide some justification on why this is needed and in particular why auto-connect is appropriate?
So from the linked thread I can only see one user suggesting this - I wonder if it would be possible that when trying to use jhack for ssh, whether jhack could first detect if ssh-keys is connected via snapctl is-connected ssh-keys and if not then it could ask the user if they wish to connect it first?
Ah, sorry, missed the notification.
So what @alexmurray suggests could ‘work’, but
it complicates the implementation
jhack wraps effectively the local juju client, so the reasonable expectation is that it has all access that the juju snap has. Seeing juju ssh work, but jhack-generated ‘juju ssh’ commands fail is unexpected. Forcing users to go through one more step to provide that access seems unnecessary.