Supported interfaces

Interfaces enable resources from one snap to be shared with another and with the system. The table below lists currently supported interfaces, with links to further details for each interface.

The following column names are used:

  • Interface is the syntactical interface name, as used by snaps.

  • Description is a brief overview of what the interface permits. Select the interface name to open the interface-specific page for a more detailed description on each interface.

  • Categories are used to split interfaces into broad types, and also to indicate what kind of access they permit. Video, graphics and audio are typical desktop requirements, for example, while VM, Container, Kernel and Developer imply more specific roles. The Ubuntu Core category is used to denote when an interface is intended for Ubuntu Core, and Super privileged is used when an interface requires extra security scrutiny. See Super-privileged interfaces for more information.

  • Auto-connect indicates that the interface will be connected by default when the snap is first installed, requiring no further user action. If Auto-connect=no, an interface can still be automatically connected if the snap developer has requested, and been granted, explicit permission. See Interface connection mechanism for details.


Interface Description Categories Auto-connect
account-control add/remove user accounts or change passwords System, Account no
accounts-service allows communication with the accounts service System, Account no
acrn allows access to user VMs using the ACRN hypervisor VM, Hypervisor, Developer no
adb-support allows operating as Android Debug Bridge service ADB, Developer no
allegro-vcu access the Allegro Video Core Unit Video, Graphics no
alsa play or record sound Audio, Media no
appstream-metadata allows access to AppStream metadata System, Developer, Manage software no
audio-playback allows audio playback via supporting services Audio, Media, Playback yes
audio-record allows audio recording via supported services Audio, Media, Record no
autopilot-introspection be controlled by Autopilot software System, Developer no
avahi-control advertise services over the local network Network, Local network, Nearby devices no
avahi-observe detect services and devices over the local network Network, Local network, Nearby devices no
block-devices access to disk block devices Super privileged, Storage, Low level no
bluetooth-control access Bluetooth hardware directly Network, Bluetooth, Nearby devices no
bluez use Bluetooth devices Network, Bluetooth, Nearby devices no
bool-file allows access to specific file with bool semantics System, Low level, Privileged no
broadcom-asic-control control Broadcom network switches Network, System no
browser-support use functions essential for Web browsers Browser, Network no when allow-sandbox: true, yes otherwise
calendar-services allows communication with Evolution Data Server calendar Personal data, Contacts and calendar no
camera use your camera or webcam Camera, Media, Personal data no
can-bus allows access to the CAN bus System, Developer no
cifs-mount allows the mounting and unmounting of CIFS filesystems Network,Storage no
classic-support enable resource access to classic snap Super privileged, Ubuntu Core no
contacts-service allows communication with the Evolution Data Server address book Personal data, Contacts and calendar no
content access resources across snaps Storage, Files, Attributes yes for snaps from same publisher, no otherwise
core-support deprecated since snap 2.34 System, Other no
cpu-control set certain CPU values System, Developer no
cups access to the CUPS socket for printing Printing not applicable
cups-control print documents Printing no
custom-device permits access to a specific class of device Super privileged, Ubuntu Core no
daemon-notify allows sending daemon status changes to service manager System, Developer no
dbus allow snaps to communicate over D-Bus System, Developer no
dcdbas-control shut down or restart Dell devices Developer no
desktop provides access to common desktop elements Desktop yes
desktop-launch identify and launch desktop apps from other snaps Super privileged, Desktop no
desktop-legacy enables the use of legacy desktop methods (including input method and accessibility services) Desktop yes
device-buttons use any device-buttons Hardware, Developer no
display-control allows configuring display parameters Display, Graphics no
dm-crypt access encrypted storage devices Super privileged, Ubuntu Core, Storage no
docker start, stop, or manage Docker containers Super privileged, Containers no
docker-support allows operating as the Docker daemon Super privileged, Containers no
dsp enables the control of digital signal processors (DSPs) Hardware, Developer no
dummy renamed to empty interface System, Other no
dvb allows access to all DVB devices and APIs Hardware, Developer, Media no
empty allows testing without additional permissions System, Other no
firewall-control configure a network firewall Network no
fpga permits access to an FPGA subsystem Hardware, Developer no
framebuffer access to universal framebuffer devices Hardware, Developer no
fuse-support enables access to the FUSE filesystems Storage no
fwupd allows operating as the fwupd service System, Security, Firmware no
gconf access the legacy GConf config system System, Developer, Settings no
gpg-keys read GPG user configuration and keys GPG, Personal data, Security no
gpg-public-keys read GPG non-sensitive configuration and public keys GPG, Personal data, Security no
gpio access specific GPIO pins GPIO, Hardware, Developer no
gpio-control allows to export/unexport and control all GPIOs Super privileged, GPIO no
gpio-memory-control allows write access to all GPIO memory GPIO, Hardware, Developer no
greengrass-support allows operating as the Greengrass service Super privileged, Edge, AWS, Discrete no
gsettings provides access to any GSettings item for current user System, Developer, Settings yes
hardware-observe access hardware information System, Hardware no
hardware-random-control provide entropy to hardware random number generator System, Hardware no
hardware-random-observe use hardware-generated random numbers System, Hardware no
hidraw access hidraw devices System no
home access non-hidden files in the home directory Storage, Personal data yes on classic (traditional distributions), no otherwise
hostname-control allows configuring the system hostname Network no
hugepages-control control HugePages memory blocks System, Memory, Kernel no
i2c access iĀ²c devices System, Hardware no
iio access IIO devices System, Hardware no
intel-mei access to the Intel MEI management interface System, Firmware no
intel-qat provides permissions for Intel QAT devices Hardware no
io-ports-control allows access to all I/O ports System, no
ion-memory-control access Androidā€™s ION memory allocator Super privileged, System no
jack1 allows interaction with the JACK audio connection server Audio, Media no
joystick use any connected joystick Hardware, Developer no
juju-client-observe read the Juju client configuration Developer, Discrete no
kernel-crypto-api read and manage kernel supported crypto ciphers System, Kernel, Security no
kernel-firmware-control permits a custom kernel firmware search path Super privileged no
kernel-module-control insert, remove and query kernel modules Super privileged, System, Kernel no
kernel-module-load load, or deny loading, specific kernel modules Super privileged, System, Kernel no
kernel-module-observe query kernel modules System, Kernel no
kubernetes-support use functions essential for Kubernetes Super privileged, Hypervisor, Discrete no
kvm allows access to the kvm device VM, Hypervisor, Developer no
libvirt provides access to the libvirt service VM, Hypervisor, Developer no
locale-control change system language and region settings Language and region, Personalisation no
location-control allows operating as the location service Location no
location-observe access your location Location no
log-observe read system logs System, Developer no
login-session-control allows setup of login sessions and grants privileged access to user sessions System, Security no
login-session-observe allows reading login and session information System, Security no
lxd provides access to the LXD socket Super privileged, Container, Discrete no
lxd-support allows operating as the LXD service Super privileged, Container, Discrete no
maliit use an on-screen keyboard Developer no
media-control access media control devices and Video4Linux (V4L) devices Hardware, Developer, Media, Video no
media-hub access snaps providing the media-hub interface Developer, Media yes
microceph permits access to the MicroCeph socket, which is used internally by the microceph snap Super privileged, Container no
microceph-support permits the microceph snap to operate as the MicroCeph service Super privileged, Container no
microovn used only by the MicroOVN snap for socket access Network, Super privileged no
microstack-support multiple service access to the Microstack infrastructure Super privileged, Container, Discrete no
mir enables access to the Mir display service Display yes
modem-manager use and configure modems Network no
mount-control mount and unmount transient and persistent filesystem mount points Super privileged, Storage no
mount-observe read mount table and quota information Storage no
mpris media key control of music and video players Sound no
multipass-support multipass-support allows operating as the Multipass service Super privileged, VM, Discrete no
netlink-audit allows access to kernel audit system through Netlink Inter-process communication (IPC), Netlink, Developer no
netlink-connector communicate through the kernel Netlink connector Inter-process communication (IPC), Netlink, Developer no
netlink-driver operate a kernel driver module exposed via Netlink Inter-process communication (IPC), Netlink, Developer no
network enables network access Network yes
network-bind operate as a network service Network yes
network-control change low-level network settings Network no
network-manager configure and observe networking via NetworkManager Network no
network-manager-observe allows observing NetworkManager settings Network no
network-observe query network status information Network no
network-setup-control change network settings via Netplan Network no
network-setup-observe read network settings Network no
network-status access the NetworkStatus service Network yes
nfs-mount allows the mounting and unmounting of Network File System mount points Network, Service no
nomad-support enableā€™s HashiCorpā€™s Nomad to access CPU and memory management System, Containers, Service no
nvidia-drivers-support internally used NVIDIA access Super privileged, Ubuntu Core no
ofono allows operating as the oFono service Network, Discrete, Developer no
online-accounts-service access to the Online Accounts service Service, Developer yes
opengl access OpenGL/GPU hardware Display, Graphics yes
openvswitch control Open vSwitch hardware Network, Service, Developer no
openvswitch-support enables kernel support for Open vSwitch Network, Service, Developer no
optical-drive read/write access to CD/DVD drives Storage, Hardware, Developer yes, unless drive can write
packagekit-control control the PackageKit service Super privileged, Packaging no
password-manager-service read, add, change, or remove saved passwords System, Security no
pcscd permits communication with PCSD smart card daemon Security no
personal-files read or write files in the userā€™s home directory Super privileged, Personal data, Attributes no
physical-memory-control read and write memory used by any process System, Memory, Kernel no
physical-memory-observe read memory used by any process System, Memory, Kernel no
pkcs11 enables the cryptographic token interface standard to be used Security, Super privileged no
polkit access to the polkit authorisation manager Security, System, Super privileged no
polkit-agent permits applications to register as polkit agents Security, System, Super privileged no
posix-mq enables inter-process communication (IPC) messages Super privileged, IPC no by default, yes with snaps from the same publisher
power-control read and write system power settings System, Power no
ppp access to configure and observe PPP networking Network no
process-control pause or end any process on the system System no
ptp access to the Precision Time Protocol subsystem System, Developer no
pulseaudio play and record sound Audio, Media no
pwm access specific PWM channels System, Developer, Hardware, WIP no
qualcomm-ipc-router access Qualcomm IPC router sockets IPC, Kernel, System no
raw-input access raw input devices directly System, Developer, Hardware no
raw-usb access USB hardware directly System, Developer, Hardware no
raw-volume access specific disk partitions Storage no
remoteproc interact with the kernelā€™s Remote Processor Framework Super privileged no
ros-opt-data read-only access to ROS directories Storage no
removable-media read/write files on removable storage devices Storage no
screencast-legacy allows screen recording and audio recording alongside writing to arbitrary filesystem paths Legacy no
screen-inhibit-control prevent screen sleep, lock and screensaver Display yes
scsi-generic read and write access to SCSI Generic driver devices Storage, Super privileged no
sd-control control SD cards on specific devices Super privileged, Storage no
serial-port access serial port hardware System, Developer, Hardware no
shared-memory enables two snaps to access the same shared memory Super privileged, IPC no by default, yes with snaps from the same publisher
shutdown restart or power off the device Super privileged, System, Power no
snap_interfaces_requests_control enables the prompting API and its access to prompting-related notice types System no
snap-refresh-control permits bespoke snap refresh control Super privileged, Packaging no
snap-refresh-observe enables the tracking of snap refreshes Super privileged, Packaging no
snapd-control install or remove software Super privileged, Packaging no
spi access specific SPI devices System, Developer, Hardware no
ssh-keys access SSH private and public keys Security no
ssh-public-keys access SSH public keys Security no
steam-support allows the Steam snap to access pressure-vessel containers Super privileged, Discrete no
storage-framework-service operate as, or interact with, the Storage Framework Storage no
system-backup read-only access to the system for backups Storage no
system-files read or write files in the system Super privileged, Storage, Attributes no
system-observe read process and system information Monitoring, System no
system-packages-doc access system documentation in /usr/share/doc Developer no
system-source-code access kernel source and headers in /usr/src Developer no
system-trace monitor or control any running program Monitoring, System no
tee permits access to the Trusted Execution Environment Super privileged, Security, Ubuntu Core no
thumbnailer-service create thumbnail images from local media files Storage, Media no
time-control change the date and time Time no
timeserver-control change time server settings Time no
timezone-control change the time zone Time no
tpm allows access to the Trusted Platform Module device Kernel, Security no
u2f-devices use any U2F devices Security, Hardware, Developer no
ubuntu-download-manager use the Ubuntu Download Manager System, Developer, Manage software yes
udisks2 access the UDisks2 service Storage no
uhid create kernel UID devices from user-space Hardware, Kernel, System no
uinput allows write access to /dev/uinput Super privileged, Hardware no
uio access uio devices Hardware, System no
unity7 access legacy desktop resources from Unity7 Display yes
unity8 share data with other Unity 8 apps Display, Super privileged yes
unity8-calendar read/change shared calendar events in Ubuntu Unity 8 Personal data no
unity8-contacts read/change shared contacts in Ubuntu Unity 8 Personal data no
upower-observe access battery level and power usage System, Power yes
userns permits a snap to create a new namespace Super privileged no
vcio access a Raspberry Piā€™s VideoCore multimedia processor Video, Graphics, Ubuntu Core no
wayland access compositors providing the Wayland protocol Display yes
x11 monitor mouse/keyboard input and graphics output of other apps Display yes
xilinx_dma allows access to Xilinx DMA IP from a connected PCIe card Ubuntu Core, Super privileged no
4 Likes

I really donā€™t like the nomenclature of calling an interface ā€œtransitionalā€ when there is no clear transition occurring. Can we explain for each transitional interface what the transition is and why it is happening, please?

For example why is x11 in a transition? what is it transitioning to? where is it transitioning from? is it going to stop working in some future time?

If the transitional interfaces arenā€™t actually changing then I posit that ā€œtransitionalā€ is the wrong name. Please choose a better one that is actually indicative of what the state is.

1 Like

The old page (is it gone now? /me canā€™t find it) used to list when an interface was introduced. This isnā€™t usually useful except the case where it is committed to trunk but not yet in stable and you want to say when it will be available. Should we no longer worry about when an interface was introduced? If we should, should it be in the interface-specific page?

I think youā€™re right about the use of transitional, and itā€™s also a waste of space here when so few interfaces require it to be flagged - Iā€™ll remove it from the table. We can hopefully better describe the ramifications of a specific interface being transitional on a specific interfaceā€™s own page.

1 Like

I was going to port this information to the interface-specific pages, but it might be a good idea to add this to the table if you think itā€™s going to be useful?

An additional description/summary column would be helpful, which gives packagers a clue what an interface does without dive into its page.

Shouldnā€™t every user uses the latest release of snapd? A ā€œ(not yet released)ā€ notice in the interface name field should sufficeā€¦?

I think this is a good idea. It may take some work getting something small enough to not make the table confusing, but Iā€™ll work on it as I go through the separate pages for each interface.

1 Like

The interface specific page is fine IMO.

1 Like

FYI, @mpt went through this exercise with the descriptions that gnome-software exposes.

1 Like

With help from @jdstrand and others, I got as far as user-facing descriptions for 127 of 208 interfaces.

(That work is on hiatus until anyone has time to implement the runtime permission prompts or the post-install permissions UI in which those descriptions would appear.)

1 Like

Thank you! Thatā€™s going to be really useful.

An interface page template would be helpful. Also, the underlying topics should all be converted into wiki.

The template is currently very simple:

Interface name: foo

Auto-connect: no

Attributes: if any

Transitional: only if yes

Description:

Requires snapd version foo.bar+.

ā“˜ This is a snap interface. See Interface management and Supported interfaces for further details on how interfaces are used.

And yes, Iā€™m making them wiki when I remember to!

1 Like

A Linux Kconfig style of connection hint is also helpful:

If <condition>, then connect; if in doubt, don't connect etc.

UPDATE: Refer the The unity7 interface topic for a reference design.

1 Like

We could of course add more insight as to why it is transitional, but I think the word is accurate-- it is transitional because the interface is known to have problems and while we donā€™t know how to solve them now in the general case, we know it isnā€™t what we want and in the future we want something better.

For the specific case of x11, it is transitional because the X protocol has many security issues. The future is wayland, but it isnā€™t ready yet so X isnā€™t going away anytime soon. Will x11 ever be completely removed? Doubtful (at least not for many years), but we would probably not auto-connect at some point (but that point is not defined).

1 Like

Here is an article with some insights: mjg59 | Circumventing Ubuntu Snap confinement

Warning: Potentially offensive/biased opinion included.

What Iā€™m missing on this page is an explanation of how to make your snap use these interfaces. (adding the interface as a plug to your app)

1 Like

ā€œmonitor mouse/keyboard input and graphics output of other appsā€ does connecting to X11 interface allows to monitor other apps inputs or disconnecting does? iā€™m confused because another place in documents says you ā€œshouldā€ allow this if it is a GUI app but when i disconnect all GUI apps works also WTF?

I disconnected all of them and my machine become lightweight so i guess answer is there.

@Ebuzer - on any system, connected to the X server allows the application to eavedrop and inject input events. This is a flaw in the design of the X window system. On a system that supports full confinement, when the x11 snapd interface is connected, applications are allowed to connect to the X server and when the interface is disconnected, the applications cannot. The doc for desktop applications still recommends that snaps plug the x11 interface because far too many people still rely on X (though a lot of progress has been made with wayland; someday weā€™ll be able to deprecate x11, but that wonā€™t be for a while still).

On the system where you disconnected the interface and it still worked, it may have been a system that doesnā€™t support full strict mode, it was a devmode snap, it was using wayland or mir, or possibly was running and already had the socket open to the X server after the snapd interface was disconnected (though I would expect that application to fail at some point).

1 Like