@wgrant That’s exactly the sort of reason why we should be using containers for builds. The comments above talk about not using root inside the sandbox, and that’s what the quoted comment was about.
As a tangential comment, the plan is to use persistent containers per project for continuous development locally (hidden behind a feature flag today SNAPCRAFT_CONTAINER_BUILD). Furthermore, specifically on build.snapcraft.io, support for build-snap as an entry is forcing a move of launchpad to build in lxd containers.
Now that that is out of the way. Considering we are building in containers we can avoid user interaction for building with --allow-classic transparently in the builders and regular users wouldn’t be surprised. I’d like to leave interface connection discussions for a phase 2 part of the implementation as 90% of the use cases for build snaps are based out of using snaps that are classic confined.
2 Likes