System Interfaces are interfaces that control privileged access to system resources, such as user account control, inter-process communication, firewall configuration and hardware monitoring.
See Supported interfaces for a complete list of interfaces.
System interfaces
Interface | Description | Categories | Auto-connect |
---|---|---|---|
account-control | add/remove user accounts or change passwords | System, Account | no |
accounts-service | allows communication with the accounts service | System, Account | no |
appstream-metadata | allows access to AppStream metadata | System, Developer, Manage software | no |
autopilot-introspection | be controlled by Autopilot software | System, Developer | no |
bool-file | allows access to specific file with bool semantics | System, Low level, Privileged | no |
broadcom-asic-control | control Broadcom network switches | Network, System | no |
can-bus | allows access to the CAN bus | System, Developer | no |
core-support | deprecated since snap 2.34 | System, Other | no |
cpu-control | set certain CPU values | System, Developer | no |
daemon-notify | allows sending daemon status changes to service manager | System, Developer | no |
dbus | allow snaps to communicate over D-Bus | System, Developer | no |
dummy | renamed to empty interface | System, Other | no |
empty | allows testing without additional permissions | System, Other | no |
fwupd | allows operating as the fwupd service | System, Security, Firmware | no |
gconf | access the legacy GConf config system | System, Developer, Settings | no |
gsettings | provides access to any GSettings item for current user | System, Developer, Settings | yes |
hardware-observe | access hardware information | System, Hardware | no |
hardware-random-control | provide entropy to hardware random number generator | System, Hardware | no |
hardware-random-observe | use hardware-generated random numbers | System, Hardware | no |
hidraw | access hidraw devices | System | no |
hugepages-control | control HugePages memory blocks | System, Memory, Kernel | no |
i2c | access i²c devices | System, Hardware | no |
iio | access IIO devices | System, Hardware | no |
intel-mei | access to the Intel MEI management interface | System, Firmware | no |
io-ports-control | allows access to all I/O ports | System, | no |
ion-memory-control | access Android’s ION memory allocator | System | no |
kernel-crypto-api | read and manage kernel supported crypto ciphers | System, Kernel, Security | no |
kernel-module-control | insert, remove and query kernel modules | Super privileged, System, Kernel | no |
kernel-module-load | load, or deny loading, specific kernel modules | Super privileged, System, Kernel | no |
kernel-module-observe | query kernel modules | System, Kernel | no |
log-observe | read system logs | System, Developer | no |
login-session-control | allows setup of login sessions and grants privileged access to user sessions | System, Security | no |
login-session-observe | allows reading login and session information | System, Security | no |
nomad-support | enable’s HashiCorp’s Nomad to access CPU and memory management | System, Containers, Service | no |
password-manager-service | read, add, change, or remove saved passwords | System, Security | no |
physical-memory-control | read and write memory used by any process | System, Memory, Kernel | no |
physical-memory-observe | read memory used by any process | System, Memory, Kernel | no |
polkit | access to the polkit authorisation manager | System, Security | no |
polkit-agent | permits applications to register as polkit agents | System, Security | no |
power-control | read and write system power settings | System, Power | no |
process-control | pause or end any process on the system | System | no |
ptp | access to the Precision Time Protocol subsystem | System, Developer | no |
pwm | access specific PWM channels | System, Developer, Hardware, WIP | no |
qualcomm-ipc-router | access Qualcomm IPC router sockets | IPC, Kernel, System | no |
raw-input | access raw input devices directly | System, Developer, Hardware | no |
raw-usb | access USB hardware directly | System, Developer, Hardware | no |
serial-port | access serial port hardware | System, Developer, Hardware | no by default, yes with snaps from the same publisher |
shutdown | restart or power off the device | System, Power | no |
snap_interfaces_requests_control | enables the prompting API and its access to prompting-related notice types | System | no |
spi | access specific SPI devices | System, Developer, Hardware | no |
system-observe | read process and system information | Monitoring, System | no |
system-trace | monitor or control any running program | Monitoring, System | no |
ubuntu-download-manager | use the Ubuntu Download Manager | System, Developer, Manage software | yes |
uhid | create kernel UID devices from user-space | Hardware, Kernel, System | no |
uio | access uio devices | Hardware, System | no |
upower-observe | access battery level and power usage | System, Power | yes |