System level tool requiring access to /sys and /dev

rafalop · November 1, 2023, 11:41pm

Hi Team, I am trying to register my app ‘bcachectl’ in the snap store. I requested classic confinement but was rejected.

It was suggested to me in the linked post to contact snapd team to discuss.

The app is a low level system cli tool that needs to read+write /sys and /dev with the actual location unknown at invocation time (it is dependent on devices available on the host, and also new bcache devices/locations are created as the tool is used).

How do you suggest I achieve this without classic confinement?

ogra · November 2, 2023, 9:27am

You should start with creating a PR against snapd to create a new interface for bcachefs (i.e. bcachefs-control) … since you do not know the exact paths but should know the file names you want to access, it should have proper wildcard pattern matching for the respective files you want to access…

dclane · November 2, 2023, 11:49am

It may or may not be of any use to you @rafalop but I captured the process I followed when building an interface in this github gist

rafalop · November 5, 2023, 11:40pm

Thanks guys, I’ll give this a try see how it goes.

soumyaDghosh · November 6, 2023, 8:26am

This saved me! Seriously I have been searching for this everywhere