The content interface

doc
23

Thanks for the quick reply! One more question about it. If I share just the socket, can I then mount it at $SNAP_DATA? E.g.:

slots:
  tailscale-socket:
    interface: content
    content: tailscale-socket
    write: 
      - $SNAP_DATA/tailscale.sock

plugs:
  tailscale-socket:
    interface: content
    content: tailscale-socket
    target: $SNAP_DATA

Small additional FYI. I ran into this error and thought it could be a bit more clear.

INFO snap "derper" has bad plugs or slots: tailscale-socket (content interface path is not clean: "$SNAP_DATA/socket/")

It wasn’t immediately obvious to me what is considered a “clean” path and that the trailing slash was the problem.

24

One more question about it. If I share just the socket, can I then mount it at $SNAP_DATA?

I would also like to know the answer to this.

The doc seems to suggest you can share a single file via the content interface, but in practice this seems to lead to a directly being created at the target with the name of the file.

At a very basic level, the content interface enables one directory, file or socket to appear in a place where another snap can access it.

I suppose, strictly speaking, enable sharing of a single file isn’t the same as bind mounting a single file, but the doc should make it more clear if using a directory is always required.

Seems strange if you really can’t share a single file only via the content interface, as bind mounting a single file is a supported operation, generally.

@degville Do you know the answer ?

25

Content interfaces are implemented by snapd with a combination of bind mounts and apparmor profiles. For snapd 2.68.4, the implementation can be found here.

Looking at the code, it looks like the source and the target of the connection are supposed to be directories. In particular:

Agree with @jocado that the doc needs to be more clear to avoid confusion.

1 Like