What interface I need to run lsmod?


What interface I need to run lsmod? I’ve tried kernel-module-control, but this leads to error:

human review required due to 'allow-installation' constraint from base declaration declaration-snap-v2_plugs_allow-installation (hw-probe, kernel-module-control)

See https://docs.snapcraft.io/reference/interfaces.

Thank you.

1 Like

For context: kernel-module-control gives device ownership to the snap and snaps are not allowed to use it at all unless there is a corresponding snap declaration (unless installing with --dangerous). lsmod is actually a symlink to /bin/kmod and neither (as you found out) are allowed by the default policy. lsmod/kmod are going to read a lot of things in /sys that aren’t allowed by the default policy.

In short, you probably don’t want to use kernel-module-control for simply listing modules. You can simply ‘cat /proc/modules’. This is allowed by the kernel-module-control interface, but it is also allowed by the opengl interface (to support nvidia). This interface doesn’t have the same restrictions on it as kernel-module-control, so if /proc/modules suits your needs, just ‘plugs: [opengl ]’.

would expanding this to hardware-observe make sense so you are not required to us a totally unrelated interface like opengl ?

Yeah, I’ve added a todo for the next batch. Not sure if it should be hardware-observe or system-observe since modules might be for more than hardware (eg, filesystems, networking, etc)… I’m actually sorta thinking both so someone doesn’t have to get the other if they happen to be using one. Anyway, will send something up for review in the next batch.

This was just merged into trunk and on its way to 2.36: https://github.com/snapcore/snapd/pull/5968