Where is a snap's /tmp mapped to?

I’m not sure what is going on here. If /tmp for a snap is not /tmp, where is it?

c@slate:/tmp$ charm pull cs:~yellow/xenial/livepatch-health --channel edge
ERROR directory "/tmp/livepatch-health" already exists

It doesn’t already exist… see contents of /tmp below. Is there some funny chrooting going on here? Where can I find the real /tmp/livepatch-health? Is this a bug?

c@slate:/tmp$ ls -l /tmp
total 72
-rw------- 1 c    c       0 Sep 30 19:01 config-err-4Pr9rK
drwx------ 2 c    c    4096 Oct  2 11:00 firefox_c
drwx------ 2 c    c    4096 Oct  1 17:29 mozilla_c0
drwx------ 3 root root 4096 Sep 30 19:01 snap.0_canonical-livepatch_FJvxIl
drwx------ 3 root root 4096 Sep 30 19:01 snap.0_lxd_d75S4o
drwx------ 3 root c    4096 Oct  1 15:27 snap.1000_bhttp_zugXST
drwx------ 3 root c    4096 Oct  2 10:45 snap.1000_charm_58pJiv
drwx------ 3 root c    4096 Oct  1 15:10 snap.1000_livepatch-e2e-testing_CYcCUI
drwx------ 3 root c    4096 Oct  1 08:41 snap.1000_livepatch-e2e-testing_gf1vLv
drwx------ 3 root c    4096 Oct  1 17:29 snap.1000_telegram-desktop_K1pVtT
drwx------ 3 root root 4096 Sep 30 19:01 systemd-private-12fa3b6030374ff79126d3251b8b138e-bolt.service-e5m8Zk
drwx------ 3 root root 4096 Sep 30 19:01 systemd-private-12fa3b6030374ff79126d3251b8b138e-colord.service-iNsQeS
drwx------ 3 root root 4096 Sep 30 19:02 systemd-private-12fa3b6030374ff79126d3251b8b138e-fwupd.service-CYPDeZ
drwx------ 3 root root 4096 Sep 30 19:01 systemd-private-12fa3b6030374ff79126d3251b8b138e-iio-sensor-proxy.service-4aBw6B
drwx------ 3 root root 4096 Sep 30 19:01 systemd-private-12fa3b6030374ff79126d3251b8b138e-rtkit-daemon.service-uv4tRk
drwx------ 3 root root 4096 Sep 30 19:01 systemd-private-12fa3b6030374ff79126d3251b8b138e-systemd-resolved.service-oenIWj
drwx------ 3 root root 4096 Sep 30 19:01 systemd-private-12fa3b6030374ff79126d3251b8b138e-systemd-timesyncd.service-DwYuk2
drwx------ 2 c    c    4096 Oct  2 07:14 Temp-d2ba0d5e-be25-433e-b9c8-cb10457d4b6d
drwx------ 2 c    c    4096 Oct  1 15:56 tmux-1000

It depends on confinement. In the case of the charm snap, the stable channel is currently strictly confined so will see the ubuntu-core snap’s version of /tmp rather than the host system, IIRC, though it may be unique per snap.

We’re moving the charm snap to classic confinement, since that makes more sense for it as a dev tool (see https://discourse.jujucharms.com/t/charm-snap-changing-to-classic-confinement/256 for that announcement). The edge channel is now classic and we will be moving that forward soon. Note that this will require manual intervention for the refresh, but we will also promote a strictly confined version first that prompts with a warning and instructions on how to do the refresh.

Right now, /tmp of a strictly confined snap is viewable from ‘outside’ under /tmp/snap.<UID>_<snap>_<random>/tmp/. It’ll reuse them over invocations, usually — the fact that you have two of these tells me you’ve probably reinstalled it or somesuch.