> > ... >
> I'm having a hard time wrapping my head around classic mode. Classic mode > means unconfined, right? > > What are the reasons for this switch? Is the snap still cross-distro? Will > the snap have some expectations about the system outside of the snap? What > are the advantages of an unconfined snap over a deb package? > To get a deb package, you have to generally add something like a PPA, which means you now get anything they want to give you from that PPA. Core libraries, a new kernel, whatever. Once you've accepted the terms of a PPA, you're trusting that person not to hose you over. While classic snaps still have access to the rest of the filesystem, they 1) Still include their dependencies inside their containment, rather than producing other packages that you must also install. 2) Can't muck with things outside of that (so saying 'snap install juju --classic' won't be able to change package kernel) 3) Give you all the nice release cadence, etc of other snaps. Mainly things like "I'm willing to run beta", "I only want to run candidate+" etc. 4) Are definitely no-less secure than deb packages. 5) Can get your software into snaps immediately, and you can transition into more confinement as you can make it work. 6) Snaps apply transactionally. An update can't partially apply half of the update and then fail (if it does, the whole update is rolled back). > > This isn't strictly Juju related, but maybe you can shed some light on > this. I don't follow the project close enough to understand this feature. > Confinement was key to the goals of snaps, ever since the click days.. Why > the 180 now? > Confinement is great for a lot of things, but not everything. Vim confined to not be able to read your .bashrc file isn't a very good vim. Juju doesn't need access to everything, so there is still room to grow support in Snap confinement to limit you to the right subset (we do want to read .ssh/id_rsa* and .local/share/juju, we don't need to read .mozilla/firefox/...) > > I would think that if an application like Juju can't work in a confined > snap, then snaps have an inherent flaw that needs to be fixed instead of > having the workaround of the classic mode. Paraphrasing the story I've > heard so many times: Snaps enable devs to push code directly to users > without having to go through the long review process of the distro. > Security and stability concerns are countered with confinement. Snaps > enable devs to package once, run anywhere. Confinement + frameworks makes > this possible... > > Snaps without confinement just seems like someone just brought .debs into > the 21 century, and that seems very underwhelming to me. What am I missing > here? > > The distribution model and the dependency model are a lot nicer. Transactional updates to the packages is also *extremely* nice. John =:-> > > Kind regards > Merlijn > > 2017-02-28 20:52 GMT+01:00 Nicholas Skaggs <nicholas.ska...@canonical.com> > : > >> Those of you subscribed to a snap channel may have noticed some nice >> changes that happened with 2.1 release. The juju snap package now utilizes >> classic mode, and all channels (including stable) are now active. You >> should expect feature parity (including things like bash completion) with >> the debian package of juju. In addition, the juju snap also shares >> environments with the debian installed version. This means your current >> models and credentials are utilized. >> >> I would encourage those that haven't yet tried out the snap to do so and >> provide feedback. I think you'll find it a quick and easy way to get juju. >> >> snap install juju --classic >> >> Those of you who want to build your own snap to share will also find it >> much easier. By default, running snapcraft on the juju tree will build a >> snap using your local tree and will bundle the needed agent. The >> snapcraft.yaml also points out how easily you can grab a specific branch, >> commit or tag to snap up. Sharing your own version of the juju client with >> the world is as simple as "snapcraft, snapcraft release". >> >> You'll find the snap related things in the snap folder in the juju git >> tree. As always PRs welcome! >> >> Nicholas >> >> -- >> Juju mailing list >> Juju@lists.ubuntu.com >> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailm >> an/listinfo/juju >> > > > -- > Juju mailing list > Juju@lists.ubuntu.com > Modify settings or unsubscribe at: https://lists.ubuntu.com/ > mailman/listinfo/juju > >
-- Juju mailing list Juju@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/juju
