On Tue, 2017-02-07 at 12:27 +0800, Tonny Tzeng wrote: > Hi Jamie, > > Thanks for the detailed explanation, it's really helpful! > > However, I am hesitated to package my example files in the snap, just > curious, what's the proper way to package a "development snap" which reads > user given files and requires root permission? For example, I'd like to > package necessary node.js components in a snap for developers to design > their node.js based BLE apps, I've add node, bleno and noble modules in a > snap, so the idea is to let the users create their own node.js sample apps > (under their $HOME) and invoke the node command in my snap to run their > sample apps. Since the bleno/noble node modules require root privilege for > accessing BLE, I used "sudo mysnap.node <sample_file_in_home>" to run the > snap command. But as you pointed out, the fsuid=0 but ouid=1000 which > prevents the sample file being read from the snap command?
As mentioned before: "In general, it is best practice to avoid processing files that are under another user's control since those files could potentially be used to alter the behavior of the running process" If the user experience must be what you described where the files must live in the user's home and the command accessing them must run as root, then you can do: $ sudo chown -R root:root <sample_file_in_home> $ sudo mysnap.node <sample_file_in_home> Alternatively, create a shared directory in SNAP_DATA. Eg: $ sudo mkdir -m 1777 /var/snap/mysnap/current/examples # this could be done by your snap $ ln -s /var/snap/mysnap/current/examples <parent_dir_of_sample_file_in_home> $ sudo mysnap.node <sample_file_in_home> Alternatively, you can change how you think about this and you can put the files in /root/<sample_file_in_root> and use 'sudo -H'. Alternatively, you can change the work flow and do: $ sudo mkdir -m 1777 /var/snap/mysnap/current/examples # this could be done by your snap $ sudo mysnap.node <sample_file_in_SNAP_DATA/examples> Lastly, one thing I'm working on is how to allow dropping privileges. Once this is in place you could adjust 'mysnap.node' to drop privileges to the real user to read/copy/whatever the files such that this works: $ sudo mysnap.node <sample_file_in_home> -- Jamie Strandboge | http://www.canonical.com
signature.asc
Description: This is a digitally signed message part
-- Snapcraft mailing list Snapcraft@lists.snapcraft.io Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/snapcraft
