On Wed, 2017-03-01 at 21:11 +1000, Michi Henning wrote: > > > > > > That's not true. When a command or daemon in a strict mode snap gets > > executed, it runs in a different mount namespace where the file system > > root is the contents of the "core" snap. You can verify this by > > executing the following: > > > > snap run --shell command_name > > > > .. and use that shell to inspect the file system as seen by that > > particular command. > Ah, OK, I stand corrected. I was probably running in devmode when I picked up > system libs. >
To be clear, wrt the mount namespace, devmode and strict mode are identical. Perhaps you were working with classic confinement where the mount namespace is not setup. -- Jamie Strandboge | http://www.canonical.com
signature.asc
Description: This is a digitally signed message part
-- Snapcraft mailing list Snapcraft@lists.snapcraft.io Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/snapcraft
