Re: Where to save stuff (in snap-agnostic way)

2017-02-07 Thread XiaoGuo Liu
Hi Jamie,

Thanks for your explanation. You are right. The directory name takes the
very first execution of the command. After that, when accessing the /tmp
directory, it uses the directory created earlier if it is running from
another command.

I have updated my example code at
https://github.com/liu-xiao-guo/helloworld-fifo

When I firstly run "hello.fifo", the directory name takes something
"like snap.1000_snap.hello.fifo_5BpMiB". When trying to write to it using
"hello.fifo1", the same directory is used.

When I firstly run "hello.fifo1", the directory name takes something
"snap.1000_snap.hello.fifo1_6MJX5m". When trying to write to it using
"hello.fifo", the same directory is used.

Thanks & best regards,
XiaoGuo


On Wed, Feb 8, 2017 at 12:21 AM, Jamie Strandboge 
wrote:

> On Tue, 2017-02-07 at 12:04 +0800, XiaoGuo Liu wrote:
> > Hi Jamie,
> >
> > For my sample app at https://github.com/liu-xiao-guo/helloworld-fifo, I
> > tried to use the /tmp file to create a file, and  finally I get a file on
> > my Desktop like:
> >
> > root@liuxg:/tmp/snap.1000_snap.hello.fifo_TovLTW/tmp# ls
> > anothefile
> >
> > It seems to me that the path is still related to the command name "fifo".
> > Does this conflict with your saying?
>
> It does not. That directory is what is bind mounted into mount namespace
> and
> that is remembered for subsequent invocations of that command or other
> commands
> from the same snap. Try it: create a snap with two commands, have one
> create a
> file in /tmp and another to read the same file in /tmp-- it will work and
> the
> temporary directory in the system's /tmp will be
> /tmp/snap.0_snap.$SNAP_NAME._... will have the
> file you
> created in it.
>
> --
> Jamie Strandboge | http://www.canonical.com
>
>
> --
> Snapcraft mailing list
> Snapcraft@lists.snapcraft.io
> Modify settings or unsubscribe at: https://lists.ubuntu.com/
> mailman/listinfo/snapcraft
>
>


-- 
XiaoGuo, Liu
-- 
Snapcraft mailing list
Snapcraft@lists.snapcraft.io
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/snapcraft


Re: Where to save stuff (in snap-agnostic way)

2017-02-07 Thread Jamie Strandboge
On Tue, 2017-02-07 at 12:04 +0800, XiaoGuo Liu wrote:
> Hi Jamie,
> 
> For my sample app at https://github.com/liu-xiao-guo/helloworld-fifo, I
> tried to use the /tmp file to create a file, and  finally I get a file on
> my Desktop like:
> 
> root@liuxg:/tmp/snap.1000_snap.hello.fifo_TovLTW/tmp# ls
> anothefile
> 
> It seems to me that the path is still related to the command name "fifo".
> Does this conflict with your saying?

It does not. That directory is what is bind mounted into mount namespace and
that is remembered for subsequent invocations of that command or other commands
from the same snap. Try it: create a snap with two commands, have one create a
file in /tmp and another to read the same file in /tmp-- it will work and the
temporary directory in the system's /tmp will be
/tmp/snap.0_snap.$SNAP_NAME._... will have the file you
created in it.

-- 
Jamie Strandboge | http://www.canonical.com



signature.asc
Description: This is a digitally signed message part
-- 
Snapcraft mailing list
Snapcraft@lists.snapcraft.io
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/snapcraft


Re: Where to save stuff (in snap-agnostic way)

2017-02-06 Thread XiaoGuo Liu
Hi Jamie,

For my sample app at https://github.com/liu-xiao-guo/helloworld-fifo, I
tried to use the /tmp file to create a file, and  finally I get a file on
my Desktop like:

root@liuxg:/tmp/snap.1000_snap.hello.fifo_TovLTW/tmp# ls
anothefile

It seems to me that the path is still related to the command name "fifo".
Does this conflict with your saying?

Currently, my snapd version on 16.04 desktop is:

liuxg@liuxg:~$ snap version
snap2.22.1
snapd   2.22.1
series  16
ubuntu  16.04

Thanks & best regards,
XiaoGuo



On Tue, Feb 7, 2017 at 1:21 AM, Jamie Strandboge 
wrote:

> On Sun, 2017-02-05 at 08:04 +0800, XiaoGuo Liu wrote:
> > Hi Oli,
> >
> > Does it mean all of the snaps have the same /tmp or each snap has its own
> > /tmp? I am a little bit confused about this.
> >
>
> You might be confused because the behavior changed. For a long time, each
> snap
> *command* had its own /tmp directory. That was changed late last year so
> that
> all commands with the same snap share the same /tmp directory such that
> each
> snap has its own /tmp directory.
>
> --
> Jamie Strandboge | http://www.canonical.com
>
>
> --
> Snapcraft mailing list
> Snapcraft@lists.snapcraft.io
> Modify settings or unsubscribe at: https://lists.ubuntu.com/
> mailman/listinfo/snapcraft
>
>


-- 
XiaoGuo, Liu
-- 
Snapcraft mailing list
Snapcraft@lists.snapcraft.io
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/snapcraft


Re: Where to save stuff (in snap-agnostic way)

2017-02-06 Thread Jamie Strandboge
On Mon, 2017-02-06 at 09:25 -0800, Kyle Fazzari wrote:
> 
> On 02/06/2017 09:21 AM, Jamie Strandboge wrote:
> > 
> > On Sun, 2017-02-05 at 08:04 +0800, XiaoGuo Liu wrote:
> > > 
> > > Hi Oli,
> > > 
> > > Does it mean all of the snaps have the same /tmp or each snap has its own
> > > /tmp? I am a little bit confused about this.
> > > 
> > You might be confused because the behavior changed. For a long time, each
> > snap
> > *command* had its own /tmp directory. That was changed late last year so
> > that
> > all commands with the same snap share the same /tmp directory such that each
> > snap has its own /tmp directory.
> This is good to know, I thought each command *still* had its own /tmp.
> Any chance you know the snapd version in which this change was introduced?
> 

It looks like it was fixed in upstream (pre-merge with snapd) snap-confine
1.0.41. It didn't make it into series 16 until 1.0.43-0ubuntu1~16.04.1 until Oct
10[1].

[1]https://bugs.launchpad.net/ubuntu/+source/snap-confine/+bug/1630040

-- 
Jamie Strandboge | http://www.canonical.com



signature.asc
Description: This is a digitally signed message part
-- 
Snapcraft mailing list
Snapcraft@lists.snapcraft.io
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/snapcraft


Re: Where to save stuff (in snap-agnostic way)

2017-02-06 Thread Luca Dionisi
On Mon, Feb 6, 2017 at 6:19 PM, Jamie Strandboge  wrote:
> On Sat, 2017-02-04 at 15:53 +0100, Luca Dionisi wrote:
>> Although I wouldn't spend too much on this IPC issue (the IPC task is
>> needed only for a testing tool that I won't deploy anywhere) in order
>> to go ahead I am going to explore other possibilities. I want to  try
>> with DBus. Do you know of anything DBus-related that will encounter
>> issues in a snap environment?
>
> Today, you'll have the same issue with dbus. You could use the 'dbus 
> interface'
> in your snap, but you'd need to have this bug fixed for applications within 
> your
> snap to use it:
> https://bugs.launchpad.net/snappy/+bug/1659724
>
> The fix for this should be in snapd 2.23[1].
>
> I would actually recommend using UNIX domain sockets for this though. The
> easiest is to put a named socket in SNAP_DATA.
>
> [1]https://github.com/snapcore/snapd/pull/2768
>
> --
> Jamie Strandboge | http://www.canonical.com

Thank you Jamie, very useful.

--Luca

-- 
Snapcraft mailing list
Snapcraft@lists.snapcraft.io
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/snapcraft


Re: Where to save stuff (in snap-agnostic way)

2017-02-06 Thread Kyle Fazzari


On 02/06/2017 09:21 AM, Jamie Strandboge wrote:
> On Sun, 2017-02-05 at 08:04 +0800, XiaoGuo Liu wrote:
>> Hi Oli,
>>
>> Does it mean all of the snaps have the same /tmp or each snap has its own
>> /tmp? I am a little bit confused about this.
>>
> 
> You might be confused because the behavior changed. For a long time, each snap
> *command* had its own /tmp directory. That was changed late last year so that
> all commands with the same snap share the same /tmp directory such that each
> snap has its own /tmp directory.

This is good to know, I thought each command *still* had its own /tmp.
Any chance you know the snapd version in which this change was introduced?

-- 
Kyle Fazzari (kyrofa)
Software Engineer
Canonical Ltd.
k...@canonical.com



signature.asc
Description: OpenPGP digital signature
-- 
Snapcraft mailing list
Snapcraft@lists.snapcraft.io
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/snapcraft


Re: Where to save stuff (in snap-agnostic way)

2017-02-06 Thread Jamie Strandboge
On Sun, 2017-02-05 at 08:04 +0800, XiaoGuo Liu wrote:
> Hi Oli,
> 
> Does it mean all of the snaps have the same /tmp or each snap has its own
> /tmp? I am a little bit confused about this.
> 

You might be confused because the behavior changed. For a long time, each snap
*command* had its own /tmp directory. That was changed late last year so that
all commands with the same snap share the same /tmp directory such that each
snap has its own /tmp directory.

-- 
Jamie Strandboge | http://www.canonical.com



signature.asc
Description: This is a digitally signed message part
-- 
Snapcraft mailing list
Snapcraft@lists.snapcraft.io
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/snapcraft


Re: Where to save stuff (in snap-agnostic way)

2017-02-06 Thread Jamie Strandboge
On Sat, 2017-02-04 at 15:53 +0100, Luca Dionisi wrote:
> Although I wouldn't spend too much on this IPC issue (the IPC task is
> needed only for a testing tool that I won't deploy anywhere) in order
> to go ahead I am going to explore other possibilities. I want to  try
> with DBus. Do you know of anything DBus-related that will encounter
> issues in a snap environment?

Today, you'll have the same issue with dbus. You could use the 'dbus interface'
in your snap, but you'd need to have this bug fixed for applications within your
snap to use it:
https://bugs.launchpad.net/snappy/+bug/1659724

The fix for this should be in snapd 2.23[1].

I would actually recommend using UNIX domain sockets for this though. The
easiest is to put a named socket in SNAP_DATA.

[1]https://github.com/snapcore/snapd/pull/2768

-- 
Jamie Strandboge | http://www.canonical.com



signature.asc
Description: This is a digitally signed message part
-- 
Snapcraft mailing list
Snapcraft@lists.snapcraft.io
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/snapcraft


Re: Where to save stuff (in snap-agnostic way)

2017-02-06 Thread Jamie Strandboge
On Sat, 2017-02-04 at 12:00 +0100, Luca Dionisi wrote:
> On Sat, Feb 4, 2017 at 11:43 AM, Oliver Grawert  wrote:
> > 
> > hi,
> > Am Freitag, den 03.02.2017, 21:04 +0100 schrieb Luca Dionisi:
> > > 
> > > What is the best place to write (and read) a temporary FIFO file from
> > > a confined snap application?
> > > This is for simple IPC between 2 processes of the same snap.
> > > Before attempting to snap the application I was using a fixed
> > > filename
> > > in /tmp. Admittedly poor solution.
> > > The solution should be usable also with another packaging system.
> > > 
> > well ... in case of snaps /tmp is a private directory that only your
> > snap can access so it is actually a good place for such stuff ...
> It's worse than that, Jim!
> 
> Inside the snap environment I can write files and directories both in
> /tmp and in $XDG_RUNTIME_DIR.
> What I cannot do anywhere is create a FIFO.
> 
> bash-4.3$ mkfifo a
> bash: /usr/bin/mkfifo: Permission denied
> 
> What's the problem here?

See https://github.com/snapcore/snapd/pull/2749 which adds support for mkfifo



At the lowest levels, mkfifo and mknod are (currently) blocked because they use
the mknod syscall and the mknod syscall can be used to create devices. If we
allowed the use of mknod, a snap could create a device in SNAP_DATA and talk to
the kernel through the device (eg, raw access to your disk).

The above referenced PR limits how mknod can be used to create regular files,
pipes and sockets but not block and character devices. As such, we are adding
the mknod and mkfifo commands as part of that PR and this should be available
for use in snapd 2.23.

-- 
Jamie Strandboge | http://www.canonical.com



signature.asc
Description: This is a digitally signed message part
-- 
Snapcraft mailing list
Snapcraft@lists.snapcraft.io
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/snapcraft


Re: Where to save stuff (in snap-agnostic way)

2017-02-04 Thread XiaoGuo Liu
Sorry,

I just found that each snap has its own "tmp" directory created in the /tmp
directory of the system. I just created a file, and it looks like:

root@liuxg:/tmp/snap.1000_snap.hello.fifo_TovLTW/tmp# ls
anothefile

Thanks & best regards,
XiaoGuo

On Sun, Feb 5, 2017 at 8:04 AM, XiaoGuo Liu 
wrote:

> Hi Oli,
>
> Does it mean all of the snaps have the same /tmp or each snap has its own
> /tmp? I am a little bit confused about this.
>
> Thanks & best regards,
> XiaoGuo
>
>
>
> On Sat, Feb 4, 2017 at 6:43 PM, Oliver Grawert  wrote:
>
>> hi,
>> Am Freitag, den 03.02.2017, 21:04 +0100 schrieb Luca Dionisi:
>> > What is the best place to write (and read) a temporary FIFO file from
>> > a confined snap application?
>> > This is for simple IPC between 2 processes of the same snap.
>> > Before attempting to snap the application I was using a fixed
>> > filename
>> > in /tmp. Admittedly poor solution.
>> > The solution should be usable also with another packaging system.
>> >
>> well ... in case of snaps /tmp is a private directory that only your
>> snap can access so it is actually a good place for such stuff ...
>>
>> ... that said ... if you want to use it in other packaging systems
>> where this is not the case it might indeed not be the best choice and
>> using XDG_RUNTIME_DIR might be the better way, as others pointed out.
>>
>> ciao
>> oli
>> --
>> Snapcraft mailing list
>> Snapcraft@lists.snapcraft.io
>> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailm
>> an/listinfo/snapcraft
>>
>>
>
>
> --
> XiaoGuo, Liu
>



-- 
XiaoGuo, Liu
-- 
Snapcraft mailing list
Snapcraft@lists.snapcraft.io
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/snapcraft


Re: Where to save stuff (in snap-agnostic way)

2017-02-04 Thread XiaoGuo Liu
Hi Oli,

Does it mean all of the snaps have the same /tmp or each snap has its own
/tmp? I am a little bit confused about this.

Thanks & best regards,
XiaoGuo



On Sat, Feb 4, 2017 at 6:43 PM, Oliver Grawert  wrote:

> hi,
> Am Freitag, den 03.02.2017, 21:04 +0100 schrieb Luca Dionisi:
> > What is the best place to write (and read) a temporary FIFO file from
> > a confined snap application?
> > This is for simple IPC between 2 processes of the same snap.
> > Before attempting to snap the application I was using a fixed
> > filename
> > in /tmp. Admittedly poor solution.
> > The solution should be usable also with another packaging system.
> >
> well ... in case of snaps /tmp is a private directory that only your
> snap can access so it is actually a good place for such stuff ...
>
> ... that said ... if you want to use it in other packaging systems
> where this is not the case it might indeed not be the best choice and
> using XDG_RUNTIME_DIR might be the better way, as others pointed out.
>
> ciao
> oli
> --
> Snapcraft mailing list
> Snapcraft@lists.snapcraft.io
> Modify settings or unsubscribe at: https://lists.ubuntu.com/
> mailman/listinfo/snapcraft
>
>


-- 
XiaoGuo, Liu
-- 
Snapcraft mailing list
Snapcraft@lists.snapcraft.io
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/snapcraft


Re: Where to save stuff (in snap-agnostic way)

2017-02-04 Thread Luca Dionisi
Although I wouldn't spend too much on this IPC issue (the IPC task is
needed only for a testing tool that I won't deploy anywhere) in order
to go ahead I am going to explore other possibilities. I want to  try
with DBus. Do you know of anything DBus-related that will encounter
issues in a snap environment?

On Sat, Feb 4, 2017 at 12:21 PM, Oliver Grawert  wrote:
> hi,
> Am Samstag, den 04.02.2017, 12:02 +0100 schrieb Luca Dionisi:
>> > > well ... in case of snaps /tmp is a private directory that only
>> > > your
>> > > snap can access so it is actually a good place for such stuff ...
>> > It's worse than that, Jim!
>> >
>> > Inside the snap environment I can write files and directories both
>> > in
>> > /tmp and in $XDG_RUNTIME_DIR.
>> > What I cannot do anywhere is create a FIFO.
>> >
>
> aha ! i guess you are hitting
> https://bugs.launchpad.net/snappy/+bug/1636540
>
> probably jamie can give a statement where we stand with this...
>
> ciao
> oli
>
> --
> Snapcraft mailing list
> Snapcraft@lists.snapcraft.io
> Modify settings or unsubscribe at: 
> https://lists.ubuntu.com/mailman/listinfo/snapcraft
>

-- 
Snapcraft mailing list
Snapcraft@lists.snapcraft.io
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/snapcraft


Re: Where to save stuff (in snap-agnostic way)

2017-02-04 Thread Oliver Grawert
hi,
Am Samstag, den 04.02.2017, 12:02 +0100 schrieb Luca Dionisi:
> > > well ... in case of snaps /tmp is a private directory that only
> > > your
> > > snap can access so it is actually a good place for such stuff ...
> > It's worse than that, Jim!
> > 
> > Inside the snap environment I can write files and directories both
> > in
> > /tmp and in $XDG_RUNTIME_DIR.
> > What I cannot do anywhere is create a FIFO.
> > 

aha ! i guess you are hitting 
https://bugs.launchpad.net/snappy/+bug/1636540

probably jamie can give a statement where we stand with this...

ciao
oli


signature.asc
Description: This is a digitally signed message part
-- 
Snapcraft mailing list
Snapcraft@lists.snapcraft.io
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/snapcraft


Re: Where to save stuff (in snap-agnostic way)

2017-02-04 Thread Luca Dionisi
The results are the very same (apart for "namespace") on a real
machine, so the LXD container shouldn't be the cause.

On Sat, Feb 4, 2017 at 12:14 PM, Luca Dionisi  wrote:
> More in context:
>
> In a classic Ubuntu (but inside a LXD container) I run:
> ubuntu@thorough-bear:~$ hello-world.sh
>
> This gives me a bash inside a snap environment.
> There I run:
> bash-4.3$ mkfifo --help
> bash: /usr/bin/mkfifo: Permission denied
>
> If I run dmesg (outside the snap environment) it reports:
>
> [94156.909950] audit: type=1400 audit(1486206367.506:1768): apparmor="DENIED"
>operation="exec"
>namespace="root//lxd-thorough-bear_"
>profile="snap.hello-world.sh"
>name="/usr/bin/mkfifo"
>pid=7925
>comm="bash"
>requested_mask="x"
>denied_mask="x"
>fsuid=101000
>ouid=10
>
> [94156.910123] audit: type=1400 audit(1486206367.506:1769): apparmor="DENIED"
>operation="open"
>namespace="root//lxd-thorough-bear_"
>profile="snap.hello-world.sh"
>name="/usr/bin/mkfifo"
>pid=7925
>comm="bash"
>requested_mask="r"
>denied_mask="r"
>fsuid=101000
>ouid=10
>
>
>
>
> On Sat, Feb 4, 2017 at 12:02 PM, Luca Dionisi  wrote:
>> Well, it seems that the problem is the userspace tool itself.
>> bash-4.3$ mkfifo --help
>> bash: /usr/bin/mkfifo: Permission denied
>>
>> On Sat, Feb 4, 2017 at 12:00 PM, Luca Dionisi  wrote:
>>> On Sat, Feb 4, 2017 at 11:43 AM, Oliver Grawert  wrote:
 hi,
 Am Freitag, den 03.02.2017, 21:04 +0100 schrieb Luca Dionisi:
> What is the best place to write (and read) a temporary FIFO file from
> a confined snap application?
> This is for simple IPC between 2 processes of the same snap.
> Before attempting to snap the application I was using a fixed
> filename
> in /tmp. Admittedly poor solution.
> The solution should be usable also with another packaging system.
>
 well ... in case of snaps /tmp is a private directory that only your
 snap can access so it is actually a good place for such stuff ...
>>>
>>> It's worse than that, Jim!
>>>
>>> Inside the snap environment I can write files and directories both in
>>> /tmp and in $XDG_RUNTIME_DIR.
>>> What I cannot do anywhere is create a FIFO.
>>>
>>> bash-4.3$ mkfifo a
>>> bash: /usr/bin/mkfifo: Permission denied
>>>
>>> What's the problem here?
>>>
>>> To be honest I should say that my tests have been conducted in LXD
>>> containers. I don't know if the situation holds true also in real
>>> machines.

-- 
Snapcraft mailing list
Snapcraft@lists.snapcraft.io
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/snapcraft


Re: Where to save stuff (in snap-agnostic way)

2017-02-04 Thread Luca Dionisi
More in context:

In a classic Ubuntu (but inside a LXD container) I run:
ubuntu@thorough-bear:~$ hello-world.sh

This gives me a bash inside a snap environment.
There I run:
bash-4.3$ mkfifo --help
bash: /usr/bin/mkfifo: Permission denied

If I run dmesg (outside the snap environment) it reports:

[94156.909950] audit: type=1400 audit(1486206367.506:1768): apparmor="DENIED"
   operation="exec"
   namespace="root//lxd-thorough-bear_"
   profile="snap.hello-world.sh"
   name="/usr/bin/mkfifo"
   pid=7925
   comm="bash"
   requested_mask="x"
   denied_mask="x"
   fsuid=101000
   ouid=10

[94156.910123] audit: type=1400 audit(1486206367.506:1769): apparmor="DENIED"
   operation="open"
   namespace="root//lxd-thorough-bear_"
   profile="snap.hello-world.sh"
   name="/usr/bin/mkfifo"
   pid=7925
   comm="bash"
   requested_mask="r"
   denied_mask="r"
   fsuid=101000
   ouid=10




On Sat, Feb 4, 2017 at 12:02 PM, Luca Dionisi  wrote:
> Well, it seems that the problem is the userspace tool itself.
> bash-4.3$ mkfifo --help
> bash: /usr/bin/mkfifo: Permission denied
>
> On Sat, Feb 4, 2017 at 12:00 PM, Luca Dionisi  wrote:
>> On Sat, Feb 4, 2017 at 11:43 AM, Oliver Grawert  wrote:
>>> hi,
>>> Am Freitag, den 03.02.2017, 21:04 +0100 schrieb Luca Dionisi:
 What is the best place to write (and read) a temporary FIFO file from
 a confined snap application?
 This is for simple IPC between 2 processes of the same snap.
 Before attempting to snap the application I was using a fixed
 filename
 in /tmp. Admittedly poor solution.
 The solution should be usable also with another packaging system.

>>> well ... in case of snaps /tmp is a private directory that only your
>>> snap can access so it is actually a good place for such stuff ...
>>
>> It's worse than that, Jim!
>>
>> Inside the snap environment I can write files and directories both in
>> /tmp and in $XDG_RUNTIME_DIR.
>> What I cannot do anywhere is create a FIFO.
>>
>> bash-4.3$ mkfifo a
>> bash: /usr/bin/mkfifo: Permission denied
>>
>> What's the problem here?
>>
>> To be honest I should say that my tests have been conducted in LXD
>> containers. I don't know if the situation holds true also in real
>> machines.

-- 
Snapcraft mailing list
Snapcraft@lists.snapcraft.io
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/snapcraft


Re: Where to save stuff (in snap-agnostic way)

2017-02-04 Thread Luca Dionisi
Well, it seems that the problem is the userspace tool itself.
bash-4.3$ mkfifo --help
bash: /usr/bin/mkfifo: Permission denied

On Sat, Feb 4, 2017 at 12:00 PM, Luca Dionisi  wrote:
> On Sat, Feb 4, 2017 at 11:43 AM, Oliver Grawert  wrote:
>> hi,
>> Am Freitag, den 03.02.2017, 21:04 +0100 schrieb Luca Dionisi:
>>> What is the best place to write (and read) a temporary FIFO file from
>>> a confined snap application?
>>> This is for simple IPC between 2 processes of the same snap.
>>> Before attempting to snap the application I was using a fixed
>>> filename
>>> in /tmp. Admittedly poor solution.
>>> The solution should be usable also with another packaging system.
>>>
>> well ... in case of snaps /tmp is a private directory that only your
>> snap can access so it is actually a good place for such stuff ...
>
> It's worse than that, Jim!
>
> Inside the snap environment I can write files and directories both in
> /tmp and in $XDG_RUNTIME_DIR.
> What I cannot do anywhere is create a FIFO.
>
> bash-4.3$ mkfifo a
> bash: /usr/bin/mkfifo: Permission denied
>
> What's the problem here?
>
> To be honest I should say that my tests have been conducted in LXD
> containers. I don't know if the situation holds true also in real
> machines.

-- 
Snapcraft mailing list
Snapcraft@lists.snapcraft.io
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/snapcraft


Re: Where to save stuff (in snap-agnostic way)

2017-02-04 Thread Luca Dionisi
On Sat, Feb 4, 2017 at 11:43 AM, Oliver Grawert  wrote:
> hi,
> Am Freitag, den 03.02.2017, 21:04 +0100 schrieb Luca Dionisi:
>> What is the best place to write (and read) a temporary FIFO file from
>> a confined snap application?
>> This is for simple IPC between 2 processes of the same snap.
>> Before attempting to snap the application I was using a fixed
>> filename
>> in /tmp. Admittedly poor solution.
>> The solution should be usable also with another packaging system.
>>
> well ... in case of snaps /tmp is a private directory that only your
> snap can access so it is actually a good place for such stuff ...

It's worse than that, Jim!

Inside the snap environment I can write files and directories both in
/tmp and in $XDG_RUNTIME_DIR.
What I cannot do anywhere is create a FIFO.

bash-4.3$ mkfifo a
bash: /usr/bin/mkfifo: Permission denied

What's the problem here?

To be honest I should say that my tests have been conducted in LXD
containers. I don't know if the situation holds true also in real
machines.

-- 
Snapcraft mailing list
Snapcraft@lists.snapcraft.io
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/snapcraft


Re: Where to save stuff (in snap-agnostic way)

2017-02-04 Thread Oliver Grawert
hi,
Am Freitag, den 03.02.2017, 21:04 +0100 schrieb Luca Dionisi:
> What is the best place to write (and read) a temporary FIFO file from
> a confined snap application?
> This is for simple IPC between 2 processes of the same snap.
> Before attempting to snap the application I was using a fixed
> filename
> in /tmp. Admittedly poor solution.
> The solution should be usable also with another packaging system.
> 
well ... in case of snaps /tmp is a private directory that only your
snap can access so it is actually a good place for such stuff ...

... that said ... if you want to use it in other packaging systems
where this is not the case it might indeed not be the best choice and
using XDG_RUNTIME_DIR might be the better way, as others pointed out.

ciao
oli

signature.asc
Description: This is a digitally signed message part
-- 
Snapcraft mailing list
Snapcraft@lists.snapcraft.io
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/snapcraft


Re: Where to save stuff (in snap-agnostic way)

2017-02-04 Thread Luca Dionisi
Thanks all for the answer.

There's a catch, though. I just checked in a classic Ubuntu what the
XDG_RUNTIME_DIR env is set to for root. And, surprise, it's not set.
So, since my app has to run as root, it seems that I'll have to check
this possibility too.

--Luca

On Sat, Feb 4, 2017 at 3:47 AM, XiaoGuo Liu  wrote:
> Hi Seth,
>
> Thanks. You are right. I just created a new dir under the root, and I tried
> to access it, and it was successful this time.
>
> liuxg@liuxg:~/snappy/desktop$ sudo snap run --shell hello.env
> [sudo] password for liuxg:
> root@liuxg:/home/liuxg/snappy/desktop# cd /run/user/0/snap.hello
> root@liuxg:/run/user/0/snap.hello# ls
>
> Many thanks
> Best regards,
> XiaoGuo
>
> On Sat, Feb 4, 2017 at 10:40 AM, Seth Arnold 
> wrote:
>>
>> On Sat, Feb 04, 2017 at 10:33:20AM +0800, XiaoGuo Liu wrote:
>> > liuxg@liuxg:~/snappy/desktop/ss$ hello.env | grep XDG_RUNTIME
>> > XDG_RUNTIME_DIR=/run/user/1000/snap.hello
>> > $ sudo snap run --shell hello.env
>> > # env | grep XDG_RUNTIME_DIR
>> > XDG_RUNTIME_DIR=/run/user/0/snap.hello
>>
>> Your first command was run as a standard user, probably the first user
>> installed on the system, since it is user 1000.
>>
>> Your second command was run as root via the sudo tool, thus you get a
>> different directory. Every user's data should be stored in a place where
>> it won't collide with other users, and root is no different in this case.
>>
>> Thanks
>>
>> --
>> Snapcraft mailing list
>> Snapcraft@lists.snapcraft.io
>> Modify settings or unsubscribe at:
>> https://lists.ubuntu.com/mailman/listinfo/snapcraft
>>
>
>
>
> --
> XiaoGuo, Liu
>
> --
> Snapcraft mailing list
> Snapcraft@lists.snapcraft.io
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/snapcraft
>

-- 
Snapcraft mailing list
Snapcraft@lists.snapcraft.io
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/snapcraft


Re: Where to save stuff (in snap-agnostic way)

2017-02-03 Thread XiaoGuo Liu
Hi Seth,

Thanks. You are right. I just created a new dir under the root, and I tried
to access it, and it was successful this time.

liuxg@liuxg:~/snappy/desktop$ sudo snap run --shell hello.env
[sudo] password for liuxg:
root@liuxg:/home/liuxg/snappy/desktop# cd /run/user/0/snap.hello
root@liuxg:/run/user/0/snap.hello# ls

Many thanks
Best regards,
XiaoGuo

On Sat, Feb 4, 2017 at 10:40 AM, Seth Arnold 
wrote:

> On Sat, Feb 04, 2017 at 10:33:20AM +0800, XiaoGuo Liu wrote:
> > liuxg@liuxg:~/snappy/desktop/ss$ hello.env | grep XDG_RUNTIME
> > XDG_RUNTIME_DIR=/run/user/1000/snap.hello
> > $ sudo snap run --shell hello.env
> > # env | grep XDG_RUNTIME_DIR
> > XDG_RUNTIME_DIR=/run/user/0/snap.hello
>
> Your first command was run as a standard user, probably the first user
> installed on the system, since it is user 1000.
>
> Your second command was run as root via the sudo tool, thus you get a
> different directory. Every user's data should be stored in a place where
> it won't collide with other users, and root is no different in this case.
>
> Thanks
>
> --
> Snapcraft mailing list
> Snapcraft@lists.snapcraft.io
> Modify settings or unsubscribe at: https://lists.ubuntu.com/
> mailman/listinfo/snapcraft
>
>


-- 
XiaoGuo, Liu
-- 
Snapcraft mailing list
Snapcraft@lists.snapcraft.io
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/snapcraft


Re: Where to save stuff (in snap-agnostic way)

2017-02-03 Thread Seth Arnold
On Sat, Feb 04, 2017 at 10:33:20AM +0800, XiaoGuo Liu wrote:
> liuxg@liuxg:~/snappy/desktop/ss$ hello.env | grep XDG_RUNTIME
> XDG_RUNTIME_DIR=/run/user/1000/snap.hello
> $ sudo snap run --shell hello.env
> # env | grep XDG_RUNTIME_DIR
> XDG_RUNTIME_DIR=/run/user/0/snap.hello

Your first command was run as a standard user, probably the first user
installed on the system, since it is user 1000.

Your second command was run as root via the sudo tool, thus you get a
different directory. Every user's data should be stored in a place where
it won't collide with other users, and root is no different in this case.

Thanks


signature.asc
Description: PGP signature
-- 
Snapcraft mailing list
Snapcraft@lists.snapcraft.io
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/snapcraft


Re: Where to save stuff (in snap-agnostic way)

2017-02-03 Thread XiaoGuo Liu
Hi,

I just tried it with my helloworld snap example. It shows:

liuxg@liuxg:~/snappy/desktop/ss$ hello.env | grep XDG_RUNTIME
XDG_RUNTIME_DIR=/run/user/1000/snap.hello

When I tried to run it with:

$ sudo snap run --shell hello.env

Inside the shell, I find different variable for XDG_RUNTIME_DIR:

# env | grep XDG_RUNTIME_DIR
XDG_RUNTIME_DIR=/run/user/0/snap.hello

I tried to create the above named dir /run/user/1000/snap.hello, but it is
not accessible in the  shell

Thanks.



On Sat, Feb 4, 2017 at 5:41 AM, Michael Hall  wrote:

> Be sure to use XDG_RUNTIME_DIR and not '/var/run' specifically, as
> XDG_RUNTIME_DIR is /run/user//snap./ in a snap's
> runtime. You may also need to create that directory before using it.
>
> Michael Hall
> mhall...@ubuntu.com
>
> On 02/03/2017 04:19 PM, Christian Dywan wrote:
> > Hey Luca,
> >
> > I'll suggest XDG_RUNTIME_DIR i.e. /var/run
> >
> > Regards,
> > Cris
> >
> > Am 3. Februar 2017 21:04:19 MEZ schrieb Luca Dionisi
> > :
> >
> > What is the best place to write (and read) a temporary FIFO file from
> > a confined snap application?
> > This is for simple IPC between 2 processes of the same snap.
> > Before attempting to snap the application I was using a fixed
> filename
> > in /tmp. Admittedly poor solution.
> > The solution should be usable also with another packaging system.
> >
> > --Luca
> >
> > P.S. the problem with Vala library has been solved and I was able to
> > make the snap work in devmode. Now I am trying to move from devmode
> to
> > strict.
> >
> >
> > --
> > Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail
> > gesendet.
> >
> >
>
> --
> Snapcraft mailing list
> Snapcraft@lists.snapcraft.io
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailm
> an/listinfo/snapcraft
>



-- 
XiaoGuo, Liu
-- 
Snapcraft mailing list
Snapcraft@lists.snapcraft.io
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/snapcraft


Re: Where to save stuff (in snap-agnostic way)

2017-02-03 Thread Michael Hall
Be sure to use XDG_RUNTIME_DIR and not '/var/run' specifically, as
XDG_RUNTIME_DIR is /run/user//snap./ in a snap's
runtime. You may also need to create that directory before using it.

Michael Hall
mhall...@ubuntu.com

On 02/03/2017 04:19 PM, Christian Dywan wrote:
> Hey Luca,
> 
> I'll suggest XDG_RUNTIME_DIR i.e. /var/run
> 
> Regards,
> Cris
> 
> Am 3. Februar 2017 21:04:19 MEZ schrieb Luca Dionisi
> :
> 
> What is the best place to write (and read) a temporary FIFO file from
> a confined snap application?
> This is for simple IPC between 2 processes of the same snap.
> Before attempting to snap the application I was using a fixed filename
> in /tmp. Admittedly poor solution.
> The solution should be usable also with another packaging system.
> 
> --Luca
> 
> P.S. the problem with Vala library has been solved and I was able to
> make the snap work in devmode. Now I am trying to move from devmode to
> strict.
> 
> 
> -- 
> Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail
> gesendet.
> 
> 

-- 
Snapcraft mailing list
Snapcraft@lists.snapcraft.io
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/snapcraft


Re: Where to save stuff (in snap-agnostic way)

2017-02-03 Thread Christian Dywan
Hey Luca,

I'll suggest XDG_RUNTIME_DIR i.e. /var/run 

Regards,
Cris 

Am 3. Februar 2017 21:04:19 MEZ schrieb Luca Dionisi :
>What is the best place to write (and read) a temporary FIFO file from
>a confined snap application?
>This is for simple IPC between 2 processes of the same snap.
>Before attempting to snap the application I was using a fixed filename
>in /tmp. Admittedly poor solution.
>The solution should be usable also with another packaging system.
>
>--Luca
>
>P.S. the problem with Vala library has been solved and I was able to
>make the snap work in devmode. Now I am trying to move from devmode to
>strict.
>
>-- 
>Snapcraft mailing list
>Snapcraft@lists.snapcraft.io
>Modify settings or unsubscribe at:
>https://lists.ubuntu.com/mailman/listinfo/snapcraft

-- 
Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail gesendet.-- 
Snapcraft mailing list
Snapcraft@lists.snapcraft.io
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/snapcraft