On 20/01/17 08:03, Luca Dionisi wrote: > If I understand it correctly, an unconfined app will be able in the > system > to do whatever my standard user would be able to. For instance, if I > log into my ubucore16 (the name of my KVM instance) and issue: > sudo sysctl net.ipv4.ip_forward=1 > -or- > sudo ip address add 10.0.0.10 dev eth0 > it reports success. Thus, if I run an unconfined app which tries to do the > same it will succeed. Whilst a strictly confined app would not, if it is > not hooked to a certain capability. > So far, so good?
Ubuntu Core is confined-snaps-only. Ubuntu Classic allows less confined snaps. The commands you're wanting to run should be fine, though, with the right interfaces in place for your confined snap on Ubuntu Core. I think you meant that when you said 'hooked for a certain capability'. The devmode confinement should also be a useful workaround in your development process. Mark -- Snapcraft mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/snapcraft
