Hi Luke I think it's https://en.wikipedia.org/wiki/Seccomp seccomp-bpf that you're looking for, and snapd can configure that just as it does apparmor, based on the plug/slot interfaces declared by the snaps. Jamie will know more.
Mark On 13/07/16 20:06, Luke Yelavich wrote: > Hey folks. > I am working on a cdparanoia snap. CDParanoia requires read/write access to > the optical drive, From what I have gathered from the cdparanoia code, > read/write access is required for detection of the drive/kernel interface, > i.e SG IO, etc, and extraction/reading can be done read-only. > > I am wondering whether it is possible to add read/write support to the > optical-drive interface for a selection of ioctls, I think only one at this > point... If so, could someone point me to a document that explains the syntax > for aparmor etc to implement this? I'll be of course happy to propose a merge > to snapd for the optical-drive interface once I have identified the ioctls > required by cdparanoia. > > I think this is worth doing because lots of software uses cdparanoia for > reading/extraction, both the cdparanoia library and the command-line utility, > gstreamer included. > > Of course, if folks feel that another interface is a better solution, I'm up > for that as well. > > Thanks in advance. > > Luke > -- Snapcraft mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/snapcraft
