Hi all,
unfortunately I am not able to change the apparmor profile for my generated
snap packages, targeting snappy Core 16.04 (amd64-all-snap.img from 04-Feb-2016)
I generated 2 snaps with different snapraft.yaml files, and compared the
resulting appamor_package_profile located in
/var/lib/snappy/apparmor/profiles/packagename.sideload_XXXX.
Result:
The file stays the same, no matter what I adjusted in my .yaml files .....
##############
1st yaml (default permissions):
...
apps:
my_server:
command: bin/my_server.sh
daemon: simple
parts:
...
############
2nd yaml (enhanced permissions):
...
apps:
my_server:
command: bin/my_server.sh
daemon: simple
plugs: [srv]
plugs:
srv:
caps:
- network-listener
- network-service
- network-management
security-override:
properties:
read-paths:
- /run/udev/data/*
- /etc/network/interfaces.d/**
write-paths:
- /dev/ttyS0
parts:
...
With the "write-paths" I want to allow my server application to access the
serial port, not sure if this is ok that way??
I just don't want to execute the "snappy hw-assign" command on my destination
system.
Hope someone can help me further!?
Many thanks in advance,
Marco
--
snappy-devel mailing list
snappy-devel@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/snappy-devel
