What happened?
Hi @diddledani
This is probably more of a discussion point, than a bug, as such. The answer may be that the current setting is the most correct after all.
First of all , full disclaimer, I am having to use a forked version of this repo. This is due to some internal reasons that wouldn't make sense to try and accommodate in this project directly. But I'm keeping it in sync as much as is practical. As it's a fork, we have also added the possibility to run snapcraft as non root user, because we are using the docker image to run locally sometimes as well as in CI, and on your own local host it's more secure and practical to use non root. [ Actually, I guess the non-root feature could be up-streamed if it was useful :) ]
The problem
It seems that for core22 snaps, setting SNAPCRAFT_MANAGED_MODE=y has some subtly different effects than < core22. The problem I found is that it seems to enforce setting /root as the home path, which doesn't work well when the users is not root.
https://github.com/snapcore/snapcraft/blob/main/snapcraft/utils.py#L167-L169
https://github.com/snapcore/snapcraft/blob/main/snapcraft/parts/lifecycle.py#L664-L667
I can of course simply change this for non-root users only in our fork, by setting SNAPCRAFT_MANAGED_MODE=n in that case. However, there are other benefits in CI environments of not using /root for the rest of the project components, ans so am wondering if change to SNAPCRAFT_MANAGED_MODE=n wholesale for every scenario makes more sense.
Also worth noting we are running with --destructive-mode
Any thoughts ? Is setting SNAPCRAFT_MANAGED_MODE=y needed for any other reason ?
What should have happened?
perhaps SNAPCRAFT_MANAGED_MODE=n should be set ?
Output of snap info $snap_name
Output of snap connections $snap_name
Output of snap version
Relevant log output
No response
Teminal output of app
No response
What happened?
Hi @diddledani
This is probably more of a discussion point, than a bug, as such. The answer may be that the current setting is the most correct after all.
First of all , full disclaimer, I am having to use a forked version of this repo. This is due to some internal reasons that wouldn't make sense to try and accommodate in this project directly. But I'm keeping it in sync as much as is practical. As it's a fork, we have also added the possibility to run snapcraft as non root user, because we are using the docker image to run locally sometimes as well as in CI, and on your own local host it's more secure and practical to use non root. [ Actually, I guess the non-root feature could be up-streamed if it was useful :) ]
The problem
It seems that for core22 snaps, setting
SNAPCRAFT_MANAGED_MODE=yhas some subtly different effects than < core22. The problem I found is that it seems to enforce setting/rootas the home path, which doesn't work well when the users is not root.https://github.com/snapcore/snapcraft/blob/main/snapcraft/utils.py#L167-L169
https://github.com/snapcore/snapcraft/blob/main/snapcraft/parts/lifecycle.py#L664-L667
I can of course simply change this for non-root users only in our fork, by setting
SNAPCRAFT_MANAGED_MODE=nin that case. However, there are other benefits in CI environments of not using/rootfor the rest of the project components, ans so am wondering if change toSNAPCRAFT_MANAGED_MODE=nwholesale for every scenario makes more sense.Also worth noting we are running with
--destructive-modeAny thoughts ? Is setting
SNAPCRAFT_MANAGED_MODE=yneeded for any other reason ?What should have happened?
perhaps SNAPCRAFT_MANAGED_MODE=n should be set ?
Output of
snap info $snap_nameOutput of
snap connections $snap_nameOutput of
snap versionRelevant log output
No response
Teminal output of app
No response