snapd

The restriction of the `apps._app_name_.command` property is too strict

Bug #1820055 reported by 林博仁(Buo-ren, Lin)
26
This bug affects 5 people
Affects Status Importance Assigned to Milestone
Snapcraft
Confirmed
Undecided
Unassigned
snapd
Triaged
Medium
Unassigned

Bug Description

I'm migrating a snap with a legacy snapcraft syntax to the new one with bases, however the previous command used to launch the application:

```yaml
    command: >
      bin/zenity
        --info
        --ok-label='Got it'
        --title='My Awesome App'
        --text='This is a demonstrative application for Snapcrafters Template Plus.\nIt indicates that the snapped application has been launched properly.'
        --window-icon="${SNAP}"/snap/gui/my-awesome-app.png
        --width=600
```

no longer work and causes the following Snapcraft error message:

```
Failed to generate snap metadata: The specified command 'bin/zenity\n --info\n --ok-label=\'Got it\'\n --title=\'My Awesome App\'\n --text=\'This is a demonstrative application for Snapcrafters Template Plus.\\nIt indicates that the snapped application has been launched properly.\'\n --window-icon="${SNAP}"/snap/gui/my-awesome-app.png\n --width=600\n' defined in the app 'my-app-name' does not match the pattern expected by snapd.
The command must consist only of alphanumeric characters, spaces, and the following special characters: / . _ # : $ -
```

although this problem can be easily workarounded by using a launcher we probably should reconsider whether we should impose a restriction to this property as it can be any arbitrary string.

See original description
林博仁(Buo-ren, Lin) (buo-ren-lin)
description: updated
Sergio Schvezov (sergiusens)
Changed in snapcraft:
milestone: none → 3.4
Revision history for this message
林博仁(Buo-ren, Lin) (buo-ren-lin) wrote :

I encountered this problem again with `command: bin/guvcview --audio=pulse` (the `=` character seems to be the trigger)

Sergio Schvezov (sergiusens)
Changed in snapcraft:
milestone: 3.4 → 3.5
Revision history for this message
Sergio Schvezov (sergiusens) wrote :

We are following the snapd restrictions now for command, I will add a snapd task to sort this.

Revision history for this message
John Lenton (chipaca) wrote :

I agree we want to lift this restriction.

I don't know when we'll find the time to do it (we need to make sure we're not using the fact it's restricted anywhere -- and we probably are).

Changed in snapd:
status: New → Confirmed
Revision history for this message
Sergio Schvezov (sergiusens) wrote :

Once snapd fixes the issue, snapcraft work can being to make sure we have end to end integration. Removing from the milestone until then.

Changed in snapcraft:
status: New → Confirmed
milestone: 3.5 → none
Revision history for this message
Ian Johnson (anonymouse67) wrote :

It looks like the characters being requested here are probably:

- =
- "
- '
- {
- }

In addition, I filed 1827392 against snapd for = and :, so we would have the additional character of

- :

Samuele Pedroni (pedronis)
Changed in snapd:
status: Confirmed → Triaged
importance: Undecided → Medium
Revision history for this message
林博仁(Buo-ren, Lin) (buo-ren-lin) wrote :

I encountered this bug again:

```output
+ snapcraftctl prime
The interpreter 'python3' for 'bin/git-filter-repo' was resolved to '/usr/bin/python3'.
The command 'bin/git-filter-repo' has been changed to '/usr/bin/python3 $SNAP/bin/git-filter-repo' to safely account for the interpreter.
Failed to generate snap metadata: The specified command '/usr/bin/python3 $SNAP/bin/git-filter-repo' defined in the app 'git-filter-repo' does not match the pattern expected by snapd.
The command must consist only of alphanumeric characters, spaces, and the following special characters: / . _ # : $ -
ubuntu #
```

However, this time I failed to see any invalid characters in the `/usr/bin/python3 $SNAP/bin/git-filter-repo` which only contains alpha-numerics, space, dollar sign, and slashes.

Revision history for this message
林博仁(Buo-ren, Lin) (buo-ren-lin) wrote :

In the following build:

https://github.com/brlin-tw/snapcrafters-template-plus/actions/runs/3211397149/jobs/5249538457#step:3:1190

```
The interpreter 'bash' for 'bin/my-awesome-app' was resolved to '/bin/bash'.
The command 'bin/my-awesome-app' has been changed to '/bin/bash $SNAP/bin/my-awesome-app' to safely account for the interpreter.
Failed to generate snap metadata: The specified command '/bin/bash $SNAP/bin/my-awesome-app' defined in the app 'my-awesome-app' does not match the pattern expected by snapd.
The command must consist only of alphanumeric characters, spaces, and the following special characters: / . _ # : $ -
```

The command that triggers the error is "/bin/bash $SNAP/bin/my-awesome-app", which doesn't have any of the offending characters at all. There is a problem with the logic determining whether the command is acceptable.

Revision history for this message
林博仁(Buo-ren, Lin) (buo-ren-lin) wrote :

Forgot to put on the source that renders the result:

Source: https://github.com/brlin-tw/snapcrafters-template-plus/tree/eff7426446cb7649460efa3c1beab8e70190d1ee

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.