Comment 36 for bug 1611444

@Dave, just to give you a quick update since quite a lot has happened in this area but that may not be apparent if you are tracking 16.04.

 * snap-confine 1.0.44 was updated such that every command with a snap shares the same mount space. That fixes this bug so that different commands in a devmode snap can use 'ip netns'
 * snapd 2.17 introduced the concept of 'bidirectional mounts' which allows a snap to propagate changes to a mount point to the global namespace or other snaps, which laid the groundwork for your use cases as mentioned in comment #29
 * I've built upon this and started working on bug #1624675 for allowing different snaps to create/delete/manage network namespaces with 'ip netns' (as well as use 'ip netns exec' and also setns() to enter existing network namespaces). I'm hoping we can get this in snapd 2.20.

I suggest you also subscribe to bug #1624675.

If you are tracking 16.04, snapd 2.17.1 and snap-confine 1.0.44 are in xenial-proposed and awaiting confirmation to be released to xenial-updates. This bug will be fixed with those updates.