@Dave, just to give you a quick update since quite a lot has happened in this area but that may not be apparent if you are tracking 16.04.
* snap-confine 1.0.44 was updated such that every command with a snap shares the same mount space. That fixes this bug so that different commands in a devmode snap can use 'ip netns'
* snapd 2.17 introduced the concept of 'bidirectional mounts' which allows a snap to propagate changes to a mount point to the global namespace or other snaps, which laid the groundwork for your use cases as mentioned in comment #29
* I've built upon this and started working on bug #1624675 for allowing different snaps to create/delete/manage network namespaces with 'ip netns' (as well as use 'ip netns exec' and also setns() to enter existing network namespaces). I'm hoping we can get this in snapd 2.20.
If you are tracking 16.04, snapd 2.17.1 and snap-confine 1.0.44 are in xenial-proposed and awaiting confirmation to be released to xenial-updates. This bug will be fixed with those updates.
@Dave, just to give you a quick update since quite a lot has happened in this area but that may not be apparent if you are tracking 16.04.
* snap-confine 1.0.44 was updated such that every command with a snap shares the same mount space. That fixes this bug so that different commands in a devmode snap can use 'ip netns' delete/ manage network namespaces with 'ip netns' (as well as use 'ip netns exec' and also setns() to enter existing network namespaces). I'm hoping we can get this in snapd 2.20.
* snapd 2.17 introduced the concept of 'bidirectional mounts' which allows a snap to propagate changes to a mount point to the global namespace or other snaps, which laid the groundwork for your use cases as mentioned in comment #29
* I've built upon this and started working on bug #1624675 for allowing different snaps to create/
I suggest you also subscribe to bug #1624675.
If you are tracking 16.04, snapd 2.17.1 and snap-confine 1.0.44 are in xenial-proposed and awaiting confirmation to be released to xenial-updates. This bug will be fixed with those updates.