我们知道在我们snap应用中,我们可以通过定义plug来访问我们所需要的资源.在一个snap包中,我们也可以定义许多的应用,每个应用可以分别定义自己的plug.假如一个Snap包有一个plug是共同的,那么,我们有上面办法来定义一个全局的plug,这样所有的在同一个包中的所有的snap应用都可以同时拥有这个plug.这个到底怎么做呢?
关于snap中的interface及plug概念,请参阅我之前的文章"安装snap应用到Ubuntu 16.4桌面系统"(http://www.linuxdiyf.com/linux/22311.html).
最近,我读了一篇关于snap interface的文章.很受启发.其中有一段非常有意思的一段话:
Note that only the links app refers to plugs, the bookmarks app does not. If a plug or slot is declared in a snap, but not associated with a specific application they will be implicitly bound to all apps. When a plug or slot is specified by one or more apps, as in the above example, it will be bound only to those applications. Compare that to the following code:
它的意思就是如果我们在我们的snapcraft.yaml中定义一个plug,但是它不被任何的应用所应用,那么它隐含地就是所有的应用都有这个plug.
我们拿我们的例程https://github.com/liu-xiao-guo/helloworld-plug为例,我们定义如下:
name: hello-xiaoguo
version: "1.0"
architectures: [ all ]
summary: The 'hello-world' of snaps
description: |
This is a simple snap example that includes a few interesting binaries
to demonstrate snaps and their confinement.
* hello-world.env - dump the env of commands run inside app sandbox
* hello-world.evil - show how snappy sandboxes binaries
* hello-world.sh - enter interactive shell that runs in app sandbox
* hello-world - simply output text
confinement: strict
type: app #it can be gadget or framework
apps:
env:
command: bin/env
evil:
command: bin/evil
sh:
command: bin/sh
hello-world:
command: bin/echo
createfile:
command: bin/createfile
createfiletohome:
command: bin/createfiletohome
writetocommon:
command: bin/writetocommon
plugs:
home:
interface: home
parts:
hello:
plugin: copy
files:
./bin: bin
在上面的snapcraft.yaml文件中,我们写了如下的句子:
plugs:
home:
interface: home
由于在我们的任何一个应用中都没有引用home plug,所有这个plug将被定义为包级的plug,也就是说所有的app都享有这个plug.我们可以做一个简单的测试.我们安装好我们的hello snap后,执行如下的命令:
liuxg@liuxg:~$ hello-xiaoguo.createfiletohome
Hello a nice World!
This example demonstrates the app confinement
This app tries to write to its own user directory
Succeeded! Please find a file created at /home/liuxg/snap/hello-xiaoguo/x1/test.txt
If do not see this, please file a bug
我们的createtohome脚本如下:
#!/bin/sh
set -e
echo "Hello a nice World!"
echo "This example demonstrates the app confinement"
echo "This app tries to write to its own user directory"
echo "Haha" > /home/$USER/test.txt
echo "Succeeded! Please find a file created at $HOME/test.txt"
echo "If do not see this, please file a bug"
显然它向home里写入一个叫做test.txt的文件.我们的写入操作是成功的.
从我们的文件目录中,我们可以看出来我们刚刚创建的文件test.txt.细心的开发者也可以出去上面定义的plug,在试一试是否成功?