Package apparmor implements integration between snappy and snap-confine around apparmor.

configfiles is a backend that ensures that configuration files required by interfaces are present in the system.

Package dbus implements interaction between snappy and dbus.

Package kmod implements a backend which loads kernel modules on behalf of interfaces.

Package mount implements mounts that get mapped into the snap Snappy creates fstab like configuration files that describe what directories from the system or from other snaps should get mapped into the snap.

Package policy implements the declaration based policy checks for connecting or permitting installation of snaps based on their slots and plugs.

Package polkit implements interaction between snapd and polkit.

Package prompting provides common types and functions related to AppArmor prompting.

Package seccomp implements integration between snapd and snap-confine around seccomp.

Package systemd implements integration between snappy interfaces and arbitrary systemd units that may be required for "oneshot" style tasks.

Package udev implements integration between snapd, udev and snap-confine around tagging character and block devices so that they can be accessed by applications.

BeforePreparePlug sanitizes a plug with a given snapd interface.

Sanitize slot with a given snapd interface.

CurrentSystemKey calculates and returns the current system key as opaque interface{}.

IsTheSystemSnap returns true if snapName is one of the possible names for the snap representing the system.

NewConnectedPlug creates an object representing a connected plug.

NewConnectedSlot creates an object representing a connected slot.

NewConnRef creates a connection reference for given plug and slot.

NewRepository creates an empty plug repository.

NewSnapAppSet returns a new SnapAppSet for the given snap.Info.

ParseConnRef parses an ID string.

PermanentPlugServiceSnippets will return the set of snippets for the systemd service unit that should be generated for a snap with the specified plug.

RecordedSystemKey returns the system key read from the disk as opaque interface{}.

RemoveSystemKey removes the system key from the disk.

SecurityTagGlobs returns patterns that match all security tags belonging to the same snap as the given app.

SetupMany generates profiles of snaps using either SetupMany() method of the security backend (if implemented), or Setup().

StaticInfoOf returns the static-info of the given interface.

SystemKeyMismatch checks if the running binary expects a different system-key than what is on disk.

SystemKeysMatch returns whether the given system keys match.

UnmarshalJSONSystemKey unmarshalls the data from the reader as JSON into a system key usable with SystemKeysMatch.

ValidateDBusBusName checks if a string conforms to https://dbus.freedesktop.org/doc/dbus-specification.html#message-protocol-names.

WriteSystemKey will write the current system-key to disk.

SecurityAppArmor identifies the apparmor security system.

SecurityConfigfiles identifies the configfiles security system.

SecurityDBus identifies the DBus security system.

SecurityKMod identifies the kernel modules security system.

SecurityLdconfig identifies the ldconfig security system.

SecurityMount identifies the mount security system.

SecurityPolkit identifies the polkit security system.

SecuritySecComp identifies the seccomp security system.

SecuritySystemd identifies the systemd services security system.

SecurityUDev identifies the UDev security system.

ByName returns an Interface for the given interface name.

ErrSystemKeyIncomparableVersions indicates that the system-key on disk and the system-key calculated from generateSystemKey have different inputs and are therefore incomparable.

ErrSystemKeyIncomparableVersions indicates that the system-key on disk and the system-key calculated from generateSystemKey have different inputs and are therefore incomparable.

ConfinementOptions describe confinement configuration.

ConnectedPlug represents a plug that is connected to a slot.

ConnectedSlot represents a slot that is connected to a plug.

Connection represents a connection between a particular plug and slot.

ConnRef holds information about plug and slot reference that form a particular connection.

EnsureDirSpec contains the information required to ensure the existence of a directory.

Info holds information about a given interface and its instances.

InfoOptions describes options for Info.

Interfaces holds information about a list of plugs, slots and their connections.

NoPlugOrSlotError is returned by Disconnect() if either the plug or slot does no exist.

NotConnectedError is returned by Disconnect() if the requested connection does not exist.

PlugRef is a reference to a plug.

Repository stores all known snappy plugs and slots and ifaces.

SecurityBackendOptions carries extra flags that affect initialization of the backends.

SlotRef is a reference to a slot.

SnapAppSet is a helper that provides information about executable elements of a snap.

StaticInfo describes various static-info of a given interface.

SystemKeyExtraData holds information about the current state of the system key so that some values do not need to be re-checked and can thus be guaranteed to be consistent across multiple uses of system key functions.

Attrer is an interface with Attr getter method common to ConnectedSlot, ConnectedPlug, PlugInfo and SlotInfo types.

ConfigfilesUser must be implemented by Interfaces that use the configfiles backend.

ConnPlugSanitizer can be implemented by Interfaces that have reasons to sanitize their plugs specifically before a connection is performed.

Interface describes a group of interchangeable capabilities with common features.

PlugSanitizer can be implemented by Interfaces that have reasons to sanitize their plugs.

SecurityBackend abstracts interactions between the interface system and the needs of a particular security system.

SecurityBackendDiscardingLate interface may be implemented by backends that support removal snap profiles late during the very last step of the snap remove process, typically long after the SecuityBackend.Remove() has been invoked.

SecurityBackendSetupMany interface may be implemented by backends that can optimize their operations when setting up multiple snaps at once.

SideArity conveys the arity constraints for an allowed auto-connection.

SlotSanitizer can be implemented by Interfaces that have reasons to sanitize their slots.

Specification describes interactions between backends and interfaces.

SecuritySystem is a name of a security system.