github.com/kubiko/snapd@v0.0.0-20201013125620-d4f3094d9ddf/interfaces/builtin/system_packages_doc.go

github.com/kubiko/snapd@v0.0.0-20201013125620-d4f3094d9ddf/interfaces/builtin/system_packages_doc.go (about)

     1  // -*- Mode: Go; indent-tabs-mode: t -*-
     2  
     3  /*
     4   * Copyright (C) 2020 Canonical Ltd
     5   *
     6   * This program is free software: you can redistribute it and/or modify
     7   * it under the terms of the GNU General Public License version 3 as
     8   * published by the Free Software Foundation.
     9   *
    10   * This program is distributed in the hope that it will be useful,
    11   * but WITHOUT ANY WARRANTY; without even the implied warranty of
    12   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    13   * GNU General Public License for more details.
    14   *
    15   * You should have received a copy of the GNU General Public License
    16   * along with this program.  If not, see <http://www.gnu.org/licenses/>.
    17   *
    18   */
    19  
    20  package builtin
    21  
    22  import (
    23  	"github.com/snapcore/snapd/interfaces"
    24  	"github.com/snapcore/snapd/interfaces/apparmor"
    25  	"github.com/snapcore/snapd/interfaces/mount"
    26  	"github.com/snapcore/snapd/osutil"
    27  )
    28  
    29  const systemPackagesDocSummary = `allows access to documentation of system packages`
    30  
    31  const systemPackagesDocBaseDeclarationSlots = `
    32    system-packages-doc:
    33      allow-installation:
    34        slot-snap-type:
    35          - core
    36      deny-auto-connection: true
    37  `
    38  
    39  const systemPackagesDocConnectedPlugAppArmor = `
    40  # Description: can access documentation of system packages.
    41  
    42  /usr/share/doc/{,**} r,
    43  `
    44  
    45  type systemPackagesDocInterface struct {
    46  	commonInterface
    47  }
    48  
    49  func (iface *systemPackagesDocInterface) AppArmorConnectedPlug(spec *apparmor.Specification, plug *interfaces.ConnectedPlug, slot *interfaces.ConnectedSlot) error {
    50  	spec.AddSnippet(systemPackagesDocConnectedPlugAppArmor)
    51  	emit := spec.AddUpdateNSf
    52  	emit("  # Mount documentation of system packages\n")
    53  	emit("  mount options=(bind) /var/lib/snapd/hostfs/usr/share/doc/ -> /usr/share/doc/,\n")
    54  	emit("  remount options=(bind, ro) /usr/share/doc/,\n")
    55  	emit("  umount /usr/share/doc/,\n")
    56  	return nil
    57  }
    58  
    59  func (iface *systemPackagesDocInterface) MountConnectedPlug(spec *mount.Specification, plug *interfaces.ConnectedPlug, slot *interfaces.ConnectedSlot) error {
    60  	return spec.AddMountEntry(osutil.MountEntry{
    61  		Name:    "/var/lib/snapd/hostfs/usr/share/doc",
    62  		Dir:     "/usr/share/doc",
    63  		Options: []string{"bind", "ro"},
    64  	})
    65  }
    66  
    67  func init() {
    68  	registerIface(&systemPackagesDocInterface{
    69  		commonInterface: commonInterface{
    70  			name:                 "system-packages-doc",
    71  			summary:              systemPackagesDocSummary,
    72  			implicitOnClassic:    true,
    73  			baseDeclarationSlots: systemPackagesDocBaseDeclarationSlots,
    74  		},
    75  	})
    76  }