apparmor policy forbids using /tmp

Alternatively, the generated snappy-bin/ wrapper needs to uncomment the TMPDIR and make sure that the directory actually exists.

Turns out ROS isn't respecting $TMPDIR (nor $TEMPDIR), so that wouldn't even help. I think a more robust alternative would be to mount a private /tmp into an app's mout namespace?

This will be part of the new ubuntu-snap-launcher.

clearly a problem for our sourceries story; marking as devel and security XP; however, I beleive we should give apps their own confinded tmp space; lets check our FHS story and see what is missing or if there is just magic making apps find the right place...

Allowing access to /tmp/** breaks application isolation which is why we don't allow it now. We agreed in Cape Town that the temp dir handling will be done by the launcher.

In the short term, that should be done by having the current launcher script set TMPDIR and make sure it exists. When the actual launcher is in place, the plan is to setup an overlayfs on /tmp, however the viability of using overlayfs in this capacity is still in question (investigations are still happening as of today), so an alternative may need to be put in place.

If neither of the above is feasible for ROS in the shortest of terms, we can *temporarily* relax our policy until we have the full story in place.

Unfortunately $TMPDIR nor $TEMPDIR don't work for ROS. The README.md has a workaround how to locally allow this in the apparmor policy.

We should extend our FHS spec to include a TMP dir tjhat we set properly?

we can either add a SNAPP_TMPDIR and then apps can make their own wrapper or we just set TMPDIR directly also for those that honour that practice.

I would suggest that if noone else thinks different we just do /tmp/snapps/app/version/ ... and ensure that this is set.

I would say what I say is in line with current spirit. later overlayfs will sovlve these things, but for now, lets do that. jdstrand/mvo, who needs to do what task?

ok lets spec it in the way above:

+ [mvo] add app tmp dir to FHS spec: /tmp/snapps/app/version/
+ [mvo] snappy will create that dir if not exist
+ [jdstrand] apparmor default policy will allow the binaries access to their own tmp dir
+ [mvo] snappy will set SNAPP_TMPDIR, TMPDIR and TEMPDIR to that directory for max convenience.

also:
 + [pitti] to fix stuff so it honours that.

This bug was fixed in the package apparmor-easyprof-ubuntu-snappy - 1.3.6

---------------
apparmor-easyprof-ubuntu-snappy (1.3.6) vivid; urgency=medium

  * ubuntu-snappy/default (LP: #1400320): add access to app-specific temporary
    temp dir (/tmp/snapps/@{APP_PKGNAME}/@{APP_VERSION})
 -- Jamie Strandboge <email address hidden> Thu, 15 Jan 2015 15:49:14 -0600

> + [pitti] to fix stuff so it honours that.

Wrt. the ROS tutorial: I filed the problem and solution upstream: https://github.com/ros/catkin/issues/710
I applied the fix in the snap build script: https://bazaar.launchpad.net/~snappy-dev/snappy-hub/ros-tutorials/revision/10