Confined desktop - proof of concept

As reported by @jamesh my long standing snapd PR #8699 to allow (in limited cases) snaps to launch other snaps finally landed.

That means that, on a “desktop” system it is possible to run a confined graphical shell and launch applications. I have a proof-of-concept snap that demonstrates this.

Firstly, you need the edge version of snapd (I assume this will eventually roll out with 2.52):

snap refresh --edge snapd

Then you need to install the confined-shell snap (also from edge:

snap install --edge confined-shell
/snap/confined-shell/current/bin/setup.sh

Now, if you log out and select “confined shell” when you log back in you’ll be running a confined egmde shell.

From this shell you can launch:

  1. A terminal with Ctrl-Alt-T (this is confined with the desktop, so you are not allowed to do most things you might expect); and,
  2. Using Ctrl-Alt-A run snapped applications you have installed (to appear on the desktop, these need to support Wayland). These applications will subject to their own confinement restrictions.

To repeat myself, this is a proof-of-concept. But maybe it will inspire great ideas?

13 Likes

This is super amazing! :smiley:

I think not many noticed this so far because it’s in the Mir section :roll_eyes:

It is a snap built by the Mir team using Mir. Where would you have put it? :wink:

1 Like

Same as you, but maybe, given the result and that it’s about a confined desktop, it might make sense to cross post it on desktop too, to get the visibility it deserves :blush:

1 Like

I think a wider audience would also need an explanation as to why a confined desktop shell is significant.

I do intend to write that larger article, but it should wait for the underlying snapd support to be promoted from edge. Meanwhile this POC can develop further.

2 Likes

Indeed, it definitely makes sense :blush::+1:

I would encourage a bit more words, a couple of screenshots for glamour and make this a blog post. I am willing to guess that either @igorljubuncic (as it is snap related) or @rhys-davies (as it is desktop related) would be willing to help.

2 Likes

Indeed, @alan_g if I whipped something up would you be able to provide some pretty screenshots and the like?

@rhys-davies @sergiusens this is a big topic with ill-defined edges. I’m unsure how much of it you are talking of covering.

At one extreme I talked for 90min on it a ACCU earlier this year (but that included introducing confinement and snaps to a technical audience as well as confined graphical shells). There’s a lot to be said about security models for graphical shells.

We’ve had confined shells based on Mir for five years now, this update is about using a snapd feature that has not yet been released in a proof-of-concept snap. That is a much smaller scope, and I didn’t realize the interest it would generate.

I had expected to develop the confined-shell snap into something more (suggestions and feedback welcome) and write a fuller blog about the possibilities after snapd 2.52 is released. I could write the blog now but it would work better if I understood your excitement and could convey that.

@rhys-davies, if you write something I can produce some screenshots, but in so far as things “just work” the interest is in the explanation of what is different behind the scenes not in pictures of apps working as normal. (So it would be good to see the text being illustrated first to find suitable examples.)

2 Likes