Ubuntu Core
Install Ubuntu Core on KVM
Set up an Ubuntu SSO account
An Ubuntu SSO account is required to create the first user on an Ubuntu Core installation.- Start by creating an Ubuntu SSO account.
- Import an SSH Key into your Ubuntu SSO account instructions
Download Ubuntu Core
- Download the Ubuntu Core 18 image for amd64.
- You can verify the integrity of the files using the SHA256SUM and SHA256SUM.gpg files.
- Uncompress the image with the following command:
unxz ubuntu-core-18-amd64.img.xz
Install KVM
- Install the qemu-kvm package with the following command:
sudo apt install qemu-kvm
$ kvm-ok INFO: /dev/kvm exists KVM acceleration can be usedit means that Ubuntu Core will run fast on your system, taking advantage of hardware acceleration in your CPU.
Launch KVM
Launch a virtual machine with KVM,kvm -smp 2 -m 1500 -netdev user,id=mynet0,hostfwd=tcp::8022-:22,hostfwd=tcp::8090-:80 -device virtio-net-pci,netdev=mynet0 -vga qxl -drive file=ubuntu-core-18-amd64.img,format=raw
- The id option gives the name by which the virtual network device and the network backend are associated with each other. You may use any identifier you wish, such as "n" or "net0".
- sets up port forwarding You can still access one specific port on the guest machine using the "hostfwd" option.
- localhost:8022 is redirecting to port 22 of the virtual machine for accessing it through SSH
- localhost:8090 is redirecting to its port 80
First boot setup
- The system will boot then become ready to configure.
- The device will display the prompt “Press enter to configure”.
- Press enter then select “Start” to begin configuring your network and an administrator account. Follow the instructions on the screen, you will be asked to configure your network and enter your Ubuntu SSO credentials.
- At the end of the process, you will see your credentials to access your Ubuntu Core machine:
Login
Once setup is done, you can login with SSH into Ubuntu Core, using the following command:ssh -p 8022 <Ubuntu SSO user name>@localhostDuring setup, console-conf will download the SSH key registered with your Store account and configure it so you can log into the device via ssh.
There is no default ubuntu user on these images
Your virtual machine is now ready to have snaps installed, it’s time to use the snap command to install your first snap.
The Snap Store is where you can find the best Linux apps packaged as snaps to install on your Ubuntu device and get started with your secure IoT journey.
Investigate the Core Image
Volume layouts
Ubuntu Core 20 typically uses the following storage partitions:
- ubuntu-seed (role: system-seed; read-only, vfat-formatted): contains the configuration for the first-stage/recovery boot loader and at least one recovery system which is a set of snaps (base, kernel, gadget and application snaps) together with a model assertion and snap assertions that define the device and for which the device can be recovered or reinstalled.
- ubuntu-boot (role: system-boot; read-only, ext4 or vfat): contains the second-state/run bootloader and unpacked kernel(s) to boot and with initramfs which decrypts the ubuntu-data and ubuntu-save partition.
- ubuntu-save (role: system-save; writable, ext4): stores device identity backup data and data to facilitate recovery or re-install. This partition is mandatory on encrypted systems where it should have a minimum size of approximately 20+MB to handle volume and file system creation.
- ubuntu-data (role: system-data; writable, ext4): stores user and system data. This partition is often minimally sized in the image but extended during device initialisation to use all the space available.
The Original Core Image
- Download the image
$ wget https://cdimage.ubuntu.com/ubuntu-core/20/stable/current/ubuntu-core-20-amd64.img.xz
$ unxz ubuntu-core-20-amd64.img.xz
$ parted ubuntu-core-20-amd64.img WARNING: You are not superuser. Watch out for permissions. GNU Parted 3.3 Using /home/work/imgs/ubuntu-core-20-amd64.img Welcome to GNU Parted! Type 'help' to view a list of commands. (parted) unit Unit? [compact]? B (parted) print Model: (file) Disk /home/work/imgs/ubuntu-core-20-amd64.img: 3879731200B Sector size (logical/physical): 512B/512B Partition Table: gpt Disk Flags: Number Start End Size File system Name Flags 1 1048576B 2097151B 1048576B BIOS Boot bios_grub 2 2097152B 1260388351B 1258291200B fat32 ubuntu-seed boot, espFlags indicate that a certain property, characteristic, or feature is active or is present. Flags can either be on or off. If the flag is not seen, then it is off or inactive/non-existent. Certain flags are only supported on particular filesystems and partitioning tables.
- bios_grub (GPT) The partition with this flag is used as the GRUB BIOS partition. The partition usually uses about a megabytes of space and is not needed by EFI-booting systems.
- boot ([Mac, MS-DOS, GPT, PC98]) This flag indicates that the partition is bootable. On MS-DOS partitioning tables, only one partition may have this flag. However, other partitioning tables allow multiple partitions to have this flag.
- esp ([MS-DOS, GPT]) This flag indicates an UEFI System Partition. GPT uses this flag as an alias for "boot". The UEFI firmware stores files on this partition.
$ sudo mkdir /mnt/img/seed
$ sudo mount -o loop,offset=2097152 ubuntu-core-20-amd64.img /mnt/img/seed
$ tree /mnt/img/seed
/mnt/img/seed
|-- EFI
| |-- boot
| | |-- bootx64.efi
| | `-- grubx64.efi
| `-- ubuntu
| |-- grub.cfg
| `-- grubenv
|-- snaps
| |-- core20_904.snap
| |-- pc-kernel_695.snap
| |-- pc_115.snap
| `-- snapd_10707.snap
`-- systems
`-- 20210118
|-- assertions
| |-- model-etc
| `-- snaps
|-- grubenv
|-- model
`-- snaps
`-- aux-info.json
Linux Boot Process
- UEFI/BIOS When the System Boot from Firmware Interface(UEFI/BIOS), its work is to find the bootable disk.
- Bootable Disk There is a bootloader(default:grub2) on the bootable disk.
- BootLoader(GRUB2) Instead of a few bytes of assembly code for loading the operating system, each installed OS should have its own bootloader (e.g., grubx64.efi). This bootloader will have enough logic to either display some sort of boot menu or start loading an operating system.
- Kernel In the recent kernels(>2.6), the process of creating and using the initial ramdisk has been somewhat simplified:
- the files are simply collected together in an compressed CPIO file, now referred to as the initramfs instead of initrd The initramfs file is always embedded in the kernel (for all hardware platforms) even if you don't create one yourself. If you don't, a default CPIO archive is created automatically by the kernel build process.
- there is no external filesystem required at boot time for the initramfs The initramfs is unpacked in a special ramfs-based filesystem called the rootfs. The ramfs filesystem support is built into the kernel and cannot be disabled, so it's always available.
- Initramfs The kernel build process always creates a gzipped cpio format initramfs archive and links it into the resulting kernel binary.
- ubuntu-core-initramfs First, we need to build the ubuntu-core-initramfs debian package in the snappy-dev/image PPA by following these steps:
- init/systemd Init is the first process which kernel looks for(On modern Linux system it’s systemd)
- Services Systemd/Init is going to start all services
The UEFI brings the concept of the BIOS to a whole new level. Instead of a 512-byte MBR and some boot code, the UEFI, in contrast to the legacy BIOS option, knows what a filesystem is and even has its own filesystem, with files and drivers. This filesystem is typically between 200 and 500MB and formatted as FAT32.
In case of UEFI system, GPT partition table is used.
The GPT partition is part of the UEFI standard.
The general structure of the EFI filesystem means that each operating system (or vendor) has its own directory. This directory can contain any and all necessary files for loading the operating system:
|-- EFI
| |-- boot
| | |-- bootx64.efi
| | `-- grubx64.efi
| `-- ubuntu
| |-- grub.cfg
| `-- grubenv
|-- snaps
| |-- core20_904.snap
| |-- pc-kernel_695.snap
| |-- pc_115.snap
| `-- snapd_10707.snap
`-- systems
`-- 20210118
|-- assertions
| |-- model-etc
| `-- snaps
|-- grubenv
|-- model
`-- snaps
`-- aux-info.json
After the computer is booted up, the EFI partition, is mounted under the boot partition (/boot/efi)
The bootloader programs by default have the extension .efi; however, this is just convention: Bootloader files that are properly created and called work even without this extension.
The Core image's Grub will unsquashfs pc-kernel_695 snap then execute the kernel.elf:
|-- GPL-2 |-- System.map-5.4.0-67-generic |-- config-5.4.0-67-generic |-- firmware |-- kernel.elf |-- lib |-- meta |-- modules `-- snap
By default, this archive is empty (consuming 134 bytes on x86).
The config option CONFIG_INITRAMFS_SOURCE (in General Setup in menuconfig, and living in usr/Kconfig) can be used to specify a source for the initramfs archive, which will automatically be incorporated into the resulting binary. This option can point to an existing gzipped cpio archive, or a directory containing files to be archived.
init is the executable in the root of the initramfs that is executed by the kernel.
snapcore/core-initrd:
|-- COPYING
|-- LICENSE
|-- bin
| `-- ubuntu-core-initramfs
|-- crypttab
|-- debian
| |-- changelog
| |-- control
| |-- copyright
| |-- generate-x86-microcode
| |-- install
| |-- rules
| `-- source
|-- factory
| |-- bin -> usr/bin
| |-- etc
| |-- init -> usr/lib/systemd/systemd
| |-- lib -> usr/lib
| |-- lib64 -> usr/lib64
| |-- sbin -> usr/bin
| `-- usr
|-- features
| `-- server
|-- grub.cfg
|-- initramfs.debug
|-- postinst.d
| `-- ubuntu-core-initramfs
|-- snakeoil
| |-- OVMF_VARS.snakeoil.fd
| |-- PkKek-1-snakeoil.key
| `-- PkKek-1-snakeoil.pem
|-- spread.yaml
|-- tests
| |-- bin
| |-- lib
| `-- spread
`-- vendor
`-- systemd
The UC initrd is included in kernel snaps.However, the process to get it inside the kernel snap is not immediate and consists of a few steps.
After this, the initrd changes will be included in future kernel snaps releases automatically, following the usual 3 weeks cadence, as the snappy-dev PPA is included when these build happen.
Hacking generic x86 initrd
The Portable Executable (PE) format is a file format for executables, object code, DLLs and others used in 32-bit and 64-bit versions of Windows operating systems.The Common Object File Format (COFF) is a format for executable, object code, and shared library computer files used on Unix systems.
For x86, the initrd is embdded with a section in a PE+/COFF binary.
Download the snap and extract the initrd with:
$ snap download --channel=20/stable pc-kernel
$ unsquashfs -d pc-kernel pc-kernel_*.snap
$ objcopy -O binary -j .initrd pc-kernel/kernel.efi initrd.img
$ unmkinitramfs initrd.img initrd
$ tree -L 2 initrd
initrd
|-- early
| `-- kernel
`-- main
|-- bin -> usr/bin
|-- etc
|-- init -> usr/lib/systemd/systemd
|-- lib -> usr/lib
|-- lib64 -> usr/lib64
|-- sbin -> usr/bin
`-- usr
9 directories, 1 file
Then, you can change the content under initrd.After that, to repack everything,
$ cd initrd
$ find . | cpio --create --quiet --format=newc --owner=0:0 | lz4 -l -7 > ../initrd.img
$ cd -
$ sudo add-apt-repository ppa:snappy-dev/image
$ apt download ubuntu-core-initramfs
$ dpkg --fsys-tarfile ubuntu-core-initramfs_*_amd64.deb |
tar xf - ./usr/lib/ubuntu-core-initramfs/efi/linuxx64.efi.stub
$ objcopy -O binary -j .linux pc-kernel/kernel.efi linux
$ objcopy --add-section .linux=linux --change-section-vma .linux=0x2000000 \
--add-section .initrd=initrd.img --change-section-vma .initrd=0x3000000 \
usr/lib/ubuntu-core-initramfs/efi/linuxx64.efi.stub \
pc-kernel/kernel.efi
$ snap pack pc-kernel
Note that the new kernel.efi won't be signed, so Secure Boot will not be possible anymore.You can use this new kernel snap while building image, or copy it over to your device and install.
Initialized Core Image
The initialized image: ubuntu-core-20-amd64-1121.img- Dump the partition information
$ parted ubuntu-core-20-amd64-1121.img WARNING: You are not superuser. Watch out for permissions. GNU Parted 3.3 Using /home/work/imgs/ubuntu-core-20-amd64.img Welcome to GNU Parted! Type 'help' to view a list of commands. (parted) unit Unit? [compact]? B (parted) print Model: (file) DDisk /home/work/imgs/ubuntu-core-20-amd64-1121.img: 8589934592B Sector size (logical/physical): 512B/512B Partition Table: gpt Disk Flags: Number Start End Size File system Name Flags 1 1048576B 2097151B 1048576B BIOS Boot bios_grub 2 2097152B 1260388351B 1258291200B fat32 ubuntu-seed boot, esp 3 1260388352B 2046820351B 786432000B ext4 ubuntu-boot 4 2046820352B 8589917695B 6543097344B ext4 ubuntu-dataThe initialization process will generate additional 2 partitions: ubuntu-boot and ubuntu-data
/mnt/img/boot
|-- EFI
| |-- boot
| | |-- bootx64.efi
| | `-- grubx64.efi
| `-- ubuntu
| |-- grub.cfg
| |-- grubenv
| |-- kernel.efi -> pc-kernel_656.snap/kernel.efi
| `-- pc-kernel_656.snap
| `-- kernel.efi
|-- device
| `-- model
`-- lost+found [error opening dir]
/mnt/img/data
|-- lost+found [error opening dir]
|-- system-data
| |-- etc
| | |-- cloud
| | |-- dbus-1
| | |-- default
| | |-- environment
| | |-- hosts
| | |-- iproute2
| | |-- machine-id
| | |-- modprobe.d
| | |-- modules-load.d
| | |-- netplan
| | |-- network
| | |-- ssh
| | |-- sudoers.d
| | |-- sysctl.d
| | |-- systemd
| | |-- udev
| | `-- writable
| |-- root [error opening dir]
| |-- snap
| | |-- README
| | |-- bin
| | |-- core20
| | |-- pc
| | |-- pc-kernel
| | `-- snapd
| `-- var
| |-- cache
| |-- lib
| |-- log
| |-- snap
| `-- tmp
`-- user-data
`-- jerry-lee-tpe
Install Ubuntu Core successfully with these steps
Ubuntu Core is a platform that runs Docker and provides an extra level of security than a regular Linux distribution.Let's walk through the process to download, install Ubuntu Core and log in -- using VirtualBox running on an Elementary OS host as an example.
Register an account with Ubuntu's single sign-on service
Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials...Ubuntu One is the single account you use to log in to all services and sites related to Ubuntu.
Download, unpack and convert the image
NetworkManager
Introduction
NetworkManager is a system network service that manages your network devices and connections and attempts to keep network connectivity active when available. It manages:- Ethernet
- WiFi
- mobile broadband (WWAN) and PPPoE devices
- also providing VPN integration with a variety of different VPN services.
However, when NetworkManager is installed, it will take control of all networking devices in the system by creating a netplan configuration file in which it sets itself as the default network renderer.
The upstream NetworkManager project offers a wide range of features and most, but not all of them, are available in the snap package at the moment.
Currently the following high level features are provided::
- WiFi connectivity
- WWAN connectivity (together with ModemManager)
- Ethernet connectivity
- WiFi access point creation
- Shared connections
Install & Configure
Install NetworkManager
You can install the snap from the Snap Store:$ snap install network-manager network-manager (1.10/stable) 1.10.6-8 from Canonical installedCheck necessary plugs and slots are installed:
$ snap connections network-manager Interface Plug Slot Notes dbus network-manager:wpa - - firewall-control network-manager:firewall-control :firewall-control - hardware-observe network-manager:hardware-observe :hardware-observe - login-session-observe network-manager:login-session-observe :login-session-observe - modem-manager network-manager:modem-manager - - network network-manager:network :network - network-manager network-manager:nmcli network-manager:service - network-observe network-manager:network-observe :network-observe - network-setup-control network-manager:network-setup-control :network-setup-control - network-setup-observe network-manager:network-setup-observe :network-setup-observe - ppp network-manager:ppp :ppp -Once the installation has successfully finished the NetworkManager service is running in the background.
$ systemctl status snap.network-manager.networkmanager.service
● snap.network-manager.networkmanager.service - Service for snap application network-manager.networkmanager
Loaded: loaded (/etc/systemd/system/snap.network-manager.networkmanager.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2020-10-14 05:02:49 UTC; 6min ago
Main PID: 1402 (NetworkManager)
Tasks: 3 (limit: 1721)
CGroup: /system.slice/snap.network-manager.networkmanager.service
└─1402 /snap/network-manager/591/usr/sbin/NetworkManager --config-dir=/var/snap/network-manager/591/conf.d/ --config=/snap/ne
lines 1-7/7 (END)
NetworkManager and netplan
The default netplan configuration files in Ubuntu Core leave management of networking devices to networkd.
$ cat /etc/netplan/00-snapd-config.yaml
# This is the network config written by 'console-conf'
network:
ethernets:
ens3:
dhcp4: true
version: 2
But, when network-manager is installed, it creates new netplan configuration files, setting itself as the default network renderer and taking control of all devices.$ cat /etc/netplan/00-default-nm-renderer.yaml network: renderer: NetworkManagerIt is possible to control this behavior with the defaultrenderer snap option.
If defaultrenderer is set to false, network-manager reverts the netplan configuration and networkd takes control of the devices again:
snap set network-manager defaultrenderer=false
Exploring Network Status
This section shows how to use the nmcli command-line tool to examine the status of NetworkManager’s connections and devices.- Show the status of devices known to NetworkManager
$ nmcli d
DEVICE TYPE STATE CONNECTION
eth0 ethernet connected netplan-eth0
lo loopback unmanaged --
$ nmcli d --help
Usage: nmcli device { COMMAND | help }
COMMAND := { status | show | set | connect | reapply | modify | disconnect | delete | monitor | wifi | lldp }
...
$ nmcli c
NAME UUID TYPE DEVICE
netplan-eth0 75a1216a-9d1a-30cd-8aca-ace5526ec021 ethernet eth0
$ nmcli r
WIFI-HW WIFI WWAN-HW WWAN
enabled enabled enabled enabled
Configure WiFi Connections
Configure WiFi Access Points
Configure Cellular Connections
Configure shared connections
Edit Network Connections
This section shows how to use the network-manager built-in editor.Routing Tables
Logging Messages
Enable Debug Support
- Using nmcli Console The network-manager offers a built-in, interactive console to manage and modify the network connections.
$ nmcli c
NAME UUID TYPE DEVICE
netplan-eth0 75a1216a-9d1a-30cd-8aca-ace5526ec021 ethernet eth0
$ nmcli connection edit type ethernet
You may edit the following settings: connection, 802-3-ethernet (ethernet), 802-1x, dcb, ipv4, ipv6, tc, proxy
nmcli> ?
From now on it is possible to edit the connection settings. The list of settings can be provided by
nmcli> print all
$ nmcli c show netplan-eth0
For example for DHCP4 settings one would do:
$ nmcli c show netplan-eth0 | grep DHCP
DHCP4.OPTION[1]: requested_domain_search = 1
DHCP4.OPTION[2]: requested_broadcast_address = 1
DHCP4.OPTION[3]: requested_time_offset = 1
DHCP4.OPTION[4]: requested_rfc3442_classless_static_routes = 1
DHCP4.OPTION[5]: requested_domain_name = 1
DHCP4.OPTION[6]: requested_wpad = 1
DHCP4.OPTION[7]: expiry = 1602738172
DHCP4.OPTION[8]: requested_dhcp_server_identifier = 1
DHCP4.OPTION[9]: requested_interface_mtu = 1
DHCP4.OPTION[10]: requested_subnet_mask = 1
DHCP4.OPTION[11]: routers = 10.0.2.2
DHCP4.OPTION[12]: ip_address = 10.0.2.15
DHCP4.OPTION[13]: requested_domain_name_servers = 1
DHCP4.OPTION[14]: requested_static_routes = 1
DHCP4.OPTION[15]: subnet_mask = 255.255.255.0
DHCP4.OPTION[16]: requested_nis_servers = 1
DHCP4.OPTION[17]: requested_ntp_servers = 1
DHCP4.OPTION[18]: domain_name_servers = 10.0.2.3
DHCP4.OPTION[19]: requested_routers = 1
DHCP4.OPTION[20]: requested_ms_classless_static_routes = 1
DHCP4.OPTION[21]: requested_nis_domain = 1
DHCP4.OPTION[22]: requested_host_name = 1
The settings can be modified in the form:
$ nmcli c modify <connectionname> <property> <value>
Snap documentation
Snaps are app packages:- snap is both the command line interface and the application package format
- snapd is the background service that manages and maintains your snaps
- snapcraft is the command and the framework used to build your own snaps
- Snap Store provides a place to upload your snaps, and for users to browse and install
Discovering snap
Getting started
Discover how snaps are used, installed, updated, removed and managed- Install snapd You can check both the snapd daemon manages and the snap tool are installed by attempting to run snap version on the command line:
$ snap version snap 2.47.1 snapd 2.47.1 series 16 ubuntu 18.04 kernel 5.4.0-52-generic
$ snap find "media player" Name Version Publisher Notes Summary vlc 3.0.11 videolan✓ - The ultimate media player ...The ✓ in the above output indicates that the snap publisher has been verified.
$ snap info vlc
name: vlc
summary: The ultimate media player
publisher: VideoLAN✓
store-url: https://snapcraft.io/vlc
contact: https://www.videolan.org/support/
license: GPL-2.0+
description: |
VLC is the VideoLAN project's media player.
Completely open source and privacy-friendly, it plays every multimedia file and streams.
It notably plays MKV, MP4, MPEG, MPEG-2, MPEG-4, DivX, MOV, WMV, QuickTime, WebM, FLAC, MP3,
Ogg/Vorbis files, BluRays, DVDs, VCDs, podcasts, and multimedia streams from various network
sources. It supports subtitles, closed captions and is translated in numerous languages.
snap-id: RT9mcUhVsRYrDLG8qnvGiy26NKvv6Qkd
channels:
latest/stable: 3.0.11 2020-06-16 (1700) 304MB -
latest/candidate: 3.0.11 2020-06-05 (1700) 304MB -
latest/beta: 3.0.11.1-121-g783af06b68 2020-11-01 (1988) 309MB -
latest/edge: 4.0.0-dev-13811-ga59d7c3ce6 2020-11-01 (1987) 356MB -
A channel is composed of tracks, risk-levels and branches:
<track>/<risk>/<branch>
- Tracks All snaps have a default track, the default track is called latest. Tracks are listed in the channels section of the output from snap info:
$ snap info skype
...
channels:
latest/stable: 8.65.0.78 2020-10-13 (156) 188MB classic
latest/candidate: ↑
latest/beta: ↑
latest/edge: ↑
insider/stable: 8.66.76.49 2020-10-16 (157) 188MB classic
insider/candidate: ↑
insider/beta: ↑
insider/edge: ↑
Microsoft’s Skype snap is a good example of how tracks can be used. It contains two tracks, the default latest track for the majority of users and an insider track for Microsoft’s QA team.- stable
- candidate updates prior to stable deployment
- beta for users wanting to test the latest features
- edge for users wanting to closely track development.
$ sudo sudo snap install vlcUse the --channel=<track>/<risk>/<branch> option to select a different risk-level.
$ sudo snap switch --channel=stable vlc
$ snap list Name Version Rev Tracking Publisher Notes core 16-2.47.1 10185 latest/stable canonical✓ core core18 20200929 1932 latest/stable canonical✓ base gnome-3-26-1604 3.26.0.20200529 100 latest/stable/… canonical✓ - gnome-3-34-1804 0+git.3556cb3 60 latest/stable canonical✓ - gnome-calculator 3.38.0+git7.c840c69c 826 latest/stable/… canonical✓ - gnome-characters v3.34.0+git9.eeab5f2 570 latest/stable/… canonical✓ - gnome-logs 3.34.0 100 latest/stable/… canonical✓ - gnome-system-monitor 3.36.0-12-g35f88a56d7 148 latest/stable/… canonical✓ - gtk-common-themes 0.1-36-gc75f853 1506 latest/stable/… canonical✓ -
$ sudo snap refresh vlc
- Version The version is a string that was assigned to a project by its developers.
- Revision The revision is an automatic number assigned by the Snap store, giving the snap it a unique identity within the channel.
$ snap list --all core18 Name Version Rev Tracking Publisher Notes core18 20200724 1885 latest/stable canonical✓ base,disabled core18 20200929 1932 latest/stable canonical✓ base
This avoids having to remove and reinstall them in the system
$ sudo snap disable vlc vlc disabled $ sudo snap enable vlc vlc enabled
$ sudo snap remove vlc vlc removed
Installing snap
Snaps can be used on all major Linux distributions, including Ubuntu, Linux Mint, Debian and Fedora.Users can browse and install snaps graphically in the Snap Store or from the command-line.
Channels
Get the latest stable releases of your favourite software, or run cutting edge versions.Advanced features
Managing updates
Snaps update automatically, the snapd daemon checks for updates 4 times a day. Each update check is called a refresh.But, you can also manually control when and how often.
Note: Snaps running in devmode, or installed locally, are typically intended for testing and do not update automatically until they’ve been published and downloaded from the store.
- Manually updating snaps An update refresh can be initiated with the
$ sudo snap refreshTo see when the last refresh occurred and when the next is scheduled:
$ sudo snap refresh --time timer: 00:00~24:00/4 last: today at 08:30 CST next: today at 12:38 CSTTo see which snaps are going to be updated with the next refresh,
$ sudo snap refresh --list
These options are changed with the set, get and can be unset commands, but with a target of system instead of a specific snap.
There are 4 system-wide options that are used to manage how updates are handed:
- refresh.timer Define the refresh frequency and schedule
$ sudo snap changes ID Status Spawn Ready Summary 1 Done 12 days ago, at 22:18 CST yesterday at 17:33 CST Initialize system state 2 Done yesterday at 17:33 CST yesterday at 17:34 CST Initialize device 3 Done today at 08:30 CST today at 08:31 CST Auto-refresh snap "core18" 4 Done today at 08:59 CST today at 08:59 CST Refresh all snaps: no updates
Snapshots
Save, backup and restore the state of one or more installed snaps.Snapshots are generated manually with the snap save command and automatically when a snap is removed (requires snapd 2.39+).
$ sudo snap save Set Snap Age Version Rev Size Notes 1 core18 56ms 20200929 1932 125B - 1 gnome-3-34-1804 74ms 0+git.3556cb3 60 122B - 1 gtk-common-themes 64ms 0.1-36-gc75f853 1506 124B - 1 snap-store 85ms 3.36.0-82-g80486d0 481 124B - 1 snapd 94ms 2.47.1 9721 125B -
- Set Each snapshot has a unique ID, or revision, shown in the Set column above. This value is unique to each save operation, regardless of the number of snaps it includes.
- Age is the period of time since the snapshot was created
- Version and Rev refer to the specific snap at the time of the snapshot.
- Size is the amount of storage used by a snapshot.
$ sudo snap saved Set Snap Age Version Rev Size Notes 1 core18 7.55s 20200929 1932 125B - 1 gnome-3-34-1804 7.57s 0+git.3556cb3 60 122B - 1 gtk-common-themes 7.56s 0.1-36-gc75f853 1506 124B - 1 snap-store 7.58s 3.36.0-82-g80486d0 481 124B - 1 snapd 7.59s 2.47.1 9721 125B -To verify the integrity of a snapshot,
$ sudo snap check-snapshot 1 Snapshot #1 verified successfully.To restore from the specified snapshot:
$ sudo snap restore 1To removes a snapshot from local storage:
$ sudo snap forget 1
Parallel installs
Install more than one version of the same snap on your system.Building your own snaps
Snapcraft overview
Learn how to Install snapcraft and build your first snaps.Snapcraft is a powerful and easy to use command line tool for building snaps:
- build and then publish your snaps on the Snap store
- use channels, tracks and branches to finely control updates and releases
- build and debug snaps within a confined environment
- update and iterate over new builds without rebuilding the environment
- test and share your snaps locally
$ sudo snap install snapcraft --classic snapcraft 4.3 from Canonical✓ installed $ sudo snap list Name Version Rev Tracking Publisher Notes ... snapcraft 4.3 5472 latest/stable canonical✓ classic snapd 2.47.1 9721 latest/stable canonical✓ snapdAt the heart of the snapcraft build process is a file called snapcraft.yaml.
This file describes
- a snap’s build dependencies and run-time requirements
- remote repositories and extensions to be integrated
- custom scripts and hooks to be run for better integration with CI systems
- Create a snapcraft.yaml template
snapcraft init
This creates a buildable snapcraft.yaml template within a snap sub-directory relative to your current filesystem location.
- The top-level keys and values in snapcraft.yaml The top-level keys and values in snapcraft.yaml provide the snap build process, and the store, with the overarching details of a snap.
- parts They are used to declare pieces of code that will be pulled into your snap package. The parts keys and values in snapcraft.yaml detail how parts are configured and built by the snapcraft command.
- plugins Plugins are used by the snapcraft command to build a snap from parts defined within snapcraft.yaml.
Plugins when working with projects written in a specific language or with a specific set of build tools, all of which can be listed with the following command:
$ snapcraft list-plugins
Displaying plugins available for 'core20'
autotools catkin catkin-tools cmake colcon dump go make meson nil npm python rust
Further information about any specific plugin can be obtained by typing snapcraft help:
$ snapcraft help make
Displaying help for the 'make' plugin for 'core20'.
The make plugin is useful for building make based parts.
...
To see which interfaces a snap is using, and which interfaces it could use but isn’t, type
$ snap connections snap-store
Interface Plug Slot Notes
appstream-metadata snap-store:appstream-metadata :appstream-metadata -
...
x11 snap-store:x11 :x11 -
snapcraft --debugThe build process will proceed through the Snapcraft lifecycle, installing and building your project’s dependencies, as described by your snapcraft.yaml.
After a snap has been built, it can be installed locally with the --dangerous and --devmode flags, enabling your unsigned and unconfined snap to be installed.
Creating a snap
Step-by-step guides for Python, Go, Electron, pre-built binaries and more.You can create snaps from apps you’ve already built and zipped, or from your preferred programming language or framework.
Snapcraft bundles necessary libraries required by the application, and can configure the environment for confinement of applications for end user. Developers can ensure their application is delivered pre-packaged with libraries which will not be replaced or superseded by a distribution vendor.
The following is an outline of the typical snap build process, which you can step through to create your snap:
- Create a checklist Better understand your snap’s requirements.
- Create a snapcraft.yaml file Describes your snap’s build dependencies and run-time requirements.
- Add interfaces to your snap Share system resources with your snap, and from one snap to another
- Publish and share Put your snap on the Snap Store to reach an audience of millions
Snaps bundle the exact version of whatever is required, along with all of your app’s dependencies, they can be binaries or system libraries.
- snapcraft.yaml for DOSBox
name: dosbox version: "0.74-svn" summary: DOS emulator description: | DOSBox is a x86 emulator with Tandy/Hercules/ CGA/EGA/VGA/SVGA graphics sound and DOS. It's been designed to run old DOS games under platforms that don't support it. confinement: devmode base: core18 parts: dosbox: plugin: autotools source-type: tar source: http://source.dosbox.com/dosboxsvn.tgz build-packages: - g++ - make - libsdl1.2-dev - libpng-dev - libsdl-net1.2-dev - libsdl-sound1.2-dev - libasound2-dev stage-packages: - libsdl-sound1.2 ... - zlib1g apps: dosbox: command: dosbox environment: "LD_LIBRARY_PATH": "$SNAP/usr/lib/$SNAPCRAFT_ARCH_TRIPLET/pulseaudio" "DISABLE_WAYLAND": "1"
- Metadata This data is used in the presentation of your app in the Snap Store:
- name The name must be unique in the Snap Store.Valid snap names consist of lower-case alphanumeric characters and hyphens.
- version Versions carry no semantic meaning in snaps.
- summary This can not exceed 79 characters.
- base The base keyword defines a run-time environment with a minimal set of libraries that are common to most applications.
- confinement A snap’s confinement level is the degree of isolation it has from your system.
- Strict Strictly confined snaps run in complete isolation, strictly confined snaps can not access your files, network, processes or any other system resource without requesting specific access via an interface.
- Classic Allows access to your system’s resources in much the same way traditional packages do.
- Devmode A devmode snap runs as a strictly confined snap with full access to system resources, and produces debug output to identify unspecified interfaces.
- parts Parts define how to build your app. It describes how to import, and potentially build, each required part of the snap
- plugin In this case, autotools (configure and make) is used to build the part.
- source-type
- source
- build-packages The dependencies listed are installed before building the part.
- stage-packages These are the packages required to run the app.
- apps Apps are the commands and services exposed to end users.
- command If your command name matches the snap name, users will be able run the command directly.
- environment You can also make adjustments to the run time environment.
core18 is the current standard base for snap building and is based on Ubuntu 18.04 LTS.
Strict confinement uses security features of the Linux kernel to prevent applications and services accessing the wider system.
Installation requires the --classic command line argument.
Installation requires the --devmode command line argument.
To see which installed snaps are using classic confinement, look for classic under the Notes column in the output of snap list.
Parts can be anything(programs, libraries, or other assets needed to create and run your application) needed to create and run your application.
In this case we have only one part: dosbox:
If the names differ, then apps are prefixed with the snap name.
$ sudo snapcraft --debug
...
Snapped dosbox_0.74-svn_amd64.snap
After a snap has been built, it can be installed locally with the --dangerous and --devmode flags, enabling your unsigned and unconfined snap to be installed.
$ sudo snap install dosbox_0.74-svn_amd64.snap
error: cannot find signatures with metadata for snap "dosbox_0.74-svn_amd64.snap"
$ sudo snap install dosbox_0.74-svn_amd64.snap --devmode --dangerous
dosbox 0.74-svn installed
You can then try it out:
$ dosbox
Removing the snap is simple too:
$ sudo snap remove dosbox
You can clean up the build environment with the following command:
$ snapcraft clean
- create an account on the dashboard
- Login with your Ubuntu One e-mail address and password.
$ snapcraft login Enter your Ubuntu One e-mail address and password. ... Login successful.
Note, the name in your snapcraft.yaml need to match this registered name, run snapcraft again.
$ snapcraft upload --release=edge mysnap_*.snap
留言