> For instance, kustomize as snap doesn't let you read anything outside that is not in the snap fs. Not even in --classic mode.
Classic snaps have complete access to the host filesystem. It is up to the publisher, however, to request classic confinement. If the publisher creates a `strict` snap, users cannot override this (because strict snaps would break when their container and dependencies suddenly disappear)
> for services that require mutable configuration there needs to be a way to preserve that data (I tested that nextcloud behavior more than half a year ago).
Snaps have access to multiple locations to store mutable data like `SNAP_COMMON`, `SNAP_USER_COMMON`, `SNAP_DATA` etc. Snaps can optionally also access regular directories.
Afaik, Nextcloud stores its configuration in one of those directories. I think what you experienced might be an issue with the NextCloud snap because snapd itself already supports this.
Classic snaps have complete access to the host filesystem. It is up to the publisher, however, to request classic confinement. If the publisher creates a `strict` snap, users cannot override this (because strict snaps would break when their container and dependencies suddenly disappear)
> for services that require mutable configuration there needs to be a way to preserve that data (I tested that nextcloud behavior more than half a year ago).
Snaps have access to multiple locations to store mutable data like `SNAP_COMMON`, `SNAP_USER_COMMON`, `SNAP_DATA` etc. Snaps can optionally also access regular directories.
Afaik, Nextcloud stores its configuration in one of those directories. I think what you experienced might be an issue with the NextCloud snap because snapd itself already supports this.