Closed Maharacha closed 1 year ago
Fantastic! Thanks for figuring out a fix :) And yeah, I think juju ssh needs to proxy through lxc and it uses the ssh-read interface to get access to your keys
I guess you also needed to add ssh-read
to your apps.jhack.plugs spec in snapcraft.yaml?
apps:
jhack:
command: bin/jhack
plugs:
- network
- network-bind
- dot-local-share-juju
- dot-config-jhack
- ssh-read
I guess you also needed to add
ssh-read
to your apps.jhack.plugs spec in snapcraft.yaml?apps: jhack: command: bin/jhack plugs: - network - network-bind - dot-local-share-juju - dot-config-jhack - ssh-read
Nope, I did not. I did exactly as in the commit. Why it worked anyway and what the implications are I don't know..
ok, found something: there seems to be a ssh-keys
interface: https://snapcraft.io/docs/ssh-keys-interface
which is what the juju snap itself uses. So it should be enough to add ssh-keys
to the app definition:
apps:
jhack:
command: bin/jhack
plugs:
- network
- network-bind
- dot-local-share-juju
- dot-config-jhack
- ssh-read
and the command should work even without adding the personal-files plug as you did. Could you try and verify? That'd spare me asking a new manual-review plug
- ssh-keys
works super! Good find!
Cool, I'll include it in the next batch of changes
Using the snap I got permission denied for operation that needs ssh access to the instances. Adding this plug to snapcraft and run
sudo snap connect jhack:ssh-read snapd
fixed it. Why do I have this problem and not others? Because I run LXC? Anyway, I don't know much about Snap and if this is a good solution or not but at least I can use this amazing tool now :smiley: