diff --git a/cmd/Makefile.am b/cmd/Makefile.am
index 6eb37fd87b5..6958f446add 100644
--- a/cmd/Makefile.am
+++ b/cmd/Makefile.am
@@ -226,6 +226,8 @@ snap_confine_snap_confine_SOURCES = \
snap-confine/ns-support.h \
snap-confine/snap-confine-args.c \
snap-confine/snap-confine-args.h \
+ snap-confine/snap-confine-invocation.c \
+ snap-confine/snap-confine-invocation.h \
snap-confine/snap-confine-invocation.h \
snap-confine/snap-confine.c \
snap-confine/udev-support.c \
diff --git a/cmd/snap-confine/snap-confine-invocation.c b/cmd/snap-confine/snap-confine-invocation.c
new file mode 100644
index 00000000000..d8814a76c2f
--- /dev/null
+++ b/cmd/snap-confine/snap-confine-invocation.c
@@ -0,0 +1,71 @@
+/*
+ * Copyright (C) 2019 Canonical Ltd
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 3 as
+ * published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see .
+ *
+ */
+
+#include "snap-confine-invocation.h"
+
+#include
+
+#include "../libsnap-confine-private/snap.h"
+#include "../libsnap-confine-private/utils.h"
+
+void sc_init_invocation(sc_invocation * inv, const struct sc_args *args,
+ const char *snap_instance)
+{
+ /* Snap instance name is conveyed via untrusted environment. It may be
+ * unset (typically when experimenting with snap-confine by hand). It
+ * must also be a valid snap instance name. */
+ if (snap_instance == NULL) {
+ die("SNAP_INSTANCE_NAME is not set");
+ }
+ sc_instance_name_validate(snap_instance, NULL);
+
+ /* The security tag is conveyed via untrusted command line. It must be
+ * in agreement with snap instance name and must be a valid security
+ * tag. */
+ const char *security_tag = sc_args_security_tag(args);
+ if (!verify_security_tag(security_tag, snap_instance)) {
+ die("security tag %s not allowed", security_tag);
+ }
+
+ /* The base snap name is conveyed via untrusted, optional, command line
+ * argument. It may be omitted where it implies the "core" snap is the
+ * base. */
+ const char *base_snap_name = sc_args_base_snap(args) ? : "core";
+ sc_snap_name_validate(base_snap_name, NULL);
+
+ /* The executable is conveyed via untrusted command lne. It must be set
+ * but cannot be validated further than that at this time. It might be
+ * arguable to validate it to be snap-exec in one of the well-known
+ * locations or one of the special-cases like strace / gdb but this is
+ * not done at this time. */
+ const char *executable = sc_args_executable(args);
+ /* TODO: validate NULL */
+
+ /* Invocation helps to pass relevant data to various parts of snap-confine. */
+ memset(inv, 0, sizeof *inv);
+ inv->base_snap_name = base_snap_name;
+ inv->executable = executable;
+ inv->security_tag = security_tag;
+ inv->snap_instance = snap_instance;
+ inv->classic_confinement = sc_args_is_classic_confinement(args);
+
+ debug("security tag: %s", inv->security_tag);
+ debug("executable: %s", inv->executable);
+ debug("confinement: %s",
+ inv->classic_confinement ? "classic" : "non-classic");
+ debug("base snap: %s", inv->base_snap_name);
+}
diff --git a/cmd/snap-confine/snap-confine-invocation.h b/cmd/snap-confine/snap-confine-invocation.h
index b02c9bf79bb..13b63024440 100644
--- a/cmd/snap-confine/snap-confine-invocation.h
+++ b/cmd/snap-confine/snap-confine-invocation.h
@@ -20,6 +20,8 @@
#include
+#include "snap-confine-args.h"
+
/**
* sc_invocation contains information about how snap-confine was invoked.
*
@@ -36,4 +38,14 @@ typedef struct sc_invocation {
bool is_normal_mode;
} sc_invocation;
+/**
+ * sc_init_invocation initializes the invocation object.
+ *
+ * Invocation is constructed based on command line arguments as well as
+ * environment value (SNAP_INSTANCE_NAME). All input is untrustee and is
+ * validated internally.
+ **/
+void sc_init_invocation(sc_invocation * inv, const struct sc_args *args,
+ const char *snap_instance);
+
#endif