interfaces: add consoles interface

[femdom]

To allow access to the /dev/tty0 and /dev/console

[ogra1]

i dont think this will fly as is, most ubuntu-core installs will actually use a different console= option to run their IoT devices with serial console etc ... the apparmor managing code should better parse /proc/cmdline and grab the console= arg from there instead of hardcoding tty0
(hardcoding /dev/console seems fine OTOH)

[niemeyer]

We'll need to change at least the interface name to the singular ("console") as usual in most (all?) of the interfaces.

Also, can you please provide some more background so we can understand the demand for this interface, can take the appropriate action regarding what @ogra1 is pointing out?

Note that we can most likely be exactly precise, and open up access just the one correct console device.

We also need to be very careful with this interface, as it hands off access to what is being typed. We'll need a review from @jdstrand on those details.

[femdom]

@niemeyer

Also, can you please provide some more background so we can understand the demand for this interface, can take the appropriate action regarding what @ogra1 is pointing out?

Our software tries to access /dev/tty0 or /dev/console or /dev/tty qlinuxfbscreen.cpp

[stolowski]

@femdom FYI, I've updated this PR for the new API changes in master.

[femdom]

@stolowski, thank you!

[zyga]

Some comments.

[zyga]

I don't think we need the String method really

[zyga]

This begs to be one function but this is not a material for this PR

[mvo5]

I think we want snap.TypeOS here instead of hardcoding the string.

[jdstrand]

FYI, this interface is on my list for review but it will take a little while to get through everything.

[femdom]

Should I fix addressed issues?

[jdstrand]

Please feel free to address any review feedback, yes. It is still on my list to review and still will take quite a bit of time to get through everything. It has unfortunately fallen behind a number of other items, but we'll get there.

[niemeyer]

@jdstrand Any news here? We're making a push to get the queue clean this week:

https://forum.snapcraft.io/t/review-sprint-1/377

[jdstrand]

@niemeyer - I'd like to study the tty subsystem for this PR to better understand it. I mentioned yesterday that this PR has fallen behind other work-- that work is mostly items from https://forum.snapcraft.io/t/review-sprint-1/377 (atm, bash completion, but several others after that).

This PR won't be reviewed this week at this point.

[zyga]

Nitpick

[zyga]

Nitpick: can this please say if slot.Snap.Type != snap.TypeOS { ... } please?

[zyga]

I'll work on this first thing tomorrow. I'll review it again, apply all the feedback and get it ready for another review.

[zyga]

After discussing with @jdstrand I'm marking this interface as blocked. It requires additional research into the kernel tty layers to determine if the security is sensible.

[chipaca]

What's the state of this PR?

[jdstrand]

@chipaca - still blocked behind other higher priority work, but it is in the queue and not lost.

[chipaca]

OK. It'll need some serious de-conflicting I fear.

[ogra1]

can we please also have the sys_tty_config capability, something taking over the console might want to reconfigure the tty as well...

[zyga]

I just de-conflicted it, I will iterate some more to add modern meta-data and simplify a few things.

[jdstrand]

Since this continues to wait on me, I'm happy to deconflict it as needed (though I see @zyga did this already). For now I'm going to close this PR but will reopen when it is at the top of the queue.

[zyga]

I'll re-open this briefly to push my changes :)

[zyga]

Pushed, closing again :)