-
-
Notifications
You must be signed in to change notification settings - Fork 48
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Prevent snapd from ever being installed again #10
Comments
Thanks for filing this issue. Will give it some thought. Thanks again. |
Not the most elegant but you could use something like this to detect if a pin for snapd already exists: |
Would |
@BWPanda According to the manual page, |
I'm interested in a solution for this as well. I had found that a number of packages in the apt repository hosted by Canonical, are in fact not the software being advertised but instead contain a fixup script that non-interactively installs snapd if its not present; or disabled; and its related dependencies first and then installs the snap for the software second without prompt. apt has no visibility on these type of packages so it pretty much kaiboshed any further use of the OS for my uses in a production environment. As its a non-deterministic problem, I can't really work around it (i.e. apt can't differentiate between the binaries that are software and the binaries that are fixups; so fails determinism test with same inputs different outputs), and the problem originates on servers you don't control. Professionally, I can't have an apt upgrade issued by a tech break written security policy with no visibility on their end. I'm not sure there is a good solution to this short of maintaining a separate repo you can control. I like Ubuntu derivatives but recent changes have become problematic. I had a little bit of hope when I saw this project as flatpack does meet our security standards. Firefox was the main package I noticed which did this, but there were a few others. |
Adding the following apt config would prevent snapd from being installed either directly or indirectly:
Linux Mint already does something similar. This is important because Ubuntu made the Chromium apt package install snapd and install the Snap version of Chromium.
The text was updated successfully, but these errors were encountered: