Super-privileged interfaces

Interfaces allow (or deny) access to a resource outside of a snap’s confinement and, generally, any snap can declare any supported interface.

However, there is a limited set of interfaces that require extra scrutiny when their plugs are included in a snap. This is due to their permissive nature and the control and impact they potentially have over a system.

These interfaces are called super-privileged, and snaps that include plugs for super-privileged interfaces require specific approval from the Store before they can be distributed and installed.

Super-privileged interfaces

Interface	Description	Categories	Auto-connect
auditd-support	permits snaps to operate as auditd service	Super privileged	no
block-devices	access to disk block devices	Super privileged, Storage, Low level	no
classic-support	enable resource access to classic snap	Super privileged, Ubuntu Core	no
custom-device	permits access to a specific class of device	Super privileged, Ubuntu Core	no
desktop-launch	identify and launch desktop apps from other snaps	Super privileged, Desktop	no
dm-crypt	access encrypted storage devices	Super privileged, Ubuntu Core, Storage	no
docker	start, stop, or manage Docker containers	Super privileged, Containers	no
docker-support	allows operating as the Docker daemon	Super privileged, Containers	no
gpio-control	allows to export/unexport and control all GPIOs	Super privileged, GPIO	no
greengrass-support	allows operating as the Greengrass service	Super privileged, Edge, AWS, Discrete	no
ion-memory-control	access Android’s ION memory allocator	Super privileged, System	no
kernel-firmware-control	permits a custom kernel firmware search path	Super privileged	no
kernel-module-control	insert, remove and query kernel modules	Super privileged, System, Kernel	no
kernel-module-load	load, or deny loading, specific kernel modules	Super privileged, System, Kernel	no
kubernetes-support	use functions essential for Kubernetes	Super privileged, Hypervisor, Discrete	no
lxd	provides access to the LXD socket	Super privileged, Container, Discrete	no
lxd-support	allows operating as the LXD service	Super privileged, Container, Discrete	no
microceph	permits access to the MicroCeph socket, which is used internally by the microceph snap	Super privileged, Container	no
microceph_support	permits the microceph snap to operate as the MicroCeph service	Super privileged, Container	no
microovn	used only by the MicroOVN snap for socket access	Network, Super privileged	no
microstack-support	multiple service access to the Microstack infrastructure	Super privileged, Container, Discrete	no
mount-control	mount and unmount transient and persistent filesystem mount points	Super privileged, Storage	no
multipass-support	multipass-support allows operating as the Multipass service	Super privileged, VM, Discrete	no
nvidia-drivers-support	internally used NVIDIA access	Super privileged, Ubuntu Core	no
packagekit-control	control the PackageKit service	Super privileged, Packaging	no
personal-files	read or write files in the user’s home directory	Super privileged, Personal data, Attributes	no
pkcs11	enables the cryptographic token interface standard to be used	Security, Super privileged	no
polkit	access to the polkit authorisation manager	Security, System, Super privileged	no
polkit-agent	permits applications to register as polkit agents	Security, System, Super privileged	no
posix-mq	enables inter-process communication (IPC) messages	Super privileged, IPC	no by default, yes with snaps from the same publisher
remoteproc	interact with the kernel’s Remote Processor Framework	Super privileged	no
scsi-generic	read and write access to SCSI Generic driver devices	Storage, Super privileged	no
sd-control	control SD cards on specific devices	Super privileged, Storage	no
shared-memory	enables two snaps to access the same shared memory	Super privileged, IPC	no
snap-refresh-control	permits bespoke snap refresh control	Super privileged, Packaging	no
snap-refresh-observe	enables the tracking of snap refreshes	Super privileged, Packaging	no
snapd-control	install or remove software	Super privileged, Packaging	no
steam-support	allows the Steam snap to access pressure-vessel containers	Super privileged, Discrete	no
shutdown	restart or power off the device	Super privileged, System, Power	no
system-files	read or write files in the system	Super privileged, Storage, Attributes	no
tee	permits access to the Trusted Execution Environment	Super privileged, Security, Ubuntu Core	no
uinput	allows write access to /dev/uinput	Super privileged, Hardware	no
unity8	share data with other Unity 8 apps	Display, Super privileged	yes
userns	permits a snap to create a new namespace	Super privileged	no
xilinx-dma	allows access to Xilinx DMA IP from a connected PCIe card	Ubuntu Core, Super privileged	no