Supported interfaces

Interfaces enable resources from one snap to be shared with another and with the system. For a snap to use an interface, its developer needs to have first defined its corresponding plugs and slots within a snap’s snapcraft.yaml file.

:information_source: For details on how to add an interface to your own snap, see Snapcraft interfaces. For general usage details, see Interface management.

The table below lists currently supported interfaces, with links to further details for each interface.

The following column names are used:

  • Interface name is the syntactical interface name, as used by snaps.

  • Auto-connect indicates that the interface will be connected by default when the snap is first installed, requiring no further user action. If Auto-connect=no, an interface can still be automatically connected if the snap developer has requested, and been granted, explicit permission. See Permission requests for details.

    Important: if a snap is installed prior to an interface being granted auto-connect permission, and permission is subsequently granted and the snap updated, when the installed snap updates, the interface will be auto-connected.

Interface name Description Auto-connect
account-control add/remove user accounts or change passwords no
accounts-service allows communication with the accounts service no
acrn allows access to user VMs using the ACRN hypervisor no
adb-support allows operating as Android Debug Bridge service no
allegro-vcu access the Allegro Video Core Unit no
alsa play or record sound no
appstream-metadata allows access to AppStream metadata no
audio-playback allows audio playback via supporting services yes
audio-record allows audio recording via supported services no
autopilot-introspection be controlled by Autopilot software no
avahi-control advertise services over the local network no
avahi-observe detect services and devices over the local network no
block-devices access to disk block devices no
bluetooth-control access Bluetooth hardware directly no
bluez use Bluetooth devices no
bool-file allows access to specific file with bool semantics no
broadcom-asic-control control Broadcom network switches no
browser-support use functions essential for Web browsers no when allow-sandbox: true, yes otherwise
calendar-services allows communication with Evolution Data Server calendar no
camera use your camera or webcam no
can-bus allows access to the CAN bus no
cifs-mount allows the mounting and unmounting of CIFS filesystems no
classic-support enable resource access to classic snap no
contacts-service allows communication with the Evolution Data Server address book no
content access resources across snaps yes for snaps from same publisher, no otherwise
core-support deprecated since snap 2.34 no
cpu-control set certain CPU values no
cups access to the CUPS socket for printing not applicable
cups-control print documents no
custom-device permits access to a specific class of device no
daemon-notify allows sending daemon status changes to service manager no
dbus allow snaps to communicate over D-Bus no
dcdbas-control shut down or restart Dell devices no
desktop provides access to common desktop elements yes
desktop-launch identify and launch desktop apps from other snaps no
desktop-legacy enables the use of legacy desktop methods (including input method and accessibility services) yes
device-buttons use any device-buttons no
display-control allows configuring display parameters no
dm-crypt access encrypted storage devices no
docker start, stop, or manage Docker containers no
docker-support allows operating as the Docker daemon no
dsp enables the control of digital signal processors (DSPs) no
dummy renamed to empty interface no
dvb allows access to all DVB devices and APIs no
empty allows testing without additional permissions no
firewall-control configure a network firewall no
fpga permits access to an FPGA subsystem no
framebuffer access to universal framebuffer devices no
fuse-support enables access to the FUSE filesystems no
fwupd allows operating as the fwupd service no
gconf access the legacy GConf config system no
gpg-keys read GPG user configuration and keys no
gpg-public-keys read GPG non-sensitive configuration and public keys no
gpio access specific GPIO pins no
gpio-control allows to export/unexport and control all GPIOs no
gpio-memory-control allows write access to all GPIO memory no
greengrass-support allows operating as the Greengrass service no
gsettings provides access to any GSettings item for current user yes
hardware-observe access hardware information no
hardware-random-control provide entropy to hardware random number generator no
hardware-random-observe use hardware-generated random numbers no
hidraw access hidraw devices no
home access non-hidden files in the home directory yes on classic (traditional distributions), no otherwise
hostname-control allows configuring the system hostname no
hugepages-control control HugePages memory blocks no
i2c access i²c devices no
iio access IIO devices no
intel-mei access to the Intel MEI management interface no
io-ports-control allows access to all I/O ports no
ion-memory-control access Android’s ION memory allocator no
jack1 allows interaction with the JACK audio connection server no
joystick use any connected joystick no
juju-client-observe read the Juju client configuration no
kernel-crypto-api read and manage kernel supported crypto ciphers no
kernel-module-control insert, remove and query kernel modules no
kernel-module-load load, or deny loading, specific kernel modules no
kernel-module-observe query kernel modules no
kubernetes-support use functions essential for Kubernetes no
kvm allows access to the kvm device no
libvirt provides access to the libvirt service no
locale-control change system language and region settings no
location-control allows operating as the location service no
location-observe access your location no
log-observe read system logs no
login-session-control allows setup of login sessions and grants privileged access to user sessions no
login-session-observe allows reading login and session information no
lxd provides access to the LXD socket no
lxd-support allows operating as the LXD service no
maliit use an on-screen keyboard no
media-control access media control devices and Video4Linux (V4L) devices no
media-hub access snaps providing the media-hub interface yes
microstack-support multiple service access to the Microstack infrastructure no
mir enables access to the Mir display service yes
modem-manager use and configure modems no
mount-control mount and unmount transient and persistent filesystem mount points no
mount-observe read mount table and quota information no
mpris control music and video players no
multipass-support multipass-support allows operating as the Multipass service no
netlink-audit allows access to kernel audit system through Netlink no
netlink-connector communicate through the kernel Netlink connector no
netlink-driver operate a kernel driver module exposed via Netlink no
network enables network access yes
network-bind operate as a network service yes
network-control change low-level network settings no
network-manager configure and observe networking via NetworkManager no
network-manager-observe allows observing NetworkManager settings no
network-observe query network status information no
network-setup-control change network settings via Netplan no
network-setup-observe read network settings no
network-status access the NetworkingStatus service yes
ofono allows operating as the oFono service no
online-accounts-service access to the Online Accounts service yes
opengl access OpenGL/GPU hardware yes
openvswitch control Open vSwitch hardware no
openvswitch-support enables kernel support for Open vSwitch no
optical-drive read/write access to CD/DVD drives yes, unless drive can write
packagekit-control control the PackageKit service no
password-manager-service read, add, change, or remove saved passwords no
personal-files read or write files in the user’s home directory no
physical-memory-control read and write memory used by any process no
physical-memory-observe read memory used by any process no
polkit access to the polkit authorisation manager no
posix-mq enables inter-process communication (IPC) messages no by default, yes with snaps from the same publisher
power-control read and write system power settings no
ppp access to configure and observe PPP networking no
process-control pause or end any process on the system no
ptp access to the Precision Time Protocol subsystem no
pulseaudio play and record sound no
pwm access specific PWM channels no
qualcomm-ipc-router access Qualcomm IPC router sockets no
raw-input access raw input devices directly no
raw-usb access USB hardware directly no
raw-volume access specific disk partitions no
removable-media read/write files on removable storage devices no
screencast-legacy allows screen recording and audio recording alongside writing to arbitrary filesystem paths no
screen-inhibit-control prevent screen sleep, lock and screensaver yes
scsi-generic read and write access to SCSI Generic driver devices no
sd-control control SD cards on specific devices no
serial-port access serial port hardware no by default, yes with snaps from the same publisher
shared-memory enables two snaps to access the same shared memory no
shutdown restart or power off the device no
snap-refresh-control permits bespoke snap refresh control no
snapd-control install or remove software no
spi access specific SPI devices no
ssh-keys access SSH private and public keys no
ssh-public-keys access SSH public keys no
steam-support allows the Steam snap to access pressure-vessel containers no
storage-framework-service operate as, or interact with, the Storage Framework no
system-backup read-only access to the system for backups no
system-files read or write files in the system no
system-observe read process and system information no
system-packages-doc access system documentation in /usr/share/doc no
system-source-code access kernel source and headers in /usr/src no
system-trace monitor or control any running program no
tee permits access to the Trusted Execution Environment no
thumbnailer-service create thumbnail images from local media files no
time-control change the date and time no
timeserver-control change time server settings no
timezone-control change the time zone no
tpm allows access to the Trusted Platform Module device no
u2f-devices use any U2F devices no
ubuntu-download-manager use the Ubuntu Download Manager yes
udisks2 access the UDisks2 service no
uhid create kernel UID devices from user-space no
uinput allows write access to /dev/uinput no
uio access uio devices no
unity7 access legacy desktop resources from Unity7 yes
unity8 share data with other Unity 8 apps yes
unity8-calendar read/change shared calendar events in Ubuntu Unity 8 no
unity8-contacts read/change shared contacts in Ubuntu Unity 8 no
upower-observe access battery level and power usage yes
vcio access a Raspberry Pi’s VideoCore multimedia processor no
wayland access compositors providing the Wayland protocol yes
x11 monitor mouse/keyboard input and graphics output of other apps yes

Last updated 4 months ago.