10

Ubuntu Core, Canonical's latest version of Ubuntu for IoT devices, says that its new Snappy package manager is ideal for the Internet of Things, and Wikipedia says that:

Snappy packaging has been deployed in internet of things environments, ranging from consumer-facing products to enterprise device management gateways

However, package managers on Linux aren't a new thing by any means - APT has been around since mid-1998 - so why is Snappy considered so much better by Canonical for IoT? Are other package managers' security practices unsuitable for IoT or is there another factor that is more important?

Aurora0001
  • 18,520
  • 13
  • 55
  • 169

1 Answers1

16

There are two advantages as far I know, here they are:

First: Snap packages can bring their own dependencies with them. So no dependency hell.

Second: Snap packages can be installed for one user only. So more control of who is running that software.

Some quotes (including source links):

from https://insights.ubuntu.com

Snaps are isolated from one another to guarantee data security, and can be updated or rolled back automatically, making them perfect for connected devices. Multiple vendors have launched snappy IoT devices, enabling a new class of “smart edge” device with IoT app store. Snappy devices receive automatic updates for the base OS, together with updates to the apps installed on the device.

(source)

from https://developer.ubuntu.com

Ubuntu Core is in many ways simply another flavor of Ubuntu (eg, the root filesystem is built from packages from the same Ubuntu archive as other flavors), but it differs in many important ways:

  • The base system is a very minimal system that consists of three different parts: the kernel, gadget and OS which are all packaged and delivered using the new snap packaging format
  • There is a clean separation between the base system and the applications installed on the system as well as a clean separation between installed applications
  • Ubuntu Core replaces ‘apt’ with the new ‘snap’ command and applications are packaged and delivered as ‘snaps’
  • The root filesystem is read-only
  • Developers may update applications independently of the OS
  • Applications run in a security sandbox by default
  • Ubuntu Core is application-centric instead of distribution archive-centric

The above qualities aim to address many of the challenges inherent in the traditional Linux distribution model and greatly increase reliability, predictability and security.

(source)

from http://snapcraft.io/

A snap is a fancy zip file containing an application together with its dependencies, and a description of how it should safely be run on your system, especially the different ways it should talk to other software.

Most importantly snaps are designed to be secure, sand-boxed, containerized applications isolated from the underlying system and from other applications. Snaps allow the safe installation of apps from any vendor on mission critical devices and desktops.

(source)

Videonauth
  • 276
  • 4
  • 9