Star Hype News.

Premium celebrity moments with standout appeal.

updates

How can I install a Snap package from a local file

By Sebastian Wright

I have a one time use program written in Python.

Can Snapcraft package it? How do I install the package locally? Is there something like GDebi for Snaps?

2 Answers

Here's an example of a local install of a snap from the Snap Store (source).

However, this won't work for you -- why it won't work and the method you need to use instead are detailed below.

$ snap download hello-world
Fetching snap "hello-world"
Fetching assertions for "hello-world"
$ sudo snap ack hello-world_27.assert
$ sudo snap install hello-world_27.snap
hello-world 6.3 from 'canonical' installed
$ snap list
Name Version Rev Developer Notes
<snip>
hello-world 6.3 27 canonical -
  • There is nothing like GDebi for snaps.
  • Since you already have the local snap, you obviously skip the first step. You don't need to download it.
  • Since you made the snap, there's no .assert file, so you skip the second step, too.
  • Finally, since Snaps default to security using signatures...but yours isn't signed...you must disable that protection in the third step by using the --dangerous flag.

So your method for a locally-made, unsigned Snap will be:

$ sudo snap install /path/to/my-snap.snap --dangerous
2

TLDR:

if you have the file downloaded, as, say abc.snap in the current folder,

try:

snap install ./abc.snap --dangerous

Explanation:

snaps are normally signed with the publisher's private key. When the package is signed, all that it means is that it has been prepared by someone that has a private key. This literally means nothing else. It does not mean that the package is safe for your computer. It does not mean that the package contains what it say it contains. All that it means is that someone has signed it with his private key.

If you have a bare .snap file that might or might not be signed, you can skip the signature verification using --dangerous. There is in fact nothing all that more dangerous about it than trusting a random person on the internet with your computer's contents.

The packages available from the official snap store are signed, so that if some true shit happens, it is possible to trace the account from which the package was posted. This may deter good people from posting bad packages. It does not mean that the packages are safe. It will probably not deter bad actors.

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy

Related Archive

More in updates