Read/Write Access to Sandboxed App

So I have an App that writes logs locally; if the log file is not present it creates it, and if it is present at run-time it just appends to it. Now how can I make this App work when it is sandboxed? I have no issue writing to /var directory or even /tmp when it is not sandboxed, but whenever I try to sandbox it I get a fail whenever I try to create/open the .log file. I have tried adding Bundles section with dir:

bundles:
{
    dir:
    {
        [rw] /var /var
    }
}

or even using requires section:

requires:
{
    dir:
    {
        /var /var
    }
}

but no luck. Can anyone tell me how this is done while having my App sandboxed?

Hiya @mg_bg,

Just mapping the directory into your app is not enough - the underlying directory also has to have the appropriate linux user permissions.

I suspect that /var only has RW permissions for the root user, and R permissions for group and world.

ciao, Dave

For sandboxed application, when you bundle a directory, the behaviour of not able to create a file in a directory is an expected behavior
“Note
For security reasons, files and directories cannot be both writable and executable.
Directories always have executable permission set so they can be traversed. Setting the [x] permission in the dir: subsection causes the files under the directory to be made executable.
Setting [w] in the dir: subsection causes all files under that directory to be writable, but the directory itself will not be writable.”
Ref: http://legato.io/legato-docs/latest/defFilesAdef.html#defFilesAdef_bundles 3

Have a Nonsandboxed application which allows you to create a log file if not present through API
And call that API from your sandboxed application.