Canonical and NVIDIA announced at COMPUTEX 2026, on June 1, that the NVIDIA OpenShell runtime is coming to Ubuntu packaged as a snap. The reasoning is straightforward: give companies a way to put boundaries around AI agents that are no longer simple chatbots, but autonomous processes running continuously that need access to system data and resources.
What OpenShell is
OpenShell is an open-source runtime that governs how autonomous AI agents operate and what they can touch. It isolates each agent inside its own sandbox and enforces whatever policies the organisation defines, keeping data protection and administrative oversight in place. Rather than letting an agent reach files, network or credentials freely, OpenShell puts a barrier around each one.
That isolation is exactly the point Canonical wanted to stress. Mark Shuttleworth put it this way: “sandboxing is the critical foundational layer of agentic workflows.” He added that snaps deliver “rapid and reliable updates as well as enterprise control.”
Why ship it as a snap
The choice of the snap format isn’t accidental. An AI agent in production drags along dependencies, models and libraries that you want pinned and reproducible. The snap bundles all of that into a single package with a consistent runtime environment, which avoids the usual version mismatch from one distribution to the next.
Installing it takes two commands:
sudo snap install openshell
openshell sandbox createThe first puts the runtime in place; the second creates a sandbox where an agent can run confined. From there the snap updates itself, which cuts manual maintenance and keeps the confinement current without an admin watching every release.
If you want to understand how this confined package model works on Ubuntu, we previously walked through the differences between Flatpak, Snap and AppImage.
What hardware it runs on
OpenShell as a snap targets NVIDIA’s AI machine catalogue. The company lists compatibility with:
- NVIDIA DGX Spark
- DGX Station
- NVIDIA RTX PRO workstations
- NVIDIA DGX data center systems
That spans a desktop workstation for development up to the DGX systems used in data center infrastructure. The same runtime, the same install method and the same isolation model apply across all of them.
What changes for teams deploying agents
The move answers a real shift in usage: once AI goes from answering questions to running tasks continuously, the risk stops being a bad answer and becomes an autonomous process with permissions. An agent that can read files, call APIs or run commands needs a framework that limits what it does and what it sees.
OpenShell supplies that framework with three pieces: per-agent isolation, enforcement of corporate policies, and administrative oversight. Packaging it as a snap adds the operational part that often goes missing: one-command install, bundled dependencies, and automatic updates with no need to recompile or redo the configuration on each distribution.
Canonical did not publish specific version numbers for the snap in the announcement, so check the version available at install time with snap info openshell.
Source
Original Canonical announcement: Securing AI agent workflows on Ubuntu with the new NVIDIA OpenShell snap (ubuntu.com/blog). Information and quotes attributed to Canonical.