How to access files outside of /home in snap apps?

Question

I have just upgraded to a recent version of Ubuntu that uses snap apps, and I have trouble understanding how I'm supposed to use them to work with files outside of /home. I have three disks in my machine, a large photo library on sdb, backup drives, and other things. As snap apps are confined, they cannot access any of them.

Only solution I can think of, is to bind mount everything to some folder under /home, but that seems like a terrible thing to do every single time I want to look at a file. Searching the web brings up blog posts about "snap interfaces" and "snap connections", but it is unclear to me if that could be helpful.

So the question is: What is the intended method for using snap apps to work with files stored outside of /home?

Does this answer your question? How to get access to USB-storage from the application installed as Snap? — N0rbert, Apr 20 '20 at 20:30
@N0rbert Answer given there does not tell us that connecting to removable-media gives app the rights for things under /mnt, so, no — kurja, Apr 20 '20 at 20:48
TL;DR: You can't. The reason is pure stupidity and stubbornness from the app designers. — Alfonso Nishikawa, May 10 '23 at 17:38

score 11 · Accepted Answer · answered Apr 20 '20 at 18:01

what is the intended method for using snap apps to work with files stored outside of /home?

The snap should be designed to do that under confinement by making use of the removable-media interface. Connecting such an interface will grant confined access to drives mounted in /media as well as /mnt.

To see if the snap in question supports this, run snap connections <snap name>. For example, for Nextcloud:

$ snap connections nextcloud
Interface        Plug                       Slot           Notes
network          nextcloud:network          :network       -
network-bind     nextcloud:network-bind     :network-bind  -
removable-media  nextcloud:removable-media  -              -

Since nextcloud:removable-media has no associated slot, that means the interface is not connect, thus Nextcloud cannot access removable media. To connect it, we can run sudo snap connect nextcloud:removable-media. Then the connections look like the following:

$ snap connections nextcloud
Interface        Plug                       Slot              Notes
network          nextcloud:network          :network          -
network-bind     nextcloud:network-bind     :network-bind     -
removable-media  nextcloud:removable-media  :removable-media  manual

Now that the plug is connected to a slot, Nextcloud now has confined access to removable media in /media/ and /mnt. Other applications will work the same way if the developer built such functionality in. If they didn't, log a bug! You can find where to log a bug with snap info <snap name>, for example:

$ snap info nextcloud
<snip>
contact:   https://github.com/nextcloud/nextcloud-snap
<snip>

Hi, that's a really good, thorough answer. I guess I got mislead into thinking that "removable media interface" is for just that, removable media like CDs or flash drives, because that's what it sounds like.... — kurja, Apr 20 '20 at 18:40

How to access files outside of /home in snap apps?

1 Answers1

Linked