2

How do I allow a snap package to access a particular folder with name "~/.directory"?

For example, I have snapped Firefox (Ubuntu 22.04, FF is preinstalled out of the box by Canonical) and I want alow FF to access /home/$USER/.directory. I did not installed FF, it is provided by Canonical out of box as part of Ubuntu 22.04.

Another directory can't be used. Because of hardcoded properties of Oauth2 related processes of internet service for another software. I can not use any other directory name other than ".directory". It's hardcoded in another software.

Also I see the folowing:

$ snap connections firefox | grep personal-files
personal-files            firefox:dot-mozilla-firefox     :personal-files                  -

The same question concerning Chromium (same problem). The same question about other snapped app. But, let's start from FF as example - what about FF.

Thank you!

P.S. One of the points of interest is: I have someone's snap package to be auto-updated. How do I grant access to ~/.directory for the package in a way updates will not affect the permission?

P.S.S. The folowing doesn't work (from How to allow snap applications to access /tmp folder?):

sudo mount -o bind /home/$USER/.directory /home/$USER/snap/firefox/common/.directory
Asc
  • 69
  • A stock install of the Firefox can already read/write hidden folders and subfolders in the user's /home dir (and nowhere else). Unable to duplicate the described problem: I created /home/me/.directory/.test, My stock snap-Firefox could indeed see and open that testfile. See https://askubuntu.com/questions/1238211 for how to check that your Firefox snap interfaces for hidden subfolders is connected properly. – user535733 Jul 13 '22 at 14:20
  • 1
    With Ubuntu 22.04 installed from official ISO bootable image, with selection of "Minimal install" during install, Firefox, which is preinstalled out of the box, do not able to browse ~/.* at all. And FF is snapped software in this case.

    I.e. after mkdir ~/.directory ; echo abc > ~/.directory/marker FF unable to even browse content of file:///home/user/.directory/

    FF reporting "Access to the file was denied".

    In /snap/firefox/current/snap/snapcraft.yaml among interface: personal-files the only mentioned dot-directory is $HOME/.mozilla/firefox.

    No access to ~/.*.

     – Asc Jul 14 '22 at 04:08
  • Please edit your question instead of responding in comments. Comments are how we offer advice to make your question answerable. While editing your question, please add the complete output of snap connections firefox | grep personal-files. – user535733 Jul 14 '22 at 05:32
  • @Asc did you find a solution? – George Moutsopoulos Jan 26 '23 at 18:02
  • As far as I understood, I need to support my own build for FF Snap package in order to provide access. Thus: removed Snap, installed from Deb.

    Still looking for solution.

     – Asc Jul 11 '23 at 12:41

1 Answers1

1

I had to get "creative" to get a Palo Alto Networks GlobalProtect VPN to allow a web-based login using Ubuntu 22.04.1 LTS... The web-based login makes firefox load ~/.GlobalProtect/saml.html, which the snap setup won't allow to happen.

I did this as a kludge:

  1. Copied ~/.GlobalProtect/saml.html to ~/saml.html
  2. Renamed ~/.GlobalProtect/saml.html to ~/.GlobalProtect/saml.html.old
  3. Created a symlink named ~/.GlobalProtect/saml.html to ~/saml.html

And it let me log in as if nothing is wrong. In my case, it seems to be able to see into the directory, but can't open the files in the directory. But following symlinks out of the directory worked...

Brian Cowan
  • 151
  • 4