12

OS: Ubuntu 20.04

I installed gedit, kate, and libreoffice as snaps. 

$ snap list (partial output)
Name                             Version                     Rev   Tracking         Publisher   Notes
gedit                            3.36.0+git7.764f9c67f       537   latest/stable    canonical✓  -
kate                             20.04.0                     64    latest/stable    kde✓        -
libreoffice                      6.4.3.2                     177   latest/stable    canonical✓  -
$

None of these snaps can access any hidden files and hidden folders in my home folder. Is that by design?

The ls -al output for ~/home is below:

$ ls -al
total 104
drwxr-xr-x 18 dkb  dkb   4096 May 11 16:26 .
drwxr-xr-x  3 root root  4096 Apr 26 16:12 ..
-rw-rw-r--  1 dkb  dkb   2782 May  9 07:59 .bash_aliases
-rw-------  1 dkb  dkb  10748 May  9 19:32 .bash_history
-rw-r--r--  1 dkb  dkb    220 Apr 26 16:12 .bash_logout
-rw-r--r--  1 dkb  dkb   3953 Apr 27 15:09 .bashrc
drwx------ 14 dkb  dkb   4096 May 11 15:58 .cache
drwxr-xr-x 21 dkb  dkb   4096 May 11 15:58 .config
drwxr-xr-x  2 dkb  dkb   4096 May 11 16:19 Desktop
drwxr-xr-x  2 dkb  dkb   4096 May 11 15:47 Documents
drwxr-xr-x  3 dkb  dkb   4096 May 11 16:17 Downloads
drwx------  3 dkb  dkb   4096 Apr 30 19:10 .gnupg
-rw-------  1 dkb  dkb     97 May  4 09:39 .lesshst
drwxr-xr-x  3 dkb  dkb   4096 Apr 26 16:22 .local
drwx------  5 dkb  dkb   4096 Apr 27 16:34 .mozilla
drwxr-xr-x  2 dkb  dkb   4096 Apr 26 16:22 Music
drwxr-xr-x  2 dkb  dkb   4096 May  5 16:34 Pictures
-rw-r--r--  1 dkb  dkb    807 Apr 26 16:12 .profile
drwxr-xr-x  2 dkb  dkb   4096 Apr 26 16:22 Public
drwxr-xr-x 13 dkb  dkb   4096 May 11 16:00 snap
drwx------  2 dkb  dkb   4096 Apr 26 16:36 .ssh
-rw-r--r--  1 dkb  dkb      0 Apr 26 16:31 .sudo_as_admin_successful
drwxr-xr-x  2 dkb  dkb   4096 Apr 26 16:22 Templates
drwx------  6 dkb  dkb   4096 Apr 30 19:29 .thunderbird
drwxr-xr-x  2 dkb  dkb   4096 Apr 26 16:22 Videos
$

The issue doesn't may not be about hidden files or folders, per se. If I copy ~/.config over to ~/Downloads all three snaps can open ~/Downloads/.config and the files therein.

On the other hand, if I copy ~/.bashrc to ~/bashrc, the snaps have no difficulty.

Jastria Rahmat
  • 302
DK Bose
  • 44,553

2 Answers2

13

The Snap 'home' interface permits access only to non-hidden files and directories in a user's /home (and nowhere else).

The Snap 'personal-files' interface permits access to all files and directories in a user's /home (and nowhere else).

  • Snap interfaces are defined in the yaml file used in snap creation.
  • You can list the available interfaces for a snap package using snap connections <snap-name>. If personal-files is listed, then it can be used (it might already be connected in some snaps).
  • If the personal-files interface is defined but unused, you can use $snap connect <snap-name>:<plug-name> to connect it.

EXAMPLE #1: Discord Snap: snap connections discord has NO personal-files entry. Discord CANNOT access hidden files, and you cannot change that.

$ snap connections discord | grep personal-files
$

EXAMPLE #2: Firefox Snap: snap connections firefox DOES have a personal-files entry, and the plug is already connected to a Firefox slot. This user can ALREADY access hidden files in the home directory (nowhere else).

$ snap connections firefox | grep personal-files
personal-files            firefox:dot-mozilla-firefox     :personal-files                  -
$

// Interface name  = personal-files
// Snap plug name  = dot-mozilla-firefox
// Snapd slot name = personal-files

EXAMPLE #3: Snap Store: snap connections snap-store HAS a personal-files entry, but the slot is NOT connected to a plug. YOU can connect it. Let's do that!

$ snap connections snap-store | grep personal-files
personal-files            snap-store:dot-snap-auth-json             -                                -

// Interface name  = personal-files
// Snap plug name  = dot-snap-auth-json
// Snapd slot name = (not listed because it's not connected)


$ sudo snap connect snap-store:dot-snap-auth-json
connect snap-store:dot-snap-auth-json to snapd:personal-files


$ sudo snap disconnect snap-store:dot-snap-auth-json
disconnect snap-store:dot-snap-auth-json from snapd:personal-files
user535733
  • 68,493
0

Workaround for modification of existing files only

My experience is that files in ~/.<directory> are inaccessible by default in snaps but sub-directories that are hidden, i.e.~/tmp/.<directory> seem to be accessible.

To overcome this limitation and not having to copy whole files back and forth you can create a hard-link copy of the directory recursively

example: ~/.local/... inaccessible

  • open a terminal Ctrl+Alt+T
  • create a temporary directory for the hardlinks
    • mkdir -p ~/tmp/hrdlnks
  • create hardlink copy of the whole ~/.local/ directory
    • cp -al ~/.local ~/tmp/hrdlnks/
  • now ~/tmp/hrdlnks/.local/ should be accessible
    • if for some reason they are not accessible because it is a hidden directory you could just rename it from .local to dot-local, for example.
      • mv ~/tmp/hrdlnks/.local ~/tmp/hrdlnks/dot-local
  • When you are done modifying the file(s) just delete the temporary hardlink copy directory
    • rm -r ~/tmp/hrdlnks/

Side Notes:

  • if you create a new file in this "hardlink" temporary directory you will not be creating it in the "original"/"mirrored" directory
    • you will need to copy it manually before removing the temporary hardlink directory
  • if new files get created in the "original" directory after you have made your hardlink copy, they will not exist in the hardlink copy
    • you will need to create a new hardlink copy
    • I would recommend to just delete the temporary directory once you are done modifying the files of interest.

Notes on hardlinks

  • a hardlink just points to the same "file blob of data"
  • if you delete the hardlink you are not deleting the "original" file
    • if you delete the "original" file, the hardlink still has access to the data, when you delete all hardlinks pointing towards the data, you will not have anymore access to the data, although it will still exist untill some other file overwrites those "free" bytes
  • if you change the file or directory name you are not changing the "original" names
  • if you move files around in the hardlink temp directory you will not be moving anything in the "original" directory structure
Pau Coma Ramirez
  • 372