4

How do I allow a snap package to access a particular folder with name "~/.directory"?

For example, I have snapped Firefox (Ubuntu 22.04, FF is preinstalled out of the box by Canonical) and I want alow FF to access /home/$USER/.directory. I did not installed FF, it is provided by Canonical out of box as part of Ubuntu 22.04.

Another directory can't be used. Because of hardcoded properties of Oauth2 related processes of internet service for another software. I can not use any other directory name other than ".directory". It's hardcoded in another software.

Also I see the folowing:

$ snap connections firefox | grep personal-files
personal-files            firefox:dot-mozilla-firefox     :personal-files                  -

The same question concerning Chromium (same problem). The same question about other snapped app. But, let's start from FF as example - what about FF.

Thank you!

P.S. One of the points of interest is: I have someone's snap package to be auto-updated. How do I grant access to ~/.directory for the package in a way updates will not affect the permission?

P.S.S. The folowing doesn't work (from How to allow snap applications to access /tmp folder?):

sudo mount -o bind /home/$USER/.directory /home/$USER/snap/firefox/common/.directory
Asc
  • 103

1 Answers1

1

I had to get "creative" to get a Palo Alto Networks GlobalProtect VPN to allow a web-based login using Ubuntu 22.04.1 LTS... The web-based login makes firefox load ~/.GlobalProtect/saml.html, which the snap setup won't allow to happen.

I did this as a kludge:

  1. Copied ~/.GlobalProtect/saml.html to ~/saml.html
  2. Renamed ~/.GlobalProtect/saml.html to ~/.GlobalProtect/saml.html.old
  3. Created a symlink named ~/.GlobalProtect/saml.html to ~/saml.html

And it let me log in as if nothing is wrong. In my case, it seems to be able to see into the directory, but can't open the files in the directory. But following symlinks out of the directory worked...

Brian Cowan
  • 151