This request is a follow-up to Auto-connecting the personal-files interface for the chromium snap.
In order to fix bug #1837746, I added $HOME/.chromium-browser.init to the list of read-only entries for the personal-files plug.
Can auto-connection be granted for this one?
Thanks!
+1 from me, in order to smooth the transition from deb to snap.
+1 from me too - this seems entirely sensible and appropriate.
+1 from me as well - chromium clearly owns this path.
@reviewers - assuming the vote passes, I will work with @oSoMoN next week on rolling out the change. Due to chromium’s use of tracks and channels, it is not sufficient to simply add the path to the existing declaration since that would make any revisions that didn’t have the updated path uninstallable. Instead, this requires an alternation constraint so either the current or the updated constraint may be used. Again, I will perform this and update our internal procedures document for this.
3 votes for, 0 against. Granting use of the updated path. This is now live.
Note, I tested this with the following:
# prior to updating the snap declaration
$ snap refresh
# first get the snap-id
$ SNAPNAME=chromium ; http https://api.snapcraft.io/v2/snaps/info/$SNAPNAME Snap-Device-Series:16 | jq -r '."snap-id"'
XKEcBqPM06H1Z7zGOdG5fbICuf8NWK5R
# then examine the snap declaration (again, prior to update)
$ snap known --remote snap-declaration series=16 snap-id=XKEcBqPM06H1Z7zGOdG5fbICuf8NWK5R
...
plugs:
browser-support:
allow-auto-connection: true
allow-connection: true
camera:
allow-auto-connection: true
cups-control:
allow-auto-connection: true
personal-files:
allow-auto-connection: true
allow-installation:
plug-attributes:
read: \$HOME/\.config/chromium
pulseaudio:
allow-auto-connection: true
u2f-devices:
allow-auto-connection: true
...
# install the snap (again, still prior to updating the snap decl)
$ sudo snap install chromium
chromium 78.0.3904.70 from Canonicalâś“ installed
$ snap connections chromium|grep personal
personal-files chromium:chromium-config :personal-files -
# next, after the snap declaration was updated for .chromium-browser-init, refresh
$ sudo snap refresh
All snaps up to date.
# examine the snap declaration
$ snap known --remote snap-declaration series=16 snap-id=XKEcBqPM06H1Z7zGOdG5fbICuf8NWK5R
...
plugs:
browser-support:
allow-auto-connection: true
allow-connection: true
camera:
allow-auto-connection: true
cups-control:
allow-auto-connection: true
personal-files:
allow-auto-connection: true
allow-installation:
-
plug-attributes:
read: \$HOME/\.config/chromium
-
plug-attributes:
read: \$HOME/\.(config/chromium|chromium-browser-init)
pulseaudio:
allow-auto-connection: true
u2f-devices:
allow-auto-connection: true
...
# refresh to edge to verify refresh still works
$ sudo snap refresh chromium --edge
chromium (edge) 79.0.3941.4 from Canonicalâś“ refreshed
# verify auto-connection
$ snap connections chromium|grep personal
personal-files chromium:chromium-config :personal-files -
# next purge chromium and then install, and verify auto-connection
$ sudo snap remove --purge chromium
chromium removed
$ sudo snap install chromium
chromium 78.0.3904.70 from Canonicalâś“ installed
$ snap connections chromium|grep personal
personal-files chromium:chromium-config :personal-files -
Thanks Jamie!
I have committed again the change that makes use of this new path, and snaps are building for all supported architectures in the candidate channel.
@jdstrand it looks like something is missing on the store side:
osomon@bribon:~$ snap refresh chromium --candidate
erreur : cannot perform the following tasks:
- Monter le paquet Snap "chromium" (913) (installation not allowed by "chromium-config" plug rule of interface "personal-files" for "chromium" snap)There was a typo in the snap declaration (used chromium-browser-init instead of chromium-browser.init). This is now fixed:
$ sudo snap refresh # update assertions
$ sudo snap install chromium --candidate
chromium (candidate) 78.0.3904.70 from Canonicalâś“ installed
Thanks, refreshing to the candidate channel now confirmed to work.