Auto-connecting the system-files interface for the firefox snap

Firefox allows sysadmins to define enterprise policies to customize the browsing experience. These policies are stored in /etc/firefox/policies/ on the host filesystem, which is typically not readable by a strictly confined snap.

A plug was recently added to the system-files interfaces to allow read access to that path:

    interface: system-files
    read: [/etc/firefox/policies]

This is a request for the corresponding store declaration to auto-connect the interface.

Thanks for considering it!


+1 from me - firefox is the clear owner of this path.

+1 from for for auto-connect system-files with read access to /etc/firefox/policies using the interface reference etc-firefox-policies since the snap is the clear owner of such directory. @oSoMoN could you please update the snap declaration so we can proceed with granting such access?

The plug was added upstream, and it will be in the upcoming 91 version of Firefox. Unfortunately it was too late in the development cycle to have it backported to 90 (which will become stable in two weeks’ time).
I don’t have control over the firefox snap’s release cycle, at the moment it’s tied to the upstream release cycle, so we’ll have to wait.

Can the auto-connection be granted in advance, even if the plug isn’t part of the snap declaration for the current revisions in the store? If not, what happens when the revision in the beta channel has it, but not the stable channel?

@oSoMoN yes, sure. Since we have the enough votes, I have granted the auto-connection of system-files with read access to /etc/firefox/policies using the interface reference etc-firefox-policies. This is now live.

1 Like