Firefox snap: no access to GVFS and /tmp

aThae7 · October 27, 2021, 9:30am

Hi,

With the latest Ubuntu, Firefox is used as a snap. I was told by Ubuntu’s bug reporting tool to report problems here. My problems:

Firefox can’t access Gnome online mounts. I am used to store files directly to my WebDAV mounts, or view PDF files with Firefox from there. That doesn’t work anymore since Firefox is a snap.
Firefox can’t access files in /tmp. I have a symlink from $HOME/tmp to /tmp/myuser and save most downloads there, because a. they’re automatically gone when I shut down the PC, and b. it doesn’t stress the SSD there. This is now also not possible with snap anymore.

Is there any advice? Shall I report it somewhere else?

ppd · October 27, 2021, 9:47am

For me, such “mounts” appear in “Other Locations”:

aThae7 · October 27, 2021, 10:10am

I have “Other locations”, but the mount is not there.

Gnome: (I must not post this because I’m not allowed to post more than one image; screenshot shows Nextcloud gvfs mount in Nautilus)

Firefox:

Firefox 93.0 (20210928084347) canonical-002 over Ubuntu snap

oSoMoN · October 27, 2021, 10:13am

A symlink won’t work, but a bind mount should.

Coeur-Noir · October 27, 2021, 10:16am

For gvfs maybe its related to connected interfaces to your Firefox.

What is the output of :

snap connections firefox

?

For /tmp I’m afraid this will never work for Firefox as a snap because of how snap sandboxing/confinment works.

Unless ugly workarounds ( a bind mount of /tmp inside your personal folder ). [edit] as suggested by @oSoMoN

Given it’s connected to the needed interfaces, a snap can access /home, /media, /tmp, /run/media and nothing else. [edit] I was thinking about /mnt but typed /tmp → /tmp can’t be accessed by snap but /mnt is accessible once removable-media interface is connected.

See https://snapcraft.io/docs/supported-interfaces and https://snapcraft.io/docs/interface-management

ppd · October 27, 2021, 11:28am

I have to add that only already mounted locations appear here. So if I mount my sftp target in nautilus, I can see it there. If I don’t, it won’t appear here.

aThae7 · October 27, 2021, 5:01pm

Doesn’t work here. The mount looks like this:

and I can access the files. In Firefox, it doesn’t appear (for instance, as File>Save target).

But a bind mount requires root privileges, while creating something in /tmp does not. /tmp/myuser is created at GNOME login by a script without root privileges.

I have to rewrite the logic to something that requires root privileges to make it work again. Not very secure…

$ snap connections firefox
Schnittstelle             Plug                            Slot                             Notizen
audio-playback            firefox:audio-playback          :audio-playback                  -
audio-record              firefox:audio-record            :audio-record                    -
avahi-observe             firefox:avahi-observe           :avahi-observe                   -
browser-support           firefox:browser-sandbox         :browser-support                 -
camera                    firefox:camera                  :camera                          -
content[gnome-3-38-2004]  firefox:gnome-3-38-2004         gnome-3-38-2004:gnome-3-38-2004  -
content[gtk-3-themes]     firefox:gtk-3-themes            gtk-common-themes:gtk-3-themes   -
content[icon-themes]      firefox:icon-themes             gtk-common-themes:icon-themes    -
content[sound-themes]     firefox:sound-themes            gtk-common-themes:sound-themes   -
cups-control              firefox:cups-control            :cups-control                    -
dbus                      -                               firefox:dbus-daemon              -
desktop                   firefox:desktop                 :desktop                         -
desktop-legacy            firefox:desktop-legacy          :desktop-legacy                  -
gsettings                 firefox:gsettings               :gsettings                       -
hardware-observe          firefox:hardware-observe        :hardware-observe                -
home                      firefox:home                    :home                            -
joystick                  firefox:joystick                -                                -
mpris                     -                               firefox:mpris                    -
network                   firefox:network                 :network                         -
network-observe           firefox:network-observe         -                                -
opengl                    firefox:opengl                  :opengl                          -
personal-files            firefox:dot-mozilla-firefox     :personal-files                  -
removable-media           firefox:removable-media         :removable-media                 -
screen-inhibit-control    firefox:screen-inhibit-control  :screen-inhibit-control          -
system-files              firefox:etc-firefox-policies    :system-files                    -
system-packages-doc       firefox:system-packages-doc     :system-packages-doc             -
u2f-devices               firefox:u2f-devices             :u2f-devices                     -
unity7                    firefox:unity7                  :unity7                          -
upower-observe            firefox:upower-observe          :upower-observe                  -
wayland                   firefox:wayland                 :wayland                         -
x11                       firefox:x11                     :x11                             -

But the symlink from ~/tmp points to /tmp/myuser, so shouldn’t this be accessible?

oSoMoN · October 27, 2021, 5:32pm

You’re right, mount requires superuser privileges. bindfs doesn’t, so this should work as a normal user:

bindfs --no-allow-other /tmp/myuser $HOME/tmp

That’s not correct, /tmp is private to each strictly-confined snap, the system-wide /tmp isn’t visible in the snap’s sandbox.

ppd · October 27, 2021, 6:43pm

Looking at the code in xdg-desktop-portal-gtk, the file chooser is set up to only show local files. Patching it with

diff --git a/src/filechooser.c b/src/filechooser.c
index 390af93..4b6faa8 100644
--- a/src/filechooser.c
+++ b/src/filechooser.c
@@ -503,6 +503,8 @@ handle_open (XdpImplFileChooser *object,
   gtk_file_chooser_set_use_preview_label (GTK_FILE_CHOOSER (dialog), FALSE);
   g_signal_connect (dialog, "update-preview", G_CALLBACK (update_preview_cb), preview);
 
+  gtk_file_chooser_set_local_only (GTK_FILE_CHOOSER (dialog), FALSE);
+
   handle = g_new0 (FileDialogHandle, 1);
   handle->impl = object;
   handle->invocation = invocation;

makes all remote locations appear:

However, actually saving to them does not work. So that’s evidently another story.

Coeur-Noir · October 27, 2021, 9:44pm

Yep. I was thinking about /mnt and typed /tmp instead, my bad.

Hence the first part :

@aThae7 another thing to check regarding .gvfs are the rights and permissions in your personal folder :
find ~ ! -user $USER
If no problem, this command will output nothing.
If problem⋅s it will output a list of files and folders you no longer own. ( anything under /home/$USER is supposed to belong to $USER - dbbus, .gvfs, .cache and so on ).

It seems the needed interfaces are connected to your Firefox snap : removable-media, network…

Does Chromium-as-a-snap have access to your GVFS mounts ?

aThae7 · October 28, 2021, 9:17am

No output, everything belongs to me. It’s a fresh Ubuntu install.

Does Chromium-as-a-snap have access to your GVFS mounts ?

I don’t use Chromium.

Thanks, the FUSE bind works (although I still think it shouldn’t be necessary).

Coeur-Noir · October 29, 2021, 6:43pm

The idea is to try with Chromium to find if there is a different behavior regarding GVFS between those two snap web-browsers.

ppd · October 31, 2021, 6:42pm

I filed a request regarding the possibility of supporting non-local locations in xdg-desktop-portal-gtk’s file chooser: https://github.com/flatpak/xdg-desktop-portal-gtk/issues/361