I’m seeing some surprising behavior from the Firefox snap around native messaging.
When a browser invokes a native message messaging host it passes the ID of the extension to the native messaging host. See this page as a reference: https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/Native_messaging .
A relevant snippet:
Two arguments are passed to the native app when it starts:
The complete path to the app manifest.
(new in Firefox 55) the ID (as given in the browser_specific_settings manifest.json key) of the add-on that started it.
However the Firefox snap doesn’t do this. In fact it doesn’t pass any arguments to the host at all. This delta in behavior is causing a breakage for me. I have a single exe that I use as a host and a CLI. If the exe notices the extension ID in the arguments it switches to host mode.
This feels like a bug to me. Is this is appropriate channel to raise it?
Thanks!
1 Like
Hi!
When you run Firefox, do you see in your sudo dmesg output lines about apparmor DENIED?
Yep there are plenty:
[ 0.040438] LSM: initializing lsm=lockdown,capability,landlock,yama,apparmor,integrity
[ 0.436199] evm: security.apparmor
[ 1.443122] audit: type=1400 audit(1717380220.520:2): apparmor="STATUS" operation="profile_load" profile="unconfined" name="1password" pid=406 comm="apparmor_parser"
[ 1.443126] audit: type=1400 audit(1717380220.521:3): apparmor="STATUS" operation="profile_load" profile="unconfined" name=4D6F6E676F444220436F6D70617373 pid=409 comm="apparmor_parser"
[ 1.443339] audit: type=1400 audit(1717380220.522:4): apparmor="STATUS" operation="profile_load" profile="unconfined" name="Discord" pid=407 comm="apparmor_parser"
[ 1.445106] audit: type=1400 audit(1717380220.524:5): apparmor="STATUS" operation="profile_load" profile="unconfined" name="brave" pid=412 comm="apparmor_parser"
[ 1.446881] audit: type=1400 audit(1717380220.525:6): apparmor="STATUS" operation="profile_load" profile="unconfined" name="QtWebEngineProcess" pid=411 comm="apparmor_parser"
[ 1.448560] audit: type=1400 audit(1717380220.527:7): apparmor="STATUS" operation="profile_load" profile="unconfined" name="buildah" pid=416 comm="apparmor_parser"
[ 1.450178] audit: type=1400 audit(1717380220.529:8): apparmor="STATUS" operation="profile_load" profile="unconfined" name="busybox" pid=419 comm="apparmor_parser"
[ 1.452903] audit: type=1400 audit(1717380220.531:9): apparmor="STATUS" operation="profile_load" profile="unconfined" name="ch-checkns" pid=427 comm="apparmor_parser"
[ 1.453749] audit: type=1400 audit(1717380220.532:10): apparmor="STATUS" operation="profile_load" profile="unconfined" name="cam" pid=426 comm="apparmor_parser"
[ 12.528354] audit: type=1400 audit(1717380231.607:144): apparmor="DENIED" operation="capable" class="cap" profile="/usr/lib/snapd/snap-confine" pid=1485 comm="snap-confine" capability=12 capname="net_admin"
[ 12.528908] audit: type=1400 audit(1717380231.607:145): apparmor="DENIED" operation="capable" class="cap" profile="/usr/lib/snapd/snap-confine" pid=1485 comm="snap-confine" capability=38 capname="perfmon"
[ 129.587504] audit: type=1400 audit(1717380349.074:146): apparmor="DENIED" operation="open" class="file" profile="snap-update-ns.firefox" name="/usr/local/share/" pid=2557 comm="5" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[ 129.590275] audit: type=1400 audit(1717380349.076:147): apparmor="DENIED" operation="open" class="file" profile="snap-update-ns.firefox" name="/var/lib/" pid=2557 comm="5" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[ 129.590389] audit: type=1400 audit(1717380349.076:148): apparmor="DENIED" operation="open" class="file" profile="snap-update-ns.firefox" name="/var/lib/" pid=2557 comm="5" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[ 129.590524] audit: type=1400 audit(1717380349.077:149): apparmor="DENIED" operation="open" class="file" profile="snap-update-ns.firefox" name="/var/lib/" pid=2557 comm="5" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[ 129.590604] audit: type=1400 audit(1717380349.077:150): apparmor="DENIED" operation="open" class="file" profile="snap-update-ns.firefox" name="/var/lib/" pid=2557 comm="5" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[ 129.590681] audit: type=1400 audit(1717380349.077:151): apparmor="DENIED" operation="open" class="file" profile="snap-update-ns.firefox" name="/var/lib/" pid=2557 comm="5" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[ 129.590748] audit: type=1400 audit(1717380349.077:152): apparmor="DENIED" operation="open" class="file" profile="snap-update-ns.firefox" name="/var/lib/" pid=2557 comm="5" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[ 129.590814] audit: type=1400 audit(1717380349.077:153): apparmor="DENIED" operation="open" class="file" profile="snap-update-ns.firefox" name="/var/lib/" pid=2557 comm="5" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[ 130.417607] audit: type=1107 audit(1717380349.904:154): pid=632 uid=101 auid=4294967295 ses=4294967295 subj=unconfined msg='apparmor="DENIED" operation="dbus_method_call" bus="system" path="/org/freedesktop/login1" interface="org.freedesktop.DBus.Properties" member="GetAll" mask="send" name=":1.9" pid=2543 label="snap.firefox.firefox" peer_pid=682 peer_label="unconfined"
[ 130.535813] audit: type=1107 audit(1717380350.022:155): pid=632 uid=101 auid=4294967295 ses=4294967295 subj=unconfined msg='apparmor="DENIED" operation="dbus_method_call" bus="system" path="/org/freedesktop/timedate1" interface="org.freedesktop.DBus.Properties" member="GetAll" mask="send" name=":1.108" pid=2543 label="snap.firefox.firefox" peer_pid=2664 peer_label="unconfined"
Hm… Can you show snap connections firefox ?
Maybe it’s missing not connected by default some interface.
When I was looking around the internet, this issue seemed to be fixed: https://ubuntuhandbook.org/index.php/2022/11/firefox-ubuntu-22-04-native-messaging/
What distro do you use?
Do you have snapd-desktop-integration snap installed?
ogra
June 3, 2024, 8:28am
5
There is nothing in the DENIED messages that seems in any way relevant to native messaging…
Your grep did not exclude the STATUS messages (which are printed for all non snap profiles on your system during boot), the snap-confine messages are not related to a specific snap package but internal false positives from snapd itself. That leaves firefox trying to access /var/lib , which i doubt is related to native messaging and access to /usr/local/share which firefox checks for additional ssl certificates…
The only relevant one might be the logind dbus one here, not sure this is in any way involved with native messaging though
1 Like
And also for what exact add-on it doesn’t work. I’ve seen reports of breakage when using keepassxc-browser with snapped Firefox, not for others AFAIK
Here are the Firefox snap connections:
Interface Plug Slot Notes
alsa firefox:alsa - -
audio-playback firefox:audio-playback :audio-playback -
audio-record firefox:audio-record :audio-record -
avahi-observe firefox:avahi-observe :avahi-observe -
browser-support firefox:browser-sandbox :browser-support -
camera firefox:camera :camera -
content[gnome-42-2204] firefox:gnome-42-2204 gnome-42-2204:gnome-42-2204 -
content[gtk-3-themes] firefox:gtk-3-themes gtk-common-themes:gtk-3-themes -
content[icon-themes] firefox:icon-themes gtk-common-themes:icon-themes -
content[sound-themes] firefox:sound-themes gtk-common-themes:sound-themes -
cups-control firefox:cups-control :cups-control -
dbus - firefox:dbus-daemon -
desktop firefox:desktop :desktop -
desktop-legacy firefox:desktop-legacy :desktop-legacy -
gsettings firefox:gsettings :gsettings -
hardware-observe firefox:hardware-observe :hardware-observe -
home firefox:home :home -
joystick firefox:joystick :joystick -
mount-control firefox:host-hunspell :mount-control -
mpris - firefox:mpris -
network firefox:network :network -
network-bind firefox:network-bind :network-bind -
network-observe firefox:network-observe - -
opengl firefox:opengl :opengl -
personal-files firefox:dot-mozilla-firefox :personal-files -
removable-media firefox:removable-media :removable-media -
screen-inhibit-control firefox:screen-inhibit-control :screen-inhibit-control -
system-files firefox:etc-firefox :system-files -
system-packages-doc firefox:system-packages-doc :system-packages-doc -
u2f-devices firefox:u2f-devices :u2f-devices -
unity7 firefox:unity7 :unity7 -
upower-observe firefox:upower-observe :upower-observe -
wayland firefox:wayland :wayland -
x11 firefox:x11 :x11 -
This is on Ubuntu 24.04. I saw the snap specific extensions dialog (which I allowed). It is mostly working in that version in that the browser did find the manifest and it did invoke the native messaging host. But it didn’t include the ID of the extension when it invoked the native messaging host (which it should have).
Yes the snapd-desktop-integration snap is installed.
This is for my host/extension. The host is here: GitHub - JonathanHope/armaria: Armaria is a fast, open, and local first bookmarks manager , and the extension is here: GitHub - JonathanHope/armaria-extension: Browser extensions for the Armaria bookmarks manager . Given that everything seems to be working as it should except the arguments provided to the native messaging host I imagine that many native messaging hosts would still function as expected if they didn’t check the args. However the native messaging hosts that do check the args (like mine) will be broken by this delta in the behavior between the Snap Firefox and the non-Snap Firefox.
1 Like
Hm… here’s wild idea: Try to package your host portion as a snap! For some applications, most notably keepassxc and integrated keepasssxc-browser plugin, helped. Maybe will work there?
If that won’t help, then I guess it needs to be raised to have such support ongoing properly.
I distribute the host in a number of ways, but in this case it is a Snap. I think the issue is more fundamental in that the Snap Firefox is breaking the established protocol for Native Messaging in way that doesn’t affect some hosts, but does affect others. I do appreciate all of your help and suggestions though.
1 Like
