Home directories outside of '/home'

The snap daemon (snapd) looks for a user’s home directory ($HOME) under /home on the local filesystem. However, from snapd 2.59 onwards, the snap daemon can access an additional location using the homedirs system option:

sudo snap set system homedirs=<destination-directory>

This allows a snap’s user data to be stored in a user’s home location other under /home.

The following command will permit home directories to be accessible from /remote/users, for instance:

$ sudo snap set system homedirs=/remote/users

The new location needs to exist and be accessible, but it can be on a different filesystem or even mounted across a network. The original /home location remains valid but it is no longer a requirement that directories be stored there.

Once set, the homedirs system option can be retrieved with the snap get command:

$ sudo snap get system homedirs
/remote/users

The homedirs value can be cleared and restored to only /home with the snap unset command:

sudo snap unset system homedirs

Bind mount home directories

While the homedirs system option should work for the majority users, it’s also possible to bind mount an alternative $HOME location to /home to allow other locations to be found by snapd. This process is outlined below.

:information_source: A bind mount allows a mounted filesystem to be accessible from more than one location at the filesystem level. This is unlike a hard or symbolic link, for instance, which operate as special additional files that point to a destination.

There are two steps to bind mount a home directory to a different location:

  1. the bind mount: create the mount point and run the mount command:
    $ sudo mkdir -p /home/$USER
    $ sudo mount --bind <original-home-location> /home/$USER
    
  2. edit /etc/passwd: backup passwd and edit the home location for your user:
    $ cp /etc/passwd passwd.backup
    $ # sudo edit /etc/passwd with your favourite editor
    $ cat /etc/passwd | grep $USER
      ubuntu:x:1000:1000:ubuntu,,,:/home/ubuntu:/bin/bash
    
    The following awk command can be used to edit /etc/passwd (change OLD_HOME to your old home directory):
    $ awk -vold=$"OLD_HOME" -vnew=$"/home/$USER" -F: ' BEGIN {OFS = ":"} \
      {sub(old,new,$6);print}' /etc/passwd > passwd.new
    $ sudo cp passwd.new /etc/passwd
    

Log out and back in again, and snap will work from the freshly mounted home location. If you run into difficulties, copy the backup passwd file to /etc/passwd.

2 Likes

This helped me on CentOS 7, but it did require a small modification. The provided awk command replaced the passwd entry with just “/home” instead of “/home/username”, which prevented me from logging in.

I had to manually update the passwd file to use /home/username, and after that it worked as expected.

If /home is used by automounter (nfs) for ldap users it is not possible to add a bind mount to /home for local users.

@prattm is right. The awk command is slightly wrong. The new home path needs to be fully specified. For example for the nagios user see the following example.

$ awk -vold=$"OLD_HOME" -vnew=$"/home/$USER" -F: ' BEGIN {OFS = ":"} \
  {sub(old,new,$6);print}' /etc/passwd > passwd.new

I tried to edit the original post as well.

2 Likes

Question: Is the solution outlined on the following website (dpkg-reconfigure apparmor) a promising alternative, or is the information given there outdated?

To me, this looks simpler, but I’m still hesistant to try either solution.

1 Like

Hi

The solution here assumes that your user is on the /etc/passwd file. But on my case, my users come from Active Directory, so, they are not there. I’m using sssd and I figured out that our IT sets the home directories to be in: /nas, so, a user “doe” will have /nas/doe@DOMAIN as home directory.

I tried the binding option, but since my user isn’t on the passwd file, I couldn’t edit it as suggested here. Only binding didn’t worked. Setting the HOME variable to /home doesn’t works either.

At the end what worked for me was adding this option:

override_homedir = /home

To the file: /etc/sssd/sssd.conf, then you have to restart sssd:

service sssd restart

Then all snaps packages will start normally.

Don’t forget to delete your user’s old home directory before login back.

Best regards Josef

@degville

With snapd 2.59 it’s now supported to configure additional home directories outside of /home using the snapd setting

snap set system homedirs=...

Say you have home directories at /remote/users, then you would configure this additional home directory to

snap set system homedirs=/remote/users

This would then make sure that the homedir is available to the snaps.

1 Like

That’s a fantastic update, thanks for the heads-up. I’ve updated the doc, and also added homedirs as a new system option.

@degville This sentence and the one directly below seem to be cut short.

Hello! Fantastic to hear from you - and thanks so much for flagging this. I’ve now fixed it.

1 Like