I have been going back and forth in Cannot publish an electron app for many days trying to figure out how to get my Electron app to work with Snap. I eventually moved from electron-forge to electron-builder, just for the Snap build, and did some workarounds to be able to build --destructive-mode and I now have a built Snap app published with the name swach.
However, as part of the Electron app, we bundle the scrot binary as part of electron-color-picker. When we try to execute it, it does not seem to have the permissions it needs to run under Snap.
Is there a way to whitelist binaries shipped with the app or do we need to somehow use a stage package instead or something?
My next thought was we could add the existing bundled scrot from inside electron-color-picker to the `parts for the app or something. Perhaps something like:
This is all purely speculation, as I am not very familiar with Snap, and I would love some help figuring out how to successfully get this binary to run please! Thanks in advance!
What are the filesystem permissions on the scrot binary once you’ve built your snap? There is no “allow-list” nor “deny-list”; if a program exists inside your snap then you can call it from the context of your snap. The only limits are with interaction with the outside world via the confinement rules and the filesystem permissions allowing read or execute¹.
ÂąNote that the writable permission is not controlled via the relevant filesystem permission bit for files shipped in the snap package because the package is read-only anyway.
@lucyllewy scrot takes screenshots, so it likely needs permissions for the outside world in some way. Here is the info from the previous post on permissions:
It appears the permissions on scrot are for root:
-rwxr-xr-x 1 root root 27928 May 19 13:46 /snap/swach/19/app/resources/app.asar.unpacked/node_modules/electron-color-picker/library/linux/linux-scrot/scrot
And it appears the run/user/1000/snap.swach where it saves the screenshot has these permissions:
drwx------ 4 rwwagner90 rwwagner90 100 May 19 14:04 snap.swach
I am not sure if they both need to be root, or both should be my user or what.
Is there a specific way you wanted me to check permissions? This was running ls -l on the files, but I’m unsure if those permissions even apply inside Snap, since of course this is executable directly.
In the previous post you recommended I run:
snap run --shell swach /snap/swach/current/app/resources/app.asar.unpacked/node_modules/electron-color-picker/library/linux/linux-scrot/scrot
I ran that and got cannot execute binary file. How might I allow Snap to execute this file?
Curious, from outside the snap, what is the output of file /snap/swach/current/app/resources/app.asar.unpacked/node_modules/electron-color-picker/library/linux/linux-scrot/scrot?
It would probably be helpful for @jdstrand and I if you could share either your work-in-progress sources or a snap package built from them so that we can try to reproduce the error on our own system(s). We might be able to spot something running it locally that we don’t think to ask about when going back and forth in the forum
It looks like it may be missing some dependencies for scrot:
snap run --shell swach -c '/snap/swach/20/app/resources/app.asar.unpacked/node_modules/electron-color-picker/library/linux/linux-scrot/scrot'
/snap/swach/20/app/resources/app.asar.unpacked/node_modules/electron-color-picker/library/linux/linux-scrot/scrot: error while loading shared libraries: libX11.so.6: cannot open shared object file: No such file or directory
@cjp256@ogra thanks for the tip! I added libx11-6 to stage-packages and released a new version but I still see the same error when I run the command from above.
snap run --shell swach -c '/snap/swach/21/app/resources/app.asar.unpacked/node_modules/electron-color-picker/library/linux/linux-scrot/scrot'
/snap/swach/21/app/resources/app.asar.unpacked/node_modules/electron-color-picker/library/linux/linux-scrot/scrot: error while loading shared libraries: libX11.so.6: cannot open shared object file: No such file or directory
well, the way you call it via snap run --shell wont have LD_LIBRARY_PATH set … what about the scrot feature when you run the app normally (the snapcraft ,launcher and desktop-launch should set these variables properly?
@lucyllewy@cjp256@ogra any other suggestions? I would still be happy to pay someone to help debug this on their machine, as I do not regularly use Linux and don’t know much about Snapcraft or how to debug this.
Strangely, I can’t get the snap to open on my system at all Running on the command line exits with a return code of 1 and no output. I suspect that is due to something about my system though, but can’t prove it.
@lucyllewy that’s strange. It is a menubar app, and I know some Linux distros have an issue with showing the tray icon or something. What is your system?