I have a couple of snaps that cannot read files inside $HOME. I get errors like:

in my $home as root:

batcat test.txt

[bat error]: ‘test.txt’: Permission denied (os error 13)

grex --file test.txt

permission denied: the specified file could not be opened

Works when I’m not elevated:

$ batcat test.txt | wc -l
73

When I run these as root. When I run them as myself I can access the files and the applications work . What must I do so that sudo will be able to access the file?

Snap confinement for the home interface by default has an owner rule, which means that the owner of the files/directories must match those of the uid/gid of the process that is trying to access them, which means that root inside snaps can only read from root’s home directory /root and only user foo can read from /home/foo.

There is a way around this for particular snaps that have good justification for this by using the read: all interface attribute for the home plug. You can read more about that at the docs: https://snapcraft.io/docs/home-interface