Snap package misses /usr/share/[data]

Hi all,

I’m new to snap and am building my first package for an application called ‘brouwhulp’, which contains recipies and information for brewing beer at home. It has been packaged in a .deb file, targeted at Ubuntu around 2015 so I used the ‘core’ base, which seems to contain all packages needed. I had to use ‘classic’ confinement, or all fonts would be missing from the QT4 application.

My problem is that after building, /usr/share/brouwhulpdata does not exist and that crashes the application.

name: brouwhulp
version: "5.3.5.2"
summary: Met BrouwHulp kun je recepten ontwikkelen, documenteren en uitwisselen.
description: |
  @todo

confinement: classic
base: core
grade: stable

parts:
  brouwhulp:
    plugin: dump
    source: http://wittepaard.roodetoren.nl/phocadownload/userupload/brouwhulp_$SNAPCRAFT_PROJECT_VERSION_amd64.deb
    source-type: deb
    stage-packages:
      - libqtwebkit4
      - libqtgui4
      - libqt4-network
      - libqtcore4
      - libqt4pas5
      - libgstreamer0.10-0
      - libgstreamer-plugins-base0.10-0
      - libaudio2
      - libpng12-0
      - libopenal1
      - libopenal-data
      - libopenal-dev
      - libalut0
      - libfann2
      - libfann-dev

layout:
  /usr/share/brouwhulpdata:
    symlink: $SNAP/usr/share/brouwhulpdata

apps:
  brouwhulp:
    command: usr/bin/brouwhulp
    desktop: usr/share/applications/brouwhulp.desktop
    plugs:
      - cups-control
      - desktop
      - desktop-legacy
      - wayland
      - unity7
      - home
      - network
      - opengl
      - audio-playback
      - pulseaudio

It must be something really simple I’m missing, can anyone point me in the right direction?

-tnx!-

Harold

You cannot use layouts with a classic snap. The font issue can be fixed by reverting to a strictly-confined snap and using the snapcraft-desktop-helpers part:

...

parts:
  desktop-qt4:
    source: https://github.com/ubuntu/snapcraft-desktop-helpers.git
    source-subdir: qt
    plugin: make
    make-parameters: ["FLAVOR=qt4"]
    build-packages:
      - build-essential
      - libqt4-dev
      - dpkg-dev
    stage-packages:
      - libxkbcommon0
      - ttf-ubuntu-font-family
      - dmz-cursor-theme
      - light-themes
      - adwaita-icon-theme
      - gnome-themes-standard
      - shared-mime-info
      - libqtgui4
      - libgdk-pixbuf2.0-0
      - libqt4-svg # for loading icon themes which are svg
      - appmenu-qt
      - locales-all
      - sni-qt
      - xdg-user-dirs

  brouwhulp:
    after: [desktop-qt4]
    ...

apps:
  brouwhulp:
    command-chain: [bin/desktop-launch]
    ...

That fixed the font and data issues, tnx! But now the application crashes after a few seconds. A strace shows a lot of errors, mostly this part repeating:

access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libnsl", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/usr/lib/x86_64-linux-gnu/libnsl", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/lib/libnsl", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/usr/lib/libnsl", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
munmap(0x7f123e74b000, 85648)           = 0
open("/var/lib/snapd/lib/gl/libnsl.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/var/lib/snapd/lib/gl32/libnsl.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/var/lib/snapd/void/libnsl.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("tls/x86_64/libnsl.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("tls/libnsl.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("x86_64/libnsl.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("libnsl.so", O_RDONLY|O_CLOEXEC)   = -1 ENOENT (No such file or directory)
open("/snap/brouwhulp/x2/lib/libnsl.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/snap/brouwhulp/x2/usr/lib/libnsl.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/snap/brouwhulp/x2/lib/x86_64-linux-gnu/libnsl.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/snap/brouwhulp/x2/usr/lib/x86_64-linux-gnu/libnsl.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/snap/brouwhulp/x2/usr/lib/x86_64-linux-gnu/mesa/libnsl.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/snap/brouwhulp/x2/usr/lib/x86_64-linux-gnu/mesa-egl/libnsl.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/snap/brouwhulp/x2/usr/lib/x86_64-linux-gnu/dri/libnsl.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/snap/brouwhulp/x2/usr/lib/x86_64-linux-gnu/qt4/libnsl.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 9
fstat(9, {st_mode=S_IFREG|0644, st_size=85648, ...}) = 0
mmap(NULL, 85648, PROT_READ, MAP_PRIVATE, 9, 0) = 0x7f123e74b000
close(9)                                = 0

try adding libc6-dev to stage-packages:

That solved a lot of errors, but the GUI still crashes after a few seconds with the strace endlessly filling with these kind of messages every couple of seconds:

poll([{fd=3, events=POLLIN}, {fd=6, events=POLLIN}, {fd=12, events=POLLIN}], 3, 0) = 0 (Timeout)
recvmsg(6, {msg_namelen=0}, 0)          = -1 EAGAIN (Resource temporarily unavailable)

anything in your system journal ? (like “DENIED” messages)

Yes, there is!

dec 18 14:44:45 x1 audit[7903]: AVC apparmor="DENIED" operation="open" profile="snap.brouwhulp.brouwhulp" name="/etc/openal/alsoft.conf" pid=7903 comm="brouwhulp" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
dec 18 14:44:45 x1 kernel: kauditd_printk_skb: 49 callbacks suppressed
dec 18 14:44:45 x1 kernel: audit: type=1400 audit(1576676685.007:61): apparmor="DENIED" operation="open" profile="snap.brouwhulp.brouwhulp" name="/etc/openal/alsoft.conf" pid=7903 comm="brouwhulp" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
dec 18 14:44:45 x1 audit[7903]: AVC apparmor="DENIED" operation="connect" profile="snap.brouwhulp.brouwhulp" name="/run/cups/cups.sock" pid=7903 comm="brouwhulp" requested_mask="wr" denied_mask="wr" fsuid=1000 ouid=0
dec 18 14:44:45 x1 audit[7903]: AVC apparmor="DENIED" operation="open" profile="snap.brouwhulp.brouwhulp" name="/run/cups/printcap" pid=7903 comm="brouwhulp" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
dec 18 14:44:45 x1 kernel: audit: type=1400 audit(1576676685.215:62): apparmor="DENIED" operation="connect" profile="snap.brouwhulp.brouwhulp" name="/run/cups/cups.sock" pid=7903 comm="brouwhulp" requested_mask="wr" denied_mask="wr" fsuid=1000 ouid=0
dec 18 14:44:45 x1 kernel: audit: type=1400 audit(1576676685.215:63): apparmor="DENIED" operation="open" profile="snap.brouwhulp.brouwhulp" name="/run/cups/printcap" pid=7903 comm="brouwhulp" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
dec 18 14:44:45 x1 audit[7903]: AVC apparmor="DENIED" operation="open" profile="snap.brouwhulp.brouwhulp" name="/run/cups/printcap" pid=7903 comm="brouwhulp" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
dec 18 14:44:45 x1 kernel: audit: type=1400 audit(1576676685.219:64): apparmor="DENIED" operation="open" profile="snap.brouwhulp.brouwhulp" name="/run/cups/printcap" pid=7903 comm="brouwhulp" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0

Do you have all of the interfaces connected? See snap connections <your snap name> and then run snap connect for any that aren’t connected. Some interfaces don’t auto-connect by default (but can be made to do so with a request as per Process for aliases, auto-connections and tracks)

The cups interface wasn’t connected

Next issue is called ‘openal’:

dec 18 16:09:24 x1 audit[12840]: AVC apparmor="DENIED" operation="open" profile="snap.brouwhulp.brouwhulp" name="/etc/openal/alsoft.conf" pid=12840 comm="brouwhulp" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
dec 18 16:09:24 x1 kernel: audit: type=1400 audit(1576681764.256:72): apparmor="DENIED" operation="open" profile="snap.brouwhulp.brouwhulp" name="/etc/openal/alsoft.conf" pid=12840 comm="brouwhulp" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0

For this file, you could try using a layout to a writable version of the config file somewhere in $SNAP_DATA, initially populating that file in the writable directory with one that is in $SNAP:

layout:
  /etc/openal/alsoft.conf: 
    bind-file: $SNAP_DATA/etc/openal/alsoft.conf

and then have your snap install hook copy the file from $SNAP (which is read-only) to $SNAP_DATA (which is writable):

#!/bin/sh -e

# check if the file is empty (snapd will create the empty file for us setting up a layout)
if [ -z "$(cat $SNAP_DATA/etc/openal/alsoft.conf)" ]; then
    cat $SNAP/etc/openal/alsoft.conf > $SNAP_DATA/etc/openal/alsoft.conf
fi

Right again!

Let’s see if I can figure this one out myself:

dec 18 19:14:18 x1 audit[20039]: AVC apparmor="DENIED" operation="mknod" profile="snap.brouwhulp.brouwhulp" name="/home/harold/snap/brouwhulp/x3/.brouwhulp/tmp" pid=20039 comm="brouwhulp" requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000
dec 18 19:14:18 x1 kernel: audit: type=1400 audit(1576692858.029:95): apparmor="DENIED" operation="mknod" profile="snap.brouwhulp.brouwhulp" name="/home/harold/snap/brouwhulp/x3/.brouwhulp/tmp" pid=20039 comm="brouwhulp" requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000

Nope; can’t figure that one out myself. It wants to create a directory in your home folder, which it has all rights to. But yet it is denied.

Do you know why your application would be trying to use mknod here (specifically why it’s using mknod)?

No clue; it’s a closed source binary blob.

Note the ‘operation’ is mknod, not the command. It is not unusual for the syscall to be used to create regular files. I suspect this denial is coming from a snap refresh/install happening while brouwhulp is still running since the profile is updated to allow read-only access for the prior revision.

It happens every time I launch BrouwHulp, so again … no clue

I have given up on snapping BrouwHulp, but man, the snap documentation is completely worthless.

I have another app I tried to package, which proved a total nightmare too.

1. /usr/share/[data] is missing again; seems that only the ‘command’ and ‘desktop’ files are copied?
2. Should I compile with a prefix other than /usr? Should I use a prefix like /snap/[package]/current/usr instead?
3. Layouts are for precompiled binaries where you can’t control the location of libraries, so I have to use ‘filesets’ and’ prime’, but then point 1 rises again.

I’m giving up on snap.

I am facing the same challenges. There is literally no real documentation for snapcraft. I am trying to do a classic snap for an application called Maitreya8, it is an astrology application, It throws errors that the directory /usr/share/maitreya or anything underneath does not exist. This is crazy…Does this problem really have no solution. Should I give up on snaps like everyone else.

is there any particular reason to make an astrology application classic instead of using strict confinement (in which case you can use layouts similar to how @ijohnson described it above but with whole directories)

yes, It needs to launch a pdf reader to view the astrological report that it generates. by default strictly confined snap does not allow for a second process thread from within the same snap, ( my understanding may be wrong). Hence packaging say evince withing the snap had no impact. With classic snap it can access evince but it fails to see the /usr/share/maitreya8 directory within the snap file structure. the snap uses autotools plugin…Layouts were used in strictly confined snap and it worked elegantly. for now I am using it without the pdf viewer fearure, Any help in getting the classic snap to see the file system within the snap will be much appreciated.