Support for non /home homedirs

lucyllewy · July 28, 2020, 11:50pm

Did you also adjust your user account’s home folder location to be /home/$USERNAME via the passwd database once you’d made the appropriate bind-mount making the folder appear there? If you didn’t then snapd will continue to think your home folder is under /media and will attempt to use that path. You need to make the requisite bind-mounts to make a home folder appear at /home/$USERNAME AND change the passwd database to point to that location if it is currently set to the non-/home location.

Coeur-Noir · July 29, 2020, 1:57am

Did you connect your mailspring-snap to the removable-media interface ?

snap connections mailspring

to check.

ijohnson · July 29, 2020, 12:06pm

Given the other comments here, and specifically How can I use snap when I don't use /home/$USER?, I think that this post should be updated to say make a bind mount, and also update the passwd database, i.e. /etc/passwd as @lucyllewy proposed. Also I think we should make this post into the docs category so it is editable. Unclear if we want this to go to the snapcraft.io/docs or not however

@degville thoughts on expanding a bit on this and putting it into the docs category and potentially also putting it on snapcraft.io/docs ?

degville · July 29, 2020, 12:08pm

I think this is a good idea - thanks @ijohnson. I’ll create something to explain the situation and include the above possible solutions.

zickzack · August 2, 2020, 8:47pm

It looks like:

removable-media           mailspring:removable-media           :removable-media                -

zickzack · August 2, 2020, 8:50pm

Hi,

I was on vacation.

Did now all this, what is written down here: https://forum.snapcraft.io/t/how-can-i-use-snap-when-i-dont-use-home-user/3352/20?u=zickzack

My Home folder finally moved. Restarted the Computer twice.

Typing:

robert@robert-desktop:~$ mailspring
cannot create user data directory: /home/robert/snap/mailspring/488: Permission denied

What now?

ijohnson · August 3, 2020, 1:04pm

Can you show system journal denials with journalctl -e --no-pager | grep DENIED ?

zickzack · August 3, 2020, 1:18pm

Hi, thanks for answering.

I just putted out the two denials for snap:

Aug 03 15:17:44 robert-desktop audit[25376]: AVC apparmor="DENIED" operation="open" profile="/snap/core/9665/usr/lib/snapd/snap-confine" name="/home/" pid=25376 comm="snap-confine" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
Aug 03 15:17:44 robert-desktop kernel: audit: type=1400 audit(1596460664.725:2109): apparmor="DENIED" operation="open" profile="/snap/core/9665/usr/lib/snapd/snap-confine" name="/home/" pid=25376 comm="snap-confine" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000

jdstrand · August 3, 2020, 2:38pm

This denial is unexpected since the snap-confine policy should have this rule: @{HOMEDIRS}/ r, with /etc/apparmor.d/tunables/home setting @{HOMEDIRS} to @{HOMEDIRS}=/home/.

What is the output of ‘grep -r HOMEDIRS /etc/apparmor.d/tunables’ ?

zickzack · August 3, 2020, 2:51pm

It’s
/etc/apparmor.d/tunables/home.d/my-homes:@{HOMEDIRS}+=/media/daten/home/ /etc/apparmor.d/tunables/home.d/site.local:# here are appended to @{HOMEDIRS}. See tunables/home for details. Eg: /etc/apparmor.d/tunables/home.d/site.local:#@{HOMEDIRS}+=/srv/nfs/home/ /mnt/home/ /etc/apparmor.d/tunables/home.d/Home:@{HOMEDIRS}+=/media/daten/home/ /etc/apparmor.d/tunables/home.d/ubuntu:# here are appended to @{HOMEDIRS}. See tunables/home for details. /etc/apparmor.d/tunables/home.d/ubuntu:@{HOMEDIRS}+=/media/daten/home/ /etc/apparmor.d/tunables/home:@{HOME}=@{HOMEDIRS}/*/ /root/ /etc/apparmor.d/tunables/home:# @{HOMEDIRS} is a space-separated list of where user home directories /etc/apparmor.d/tunables/home:@{HOMEDIRS}=/media/daten/home/ /etc/apparmor.d/tunables/home:# @{HOMEDIRS}.

Possibly I changed it during my search for the snap Solution…

zickzack · August 3, 2020, 3:04pm

Ok, thanks for the hint.

I changed all my databases in /etc/apparmor.d/tunables to the right home folder and now— finally, it works.

Thanks for all the help!

galgalesh · March 12, 2021, 5:17pm

Note: This is the documentation page where the workaround is explained in detail: https://snapcraft.io/docs/home-outside-home

spex · May 8, 2021, 12:50pm

I have switched my home directory to /home/$USERNAME using mount -bind. But I still receive the same alerting information as below:

"Sorry, home directories outside of /home are not currently supported.
See Support for non /home homedirs for details.
"

Does anyone know how to resolve the issue?

YamiYukiSenpai · May 8, 2021, 3:26pm

My current setup involves:

250GB 850 Pro mounted at /
500GB 860 EVO mounted at /home
2TB HDD mounted at /home/SGBC2T
4TB HDD mounted at /home/WDB4T

Documents, Pictures, Videos, etc. in /home are symlinked to folders in HDDs.

That worked for me.

@spex I never did it like that before, so I’m curious: how did you set it up to make that work at boot?

spex · May 8, 2021, 4:46pm

I don’t get your point. I didn’t make that work eventually.

If you are asking how to set up my folders, it’s mount --bind /OLD_HOME_DIRECTORY /home/$USERNAME.

YamiYukiSenpai · May 8, 2021, 5:04pm

I meant, does your custom /home directory mount at boot?

spex · May 8, 2021, 5:08pm

Yes, my home directory is automatically mounted from some server, but why?

kunzol · March 7, 2022, 6:44am

If /home is already used by the automounter (nfs) by ldap users it is not possible to add local user to /home via bind mount.

davehouser1 · October 28, 2022, 4:23pm

I had the same issue. Following these instructions fixed the issue. Make sure to do those instructions for your user AND the root user as well if you are using sudo. Kept failing even after I changed /home/$USER. The problem was /root was also set up on an iSCSI store. Once I did it for /home/$USER and /root, it worked.

pbanhol · February 23, 2023, 1:44pm

There is a PR which should solve this: