The homeishome launcher: Fix snapped apps that (wrongly) referring to the user's real home directory instead of $HOME

Some applications query the password database without checking “HOME” to determine where to save data, and if these paths are not configurable within the application itself, it becomes impossible to control where the data is stored.

– Quoting from ericpruitt/homeishome: Override passwd->pw_dir for the current user’s password database entry with $HOME.

One of the obstacles of snapcrafting is that some applications locate the user’s home directory via getpwent(3) , getpwent_r(3) , getpwnam(3) , getpwnam_r(3) , getpwuid(3) and getpwuid_r(3) library calls(which refers to the /etc/passwd account database), instead of honoring the $HOME environment variable which is rewrite to the SNAP_USER_DATA(~/snap/snap_name/snap_revision) by the snap runtime.

This causes a problem where the application tries to read/write some file under the user’s home directory, which is not always possible due to the snap runtime’s security confinement, like:

• Hidden files/directories right under the user’s home directory(not allowed by the home interface, note that the personal-files interface is available for such access)
  • ~/.vimrc
  • ~/.config/gallery-dl/gallery-dl.conf
• Any files under the user’s home directory when the snap does not necessarily require access, for example, the BFG Repo Cleaner application will indirectly access the ~/.gitconfig file even though its functionality doesn’t require it(hence not suitable for requesting the personal-files interface)

This launcher features a build of ericpruitt/homeishome: Override passwd->pw_dir for the current user’s password database entry with $HOME. and a convenience launcher, where allows snapcrafters to override the application’s behavior via overriding the getpw*(3) library functions implementations to honor the $HOME environment variable that points to an accessible path (normally $SNAP_USER_DATA), via the LD_PRELOAD mechanism.

How to use

Include the following part definition to your snapcraft.yaml:

  homeishome-launch:
    plugin: nil
    stage-snaps:
      - homeishome-launch

and, in the app’s definition, add the bin/homeishome-launch launcher to the command chain:

    command-chain:
      - bin/homeishome-launch

Snaps that are powered by this launcher

• Install BFG Repo-Cleaner (UNOFFICIAL) for Linux using the Snap Store | Snapcraft - patch

Source recipe

Lin-Buo-Ren/homeishome-launch: Override pw_dir for the current user’s password database entry with $HOME

Credits

This product will neither be possible nor as successful without Eric Pruitt’s $HOME is Home project. The project maintainer also is very helpful in fixing issues that are found during the production of this snap.

Reference

• ericpruitt/homeishome: Override passwd->pw_dir for the current user’s password database entry with $HOME.
• Go HomeDir reads /etc/passwd, not $HOME - snapd - snapcraft.io
• Bug #1636229 “getpwnam() and parsing /etc/passwd gives wrong val…” : Bugs : Snappy

I think this might have saved the mc-installer snap! TY @Lin-Buo-Ren for posting this. TY @galgalesh for pointing me toward this!

Glad it helps. If it really works please consider listing it under the “Snaps that are powered by this launcher” section, thanks!