Ubuntu Chromium: where is my /tmp directory?

I’m running Ubuntu Eoan, which installs Chromium as a Snap package.

When I download a file and store it in /tmp it never appears there, even though I can see it when downloading another file to /tmp.

So, where is this /tmp directory located? I cannot find it either below /snap/ or ~/snap/ or /var/lib/snapd/.
Is there some command to locate “hidden” file systems?

Thanks for the question. I don’t recall seeing it asked before.
Inside the snap /tmp maps to /tmp/snap.(snapname)/tmp outside the snap.
So for chromium it maps to /tmp/snap.chromium/tmp.

Thank you, that’s it!

But it’s only accessible by root, because of permissions set to 700.
Is this configured somewhere or hardwired into snap?
How about other file system paths?

This is correct, the snap-specific /tmp/snap.$SNAP_NAME directory is 0700, however note that the subdirectory /tmp/snap.$SNAP_NAME/tmp is not root-owned, so when a snap application runs inside the snap mount namespace the /tmp directory is user-accessible. You can see this with snap run --shell:

$ snap run --shell chromium -c "ls -lah /tmp"
total 8.0K
drwxrwxrwt  3 root root 4.0K Jan  7 13:25 .
drwxr-xr-x 24 root root  333 Dec 12 09:44 ..
drwxr-xr-x  4 root root 4.0K Jan  7 13:25 .snap
$ sudo ls -lah /tmp/snap.chromium/tmp
total 12K
drwxrwxrwt 3 root root 4.0K Jan  7 13:25 .
drwx------ 3 root root 4.0K Jan  7 13:25 ..
drwxr-xr-x 4 root root 4.0K Jan  7 13:25 .snap

So I just got bitten by this myself. It’s pretty confusing and leaks several abstractions. For example, I now need to be aware of how I installed some package (apt || dnf, snap, manually) and the mapping between snaps and the parent file system.

I realize I derive much value from snap’s partitioning/overlay file system and I’ll “learn the quirks” over time. But this also strikes me as a horrible user experience to save a file, go look for it in (say) bash, and have it not be there. Even locate doesn’t seem to find it. I don’t know that you can easily fix this particular consequence of the snap design, so if this reads like a rant, just ignore it.

This behavior is complete insanity! What’s most difficult to comprehend is the broken FS hierarchy, where you select “root” > “tmp” in the dialog box, but actually, the action will take place under /root/tmp/snap.chromium/tmp.

I figured out the /tmp/snap.chromium/tmp behavior by myself, by luck, as I was just digging through /tmp, trying to search for my saved file! There was close to 0% chance I would have logically figured out such a dirty hack. And I’ve seen quite the fair share of hacks in the 13 years I’ve been working with Linux systems…

this is a security feature, not a hack (you might notice that you need sudo to copy anything out of that dir) it makes sure that other apps, malicious javascripts or other users can not spy at or abuse the app specific data …

one could argue that abusing system directories like /tmp for user downloads (which is a really bad idea FWIW) is like using /var/Documents or /var/Pictures instead of ~/Documents or ~/Pictures … is there anything preventing you from simply using ~/Downloads for downloads ?

after all this was why the XDG standard was designed 15y ago …