Closed Bug 1767316 Opened 3 years ago Closed 2 years ago

Snap can browse network share, but cannot read/write there

Categories

(Core :: Widget: Gtk, defect, P3)

Firefox 99
x86_64
Linux
defect

Tracking

()

RESOLVED DUPLICATE of bug 1773624

People

(Reporter: mw, Assigned: gerard-majax)

References

(Blocks 1 open bug)

Details

Attachments

(3 files)

Steps to reproduce:

  1. Run Firefox (version 99.0 or 100.0b9) as a Snap package in Ubuntu 22.04 (upgraded from 21.10)
  2. Have a SMB file server available where the network shares can be mounted just by clicking on the share in Nautilus file manager (smb:// protocol, usually mounted dynamically via /var/run/user/.../gvfs/...)
  3. Have one such share mounted and writable
  4. Open any website containing images in Firefox
  5. Right-click on an image and select "Save Image As..."
  6. In the file save dialog, navigate to the mounted share
  7. Assert content of network share is visible and browsable from within the save dialog
  8. Select "Save" at any folder in the network share

Actual results:

  • File is not saved to selected network share location
  • No file download entry is created in "Downloads"
  • No error is shown

Expected results:

  • File is saved to selected network share location
  • No error is shown

Additional information:

  • When saving to a folder on the local machine instead, saving works correctly as expected
  • In contrast to files, new folders that are created from within the save dialog are saved correctly on the network share
OS: Unspecified → Linux
Hardware: Unspecified → x86_64

Output of journalctl -f | grep DEN when trying to save to the network share is as follows:

Mai 04 11:30:18 athlon audit[5959]: AVC apparmor="DENIED" operation="open" profile="snap.firefox.firefox" name="/run/mount/utab" pid=5959 comm="firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Mai 04 11:30:18 athlon kernel: audit: type=1400 audit(1651656618.225:90): apparmor="DENIED" operation="open" profile="snap.firefox.firefox" name="/run/mount/utab" pid=5959 comm="firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Mai 04 11:30:18 athlon audit[1151]: USER_AVC pid=1151 uid=103 auid=4294967295 ses=4294967295 subj=? msg='apparmor="DENIED" operation="dbus_method_call"  bus="system" path="/org/freedesktop/hostname1" interface="org.freedesktop.DBus.Properties" member="GetAll" mask="send" name=":1.231" pid=5959 label="snap.firefox.firefox" peer_pid=12048 peer_label="unconfined"
Mai 04 11:30:18 athlon audit[1151]: USER_AVC pid=1151 uid=103 auid=4294967295 ses=4294967295 subj=? msg='apparmor="DENIED" operation="dbus_method_call"  bus="system" path="/org/freedesktop/hostname1" interface="org.freedesktop.DBus.Properties" member="GetAll" mask="send" name=":1.231" pid=5959 label="snap.firefox.firefox" peer_pid=12048 peer_label="unconfined"
Mai 04 11:30:18 athlon audit[1151]: USER_AVC pid=1151 uid=103 auid=4294967295 ses=4294967295 subj=? msg='apparmor="DENIED" operation="dbus_method_call"  bus="system" path="/org/freedesktop/hostname1" interface="org.freedesktop.DBus.Properties" member="GetAll" mask="send" name=":1.231" pid=5959 label="snap.firefox.firefox" peer_pid=12048 peer_label="unconfined"
Mai 04 11:30:18 athlon audit[1151]: USER_AVC pid=1151 uid=103 auid=4294967295 ses=4294967295 subj=? msg='apparmor="DENIED" operation="dbus_method_call"  bus="system" path="/org/freedesktop/hostname1" interface="org.freedesktop.DBus.Properties" member="GetAll" mask="send" name=":1.231" pid=5959 label="snap.firefox.firefox" peer_pid=12048 peer_label="unconfined"
Mai 04 11:30:18 athlon kernel: audit: type=1107 audit(1651656618.313:91): pid=1151 uid=103 auid=4294967295 ses=4294967295 subj=? msg='apparmor="DENIED" operation="dbus_method_call"  bus="system" path="/org/freedesktop/hostname1" interface="org.freedesktop.DBus.Properties" member="GetAll" mask="send" name=":1.231" pid=5959 label="snap.firefox.firefox" peer_pid=12048 peer_label="unconfined"
Mai 04 11:30:18 athlon kernel: audit: type=1107 audit(1651656618.313:93): pid=1151 uid=103 auid=4294967295 ses=4294967295 subj=? msg='apparmor="DENIED" operation="dbus_method_call"  bus="system" path="/org/freedesktop/hostname1" interface="org.freedesktop.DBus.Properties" member="GetAll" mask="send" name=":1.231" pid=5959 label="snap.firefox.firefox" peer_pid=12048 peer_label="unconfined"
Mai 04 11:30:18 athlon kernel: audit: type=1107 audit(1651656618.313:95): pid=1151 uid=103 auid=4294967295 ses=4294967295 subj=? msg='apparmor="DENIED" operation="dbus_method_call"  bus="system" path="/org/freedesktop/hostname1" interface="org.freedesktop.DBus.Properties" member="GetAll" mask="send" name=":1.231" pid=5959 label="snap.firefox.firefox" peer_pid=12048 peer_label="unconfined"
Mai 04 11:30:18 athlon kernel: audit: type=1107 audit(1651656618.313:97): pid=1151 uid=103 auid=4294967295 ses=4294967295 subj=? msg='apparmor="DENIED" operation="dbus_method_call"  bus="system" path="/org/freedesktop/hostname1" interface="org.freedesktop.DBus.Properties" member="GetAll" mask="send" name=":1.231" pid=5959 label="snap.firefox.firefox" peer_pid=12048 peer_label="unconfined"

For debugging purposes I added and activated the following changes for the Firefox apparmor profile:

/run/mount/utab r,
/etc/fstab r,
dbus (send)
    bus=system
    path=/org/freedesktop/hostname1
    interface=org.freedesktop.DBus.Properties
    member=GetAll
    peer=(label=unconfined),

Now the apparmor deny messages no longer appear in the journal but saving files to the network share still does not do anything as before.

Blocks: snap

Thanks for the report Markus. In contrast to saving, does opening files from a network share work within firefox?

Flags: needinfo?(mw)

Just checked, that's not working either.

To test, I open a new tab, press Ctrl + O to get the "Open File" dialog, browse to the network share and double-click e.g. a .png file. The file dialog then closes and nothing else happens. The image is not opened.

If I do the same steps with an image on the local drive, it opens fine.

In summary, the only thing that works on the network share is creating a new folder from within the "Save" file dialog.

Flags: needinfo?(mw)

I've set up a samba share on my machine and I can confirm the problem. The share can be browsed, but files on it aren't opened, and there's no user feedback.

Status: UNCONFIRMED → NEW
Ever confirmed: true
Summary: Downloaded files not saved when saving to network share under Ubuntu 22.04 → Snap can browse network share, but cannot read/write there

I just upgraded Ubuntu from 21.10 to 22.04, and now Chrome (deb), Thunderbird (snap), and FireFox (snap) will not open nor save to any network drives (a home Ubuntu server); all of these apps read/saved to the same server before the upgrade this afternoon. So, "me too", but also it may not be limited to FF, snaps, or even Mozilla, since my Chrome install behaves similarly.

Component: Untriaged → File Handling
Component: File Handling → Untriaged

(In reply to Al Savage from comment #6)

[...] it may not be limited to FF, snaps, or even Mozilla, since my Chrome install behaves similarly.

You are right, this is actually affecting other applications, too. I get the exact same behavior described in the steps to reproduce when using Chromium installed via snap: Local files open fine, opening files on network shares does not trigger any reaction.

Should this issue here remain open?

[snap] Firefox's File|Open dialogue shows missing information in the Location column for Recent files that are non-local.

[.deb] Chrome shows exactly the same behaviour on this workstation.

(I also filed bug 1768492 for the File|Open dialogue resizing 244px larger every time you open it, until it fills the viewport.)

Attached image File pickers comparison 1 (deleted) —

I've spun up a fresh 22.04 install in a VM, then run the snap version of ff 100 (on the right) and ff 100 from linux binaries (on the left). The file picker is different between the two versions; the binaries version shows fewer network share aliases, and this binaries version can successfully read and write to network shares.

The snap version's file picker shows aliases for network shares (and a printer) and will navigate into those folders and show files, but when a file is chosen to open, ff does not read the file and does not display an error.

Attached image File pickers comparison 2 (deleted) —

In "File pickers comparison 2", I show that the two file pickers (ff run from linux binaries vs the snap package) sort files in a different order, have different options at the bottom, and the bottom window corners are either square or rounded.

The snap's file picker resizes poorly here, as well.

I ran the ff linux binaries version using the suggestion from https://bugzilla.mozilla.org/show_bug.cgi?id=1768500#c5

In the fresh VM, I just installed Chrome (google-chrome) from binaries, and it too uses the troublesome file picker, and has the same issues ("sees" network shares files but does not read them; resizes poorly; window enlarges by 244px both H & V every time it's invoked).

Severity: -- → S3
Component: Untriaged → Widget: Gtk
Priority: -- → P3
Product: Firefox → Core
Assignee: nobody → lissyx+mozillians

(In reply to Al Savage from comment #9)

The snap version's file picker shows aliases for network shares (and a printer) and will navigate into those folders and show files, but when a file is chosen to open, ff does not read the file and does not display an error.

Can you have a look at journalctl when reproducing and see if you hit https://bugzilla.mozilla.org/show_bug.cgi?id=1773624#c1 ? i'm wondering if there's not a bug either in xdg-desktop-portal or in how we communicate to it

(In reply to Alexandre LISSY :gerard-majax from comment #12)

Can you have a look at journalctl when reproducing and see if you hit https://bugzilla.mozilla.org/show_bug.cgi?id=1773624#c1 ? i'm wondering if there's not a bug either in xdg-desktop-portal or in how we communicate to it

Can confirm getting this journal entry on my side. See https://bugzilla.mozilla.org/show_bug.cgi?id=1773624#c9

Thanks, so I think we can safely assume, given the same error message, that this is just a dupe.

Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → DUPLICATE

I don't understand how this bug, opened 24 days ago, becomes a duplicate of a bug (1773624) that was opened nine hours ago; it would seem the other way round. But, I'm glad you're looking at them.

(In reply to Al Savage from comment #15)

I don't understand how this bug, opened 24 days ago, becomes a duplicate of a bug (1773624) that was opened nine hours ago; it would seem the other way round. But, I'm glad you're looking at them.

Because I filed it and started working on it and shared progress on bug 1773624, and just found after about others, and I was unsure whether it was the same root cause until I get more infos.

You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: