snap package lacks permissions for removable devices

[adrianinsaval]

Reported in https://forum.freecadweb.org/viewtopic.php?p=627466#p627466 and https://forum.freecadweb.org/viewtopic.php?p=628023#p628023 manually giving permissions through the software center fixes the issue, can the package have this permission by default?

[ppd]

This would have to be granted by the snap admins/reviewers following a request from us on the forums. I don't think we qualify for this because it's not a key use case of FreeCAD to open files from removable media.

I quote:

For auto-connecting, we don’t grant auto-connect for removable-media since the access is almost always optional and we want to preserve the user’s voice so forum requests are needed where you feel the functionality is required.

(https://forum.snapcraft.io/t/kdenlive-removable-media/16088/3)

[adrianinsaval]

Opening files is not considered "key use case"?

[ppd]

I quote again:

Exceptions: the following classes of applications may be considered for removable-media auto-connection:

major browsers and email clients (rationale: the software is designed with security and user privacy in mind)
media (eg, sound, photo, video) editors (rationale: the software is very often used to import/edit/export large files on external devices)
media (eg, sound, photo, video) players/viewers (rationale: the software is very often used to import/preview/playback files on external devices)
media (eg, sound, photo, video) recorders/cameras (rationale: the software is very often used to export/edit files on external devices)

Opening files is a use case, but not from removable devices. Usually, this would be handled via the portal, which can proxy files from removable devices without needing this interface connected. But the combo portal + FreeCAD has other problems, unfortunately.

[adrianinsaval]

Ok, since it seems to go against the policy to have these permissions by default I will just close the issue. Regarding the portal, I guess that would have been the ideal solution, what issues does it have?

[ppd]

Regarding the portal, I guess that would have been the ideal solution, what issues does it have?

The portal gives the snap or flatpak access by proxying the requested file via a fuse mount if the snap wouldn't have access normally.

The problem is that FreeCAD then gets a path like /run/user/1001/.../MyModel.FCStd, which would be okay for simply opening the file. However, FreeCAD wants to do other things like:

• Opening linked files relative to the main file, which the portal knows nothing about
• Saving snapshots relative to the working file (at least I think it tries to do that)
• possibly others I'm forgetting

On more modern hosts, the portal is more clever and gives the snap the real path if the snap has access anyway. For example, a file in $HOME would be passed as /home/user/MyModel.FCStd. So from Ubuntu 21.04 or a relatively recent Fedora, we could use the portal for most use cases. Many of the snap's users are still on Ubuntu 20.04, whose portal version is too old for this feature.
But still, if the snap has not been granted access to the removable devices, we get the same proxying, which works if the file doesn't contain links or similar elements, but breaks down if it's an assembly with external references.

Of course, there's development going on in both the portal and the snap ecosystem. The portal will gain support for proxying entire directories, and snapd will eventually also support prompting users to enable a certain interface, like Android or iOS do.

To put in a nutshell, FreeCAD is a traditional application whose assumptions clash with the expectations of the portal developers, who had simpler use cases in mind. Both could be adapted, but it's not as easy as it might seem on the first glance.

[luzpaz]

To put in a nutshell, FreeCAD is a traditional application whose assumptions clash with the expectations of the portal developers, who had simpler use cases in mind. Both could be adapted, but it's not as easy as it might seem on the first glance.

In that case we can keep this ticket open

[adrianinsaval]

From my understanding this requires either changes in FreeCAD source itself (and I don't know if it's even possible to solve/improve this on the FreeCAD side) or upstream in snap/desktop portals so it can't be dealt with in packaging so having the issue here is not much useful IMO.

[adrianinsaval]

Also the desktop portal problem is a separate more generalized thing than just usb devices so if you want to track that IMO it's best to use a new issue to avoid confusion.

[luzpaz]

ppd, thoughts ?

[ppd]

We could make this issue an actionable one for us by discussing whether it makes sense to mitigate the issue by prompting the user to enable removable-media on the first start. That would be rather easy to implement.