Hi all. I have the same problem in my snap java-based application. I use xdg-open command to launch the default browser so, it would be great a solution :)
Best, Eloy 2016-09-20 15:46 GMT+02:00 Spencer Parkin <spencertpar...@gmail.com>: > This is related to a question I had as well. I have a program that uses > wxLaunchDefaultBrowser which, looking at its implementation, tries to make > the system call "exec()" to launch the default browser with a URL. > > If snap programs are not allowed to start other processes, that's fine; > but if enough people need to launch the default browser with a URL, then > I'm sure a secure solution just for this could somehow be implemented for > snaps. > > I gather that one design goal of snaps, however, is the ability for people > to write programs for any environment, but also have them work as snaps so > that the programmer doesn't have to write snap-specific code, or make > snap-specific considerations in their code. In other words, your code > should be "none-the-wiser" that it is running in the confined area. > > So with that in mind, I'm not sure how to solve the problem. Any secure > API exposed to snap applications already breaks the above design goal. > > Of course, it's not unreasonable for my program to have "#ifdef WIN32" or > "#ifdef UNIX", and in the latter case, I may be looking to utilize > something in a standard unix environment which, I believe, is synthesized > in Unbuntu Core. That's where I believe the snap environment can intercept > what an application is doing and provide a secure solution, and this may be > the "xdg-open" thing Otfried was talking about. > > > On Mon, Sep 19, 2016 at 2:37 AM, Otfried Cheong <otfr...@ipe.airpost.net> > wrote: > >> Hello, >> >> my app has a manual in html. I normally show this using "xdg-open >> <url>", but from the snap this results in "xdg-open: Permission denied", >> leaving this log: >> >> [21249.231634] audit: type=1400 audit(1474273861.873:383): >> apparmor="DENIED" operation="exec" profile="snap.ipe.sh" >> name="/usr/local/bin/xdg-open" pid=9551 comm="sh" requested_mask="x" >> denied_mask="x" fsuid=1000 ouid=0 >> >> According to >> https://lists.ubuntu.com/archives/snapcraft/2016-September/001048.html >> this should work. >> I did refresh ubuntu-core from the beta channel and currently have >> revision 636 of ubuntu-core. >> >> >> Slightly related: If I understand >> https://lists.ubuntu.com/archives/snapcraft/2016-September/001118.html >> correctly, the host filesystem should be exposed to the snap as >> /var/lib/snapd/hostfs in devmode? It isn't on my system. >> >> Cheers, >> Otfried >> >> >> -- >> Snapcraft mailing list >> Snapcraft@lists.snapcraft.io >> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailm >> an/listinfo/snapcraft >> > > > -- > Snapcraft mailing list > Snapcraft@lists.snapcraft.io > Modify settings or unsubscribe at: https://lists.ubuntu.com/ > mailman/listinfo/snapcraft > > -- Eloy García Almadén
-- Snapcraft mailing list Snapcraft@lists.snapcraft.io Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/snapcraft