Public bug reported: Steps to reproduce: + Open any site using the WebHID API https://nondebug.github.io/webhid-explorer/ + Try to connect to any listed HID device + View the console errors or access chrome://device-log/ to read them
Expected behaviour: We can correctly connect to and access HID devices, like the .deb release allows. Actual behaviour: Listing WebHID devices works, but accessing them yields an Access Denied error In `chrome://device-log/` : [01:45:53] Failed to open '/dev/hidraw4': FILE_ERROR_ACCESS_DENIED [01:45:53] Access denied opening device read-write, trying read-only. But the device is perfectly accessible by the current user: $ ls -la /dev/hidraw* crw-rw-rw- 1 rgon users 238, 4 Apr 12 23:14 /dev/hidraw4 This is unexpected, since the snap.chromium.chromium apparmor profile supposedly gives access to them, and I see no DENIED audit logs in dmesg, # Description: Allow write access to u2f hidraw devices. /dev/hidraw* rwk, Also, the snap does not provide the `:raw-hid` plug, which would be the expected snap connection to allow it access. ------- System info: $ uname -a; type -a chromium Linux rgon-think480s 6.17.0-20-generic #20~24.04.1-Ubuntu SMP PREEMPT_DYNAMIC Thu Mar 19 01:28:37 UTC 2 x86_64 x86_64 x86_64 GNU/Linux chromium is /snap/bin/chromium chromium is /snap/bin/chromium $ snap info chromium; snap connections chromium name: chromium summary: Chromium web browser, open-source version of Chrome publisher: Canonical✓ store-url: https://snapcraft.io/chromium contact: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bugs?field.tag=snap license: unset description: | An open-source browser project that aims to build a safer, faster, and more stable way for all Internet users to experience the web. commands: - chromium.chromedriver - chromium services: chromium.daemon: simple, disabled, inactive snap-id: XKEcBqPM06H1Z7zGOdG5fbICuf8NWK5R tracking: latest/stable refresh-date: 12 days ago, at 21:00 CEST channels: latest/stable: 146.0.7680.164 2026-03-30 (3396) 196MB - latest/candidate: 147.0.7727.55 2026-04-09 (3411) 193MB - latest/beta: 147.0.7727.49 2026-04-09 (3407) 193MB - latest/edge: 148.0.7766.3 2026-04-09 (3410) 195MB - installed: 146.0.7680.164 (3396) 196MB - Interface Plug Slot Notes audio-playback chromium:audio-playback :audio-playback - audio-record chromium:audio-record :audio-record - bluez chromium:bluez :bluez - browser-support chromium:browser-sandbox :browser-support - camera chromium:camera :camera - content[gnome-46-2404] chromium:gnome-46-2404 gnome-46-2404:gnome-46-2404 - content[gpu-2404] chromium:gpu-2404 mesa-2404:gpu-2404 - content[gtk-3-themes] chromium:gtk-3-themes gtk-common-themes:gtk-3-themes - content[icon-themes] chromium:icon-themes gtk-common-themes:icon-themes - content chromium:install-cups-runtime-dependency - - content[sound-themes] chromium:sound-themes gtk-common-themes:sound-themes - cups chromium:cups cups:cups - desktop chromium:desktop :desktop - desktop-legacy chromium:desktop-legacy :desktop-legacy - gsettings chromium:gsettings :gsettings - hardware-observe chromium:hardware-observe :hardware-observe - hidraw chromium:hidraw - - home chromium:home :home - joystick chromium:joystick :joystick - kerberos-tickets chromium:kerberos-tickets - - mount-observe chromium:mount-observe - - mpris - chromium:mpris - network chromium:network :network - network-bind chromium:network-bind :network-bind - network-manager chromium:network-manager - - opengl chromium:opengl :opengl - password-manager-service chromium:password-manager-service - - pcscd chromium:pcscd - - personal-files chromium:chromium-config :personal-files - personal-files chromium:dot-local-share-applications :personal-files - personal-files chromium:dot-local-share-icons :personal-files - raw-usb chromium:raw-usb :raw-usb manual removable-media chromium:removable-media :removable-media - screen-inhibit-control chromium:screen-inhibit-control :screen-inhibit-control - serial-port chromium:serial-port - - system-files chromium:etc-chromium-browser-policies :system-files - system-packages-doc chromium:system-packages-doc :system-packages-doc - timezone-control chromium:timezone-control - - u2f-devices chromium:u2f-devices :u2f-devices - unity7 chromium:unity7 :unity7 - upower-observe chromium:upower-observe :upower-observe - wayland chromium:wayland :wayland - x11 chromium:x11 :x11 - ** Affects: chromium-browser (Ubuntu) Importance: Undecided Status: New ** Tags: usb webhid ** Description changed: Steps to reproduce: + Open any site using the WebHID API https://nondebug.github.io/webhid-explorer/ + + Try to connect to any listed HID device + View the console errors or access chrome://device-log/ to read them Expected behaviour: - We can correctly connect to and access HID devices, like the .deb release allows. + We can correctly connect to and access HID devices, like the .deb release allows. Actual behaviour: Listing WebHID devices works, but accessing them yields an Access Denied error In `chrome://device-log/` : - [01:45:53] Failed to open '/dev/hidraw4': FILE_ERROR_ACCESS_DENIED - [01:45:53] Access denied opening device read-write, trying read-only. - + [01:45:53] Failed to open '/dev/hidraw4': FILE_ERROR_ACCESS_DENIED + [01:45:53] Access denied opening device read-write, trying read-only. But the device is perfectly accessible by the current user: - $ ls -la /dev/hidraw* - crw-rw-rw- 1 rgon users 238, 4 Apr 12 23:14 /dev/hidraw4 - + $ ls -la /dev/hidraw* + crw-rw-rw- 1 rgon users 238, 4 Apr 12 23:14 /dev/hidraw4 This is unexpected, since the snap.chromium.chromium apparmor profile supposedly gives access to them, and I see no DENIED audit logs in dmesg, - # Description: Allow write access to u2f hidraw devices. - /dev/hidraw* rwk, + # Description: Allow write access to u2f hidraw devices. + /dev/hidraw* rwk, - - Also, the snap does not provide the `:raw-hid` plug, which would be the expected snap connection to allow it access. + Also, the snap does not provide the `:raw-hid` plug, which would be the + expected snap connection to allow it access. ------- System info: $ uname -a; type -a chromium Linux rgon-think480s 6.17.0-20-generic #20~24.04.1-Ubuntu SMP PREEMPT_DYNAMIC Thu Mar 19 01:28:37 UTC 2 x86_64 x86_64 x86_64 GNU/Linux chromium is /snap/bin/chromium chromium is /snap/bin/chromium $ snap info chromium; snap connections chromium name: chromium summary: Chromium web browser, open-source version of Chrome publisher: Canonical✓ store-url: https://snapcraft.io/chromium contact: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bugs?field.tag=snap license: unset description: | - An open-source browser project that aims to build a safer, faster, and more - stable way for all Internet users to experience the web. + An open-source browser project that aims to build a safer, faster, and more + stable way for all Internet users to experience the web. commands: - - chromium.chromedriver - - chromium + - chromium.chromedriver + - chromium services: - chromium.daemon: simple, disabled, inactive + chromium.daemon: simple, disabled, inactive snap-id: XKEcBqPM06H1Z7zGOdG5fbICuf8NWK5R tracking: latest/stable refresh-date: 12 days ago, at 21:00 CEST channels: - latest/stable: 146.0.7680.164 2026-03-30 (3396) 196MB - - latest/candidate: 147.0.7727.55 2026-04-09 (3411) 193MB - - latest/beta: 147.0.7727.49 2026-04-09 (3407) 193MB - - latest/edge: 148.0.7766.3 2026-04-09 (3410) 195MB - + latest/stable: 146.0.7680.164 2026-03-30 (3396) 196MB - + latest/candidate: 147.0.7727.55 2026-04-09 (3411) 193MB - + latest/beta: 147.0.7727.49 2026-04-09 (3407) 193MB - + latest/edge: 148.0.7766.3 2026-04-09 (3410) 195MB - installed: 146.0.7680.164 (3396) 196MB - Interface Plug Slot Notes audio-playback chromium:audio-playback :audio-playback - audio-record chromium:audio-record :audio-record - bluez chromium:bluez :bluez - browser-support chromium:browser-sandbox :browser-support - camera chromium:camera :camera - content[gnome-46-2404] chromium:gnome-46-2404 gnome-46-2404:gnome-46-2404 - content[gpu-2404] chromium:gpu-2404 mesa-2404:gpu-2404 - content[gtk-3-themes] chromium:gtk-3-themes gtk-common-themes:gtk-3-themes - content[icon-themes] chromium:icon-themes gtk-common-themes:icon-themes - content chromium:install-cups-runtime-dependency - - content[sound-themes] chromium:sound-themes gtk-common-themes:sound-themes - cups chromium:cups cups:cups - desktop chromium:desktop :desktop - desktop-legacy chromium:desktop-legacy :desktop-legacy - gsettings chromium:gsettings :gsettings - hardware-observe chromium:hardware-observe :hardware-observe - hidraw chromium:hidraw - - home chromium:home :home - joystick chromium:joystick :joystick - kerberos-tickets chromium:kerberos-tickets - - mount-observe chromium:mount-observe - - mpris - chromium:mpris - network chromium:network :network - network-bind chromium:network-bind :network-bind - network-manager chromium:network-manager - - opengl chromium:opengl :opengl - password-manager-service chromium:password-manager-service - - pcscd chromium:pcscd - - personal-files chromium:chromium-config :personal-files - personal-files chromium:dot-local-share-applications :personal-files - personal-files chromium:dot-local-share-icons :personal-files - raw-usb chromium:raw-usb :raw-usb manual removable-media chromium:removable-media :removable-media - screen-inhibit-control chromium:screen-inhibit-control :screen-inhibit-control - serial-port chromium:serial-port - - system-files chromium:etc-chromium-browser-policies :system-files - system-packages-doc chromium:system-packages-doc :system-packages-doc - timezone-control chromium:timezone-control - - u2f-devices chromium:u2f-devices :u2f-devices - unity7 chromium:unity7 :unity7 - upower-observe chromium:upower-observe :upower-observe - wayland chromium:wayland :wayland - x11 chromium:x11 :x11 - -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2148141 Title: [snap] Chromium can enumerate WebHID devices but cannot access them To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/2148141/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
