Flatpak: Accessing External storage from Flatpak apps
Living my life as a end-user of flatpak apps, I've come across several apps which would load/scan data from external storage, but not be able to do so given the Flatpak sandbox. Fx:
https://github.com/flathub/tv.kodi.Kodi/issues/46
"Can't use external hard disk as Media Source"https://github.com/flathub/org.videolan.VLC/issues/8
" VLC can't play from external hard drive"https://github.com/flathub/com.valvesoftware.Steam/issues/55
Can't add external Steam libraries
What's the correct way to address these use cases? Do each of those applications need to implement the native file portal (even if some of them (e.g. Kodi) are full screen apps and don't make use of native dialogs)? is there a general permissions setting that could be used to allow those application to access external storage in general?
bastianilso
All 3 comments
Kodi:
They hardcode a list:
- --filesystem=/mnt
- --filesystem=/media
- --filesystem=/run/media
So yea you have to manually extend that if you want more.
VLC:
It has full disk access: "--filesystem=host",
Sounds like a VLC or Qt bug.
Steam:
It purposefully avoids most drive access. You'll just have to manually add them.
You add permissions with flatpak override --user --filesystem=/path/to/dir org.app.Id
TingPing
on 22 Feb 2019
Thanks for the clarification. From a UX POV, this is of course not ideal - we are essentially letting a technical security detail bubble up to the surface and become a barrier to usage .
If the app was installed with Software there is no part of the flatpak installation process where it becomes clear that the app is imposed these restrictions (and there is no ability to remove them).
There is currently no way we can understand the intent to access external drives at runtime either, since the external drives are not remotely present in the filesystem which the application can see for security reasons.
The lack of feedback means also that the user could equally blame the software itself for being buggy. The workaround requires familiarization with CLIs and understanding how external storage mounts on your filesystem which might differ depending on the distro.
bastianilso
on 23 Feb 2019
- If the app was installed with Software there is no part of the flatpak installation process where it becomes clear that the app is imposed these restrictions (and there is no ability to remove them).
I believe GNOME-Software 3.32 show this. But modifications are done by hand still.
Anyway the long term goal is nothing ever has permissions like that and just works. See GNOME-MPV for an example of a media player with no disk permissions but will work fine.
TingPing
on 23 Feb 2019
Related issues
peteruithoven
路
3Comments
LonelyBirb47
路
4Comments
edoantonioco
路
3Comments
devurandom
路
4Comments
jgarciao
路
5Comments
Most helpful comment
Thanks for the clarification. From a UX POV, this is of course not ideal - we are essentially letting a technical security detail bubble up to the surface and become a barrier to usage .
If the app was installed with Software there is no part of the flatpak installation process where it becomes clear that the app is imposed these restrictions (and there is no ability to remove them).
There is currently no way we can understand the intent to access external drives at runtime either, since the external drives are not remotely present in the filesystem which the application can see for security reasons.
The lack of feedback means also that the user could equally blame the software itself for being buggy. The workaround requires familiarization with CLIs and understanding how external storage mounts on your filesystem which might differ depending on the distro.