In Flatpak how does one get access to /run/user/$UID/doc/<?>

Hello, I hope this is a right place to ask flatpak development related questions. I have a few.

  1. How can I get read access to /run/user/$UID/doc/<??>? Note that I am selecting a file from FilechooserNative Widget. Under flatpak user’s files are mounted under such directory pattern.
    For example the file ~/Downloads/pop-os_19.10_amd64_intel_8.iso gets read as /run/user/1000/doc/795be888/pop-os_19.10_amd64_intel_8.iso under flatpak build. But whenever I try opening the file, my program crashes because it can’t see the file. Even though I am selecting the file from a FilechooserNative widget.

  2. How can I get write access to block devices such as /dev/sdx?

My manifests file:

id: com.gitlab.adnan338.Nixwriter
runtime: org.gnome.Platform
runtime-version: "3.36"
sdk: org.gnome.Sdk
sdk-extensions:
  - org.freedesktop.Sdk.Extension.rust-stable 
command: nixwriter
finish-args:
  - --socket=fallback-x11
  - --share=ipc
  - --filesystem=host
  - --device=all
  # I need to use udisks2 to get information about removable media 
  - --system-talk-name=org.freedesktop.UDisks2
build-options:
  append-path: /usr/lib/sdk/rust-stable/bin
  build-args:
    - --share=network
modules:
  - name: nixwriter  
    sources:
      - type: dir
        path: "."
    buildsystem: simple
    build-commands:
      - cargo build --release
      - install -D target/release/nixwriter /app/bin/nixwriter

To anyone who might be reading it, launching the flatpak app with sudo fixes this problem. I now have to figure out how to start a flatpak app with root privileges.

1 Like

Files in /run/user/$UID/doc/ are exported in the document store, which makes them available to applications. How do you conclude that your app ‘can’t see them’ ?

With probably need --device=all you should have access to /dev/sdb

Starting filatpak apps with root privileges does not make sense.

I have already given access to --device=all in the manifest.

My wording was wrong about the flatpak app not being able to see the file, it does, hence I can select it. However here’s my log from the crash:

[src/frontend/mod.rs:65] &selected_file = Some(
    "/run/user/1000/doc/d1f64808/neon-user-20200723-1119.iso",
)
[src/frontend/mod.rs:80] &txt = "SanDisk-Ultra-USB-3.0-4C530000220305202152"
[src/frontend/mod.rs:201] "File path:" = "File path:"
[src/frontend/mod.rs:201] &input = "/run/user/1000/doc/d1f64808/neon-user-20200723-1119.iso"
thread 'main' panicked at 'called `Result::unwrap()` on an `Err` value: Os { code: 2, kind: NotFound, message: "No such file or directory" }', src/frontend/mod.rs:203:17

src/frontend/mod.rs:203:

            let total_len = Arc::new(AtomicUsize::new(
                fs::metadata(&input.as_path()).unwrap().len() as usize, // crash occurs from &input.as_path()).unwrap()
            ));

The input is a string that the FilechooserNative::get_filename() returns. Gtk somehow sees it but I can’t seem to operate on the returned path.


I think what’s happening here is that the flatpak app is trying to read /run/user/1000/doc/d1f64808/neon-user-20200723-1119.iso relative to its own sandbox. That path is valid for the system outside sandbox. not inside. I tried adding --persist=/ but the app still crashes.