search

graysky2 / profile-sync-daemon

Symlinks and syncs browser profile dirs to RAM thus reducing HDD/SDD calls and speeding-up browsers.
https://wiki.archlinux.org/index.php/Profile-sync-daemon
Other
898 stars 84 forks source link

feature: Support for snapped versions of Firefox and Chromium #335

Open vasilev opened 1 year ago

vasilev commented 1 year ago

In response to Canonical's high-pressure selling of Snapcraft.

Snap in brief

Snap applies auto-generated AppArmor profiles located in /var/lib/snapd/apparmor/profiles/. Profile template and data to populate the template.

These profiles restrict access to $XDG_RUNTIME_DIR (as reported in https://github.com/graysky2/profile-sync-daemon/issues/247), and at the same time allow access to specific $XDG_RUNTIME_DIR's subdirectories, so $XDG_RUNTIME_DIR/snap.firefox/ is accessible to snapped Firefox, and $XDG_RUNTIME_DIR/snap.chromium/ is accessible to snapped Chromium.

Browser profiles are located in ~/snap/$SNAP_INSTANCE_NAME/common/ (~/snap/firefox/common/ and ~/snap/chromium/common/ respectively).

Possible solution

To comply with AppArmor restrictions mentioned above the in-memory part needs to be rerouted from the root of $VOLATILE to respective subdirectories of it.

Tested on Ubuntu 22.04.1 .

vasilev commented 1 year ago

@graysky2, could you please take a look?

vasilev commented 1 year ago

Converted to draft. Work in progress.

This solution needs more testing due to possible race conditions during system startup. PSD service may start before Snap-related services, so $XDG_RUNTIME_DIR/snap.$SNAP_INSTANCE_NAME/ directories may not exist at the time of PSD's startup phase.

Possible solutions (at the time being):

  1. Quick&Dirty: employ --mkpath Rsync option at some set of conditions.
  2. Fine-tune system service ordering and startup conditions.
vasilev commented 1 year ago

As far as I can understand, the creation of $XDG_RUNTIME_DIR/snap.$SNAP_INSTANCE_NAME/ is disabled in current version of snap-confine. And that directory is created by some BASH script using mkdir -p, possibly initiated by dconf-service definitely at the time of the browser launch. So to support the core PSD functionality a --mkpath approach is required.

Added --mkpath to initial sync.

This pull request is ready for review.

yutayu commented 1 year ago

According to this article , https://gihyo.jp/admin/serial/01/ubuntu-recipe/0714 snap doesn't regcognize other than snap folder, so snap rejects folders like /dev/shm. I made tmpfs profile folder in snap firefox folder and copy profile in it , and it works.

This is maybe hint.