document-portal: add snap support to app_has_file_access() #550
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This calls out to the
snap routine file-access
helper command, which produces output compatible withflatpak info --file-access
.While this command was only introduced in snapd 2.45, the failure mode with old versions is consistent with the previous behaviour: assume the snap does not have file access.
At present, the
snap routine-file-access
reports read-write or read-only access for the following:/var/snap
and~/snap
.home
, paths under the user's home directory excluding the~/snap
directory and top level hidden files.removable-media
, paths from removable media directories (/mnt
,/media
, and/run/media
).These paths should all have the same meaning inside and outside the sandbox.