-
-
Notifications
You must be signed in to change notification settings - Fork 216
Nextcloud snap_Snap confinement
Snap confinement is an Ubuntu security feature. This is the reason Nextcloud-snap is not supported on non-Ubuntu distributions. So unless you allow the Snap to connect removable media in /mnt
or /media
you will not be able to access any other directory or device outside of confinement.
@kyrofa INFO:
Snaps do this by way of interfaces 17. One of the interfaces is called
removable-media
, which grants access to the host’s/media
and/mnt
directories. That’s how the snap can access other disks. Without that interface it can only read/write in a few very specific places.
@kyrofa INFO:
This has nothing to do with permissions. It's not a permissions issue, it's a confinement issue. The Linux kernel won't allow the snap to touch your home directory or any other directory outside of the confinement
Snap confinement is a great security feature on Ubuntu, but what can you do to access your home directory from within your self-hosted instance?
In a self-hosted environment on Ubuntu where SSH is available on the local network
yet blocked externally by (firewall/router), local servers can be connected via SFTP using external storage app to access any local non-root directory, such as your home directory.
Nextcloud snap Wiki, use all information and scripts at own risk