Can't share a hidden folder

Ubuntu Gnome 17.05, Syncthing 0.14.28

I share my ~/.fonts folder across all my linux boxes, it worked fine until now. I installed Syncthing via the Snap package from the Gnome Software on my new laptop.

I could setup the other shares without any problem. However after adding the ~/.fonts share, when trying to sync, it tell me there is a rights permission problem.

This folder is in my home folder, next to other folders properly synced and the rights are the same. The only difference is the dot in the folder name as it’s a hidden folder.

Can this be a limitation from the Snap package?

It could be, I guess. What’s the actual error and ls -ld ~ ~/.fonts ?

And “until now” you mean this worked with Syncthing before, but not when installed as Snap?

Thank you for your quick reply as always.

here’s the error message I get

drwxr-xr-x 18 vincent vincent 4096 Mai 23 09:19 /home/vincent
drwxr-xr-x  2 vincent vincent 4096 Mai 16 20:42 /home/vincent/.fonts

This share is still working on the other machines. Only the one where I installed Syncthing from Snap can’t sync this folder.

What user is Syncthing running as?

My user (vincent) As I said, the other shares are working fine on this machine, it’s only .fonts/ who have problems

I would bet on the snappy sandbox thing. Try running a non-snappy distribution, or reading up on how snap handles this.

Thanks, I found the Snap maintainer and he is already aware of this issue.

I’ll try to go around this limitation with a symlink. Otherwise I’ll use the official PPA.

Hey @1ko, thanks for bringing this to our attention.

Giving read and write access to different locations in the file system is one of the most delicate topics. For example, if syncthing can read .ssh or .gnupg, then it could do a lot of harm.

We are all here because we trust the project and the developers, of course, and they are not going to steal our private data <3. But that’s clearly a level of trust that we shouldn’t lightly give away. And I will need to run on my machine some applications that I can’t trust at all, like closed-source slack for example. We need a mechanism that gives full control to the user over which files are available to each application.

When we were working in the Ubuntu Phone, that was easier because we controlled the UI toolkits and we could make sure that all the file pickers used our secure mediator. It was called the content hub. But now the problem is harder, we need to support CLI apps, all kinds of GUI toolkits, and things like syncthing, which doesn’t have a file picker on the web UI, just a text field.

We are trying not to hurry on this, because if we implement the wrong solution we will have to support it for a long time, or we could introduce a security vulnerability. We are collecting all the requirements, information about different types of projects that are affected by this, and ideas of how to solve it. So your posts are very helpful, and I invite everybody else to tell us about their experiences and suggestions.

The case of syncthing is actually pretty similar to the one we are discussing here, for editors:

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.