Ubuntu
libreoffice package

[snap] permission restriction on /usr breaks TexMaths extension

Bug #1747875 reported by Roland65 on 2018-02-07

6

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	libreoffice (Ubuntu)	Confirmed	Undecided	Unassigned

Bug Description

I am the developer of a LibreOffice extension (the TexMaths equation editor) and I got reports of users who can’t use this extension with the snap version of LibreOffice, because of permission restrictions on /usr (the TexMaths extension, and probably others, use external programs located in /usr/bin).

Indeed, the TexMaths extension uses external programs like /usr/bin/latex, /usr/bin/dvipng, /usr/bin/dvisvgm and the texlive LaTeX packages to produce LaTeX equations in LibreOffice (in Writer, Draw and Impress components). Since the access to /usr from the snap packages is not possible, this breaks TexMaths.

I guess there are other extensions that could be affected by this problem.

I tested and reproduced the issue in Ubuntu 16.04.3 LTS (64 bits) with the snap package of LibreOffice 5.4.4.2.

Here is a link to download and test TexMaths (please note that texlive must be installed before) : http://roland65.free.fr/texmaths/

See original description

Tags:

Roland65 (roland65) on 2018-02-07

description:

updated

Olivier Tilloy (osomon) on 2018-02-07

summary:	- Libreoffice snap permission restriction on /usr breaks TexMaths - extension + [snap] permission restriction on /usr breaks TexMaths extension
tags:	added: snap

Revision history for this message

Olivier Tilloy (osomon) wrote on 2018-02-07:

#1

Given that TexMaths is configurable and lets the user change the path to the latex binary, I guess one option would be to ship latex within the snap. That might not be very user-friendly, as I'm not convinced the extension would find it without the user telling it where to look for it. And we need to check how much bigger the resulting snap would be with a latex installation.

As the extension is multi-platform, I guess shipping latex within the extension itself is not really an option.

Changed in libreoffice (Ubuntu):
status:	New → Confirmed

Revision history for this message

Roland65 (roland65) wrote on 2018-02-07:

#2

Is it not possible to simply allow the access to the /usr directory?

Revision history for this message

Olivier Tilloy (osomon) wrote on 2018-02-07:

#3

The way snaps work, they are strictly confined with apparmor that prevents access to the host system. There are interfaces that, when connected, allow partial access to some of the host's features, but to my knowledge none of them allow executing random binaries in /usr/bin/.

Revision history for this message

Roland65 (roland65) wrote on 2018-02-07:

#4

OK, but I don't think including the hundreds of MB of LaTeX packages could be an option.

Perhaps, TexMaths could detect if it is run from within a snap and warn the user about the issue? For me, this approach is OK.

Does it sound feasible?

Revision history for this message

Olivier Tilloy (osomon) wrote on 2018-02-07:

#5

You can check from within the extension whether the $SNAP environment variable is set.
It's a bit of a suboptimal user experience, but at least that would provide feedback to the user.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.