Ubuntu
firefox package

snap breaks alternate policies.json location of toolkit.policies.perUserDir=true

Bug #2028822 reported by Birgit Edel
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
firefox (Ubuntu)
New
Undecided
Unassigned

Bug Description

repro
1. launch snap using firefox -P
2. create test profile
3. open about:prefs set bool toolkit.policies.perUserDir=true
4. ensure no file at /etc/firefox/policies/policies.json
5. ensure file at: /run/user/$(id -u)/firefox/policies.json
6. close & restart firefox -P and select test profile

expected: policy parsed (and applied, if valid)
actual: policy not parsed, error logged

syslog
AVC apparmor="DENIED" operation="open" profile="snap.firefox.firefox" name="/run/user/1002/firefox/policies.json" pid=303974 comm="firefox" requested_mask="r" denied_mask="r" fsuid=1002 ouid=1002

about:policies
Error reading JSON file: [Exception... "Component returned failure code: 0x80520015 (NS_ERROR_FILE_ACCESS_DENIED) [nsIXPCComponents_Utils.readUTF8File]" nsresult: "0x80520015 (NS_ERROR_FILE_ACCESS_DENIED)" location: "JS frame :: resource://gre/modules/EnterprisePoliciesParent.sys.mjs :: _readData :: line 614" data: no]

workaround for my use case, launching two firefox instances with different settings, abusing test feature:
export XPCSHELL_TEST_PROFILE_DIR=magic
then configure browser.policies.alternatePath=/etc/firefox/policies/custom.json

Not a dupe, the default location /etc/firefox/policies/policies.json works:
LP: #1975853
Background on the secondary location:
https://bugzilla.mozilla.org/show_bug.cgi?id=1583466

Tags: snap
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.