1

I have all my photos on a separate (local) NFS server which is mounted at /home/majira_home. I have been using this setup for years with darktable. But after I installed darktable from snap (sudo snap install darktable), darktable is unable to open the mount, giving this error:

Could not read the contents of majira_home

Error opening directory '/home/majira_home': Permission denied

  [Transcribed from this screenshot image.]

Yet, this is something I've always been able to do from the lighttable → images → add to library.

Strangely, if I double-click the filename directory from a file browser opened into the mounted volume, darktable is able to both open the file and export images to that directory.

My question is: what changes can/should I make to any snap/darktable profile, or AppArmor config/profiles to get this working?  I've already spent 10+ hours trying to figure this out.

I've added permissions in /etc/fstab at mount to give the mount point my UID and GID.

$ ls -l /home/majira_home/ drwxrwxrwx 100 daudi daudi 4096 Apr 25 2021 daudi System information: System: Host: wstn Kernel: 5.4.0-132-generic x86_64 bits: 64 compiler: gcc v: 7.5.0 Desktop: Xfce 4.14.1 tk: Gtk 3.22.30 wm: xfwm4 dm: LightDM Distro: Linux Mint 19.3 Tricia base: Ubuntu 18.04 bionic darktable 4.0.1 89 latest/stable sergiusens - $ snap connections darktable Interface Plug Slot Notes content[gnome-42-2204] darktable:gnome-42-2204 gnome-42-2204:gnome-42-2204 - content[gtk-3-themes] darktable:gtk-3-themes gtk-common-themes:gtk-3-themes - content[icon-themes] darktable:icon-themes gtk-common-themes:icon-themes - content[sound-themes] darktable:sound-themes gtk-common-themes:sound-themes - dbus - darktable:session-dbus-interface - desktop darktable:desktop :desktop - desktop-legacy darktable:desktop-legacy :desktop-legacy - gsettings darktable:gsettings :gsettings - home darktable:home :home - network darktable:network :network - network-bind darktable:network-bind :network-bind - opengl darktable:opengl :opengl - password-manager-service darktable:password-manager-service - - removable-media darktable:removable-media :removable-media - wayland darktable:wayland :wayland - x11 darktable:x11 :x11 - Nov 21 12:37:09 jabari audit[5411]: AVC apparmor="DENIED" operation="open" profile="snap.darktable.darktable" name="/etc/fstab" pid=5411 comm="darktable" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Nov 21 12:37:09 jabari audit[5411]: AVC apparmor="DENIED" operation="open" profile="snap.darktable.darktable" name="/proc/5411/mountinfo" pid=5411 comm="darktable" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000 Nov 21 12:37:09 jabari audit[5411]: AVC apparmor="DENIED" operation="open" profile="snap.darktable.darktable" name="/proc/5411/mounts" pid=5411 comm="darktable" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000 Nov 21 12:37:09 jabari kernel: audit: type=1400 audit(1669063029.067:132): apparmor="DENIED" operation="open" profile="snap.darktable.darktable" name="/etc/fstab" pid=5411 comm="darktable" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Nov 21 12:37:09 jabari kernel: audit: type=1400 audit(1669063029.067:133): apparmor="DENIED" operation="open" profile="snap.darktable.darktable" name="/proc/5411/mountinfo" pid=5411 comm="darktable" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000 Nov 21 12:37:09 jabari kernel: audit: type=1400 audit(1669063029.067:134): apparmor="DENIED" operation="open" profile="snap.darktable.darktable" name="/proc/5411/mounts" pid=5411 comm="darktable" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000 Nov 21 12:37:09 jabari kernel: audit: type=1400 audit(1669063029.071:135): apparmor="DENIED" operation="open" profile="snap.darktable.darktable" name="/home/majira_home/" pid=5411 comm="darktable" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Nov 21 12:37:09 jabari audit[5411]: AVC apparmor="DENIED" operation="open" profile="snap.darktable.darktable" name="/home/majira_home/" pid=5411 comm="darktable" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 Nov 21 12:37:09 jabari audit[5411]: AVC apparmor="DENIED" operation="open" profile="snap.darktable.darktable" name="/home/majira_home/" pid=5411 comm="darktable" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Improve this question
4
  • work-around found: $ ln -s <target-directory-on nfs> <~/Pictures/<anyname>, then darktable is able to open this and access the RAW files for processing. Commented Nov 22, 2022 at 0:48
  • that's not completely correct. "removable-media darktable:removable-media" settings in snap are there to access other media. I think there is something restrictive in how darktable snap package has been built. Additionally, the snap sandboxing is not to explain. I think there's something in the appamor profile that is restricting the access from initially opening the NFS. but doesn't restrict the access otherwise. Commented Nov 22, 2022 at 0:56
  • 1
    snaps are a real pain, they often have missing features. The ubuntu darktable has no opencl or print module. Use the opensuse build service repository as indicated on the darktable website. Commented Nov 22, 2022 at 3:57
  • Snaps are a massive pain and to be avoided if at all possible (I would say "for all but the most trivial tasks" but it's often the trivial stuff where they fail the hardest - like working in /tmp). Unfortunately it's not always easy to avoid them. I also suggest asking on Unix and Linux in this specific case, but generally it's not worth fighting with them. A mod may be able to migrate Commented Nov 22, 2022 at 7:41

1 Answer 1

Reset to default
0

Big thank you for the comments on this thread, I would never had realised the problem is related to the fact I've installed a snap package.

For others who might come across this.

  1. sudo snap remove darktable
  2. Debian based users use this link for adding the ppa or just downloading the package manually : https://software.opensuse.org/download.html?project=graphics:darktable&package=darktable
  3. followed by the usual sudo update && sudo apt install darktable

Note: This will install the latest version which isn't available on Ubuntu standard repositories. It will install a lot of extra dependencies.

If you already have a database built up in Darktable (even if it is empty), upon your first launch you'll be prompted to update your databases/library. Do so, be patient as it seems to look like nothing is happening. Took about 20 seconds on my empty library, during which I thought it crashed and tried reloading.

Improve this answer

You must log in to answer this question.