I respect the decision to switch Firefox in Ubuntu from a .deb to a Snap.
However, I do not wish to use Snaps, or Flatpaks, on my computer. Therefore, I will be switching to a different browser.
I respect the decision to switch Firefox in Ubuntu from a .deb to a Snap.
However, I do not wish to use Snaps, or Flatpaks, on my computer. Therefore, I will be switching to a different browser.
I do use snaps on all of my Ubuntu installations but Iāve yet to be convinced that large desktop applications such as Chromium, Firefox, Thunderbird and LibreOffice are ready for inclusion into Ubuntu releases as snaps. Iāve seen too many reports of problems which seem to confirm this.
Ok, so weāve been here before with the Chromium browser:
Iām not going to trawl through all the bug reports and Discourse posts but I seem to remember that it was the intention that most if not all of the bugs relating to the change would be fixed before the next LTS was released, i.e. Ubuntu 20.04. Obviously they werenāt as looking through the list of Chromium bugs which have been tagged as being related to the snap I see that there are 69 currently outstanding. Some of these reports were raised over three years ago:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bugs?field.tag=snap&orderby=id&start=0
Most users wonāt care whether their issue is the fault of Firefox or snapd. Iāve tested the most recent stable snap and it appears to work well. I hope that when the change is made to a userās system settings from their existing .deb installation are migrated. At that point Iāll do a more thorough check of Firefoxās integration into Ubuntu.
will no doubt be the most reported issue by GNOME users. This was first reported in January 2018 and will of course affect many Firefox users which I am sure greatly outnumber Chromium users.
On that basis Iām hoping that the Firefox transition to a snap will be more successful than the Chromium transition otherwise support sites will just advise users with issues to download Firefox directly from https://www.mozilla.org/ which is obviously not what Ubuntu and Mozilla are wanting.
These days I contribute to Ubuntu much less than I used to but Iāll certainly raise any issues that I might find or confirm any existing issues once the migration has been enabled.
My point isnāt to compare the deb to the snap, itās to suggest that it doesnāt make sense to tout snap security for this particular snap when the profile itself points out that itās possible to completely escape confinement with the power handed to it for its sandbox. If thatās true, dot file protection etc. can be bypassed as well. Right?
Interesting idea. That could even use the same slot, just different options, huh.
how would that work ?
seccomp and apparmor are two completely unrelated mechanisms ā¦
while the syscall filtering might be weakened by allowing sys_admin capability (which really doesnt gain you much unless your user also has the correct privs to do something with whatever you try to apply it to), filesystem filtering based on apparmor is still fully in place ā¦
It could be that your GPU is blacklisted by default because of known issues in the driver.
You could try changing the layers.acceleration.force-enabled
setting to true
in about:config
and restarting firefox. Is HW_COMPOSITING enabled afterwards?
I feel like Gollum now. Whatās the result?
It looks like the preference is being honoured, thatās a step in the right direction. Whatās the CPU/GPU usage like on e.g. http://webglsamples.org/aquarium/aquarium.html ?
If youāre in a wayland session, thatās most likely bug #1726510, which is actively being investigated.
Ok!
I see the fishes in FF deb.
As a KeePassXC user, curious if a solution to this issue (https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1741074 (see #19)) is on the way since the KeePassXC browser extension will not currently work with the firefox snap.
I am using the firefox snap since over a year and there are only two issues I have noticed:
Apart from this no downsides I prefer it because you are more up-to-date than with the deb
this is solved with:
sudo snap set system experimental.refresh-app-awareness=true
as mentioned above ā¦
Is the issue with temporary files fixed yet? Especially if the app that it wants to open is another snap? Seems that issue with temp files is now resolved. Just tried to download a document and open directly to LibreOffice.
And Iām gonna miss the Plasma integration add onā¦
Also, what about what happens when the Firefox snap crashes? When I want it restarted, the themes donāt work, and had to manually launch it again for it to work.
Ok so I included this in Snap Manager GS extension.
https://extensions.gnome.org/review/download/26442.shell-extension.zip
(being reviewed)
On 20.04, I maintain a PPA for my own builds of Firefox, where I apply a couple patches that upstream refuses to accept. Every few weeks, always on weekend, I check if there is a new upstream version, download the source package, update my patches, and upload the result to Launchpad. When the build finishes, I update my local installations.
What do I do when Firefox moves to snap? I am concerned that I may have to maintain the deb packaging for my PPA.
you could switch your modified version to a snap as well, the firefox snap ships its snapcraft.yaml (the build recipe for snaps) inside.
storing your patches in an accessible location and adding a few lines to the override-pull:
block of the firefox part in there to download and apply them is enough for creating a firefox-patched-by-yurikan
snap (or however you want to call it) ā¦
Oh those hard crashes are annoying and at times hilarious.
Good to know this option is available, although I donāt particularly want to move to snap. I would much rather appreciate if debian packaging was kept available and maintained.
Is Ubuntu deb packaging very different from Debian deb packaging, by the way? Maybe I could use that as my upstream?
youād have to ask someone who has touched them both or check yourself ā¦
i only took a quick look at the snapcraft.yaml before i wrote the above (re-packaging and patching existing snaps is so much easier than modifying existing debs so i personally stay away from the latter if i can )