121
submitted 10 months ago by hperrin@lemmy.world to c/selfhosted@lemmy.world

I spent two hours today trying to figure out why Nextcloud couldn’t read my data directory. Docker wasn’t mounting my data directory. Moved everything into my data directory. Docker couldn’t even see the configuration file.

Turns out the Docker Snap package only has access to files under the /home directory.

Moral of the story: never trust a Snap package.

all 37 comments
sorted by: hot top controversial new old
[-] SiblingNoah@lemmy.world 93 points 10 months ago

“PSA: Snap sucks”

FTFY

[-] GlitzyArmrest@lemmy.world 76 points 10 months ago

Friends don't let friends use Snap.

[-] henfredemars@infosec.pub 19 points 10 months ago

Proprietary when flatpak exists, and it doesn't properly address how apps should dynamically request access to things they need. Every time I've used either solution I've run into some permissions problem.

[-] KDE 6 points 10 months ago

flatpak just makes sense imo

[-] atzanteol@sh.itjust.works 15 points 10 months ago

For desktop apps maybe. How do you run a flatpak from the cli? "flatpak run org.something.Command". Awesome.

Both suffer from not making it obvious what directories your application can access and not providing a clear message when you try to access files it can't. The user experience sucks.

[-] lemmyng@lemmy.ca 4 points 10 months ago

The one thing snap does that flatpak doesn't is provide CLI applications. But then nix also does that, so snap can go pound salt.

[-] JustUseMint@lemmy.world 48 points 10 months ago

I have stopped using Ubuntu because of this and other Canonical nonsense. It used to be the best too. For a workstation, Mint Cinnamon, for a server Debian headless. God speed with the rest of your setup

[-] RamdomSlaphead@feddit.uk 18 points 10 months ago

This year I finally snapped (pun intended!), and moved to debian 12 on the desktop (after starting on Ubuntu 6.06). It's so familiar, but somehow more straight forward. Things "just work", as opposed to the constant niggles I had with Ubuntu.

[-] redcalcium@lemmy.institute 46 points 10 months ago

I also like to run my container platform as a containerized application in another container platform.

[-] thanksforallthefish@literature.cafe 23 points 10 months ago

Lol. Yeah that was my reaction to the headline as well. "You did what ?"

[-] redcalcium@lemmy.institute 30 points 10 months ago* (last edited 10 months ago)

Why does Docker has a snap version in the first place anyway? Did Canonical pester them to do it?

Edit:

Nope, it's just Canonical went ahead and publish it there by themselves.

This snap is built by Canonical based on source code published by Docker, Inc. It is not endorsed or published by Docker, Inc.

[-] thesmokingman@programming.dev 7 points 10 months ago

It’s also offered as part of the installation process at least for Ubuntu server. If you don’t know better it bites you real quick.

[-] hperrin@lemmy.world 3 points 10 months ago

Now I know better. No more Ubuntu Server.

[-] GenderNeutralBro@lemmy.sdf.org 1 points 10 months ago

It's insane how many things they push as Snaps when they are entirely incompatible with the Snap model.

I think everyone first learns what Snaps are by googling "why doesn't ____ work on Ubuntu?" For me, it was Filebot. Spent an hour or two trying to figure out how the hell to get it to actually, you know, access my files. (This was a few years ago, so maybe things are better now. Not sure. I don't live that Snap life anymore, and I'm not going back.)

[-] Turbo@lemmy.ml 1 points 10 months ago
[-] Contend6248@feddit.de 1 points 10 months ago

Double-NAT anyone? 3 times the fun, 2 times the work

[-] Samsy@lemmy.ml 30 points 10 months ago* (last edited 10 months ago)

TIL, docker has a snap package, and can't stop laughing. What's next? A flatpak or AppImage?

[-] andrew@radiation.party 16 points 10 months ago

A flatpak of the snap, running in a docker container inside a vm for maximum security.

[-] krash@lemmy.ml 16 points 10 months ago

But this is by design, snap containers aren't allowed to read data outside of their confinements. Same goes for flatpak and OCI-containers.

I don't use snap myself, but it does have its uses. Bashing it just because it's popular to hate on snap won't yield a healthy discussion on how it could be improved.

[-] thesmokingman@programming.dev 38 points 10 months ago

The issue here is that Canonical pushed the snap install without warning about its reduced functionality. I don’t think highlighting a wildly different experience between a snap install and the Docker experience people are used to from the standard package install is “bashing it just because it’s popular to hate on snap.” For example, if you take a fresh Ubuntu server 22 install and use the snap package, not realizing that snaps have serious limitations which are not explicitly called out when the snap is offered in the installation process, you’re going to be confused unless you already have that knowledge. It also very helpfully masks everything so debugging is incredibly difficult if you are not already aware of the snap limitations.

[-] hperrin@lemmy.world 6 points 10 months ago* (last edited 10 months ago)

This exactly. Because some poor shmuck might spend two hours trying to get Nextcloud to work with it.

[-] hperrin@lemmy.world 5 points 10 months ago

Ok then don’t publish an application that clearly needs access to files outside of the /home directory. Or at least be upfront about how limited it is when run as a snap.

[-] peter@feddit.uk 4 points 10 months ago

The Linux community loves to put the responsibility on the user to understand every facet of what they're trying to do without explaining it

[-] MangoPenguin@lemmy.blahaj.zone 3 points 10 months ago

Agreed, it's not user friendly at all.

[-] throwafoxtrot@lemmynsfw.com 1 points 10 months ago

Does it clearly need access to files outside the /home directory though?

You said your volume mount failed. How about mounting something inside your home folder into the docker container?

[-] hperrin@lemmy.world 1 points 10 months ago* (last edited 10 months ago)

I have a 20TB RAID array that I use for a number of services mounted at /data. I would like Nextcloud to have access to more than the 128GB available to /home. I’m not willing to move my data mount into /home and reconfigure the ~5 other services that use it just to work around some stupid Snap limitation. Who knows whether Snap even can access data across filesystems if they’re mounted in home. I wouldn’t put it past the Snap devs to fall down on that point either.

Yes, Docker clearly needs access to all files. It is meant for running server software, and server software is supposed to be flexible in its setup. To me, this limitation makes it completely unusable. Nextcloud is only the first service that needed access to that directory. I’ll also be running MinIO there for blob storage for a Mastodon server. I’ll probably move Jellyfin into a Docker container, and it’ll need access too.

The fact that this giant issue with Snap is not made clear is my biggest problem with it. I had to figure it out myself over the course of two hours when there are zero warnings or error messages explaining it. What an absolutely unnecessary waste of time, when it could have warned me at install that if I wanted a completely functional version of Docker, I should use the apt package.

I will never use any Snap package again. This was such a bad experience that I probably won’t even be using Ubuntu Server going forward. I already use Fedora for desktop. And the fact that a few people here are basically saying it’s my fault for not already knowing the limitations imposed on Snap packages is just making it more obvious that Ubuntu has become a toxic distro. It’s sad, because Ubuntu got me into Linux back with Hardy Heron 8.04. I’ve been running Ubuntu servers since 9.10. I used to be excited every six months for the new Ubuntu release. It’s sad to see something you loved become awful.

[-] possiblylinux127@lemmy.zip 9 points 10 months ago

Snap is one of those things that shouldn't exist. There's distrobox (podman) or flatpak both of which are more mature and flexible.

[-] ikidd@lemmy.world 8 points 10 months ago* (last edited 10 months ago)

Yah, it's been trash from the start. I tried it 2 years ago and the unpredictable weird shit it did was useless to try to troubleshoot. It was worse than trying to run Docker on Windows, if that can be believed.

Debian with the Docker convenience script is the way to run Docker.

[-] lemmyvore@feddit.nl 14 points 10 months ago* (last edited 10 months ago)

Docker has an apt repo. You can add it to your Debian/Ubuntu and install and update packages normally. No need to use a script install.

https://docs.docker.com/engine/install/ubuntu/

[-] ikidd@lemmy.world 4 points 10 months ago

That's essentially what the script does, then installs all the deps and docker, sets up the service.

[-] NotATurtle@lemmy.dbzer0.com 1 points 10 months ago

Is there a difference between the apt and the install script version?

[-] aniki@lemm.ee -1 points 10 months ago

all depends on what your aptitude is configured to look for.

[-] stephaaaaan@feddit.de 1 points 10 months ago
[-] hperrin@lemmy.world 1 points 10 months ago

That’s a start, but I need access to both /home and /data.

this post was submitted on 05 Jan 2024
121 points (93.5% liked)

Selfhosted

40347 readers
305 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS