[SRU] Cannot open a browser link from a snap that provides a link

Here is a strawman proposal:
- we add a small url-helper to ubuntu-core that contains "dbus-send --session snappy-url-helper $url"
- the snap needs to call "url-helper" (we could also call it xdg-open) when opening a url
- as part of the snapd deb (or as a dependency) we have a small dbus service on the host fs that listens to these dbus-send events and that proxies the url open requests (directly or via a window popup)

Calling it xdg-open with similar semantics of xdg-open sounds nice. It already has an error code to report whether a tool was not found for it, so the application can give it a try and react appropriately if unavailable.

We need to do some basic validation on the value to make sure it looks sane and safe. xdg-open itself calls a huge number of openers and browsers, and we cannot trust that to be all safe.

Can we prioritize this one to be handled sooner rather than later? Sounds like a very common problem desktop applications will face.

Here's a proof of concept for the url helper:

https://github.com/ubuntu-core/snap-desktop-links

We just need to add the fake xdg-open script to the core image, and add the snappy-url-helper to xdg-utils along with a service file to D-Bus activate it on the host.

Hello Sergio, or anyone else affected,

Accepted snapd-xdg-open into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/snapd-xdg-open/0.0.0~16.04 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Status changed to 'Confirmed' because the bug affects multiple users.

I've run across a similar problem with corebird snapped using github.com/diddledan/corebird-snap. dholbach suggested that it might be this bug.

corebird cannot open browser windows with the message in the terminal:

Error org.freedesktop.DBus.Error.ServiceUnknown: The name com.canonical.SafeLauncher was not provided by any .service files

Using snapd 2.15.2 from xenial-proposed does not fix the problem in my instance. My problem _might_ be a separate issue though, so I'm NOT marking that verification has failed.

Ok, marking verification-done. I obviously misread the instructions and had installed snapd from proposed when I should have been testing snapd-xdg-open.

snapd-xdg-open-0.0.0~16.04 fixes corebird's opening of browser windows (corebird is currently in devmode on my system).

Releasing this is blocked by fixing this bug in yakkety.

I diffed 0.0.0 from Yakkety with 0.0.0~16.04 in Xenial, and I see:

--- snapd-xdg-open-0.0.0/data/com.canonical.SafeLauncher.service 1970-01-01 00:00:00.000000000 +0000
+++ snapd-xdg-open-0.0.0~16.04/data/com.canonical.SafeLauncher.service 2016-07-07 16:39:57.000000000 +0000
@@ -0,0 +1,3 @@
+[D-BUS Service]
+Name=com.canonical.SafeLauncher
+Exec=/usr/lib/x86_64-linux-gnu/snapd-xdg-open

It seems that data/com.canonical.SafeLauncher.service has been added in the Xenial backport, but this is not mentioned in the changelog. Was this intentional? Could this mean that the version in Yakkety doesn't work?

> Releasing this is blocked by fixing this bug in yakkety.

Ping? Yakkety releases tomorrow and it's too late to land this in yakkety proper, but it should at least be a yakkety SRU. Releasing this to xenial-updates is still blocked by fixing it in the devel series.

The .service is generated at build time by the Makefile

"com.canonical.SafeLauncher.service: Makefile
 $(AM_V_GEN) (echo '[D-BUS Service]'; \
              echo 'Name=com.canonical.SafeLauncher'; \"

the static version included in the xenial upload shouldn't be there but it doesn't create issue since it's replaced a buildtime (you can look at the i386 the libexecdir is correct and not the x86 one from the static version)

This bug was fixed in the package snapd-xdg-open - 0.0.0~16.04

---------------
snapd-xdg-open (0.0.0~16.04) xenial; urgency=medium

  * Backport to xenial (LP: #1580740)

 -- Ubuntu Desktop Team <email address hidden> Fri, 07 Jul 2016 12:45:00 -0400

The verification of the Stable Release Update for snapd-xdg-open has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

did this get SRUd for yakkety, too? if not, then that needs to happen!

Nope, still can't open links from snaps in Yakkety.

there was another issue found in snap-confine that is just being fixed see bug 1661023
this should soon land in xenial (not sure when it will make its way into yakkety though)