Posted inExperience / Information Technology

Flatpak Can’t Print or Attach Files

Flatpak logo

Flatpak printing and file attaching, especially with email clients that have been flatpaked, is a major (&)(*&+_ing nuisance. “Oh, we’re sandboxed!” will be the rallying cry from the support team that doesn’t want to actually fix anything. If your installation procedure, or even your first run where you ask everything else simply asked:

Do you want to be able to print?

Do you want to be able to attach files?

It could actually fix the desktop file instead of expecting users to be Linux experts able to change your diapers.

What You Need

Given the Flatpak naming schema the .desktop file you need to find won’t have the name you think.

cd /
sudo find -iname *.desktop  | grep -i bird

Assuming you are looking for betterbird or thunderbird or some other application with bird in the name, the above should yield something like:

If you are on a real computer with a real browser you should be able to click and expand that. If you are reading this on your phone you are most deservedly screwed. Those who can see will note the name is actually eu.betterbird.Betterbird.desktop.

The Changes

The file you wish to modify is in the “exports” directory tree. You are interested in one line.

Exec=/usr/bin/flatpak run --branch=stable --arch=x86_64 --command=betterbird --file-forwarding --filesystem=host --talk-name=org.gtk.vfs.* --filesystem=xdg-run/gvfsd --socket=cups eu.betterbird.Betterbird @@u %u @@

When all you can do for “printing” is to export to a PDF and you know for a fact you have printers defined you need to have

--socket=cups

If you have already made the changes identify in this post and your application still won’t open URLs even though it provides a function/method of doing so you need this on your Exec line:

--talk-name=org.gtk.vfs.* --filesystem=xdg-run/gvfsd

The reason you need that filesystem after the talk is the pipe used to communicate with the outside world is now on disk instead of just memory.

Everyone Has a NAS Today

Limited file access is the real humiliating kick to the crotch. Everybody has a NAS (Network Attached Storage) of some kind today. We have multiple computers that need to share files and “the cloud” is completely insecure. If you don’t believe that statement ask yourself this:

What is safer? A set of drives attached to my network with all Internet access turned off or a “cloud service” by big named cloud service provider that every hacker in the world is trying to penetrate?

Question to ask

Yes, you could do a dumb-ass thing like click on a link you know you shouldn’t or disable your browser security software so you can access that “special” porn site, but that only screws you. When you have your OneDrive, Google Drive, DropBox, insert-cloud-service-here open as a “local” drive and do that, it potentially screws the world.

Technically every application is supposed to use one of the xdg services, but that doesn’t give you everything. Here is a scrape from the Sandbox Permissions documentation for –filesystem.

Sorry for the duplicate of xdg-pictures with the scrapes. If you have your NAS mounted at the system level then you most likely need either

--filesystem=host

Or one of the directory specific paths. Just remember that host exposes pretty much the whole enchilada. For those of us who manually mount our NAS as a user to a directory under $HOME the following is a better option.

--filesystem=home

At least some things will be protected.

Roland Hughes started his IT career in the early 1980s. He quickly became a consultant and president of Logikal Solutions, a software consulting firm specializing in OpenVMS application and C++/Qt touchscreen/embedded Linux development. Early in his career he became involved in what is now called cross platform development. Given the dearth of useful books on the subject he ventured into the world of professional author in 1995 writing the first of the "Zinc It!" book series for John Gordon Burke Publisher, Inc.

A decade later he released a massive (nearly 800 pages) tome "The Minimum You Need to Know to Be an OpenVMS Application Developer" which tried to encapsulate the essential skills gained over what was nearly a 20 year career at that point. From there "The Minimum You Need to Know" book series was born.

Three years later he wrote his first novel "Infinite Exposure" which got much notice from people involved in the banking and financial security worlds. Some of the attacks predicted in that book have since come to pass. While it was not originally intended to be a trilogy, it became the first book of "The Earth That Was" trilogy:
Infinite Exposure
Lesedi - The Greatest Lie Ever Told
John Smith - Last Known Survivor of the Microsoft Wars

When he is not consulting Roland Hughes posts about technology and sometimes politics on his blog. He also has regularly scheduled Sunday posts appearing on the Interesting Authors blog.