Integration between Linux app and Snap Firefox

wimvmourik

I am about to/trying to move from Kubuntu 22.04 to 24.04.1 (which came out yesterday).
The release upgrade script is telling me that only Firefox via Snap shall be an option; I am not given a choice to keep the .deb as installation option.
Since the upgrade failed and I had to rollback (thanks snapshots!), I cannot yet check whether I could still manually switch back from the snap to a .deb installation, after the upgrade.
The point being; Ubuntu is pushing snaps more agressively; please explain where we stand regarding the integration between the browser plugin and the local installation.

adfhogan

There are multiple threads..

• There are still .debs available from other places other than Ubuntu themselves.
• You can remove the snap and their deb that installs the snap, and switch to third party debs (like Mozilla) if you like
• 1Password still doesn't have snap integration, as the way they verify the invoking browser process doesn't support snaps due to the way they sandbox
• If you use the snap version, you can use browser plugin standalone. It won't integrate with local instance of 1Password, but still works.

jbhardman

I hesitate to comment, because the answer has just been no for so long. But, I wanted to comment that snap browser integration is now available in Firefox with Gnome Extensions. It asked me for permissions and then just worked.
Likewise, I was asked for permission for 1Password... but nothing happened. The integration did not work. So it seems like the permission framework is there but not fully connected with the 1Password app. Not sure what needs to happen to allow that through, like they did for Gnome Extensions.

mhalano

I think Gnome Extensions uses Native Messaging to communicate, but I think 1Password doesn't use it, maybe they use an internal solution to do this communication between the app and the browser.

adfhogan

The impression I've gotten is that 1Password has an internal process for verifying that the calling process (the browser) is authorised and/or can be verified by the 1Password app, such that a malicious program couldn't just drain 1Password's store the moment the user unlocked it... and it's the sandboxing that snaps do that prevents the 1Password app from seeing through to the 1Password browser plugin fully.

There are ways to whitelist snaps to get access to things, but I wonder if the way this can be done, and the way that Ubuntu does the snap perhaps don't play nicely?

Either way, it would be nice for an update from the 1Password devs on this beyond "not yet" :)

gde

@adfhogan That matches up with what is showing in Firefox developer tools for the extension. In the console, it shows:

Received <BrowserVerificationFailed> from the native core

(about:debugging in the url bar > This Firefox > Inspect on the 1Password extension)

That suggests the extension and desktop app are communicating, but some security check fails.

When on Ubuntu 22.04, I tried replacing the snap version of Firefox with the apt version as per the support page. I'd already spent a long time confused before eventually figuring out that apt install firefox was just installing the snap instead. When I finally got the apt version installed, my security key wouldn't work with it. Eventually I just gave up and re-installed the snap version, accepting that I'd have to use the extension and desktop app separately. I won't be attempting the apt version again given Ubuntu 24.04 is pushing snap packages even more.

It is annoying to have to log into both the extension and the desktop app separately, especially as the app experience is much better for editing entries.