Ubuntu and Firefox ESR Snap
To avoid admin overhead at work I remove all packages related to snap. Browsing the web indicates snap is not yet mature and causes problems. Nonetheless I looked at snaps as a possible solution for the Ubuntu Firefox ESR fiasco.
The main focus of snaps (and flatpaks) is to avoid the fragmentation caused by distro package management. While snaps have conceptual merit, there are security and control challenges. That packages are available from a “store” implies that one day fees or login accounts might be required.
The only way to obtain ESR in Ubuntu is with snaps, which seems to be the direction Ubuntu developers are now moving. Snaps are being forced on users.
This reeks of vendor lock-in.
Migrating to Firefox ESR as a snap is straightforward but convoluted for enterprise administration.
- Install snapd.
- Install Firefox ESR.
- Modify the system default $PATH.
- Modify every user’s profile.
Installing snapd (
apt install snapd) pulls in
squashfs dependencies. The latter dependency provides a clue how snaps function — much like a live ISO. Snaps are not installed but are unpacked and launched. That requires hefty hardware.
To find the Firefox ESR package run
snap info firefox. This command lists the various channels and includes
esr/stable. Use that information to modify the installation command to
snap install --channel=esr/stable firefox.
The package is installed in
I found no automated way to amend the default
$PATH environment variable. Updating the variable is best done by editing
/etc/environment and adding
I found no automated way to migrate user Firefox profiles. This is where migrating to snaps gets messy.
Starting Firefox ESR from the new snap location will create a new profile. My work-around was to manually copy the original profile. Using a launcher dialog or the terminal, run Firefox ESR once using
/snap/bin/firefox and exit Firefox. This will create respective user snap Firefox profile directories in
$HOME/snap. For each user copy the respective
$HOME/.mozilla/firefox[-esr] files to
$HOME/snap/firefox/common/.mozilla/firefox. Be sure to copy the
profiles.ini file. Sym links could be used but that might render the Firefox profile unusable in older versions once the profile is used in the newer snap version.
If the Firefox Classic Theme Restorer CSS files are used, remember to tweak the files for Firefox versions newer than 65+.
Upon running the snap ESR, I noticed a theme issue. My mouse pointer is white. When I moved the pointer to Firefox ESR the pointer turned to a default X black.
The mess continues. I found no automated way to update user desktop or menu shortcuts. I did not pursue any solution. This could be scripted to automatically update all users. Some desktops use dconf, which would add complexity to the scripting but still doable.
Snaps are not part of the apt update process. Updates are controlled by snapd and a refresh timer. By default updates are automatic. Shades of forced updates in Windows 10.
By default updates are four times daily. Four times per day. Really? Does anybody need to update that often?
Traditionally, automatic updates are not palatable in enterprise administration. Not palatable in any system administration — unless there is high trust and rare breakage. Poking around the web indicates auto-updating is a design feature. There are ways to modify the refresh interval. I did not test. Another idea is fully disabling the snapd service. Except the only way to stop snapd is to
mask the service. Attempting to merge snapd into existing administrative update tooling requires unmasking and starting snapd and then again stopping and masking. All of this could be automated but creates more administration overhead.
Two historical reasons for never supporting Firefox ESR in Ubuntu is an alleged lack of security and insufficient staffing. The first reason is suspect because ESR is included in many distros, including Slackware and CentOS. The latter reason is ironic because now somehow staffing is available for snap support but not in the mainline apt repositories.
That snaps have potential is not up for debate. That Firefox ESR is available only as a snap is a travesty. Not having ESR in the normal repositories eliminates choice and increases administration.
Snaps are unacceptable for our use case.