Just downloaded/installed darktable 2.6.2 as well as Gimp 2.10.10.
From neither can I navigate to my media folder that would show my external drive and allow me to import photos from there. Both programs complain that they do not have permission to access that folder.
Other applications (Lightzone) have no problem navigating through the media folder to find and access photo folders on my external drive.
What am I missing in darktable?
Thanks.
Caruso
How was your external hard drive mounted?
I just imported from external devices, one mounted by kubuntu on /media/ and other device I mounted manually in another directory. I did te test from both, dt and gimp.
I am running Kubuntu 19.04.
(other unix folk check my work pleaseâŚ)
Sooo⌠essentially, the accessing program needs to run with an effective owner or group for which the file to be accessed has read privileges for the designated owner or group. Oh, and if the file has read access for the world, thatâll do it too.
A bit of command shell, you can start one and run these commands without navigating to directoriesâŚ
The program:
ps -eo euser,egroup,comm | grep [name_of_program_you're_interested_in]
will tell you what effective owner and group the running program has. Hereâs what I get for my program rawproc:
glenn@caliente:~$ ps -eo euser,egroup,comm |grep rawproc
glenn glenn rawproc
Run this command for darktable and lightzone (these may not be their actual running names; I donât know, donât have either available at the moment)
The media:
ls -l /media/[your_user_name]
will tell you what owner and group each mounted device under your user name has, and what permissions are assigned.
glenn@caliente:~$ ls -l /media/glenn
total 17
drwxrwxr-x 18 root root 1024 Jan 14 2014 Storage
drwxr-xr-x 2 glenn glenn 16384 Dec 31 1969 System
I stuck a random SD card on my desk into a reader, the above is what I get. Reading âdrwxr-xr-xâ from left to right, the âdâ indicates itâs a directory, and the next three groups of three letters tell me the permissions for the owner, group, and world respectively. Thisâd tell me that if I ran a program with glenn/glenn as owner and group:
Yeah, a bit complicated, but Windows is worse. And probably no more secure.
If nothing else, post the results here and we can consider it.
ggbutcher:
The following was returned when running the command you suggested:
caruso2@caruso2-G74Sx:~$ ls -1 /media/caruso2
07DB481638B203A7
â4T Driveâ
CB7F-EAE7
RECORD
4T Drive is the name of the volume upon which my photos reside.
I am an Ubuntu/Linux consumer, barely able to find my way around the terminal. This holds true when others asked me how I mounted that drive. It connects via USB, and, normally, all programs (including Darktable and Gimp) access it without issue.
Thanks for all replies.
Let me know what you glean from the above and what you would recommend as my next step.
I have thousands of images on this drive, most all edited with darktable, although a previous version.
Again, my thanks.
Caruso
I had this problem after installing Darktable from Synaptic. After installing Darktable from PPA (see installation instructions on Darktable website) everything worked fine.
Same for OpenCL, btw.
On my phone, hard to tell, but I think you typed âls -1â. The â1â should be âlâ, lower- case L. thatâll do the so called long listing, which will show permissions and ownership.
Good catch, ggbutcher. Here is the output when typing the command correctly.
caruso2@caruso2-G74Sx:~$ ls -l /media/caruso2
total 76
drwxrwxrwx 1 caruso2 caruso2 24576 Apr 11 23:57 07DB481638B203A7
drwxrwxrwx 1 caruso2 caruso2 16384 Apr 24 19:41 â4T Driveâ
drwxr-xr-x 12 caruso2 caruso2 32768 Dec 31 1969 CB7F-EAE7
drwxr-xr-x 33 caruso2 caruso2 4096 Dec 31 1969 RECORD
Goodness there, all four mounts under your user name are owned by you and have full permissions.
Now, the difference would seem to lie in the way the programs are run. The ps -eo command will tell you the relevant information; what you need to do is start darktable, then in a shell execute the ps -eo command with darktableâs executable name in the grep portion. Do the same for LightZone. The effective user or group should be one that has appropriate permissions in the ls -l output for the mount youâre trying to access.
I started this with a bit of trepidation, as command shell can be rather daunting to look at. But, itâs a pretty powerful way of dealing with your computer, so this is a good first experience, I thinkâŚ
I was also thinking of permissions issue, but since now we know it is not permissions, I now suspect of the way the packages were installed. As @pphoto points out it could be that those packages are snaps instead of .deb packages.
There is a thread here about gimp presenting the issue if installed from a snap package.
@carusoswi I am sorry if it is confusing at first all these new terms (mounting, snaps, etc) when arrving to linux, but youâll get used to it, and you should, to get a pleasant experience 
Thanks for the replies. A couple words of clarifications: while I consider myself a consumer of OSâs, I am not at all new to Linux/Ubuntu, having used Ubuntu since versions 6.xx, and also toyed with other linux flavors. Also, Lightzone has given me no problems at all in accessing whatever sort of storage device I plug into my laptop.
I would try some of this shell advice, but have no idea how to go about it. If you could clarify, I would be most appreciative.
Caruso
I neglected to answer a question that was raised about how I installed the programs. I first went to the software center in Ubuntu and removed earlier versions of both Gimp and darktable. Then, I browsed the software center to find more recent versions of both applications, and clicked to install them from the software center. IMHO, that method should be foolproof, but correct me if I am mistaken.
Again, thanks for your help.
Caruso
Did you perchance install the snap version of darktable? If that is the case, then I believe the snap has application sandboxing keeping it from seeing the USB device.
Well, I signed on just now to relate that I had found the problem and all is working well, now. I had grown frustrated enough with this problem that I went to the Ubuntu Software Center to remove both programs. When I clicked on the darktable listing to remove it, I noticed, in addition to buttons to âlaunchâ or âremoveâ, there was one for âpermissionsâ. Clicking that button brought up a dialog where you can choose to turn on (or off) access to the home folder (on by default), permission to read, add, change, or remove passwords (not certain why one would need that feature), and, lastly, permission to read/write files on removable storage devices.
I turned that option on, but clicking the âcloseâ button on the dialog did not preserve my changed setting. In order to get the setting to stick, I had to leave the dialog on and restart my computer. I think this must be a bug in the software.
At any rate, after rebooting, the setting was saved, and opening darktable, I was able to navigate successfully to my external drive, view and import images.
I found the same settings when I went, now not to remove Gimp in frustration, but to change those settings. They were there, this time, the options were to permit printing of documents, full access to the home folder, and then full access to external storage.
You donât explain what âsandboxingâ is, but, I guess this is it.
Now that I know about this, I will know where to look if I encounter it in future applications. I am scratching my head as to the value of this security feature. Why would I need to limit myself with respect to access to my digital assets. I am the only one who can use my computer, so, I donât get it.
It would also be nice if the error message displayed by these applications would give you a hint where to correct the problem.
Once again, I wish to thank all those who responded in an attempt to help me solve this problem. I hope by describing the steps required to set the permissions, I can spare someone else from this frustration.
Too often (and, as much as I admire darktable, I find it wanting in this area), manuals and advice are given without basic instruction on how to get there/what to do. Fora such as this one are a great help in this area.
Caruso
You are correct, that is application sandboxing. Please understand that this problem isnât an issue with darktable itself, bit rather a feature of ubuntuâs snap packaging format. Sandboxing can be used for any snap application to restrict the applications access to parts of the system. While it may not make sense for darktable, that was the decision made by the snap packager. For some applications, it is a great feature, for instance with the Steam gaming app, which phones home a ton of analytics, sandboxing limits what it can see.
I had the same problem with the flatpak installation. Fortunately, Flatpak allows to override sandboxing behaviour and add a path which can be accessed by the application, e.g.:
flatpak override --user --filesystem=/run/media/USER/FOLDER org.darktable.Darktable
See discussion in issue 2713.
Perhaps snap has a similar feature?
Indeed, the snap command looks like this:
sudo snap connect darktable:removable-media
I do appreciate all the helpful replies. Now that I know what causes the problem and that the workaround is a matter of a couple of mouse clicks, I am not all that bothered by the âsandboxingâ.
Additionally, while I donât see any value in âsandboxingâ these applications, I can accept at face value the explanation offered for instances why âsandboxingâ could be valuable in other situations.
One aspect with regard to open source software is the âopennessâ where you describe a particular problem and you are met with numerous helpful responses, openly and sincerely offered, and, eventually, with help from the community, the problem gets solved.
Thanks again to all.
Caruso
Iâd agree that sandboxing apps we trust may not be all that helpful, but its more about apps we donât trust. You can install Spotify and steam via snap and flatpaks. The steam client is an info grabber, so sandboxing it is awesome; it sees what it needs and nothing else.
@paperdigits I see that GIMP flatpak can open the external disk without any override. So Iâm trying to understand which configuration allows this. Perhaps it could be added to Darktable flatpak as well, to make things easier for everyone.
These are the default permissions:
$ flatpak info --show-permissions org.gimp.GIMP | grep filesystem
filesystems=xdg-config/GIMP;xdg-config/gtk-3.0;/tmp;host;
$ flatpak info --show-permissions org.darktable.Darktable | grep filesystem
filesystems=xdg-run/dconf;~/.config/dconf:ro;host;
I thought that host would allow access to all files, but apparently itâs not enough. The main difference I see is that GIMP has xdg-config/gtk-3.0. Perhaps this is what is needed to let the GTK dialog see the external devices?