sssd & snap: cannot create user data directory: /home/aaaa.bbbb.be/u0xxxxxx/sna

[kalpana]

Hi,

Since about a week all snap installs (firefox/chromium/vlc/...) won't start anymore with our AD users. (firefox with repo install is a workarround for some)
--> cannot create user data directory: /home/aaaa.bbbb.be/u0xxxxxx/snap/vlc/3078: Permission denied

With a local user (our standard admin= ict2), the programs still can start.

When I manually change the homedir in sssd.conf, the homedirectory is recreated and the programs are starting again.
For new installs this 'solution' is acceptable, but not for the existing desktops/laptops, then the users will need to copy/move their old homedirectory, which causes a lot of manual work.

I have about 90 desktops & 40 laptops with this problem. All machines are configured with puppet (so scripts to join the domain and such are distributed via puppet).

I've tried the 'apparmor' trick, but this is ok: /etc/apparmor.d/tunables/home.d/ubuntu contains the /home/ & /home/aaaa.bbbb.be/ directories

Any hints/tricks ?

Thx,

Oliver