Re: Stable Gnome 3.20 and Freedesktop 1.4 runtimes released
- From: Alexander Larsson <alexl redhat com>
- To: Daniel Espinosa <esodan gmail com>
- Cc: gnome-os-list gnome org, xdg-app lists freedesktop org
- Subject: Re: Stable Gnome 3.20 and Freedesktop 1.4 runtimes released
- Date: Fri, 15 Apr 2016 14:04:54 +0200
On fre, 2016-04-15 at 06:02 -0500, Daniel Espinosa wrote:
Could you add documentation about how to permissions on xdg-app. This
is because I've build an app, but it doesn't update settings, then is
every important to know each permission reach.
Part 4 of my tutorial explains this a bit:
https://blogs.gnome.org/alexl/2016/02/23/building-an-xdg-app-part-4/
I'm not sure exactly what you mean by "settings". But I assume you mean
dconf/gsettings. The way to currently allow dconf access is this piece
of magic:
/* Needed for dconf to work */
"--filesystem=xdg-run/dconf", "--filesystem=~/.config/dconf:ro",
"--talk-name=ca.desrt.dconf", "--env=DCONF_USER_CONFIG_DIR=.config/dconf",
I realize thats not easy to figure out this, but here is what it does,
in order:
* Allow apps to look in /run/user/1000/dconf which is a directory that
dconf uses to tell you about database updates
* Allow your app read-only access to ~/.config/dconf which is the
default location for the per-user database.
* Allow your app to talk to the dconf dbus service.
* Magic environment variable to tell dconf to look in ~/.config/dconf
for the dconf database instead of using XDG_CONFIG_DIR, which would
point to ~/.var/app/org.something.App/config/
Note that this allows your app to read settings from all other apps,
which is clearly not ideal. The plan going forward is to have a
gsettings backend which is explicitly designed to run sandboxed. Work
has started on this, but I don't know the current state of it.
As a side note, but important too, have Software listing an app
permissions list before install it? A la Android, with explanation
about risks on each one.
Yes, this is in the plans. There is APIs in libxdgapp to allow you to
query the metadata for apps. This could be used by gnome-software to
explain these permissions.
This is not used yet, and since the work on portals are yet in its
infancy all current xdg-apps request pretty broad permissions.
Hopefully we will be able to change this in the near future.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Alexander Larsson Red Hat, Inc
alexl redhat com alexander larsson gmail com
He's a fiendish chivalrous firefighter who hangs with the wrong crowd.
She's a wealthy motormouth pearl diver descended from a line of powerful
witches. They fight crime!
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]