Re: Stable Gnome 3.20 and Freedesktop 1.4 runtimes released

From: Daniel Espinosa <esodan gmail com>
To: Alexander Larsson <alexl redhat com>
Cc: gnome-os-list gnome org, xdg-app lists freedesktop org
Subject: Re: Stable Gnome 3.20 and Freedesktop 1.4 runtimes released
Date: Fri, 15 Apr 2016 08:14:47 -0500

Thank you very much!

I would like to see this at live.gnome.org for others to find out.

El abr. 15, 2016 7:04 AM, "Alexander Larsson" <alexl redhat com> escribió:

On fre, 2016-04-15 at 06:02 -0500, Daniel Espinosa wrote:
> Could you add documentation about how to permissions on xdg-app. This
> is because I've build an app, but it doesn't update settings, then is
> every important to know each permission reach.

Part 4 of my tutorial explains this a bit:

https://blogs.gnome.org/alexl/2016/02/23/building-an-xdg-app-part-4/

I'm not sure exactly what you mean by "settings". But I assume you mean
dconf/gsettings. The way to currently allow dconf access is this piece
of magic:

/* Needed for dconf to work */
"--filesystem=xdg-run/dconf", "--filesystem=~/.config/dconf:ro",
"--talk-name=ca.desrt.dconf", "--env=DCONF_USER_CONFIG_DIR=.config/dconf",

I realize thats not easy to figure out this, but here is what it does,
in order:

* Allow apps to look in /run/user/1000/dconf which is a directory that
dconf uses to tell you about database updates
* Allow your app read-only access to ~/.config/dconf which is the
default location for the per-user database.
* Allow your app to talk to the dconf dbus service.
* Magic environment variable to tell dconf to look in ~/.config/dconf
for the dconf database instead of using XDG_CONFIG_DIR, which would
point to ~/.var/app/org.something.App/config/

Note that this allows your app to read settings from all other apps,
which is clearly not ideal. The plan going forward is to have a
gsettings backend which is explicitly designed to run sandboxed. Work
has started on this, but I don't know the current state of it.

> As a side note, but important too, have Software listing an app
> permissions list before install it? A la Android, with explanation
> about risks on each one.

Yes, this is in the plans. There is APIs in libxdgapp to allow you to
query the metadata for apps. This could be used by gnome-software to
explain these permissions.

This is not used yet, and since the work on portals are yet in its
infancy all current xdg-apps request pretty broad permissions.
Hopefully we will be able to change this in the near future.

--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Alexander Larsson Red Hat, Inc
alexl redhat com alexander larsson gmail com
He's a fiendish chivalrous firefighter who hangs with the wrong crowd.
She's a wealthy motormouth pearl diver descended from a line of powerful
witches. They fight crime!

Follow-Ups:
- Re: Stable Gnome 3.20 and Freedesktop 1.4 runtimes released
  - From: Alexander Larsson

References:
- Stable Gnome 3.20 and Freedesktop 1.4 runtimes released
  - From: Alexander Larsson
- Re: Stable Gnome 3.20 and Freedesktop 1.4 runtimes released
  - From: Daniel Espinosa
- Re: Stable Gnome 3.20 and Freedesktop 1.4 runtimes released
  - From: Alexander Larsson

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]