From: John Kehayias via Guix-patches via <guix-patches@gnu.org>
To: "Ludovic Courtès" <ludo@gnu.org>
Cc: 59825@debbugs.gnu.org
Subject: [bug#59825] [PATCH] gnu: Add flatpak-xdg-utils.
Date: Sat, 17 Dec 2022 05:54:20 +0000 [thread overview]
Message-ID: <874jtulgmx.fsf@protonmail.com> (raw)
In-Reply-To: <871qp2uwyc.fsf@gnu.org>
Howdy,
On Wed, Dec 14, 2022 at 11:00 AM, Ludovic Courtès wrote:
> Hi!
>
> John Kehayias <john.kehayias@protonmail.com> skribis:
>
>> Here is a little package from the Flatpak folks which is also useful in a guix shell
>> container. This lets you run, for example, xdg-open in the container and it will open on
>> the host side. So let's say you come across a URL, you can just use xdg-open from this
>> package so it will open in the host's web browser, rather than trying in the container.
>> This relies on having portals on the host side, like xdg-desktop-portal-gtk.
>>
>> Here is a simple test example:
>>
>> guix shell -NC flatpak-xdg-utils --preserve='^DBUS_SESSION_BUS_ADDRESS$' -- xdg-open
>> "<https://guix.gnu.org>"
>>
>> which will open Guix's website on the host side.
>
> Interesting (and scary as well, depending on how it’s implemented).
>
Yes, a bit of both! The scary one I think is 'flatpak-spawn' which will run something on the host, but as this is done via portals there's some control there over what it implements and how. I don't know the details though, but I did see checks somewhere for what checking what is allowed to be accessed.
e.g. with guix shell -NC flatpak-xdg-utils --preserve='^DBUS_SESSION_BUS_ADDRESS$' -- flatpak-spawn --host ls /
So yeah, punching holes in a sandbox. Anyway...
> Don’t you need to share /tmp as well? ‘DBUS_SESSION_BUS_ADDRESS’ refers
> to a socket in /tmp for me.
>
It does point to something in /tmp for me as well, but which doesn't exist...not sure the details of DBus, which I always find confusing.
Note the -N argument, that was key for me to get it working easily. Without that and even sharing /tmp it didn't work, nor if I tried manually adding files that -N adds. So it must be something else about the network option that gets access to the DBus socket?
>> From 8669a7fb0e1b9ba320c6312d7423500a56236edc Mon Sep 17 00:00:00 2001
>> From: John Kehayias <john.kehayias@protonmail.com>
>> Date: Sun, 4 Dec 2022 17:06:19 -0500
>> Subject: [PATCH] gnu: Add flatpak-xdg-utils.
>>
>> * gnu/packages/freedesktop.scm (flatpak-xdg-utils): New variable.
>
> <https://qa.guix.gnu.org/issue/59825> mentions a build failure on
> i686-linux; could you take a look?
>
Took me a bit to figure out the logs, but looks like some issue on the build server as in the configure phase I see:
WARNING: Could not create compilation database.
Locally it has built fine, for the same derivation hash as well.
> Apart from that, it LGTM!
>
Great! I'll add it to my early lists of commits I'll make, once I finally get a breather here.
> Thanks,
> Ludo’.
And thank you!
John
next prev parent reply other threads:[~2022-12-17 5:55 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-04 22:15 [bug#59825] [PATCH] gnu: Add flatpak-xdg-utils John Kehayias via Guix-patches via
2022-12-14 10:00 ` Ludovic Courtès
2022-12-17 5:54 ` John Kehayias via Guix-patches via [this message]
2023-01-03 17:35 ` bug#59825: " John Kehayias via Guix-patches via
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=874jtulgmx.fsf@protonmail.com \
--to=guix-patches@gnu.org \
--cc=59825@debbugs.gnu.org \
--cc=john.kehayias@protonmail.com \
--cc=ludo@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).