-
-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Move socket into separate directory #8030
Move socket into separate directory #8030
Conversation
Codecov Report
@@ Coverage Diff @@
## develop #8030 +/- ##
===========================================
- Coverage 64.29% 64.27% -0.02%
===========================================
Files 339 339
Lines 43431 43446 +15
===========================================
Hits 27923 27923
- Misses 15508 15523 +15
Continue to review full report at Codecov.
|
Nice! |
Squashed follow-up commits. Formatting issues are all fixed. Ready for review/feedback. |
Interesting, our code format check seems to be broken @phoerious. We shouldn't be passing when there are if statements without { } blocks. |
This is mostly to ease setup and configuration with sandboxed browsers. The socket currently existing in `$XDG_RUNTIME_DIR`. When sandboxing a browser, it would be unsafe to mount this directory inside the sandbox. Mounting the socket into the sandbox's filesystem is also not possible in cases where KeePassXC is [re]started after the browser has started. This commit moves the socket into its own isolated subdirectory, which can be safely mounted into sandboxes. Sandbox engines can create the directory themselves (in case the browser starts before KeePassXC). Both Flatpak and Firejail support this configuration. A symlink is also created, linking the previous location to the new location. This is meant for backwards compatibility and should eventually be dropped. The directory can't be named `org.keepassxc.KeePassXC.BrowserServer`, since that would collide with the symlink. Instead, the directory has been created to match the format used for Flatpak builds, which make it a bit less of a snowflake build, while following accepted conventions. Given that the preferred path now matches what Flatpak uses, the block handling Flatpak and non-Flatpak is now the same. If `$XDG_RUNTIME_DIR` is undefined, the temporary directory is used, though reading the socket from this location is discouraged. Closes: #8018 References: #6741
Looking at the logs for the build, I noticed this:
It turns out that if The fallback should be dropped. It's clear that nobody is relying on this fallback for the extension tho, because, unless I'm missing something, it cannot work. Edit: implemented in a455ee4 That aside, I've no idea why the Ubuntu build is failing. Is this a fluke? I'll try to re-trigger CI and see if it passes. Edit: it passed. |
It if XDG_RUNTIME_DIR is unset, then QStandardsPaths::RuntimeLocation returns fallback a path in /tmp. This implies that the fallback code remove here is wrong, since the fallback to /tmp is already handled by Qt and doesn't need to be done again on the KeePassXC side. It's clear that nobody is relying on the existing fallback for the extension, since the code-path that creates triggers this fallback was unreachable.
Agree the fallback is silly. Perhaps we can issue a warning to the console if the socket cannot be created. |
Can we address it separately? I'm not really sure how to do that, and I think this PR is ready as-is. |
Yah no worries |
I'll be looking at prs later this week |
Thanks! |
This is mostly to ease setup and configuration with sandboxed browsers. The socket currently existing in `$XDG_RUNTIME_DIR`. When sandboxing a browser, it would be unsafe to mount this directory inside the sandbox. Mounting the socket into the sandbox's filesystem is also not possible in cases where KeePassXC is [re]started after the browser has started. This commit moves the socket into its own isolated subdirectory, which can be safely mounted into sandboxes. Sandbox engines can create the directory themselves (in case the browser starts before KeePassXC). Both Flatpak and Firejail support this configuration. A symlink is also created, linking the previous location to the new location. This is meant for backwards compatibility and should eventually be dropped. The directory can't be named `org.keepassxc.KeePassXC.BrowserServer`, since that would collide with the symlink. Instead, the directory has been created to match the format used for Flatpak builds, which make it a bit less of a snowflake build, while following accepted conventions. Given that the preferred path now matches what Flatpak uses, the block handling Flatpak and non-Flatpak is now the same. If `$XDG_RUNTIME_DIR` is undefined, the temporary directory is used, though reading the socket from this location is discouraged. Closes: keepassxreboot#8018 References: https://github.com/keepassxreboot/keepassxc/discussions/6741
This is mostly to ease setup and configuration with sandboxed browsers. The socket currently existing in `$XDG_RUNTIME_DIR`. When sandboxing a browser, it would be unsafe to mount this directory inside the sandbox. Mounting the socket into the sandbox's filesystem is also not possible in cases where KeePassXC is [re]started after the browser has started. This commit moves the socket into its own isolated subdirectory, which can be safely mounted into sandboxes. Sandbox engines can create the directory themselves (in case the browser starts before KeePassXC). Both Flatpak and Firejail support this configuration. A symlink is also created, linking the previous location to the new location. This is meant for backwards compatibility and should eventually be dropped. The directory can't be named `org.keepassxc.KeePassXC.BrowserServer`, since that would collide with the symlink. Instead, the directory has been created to match the format used for Flatpak builds, which make it a bit less of a snowflake build, while following accepted conventions. Given that the preferred path now matches what Flatpak uses, the block handling Flatpak and non-Flatpak is now the same. If `$XDG_RUNTIME_DIR` is undefined, the temporary directory is used, though reading the socket from this location is discouraged. Closes: keepassxreboot#8018 References: https://github.com/keepassxreboot/keepassxc/discussions/6741
Hmmm, the directory is created with permission 755, but keepass refuses to create the socket due to directory permissions (requires them to be 700). I'm not that familiar with Qt, can we change |
Oh, never mind. I was running in a sandbox and the permissions of |
This is mostly to ease setup and configuration with sandboxed browsers. The socket currently existing in `$XDG_RUNTIME_DIR`. When sandboxing a browser, it would be unsafe to mount this directory inside the sandbox. Mounting the socket into the sandbox's filesystem is also not possible in cases where KeePassXC is [re]started after the browser has started. This commit moves the socket into its own isolated subdirectory, which can be safely mounted into sandboxes. Sandbox engines can create the directory themselves (in case the browser starts before KeePassXC). Both Flatpak and Firejail support this configuration. A symlink is also created, linking the previous location to the new location. This is meant for backwards compatibility and should eventually be dropped. The directory can't be named `org.keepassxc.KeePassXC.BrowserServer`, since that would collide with the symlink. Instead, the directory has been created to match the format used for Flatpak builds, which make it a bit less of a snowflake build, while following accepted conventions. Given that the preferred path now matches what Flatpak uses, the block handling Flatpak and non-Flatpak is now the same. If `$XDG_RUNTIME_DIR` is undefined, the temporary directory is used, though reading the socket from this location is discouraged. Closes: #8018 References: #6741
This is mostly to ease setup and configuration with sandboxed browsers. The socket currently existing in `$XDG_RUNTIME_DIR`. When sandboxing a browser, it would be unsafe to mount this directory inside the sandbox. Mounting the socket into the sandbox's filesystem is also not possible in cases where KeePassXC is [re]started after the browser has started. This commit moves the socket into its own isolated subdirectory, which can be safely mounted into sandboxes. Sandbox engines can create the directory themselves (in case the browser starts before KeePassXC). Both Flatpak and Firejail support this configuration. A symlink is also created, linking the previous location to the new location. This is meant for backwards compatibility and should eventually be dropped. The directory can't be named `org.keepassxc.KeePassXC.BrowserServer`, since that would collide with the symlink. Instead, the directory has been created to match the format used for Flatpak builds, which make it a bit less of a snowflake build, while following accepted conventions. Given that the preferred path now matches what Flatpak uses, the block handling Flatpak and non-Flatpak is now the same. If `$XDG_RUNTIME_DIR` is undefined, the temporary directory is used, though reading the socket from this location is discouraged. Closes: keepassxreboot#8018 References: keepassxreboot#6741
This is mostly to ease setup and configuration with sandboxed browsers. The socket currently existing in `$XDG_RUNTIME_DIR`. When sandboxing a browser, it would be unsafe to mount this directory inside the sandbox. Mounting the socket into the sandbox's filesystem is also not possible in cases where KeePassXC is [re]started after the browser has started. This commit moves the socket into its own isolated subdirectory, which can be safely mounted into sandboxes. Sandbox engines can create the directory themselves (in case the browser starts before KeePassXC). Both Flatpak and Firejail support this configuration. A symlink is also created, linking the previous location to the new location. This is meant for backwards compatibility and should eventually be dropped. The directory can't be named `org.keepassxc.KeePassXC.BrowserServer`, since that would collide with the symlink. Instead, the directory has been created to match the format used for Flatpak builds, which make it a bit less of a snowflake build, while following accepted conventions. Given that the preferred path now matches what Flatpak uses, the block handling Flatpak and non-Flatpak is now the same. If `$XDG_RUNTIME_DIR` is undefined, the temporary directory is used, though reading the socket from this location is discouraged. Closes: #8018 References: #6741
To avoiding mounting everything into Flatpak sandbox, the socket was moved into a separate path under Linux [1][2]. Note this does not affect other distributions under Linux as there is a symbolic link from the old path [3]. [1] keepassxreboot/keepassxc#8030 [2] keepassxreboot/keepassxc@1009650 [3] https://github.com/keepassxreboot/keepassxc/blob/2.7.4/src/browser/BrowserShared.cpp#L49
To avoiding mounting everything into Flatpak sandbox, the socket was moved into a separate path under Linux [1][2]. Note this does not affect other distributions under Linux as there is a symbolic link from the old path [3]. [1] keepassxreboot/keepassxc#8030 [2] keepassxreboot/keepassxc@1009650 [3] https://github.com/keepassxreboot/keepassxc/blob/2.7.4/src/browser/BrowserShared.cpp#L49
This is mostly to ease setup and configuration with sandboxed browsers.
The socket currently existing in
$XDG_RUNTIME_DIR
. When sandboxing abrowser, it would be unsafe to mount this directory inside the sandbox.
Mounting the socket into the sandbox's filesystem is also not possible
in cases where KeePassXC is [re]started after the browser has started.
This commit moves the socket into its own isolated subdirectory, which
can be safely mounted into sandboxes. Sandbox engines can create the
directory themselves (in case the browser starts before KeePassXC). Both
Flatpak and Firejail support this configuration.
A symlink is also created, linking the previous location to the new
location. This is meant for backwards compatibility and should
eventually be dropped.
The directory can't be named
org.keepassxc.KeePassXC.BrowserServer
,since that would collide with the symlink. Instead, the directory has
been created to match the format used for Flatpak builds, which make it
a bit less of a snowflake build, while following accepted conventions.
Fixes: #8018
Testing strategy
Backwards compatibility
Try using browser integration on an existing, working, setup. It should all work without any issues.
For sandboxed applications
See #6741 (reply in thread), without tampering with
keepassxc.local
.Type of change
Notes
It might make sense to drop this bit, since now it matches the default behaviour:
keepassxc/src/browser/BrowserShared.cpp
Lines 35 to 37 in 736517f
Not sure if it's fine to do this on the PR of it it's best to do that separately.