-
Notifications
You must be signed in to change notification settings - Fork 5
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Should notifications permission be granted automatically for the Flatpak package? #6
Comments
At the very least the notification that pops up when trying to enabled notifications should give the user some piece of information (e.g. a link to this issue) on how to enable D-Bus session bus access. Otherwise someone not familiar with Flatpak sandboxing has no idea how to enable said access themselves ^^ |
Thank you, that's a very good point. The longer message didn't work well with these popups in my tests (it would be trimmed if it doesn't fit, and on the phone there's no option to just increase the window width). But I can indeed add a button with a link here. |
I see many upvotes to the suggestion above, so I think I should prioritize this and release v0.4.2 as soon as it's ready. The reason it's not done yet is that it requires a bit more changes than I expected. |
I guess you could implement the needed command behind a second "Allow"-button for more convenience. |
Thanks for the input. If I understand you correctly, that wouldn't work, as the command would be running from the same sandbox. And I mean generally, if sandboxed apps were able to change their own privileges it would defeat the purpose of sandboxing. I guess the convenience option could be the button to launch Flatseal if it's installed. But I guess it's not installed for many, and even if installed it'd still require extra steps from a user (probably, including reading this issue), so this way it's probably not even worth the space on the pop-up. I might be exaggerating the concern here. I think eventually if nobody else voices their preference to keep it opt-in, I'll just apply for an exception with Flathub to enable it by default. |
Hi! I've actually learnt about Flatpak and Flatseal very quickly after I installed Fedora on my machine (we can even configure Flatpak apps permissions on KDE through I honestly would prefer to opt-in and manually activate the If the |
The notifications forwarding feature requires full D-Bus session bus access. Currently, the permission for the Flatpak package needs to be granted manually, otherwise notifications forwarding won't work. This can be done via Flatseal, or using the following command:
Technically, this gives WatchMate access to sniff all user-level IPC on D-Bus (non-sandboxed software can do it anyway of course). Reasonably, Flathub doesn't normally allow it. Unfortunately, there seems to be no other way to implement this feature than via D-Bus monitor, and other PineTime companion apps on Linux do it the same way.
I could ask for an exception for WatchMate on Flathub to declare this permission (they have a system for it).
The question is, would you as a user prefer to leave it opt-in and explicit, or would you rather not bother and have it working out-of-the-box? I much prefer the idea of granting such a strong permissions manually, but I'm not sure how much inconvenience it brings.
I will keep this issue open for a while to give enough time to gather opinions.
P.S. To give more details on the current implementation, it uses org.freedesktop.DBus.Monitoring.BecomeMonitor to listen what other processes send via org.freedesktop.Notifications.Notify call. If you know any better way to do it with Freedesktop API that wouldn't require such a coarse-grained permission, please let me know! This would be the best option.
The text was updated successfully, but these errors were encountered: