Ok, so, let's clear the terminology up a little. All click packages are
installed in /opt (this is what Christian was talking about). However,
those packages (whether they by apps or scopes) aren't available to the
user until the user hooks are run, which creates symlinks in $HOME to
the things in /opt (this is what Michi was talking about). Then there
are the writable areas that apps and scopes have (this is what mardy and
michi were talking about). Note, within the apparmor policy,
@{APP_PKGNAME} refers to the 'name' field from the click manifest.
Scopes writable non-volatile areas (ie, not in /run) are:
(unconfined) @{HOME}/.local/share/unity-scopes/unconfined/@{APP_PKGNAME}/*
(confined network scope)
@{HOME}/.local/share/unity-scopes/leaf-net/@{APP_PKGNAME}/*
Whereas apps writable non-volatile areas (excluding the QML cache directory)
are:
@{HOME}/.cache/@{APP_PKGNAME}/*
@{HOME}/.config/@{APP_PKGNAME}/*
@{HOME}/.local/share/@{APP_PKGNAME}/*
Also note, we already have a precedent for sharing between apps shipped in the
same click: push helpers. Push helpers writable non-volatile areas are the same
as for apps:
@{HOME}/.cache/@{APP_PKGNAME}/*
@{HOME}/.config/@{APP_PKGNAME}/*
@{HOME}/.local/share/@{APP_PKGNAME}/*
Michi, my understanding was this would be perhaps a new API call, not
something that you would change on your end, but that is an
implementation detail and I can see arguments on either side.
Since Michi said he doesn't care where the directory is and we have a precedent
for data sharing already and it seems to make the most sense for scopes to
surface the data in an app rather than the other way around, I am going to add
this to the ubuntu-scope-network template:
# Allow scopes to share data with the app shipped in the same click
owner @{HOME}/.local/share/@{APP_PKGNAME}/ rw,
owner @{HOME}/.local/share/@{APP_PKGNAME}/** mrwkl,
** Changed in: apparmor-easyprof-ubuntu (Ubuntu)
Assignee: Michi Henning (michihenning) => (unassigned)
** Changed in: apparmor-easyprof-ubuntu (Ubuntu)
Status: Confirmed => Triaged
** Changed in: apparmor-easyprof-ubuntu (Ubuntu)
Assignee: (unassigned) => Jamie Strandboge (jdstrand)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu
in Ubuntu.
https://bugs.launchpad.net/bugs/1384286
Title:
add directory allowing scopes and apps to share data
Status in “apparmor-easyprof-ubuntu” package in Ubuntu:
In Progress
Status in “click-reviewers-tools” package in Ubuntu:
In Progress
Bug description:
Summary says it all, just need to decide on the directory. I propose using
this rule:
# Allow scopes to share data with the app shipped in the same click
owner @{HOME}/.local/share/@{APP_PKGNAME}/ rw,
owner @{HOME}/.local/share/@{APP_PKGNAME}/** mrwkl,
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor-easyprof-ubuntu/+bug/1384286/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
