Alias and interface auto-connections for TeleGuard desktop messenger

store-requests
1

Greetings.

TeleGuard desktop app is based on flutter and open-source packages from https://pub.dev/ For our snap (official page if need is https://teleguard.com/) I’d like to request alias teleguard-desktop and auto-connection for interfaces described below.

snapcraft.yaml 
name: teleguard-desktop
version: 3.0.5
summary: TeleGuard
description: TeleGuard instant messenger
icon: snap/gui/teleguard-desktop.png

confinement: strict
compression: lzo
base: core20
grade: devel

slots:
  dbus-teleguard-desktop:
    interface: dbus
    bus: session
    name: ch.swisscows.messenger.teleguardapp.desktop
    
apps:
  teleguard-desktop:
    command: bin/teleguard_desktop
    extensions: [gnome-3-38]
    plugs:
      - audio-playback
      - audio-record
      - camera
      - desktop
      - desktop-legacy
      - gsettings
      - home
      - network
      - network-manager # inet observer required
      - network-status
      - opengl
      - removable-media
      - x11
    slots:
      - dbus-teleguard-desktop
    environment: &_environment
      LD_LIBRARY_PATH: $LD_LIBRARY_PATH:$SNAP/usr/lib/$SNAPCRAFT_ARCH_TRIPLET/pulseaudio:$SNAP/usr/lib/$SNAPCRAFT_ARCH_TRIPLET:$SNAP/usr/lib/$SNAPCRAFT_ARCH_TRIPLET/blas:$SNAP/usr/lib/$SNAPCRAFT_ARCH_TRIPLET/lapack:$SNAP/usr/lib/$SNAPCRAFT_ARCH_TRIPLET/blas:$SNAP/usr/lib/$SNAPCRAFT_ARCH_TRIPLET/samba
      GTK_PATH: $SNAP/usr/lib/$SNAPCRAFT_ARCH_TRIPLET/gtk-3.0

parts:
  flutter-git:
    source: https://github.com/flutter/flutter.git
    source-tag: 3.10.6
    plugin: nil
    override-build: |
      set -eux
      mkdir -p $SNAPCRAFT_PART_INSTALL/usr/bin
      mkdir -p $SNAPCRAFT_PART_INSTALL/usr/libexec
      cp -r $SNAPCRAFT_PART_SRC $SNAPCRAFT_PART_INSTALL/usr/libexec/flutter
      ln -sf $SNAPCRAFT_PART_INSTALL/usr/libexec/flutter/bin/flutter $SNAPCRAFT_PART_INSTALL/usr/bin/flutter
      export PATH="$SNAPCRAFT_PART_INSTALL/usr/bin:$PATH"
      flutter doctor
    build-packages:
      - clang
      - cmake
      - curl
      - ninja-build
      - unzip
      - pkg-config
      - libgtk-3-dev
      - liblzma-dev
    override-prime: ''

  teleguard-desktop:
    after: [ flutter-git ]
    source: .
    override-pull: |
      set -eux
      rm -rf $SNAPCRAFT_PROJECT_DIR/build
      snapcraftctl pull
    plugin: nil

    build-packages:
      - libgstreamer1.0-dev 
      - libgstreamer-plugins-base1.0-dev
      - libnotify-dev 
      - libmpv-dev
      - libappindicator3-dev
      - gir1.2-keybinder-3.0
      - libkeybinder-3.0-0
      - libkeybinder-3.0-dev
      - libpulse-dev
      - jq

    stage-packages:
      - libkeybinder-3.0-0
      - libappindicator3-1
      - libsqlite3-dev
      - libmpv1
      - mpv
      - gstreamer1.0-plugins-good
      - gstreamer1.0-plugins-bad
      - libnotify4
      - zenity

    override-build: |
      set -eux
      # add dart binary to path /root/parts/flutter-git/install/usr/libexec/flutter/bin
      flutter doctor
      flutter pub get || true
      flutter build linux --release -v -t lib/main.dart

      snapcraftctl set-version "$(jq -r '.version' build/flutter_assets/version.json)"
      mkdir -p $SNAPCRAFT_PART_INSTALL/bin
      cp -r build/linux/*/release/bundle/* $SNAPCRAFT_PART_INSTALL/bin/

layout:
  /etc/openal/alsoft.conf: 
    bind-file: $SNAP_DATA/etc/openal/alsoft.conf
  /usr/share/zenity:
    bind: $SNAP/usr/share/zenity
  /usr/share/X11:
    bind: $SNAP/usr/share/X11

I’ve upload a snap (see dashboard) and received

human review required due to 'deny-connection' constraint (interface attributes) declaration-snap-v2_slots_connection (dbus-teleguard-desktop, dbus)

So… Allow our app to use dbus please :slight_smile:

Additionally TeleGuard needs next interfaces connection:

  1. network-manager to monitor connection status. Messenger need to know when connection lost and restored to reconnect with server. We’re using package connectivity_plus (from pub.dev) for this task and it requires network-manager. Otherwise package throws next exception
org.freedesktop.DBus.Error.AccessDenied to interface="org.freedesktop.DBus.ObjectManager" 
Unhandled Exception: org.freedesktop.DBus.Error.AccessDenied: An AppArmor policy prevents this sender from sending this message to this recipient; type="method_call", sender=":1.173" (uid=1000 pid=36281 comm="/snap/teleguard-desktop/x1/bin/teleguard_desktop " label="snap.teleguard-desktop.teleguard-desktop (enforce)") interface="org.freedesktop.DBus.ObjectManager" member="GetManagedObjects" error name="(unset)" requested_reply="0" destination="org.freedesktop.NetworkManager" (uid=0 pid=1162 comm="/usr/sbin/NetworkManager --no-daemon " label="unconfined")
#0      DBusClient._callMethod (package:dbus/src/dbus_client.dart:1124)
<asynchronous suspension>
#1      DBusClient.callMethod (package:dbus/src/dbus_client.dart:608)
<asynchronous suspension>
#2      DBusRemoteObjectManager.getManagedObjects (package:dbus/src/dbus_remote_object_manager.dart:80)
<asynchronous suspension>
#3      NetworkManagerClient.connect (package:nm/src/network_manager_client.dart:2351)
<asynchronous suspension>
#4      ConnectivityPlusLinuxPlugin._startListenConnectivity (package:connectivity_plus/src/connectivity_plus_linux.dart:64)
<asynchronous suspension>
Unhandled Exception: org.freedesktop.DBus.Error.AccessDenied: An AppArmor policy prevents this sender from sending this message to this recipient; type="method_call", sender=":1.173" (uid=1000 pid=36281 comm="/snap/teleguard-desktop/x1/bin/teleguard_desktop " label="snap.teleguard-desktop.teleguard-desktop (enforce)") interface="org.freedesktop.DBus.ObjectManager" member="GetManagedObjects" error name="(unset)" requested_reply="0" destination="org.freedesktop.NetworkManager" (uid=0 pid=1162 comm="/usr/sbin/NetworkManager --no-daemon " label="unconfined")
#0      DBusClient._callMethod (package:dbus/src/dbus_client.dart:1124)
<asynchronous suspension>
#1      DBusClient.callMethod (package:dbus/src/dbus_client.dart:608)
<asynchronous suspension>
#2      DBusRemoteObjectManager.getManagedObjects (package:dbus/src/dbus_remote_object_manager.dart:80)
<asynchronous suspension>
#3      NetworkManagerClient.connect (package:nm/src/network_manager_client.dart:2351)
<asynchronous suspension>
#4      ConnectivityPlusLinuxPlugin._startListenConnectivity (package:connectivity_plus/src/connectivity_plus_linux.dart:64)
<asynchronous suspension>

  1. audio-record for voice calls and (perspectively) sending voice messages. TeleGuard are using libwebrtc through flutter_webrtc (from pub-dev) plugin. If we have no audio-record connected, any microphone manipulation deadly freezes whole app with no exception thrown.

  2. Optional: camera for video calls. Unlike the previous requirement does not break app if absent. Just casts black screen. Therefore request for camera is optional.

2

Hello,

  • dbus: I have approved the dbus connection, so that revision that was blocked in the store is now unblocked.

  • alias: a teleguard-desktop alias should not be required. Because the snap and app have the same name, the name is automatically aliased. it should be invokable just as $ teleguard-desktop

  • network-manager: From the description you’ve provided, I am obliged to ask if you have tried with the network-observe interface? I am unfamiliar with connectivity_plus, and it’s possible that it requires more permissions than -observe provides (as presumably it does more than just monitor connection status) even if you’re only using a subset of it’s features. If you could confirm that would be appreciated.

  • +1 for audio-record, it’s a primary feature of the app

  • +1 for camera - I also expect that users would expect the camera to work automatically on the app. The picture on teleguard.com shows a prominent camera icon on the screen so if the snap store page for the app features similar pictures or text, then my +1 holds.

3

I’ve tried to use network-observe plug, but unfortunately the original error persisted.

A little investigation showed that connectivity_plus uses https://github.com/canonical/nm.dart inside, that looks like an implementation of network-manager client. I guess there is simply no yet implementation of network-observe in Dart. However souce code shows that connectivity_plus does only thing: listen for network manager client properties changed to find a “Connectivity” property: connectivity_plus_linux.dart#L66

4

I think dclane meant to say network-manager-observe, not network-observe :wink:

1 Like
5

OMG… I was sure I tried network-manager-observe before with same result (i.e. exception). But now it worked well without network-manager connection. Thanks to @ogra

snap connections 
Interface                 Plug                                       Slot                                      Notes
audio-playback            teleguard-desktop:audio-playback           :audio-playback                           -
audio-record              teleguard-desktop:audio-record             -                                         -
camera                    teleguard-desktop:camera                   -                                         -
content[gnome-3-38-2004]  teleguard-desktop:gnome-3-38-2004          gnome-3-38-2004:gnome-3-38-2004           -
content[gtk-3-themes]     teleguard-desktop:gtk-3-themes             gtk-common-themes:gtk-3-themes            -
content[icon-themes]      teleguard-desktop:icon-themes              gtk-common-themes:icon-themes             -
content[sound-themes]     teleguard-desktop:sound-themes             gtk-common-themes:sound-themes            -
dbus                      -                                          teleguard-desktop:dbus-teleguard-desktop  -
desktop                   teleguard-desktop:desktop                  :desktop                                  -
desktop-legacy            teleguard-desktop:desktop-legacy           :desktop-legacy                           -
gsettings                 teleguard-desktop:gsettings                :gsettings                                -
home                      teleguard-desktop:home                     :home                                     -
network                   teleguard-desktop:network                  :network                                  -
network-manager-observe   teleguard-desktop:network-manager-observe  :network-manager-observe                  manual
network-status            teleguard-desktop:network-status           :network-status                           -
opengl                    teleguard-desktop:opengl                   :opengl                                   -
removable-media           teleguard-desktop:removable-media          -                                         -
wayland                   teleguard-desktop:wayland                  -                                         -
x11                       teleguard-desktop:x11                      :x11                                      -

@dclane So yes, I’m replacing network-manager requirement with network-manager-observe

6

+1 for auto-connect network-manager-observe then.

7

+1 from me too for auto-connect of network-manager-observe, audio-record and camera.

8

Hi, +1 from me as well for the following interfaces:

  • network-manager-observe
  • audio-record
  • camera

Thanks

9

+3 votes for and 0 against. Granting auto-connect of network-manager-observe, audio-record, and camera interfaces to teleguard-desktop. This is now live.

2 Likes