Permission request for "personal-files" for "bookmark-cd"

This is a request to be able to connect ‘personal-files’ for access the the shell init scripts $HOME/.bashrc and $HOME/.zshrc. This is for setup.

bookmark-cd is a way to cd to a bookmarked directory. The app does the following to create the bcd shell function in the init script so that the output of this execution runs the cd command to the bookmarked directory.

eval "$(bookmark-cd init)"  

which outputs the following function:

function bcd() {
    result=$(bookmark-cd $@ 2>&1)
    if [ "cd" == ${result:0:2} ]; then
        cd ${result:3:${#result}-3}
        echo "$result"

… as defined in this file

This is the only way to add a command like this to a shell, and quite a common technique for apps that extend shell functionality. Example: starship does something quite similar except they have the whole home plugin which I think is probably more than this really needs.

-1 from me for use of personal-files to write to $HOME/.bashrc / $HOME/.zshrc - as this can be used to easily escape snap confinement. Note home does not provide access to dot-files so even using this would not allow such access.

If this is something that is required then a user should add this manually to these files themselves.

Could I at lease get read so that if the change is done by the user, the code that checks whether this has been set up can see and advise the user what is wrong?

From a security point-of-view, read access should be fine. +1 from me for use of (but not auto-connect) personal-files with read access to ~/.bashrc and ~/.zshrc - for consistency, could you please create 2 separate personal-files instances, named dot-bashrc and dot-zshrc respectively?

The reason I do not think auto-connect is appropriate is that it is still possible a user could store sensitive info in their ~/.bashrc etc and so then they should make an informed choice whether to connect this. As far as you snap is concerned, you can detect if this is connected or not via snapctl is-connected dot-bashrc and then prompt the user to connect it if needed.


Done, but I don’t understand where I would use snapctl is-connected. Could I run a script as a part of the snap install to sort out snap specific install stuff? Or is there a recomended way for an application to work out it is running from inside a snap at runtime?


At runtime you can check if the SNAP environment variable is set - and if so then can assume you are running as a snap.

Changes are made, do I need to wait for more reviewers to unblock releases?

Yes, as per the Process for aliases, auto-connections and tracks we require 2 +1 votes to proceed with this request.

OK, I have done what is asked, anything else I need to do to get either of the +1’s ?

Nothing else needed from your side @aiecbr0wn - the voting period is 7 days, so now you just need to wait for other @reviewers to cast their votes.

I would also say +1 for read but -1 for auto-connect, and I also agree that there is too much potentially sensitive stuff in the .bashrc and .zshrc.

So 8 days and I have two +1 for read, as per the processs, and have updated my snapcraft.yaml to have read in the way suggested. Would it be possible to allow release please?

+2 votes for, 0 votes against, granting use of personal-files instance named dot-bashrc and dot-zshrc for read access to ~/.bashrc and ~/.zshrc respectively. This is now live.