rofi-totp requires to read 2 configuration files from user’s HOME directory.
- ~/.gauth
- ~/2fa.yml (for backward compatibility)
Thanks.
~/.gauth appears to be used by the google authenticator desktop app. A quick search didn’t show anything for ~/2fa.yml (is this rofi-totp specific)?
There isn’t enough information to understand why the read access is needed. Can you provide more detail on why the snap-specific value for $HOME is not sufficient (eg, ~/snap/rofi-totp/<revision>)? The interface is intended to be used to import data from non-snap installs where the snap is the clear owner of the specified file/directory.
@jdstrand Thanks for the reply.
~/.gauth appears to be used by the google authenticator desktop app.
Yes, .gauth is used by alfred-workflow-gauth. from 0.2.0 rofi-totp start supporting the ~/.gauth so that users who are using mac and linux can use the same config file, sync via Dropbox.
~/2fa.yml (is this rofi-totp specific)
Yes the version 0.1.0 (Initial release) used this configuration and still supports along with .gauth.
Regarding the $HOME, rofi-totp is distributed as executable as of now and will continue to do so along with snap distrubution. As of now it reads the config from users $HOME directory. So the snap specific $HOME directory won’t be a good idea if the user decide to use the executable without snapd
Hope this clarifies the intention.
+1 for use of personal-files for read with auto-connection for 2fa.yml with the following snap.yaml (since this snap owns ~/2fa.yml):
plugs:
2fa-yml:
interface: personal-files
read:
- $HOME/2fa.yml
+1 for use of personal files for read without auto-connection for ~/.guath with the following snap.yaml (since this snap does not own ~/.gauth):
plugs:
dot-gauth:
interface: personal-files
read:
- $HOME/.gauth
@reviewers - can others vote on this?
does $HOME/2fa.yml really require the personal-files interface, it seems like it’s already allowed via the home interface. Unless really what’s meant is $HOME/.2fa.yml?
Looked at the upstream source and it certainly looks for ~/2fa.yml not ~/.2fa.yml. So +1 from me for the personal files use for .gauth as described by @jdstrand
1 Like
I am 
for using personal files to read without auto-connection for ~/.guath
on the personal file to read ~/2fa.yml since that can be accessed via the home interface.
1 Like
@ijohnson, @popey, @Wimpress - note that the personal-files interface is typically used for dot files, but it can be used to allow a specific area of the filesystem instead of allowing all of home, which is what I was thinking. That said, the snap does already plugs home, so that is unneeded.
3 votes for, 0 against for use of .gauth without auto-connection
1 vote for, 2 against for use of 2fa.yml
Granting use of .gauth as described. This is now live.
Please adjust your snap to use (and drop 2fa.yml):
plugs:
dot-gauth:
interface: personal-files
read:
- $HOME/.gauth
and your next upload should pass automated review.
2 Likes
I forgot that the review-tools need an update for this to pass automated review. This is committed but not in production yet. It should be soon. In the meantime, you can request a manual review and we can approve it that way.