Rofi-totp snap require personal-files to read configuration


#1

rofi-totp requires to read 2 configuration files from user’s HOME directory.

  1. ~/.gauth
  2. ~/2fa.yml (for backward compatibility)

snapcraft.yml

Thanks.


#2

~/.gauth appears to be used by the google authenticator desktop app. A quick search didn’t show anything for ~/2fa.yml (is this rofi-totp specific)?

There isn’t enough information to understand why the read access is needed. Can you provide more detail on why the snap-specific value for $HOME is not sufficient (eg, ~/snap/rofi-totp/<revision>)? The interface is intended to be used to import data from non-snap installs where the snap is the clear owner of the specified file/directory.


#3

@jdstrand Thanks for the reply.

~/.gauth appears to be used by the google authenticator desktop app.

Yes, .gauth is used by alfred-workflow-gauth. from 0.2.0 rofi-totp start supporting the ~/.gauth so that users who are using mac and linux can use the same config file, sync via Dropbox.

~/2fa.yml (is this rofi-totp specific)

Yes the version 0.1.0 (Initial release) used this configuration and still supports along with .gauth.

Regarding the $HOME, rofi-totp is distributed as executable as of now and will continue to do so along with snap distrubution. As of now it reads the config from users $HOME directory. So the snap specific $HOME directory won’t be a good idea if the user decide to use the executable without snapd

Hope this clarifies the intention.


#4

+1 for use of personal-files for read with auto-connection for 2fa.yml with the following snap.yaml (since this snap owns ~/2fa.yml):

plugs:
  2fa-yml:
    interface: personal-files
    read:
    - $HOME/2fa.yml

+1 for use of personal files for read without auto-connection for ~/.guath with the following snap.yaml (since this snap does not own ~/.gauth):

plugs:
  dot-gauth:
    interface: personal-files
    read:
    - $HOME/.gauth

@reviewers - can others vote on this?


#5

does $HOME/2fa.yml really require the personal-files interface, it seems like it’s already allowed via the home interface. Unless really what’s meant is $HOME/.2fa.yml?


#6

Looked at the upstream source and it certainly looks for ~/2fa.yml not ~/.2fa.yml. So +1 from me for the personal files use for .gauth as described by @jdstrand


#7

I am :+1: for using personal files to read without auto-connection for ~/.guath

:-1: on the personal file to read ~/2fa.yml since that can be accessed via the home interface.