Introducing Script For Updating Spotube Binaries Via .tar.xz On Linux

[ksaadDE]

Hi, with regard to the last updates in a row, due to the 403 API issue fix.

The current approach is not time efficient. I wanted something more automated. Therefore I am contributing and sharing it among yall.

• adds the bash script to update spotube either on aarch64 or on x86_64
• adds a logfile, using iso datetimes and the download url (for knowing when the last update was and what version)
• Script creates necessary folder (if not existent) and symlink /usr/bin/spotube

Script can be moved to /usr/bin/updatespotube with chmod 0700 /usr/bin/updatespotube&& chown root:root /usr/bin/updatespotube`, as a root only executable (tested). Possibly it can be run with a cronjob within crontab (untested).

Untared files can be run as group and "other" (so non-root). Editing only works as root-user. The lastupdate.txt is locked to root-access only.

[KRTirtho]

Thanks for the contribution

But sorry but this requires super user permissions (/usr/** usage) and can be vulnerable for users if not maintained correctly. Also, Spotube generally prefers Flatpak over distro package managers. So for automated updates, using Flatpak instead of manually updating through a script is preferred.

[ksaadDE]

Hi @KRTirtho,

The directory and user is changeable, and the whole script is a super user script. There stems no imminent security issue from that.

AppImage would be great, flatpak requires installation of an additional tool that introduces new vulnerability possibilities, and seems unnecessary.

That's why I opted for the tar.xz, its easier and has no prerequisites. It can be fully automated and adjusted.

[ksaadDE]

BTW the flatpak repos were longer outdated than the tar, so thats another plus for it.