Replace gvfs

[probonopd]

    gnome-online-accounts: 3.36.0
    gvfs: 1.30.4_4
    libgdata: 0.17.9_1
    webkit2-gtk3: 2.30.1
    wpebackend-fdo: 1.4.1

103 MiB

[probonopd]

Webkit for Gtk? Just to mount LAN shares? Why?

[probonopd]

We should replace gvfs with something simpler, such as a combination of Zeroconf for detecting network devices and some custom code for (FUSE-)mounting them.

• gvfs comes from the Gnome stack which is not a welcome technology in helloSystem
• gvfs pulls in too many dependencies
• According to https://github.com/helloSystem/ISO/issues/32 gvfs is missing in FreeBSD 13

[DamjanJovanovic]

What package are those dependencies for?

Neither gvfs git nor gvfs-1.47.90 source code contain the word "webkit".

webkit2-gtk3-2.30.2's required-by (and their entire ancestry of required-by) does not include gvfs.

What ports branch is this from?

[probonopd]

D'uh, I should have written this down. I think this was what happened when I tried to sudo pkg install gvfs on a FreeBSD 12.1 system.

[DamjanJovanovic]

The GOOGLE option adds this dependency chain:

devel/gvfs -> devel/libgdata -> net/gnome-online-accounts -> webkit2-gtk3

GOOGLE was set to off by default by this change, you probably tried gvfs before that:

commit f05c0025bbec89a4867d557bdda399857447d4d8
Author: bapt <bapt@FreeBSD.org>
Date:   Tue Oct 20 18:23:31 2020 +0000

    Remove GOOGLE option forgotten in previous commit

[probonopd]

Thank you very much. This kind of stuff is what I mean with "gvfs is entangled with a stack we don't want in helloSystem". It is biased toward using the Red Hat stack. Otherwise there would be an option to use Qt WebEngine instead of webkit2-gtk3.

[DamjanJovanovic]

You're welcome. I still think you get further by understanding the software stack, and then customizing it to your requirements.

"Keep your friends close, keep your enemies closer." If we monitored GNOME's development activity, we would know about these problems before they get unleashed on poor users. If we studied and developed gvfs further, we could make it work with Qt WebEngine if need be, without upstream help.

"Cloning doesn't work against a fast competitor", Eric Schmidt, ex-CEO of Google in his "Unwinnable Wars" talk. Consider how a decade of Btrfs development failed to out-compete ZFS, and it took LLVM $50 million dollars and many years to develop Clang to the point where it began out-competing GCC. By comparison, one 8000 line project, bsdisks, quickly got every file manager on every desktop working better than HAL did, not because it reimplemented the entire GNOME stack, but because it developed one small component in just the right place, that got both gvfs and Solid singing and dancing to our tune.

[probonopd]

I need to learn more about bsdisks.

[DamjanJovanovic]

It looks somewhat like this. gvfs and Solid use libudisks to make DBus calls to the UDisks2 DBus service, which uses udev (now part of systemd), and various Linux kernel subsystems to expose devices, partitions, filesystems and operations and events on them over DBus. The deeper you go, the more it becomes a Linux-only setup.

bsdisks pretends to be UDisks2, implementing the same DBus functions, but using FreeBSD technologies like devd, CAM, and GEOM underneath, it can mount ZFS; software above is none the wiser.

Written in C++ with Qt, which makes DBus development particularly easy, it's only about 8000 lines compared to udisks2's 38000+ lines of C/glib. It doesn't do everything yet, there is no RAID, swap, it can't format drives, etc. but those APIs don't seem generally useful, I think they're there just for GNOME Disks to consume.

[probonopd]

Written in C++ with Qt, which makes DBus development particularly easy, it's only about 8000 lines compared to udisks2's 38000+ lines of C/glib.

Now we are talking :-)

Would it be possible to use bsdisks directly in Filer, without the need for gvfs and other Gnome-ish stuff, maybe even without D-Bus?

[DamjanJovanovic]

I believe Filer should work with bsdisks (report if not), but it has to use DBus.

Use at least bsdisks version 0.25, released a few days ago.

[DamjanJovanovic]

Also don't be scared of D-Bus. It's not the prettiest but it's organized and you get used to it. The entire object tree can be inspected. It's well tooled and scriptable. All traffic can be monitored with dbus-monitor. It's a heaven send compared to Microsoft's COM, in which traffic can't be monitored, there is little to no tooling and scripting, and you have to dig through the Windows registry to find things.

[probonopd]

Yes, and since many existing applications depend on it, I guess we just have to live with it for now. Still I find it way too convoluted. That whole / vs . thing alone, and the inablity of root to send messages to non-root userland.

[DamjanJovanovic]

The system bus should allow root and user processes to communicate. Only session buses are specific to user login sessions. A process can be on multiple buses, eg. gvfs is on the session bus for desktop apps to access it, and on the system bus to call UDisks2/bsdisks.

Each bus connection has a bus name like ":1.2", and can also request a nicer name like "org.freedesktop.NetworkManager" if exporting a service. Within a service, it exports objects, in a hierarchy of paths similar to a filesystem. Those objects are only unique to that service, not globally unique, which is why you always specify the bus name too when calling them. Objects have interfaces, and each interface has properties that can be read and/or written, and methods that can be called.

Only paths to objects have "/", everything else has ".": some.service -> /path/to/object -> some.interface.and.method

dbus-send --print-reply --dest=some.service /path/to/object some.interface.and.method

[probonopd]

Yes, maybe it's just me but I find all of this utterly confusing. What is a path and what is an object and why are they not one and the same. Why do I need separate buses.

[DamjanJovanovic]

Yes, maybe it's just me but I find all of this utterly confusing. What is a path and what is an object and why are they not one and the same. Why do I need separate buses.

Separate session buses for users allow multi-seat and thin client configurations, as well as (in theory) secure communication between eg. apps and keyring. System buses are for global system-wide state, though in practice they're not always used that way, eg. Pulseaudio was criticized for using the session bus for audio instead of the system bus (even though audio is global in a single-user system) and breaking audio in apps running as a different user account (eg. some people ran Wine as a separate user to isolate its files from their main account) (don't know if it still does).

[kettle-7]

38000+ lines of C/glib

30 is enough to make my head hurt.
In other words, I'm no help here.

[probonopd]

We could use sshfs to mount SSH shares. That would have the added benefit that not only Filer, but all applications could access them from a path, e.g., inside /media, like every other volume.

To make this happen, we need to use the SSH_ASKPASS environment variable.

But: How can we get the equivalent of

which currently pops up when accessing ssh via Filer? Since these strings are not in Filer source code, they must be coming from somewhere else... gvfs!

https://github.com/GNOME/gvfs/blob/ab4d7ba1da44ab94e05c74ac9f3ad2835e402768/daemon/gvfsbackendsftp.c#L934

How can we achieve the same thing but without gvfs?

Does https://github.com/lxqt/lxqt-openssh-askpass/ handle this? If so, how?

Does the following have to do with it?

Message from lxqt-openssh-askpass-1.1.0:

--
*** Note ssh-add will NOT use GUI tools like lxqt-openssh-askpass 
*** when it is attached to a terminal. 

* To use lxqt-openssh-askpass start ssh-agent with -a <SOCKET_PATH> e.g in .xinitrc
ssh-agent -a "/tmp/${USER}-ssh-agent"

* Then set two variables e.g in ~/.config/lxqt/session.conf:
SSH_ASKPASS=lxqt-openssh-askpass
SSH_AUTH_SOCK=<SOCKET_PATH>
then run ssh-add from lxqt-runner or a .desktop entry

In the meantime, we could use -o StrictHostKeyChecking=no but that's not ideal.

Also, when running this from outside of a terminal:

#!/bin/sh

sudo mkdir -p /media/Asterisk
sshfs -o StrictHostKeyChecking=no,idmap=user username@Asterisk.local:/ /media/Asterisk

Then it asks for a password even if no password has been set for username.

[probonopd]

I have it working using lxqt-openssh-askpass/.

The dialogs could be nicer, but it's a start.

The trick is:

# Allow for sshfs to ask for a password
# and to do identity verification
if [ -z $SSH_AUTH_SOCK ] ; then
  eval $(ssh-agent -a "/tmp/${USER}-ssh-agent")
  export SSH_ASKPASS=/usr/local/bin/lxqt-openssh-askpass
  export SSH_AUTH_SOCK="${SOCKET_PATH}"
fi

[probonopd]

Now we need a way for Filer to learn about Zeroconf without Gnome-ish dependencies, and show sftp services here:

Alternatively (probably better), get rid of the network:/// thing altogether. No one knows where it is. It has no place on the filesystem. Make Command+N just launch Zeroconf for now.

[probonopd]

The whole gfvs is an overcomplicated mess.

Just using @vermaden's excellent automount, FUSE sshfs and the like is so much more Unix philosophy.

I am so sick and tired of cryptic messages like this that point to other complicated mess:

(process:11003): GVFS-WARNING **: 11:03:14.196: The peer-to-peer connection failed: Fehler beim Holen der Informationen für Datei »/var/run/user/1001/gvfsd«: No such file or directory. Falling back to the session bus. Your application is probably missing --filesystem=xdg-run/gvfsd privileges.

So, gvfs must go. And D-Bus should be replaced by something way simpler where one does not need "privileges".

[grahamperrin]

We could use sshfs …

Can anyone direct us to a server, for test purposes?

Primarily, to tell what happens when two or more people aim for concurrent edition of a single file.

IIRC, there's loss of data with only one winner.

[probonopd]

Most likely. Is that handled differently by gvfs?

I mean, what happens if you do the same on a local filesystem? Who saves last wins. Some applications set a watch on the file and inform the user in case it has been edited elsewhere.

[grahamperrin]

… on a local filesystem? …

Most relevant is probably fcntl(2):

… Several operations are available for doing advisory file locking; …

[grahamperrin]

… handled differently by gvfs? …

Maybe more useful to think about things that are not fixed, or enhanced, to work with GVfs.

Resolved, fixed (2016-02-11):

• Document Foundation bug 56544 – FILEOPEN: Lock file is not created on samba share (via gvfs)

[probonopd]

sudo pkg unlock gvfs 
sudo pkg unlock hellosystem-essential-packages
sudo pkg remove gvfs

As a result

• Way fewer processes are running, less RAM consumption
• computer:/// is no longer populated in Filer
• Trash does not work anymore in Filer, we need to reimplement it
• Mounted volumes are not shown on the desktop, however they are still shown in the non-spatial Filer sidebar using correct icons and eject buttons -- we need to find a way to do a similar thing on the desktop! (Currently the volumes are taken from computer:/// while the non-spatial sidebar seems to do it differently.) Ideally we do this without Glib, using Qt native QStorageInfo.