lolrepeatlol
commented
3 years ago Would it be possible to have a Flatpak be a VPN since it's sandboxed?
Open rugk opened 3 years ago
lolrepeatlol
commented
3 years ago Would it be possible to have a Flatpak be a VPN since it's sandboxed?
rugk
commented
3 years ago I'm not sure and very likely depends on how it's done and how it integrates into the system. Online I could only find https://linuxpunx.com/2021/04/05/flatpak-and-whatip/, which seems to indicate it can at least have access to the network interfaces.
andersk
commented
2 years ago FYI, I’m packaging mozillavpn for Nix at NixOS/nixpkgs#147975. (Nix is unrelated to Flatpak, but satisfies a similar sort of use case: it installs on any Linux distro without relying on or interfering with system packages.)
HiruNya
commented
2 years ago I tried my hand at this but unfortunately I got stuck at the requirement for PolKit which doesn't seem to be supported (that link is from a while ago so I'm not sure if anything has changed since then). I don't know enough about how a VPN and PolKit work so I gave up :sweat_smile: . Depending on what Mozilla VPN needs root privileges for, you might be able to replace it with Portals.
oskirby
commented
2 years ago I think we can work around the use of Polkit by explicitly requesting permissions to access the D-Bus name org.mozilla.vpn but unfortunately I don't think that would be enough for a flatpak build of the VPN client. We currently require root permissions to run a D-Bus service that manipulates routing and the network interfaces, which would break in a Flatpak sandbox.
ahjolinna
commented
1 year ago any hope? or is this dead/abandoned? (would like to see this for my SUSE's MicroOS ...or other immutable distros)
herzenschein
commented
2 weeks ago I've been testing the current flatpak based on 6.6 and it works well.
In case others aren't aware of this, you can build the flatpak by navigating to the linux/flatpak folder and either:
# Building in one go
flatpak-builder build --install-deps-from=flathub --force-clean --ccache --install org.mozilla.vpn.yml
# Building the flatpak manually
flatpak-builder flatpak-build-dir --force-clean --install-deps-from flathub --repo=mozillavpn-master org.mozilla.vpn.yml
flatpak-builder --run flatpak-build-dir org.mozilla.vpn.yml mozillavpn # This just tests whether the flatpak runs
flatpak build-bundle mozillavpn-master mozillavpn.flatpak org.mozilla.vpn
sudo flatpak install mozillavpn.flatpakI've noticed however that if you install the flatpak as --user it keeps requesting Polkit for the password every once in a while, which is fairly annoying.
Could we get some collaboration from the Flatpak folks and from the KDE SDK folks to resolve the remaining issues? :>
It would be nice if you could publish this as a flatpak on flathub e.g.
Flatpaks are a new software distribution mechanism for Linux distros, can thus installed on any distro and are easy to update.
Here is how to get started.
┆Issue is synchronized with this Jira Task