search

purejava / keepassxc-proxy-access

A Java library to access KeePassXC via its build-in proxy
MIT License
13 stars 5 forks source link

Access KeePassXC installed as a snap or a Flatpak package #5

Closed purejava closed 2 years ago

purejava commented 2 years ago

Please agree to the following

Summary

Today, keepassxc-proxy-access cannot access KeePassXC's proxy, as Flatpak and snap use different $XDG_RUNTIME_DIRs

Motivation

KeePassXC can be installed as a snap package and is also available as a Flatpak package. Both variants use a different $XDG_RUNTIME_DIR, due to the nature of sandboxed applications.

As keepassxc-proxy-access looks up a general Linux $XDG_RUNTIME_DIR at start-up, this needs to be adjusted to work for snap and Flatpak too. https://github.com/purejava/keepassxc-proxy-access/blob/7a8f6ed65f40a9f67e3a262987d5ce0b524c20ad/src/main/java/org/keepassxc/LinuxMacConnection.java#L100-L112

Considered Alternatives

No response

Anything else?

KeePassXC installed as Flatpak package: https://github.com/flathub/org.keepassxc.KeePassXC/blob/83d18532ed41779b1cc0c2861807f3a632bd807a/patch/keepassxc/0003-Flatpak-Support-KeePassXC-Browser-integration.patch#L9-L10

KeePassXC installed as snap package: https://github.com/keepassxreboot/keepassxc/blob/develop/snap/snapcraft.yaml

Hints on how snap handles the $XDG_RUNTIME_DIR: https://forum.snapcraft.io/t/rethinking-how-we-handle-xdg-runtime-dir/22223/3

purejava commented 2 years ago

Some additional information:

Test, if KeePassXC is installed via Flatpak or not:

flatpak info org.keepassxc.KeePassXC
Fehler: org.keepassxc.KeePassXC/*unspecified*/*unspecified* not installed

Installed or not:

which keepassxc

Test, if KeePassXC is installed via snap or not:

snap list keepassxc
Fehler: keine passenden Snaps installiert

Once installed:

which keepassxc
/snap/bin/keepassxc

If KeePassXC is installed side-by-side via snap and natively, which finds the native installation:

which keepassxc
/usr/bin/keepassxc
purejava commented 2 years ago

It has to be considered, that KeePassXC recently changed the handling of the socket file, introduced by KeePassXC release 2.7.2 (see Release notes for KeePassXC 2.7.2, https://github.com/keepassxreboot/keepassxc/pull/8030 and https://github.com/keepassxreboot/keepassxc/issues/8634). The socket file location changed and is symlinked now too.

Unfortunately, KeePassXC misses to delete the socket file, when KeePassXC exists, as this is required for AF_UNIX sockets. The symlink stays on the filesystem too.

This can be illustrated very nicely with the example of Cryptomator. As of today, keepassxc-proxy-access does work with the following combinations:

  KeePassXC < 2.7.2 (repo) KeePassXC 2.7.2+ (repo)
Cryptomator (installed from repo)
Cryptomator (installed from Flathub) ❌ [1]

[1] fails due to https://github.com/cryptomator/cryptomator/issues/2540

  KeePassXC < 2.7.2 (Flathub) KeePassXC 2.7.2+ (Flathub)
Cryptomator (installed from repo)
Cryptomator (installed from Flathub)
    KeePassXC < 2.7.2 (Snap) KeePassXC 2.7.2+ (Snap)
Cryptomator (installed from repo)
Cryptomator (installed from Flathub)
purejava commented 2 years ago

Starting with release 1.2.0 keepassxc-proxy-access connects to KeePassXC installed as a snap or a Flatpak package too. As Cryptomator shows the usage of keepassxc-proxy-access very well, it is chosen as a reference again:

  KeePassXC < 2.7.2 (repo) KeePassXC 2.7.2+ (repo)
Cryptomator (installed from repo)
Cryptomator (installed from Flathub) ❌ [1]

[1] fails due to https://github.com/cryptomator/cryptomator/issues/2540

  KeePassXC < 2.7.2 (Flathub) KeePassXC 2.7.2+ (Flathub)
Cryptomator (installed from repo)
Cryptomator (installed from Flathub)
    KeePassXC < 2.7.2 (Snap) KeePassXC 2.7.2+ (Snap)
Cryptomator (installed from repo)
Cryptomator (installed from Flathub) ❌ [2] ❌ [2]

[2] AFAIK there is no way to access the snap sandbox from within a flatpak sandbox