search

twpayne / chezmoi

Manage your dotfiles across multiple diverse machines, securely.
https://www.chezmoi.io/
MIT License
13.51k stars 494 forks source link

Support for keepassxc-cli from Flatpak #4110

Open lwbt opened 2 days ago

lwbt commented 2 days ago

What exactly are you trying to do?

I use the KeepassXC Flatpak and want to configure Chezmoi to use the included keepassxc-cli.

$ chezmoi doctor
info      keepassxc-command           keepassxc-cli not found in $PATH

$ flatpak run --command=keepassxc-cli org.keepassxc.KeePassXC --version
2.7.9

What have you tried so far?

Create wrapper script:

echo -e '#!/bin/bash\nflatpak run --command=keepassxc-cli org.keepassxc.KeePassXC' > ~/.local/bin/keepassxc-cli
chmod -v +x ~/.local/bin/keepassxc-cli

$  chezmoi doctor
[...]
warning   keepassxc-command           found ~/.local/bin/keepassxc-cli, cannot parse version from Usage: keepassxc-cli [options] command

echo -e '#!/bin/bash\nflatpak run --command=keepassxc-cli org.keepassxc.KeePassXC -- ' > ~/.local/bin/keepassxc-cli
chmod -v +x ~/.local/bin/keepassxc-cli

# Same result

# Cleanup
rm -v ~/.local/bin/keepassxc-cli

Configure to use Flatpak directly:

$  chezmoi config
--- config ---
[keepassxc]
    command = "flatpak"
    args = ["run", "--command=keepassxc-cli", "org.keepassxc.KeePassXC", "--"]
---

$  chezmoi init

$  chezmoi doctor
[...]
warning   keepassxc-command           found /usr/bin/flatpak, cannot parse version from Flatpak 1.14.6

$ flatpak run --command=keepassxc-cli org.keepassxc.KeePassXC --version
2.7.9
$ flatpak --version
Flatpak 1.14.6

It looks like we are almost there, just that the code does not expect what we are doing here.

Where else have you checked for solutions?

Output of any commands you've tried with --verbose flag

$ chezmoi --verbose $COMMAND

Output of chezmoi doctor

```console $ chezmoi doctor RESULT CHECK MESSAGE ok version v2.54.0, commit 92f8a9854bc9a234b937dab2f7d75764efdc0e80, built at 2024-11-09T19:56:50Z, built by goreleaser ok latest-version v2.54.0 ok os-arch linux/amd64 (Ubuntu 24.04.1 LTS (Noble Numbat)) ok uname Linux za31 6.8.0-48-generic #48-Ubuntu SMP PREEMPT_DYNAMIC Fri Sep 27 14:04:52 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux ok go-version go1.23.3 (gc) ok executable ~/.local/bin/chezmoi ok upgrade-method replace-executable ok config-file ~/.config/chezmoi/chezmoi.toml, last modified 2024-11-29T19:42:19+01:00 warning source-dir ~/.local/share/chezmoi is a git working tree (dirty) ok suspicious-entries no suspicious entries warning working-tree ~/.local/share/chezmoi is a git working tree (dirty) ok dest-dir ~ is a directory ok umask 002 ok cd-command found /bin/bash ok cd-args /bin/bash ok diff-command found ~/.local/bin/difft ok edit-command found /usr/bin/vim ok edit-args /usr/bin/vim ok git-command found /usr/bin/git, version 2.43.0 ok merge-command found /usr/bin/vimdiff ok shell-command found /bin/bash ok shell-args /bin/bash info age-command age not found in $PATH ok gpg-command found /usr/bin/gpg, version 2.4.4 ok pinentry-command found /usr/bin/pinentry, version 1.2.1 info 1password-command op not found in $PATH info bitwarden-command bw not found in $PATH info bitwarden-secrets-command bws not found in $PATH info dashlane-command dcli not found in $PATH info doppler-command doppler not found in $PATH info gopass-command gopass not found in $PATH warning keepassxc-command found ~/.local/bin/keepassxc-cli, cannot parse version from Usage: keepassxc-cli [options] command KeePassXC command line interface. Available commands: add Add a new entry to a database. analyze Analyze passwords for weaknesses and problems. attachment-export Export an attachment of an entry. attachment-import Imports an attachment to an entry. attachment-rm Remove an attachment of an entry. clip Copy an entry's attribute to the clipboard. close Close the currently opened database. db-create Create a new database. db-edit Edit a database. db-info Show a database's information. diceware Generate a new random diceware passphrase. edit Edit an entry. estimate Estimate the entropy of a password. export Exports the content of a database to standard output in the specified format. generate Generate a new random password. help Display command help. import Import the contents of an XML database. ls List database entries. merge Merge two databases. mkdir Adds a new group to a database. mv Moves an entry to a new group. open Open a database. rm Remove an entry from the database. rmdir Removes a group from a database. search Find entries quickly. show Show an entry's information. Options: --debug-info Displays debugging information. -h, --help Displays help on commandline options. --help-all Displays help including Qt specific options. -v, --version Displays version information. Arguments: command Name of the command to execute. ok keepassxc-db ~/Documents/KeePass/keepass-lwbt-private.kdbx is a file info keeper-command keeper not found in $PATH info lastpass-command lpass not found in $PATH info pass-command pass not found in $PATH info passhole-command ph not found in $PATH info rbw-command rbw not found in $PATH info vault-command vault not found in $PATH info vlt-command vlt not found in $PATH info secret-command not set ```

Additional context

This may affect other users who try to use and configure other apps in Chezmoi packaged as Flatpak. Immutable distributions like Steam OS (stronger) and Fedora Silverblue (weaker) encourage using Flatpak instead of traditional package management.

halostatue commented 2 days ago

Your wrapper script is the correct approach to this but your wrappers scripts appear to be incorrect — they do not pass parameters. Your second one is better, but still needs some work:

#!/bin/bash

flatpack run --command=keepassxc-cli org.keepassxc.KeePassXC -- "$@"

You may require additional flags for some flatpak programs (see #4085) that you might use due to security considerations.

twpayne commented 2 days ago

Thanks for the thorough report!

It looks like we are almost there, just that the code does not expect what we are doing here.

There are a couple of things that are preventing this from working:

Configure to use Flatpak directly: ...

$  chezmoi config
--- config ---
[keepassxc]
    command = "flatpak"
    args = ["run", "--command=keepassxc-cli", "org.keepassxc.KeePassXC", "--"]
---
$  chezmoi doctor
[...]
warning   keepassxc-command           found ~/.local/bin/keepassxc-cli, cannot parse version from Usage: keepassxc-cli [options] command

The problem here is that chezmoi doctor is not using keepassxc.args when running keepassxc-cli --version, this is a bug in chezmoi.

Edit: @halostatue's wrapper script solution is better, edit to remove mine.

lwbt commented 2 days ago

... Your second one is better, but still needs some work:

#!/bin/bash

flatpack run --command=keepassxc-cli org.keepassxc.KeePassXC -- "$@"

You may require additional flags for some flatpak programs (see #4085) that you might use due to security considerations.

You are right, I had a bash alias in mind (which would not work here) while writing this and forgot that I need to pass the parameters. Thank you.

halostatue commented 2 days ago

The problem here is that chezmoi doctor is not using keepassxc.args when running keepassxc-cli --version, this is a bug in chezmoi.

I’m not sure that's a bug. Not all commands allow --version to be used when other parameters are provided (or print errors when other parameters are provided with --version).

I think that there's a possible argument for supporting flatpak in chezmoi command runners:

[keepassxc]
command = "keepassxc-cli"
flatpak = true

With this, chezmoi would internally transform that command to flatpak --command=keepassxc-cli …. This would also allow chezmoi to do something like providing the --user flag as noted for vscodium.

I don't think that this is something that should be supported for all command installers and runners (e.g., I don't see a reason to support mise run keepassxc if that were in the mise registry), but flatpak is being pushed very hard by RedHat. I would not be able to help with this as I don't use Linux by default.

KapJI commented 2 days ago

I think having such support for flatpak is excessive and just passing user defined arguments to every invocation is enough.

halostatue commented 2 days ago

I think having such support for flatpak is excessive and just passing user defined arguments to every invocation is enough.

I don't really disagree, even though I suggested adding it above. However as this issue suggests, there are issues with chezmoi doctor with the user defined command and arguments when there are wrappers.

There is a part of me that thinks it would be good to add a "recipes" section to the documentation that captures solutions like this.