mirror of
https://github.com/keepassxreboot/keepassxc.git
synced 2024-12-28 00:39:43 -05:00
Snap: Improve Web-browser Native Messaging host functionality (#10906)
* Snap: Improve Web-browser Native Messaging host functionality This commit allows for the snap distribution of KeepassXC to self-manage native messaging manifests This is done by making the binary aware of the snapd environment changes that currently prevent this. Furthermore, the snap sandbox is expanded to the bare minimum needed to access these privileged files. Please note if running a self-compiled / untrusted KeepassXC snap build (I.E, installed with --dangerous) that you must manually run `sudo snap connect keepassxc:browser-native-messaging` to grant permissions. This will work on all distributions that expose `/snap/bin/` - such as Ubuntu, Debian, etc. For systems which don't provide `/snap/`, such as Fedora, follow instructions for enabling "Classic" snaps. e.g., `sudo ln -s /var/lib/snapd/snap /snap` --------- Co-authored-by: Jonathan White <support@dmapps.us>
This commit is contained in:
parent
9972b5f531
commit
5f2ee86d72
@ -1186,18 +1186,6 @@ Do you want to overwrite the passkey in %1 - %2?</source>
|
||||
<source>Custom extension ID</source>
|
||||
<translation type="unfinished"></translation>
|
||||
</message>
|
||||
<message>
|
||||
<source>Due to Snap sandboxing, you must run a script to enable browser integration.<br />You can obtain this script from %1</source>
|
||||
<translation type="unfinished"></translation>
|
||||
</message>
|
||||
<message>
|
||||
<source>KeePassXC-Browser is needed for the browser integration to work. <br />Download it for %1 and %2 and %3. %4</source>
|
||||
<translation type="unfinished"></translation>
|
||||
</message>
|
||||
<message>
|
||||
<source>Please see special instructions for browser extension use below</source>
|
||||
<translation type="unfinished"></translation>
|
||||
</message>
|
||||
<message>
|
||||
<source>Executable Files</source>
|
||||
<translation type="unfinished"></translation>
|
||||
@ -1246,6 +1234,10 @@ Do you want to overwrite the passkey in %1 - %2?</source>
|
||||
<source>Allow using localhost with passkeys</source>
|
||||
<translation type="unfinished"></translation>
|
||||
</message>
|
||||
<message>
|
||||
<source>KeePassXC-Browser is needed for the browser integration to work. <br />Download it for %1 and %2 and %3.</source>
|
||||
<translation type="unfinished"></translation>
|
||||
</message>
|
||||
</context>
|
||||
<context>
|
||||
<name>CloneDialog</name>
|
||||
|
@ -10,7 +10,7 @@ apps:
|
||||
command: usr/bin/keepassxc
|
||||
common-id: org.keepassxc.KeePassXC.desktop
|
||||
extensions: [kde-neon]
|
||||
plugs: [home, unity7, network, network-bind, removable-media, raw-usb, password-manager-service]
|
||||
plugs: [home, unity7, network, network-bind, removable-media, raw-usb, password-manager-service, browser-native-messaging]
|
||||
autostart: org.keepassxc.KeePassXC.desktop
|
||||
cli:
|
||||
command: usr/bin/keepassxc-cli
|
||||
@ -21,6 +21,18 @@ apps:
|
||||
extensions: [kde-neon]
|
||||
plugs: [home]
|
||||
|
||||
plugs:
|
||||
browser-native-messaging:
|
||||
interface: personal-files
|
||||
write:
|
||||
- $HOME/.mozilla/native-messaging-hosts/org.keepassxc.keepassxc_browser.json
|
||||
- $HOME/.config/chromium/NativeMessagingHosts/org.keepassxc.keepassxc_browser.json
|
||||
- $HOME/.config/google-chrome/NativeMessagingHosts/org.keepassxc.keepassxc_browser.json
|
||||
- $HOME/.config/microsoft-edge/NativeMessagingHosts/org.keepassxc.keepassxc_browser.json
|
||||
- $HOME/.config/vivaldi/NativeMessagingHosts/org.keepassxc.keepassxc_browser.json
|
||||
- $HOME/.config/BraveSoftware/Brave-Browser/NativeMessagingHosts/org.keepassxc.keepassxc_browser.json
|
||||
- $HOME/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser/TorBrowser/Data/Browser/.mozilla/native-messaging-hosts/org.keepassxc.keepassxc_browser.json
|
||||
|
||||
slots:
|
||||
session-dbus-interface:
|
||||
interface: dbus
|
||||
|
@ -31,23 +31,13 @@ BrowserSettingsWidget::BrowserSettingsWidget(QWidget* parent)
|
||||
m_ui->setupUi(this);
|
||||
|
||||
// clang-format off
|
||||
QString snapInstructions;
|
||||
#if defined(KEEPASSXC_DIST_SNAP)
|
||||
snapInstructions = "<br /><br />" +
|
||||
tr("Due to Snap sandboxing, you must run a script to enable browser integration."
|
||||
"<br />"
|
||||
"You can obtain this script from %1")
|
||||
.arg("<a href=\"https://keepassxc.org/download#linux\">https://keepassxc.org</a>");
|
||||
#endif
|
||||
|
||||
m_ui->extensionLabel->setOpenExternalLinks(true);
|
||||
m_ui->extensionLabel->setText(
|
||||
tr("KeePassXC-Browser is needed for the browser integration to work. <br />Download it for %1 and %2 and %3. %4")
|
||||
tr("KeePassXC-Browser is needed for the browser integration to work. <br />Download it for %1 and %2 and %3.")
|
||||
.arg("<a href=\"https://addons.mozilla.org/firefox/addon/keepassxc-browser/\">Firefox</a>",
|
||||
"<a href=\"https://chrome.google.com/webstore/detail/keepassxc-browser/oboonakemofpalcgghocfoadofidjkkk\">"
|
||||
"Google Chrome / Chromium / Vivaldi / Brave</a>",
|
||||
"<a href=\"https://microsoftedge.microsoft.com/addons/detail/pdffhmdngciaglkoonimfcmckehcpafo\">Microsoft Edge</a>",
|
||||
snapInstructions));
|
||||
"<a href=\"https://microsoftedge.microsoft.com/addons/detail/pdffhmdngciaglkoonimfcmckehcpafo\">Microsoft Edge</a>"));
|
||||
// clang-format on
|
||||
|
||||
m_ui->tabWidget->setEnabled(m_ui->enableBrowserSupport->isChecked());
|
||||
@ -149,16 +139,11 @@ void BrowserSettingsWidget::loadSettings()
|
||||
m_ui->useCustomProxy->setVisible(false);
|
||||
m_ui->customProxyLocation->setVisible(false);
|
||||
m_ui->customProxyLocationBrowseButton->setVisible(false);
|
||||
m_ui->browsersGroupBox->setVisible(false);
|
||||
m_ui->browsersGroupBox->setEnabled(false);
|
||||
m_ui->updateBinaryPath->setChecked(false);
|
||||
m_ui->updateBinaryPath->setVisible(false);
|
||||
// No custom browser for snaps
|
||||
m_ui->customBrowserSupport->setVisible(false);
|
||||
m_ui->customBrowserGroupBox->setVisible(false);
|
||||
// Show notice to user
|
||||
m_ui->messageWidget->showMessage(tr("Please see special instructions for browser extension use below"),
|
||||
MessageWidget::Warning);
|
||||
#endif
|
||||
#ifdef KEEPASSXC_DIST_FLATPAK
|
||||
// The sandbox makes custom proxy locations very unintuitive
|
||||
|
@ -226,6 +226,16 @@ QString NativeMessageInstaller::getNativeMessagePath(SupportedBrowsers browser)
|
||||
} else {
|
||||
basePath = QDir::homePath() + "/.config";
|
||||
}
|
||||
#elif defined(KEEPASSXC_DIST_SNAP)
|
||||
// Same as Flatpak above, with the exception that Snap also redefines $HOME
|
||||
// Therefore we must explicitly reference $SNAP_REAL_HOME
|
||||
if (browser == SupportedBrowsers::TOR_BROWSER) {
|
||||
basePath = qEnvironmentVariable("SNAP_REAL_HOME") + "/.local/share";
|
||||
} else if (browser == SupportedBrowsers::FIREFOX) {
|
||||
basePath = qEnvironmentVariable("SNAP_REAL_HOME");
|
||||
} else {
|
||||
basePath = qEnvironmentVariable("SNAP_REAL_HOME") + "/.config";
|
||||
}
|
||||
#elif defined(Q_OS_LINUX) || (defined(Q_OS_UNIX) && !defined(Q_OS_MACOS))
|
||||
if (browser == SupportedBrowsers::TOR_BROWSER) {
|
||||
basePath = QStandardPaths::writableLocation(QStandardPaths::GenericDataLocation);
|
||||
@ -296,6 +306,8 @@ QString NativeMessageInstaller::getInstalledProxyPath() const
|
||||
path = QProcessEnvironment::systemEnvironment().value("APPIMAGE");
|
||||
#elif defined(KEEPASSXC_DIST_FLATPAK)
|
||||
path = constructFlatpakPath();
|
||||
#elif defined(KEEPASSXC_DIST_SNAP)
|
||||
path = "/snap/bin/keepassxc.proxy";
|
||||
#else
|
||||
path = QCoreApplication::applicationDirPath() + QStringLiteral("/keepassxc-proxy");
|
||||
#ifdef Q_OS_WIN
|
||||
|
Loading…
Reference in New Issue
Block a user