From ee48355b9fd36ec9a9370ac64423894b4495c36c Mon Sep 17 00:00:00 2001 From: erik Date: Wed, 31 Aug 2022 15:03:31 +0200 Subject: [PATCH] [skip-ci] Allow execution of gopass_wrapper.sh Firefox wasn't allowed to execute the gopass_wrapper.sh in Ubuntu 22.04. Explicitly adding it to the Apparmor firefox profile solves this. Lower jsonApiVersion. --- .../desktop/infrastructure/GopassBridge.kt | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/src/main/kotlin/org/domaindrivenarchitecture/provs/desktop/infrastructure/GopassBridge.kt b/src/main/kotlin/org/domaindrivenarchitecture/provs/desktop/infrastructure/GopassBridge.kt index edabfb9..2515e6b 100644 --- a/src/main/kotlin/org/domaindrivenarchitecture/provs/desktop/infrastructure/GopassBridge.kt +++ b/src/main/kotlin/org/domaindrivenarchitecture/provs/desktop/infrastructure/GopassBridge.kt @@ -2,12 +2,14 @@ package org.domaindrivenarchitecture.provs.desktop.infrastructure import org.domaindrivenarchitecture.provs.framework.core.Prov import org.domaindrivenarchitecture.provs.framework.core.ProvResult +import org.domaindrivenarchitecture.provs.framework.ubuntu.filesystem.base.addTextToFile import org.domaindrivenarchitecture.provs.framework.ubuntu.filesystem.base.createDir import org.domaindrivenarchitecture.provs.framework.ubuntu.filesystem.base.createDirs import org.domaindrivenarchitecture.provs.framework.ubuntu.filesystem.base.userHome import org.domaindrivenarchitecture.provs.framework.ubuntu.install.base.aptInstall import org.domaindrivenarchitecture.provs.framework.ubuntu.install.base.isPackageInstalled import org.domaindrivenarchitecture.provs.framework.ubuntu.web.base.downloadFromURL +import java.io.File fun Prov.downloadGopassBridge() = task { @@ -69,12 +71,27 @@ fun Prov.installGopassBridgeJsonApi() = task { } } +fun Prov.enableGopassWrapperShForFirefox() = task { + + val appArmorFile = File("/etc/apparmor.d/usr.bin.firefox") + + if (appArmorFile.exists()) { + addTextToFile( + "owner @{HOME}/.config/gopass/gopass_wrapper.sh ux", + appArmorFile, + sudo = true + ) + } + + cmd("systemctl reload apparmor", sudo = true) +} fun Prov.configureGopassBridgeJsonApi() = task { if (isPackageInstalled("gopass-jsonapi")) { // configure for firefox and choose default for each: // "Install for all users? [y/N/q]", // "In which path should gopass_wrapper.sh be installed? [/home/testuser/.config/gopass]" // "Wrapper Script for gopass_wrapper.sh ..." + enableGopassWrapperShForFirefox() cmd("printf \"\\n\\n\\n\" | gopass-jsonapi configure --browser firefox") } else { ProvResult(