Hi everyone, below you will find the updates from the Desktop team from the last week.
If you’re interested in discussing a topic please start a thread in the Desktop area of Discourse.
We also have our weekly meeting on IRC. We meet on Tuesday at 13:30 UTC in #ubuntu-desktop on Freenode. There will be an “Any Other Business” section at the end where you are welcome to raise topics. These topics might be discussed during the meeting, or afterwards depending on the time, depth of conversation, topic and so on.
PR #5822, implementing support for user session systemd daemons is progressing through review. I got it to a stage where I can demonstrate that user daemons are being started and stopped on snap install/remove via the session agent.
I rebased PR #6258 (the actual dbus activation PR) on current master. The main tasks remaining for this branch are:
adjust to the agreed snap.yaml syntax (changing activate-on to activates-on)
gate behind a feature flag so we can merge before having the feature enabled by default.
require that activates-on only be used with daemons. As well as ensuring we can control their lifecycle, this avoids the use of dbus-daemon-launch-helper, which uses a different config file parser to dbus-daemon.
snapd portals support:
One feature of PR #7588 was to indicate whether the snap has network access, which could in turn be used to restrict access to the org.freedesktop.portal.NetworkMonitor APIs, similar to what happens with Flatpaks. It was pointed out that this was closer to the (currently unusable on classic) network-status interface. I changed the keyfile output from HasNetwork to HasNetworkStatus to indicate this, but still check for the network interface for now.
I put together PR #8215 to make the network-status interface usable on classic. I’ve ripped out the Ubuntu Phone era AppArmor rules since (a) it doesn’t look like anything is using it, and (b) the rules appeared to be broken (they grant access on the system bus, while the indicator-network API was provided on the session bus).
I put together xdg-desktop-portal PR #442 to add AssumedAppArmorLabel keys to the D-Bus service files. This allows snaps to activate the portal service automatically via a method call. This hadn’t shown up previously because the GLib portal integration code uses StartServiceByName, which doesn’t trigger the problem.