opensnitch: Add at v1.6.7 #4783
Conversation
uni-dos
force-pushed
the
opensnitch
branch
9 times, most recently
from
c78cdb0 to
e231295
Compare
|
I did a quick ripgrep for /etc/opensnitchd and updated the locations. Hopefully that was all of them. |
|
Almost there. Just changing the locations isn't enough; we want users to be able to copy the default configs to |
|
Ah got it. I am not familiar with go but Ill give it a shot |
**Summary** - add python-qt-material a dependecy of opensnitch
|
Not my best work but I think it's done. /etc/rules is created when running opensnitch since these are user preferences. Not sure if the directory will be created each time though. |
EbonJaeger
added
the
Topic: Sync Notes
|
Hm I should have clicked Comment instead of Request Changes. Oops. |
|
About the /etc/rules. I did not make sense to me that the rules directory should be in /usr/ because these will be created by the user and not Solus itself. |
|
An issue I just experienced is that the /etc/opensnitchd/rules is not being created |
**Summary** - adds opensnitch a firewall inspired by Little Snitch
| if args.socket == None: | ||
| # default | ||
| - args.socket = "unix:///tmp/osui.sock" | ||
| + args.socket = "unix:///run/user/1000/opensnitch/osui.sock" |
There was a problem hiding this comment.
I think (haven't checked) this should use $XDG_RUNTIME_DIR instead of hardcoding the UID.
| - c.file = "/etc/opensnitchd/system-fw.json" | ||
| + _, fileErr := os.Stat("/etc/opensnitchd/system-fw.json") | ||
| + | ||
| + if fileErr == nil { | ||
| + c.file = "/etc/opensnitchd/system-fw.json" | ||
| + } else { | ||
| + c.file = "/usr/share/defaults/etc/opensnitchd/system-fw.json" | ||
| + } |
There was a problem hiding this comment.
This should probably only catch fs.ErrNotExist to make things like permission issues more obvious. That also allows you to invert the if-statement making the patch cleaner:
| - c.file = "/etc/opensnitchd/system-fw.json" | |
| + _, fileErr := os.Stat("/etc/opensnitchd/system-fw.json") | |
| + | |
| + if fileErr == nil { | |
| + c.file = "/etc/opensnitchd/system-fw.json" | |
| + } else { | |
| + c.file = "/usr/share/defaults/etc/opensnitchd/system-fw.json" | |
| + } | |
| c.file = "/etc/opensnitchd/system-fw.json" | |
| + | |
| + if _, err := os.Stat(c.file); errors.Is(err, fs.ErrNotExist) { | |
| + c.file = "/usr/share/defaults/etc/opensnitchd/system-fw.json" | |
| + } | |
| + |
| + | ||
| +func userConfigExists() (string) { | ||
| + _, err := os.Stat("/etc/opensnitchd/default-config.json") | ||
| + if err == nil { |
There was a problem hiding this comment.
Same:
| + if err == nil { | |
| + if !errors.Is(fs.ErrNotExist) { |
|
|
||
| +func userConfigExists() (string) { | ||
| + _, err := os.Stat("/etc/opensnitchd/default-config.json") | ||
| + if err == nil { |
There was a problem hiding this comment.
| + if err == nil { | |
| + if !errors.Is(err, fs.ErrNotExist) { |
| logUTC = true | ||
| logMicro = false | ||
| rulesPath = "/etc/opensnitchd/rules/" | ||
| - configFile = "/etc/opensnitchd/default-config.json" |
There was a problem hiding this comment.
Why not simply change this line to configFile = userConfigExists()?
| + os.MkdirAll("/etc/opensnitchd/rules", 755) | ||
| + |
There was a problem hiding this comment.
I would remove this in favour of the systemd unit.
Summary
Test Plan
Checklist
Resolves #289