-
Notifications
You must be signed in to change notification settings - Fork 556
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
New profile: Quodlibet #3983
New profile: Quodlibet #3983
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good so far, some nitpicks and future hardening suggestion below.
It should also be added to firecfg.config so that firecfg creates symlinks for it.
noblacklist ${HOME}/.cache/quodlibet | ||
noblacklist ${HOME}/.config/quodlibet | ||
noblacklist ${HOME}/.quodlibet |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Add blacklist
s in disable-programs.inc
add read-only ${HOME} ? Breaks pulseaudio, remove. Does it need D-Bus access or can be add dbus-user none? |
Sorry, I don't know how to use sort.py :( |
However this gave me the idea to print the fixed lines when running in the check in GitHub Actions, so everyone can just copy it from there if they can't use it for any reasons. PR will come. |
Thanks. |
More a reminder note than anything else. We already have a profile for exfalso, which is part of the quodlibet sources IIRC. In that context it might be worthwhile to consider refactoring this (or exfalso.profile) as a |
Hello, |
@Bundy01 Great! Take your time. I've been using exfalso for ages and can always test from this side to assist. |
I would like to add |
Can you show us what you've put together already? Sidenote: |
Quodlibet is written in python. We can not add |
Ok, so much for
|
|
etc/profile-m-z/quodlibet.profile
Outdated
mkdir ${HOME}/.config/quodlibet | ||
mkdir ${HOME}/.quodlibet | ||
|
||
whitelist ${MUSIC} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
whitelist ${MUSIC} | |
whitelist ${MUSIC} | |
whitelist ${DOWNLOADS} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I liked the idea of allowing only the MUSIC folder, but I'll make the changes.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I remarked it because exfalso had it, and without it we break something that was working w/o significant security win. Alternative we could add/keep whitelist ${DOWNLOADS}
only in exfalso.
private-bin exfalso,python* | ||
private-cache | ||
private-dev | ||
private-etc alternatives,fonts,group,passwd |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The private-etc that is included from quodlibet.profile does not have group
and passwd.
Did you test exfalso with these removed? If not we should keep this line intact.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi,
for private-etc, I quickly tested exfalso without any apparent problem, hence my modification. If I need to, I can add the problem line.
Is there anything else to expect because I would like it to be the last PR :)
Thanks for the answer.
@rusty-snake: |
etc/profile-m-z/quodlibet.profile
Outdated
mkdir ${HOME}/.quodlibet | ||
|
||
whitelist ${MUSIC} | ||
whitelist ${DOWNLOADS} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Put whitelist ${DOWNLOADS} above whitelist ${MUSIC} to keep things alphabetically ordered.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
See my newly added comments.
Hi, Edit: the output of the command: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just some blank lines.
I was not able to use sort.py with the command:
python3 /path/to/sort.py /path/to/profile
:(
What was the error? What shows python3 --version
? However the sort.py CI is passing for your latest commit.
etc/profile-m-z/quodlibet.profile
Outdated
|
||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
remove both, don't know why only shows 31 in the suggestion.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@rusty-snake: Do you suggest I remove the space between mkdir
and whitelist
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yes.
Do it now or I merge it anyway.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Unblocking this so it can be merged when @rusty-snake is happy with it. We can always work out any kinks later.
@glitsj16 FYI you can dismiss your review if you don't want to block a PR but also don't want to approve it. |
merged, thanks. |
@rusty-snake Aha, I didn't see that option. Good to know, thanks for the info! Glad to see this merged, now I can start to double-check all my local overrides for exfalso. Thanks @Bundy01 for pursuing this! |
No description provided.