ubuntu-appstore-developers team mailing list archive

[Jamie Strandboge <jamie@xxxxxxxxxxxxx>]

On 08/15/2013 02:52 PM, Ted Gould wrote:
>> If we decide to keep both, then we would want to update click-hook to use a
>> wrapper around aa-exec to prepare the sandbox environment[1]. Attached is
>> aa-exec-click that we could use for this. My thought is that I add aa-exec-click
>> to click-apparmor, then click-hook is adjusted to use aa-exec-click instead.
> 
> We were trying to avoid having a shell script that everyone went through to
> launch applications if possible.  I'm not sure if that's a real requirement, but
> more of a nice to have, to make it all easier to understand.  So the Exec line
> that we're creating in the upstart-app-launch desktop hook does create an Exec
> line that is targetted at other desktops.  Mine is this for instance:
> 
>     Exec=aa-exec -p com.ubuntu.calendar_calendar_0.4 -- qmlscene calendar.qml
> 
Ah, I missed that, nice. Note that aa-exec is currently interpreted-- it's a
perl script. We have code for a C version already. aa-exec-click could also be
compiled at some point.

> I think the big difference there is that we're not setting all the environment
> variables the same way.  It ends up confined, but we don't guarantee the sanity
> of the environment.

Right, so maybe you can use aa-exec-click in your generated .desktop file. :)


> I don't think that we need both desktop hooks though.  We need to decide how we
> want the desktop file exec line to look in the end.

Sure, you've already got the .desktop file. Perhaps for the time being
upstart-app-launch-desktop could be changed to aa-exec-click. I need to decide
where to put it though....

-- 
Jamie Strandboge                 http://www.ubuntu.com/