Index | Thread | Search

From:
Klemens Nanni <kn@openbsd.org>
Subject:
textproc/dialect: use pledge and unveil
To:
ports@openbsd.org
Date:
Wed, 3 Jan 2024 19:48:56 +0000

Download raw body.

Thread 
This is the relaxed version where clicking links in the About window
does open them in your browser.

I personally run without unveil and "proc exec" dropped, meaning a click
on any of those links will abort, but I prefer that trade off.

Either way, all features work just fine without regressions so far in
daily usage (reason why I prefer this internet facing, text and audio
parsing, long running python app to get some seatbelts):

- both Google and Yandex API
- Text-to-Speech
- clipboard handling
- key bindings
- config load/safe (GUI settings persist)
- CLI args, e.g. 'dialect --source de --dest en --text hallo'

Feedback? OK?

Index: Makefile
===================================================================
RCS file: /cvs/ports/textproc/dialect/Makefile,v
diff -u -p -r1.2 Makefile
--- Makefile	3 Jan 2024 01:59:29 -0000	1.2
+++ Makefile	3 Jan 2024 01:59:35 -0000
@@ -3,7 +3,7 @@ V =			2.2.0
 DIST_TUPLE =		github	dialect-app	dialect	${V}	. \
 			github	dialect-app	po	${V}	po
 CATEGORIES =		textproc x11
-REVISION =		0
+REVISION =		1
 
 MAINTAINER =		Klemens Nanni <kn@openbsd.org>
 
@@ -12,6 +12,8 @@ HOMEPAGE =		https://dialectapp.org/
 # GPLv3.0
 PERMIT_PACKAGE =	Yes
 
+# uses pledge() and unveil()
+
 MODULES =		devel/dconf \
 			devel/meson \
 			lang/python
@@ -31,6 +33,7 @@ RUN_DEPENDS =		devel/glib2 \
 			devel/desktop-file-utils \
 			devel/libsoup3 \
 			devel/py-gobject3${MODPY_FLAVOR} \
+			devel/py-openbsd${MODPY_FLAVOR} \
 			multimedia/gstreamer1/core \
 			textproc/py-gTTS${MODPY_FLAVOR} \
 			www/py-beautifulsoup4${MODPY_FLAVOR} \
Index: patches/patch-dialect_main_py
===================================================================
RCS file: patches/patch-dialect_main_py
diff -N patches/patch-dialect_main_py
--- /dev/null	1 Jan 1970 00:00:00 -0000
+++ patches/patch-dialect_main_py	3 Jan 2024 02:06:10 -0000
@@ -0,0 +1,17 @@
+Use pledge(2) and unveil(2)
+
+Index: dialect/main.py
+--- dialect/main.py.orig
++++ dialect/main.py
+@@ -168,6 +168,11 @@ class Dialect(Adw.Application):
+ 
+ 
+ def main():
++    from openbsd import unveil, pledge
++    # Execution just for clicking links in the About window...
++    unveil("/usr/local/libexec/gio-launch-desktop", "rx")
++    unveil("/", "rwc")
++    pledge("stdio rpath wpath cpath inet unix dns sendfd proc exec prot_exec audio drm")
+     # Run the Application
+     app = Dialect()
+     return app.run(sys.argv)