> On March 27, 2012, 2:30 p.m., Thomas Lübking wrote: > > Does the new patch actually *silently* skip move impossible attempts?? > > Excuse my ignorance, but why are system resources actually needed to be > > *moved* anywhere by a random user - what means they're now gone in their > > original location (and for everyone else) > > This does not sound as if the current move has a problem, but the design of > > those private activities has (single user approach -> fix that by logging > > him in as root and watch the project fail ;-) > > Lamarque Vieira Souza wrote: > Yes, the new patch silently skips moving impossible attempts. I tested it > here and we do not need to move the .desktop file to add the app to the > homescreen. Skipping the move seems to fix the other problem described in > #296808, now the containments are not empty after a reboot, I still need to > figure out why this change fixes that problem (debugging nepomuk is not easy > :-/). > > Private activities are intended to protect data from different persons, > not user accounts (like it usually is the case in Linux/Unix). Everybody logs > in using the same non-root account and to access a private activity the > person must authenticate yourself first. The itention is to treat a private > activity as if it is different user account but the kde daemons > (kactivitymanager, nepomuk, kded, contourd, etc) were not designed to > authenticate users so we are resorting to encfs for that. With encfs the > person using the device must supply a password to mount the encrypted folder > and access the private data. One use case for that is a parent that creates a > "Work" activity with data from his/her work, the parent also lends the device > to his/her kids to play and do not want them to mess with his data, so the > parent can mark the activity as private and the kids will not access to the > data. > > We are working on how to decide which data to move to the private folder > and also when move them back to the original place. In this case we do not > need to move .desktop files but moving files is still necessary if the file > is a document created by the user. > > Thomas Lübking wrote: > > kids will not access to the data > except for deleting them (but that is quite OT) > > > I still need to figure out why this change fixes that problem > I'd say non interactive file operations will just exit with an error on a > conflict. > > Anyway, i guess the proper layer to decide which data to > copy/move/symlink is not the general data management but the private activity > creation, where you will likely also want to break/restore file permissions > (eg. if a user dir has been tagged read-only, it's files should still be > moved to the private activity and the former status restored there) > > In general, just silently skipping impossible file operations is imo no > option, because even if you just copied the data instead, it remains in a > pot. public location what may be explicitly not wanted by explicitly > attempting to move the file. > This could (for eg. chmod 500 directories) end up in exposing company > secrets as well as just your kids suddenly stumbling across your FapFolder(tm) > > Lamarque Vieira Souza wrote: > > except for deleting them (but that is quite OT) > Yes, that is possible. > > Well, Plasma Active makes heavy use of nepomuk to hide filesystem > structure, which means there is no easy way for the user to change file > permissions. Hidding filesystem structure is a design decision (made before I > joined the team by the way). We still ship Dolphin with the images but since > it is reduntant compared to active-filebrowser (PA's file manager) I guess it > will be removed in the future. > > I could change the patch to move the file if either the user owns the > parent directory or he/she has write permissions to the parent folder. > > Thomas Lübking wrote: > Is this part of kactivities limited to plasma active? (even if, "hard" is > not "impossible") > > > I could change the patch to move the file if either the user owns the > parent directory or he/she has write permissions to the parent folder. > What i meant is that the patch hooks too deep down - the private activity > creation (any automated file management) should (unless this service is > exclusively used by it) prevent impossible actions and gracefully handle file > permissions towards its intends. > > The point is that *in general* if a file operation fails i'd like to be > informed about that (because it means that either sth. is broken or that i'm > stupid) - scratching that for a particular client usage is wrong. > (let's assume some filemanager *cough* would have used to crash on file > deletes - you would not remove file deletion features from the filesystem to > avoid crashes in that filemanager, would you ;-) > > So either it should happen in the user code or there should be some > weakForcedMove() or whatever function to explicitly work around permissions > and copy in case move is not possible at all and can be used in such special > usercode. > > Just silently skipping filesystem job instructions to prevent error > messages is the wrong solution (because you lie to the user, faking success)
> Is this part of kactivities limited to plasma active? (even if, "hard" is not > "impossible") Hmmm no, it is used in kactivities master branch and is not limited to Plasma Active. Ok, this can be a problem. > The point is that *in general* if a file operation fails i'd like to be > informed about that (because it means that either sth. is broken or that i'm > stupid) - scratching that for a particular client usage is wrong. kactivitymanager uses kio for IO operations and kio comes with dialogs for operation errors such as "permission denied" (this one motivated me to create this patch), "file already exists, do you want to rename it?", etc. So even with this patch you will still get an error dialog if something does wrong. > (let's assume some filemanager *cough* would have used to crash on file > deletes - you would not remove file deletion features from the filesystem to > avoid crashes in that filemanager, would you ;-) No but the problem here is more like "I want to copy this file to a certain folder but the filemanager insists in trying to delete the source file" :-) Deleting the source file is not necessary and is also not what the user wants. kactivitymanager tries to move all resources related to the private activity to the private folder. "Related" here is in nepomuk's definition of related. Although the app is related to the activity (it is on the homescreen of the private activity) it is not an user resource, so it should not be moved. This patch tries to handle that case where the resource is not an user resource then it should not be moved. - Lamarque Vieira ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: http://git.reviewboard.kde.org/r/104417/#review11909 ----------------------------------------------------------- On March 27, 2012, 2:22 p.m., Lamarque Vieira Souza wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > http://git.reviewboard.kde.org/r/104417/ > ----------------------------------------------------------- > > (Updated March 27, 2012, 2:22 p.m.) > > > Review request for KDE Runtime and Plasma. > > > Description > ------- > > When adding an application resource to a private activity kactivitymanager > tries to move the resource's .desktop file to the activity's private folder. > The new .desktop file is created successfully but the source file is not > deleted if the user does not have write permission on the file's directory. > This patch detects such situation and uses copy instead of move to prevent > "permission denied" messages for every resource being added. > > > This addresses bug 296808. > http://bugs.kde.org/show_bug.cgi?id=296808 > > > Diffs > ----- > > service/jobs/nepomuk/Move.h 8a8afd1 > service/jobs/nepomuk/Move.cpp 08a3cc2 > > Diff: http://git.reviewboard.kde.org/r/104417/diff/ > > > Testing > ------- > > Works on Meego devel image. The file is copied and no error message is shown. > > > Thanks, > > Lamarque Vieira Souza > >
