Ubuntu
telepathy-mission-control-5 package

Add support for purple-telegram (telepathy-haze)

Bug #1708375 reported by Khurshid Alam on 2017-08-03

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	telepathy-mission-control-5 (Ubuntu)	Confirmed	Undecided	Unassigned

Bug Description

When using purple telegram through telepathy-haze, it requires following permissions:

    # for purple telegram
    /etc/telegram-purple/server.tglpub r,
    /usr/lib/purple-2*/ r,
    /usr/lib/purple-2/*.so mr,
    /usr/share/locale/*/LC_MESSAGES/*.mo r,
    /usr/share/pixmaps/pidgin/protocols/{16,32,48}/*.png r,
    @{HOME}/.purple/telegram-purple/** rw,
    @{HOME}/.telegram-purple/** rw,

under /usr/lib/telepathy/telepathy-* section. See issue https://github.com/majn/telegram-purple/issues/346 for more details.

I have attached the necessary patch

Tags:

Revision history for this message

Khurshid Alam (khurshid-alam) wrote on 2017-08-03:

telepathy-purple.patch Edit (581 bytes, text/x-diff)

Revision history for this message

bewied (benwiederhake-github) wrote on 2017-08-03:

I did some work on telegram-purple.

- I don't understand the line `/usr/lib/purple-2*/`. Is the asterisk misplaced, or does telepathy-haze truly create directories with unpredictable names in `/usr/lib/`?
- Heads up: `/etc/telegram-purple/server.tglpub` can be removed once we release 1.4.0. (But doesn't hurt either.)
- telegram-purple is supposed to detect telepathy, and avoid the path `@{HOME}/.purple/telegram-purple/`. Was it really necessary? Please open a bug report and tell us what's in the directory. Was it just "to make sure"? Oh well, doesn't hurt, but shouldn't be necessary either.

Revision history for this message

Khurshid Alam (khurshid-alam) wrote on 2017-08-03:

> - I don't understand the line `/usr/lib/purple-2*/`.

You are right. Telegram-purple only creates /usr/lib/purple-2/, so asterix can be removed. In fact I think we don't need "/usr/lib/purple-2*/ r", as "/usr/lib/purple-2/*.so mr", will do the job.

> telegram-purple is supposed to detect telepathy, and avoid the path `@{HOME}/.purple/telegram-purple/`. Was it really necessary?

It should but it doesn't at the moment.

And yes, it is necessary with 1.3.x. The plugin stores data after authentication in either @{HOME}/.purple/telegram-purple/ or @{HOME}/.telegram-purple/ depending on plugin version number. So telepathy-haze would require read/write access to that folder, otherwise apparmor give access-denied and users have to re-authenticate each time after opening the client (empathy).

I will update the patch. Thanks.

Revision history for this message

Khurshid Alam (khurshid-alam) wrote on 2017-08-07:

telepathy-purple.patch Edit (613 bytes, text/plain)

Updated

Changed in telepathy-mission-control-5 (Ubuntu):
status:	New → Confirmed

Revision history for this message

Ubuntu Foundations Team Bug Bot (crichton) wrote on 2017-08-08:

The attachment "telepathy-purple.patch" seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.]

Revision history for this message

Khurshid Alam (khurshid-alam) wrote on 2017-09-23:

telepathy-purple.patch Edit (613 bytes, text/plain)

Patch updated

Revision history for this message

Khurshid Alam (khurshid-alam) wrote on 2018-03-23:

I have updated the patch. Is there anything else needed for this?

tags:

added: bionic
removed: artful

Khurshid Alam (khurshid-alam) on 2018-06-18

tags:

added: cosmic
removed: bionic

Revision history for this message

Sebastien Bacher (seb128) wrote on 2018-07-03:

Subscribing the security team to get their input since that changes the apparmor profile

Revision history for this message

Khurshid Alam (khurshid-alam) wrote on 2018-10-01:

telepathy-purple.patch Edit (595 bytes, text/plain)

Updated the patch as quilt patch

Revision history for this message

Jamie Strandboge (jdstrand) wrote on 2018-10-01:

#10

I recommend changing these to be:

    # for purple telegram
    /etc/telegram-purple/server.tglpub r,
    /usr/lib/purple-2/*.so mr,
    /usr/share/locale/*/LC_MESSAGES/*.mo r,
    /usr/share/pixmaps/pidgin/protocols/{16,32,48}/*.png r,
    owner @{HOME}/.telegram-purple/ rw,
    owner @{HOME}/{,.purple/}telegram-purple/** rw,