Since the go-onlineaccounts bug task was added, I guess we are also
tracking the problems with scopes here too.
In my investigations last week, I came to the conclusion that the
problems were not limited to the Go scopes, but instead affected all
scopes running under confinement.
After digging in a bit, it isn't clear how it can be fixed without
changes to the online accounts API. The way the online accounts
integration for scopes works is:
1. the scope starts a signin session for the account service with the
"no interaction" flag set. If no token can be retrieved (either because
no account is available, or because the token isn't available), it will
push a result with a special login button.
2. When the special result is clicked by the user, the dash will
initiate the account creation process with the
OnlineAccountsClient::Setup class.
3. If the account is successfully created, the dash refreshes the
scope's results. The scope starts another signin session and finds the
new token and displays personalised results.
>From my understanding, this breaks down because it is the dash's
AppArmor label (which I guess would be unconfined) that gets added to
the ACL for the account service. What would be needed here would be
some kind of API the dash could use to ask for a second AppArmor label
to be added to the ACL.
** Changed in: go-onlineaccounts
Status: Triaged => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1376445
Title:
Addition of signon-apparmor-extension causes token lookup problems
To manage notifications about this bug go to:
https://bugs.launchpad.net/go-onlineaccounts/+bug/1376445/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
