superrob1500
/
mirror-ghostty
mirror of https://github.com/ghostty-org/ghostty
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

flatpak: Add --device=all permission (#7401) 

Without --device=all, the sandbox gets a dedicated PTY namespace.
Commands run on the host via the HostCommand D-Bus interface receive the
file descriptors from the namespaced PTY but cannot determine its path
via ttyname(3). This breaks commands like tty(1), ps(1) and
emacsclient(1).

Add --device=all so the host PTY namespace is used when allocating TTYs.
Applications with access to org.freedesktop.Flatpak can already give
themselves arbitrary permissions, so the sandboxing benefits of
restricted device access are limited. For terminal emulators, the
consistency provided by a cross-distribution runtime and ability to
distribute directly to users is the primary benefit of shipping as a
Flatpak rather than sandboxing.
pull/7408/head
Mitchell Hashimoto 2025-05-19 21:46:06 -07:00 committed by GitHub
parent e2df9fa759 ae095d2262
commit 362d026dba
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
flatpak/com.mitchellh.ghostty.Devel.yml
View File

@ -14,6 +14,8 @@ desktop-file-name-suffix: " (Devel)"
finish-args: finish-args:
# 3D rendering # 3D rendering
- --device=dri - --device=dri
# use host PTS namespace
- --device=all
# Windowing # Windowing
- --share=ipc - --share=ipc
- --socket=fallback-x11 - --socket=fallback-x11

2
flatpak/com.mitchellh.ghostty.yml
View File

@ -9,6 +9,8 @@ command: ghostty
finish-args: finish-args:
# 3D rendering # 3D rendering
- --device=dri - --device=dri
# use host PTS namespace
- --device=all
# Windowing # Windowing
- --share=ipc - --share=ipc
- --socket=fallback-x11 - --socket=fallback-x11