Hello, I developed Qocker few weeks/months ago and I finish the flatpak packaging but I’m facing issue in build lint because I need my application to have access to Docker socket
$ flatpak run --command=flatpak-builder-lint org.flatpak.Builder manifest ./flatpak/sa.sy.qocker.json
F: Not sharing "/usr/share/icons" with sandbox: Path "/usr" is reserved by Flatpak
{
"errors": [
"finish-args-arbitrary-dbus-access"
],
"info": [
"finish-args-arbitrary-dbus-access: finish-args has socket access to full system or session bus"
],
"message": "Please consult the documentation at https://docs.flathub.org/docs/for-app-authors/linter"
}
I’d say that’s what the review process is for. You start the discussion by reasonable explaining why you need the exception.
I’m not doing any reviews, so I can’t say anything for sure:
But the linter isn’t complaining about the docker socket, it’s complaining about the session-bus. I suspect you’ll be asked what exactly you need it for & why you aren’t limiting it:
finish-args-arbitrary-dbus-access
Exceptions allowed: Yes, on a case-by-case basis
The finish-args in the manifest has --socket=session-bus or --socket=system-bus.
This must not be used except for very specific cases. Please follow the Flatpak permission guide for more information and find out the specific DBus names required using --log-session-bus.
Other applications interacting with docker don’t require it.