Session bus access for forwarding desktop notifications

Hi! I’m developing WatchMate (a companion app for PineTime smartwatch). Recently I added a feature to forward desktop notifications to the watch. But this feature requires monitoring session bus to intercept org.freedesktop.Notifications calls, hence needs --socket=session-bus permission.

Is it strictly forbidden on flathub? Is asking users to give this permission manually my best option?

No, this is not forbidden, but you need a legitimate reason (e.g. a D-Bus Debugger) to give it your App this Permission. If your App does not work with fewer Permissions, like --talk=org.freedesktop.Notifications (I don’t know details about this Interface), you can do this. Make sure to add a exception for your App here.

1 Like

Thank you!

It needs full session bus permission because it uses org.freedesktop.DBus.Monitoring.BecomeMonitor interface, so that it could listen what other apps send via org.freedesktop.Notifications interface. Afaik, there’s no better way to implement such functionality via Freedesktop APIs (if there is, I’d be very happy to re-implement it). --talk=org.freedesktop.Notifications would allow my app to send notifications, but not to read others.

For now I released it without --socket=session-bus, and just show an error message asking for manual permission grant if the user tries to enable notifications (screenshot). Given that the notification forwarding is not an essential feature of the app, and that full session-bus access is such a coarse-grained permission, I actually think it’s a very reasonable default. If users are unhappy about it, I’ll make a PR with elaborated exception to the repo you linked. Thank you!