blob: 664db5b77110fde3b1e75b8238ac24af9888ddc3 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
|
tracker-xdg-portal-3(1)
=======================
== NAME
tracker-xdg-portal-3 - Portal to Tracker endpoints
== SYNOPSIS
....
tracker-xdg-portal-3 [--version | -v]
....
== DESCRIPTION
This daemon allows access to Tracker endpoints in a controlled manner.
By default access to every service is disallowed, services may be whitelisted
through additional policy in the _.flatpak-info_ file.
When whitelisting services, the policy may define specific graph names to
allow access to, the _default_ keyword to allow access to the default
unnamed graph, or _*_ keyword to allow access to all graphs.
== CONFIGURATION
When interacting with sandboxed clients, the service expects the following format in the _.flatpak-info_ file:
[Policy Tracker3]
dbus:org.example.SparqlEndpoint1=graphA;graphB;default
dbus:org.example.SparqlEndpoint2=*
This will allow access to the endpoints behind the *org.example.SparqlEndpoint1* and *org.example.SparqlEndpoint2* bus names. Only to the *graphA* and *graphB* graph IRIs and the default unnamed graph on the first endpoint, and to all graphs in the second.
This policy can be set when building or running the sandboxed application through the --add-policy option. This can be set via **finish-args** in the flatpak manifest, specified along the build chain in *flatpak-build-finish*(1), or modified at start time with *flatpak-run*(1). For example:
$ flatpak run \
--add-policy=Tracker3.dbus:org.example.SparqlEndpoint1=graphA;graphB;default \
--add-policy=Tracker3.dbus:org.example.SparqlEndpoint2=* \
org.freedesktop.TrackerSandbox
== SEE ALSO
*flatpak-build-finish*(1), *flatpak-override*(1), *flatpak-run*(1)
|