From 0b506ac67c33939732bdd91d39a8a632bcbe0841 Mon Sep 17 00:00:00 2001 From: sommerfeld Date: Thu, 14 May 2026 10:58:38 +0100 Subject: refactor(snxctl-chromium): drop daemon drop-in, override snxctl's PATH snx-rs.service is a system unit, not --user, so the prior approach of overriding the daemon's PATH via a systemd drop-in could never apply. And it wasn't needed anyway: snxctl itself runs opener::open(url) in-process, so prepending the shim dir to snxctl's PATH is enough. - Drop dot_config/systemd/user/snx-rs.service.d/10-chromium-saml.conf. - snxctl-chromium now just sets PATH and exec's snxctl connect. - xdg-open shim no longer forces --new-window so chromium can reuse a warm window (faster SAML round-trip). --- dot_local/bin/executable_snxctl-chromium | 36 +++++++++----------------------- 1 file changed, 10 insertions(+), 26 deletions(-) mode change 100644 => 100755 dot_local/bin/executable_snxctl-chromium (limited to 'dot_local/bin/executable_snxctl-chromium') diff --git a/dot_local/bin/executable_snxctl-chromium b/dot_local/bin/executable_snxctl-chromium old mode 100644 new mode 100755 index d52ddfb..c97b026 --- a/dot_local/bin/executable_snxctl-chromium +++ b/dot_local/bin/executable_snxctl-chromium @@ -1,37 +1,21 @@ #!/bin/sh # snxctl-chromium: `snxctl connect` with the flatpak ungoogled-chromium as # the SAML browser. Bypasses LibreWolf's loopback HTTPS-upgrade + LNA block -# that prevent snx-rs's 127.0.0.1:7779 SAML callback from completing. +# that stop snx-rs's 127.0.0.1:7779 SAML callback from completing. # -# How it works -# ------------ -# A tracked drop-in -# (~/.config/systemd/user/snx-rs.service.d/10-chromium-saml.conf) prepends -# ~/.local/share/snx-rs/bin to the daemon's PATH. That directory contains -# an `xdg-open` shim that flatpak-runs ungoogled-chromium. snx-rs uses the -# `opener` crate which spawns `xdg-open` — the shim wins. -# -# This script just makes sure the daemon picks up the override (it only -# loads Environment= at start time, so a freshly-edited drop-in needs a -# daemon-reload + service restart) and then runs `snxctl connect`. +# snxctl runs `opener::open(url)` in-process; opener on Linux execs +# `xdg-open` first. We prepend a private bin dir containing only an +# `xdg-open` shim that flatpak-runs ungoogled-chromium. No daemon +# tweaks needed — the override is scoped to this snxctl invocation. set -eu -SERVICE=snx-rs.service +SHIM_DIR="$HOME/.local/share/snx-rs/bin" -if ! systemctl --user cat "$SERVICE" >/dev/null 2>&1; then - printf '%s: %s is not a known user unit; aborting.\n' "${0##*/}" "$SERVICE" >&2 +if [ ! -x "$SHIM_DIR/xdg-open" ]; then + printf '%s: missing xdg-open shim at %s\n' "${0##*/}" "$SHIM_DIR/xdg-open" >&2 exit 1 fi -current_path=$(systemctl --user show -p Environment --value "$SERVICE") -case "$current_path" in - *"$HOME/.local/share/snx-rs/bin"*) ;; - *) - echo "${0##*/}: applying chromium SAML drop-in (daemon-reload + restart)…" >&2 - systemctl --user daemon-reload - systemctl --user restart "$SERVICE" - sleep 1 - ;; -esac - +PATH="$SHIM_DIR:$PATH" +export PATH exec snxctl connect "$@" -- cgit v1.3.1