How to allow GUI application in flatpak to run CLI tool?
There are different ways:
- If your flatpak has
hostaccess, you could e.g. run/usr/local/bin/examplein/var/run/host/usr/local/bin/example. I.e./usr/localis mounted to/var/run/host/usr/local. - However, that may still fail due to libraries not being at the correct place etc. Thus, you either need to adjust the env variables so it works there, or follow the way described below.
Spawn commands outside of flatpak
You may use flatpak-spawn to run commands in a different environment.
However, usually you want to spwan the commands on the host system, thus breaking out of the sandbox. To do so, you obviously need to weaken the sandbox of the flatpak. Just add this permission:
flatpak override com.packagename.App --talk-name=org.freedesktop.Flatpak
Afterwards, you can run flatpak-spawn --host to run commands outside of the flatpak from the host.
Now, to really use this in a GUI, you hopefully have some ways to change the path to the binaries you want to run there. This can get complicated, as you need to pass additional params and in the end you may end up having to write small wrapper scripts.
In my case, I actually did, and you can find them here. They allow (in my case) Atom (but likely possible with any IDE) to run shellcheck or gpg…
You can use the HostCommand method of the org.freedesktop.Flatpak.Development Dbus interface: https://github.com/flatpak/flatpak/blob/master/data/org.freedesktop.Flatpak.xml#L43
An example using Python: https://stackoverflow.com/questions/39494813/pass-file-descriptor-via-a-dbus-function-call-from-python-aka-call-flatpaks-ho