Re: Getting point-and-click working

[David Sumbler]

On Sat, 2019-02-09 at 11:05 +0100, Federico Bruni wrote:
> Il giorno ven 8 feb 2019 alle 18:16, David Sumbler <
> address@hidden> 
> ha scritto:
> > I put off trying to get point-and-click for several years (!) until
> > now, because the instructions in the Usage Manual seemed rather
> > cryptic.  But point-and-click would be massively useful, so I
> > thought I would try to set it up.  I followed the instructions to
> > the best of my limited ability and, rather as I expected, it didn't
> > work for me.
> > 
> > I am running Ubuntu 18.04 with emacs 25.2. and the Unity desktop.
> 
> I don't think it's important if you are using Unity or Gnome 3. In
> both cases you should probably follow the instructions for GNOME 3 in
> the Usage manual.
> 
> > I have LYEDITOR set to "emacsclient --no-wait +%(line)s:%(column)s
> > %" file)s".
> > I don't have EDITOR set to anything at the moment.
> 
> The file variable is called incorrectly. I guess it's a typo in your 
> email?

Yes it was - apologies.  My LYEDITOR was correctly set to
        emacsclient --no-wait +%(line)s:%(column)s %(file)s
as shown in the Usage Manual.

> Anyway, you don't need to use this long form, as the command should
> be already defined in lilypond source.
> You can check it with these commands:
> 
> [~]$ which lilypond-invoke-editor
> ~/.local/bin/lilypond-invoke-editor
> [~]$ grep emacs 
> .local/lilypond/usr/share/lilypond/current/scm/editor.scm
>          "emacs"))))
>   '(("emacs" .  "emacsclient --no-wait +%(line)s:%(column)s %(file)s
> || 
> (emacs +%(line)s:%(column)s %(file)s&)")
> 
> So you can use:
> 
> export LYEDITOR=emacs

My lilypond is a global install in /usr/local/ rather than ~/local/ -
perhaps this is what is causing the permissions error.  Apart from
that, the output of the 'grep emacs'... command is identical to yours.

I have therefore now changed LYEDITOR to 'emacs' to simplify things, as
you suggest.

> This is all I have to do to make it work on Fedora 29, GNOME 3.30.2.
> 
> I also have this line in ~/.emacs:
> 
> (server-start)
> 
> This is explained in current master Documentation. Unfortunately 
> LilyPond releases have been blocked for the last seven months so you 
> have to build it yourself or check the sources on Savannah.

At the moment I am issuing the server-start command in a running emacs.
But of course I shall add it to my .emacs file at some point.

<snip> </snip>

> > Now when I start emacs, run the command server-start and then
> > issue 
> > the
> > command
> > 
> >     gnome-open textedit:///etc/issue:1:0:0
> > 
> > the file /etc/issue does indeed open in emacs.  It contains the
> > single
> > line
> > 
> >     Ubuntu 18.04.1 LTS \n \l
> > 
> > This seemed promising, to me.
> > 
> 
> So far so good.
> By the way, it opens once or twice? If you are using a LilyPond 
> installer released before October 2018 (today the answer is yes),
> you might get two windows. If you are using a version provided by
> your distro, you won't probably have this bug. See this PR:
> https://github.com/gperciva/gub/pull/48

It opens once.  I am using LilyPond 2.19.82 downloaded last August.

> > The PDF viewer I use is evince, so I added the lines
> > 
> >     # For Textedit links
> >     /usr/local/bin/lilypond-invoke-editor Cx -> sanitized_helper,
> > 
> > to the file /etc/apparmor.d/local/usr.bin.evince (which was
> > previously empty), and then ran
> > 
> >     sudo apparmor_parser -r -T -W /etc/apparmor.d/usr.bin.evince
> > 
> > as instructed in the UM.
> > 
> > However, when I open a lilypond PDF file in evince and click on a 
> > note, I get an error message:
> > 
> >     Unable to open external link.
> >     Failed to execute child process “lilypond-invoke-editor” 
> >     (Permission denied)
> > 
> > Yet I can run lilypond-invoke-editor from a command line without
> > any parameters, and I get the expected usage help.
> > 
> > Can anyone suggest what I have done wrong or omitted to do?
> 
> I never had this problem since Fedora doesn't use AppArmor (nor
> Debian, wich I used previously).
> Have you tried logging out the session or restarting?
> Or just restart apparmor:
> 
> sudo /etc/init.d/apparmor restart

No success, I'm sorry to say.

> If it doesn't help, try disabling AppArmor for Evince:
> 
https://askubuntu.com/questions/344834/evince-document-viewer-failed-to-execute-child-process-nemo-permission-deni

I tried all the suggestions on the page suggested.  Nothing helped
except for completely disabling AppArmor for Evince.  The links then
work as intended!

But it would be preferable, probably, not to do that, so I removed the
disabling link and tried again with the AppArmor files modified as you
suggested.  I rebooted and, sad to say, the old problem occurs.

However, in case you or anyone else can make a further suggestion on
how to get things working even with AppArmor doing its thing, here are
the lines that appear in my /var/log/syslog file when I open a Lilypond
PDF file in Evince, and then click on a link.

Upon opening the file, I get (in a single line):

Feb  9 18:11:21 vesta kernel: [  975.529752] audit: type=1400
audit(1549735881.448:47): apparmor="DENIED"
operation="open" profile="/usr/bin/evince"
name="/home/david/.local/share/applications/mimeapps.list" pid=3241
comm="evince" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0

When I click on a link in the displayed file, I get:

Feb  9 18:11:38 vesta kernel: [  992.243804] audit: type=1400 
audit(1549735898.161:48): apparmor="DENIED" 
operation="exec" profile="/usr/bin/evince" 
name="/usr/local/bin/lilypond-wrapper.guile" pid=3261 
comm="evince" requested_mask="x" denied_mask="x" fsuid=1000 ouid=0

Although all of the other 71 files in ~/.local/share/applications/ have
me as owner and group, the file mimeapps.list has owner and group set
to root.  I looked at my partner's computer, which is running Ubuntu
16.04, and there the corresponding file has owner and group set to the
user, rather than root.  (Presumably this is some change made in
Ubuntu, since I don't think I can have done anything to change it.)

So I tried changing the ownership of that file on my computer, and sure
enough, I no longer see an error in the log file when evince is
started.  But when I click on a link in the Lilypond file I still get:

Feb  9 18:34:45 vesta kernel: [  200.968460] audit: type=1400
audit(1549737285.711:45): apparmor="DENIED" 
operation="exec" profile="/usr/bin/evince"
name="/usr/local/bin/lilypond-wrapper.guile" pid=2507 
comm="evince" requested_mask="x" denied_mask="x" fsuid=1000 ouid=0

Clearly I can't sensibly change the ownership of
/usr/local/bin/lilypond-wrapper.guile, and presumably this is the sort
of thing AppArmor is supposed to sort out.  I did, however, try adding
a line specifically for this file in
/etc/apparmor.d/local/usr.bin.evince, but it hasn't helped.

Meanwhile, I shall go back to disabling AppArmor for Evince, even
though it is probably slightly less than ideal.

Thanks for all your help.

David