Add network usage column to the Apps page

added enhancement label

changed milestone to %Release v0.4.0 (minor release)

changed milestone to %Release v1.0.0 (major release)

I am willing to offer $25 for this feature to be implemented

Thanks, this is a tricky one since it requires special privileges to access this information.

Maybe it would require installing a service which would have these privileges, and then the mission center would talk to that service on a requirement basis?

In order to be run by a non-root user, nethogs needs the cap_net_admin and cap_net_raw capabilities; additionally, to read and display process names, cap_dac_read_search and cap_sys_ptrace capabilities are required. These can be set on the executable by using the setcap command, as follows:

sudo setcap "cap_net_admin,cap_net_raw,cap_dac_read_search,cap_sys_ptrace+pe" /usr/local/sbin/nethogs

I've been looking at the nethogs library as well.

I like your idea of creating a user service or something at runtime, after asking the user for permission to do so.

One issue I see is having to maintain 3 binaries now, instead of two (main app and the Gatherer). Also, what happens when we update the binary, do we ask for permission again?

Actually, I was more thinking of delivering a system service at install time. I know that some packages install some files under /etc/systemd/system, which may start with the system and have root privileges. I don’t know if that is possible for flatpak though and maybe less AppImage.

Maybe you can check ksysguard/ksgrd_network_helper which does a similar job. https://invent.kde.org/plasma/libksysguard/-/tree/master/processcore/plugins/network The README seem to explain pretty well what they do. It’s a little complicated, indeed.

Or maybe just ask for root permissions when a user selects the network usage overview?

I think this would be a fair limitation for the beginning and allow flashing out the UI. Later one can think of additional possibilities to avoid this step.

Seems not possible within flatpak https://github.com/flathub/org.wireshark.Wireshark/issues/4

@darkdragon-001 I'd rather not run anything as root, and just elevate as needed.

@Aroun108 Interesting find with the ksysguard helper, pretty much inline with what I was thinking.

What can be done here is have a binary (similar to ksysguard helper) that is built as a part of the flatpak package, copied to ~/.local/share/ or ~/.local/bin or something, set the appropriate permissions on the binary, and execute it from there. Once an update is shipped to the helper just replace it, re-set the permissions and that's that. So it's not impossible just a non-trivial amount of effort to make it predictable and as seamless as possible.

Or least effort implementation, just in the readme tell to install libksysguard separately on the host system. Then within the flatpak check if the executable exists on host, if yes, then use it.

aroun@aroun-tuxedo-x1  12s  ~  flatpak run --command=sh io.missioncenter.MissionCenter
F: Not sharing "/usr/share/icons" with sandbox: Path "/usr" is reserved by Flatpak
[📦 io.missioncenter.MissionCenter ~]$ flatpak-spawn --host file /usr/lib/x86_64-linux-gnu/libexec/ksysguard/ksgrd_network_helper
/usr/lib/x86_64-linux-gnu/libexec/ksysguard/ksgrd_network_helper: ELF 64-bit LSB pie executable, x86-64, version 1 (GNU/Linux), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=2447bd123674c16560cacaa4469ba0633574eb40, for GNU/Linux 3.2.0, stripped
[📦 io.missioncenter.MissionCenter ~]$ flatpak-spawn --host /usr/lib/x86_64-linux-gnu/libexec/ksysguard/ksgrd_network_helper
16:42:49
16:42:50
16:42:51
16:42:52
16:42:53|PID|5830|IN|68|OUT|209
16:42:53|PID|4233|IN|740|OUT|136
16:42:53|PID|69550|IN|1012|OUT|967
16:42:54|PID|4566|IN|68|OUT|68
16:42:54|PID|-1|IN|0|OUT|68
16:42:54|PID|5830|IN|576|OUT|136
16:42:54|PID|4233|IN|0|OUT|0
16:42:54|PID|69550|IN|571|OUT|512

mentioned in commit eb916acd

mentioned in merge request !271