Arch Linux User Repository

When installing this package (and when updating my matrix server) I always see this error:

(3/4) Creating temporary files...
Detected unsafe path transition /etc/mautrix-whatsapp (owned by mautrix-whatsapp) → /etc/mautrix-whatsapp/config.yaml (owned by root) during canonicalization of etc/mautrix-whatsapp/config.yaml.
error: command failed to execute correctly

Even if I update the config manually with the correct values, the service fails with Error updating config: failed to create temp file for writing config: open /etc/mautrix-whatsapp/mautrix-config-4189416483.yaml: read-only file system unless I add ReadWritePaths=/etc/mautrix-whatsapp to the service file. And if I add the line, the service touches mautrix-whatsapp.yaml on every start even though it doesn't change its content.

I'm not sure, is that particular with my installation only? Or does someone know how to work around that?

Could you please update the sha256sum for mautrix-whatsapp.tmpfiles? It's currently failing on 0.6.0-4 after the file was updated but not the checksum.

I do not really want to add ReadWritePaths=/etc/mautrix-whatsapp to the service as the permission is only used to update the config file with new values. This should be taken care of by the PKGBUILD and the new config file should be installed as mautrix-whatsapp.yaml.pacnew.

This would in my opinion only add more attack surface should something happen.

Thanks for updating the permissions. I think /etc/mautrix-whatsapp actually needs 740 permissions, not only 640, because otherwise it can't access the files inside, if I understand the permissions correctly.

And without ReadWritePaths=/etc/mautrix-whatsapp in mautrix-whatsapp.service, the systemd unit still fails, claiming the file system is read-only.

It seems that mautrix-whatsapp.tmpfiles does not grant sufficient read permission for /etc/mautrix-whatsapp for anyone other than root. Since mautrix-whatsapp is run by the homonymous user, it fails for me with Error updating config: failed to read config: open /etc/mautrix-whatsapp/mautrix-whatsapp.yaml: permission denied.

In fact it seems to even need write access to /etc/mautrix-whatsapp, because even with read access it fails with Error updating config: failed to create temp file for writing config: open /etc/mautrix-whatsapp/mautrix-config-3128392766.yaml: permission denied.

And it seems I also need to add ReadWritePaths=/etc/mautrix-whatsapp to mautrix-whatsapp.service.

"WhatsApp appears to have blocked old web app versions from connecting to the servers, which includes v0.2.3 of the bridge. If you haven't updated to v0.2.4 yet, you'll probably get <failure reason="405"/> errors until you update. The errors are otherwise harmless and the bridge should keep working normally after updating." -tulir

On my bridge I first got the error "You're logged in as ### but you don't have a WhatsApp connection.", then upon delete-session and trying to login "Failed to log in: unexpected connection event from server"

/var/lib/mautrix-whatsapp is now used as home and working directory for mautrix-whatsapp and all files except the log are now stored there.

Also the a modified version of the service file provided by https://docs.mau.fi/bridges/go/whatsapp/setup/systemd.html is used and the service will restart 30s after systemd detects a failure

I have had the service crash due to a bug I am still trying to hunt down. The problem is that in Matrix there is no indication that this happened, at least no automatic one, so the user will never know that he is missing messages and not communicating with anyone on WhatsApp.

As a temporary fix and a general idea going forward, what is your opinion to making the service file restart the service upon crash (Restart=on-failure)?