Espanso daemon problem

Hi!

I try to install espanso.
First, I enabled the dedicated service with services.espanso.enable = true. But I use wayland and this service seems to be for X11.
I added espanso-wayland in my systemPackages and imported this expanso.nix file :

{ config, lib, pkgs, ... }:

{
  systemd.services.espanso = {
    description = "ESPANSO";
    after = [ "syslog.target" "network.target" ];
    wantedBy = [ "default.target" ];

    serviceConfig = {
      ExecStart = "${pkgs.espanso-wayland}/bin/espanso daemon";
      Type = "simple";
      Restart = "always";
      RestartSec = 3;
      User = "manu";
      Group = "users";
      CapabilityBoundingSet = "CAP_DAC_OVERRIDE";
      AmbientCapabilities = "CAP_DAC_OVERRIDE";
    };
 };

 systemd.services.espanso.enable = true;
}

But it still doesn’t work :frowning:

systemctl status espanso return this :

espanso.service - ESPANSO
     Loaded: loaded (/etc/systemd/system/espanso.service; enabled; preset: enabled)
     Active: failed (Result: exit-code) since Sat 2023-11-11 01:05:59 CET; 37min ago
   Duration: 48ms
    Process: 227636 ExecStart=/nix/store/p9k8cn912336wfqrmv37f71bv4fiy97b-espanso-2.1.8/bin/espanso daemon (code=exited, status=101)
   Main PID: 227636 (code=exited, status=101)
         IP: 0B in, 0B out
        CPU: 47ms

What I get with espanso log or espanso daemon :

01:45:17 [daemon(251647)] [INFO] reading configs from: "/home/manu/.config/espanso"
01:45:17 [daemon(251647)] [INFO] reading packages from: "/home/manu/.config/espanso/match/packages"
01:45:17 [daemon(251647)] [INFO] using runtime dir: "/home/manu/.cache/espanso"
01:45:17 [daemon(251647)] [INFO] system info: NixOS v23.05 - kernel: 6.1.61
01:45:17 [daemon(251647)] [WARN] keyboard layout watcher couldn't determine active layout.
01:45:17 [daemon(251647)] [INFO] watching for changes in path: "/home/manu/.config/espanso"
01:45:17 [daemon(251647)] [INFO] espanso version: 2.1.8
01:45:17 [daemon(251647)] [INFO] spawning the worker process...
01:45:17 [daemon(251647)] [INFO] binded to IPC unix socket: /home/manu/.cache/espanso/espansodaemonv2.sock
01:45:17 [worker(251653)] [INFO] reading configs from: "/home/manu/.config/espanso"
01:45:17 [worker(251653)] [INFO] reading packages from: "/home/manu/.config/espanso/match/packages"
01:45:17 [worker(251653)] [INFO] using runtime dir: "/home/manu/.cache/espanso"
01:45:17 [worker(251653)] [INFO] system info: NixOS v23.05 - kernel: 6.1.61
01:45:17 [worker(251653)] [INFO] binded to IPC unix socket: /home/manu/.cache/espanso/espansoworkerv2.sock
01:45:17 [worker(251653)] [INFO] monitoring the status of the daemon process
01:45:17 [worker(251653)] [INFO] using WaylandAppInfoProvider
01:45:17 [worker(251653)] [WARN] EVDEV backend is being used, but without enabling linux capabilities.
01:45:17 [worker(251653)] [WARN]   Although you CAN run espanso EVDEV backend as root, it's not recommended due
01:45:17 [worker(251653)] [WARN]   to security reasons. Espanso supports linux capabilities to limit the attack surface
01:45:17 [worker(251653)] [WARN]   area by only leveraging on the CAP_DAC_OVERRIDE capability (needed to work with
01:45:17 [worker(251653)] [WARN]   /dev/input/* devices to detect and inject text) and disabling it as soon as the
01:45:17 [worker(251653)] [WARN]   initial setup is completed.
01:45:17 [worker(251653)] [INFO] detection module will use this keyboard layout: [R=, M=, L=fr, V=, O=]
01:45:17 [worker(251653)] [INFO] using EVDEVSource
01:45:17 [worker(251653)] [ERROR] Unable to open EVDEV devices, this usually has to do with permissions.
01:45:17 [worker(251653)] [ERROR] You can either add the current user to the 'input' group or run espanso as root
01:45:17 [worker(251653)] [ERROR] thread 'engine thread' panicked at 'failed to initialize detector module: detection source initialization failed': espanso/src/cli/worker/engine/mod.rs:139
01:45:17 [worker(251653)] [ERROR] Unable to block the LinuxEventLoop: receiving on an empty and disconnected channel
01:45:17 [worker(251653)] [ERROR] thread 'main' panicked at 'unable to run main eventloop: receiving on an empty and disconnected channel': espanso/src/cli/worker/mod.rs:160
01:45:17 [daemon(251647)] [ERROR] received unexpected exit code from worker 101, exiting

The problem seems to come from CAP_DAC_OVERRIDE. This is why I added CapabilityBoundingSet and AmbientCapabilities to the systemd service.
But I’m not sure I should add this capabilities to the daemon worker. Maybe I should add this to the espanso executable instead. Not sure. I tried sudo setcap "cap_dac_override+p" $(which espanso) but don’t work.

I don’t know exactly what I’m doing. Just hacking.
Why EVDEV don’t want to be used ?
If someone get an idea about my journey, I’ll take it !

4 Likes

As suggested by @gaelreyrol on matrix, I added my user in the input group with :
users.users.manu.extraGroups = [ "input" ];

I use id -nG manu to check my user is well in the group.

Still not working. I can’t trigger expansion. espanso status tell espanso is running.
My nix question is How to set the CAP_DAC_OVERRIDE capability ? Is my systemd.service not good ?

Here the espanso log output :

14:40:17 [daemon(22337)] [INFO] reading configs from: "/home/manu/.config/espanso"
14:40:17 [daemon(22337)] [INFO] reading packages from: "/home/manu/.config/espanso/match/packages"
14:40:17 [daemon(22337)] [INFO] using runtime dir: "/home/manu/.cache/espanso"
14:40:17 [daemon(22337)] [INFO] system info: NixOS v23.05 - kernel: 6.1.63
14:40:17 [daemon(22337)] [INFO] watching for changes in path: "/home/manu/.config/espanso"
14:40:17 [daemon(22337)] [WARN] keyboard layout watcher couldn't determine active layout.
14:40:17 [daemon(22337)] [INFO] espanso version: 2.1.8
14:40:17 [daemon(22337)] [INFO] spawning the worker process...
14:40:17 [daemon(22337)] [INFO] binded to IPC unix socket: /home/manu/.cache/espanso/espansodaemonv2.sock
14:40:17 [worker(22343)] [INFO] reading configs from: "/home/manu/.config/espanso"
14:40:17 [worker(22343)] [INFO] reading packages from: "/home/manu/.config/espanso/match/packages"
14:40:17 [worker(22343)] [INFO] using runtime dir: "/home/manu/.cache/espanso"
14:40:17 [worker(22343)] [INFO] system info: NixOS v23.05 - kernel: 6.1.63
14:40:17 [worker(22343)] [INFO] binded to IPC unix socket: /home/manu/.cache/espanso/espansoworkerv2.sock
14:40:17 [worker(22343)] [INFO] monitoring the status of the daemon process
14:40:17 [worker(22343)] [INFO] using WaylandAppInfoProvider
14:40:17 [worker(22343)] [WARN] EVDEV backend is being used, but without enabling linux capabilities.
14:40:17 [worker(22343)] [WARN]   Although you CAN run espanso EVDEV backend as root, it's not recommended due
14:40:17 [worker(22343)] [WARN]   to security reasons. Espanso supports linux capabilities to limit the attack surface
14:40:17 [worker(22343)] [WARN]   area by only leveraging on the CAP_DAC_OVERRIDE capability (needed to work with
14:40:17 [worker(22343)] [WARN]   /dev/input/* devices to detect and inject text) and disabling it as soon as the
14:40:17 [worker(22343)] [WARN]   initial setup is completed.
14:40:17 [worker(22343)] [INFO] detection module will use this keyboard layout: [R=, M=, L=fr, V=, O=]
14:40:17 [worker(22343)] [INFO] using EVDEVSource
14:40:17 [worker(22343)] [INFO] Querying modifier status...
23:03:14 [service(362360)] [INFO] reading configs from: "/home/manu/.config/espanso"
23:03:14 [service(362360)] [INFO] reading packages from: "/home/manu/.config/espanso/match/packages"
23:03:14 [service(362360)] [INFO] using runtime dir: "/home/manu/.cache/espanso"
23:03:14 [service(362360)] [INFO] system info: NixOS v23.05 - kernel: 6.1.63
23:03:14 [service(362360)] [INFO] espanso is running

Hi,
I am trying to get version 2.2.1 to work, but I managed to hit the same road block.

Did you manage to find a solution?

Sorry, but no.
I didn’t find a solution and don’t know how and where to invest :frowning_face:

I really need someone who master nixOS to point me a way to go…

perhaps you need also set something like this?

systemd.services.myService = {
  capabilities = [ "cap_dac_override=<whatever>" ];
};

This package is broken unfortunately.
espanso github issues has a number of nixos requests and the replies come back as the nix package needs attention
nix packages github has many issues that remain unanswered
I’ve been looking for many weeks for a workaround but no luck.
I’m yet to find any nix user that has espanso-wayland working. Suggestions are always appreciated. It’s just broken at the moment and needs coding attention (I wish I could help with code but alas … )

2 Likes

I’m not sure if Unusable in Wayland · Issue #1750 · espanso/espanso · GitHub is really fixed…

it isn’t and the code hasn’t seen any updates for quite a while

I just created a temporary workaround for espanso 2.2.1 that works on NixOs wayland. (hope you like it).

3 Likes

Thank you very much! I’ll try that the next time I’ll attempt to move to Wayland!

Your avatar confused the hell out of me :joy:.
I saw your post and thought: “WTF I can’t remember writing this at all and why is my username wrong?”

1 Like

Hi! Thanks a lot @ingbarrozo to found a workaround for espanso.
I tried your code, but I got an error when switching nixos at this line https://github.com/ingbarrozo/espanso/blob/00c91924ddf91995c05bfad4bd2728482d5a59a4/default.nix#L46

I don’t use home manager.
I don’t know how or by what replacing this line. I’ve you got an idea ?

I think that by replacing line:
home.packages = [ config.programs.espanso.package ];
with line: users.users.“yourusername”.packages = [ config.programs.espanso.package ];
, could solve your problem.

let me know if that works.

2 Likes

hehehe, i think the name of the app is/was Androidify.

I created that avatar many years ago. (maybe 2012)

1 Like

It works !
Awesome, thanks a lot for your help :smiling_face_with_three_hearts:

Hm, for some reason I ran into Error: could not open uinput device, but I set the input group (see Error: could not open uinput device · Issue #1 · ingbarrozo/espanso · GitHub) :thinking: