diff options
author | Simon McVittie <smcv@collabora.com> | 2022-12-14 13:08:20 +0000 |
---|---|---|
committer | Simon McVittie <smcv@debian.org> | 2023-01-12 15:13:34 +0000 |
commit | eebee9eb0f74e37b014bec54b815149263997b8c (patch) | |
tree | c2d95450f315bee778cbf403df7a80cdce0f89ff | |
parent | 073bdccd9e0999d90943e5cecd559228a3e78554 (diff) | |
download | flatpak-eebee9eb0f74e37b014bec54b815149263997b8c.tar.gz |
context: Show a warning when --filesystem exists but can't be shared
If the user gives us a override or command-line argument that we cannot
obey, like --filesystem=/usr/share/whatever or
--filesystem=/run/flatpak/whatever, then it's confusing that we silently
ignore it. We should give them an opportunity to see that their override
was ineffective.
However, there are a few situations where we still want to keep quiet.
If there is a --filesystem argument for something that simply doesn't
exist, we don't diagnose the failure to share it: that avoids creating
unnecessary noise for apps that opportunistically share locations that
might or might not exist, like the way the Steam app on Flathub asks
for access to $XDG_RUNTIME_DIR/app/com.discordapp.Discord.
Similarly, if we have been asked for --filesystem=host, the root
directory is very likely to contain symlinks into a reserved path, like
/lib -> usr/lib. We don't need a user-visible warning for that.
We actually use the equivalent of g_message() rather than g_warning(),
to avoid this being fatal during unit testing (in particular when we
do a `flatpak info` on an app that has never been run, which will
be unable to share its `.var/app` subdirectory). `app/flatpak-main.c`
currently displays them as equivalent to each other anyway.
Signed-off-by: Simon McVittie <smcv@collabora.com>
-rw-r--r-- | common/flatpak-context.c | 33 |
1 files changed, 29 insertions, 4 deletions
diff --git a/common/flatpak-context.c b/common/flatpak-context.c index 89217829..9a8413b9 100644 --- a/common/flatpak-context.c +++ b/common/flatpak-context.c @@ -2462,18 +2462,34 @@ log_cannot_export_error (FlatpakFilesystemMode mode, const char *path, const GError *error) { + GLogLevelFlags level = G_LOG_LEVEL_MESSAGE; + + /* By default we don't show a log message if the reason we are not sharing + * something with the sandbox is simply "it doesn't exist" (or something + * very close): otherwise it would be very noisy to launch apps that + * opportunistically share things they might benefit from, like Steam + * having access to $XDG_RUNTIME_DIR/app/com.discordapp.Discord if it + * happens to exist. */ + if (g_error_matches (error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND)) + level = G_LOG_LEVEL_INFO; + /* Some callers specifically suppress warnings for particular errors + * by setting this code. */ + else if (g_error_matches (error, G_IO_ERROR, G_IO_ERROR_FAILED_HANDLED)) + level = G_LOG_LEVEL_INFO; + switch (mode) { case FLATPAK_FILESYSTEM_MODE_NONE: - g_debug ("Not replacing \"%s\" with tmpfs: %s", - path, error->message); + g_log (G_LOG_DOMAIN, level, _("Not replacing \"%s\" with tmpfs: %s"), + path, error->message); break; case FLATPAK_FILESYSTEM_MODE_CREATE: case FLATPAK_FILESYSTEM_MODE_READ_ONLY: case FLATPAK_FILESYSTEM_MODE_READ_WRITE: - g_debug ("Not sharing \"%s\" with sandbox: %s", - path, error->message); + g_log (G_LOG_DOMAIN, level, + _("Not sharing \"%s\" with sandbox: %s"), + path, error->message); break; } } @@ -2521,6 +2537,15 @@ flatpak_context_export (FlatpakContext *context, if (!flatpak_exports_add_path_expose (exports, fs_mode, path, &local_error)) { + /* Failure to share something like /lib32 because it's + * actually a symlink to /usr/lib32 is less of a problem + * here than it would be for an explicit + * --filesystem=/lib32, so the warning that would normally + * be produced in that situation is downgraded to a + * debug message. */ + if (g_error_matches (local_error, G_IO_ERROR, G_IO_ERROR_NOT_MOUNTABLE_FILE)) + local_error->code = G_IO_ERROR_FAILED_HANDLED; + log_cannot_export_error (fs_mode, path, local_error); g_clear_error (&local_error); } |