| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
| |
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
| |
|
|
|
|
|
|
| |
This should make it a bit clearer when `rm -rf` is being used in the
debug logs.
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
(cherry picked from commit 6c7eb34dd641f1bca29d1e44ac3954898f2ee57c)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Before 1.8.0 (2016), gpgme used to have two different thread-safe builds,
one for use with POSIX-style pthread and one for use with GNU Portable
Threads (libpth), plus a non-thread-safe version. Since 1.8.0, this
complexity has gone away and there is only libgpgme, which is thread-safe.
In practice this meant that on modern distros since 2016, we would always
fail to detect gpgme via pkg-config and fall back to calling gpgme-config.
Library-specific -config scripts are generally considered problematic
for multiarch, multilib and cross-compiling, and the gpgme-config script
recently disappeared from GPGME's Debian packaging
(see https://bugs.debian.org/1022348 and https://bugs.debian.org/1023601),
so it's better if we can prefer to use pkg-config.
If gpgme >= 1.8.0 is not found, fall back to gpgme-pthread >= 1.1.8,
either discovered via pkg-config or via gpgme-config.
Signed-off-by: Simon McVittie <smcv@collabora.com>
(cherry picked from commit 9b87e4c0d4557f7ece3fedad699954a10663e41d)
|
| |
|
|
|
| |
Signed-off-by: Simon McVittie <smcv@collabora.com>
(cherry picked from commit db77992b28d3256022ecdcfcaf077f389fb3bb7f)
|
| |
|
|
|
|
|
|
|
|
| |
When filesystem=host access is provided, some root folders are hidden, including /boot.
The bootloader specification now recommends mounting the system EFI filesystem in /efi
(currently visible) instead of /boot/efi (currently hidden). This hides /efi for the same
reasons /boot is already hidden.
(cherry picked from commit 397c97de9f6dc55e676695a15ca419d9dd806901)
|
| |
|
|
|
| |
Signed-off-by: Simon McVittie <smcv@collabora.com>
(cherry picked from commit 26fbf692cdf5bfa649fee78ff6d8cdabf312647a)
|
| |
|
|
|
|
|
|
| |
This supplements clearing TMPDIR env variable which is only one among variables used for storing temporary files. Any of those leaking from host may confuse flatpak apps which try to save temporary files under non-existing directory in sandbox.
See https://github.com/flathub/com.logseq.Logseq/issues/29 for real world example.
(cherry picked from commit d8695f307115df2eac1996cd23e24e07d452ebb2)
|
| |
|
|
|
|
|
|
| |
When built for i386 with Autotools, this would have detected the format
string issue fixed in #5148.
Signed-off-by: Simon McVittie <smcv@collabora.com>
(cherry picked from commit de4de4dc440135b640bf6e011e673380f1a2bd48)
|
| |
|
|
|
|
|
|
| |
revokefs already gets the correct include directory from the AM_CPPFLAGS.
This would also break the build with -Werror=missing-include-dirs.
Signed-off-by: Simon McVittie <smcv@collabora.com>
(cherry picked from commit 190bad06d25fbffaf6674128ff37ba15fba30fba)
|
| |
|
|
|
| |
Signed-off-by: Simon McVittie <smcv@collabora.com>
(cherry picked from commit 751d2b110bb2ad5bd5980d7e82b47a14b60ba393)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This already happens for installs due to the cleanup path in
`flatpak_dir_deploy_install()`, but it doesn’t happen for other calls to
`flatpak_dir_deploy()`. Notably, during updates of already installed
apps.
Specifically, this means that if an app update is cancelled due to being
blocked by a parental controls policy, the temp deploy dir for that app
(such as
`~/.local/share/flatpak/app/com.corp.App/x86_64/stable/.somehex-XXXXXX`)
will be leaked. It will never be automatically cleaned up, as it’s not
in `/var/tmp` either.
Fix that by using `glnx_mkdtempat()` to create a scoped temporary
directory.
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
(cherry picked from commit ce1829a703f2bc2e7868fd314ddefb63fbf7dce1)
|
| |
|
|
| |
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
This fixes the build on ILP32 architectures such as i386 with the Meson
build system. The Autotools build system accidentally didn't build
revokefs with -Werror=format, because it sets the target-specific CFLAGS
for revokefs but does not include the $(AM_CFLAGS) in them.
Fixes: aeecbb7d "revokefs: Split out the writing part from the fuse implementation"
Signed-off-by: Simon McVittie <smcv@collabora.com>
(cherry picked from commit 959910f93362a0dc594e39aab822f552b4e267e7)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The profile script previously nuked `XDG_DATA_DIRS` and then
“helpfully” re-populated it with FHS paths. This was especially
bad for systems like NixOS, which do not have `/usr`
and rely on `XDG_DATA_DIRS` heavily.
Quoting from https://fishshell.com/docs/current/cmds/set.html
> If a variable is set to zero elements, it will become a list with zero elements.
And indeed, that is what the `set -x --path XDG_DATA_DIRS` command does.
We need to list the value explicitly, if we want to preserve it
while setting variable options.
(cherry picked from commit a0505f52d993837ce7ce96801f54eb37d55dadfb)
|
| |
|
|
| |
(cherry picked from commit e5bb9af250f34f94cc4396642cdc7820bee0639d)
|
| |
|
|
| |
(cherry picked from commit 9d44a27d799ff752238b7144ff1d0503b1229515)
|
| |
|
|
| |
(cherry picked from commit b26e9efb1d01431c85df22a1923a479ea00798f1)
|
| |
|
|
|
|
|
|
|
| |
Exiting the process with a custom exit status (1) after systemctl stop
(SIGTERM) makes systemd treat the flatpak-session-helper service as if
it had failed.
Signed-off-by: Alberto Garcia <berto@igalia.com>
(cherry picked from commit c1f03709580a146b9acdf5aca514fe4bc4b9c384)
|
| |
|
|
|
|
| |
See https://github.com/flatpak/flatpak.github.io/issues/537
(cherry picked from commit a88d97179263bf4e1b2458b26c6953d7e0004a9f)
|
| |
|
|
|
|
|
|
|
|
| |
`@filename@` expands to the relative or absolute path to the source
file, which varies between build systems and build directories.
`@basename@` expands to the basename of the file, which stays constant
across more build configurations.
Signed-off-by: Simon McVittie <smcv@collabora.com>
(cherry picked from commit 3a93ef4842f7dac3eed02e2a45091cd358162b6a)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This avoids a race condition in versions older than 2.60, while still
verifying that we can compile successfully with GLib 2.56.
Not having GLib 2.60 means we can't compile libmalcontent on Ubuntu 18.04,
so move the libmalcontent dependency to the main build job (on Ubuntu
22.04, which is new enough). This also means we don't have to compile
it from source every time.
Signed-off-by: Simon McVittie <smcv@collabora.com>
(cherry picked from commit 8a52187145556191852d1234b608b9928d10c9ee)
|
| |
|
|
|
|
|
|
|
|
| |
g_time_zone_new_offset() was new in GLib 2.58, but Ubuntu 18.04 'bionic'
only has GLib 2.56, and in theory we still claim to support versions
all the way back to GLib 2.46. If that function isn't available,
reimplement it in terms of the deprecated g_time_zone_new().
Signed-off-by: Simon McVittie <smcv@collabora.com>
(cherry picked from commit 3591ba08f673bcfb99c8da4fa3c6960cf5e776b7)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
GLib 2.66.x is present in Debian 11, and didn't support scheme-based
normalization. This has two effects:
1. URIs containing an explicit port, like https://example.com:443/,
don't get normalized to https://example.com/
2. URIs with an empty path, like https://example.com, don't get
normalized to https://example.com/
Neither of these normalizations seems particularly critical for Flatpak.
Resolves: https://github.com/flatpak/flatpak/issues/5062
Signed-off-by: Simon McVittie <smcv@collabora.com>
(cherry picked from commit 8c51650662938ad9c73d97c486217d810cb1b1ac)
|
| |
|
|
|
|
|
| |
Some projects such as GNOME-Software need this information to know
if its safe to build against (libsoup2 vs libsoup3 conflicts).
(cherry picked from commit f1dda39e8087e24874a41636b4a7b77019211a8f)
|
| |
|
|
|
|
|
|
| |
(flatpak documents:2965757): GLib-CRITICAL **: 11:27:35.128: g_variant_iter_next_value: must not be called again after NULL has already been returned.
This is due to the applications iterator being checked twice even though it is empty.
(cherry picked from commit b204ed246645b44c95dcc0dda2a8cb478977e721)
|
| |
|
|
|
| |
Signed-off-by: sashashura <93376818+sashashura@users.noreply.github.com>
(cherry picked from commit a0c6848ccfced8a8438558177d448101d4c2e36a)
|
| |
|
|
| |
(cherry picked from commit 83b881cdc25403516b2ed9dcb3801c46965bdb4d)
|
| |
|
|
| |
Fixes #5068
|
| |
|
|
| |
1.15.x doesn't exist yet but I don't think it hurts to add it here.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
| |
To make indentation work with less effort. The modeline was copied from
libostree with minor modification and the .editorconfig from GLib.
The advantage of having both a modeline and an editorconfig is we can
work out of the box on more editor setups, and the modeline allows us to
specify the style with a lot more fine grained control.
|
| |
|
|
|
|
|
|
|
| |
There can happen a race condition between internal libcurl structure
content when two threads set the `data` structure for the callbacks
from two threads, which can cause access of already freed stack-allocated
`data`, resulting in a memory corruption.
Closes https://github.com/flatpak/flatpak/issues/3701
|
| | |
|
| |
|
|
|
|
| |
This ensures we exercise both code paths.
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
| |
|
|
|
|
|
| |
This is fixed in v2022.3, but that version missed the boat for Ubuntu
22.04.
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
| |
|
|
|
|
|
|
|
| |
Based on a change contributed by Léo Stefanesco; but instead of
unconditionally using FUSE 3, leave a fallback code path for FUSE 2 for
older distros.
Co-authored-by: Léo Stefanesco <leo.lveb@gmail.com>
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This helps to figure out what is going on if the expected paths are not
being exported.
The general design principle here is that I've used flatpak_debug2()
(which appears in `flatpak -v -v` but not `flatpak -v`) for situations
which occur under normal circumstances, and g_debug() (which appears
in `flatpak -v` or higher) for situations which are expected to be
uncommon.
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
| |
|
|
|
|
|
| |
Save folks a few keystrokes. There is a command which already has a '-u'
option, document-export, but it doesn't support --user so there should
be no conflict. However '-s' is used by the info command among others,
so we can't use that for --system.
|
| |
|
|
|
|
|
|
|
| |
We already allow normal apps to own MPRIS names but subsandboxes could not.
This allows them with the same dbus restrictions that they must be
prefixed by $app_id.Sandboxed.
This will be used by WebKitGTK.
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
Now that we're using the same display number in the sandbox as on the
host, we can forget about overwriting it with :99.
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Suppose the user's "real" X11 display on the host is Xorg or Xwayland
listening on :42, but they also have an Xvfb server listening on :99.
If we change the X11 display number to the arbitrary value :99, and
the Flatpak sandbox shares its network namespace with the host, then
clients inside the Flatpak sandbox will prefer to connect to the
abstract socket @/tmp/.X11-unix/X99 (which is Xvfb), rather than the
filesystem-backed socket /tmp/.X11-unix/X99 in the sandbox (which is
really /tmp/.X11-unix/X42 on the host, i.e. Xorg or Xwayland).
If they're relying on Xauthority (MIT-MAGIC-COOKIE-1) for access
control (as many display managers do), then this will fail, because
we gave the sandboxed app access to the cookies for Xorg/Xwayland
(rewriting their display number from 42 to 99 as we did so), but
Xvfb does not accept those cookies.
If we're relying on `xhost +"si:localuser:$(id -nu)"` for access control
(as gdm does), then the Flatpak app will successfully (!) connect to
whatever is on :99, for example Xvfb or Xephyr, which is rarely what
anyone wants either.
Resolves: https://github.com/flatpak/flatpak/issues/3357
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
| |
|
|
|
|
| |
The Desktop Entry spec says that Exec= is only required if
DBusActivatable= is not set to true, so don't emit a warning when Exec=
is missing but not required.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When Flatpak's P2P updates support was replaced with the "sideloading"
implementation in 1.7.1, a new server side repo config key
"deploy-sideload-collection-id" was added which gets set when you pass
"--deploy-sideload-collection-id" to "flatpak build-update-repo", and
has the effect of setting "xa.deploy-collection-id" in the repo metadata
that is pulled by clients, which itself causes a collection id to be set
on the remote for clients using Flatpak >= 1.7.1.
This commit adds an analogous key in flatpakref and flatpakrepo files,
so the collection id can be set when the remote is configured, rather
than later on when the repo metadata is pulled and acted upon. As before
with DeployCollectionID, it has no difference in function compared to
DeployCollectionID or CollectionID and the only difference is which
Flatpak versions are affected.
It would've been better if this were added in 1.7.1 when the sideload
support was added, but alas here we are.
(Also update the docs and unit tests)
|
