| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
Meson's TAP parser won't accept this, unlike Automake's. At the moment
libtest.sh directs stderr to stdout anyway, so there is no practical
effect for this change, but a subsequent commit will remove that merging.
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
|
|
|
|
|
|
|
|
| |
Read metainfo files from both share/appdata and share/metainfo to
support new and old versions of flatpak-builder
(https://github.com/flatpak/flatpak-builder/pull/441) but only export to
the new path.
Fixes https://github.com/flatpak/flatpak/issues/4599
|
|
|
|
|
| |
This way the flatpak command is more consistently run under valgrind
when that is enabled.
|
|
|
|
| |
Signed-off-by: Guido Günther <agx@sigxcpu.org>
|
|
|
|
| |
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
|
|
|
| |
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
|
|
|
|
|
|
|
|
| |
https://github.com/flatpak/flatpak/commit/a99b748931e6444dadb0d0c8c1565da23f755800 introduced an environment variable for changing the flatpak path for exports.
On NixOS, we do not have a stable path we could use so we used to patch Flatpak to use `flatpak` program from `PATH`.
With the recent change, we drop our downstream patch in favour of setting the environment variable to `flatpak` but the tests do not expect that.
This is the test part of our former downstream patch so that tests can pass with exports using `flatpak` instead of an absolute path.
It still expects the binary path to end with `flatpak` so arbitrary `$FLATPAK_BINARY` will not work but we do not pass the environment variable to tests so we cannot do much better.
|
|
|
|
|
|
|
|
|
| |
If we do, it interferes with xdg-dbus-proxy, causing test failure under
some circumstances: the test passes on a development system, but fails
when run on a qemu virtual machine in Debian's autopkgtest framework.
Fixes: 6e5b02e2 "run: Don't let XDG_RUNTIME_DIR from user override the value we set"
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We use `bwrap --setenv XDG_RUNTIME_DIR` to set it to `/run/user/UID`,
regardless of what it is on the host system, but the changes made
to resolve CVE-2021-21261 unintentionally broke this by overwriting it
with the user's XDG_RUNTIME_DIR.
In practice this worked for most people, who either have
XDG_RUNTIME_DIR set to the same value we use (which is the conventional
setup from systemd-logind and elogind), or entirely unset (if they do not
have systemd-logind or elogind). However, it broke Wayland and other
XDG_RUNTIME_DIR-based protocols for people who intentionally set up an
XDG_RUNTIME_DIR that is different.
Fixes: 6d1773d2 "run: Convert all environment variables into bwrap arguments"
Resolves: https://github.com/flatpak/flatpak/issues/4372
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
|
|
|
|
|
|
|
|
|
|
| |
We enforce --no-update-summary when we create test apps and
runtimes, and then we ensure we always manually call update_repo
after all modifications are done.
This means we save work avoiding summary updates, but it also means we
can do special handling in update_summary and guarantee that this is
the only place this happens. For example, we want this to work around
the mtime handling of summary updates.
|
|
|
|
| |
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
|
|
|
|
|
|
|
| |
If available, always read-only bind-mount /etc/os-release as
/run/host/os-release (or /usr/lib/os-release as fallback)
as suggested by the os-release specification:
https://www.freedesktop.org/software/systemd/man/os-release.html
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We're using the metadata from the summary, ostree-metadata or available
commit when making security sensitive decisions, so lets verify this
matches what we get in the actual commit we pulled.
We already did check that this then actually also matches what gets deployed,
so the new check shares code with that.
Note, we don't do this for OCI installs, because it seems the current
fedora flatpaks don't have this set, and we don't want to break
existing remotes.
|
|
|
|
|
|
| |
This allows us to print some separators for the logs also.
tests: Convert more tests to ok helper
|
|
|
|
|
|
| |
2ebf67286660f5111baac379fd44a401f57b40bb introduced special handling to
mark exported GNOME Shell search provider .ini files as disabled by
default. This functionality was not previously tested.
|
|
|
|
|
|
| |
This allows you to ensure that a particular app/runtime is installed
and with the latest version in a single operation, which is useful
for instance in automatic use, like CI systems.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On some systems we can't make use of FUSE, especially on the same
locked-down systems where distribution packages are typically built.
For example, official Debian autobuilders (buildds) are configured to
disallow module loading after boot has finished as a form of security
hardening, some build chroots don't have a valid /etc/mtab, and Docker
containers give us uid 0 but not CAP_SYS_ADMIN.
These checks are taken from libostree.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Closes: #2824
Approved by: matthiasclasen
|
|
|
|
|
|
|
|
|
| |
When installing via the child repo we now strip the permissions early
so the import will fail instead of import and then canonicalize.
Either is ok, as nothing should be non-canonical in real life.
Closes: #2657
Approved by: alexlarsson
|
|
|
|
|
|
|
|
| |
Don't match any character in a regular expression when we only want to
match a period.
Closes: #2803
Approved by: matthiasclasen
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently when the user doesn't specify a branch to the run command, for
apps it will use the current branch and for runtimes it just tries to
use "master" and fails if that doesn't work. Since runtimes don't have
current branches, it would be nice if we could determine the right one
to use rather than just erroring out. So this commit changes the
implementation so that it looks at each installed runtime and if only
one matches it is used. If there's more than one match the user is
prompted to choose. This is the first interactivity added to the run
command but I don't think that's an issue; any time it's run in a
non-interactive shell it will error out upon encountering ambiguity.
Also, add a couple unit tests for the success path and error paths.
Fixes https://github.com/flatpak/flatpak/issues/2780
Closes: #2788
Approved by: matthiasclasen
|
|
|
|
|
|
|
|
|
|
| |
This commit makes it so that a unit test can create the test app and
runtime using a branch other than master, and changes test-run.sh to use
the branch "stable". This will allow the run command to be tested better
in the following commit.
Closes: #2788
Approved by: matthiasclasen
|
|
|
|
|
|
|
|
|
| |
These tests failed on other architectures.
Signed-off-by: Simon McVittie <smcv@debian.org>
Closes: #2353
Approved by: matthiasclasen
|
|
|
|
|
|
|
| |
This runs a few otherwise unused functions.
Closes: #2252
Approved by: matthiasclasen
|
|
|
|
|
|
| |
I had a report of (and old version of) flatpak stopping
an entire "flatpak update" because one app had a new required
version. This adds a test of this (and it seems fixed now).
|
|
|
|
|
|
|
| |
We don't require these anymore
Closes: #1839
Approved by: alexlarsson
|
|
|
|
|
|
|
|
| |
This lets you see what operations will happen and you can confirm
it before starting the heavy operations.
Closes: #1797
Approved by: alexlarsson
|
|
|
|
|
|
|
|
| |
In particular the non-canonical checks were failing for me due to selinux
attributes being picked up.
Closes: #1698
Approved by: alexlarsson
|
| |
|
|
|
|
|
|
| |
This partially reverts commit a53a752a354a569b8cd4a1bb19e2cbfd837aac12.
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
|
|
|
|
|
|
| |
Since Flatpak 0.9.6, we use libostree in bare-user-only mode, which
does not rely on xattrs.
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
| |
|
|
|
|
|
|
|
|
| |
If you run "flatpak update" then we will never update to
a commit that is older than the currently installed one. This
protects against a man-in-the-middle attack that would otherwise
let the attacker downgrade to a previously signed version that
may have some vulnerability.
|
|
|
|
|
|
|
|
|
|
|
| |
This makes the ostree trivial-httpd --autoexit feature work better,
because it seems to exit whenever the root directory changes (i.e. not
only when its deleted).
This means the root dir can't be the repo (because then we can't
update the repo), or the base testdir (because we create files there
too), so instead we make the repo $testdir/repos/test and
$testdir/repos as the httpd root.
|
|
|
|
|
| |
This means that clients will refuse to install or update to your
new app if the flatpak version they are using is too old.
|
|
|
|
| |
We really want apps to be able to export e.g. HighContrast icons too.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This test effectively assumed that ${test_builddir} is in /home, /opt,
a non-FHS top level directory, or some other directory that isn't
in dont_mount_in_root[] in flatpak-run.c. In a distro build where
${libexecdir} is below /usr, when running the installed-tests
so ${test_builddir} is ${libexecdir}, this assumption doesn't hold.
We can't just copy the file we're dealing with into a subdirectory
of /tmp or /var/tmp either, because those directories aren't
part of --filesystem=host. Meanwhile, we also don't want to pollute
$HOME with test detritus.
For the best possible coverage given all those constraints, we try
three directories: ${test_builddir}; ${TEST_DATA_DIR}, which is
in /var/tmp; and ~/.flatpak-tests, but only if it already exists.
When testing --[no]filesystem=host overrides, we don't even try
${TEST_DATA_DIR}, because we know it's in /var/tmp which can only
be shared explicitly, but we do try the others.
Signed-off-by: Simon McVittie <smcv@debian.org>
|
| |
|
| |
|
|
|
|
| |
Signed-off-by: Simon McVittie <smcv@debian.org>
|
|
|
|
|
|
|
| |
Distribution autobuilders are often more locked-down than the
environment in which the distribution binaries actually run.
Signed-off-by: Simon McVittie <smcv@debian.org>
|
|
|
|
| |
Signed-off-by: Simon McVittie <smcv@debian.org>
|
| |
|
| |
|
|
|
|
| |
This means we can optionally skip it
|
| |
|
| |
|
| |
|
| |
|
| |
|