Alexander Larsson
8d4393a7aa
build-update: Add installed/download size and metadata cache to summary
2016-04-14 13:53:24 +02:00
Alexander Larsson
3187c0c142
appstream: Don't create new commit for unchanged appstream branch
2016-04-14 11:57:13 +02:00
Alexander Larsson
9ba4030564
Fix crash
2016-04-12 16:19:31 +02:00
Alexander Larsson
ba0363bd2a
Handle empty subpaths
2016-04-12 16:17:58 +02:00
Alexander Larsson
3cc45ccf13
Add support for subpath limited installs
...
This allows you to install e.g. org.freedesktop.Platform.Locale
but only the /sv subdir, and replaces using separate branches for
each locale.
2016-04-07 20:36:53 +02:00
Alexander Larsson
4beaa990c2
Don't ostree pull while deploying
...
This makes no sense, callers should be calling xdg_app_dir_pull() before
2016-04-06 16:57:31 +02:00
Alexander Larsson
33e09be5c9
helper: Use 64bit capset/capget versions
...
This fixed kernel warnings about 32bit capabilities APIs on some distros.
2016-03-30 10:23:07 +02:00
Alexander Larsson
762d1a6295
seccomp: Allow running the target arch
...
This adds the app target arch to the list of the allowed arches
in seccomp. It also allows the native arch, because otherwise
xdg-app-helper can't run.
This means that if your userspace (i.e. xdg-app-helper) is built in
64bit mode, then 64bit apps can't run 32bit apps. However, if you're
running a 32bit app it is allowed to run both 32bit and 64bit apps.
Not ideal, but at least the common case is safer.
2016-03-24 21:04:01 +01:00
Alexander Larsson
c25786ffa1
seccomp: Always try to do the socket filtering, but don't fail if not supported
...
This is better than guessing if it will work before.
However, we need to add the rule with _rule_add_exact, or it can try
to do something else which breaks the app.
2016-03-24 21:04:01 +01:00
Alexander Larsson
5ce0184cc7
Support endianness markers in bundle files
2016-03-24 11:04:23 +01:00
Giovanni Campagna
b4de1f15a7
Extract icons for all appstream components
...
Not just the one with the name exactly matching the app id
2016-03-21 19:07:36 -07:00
Alexander Larsson
1b1e8c26a2
Prefer non-subdir extensions over subdir ones.
...
This allows us to have e.g. org.*.Locale that contains *all* the locales.
2016-03-21 16:37:51 +01:00
Alexander Larsson
f031650e2d
Don't unnecessarily grow the buffer when loading files.
2016-03-14 16:21:55 +01:00
Alexander Larsson
56f0ffcb2b
Avoid warning about refing null GVariant
2016-03-14 14:26:05 +01:00
Alexander Larsson
2f01bb3aaa
Don't enumerate noenumerate remotes
2016-03-14 09:51:36 +01:00
Alexander Larsson
765c0af2fe
Ensure that the .ref file is always replaced
...
We need a unique inode in the deploy dir, if it is hardlinked the file
lock will be shared.
2016-03-02 11:03:51 +01:00
Thibault Saunier
8aa1effe26
Force /bin/sh as a shell
...
https://bugs.freedesktop.org/show_bug.cgi?id=94333
2016-03-02 09:50:41 +01:00
Alexander Larsson
26c2bb1b81
lib: Add xdg_app_bundle_ref_get_installed_size()
2016-02-25 21:34:44 +01:00
Alexander Larsson
ef14c9f8db
common: Add and use xdg_app_appstream_xml_root_to_data
2016-02-25 19:38:08 +01:00
Alexander Larsson
7ac2722800
common: Add xdg_app_read_stream helper
2016-02-25 19:34:04 +01:00
Alexander Larsson
73defceec6
common: Break out xml appstream rewriting to helper functions
2016-02-25 18:26:40 +01:00
Alexander Larsson
c84ebe0440
Support --filesystem=xdg-run/foo
2016-02-25 17:11:37 +01:00
Alexander Larsson
26cd90e100
Allow specifying subdir of xdg dir, like: --filesytem=xdg-download/subdir
2016-02-25 16:51:45 +01:00
Alexander Larsson
6c5e1a8a92
Fix some compiler warning (unused vars)
2016-02-25 16:09:49 +01:00
Alexander Larsson
382ae396b3
lib: Add xdg_app_installation_install_bundle
2016-02-25 16:05:13 +01:00
Alexander Larsson
eadb10cba7
common: Move part of bundle install to helper functions
2016-02-25 11:31:22 +01:00
Alexander Larsson
cbf3d25440
Remove unused variable
2016-02-24 14:33:00 +01:00
Alexander Larsson
4c6a05aba1
common: Break out bundle loader to helper utility
2016-02-24 14:16:52 +01:00
Alexander Larsson
c071916ac8
Make /run/build and /run/build-runtime symlinks to the right place
2016-02-23 14:13:58 +01:00
Alexander Larsson
1e83b2c021
Fix xml printing of nodes with no children
2016-02-19 14:57:53 +01:00
Alexander Larsson
593bca9fb9
When deploying, always make /etc/resolve.conf a symlink into the monitor dir
...
This way we can use the deployed etc dir instead of having to create
our own.
2016-02-19 11:31:18 +01:00
Alexander Larsson
01bfb2e996
helper: Put monitor path in /run/host instead of /run/user/$uid
...
This means we can always find it in a fixed place, and thus we can
have a static symlink pointing to this.
2016-02-19 11:24:32 +01:00
Alexander Larsson
eb2edc578a
Fix use after free
2016-02-19 09:48:18 +01:00
Alexander Larsson
d62a731cd4
Always create /etc/passwd,group,resolve.conf,machine-id when deploying
...
This means we can rely on these and bind-mount on top of them when
running.
2016-02-18 22:43:14 +01:00
Alexander Larsson
6428fcce45
common: Add XDG_APP_CP_FLAGS_MOVE support
2016-02-18 17:31:43 +01:00
Alexander Larsson
abdbb17a72
Remove all appstream checkouts and mirrored refs when deleting remote
2016-02-18 12:54:40 +01:00
Alexander Larsson
5a7e894edd
appstream: Add runtime, sdk and tags to appstream xml
2016-02-17 16:21:20 +01:00
Alexander Larsson
c01ec3fae5
deploy: Add metadata tags to exported desktop files.
2016-02-17 15:24:30 +01:00
Alexander Larsson
be4b6b8013
helper: drop caps in launcher
...
We don't need any capabilities in the launcher when waiting for the child
to die, so drop them as early as possible.
2016-02-15 10:54:49 +01:00
Alexander Larsson
e26bf79857
Make system repo bare-user too, to avoid any chance of creating setuid bits
...
There is no real reason for the system repo to be plain "bare" anyway,
bare-user works fine for us.
2016-02-12 17:17:36 +01:00
Alexander Larsson
c0a18e38c8
Work around race when doing first initial appstream checkout.
...
Whenever we finish the first update of appstream for a remote we
touch the toplevel appstream directory. This avoids an race-like issue
where you can't put a watch on the non-existant timestamp file for
a remote before it is created.
2016-02-12 13:03:24 +01:00
Alexander Larsson
767b89cd71
Revert "When rewriting Exec lines, don't use full bindir"
...
This is not right, dbus service files need an absolute path.
This reverts commit 23cd97a919
.
2016-02-11 13:31:05 +01:00
Alexander Larsson
23cd97a919
When rewriting Exec lines, don't use full bindir
...
This breaks for instance when installing an app from inside a sandbox,
or when installing it with an out-of-tree xdg-app build that would not
necessary be used later. Instead rely on the PATH to pick up the right one.
2016-02-11 11:30:41 +01:00
Alexander Larsson
fc986d7814
helper: If stdout is a tty, mount tty as /dev/console
...
This means ttyname() works in the sandbox. We already have access
to the tty via stdin, so this will not elevate privs.
2016-02-10 14:48:56 +01:00
Alexander Larsson
0c9d1538c9
Add option to disable sandbox triggers
...
This is not something you should normally do, but the gnome-software
app needs this, as recursive sandboxes don't work.
2016-02-09 15:02:56 +01:00
Alexander Larsson
5dfc59ee02
Pass location of exports to triggers as arg1
...
This changes nothing but is a preparation for later changes
2016-02-09 14:50:35 +01:00
Alexander Larsson
51fcc6e281
install: Fix assertion on runtime install
2016-02-09 11:48:33 +01:00
Alexander Larsson
8f6e6c0dab
Make sure we export files during install
...
is_data was never set to true, so we didn't run the exports
during install.
2016-02-09 10:32:36 +01:00
Alexander Larsson
22522c2ac6
Make arches canonical
...
Mostly we just pass on the uname() machine, but for arm, x86
and mips we need some special handling.
2016-02-08 12:52:46 +01:00
Alexander Larsson
dd1e967b60
Don't export app-info files
...
Also, pick up the non-exported files when updating the appdata branch
2016-02-08 10:19:30 +01:00
Timm Bäder
fbcdb07768
app-utils: typo
2016-02-03 15:43:49 +01:00
Alexander Larsson
2d85126fc4
Add app-path to the xdg-app-info in the sandbox
...
This lets you find where the host can see your files. This is useful
for instance when you want an external app (such as a help reader) to
read your files.
2016-02-03 14:12:36 +01:00
Alexander Larsson
05f79d8d66
common: Always resolve active symlink when looking up deploy dir
2016-02-03 14:12:08 +01:00
Alexander Larsson
8144a70bd7
helper: Make ~/.local/share/xdg-app writable again (if you have homedir access)
...
This makes the gnome-software app work, and if you have homedir access
you have all sort of ways to mess up apps anyway, so this is fake security.
2016-02-01 21:39:20 +01:00
Alexander Larsson
a754db12a2
Merge pull request #106 from smcv/symbol-hiding
...
Hide non-public symbols from libglnx and libxdgapp-common
2016-01-29 09:01:37 +01:00
Alexander Larsson
4ac5befb7f
Support a proxy on the system bus similar to the one on the session bus
2016-01-29 08:50:11 +01:00
Simon McVittie
73b0adfe0a
Hide non-public symbols from libglnx and libxdgapp-common
...
This avoids exporting glnx_*, calc_sizes(), etc. However, we do want to
export xdg_app_error_quark(), so do that.
Signed-off-by: Simon McVittie <smcv@debian.org>
2016-01-28 23:43:30 +01:00
Alexander Larsson
a12bb89c9c
utils: Fix nul termination of xdg_app_spawn output
...
The terminating zero byte was written after the output stream
was closed, so it never got added to the string.
2016-01-28 16:20:59 +01:00
Alexander Larsson
96d9204f86
helper: Update the error messages to not refer to --disable-userns
2016-01-28 14:38:59 +01:00
Alexander Larsson
225c359128
Fix include order to build with older libsoup versions
2016-01-28 14:35:46 +01:00
Alexander Larsson
a741ba418f
Finish the optional xauth work
2016-01-28 14:34:22 +01:00
Alexander Larsson
927e3cab48
Make xauth use optional
...
This is not needed on some Xservers, and not if you're only building stuff.
So, lets make it optional.
2016-01-28 12:01:08 +01:00
Alexander Larsson
f8d502ad19
Require some way to set cgroup for apps (currently systemd --user)
...
When the portal looks up the peer app id it needs to know whether it
can trust that the cgroup path would be set, so that it can tell
whether the app is sandboxed or trusted. We used to check if the
cgroup was session-$uid.slice, and if so it was trusted, but this
failed in the case of per-user dbus (not per-session) where
e.g. gnome-terminal would be outside the session.
Now we just fail if we can't set up a cgroup, thus whenever the cgroup
path is not right we know that the app is trusted.
2016-01-28 11:15:58 +01:00
Alexander Larsson
6349b3ffc1
helper: Make user namespace support vs setuid a runtime, not build-time option
...
We now check at runtime if we have raised privs, and only if not so do we try
to use unprivileged user namespaces. This means you can build xdg-app however,
and then setuid/setcap the binary however you want afterwards.
2016-01-28 09:43:45 +01:00
Alexander Larsson
4671149722
update-repo: Escape text when writing xml
2016-01-25 13:13:24 +01:00
Alexander Larsson
4eb7b14996
update-appstream: Fix crash in case there are no 128x128 icons
2016-01-24 21:26:40 +01:00
Alexander Larsson
a95c99270a
Move the GZlib* autoptr backport to libglnx
2016-01-22 15:30:48 +01:00
Alexander Larsson
a7b2f05a6a
dir: Properly finish OstreeAsyncProgress objects
2016-01-22 15:12:05 +01:00
Alexander Larsson
85aef6666e
XdgAppDir: Make sure we always constole end status lines that we start
2016-01-22 15:01:09 +01:00
Alexander Larsson
47fb77ec45
common: fix handling of no_chown in xdg_app_cp_a
2016-01-22 11:58:00 +01:00
Alexander Larsson
b099dc7021
common: Add xdg_app_cp_a
2016-01-22 11:43:58 +01:00
Alexander Larsson
33fba3c67e
xdg-app-utils: Add autocleanup for GZlib*
2016-01-22 10:55:01 +01:00
Alexander Larsson
64da5f5602
utils: Extract the xml helpers
2016-01-21 21:37:29 +01:00
Alexander Larsson
455d3a7b29
build-update-repo: Update the appstream using a GMarkup parser on the app-info files
2016-01-21 21:16:37 +01:00
Alexander Larsson
8da9d592ba
appstream: Add timestamp which is updated each time the appstream is pulled
2016-01-20 15:14:01 +01:00
Alexander Larsson
bc892f1745
run: Use the new xdg_app_list_extensions helper
2016-01-20 14:00:49 +01:00
Alexander Larsson
d959ed016c
common: Add xdg_app_list_extensions util
2016-01-20 14:00:49 +01:00
Alexander Larsson
c6df1665a6
appstream: Don't try to remove old appstream if it doesn't exist
2016-01-19 22:05:16 +01:00
Alexander Larsson
0b8515ac07
update-appstream: Don't fail badly if remote has not appstream branch
2016-01-19 21:58:44 +01:00
Alexander Larsson
2bede34952
lib: Add getter for installed size on InstalledRef
2016-01-19 15:05:06 +01:00
Alexander Larsson
071561637a
Remove unused variables
2016-01-19 12:37:51 +01:00
Alexander Larsson
24ec8445a3
override: Fix error if override file doesn't already exist
2016-01-19 12:09:54 +01:00
Alexander Larsson
6e204a4d2e
Add support to gpg sign summaries and appstream
2016-01-18 21:36:57 +01:00
Alexander Larsson
de7e19e40f
The plural of appdata is appstream
2016-01-18 21:06:42 +01:00
Alexander Larsson
d114069b8a
XdgAppDir: Document some args to xdg_app_dir_fetch_sizes
2016-01-15 16:06:26 +01:00
Alexander Larsson
51e9fa2b8d
build-update-repo: Add --appdata update option
2016-01-15 15:59:22 +01:00
Alexander Larsson
cd2c5af974
build-repo-update: Update appdata branch using appdata-builder
2016-01-15 14:39:11 +01:00
Alexander Larsson
a79ea2e890
common: Add XdgAppTempDir which cleans up temporary directories
2016-01-15 12:04:46 +01:00
Alexander Larsson
cb971722fe
Better handling of the title in the summary
...
Now we store the title in the repo config and re-apply it every time
we regenerate the summary.
2016-01-14 21:26:51 +01:00
Alexander Larsson
839c5ca885
XdgAppDir: Add helper to fetch the size info for a commit
2016-01-14 16:45:28 +01:00
Alexander Larsson
f7a1fdaa99
xdg-app: Deprecate install/update/uninstall-app/runtime
...
We just have install/updata/uninstall and have --app and --runtime
options if you really want to specify the type. Otherwise we just
automatically chose the right thing.
2016-01-13 15:34:08 +01:00
Alexander Larsson
a241610793
helper: Align help output
2016-01-12 11:21:14 +01:00
Alexander Larsson
5c578946bf
helper: Allow specifying initial cwd
2016-01-12 10:39:03 +01:00
Alexander Larsson
b60e81271e
helper: Add missing arguments to usage output
2016-01-12 10:33:43 +01:00
Alexander Larsson
1934562ca2
run: Be more flexible with --runtime option, and add --runtime-version
...
This makes it easier to experiment with running an app with a
different runtime.
2016-01-12 09:57:20 +01:00
Alexander Larsson
5a905d913c
helper: Print nicer error messages when user namespaces don't work.
2016-01-12 09:33:55 +01:00
Alexander Larsson
e2b347ba76
run: Fix support for app extensions
2016-01-11 15:34:54 +01:00
Alexander Larsson
b4fbb84f0a
common: Move path_match_prefix to common
2016-01-11 13:56:07 +01:00
Alexander Larsson
6ddee9905b
build-export: Add --runtime commit support
2015-12-21 15:38:42 +01:00
Alexander Larsson
d99c4f6568
XdgAppDir: Remove leftover spew
2015-12-21 13:21:01 +01:00