Alexander Larsson
abdbb17a72
Remove all appstream checkouts and mirrored refs when deleting remote
2016-02-18 12:54:40 +01:00
Alexander Larsson
5a7e894edd
appstream: Add runtime, sdk and tags to appstream xml
2016-02-17 16:21:20 +01:00
Alexander Larsson
c01ec3fae5
deploy: Add metadata tags to exported desktop files.
2016-02-17 15:24:30 +01:00
Alexander Larsson
be4b6b8013
helper: drop caps in launcher
...
We don't need any capabilities in the launcher when waiting for the child
to die, so drop them as early as possible.
2016-02-15 10:54:49 +01:00
Alexander Larsson
e26bf79857
Make system repo bare-user too, to avoid any chance of creating setuid bits
...
There is no real reason for the system repo to be plain "bare" anyway,
bare-user works fine for us.
2016-02-12 17:17:36 +01:00
Alexander Larsson
c0a18e38c8
Work around race when doing first initial appstream checkout.
...
Whenever we finish the first update of appstream for a remote we
touch the toplevel appstream directory. This avoids an race-like issue
where you can't put a watch on the non-existant timestamp file for
a remote before it is created.
2016-02-12 13:03:24 +01:00
Alexander Larsson
767b89cd71
Revert "When rewriting Exec lines, don't use full bindir"
...
This is not right, dbus service files need an absolute path.
This reverts commit 23cd97a919
.
2016-02-11 13:31:05 +01:00
Alexander Larsson
23cd97a919
When rewriting Exec lines, don't use full bindir
...
This breaks for instance when installing an app from inside a sandbox,
or when installing it with an out-of-tree xdg-app build that would not
necessary be used later. Instead rely on the PATH to pick up the right one.
2016-02-11 11:30:41 +01:00
Alexander Larsson
fc986d7814
helper: If stdout is a tty, mount tty as /dev/console
...
This means ttyname() works in the sandbox. We already have access
to the tty via stdin, so this will not elevate privs.
2016-02-10 14:48:56 +01:00
Alexander Larsson
0c9d1538c9
Add option to disable sandbox triggers
...
This is not something you should normally do, but the gnome-software
app needs this, as recursive sandboxes don't work.
2016-02-09 15:02:56 +01:00
Alexander Larsson
5dfc59ee02
Pass location of exports to triggers as arg1
...
This changes nothing but is a preparation for later changes
2016-02-09 14:50:35 +01:00
Alexander Larsson
51fcc6e281
install: Fix assertion on runtime install
2016-02-09 11:48:33 +01:00
Alexander Larsson
8f6e6c0dab
Make sure we export files during install
...
is_data was never set to true, so we didn't run the exports
during install.
2016-02-09 10:32:36 +01:00
Alexander Larsson
22522c2ac6
Make arches canonical
...
Mostly we just pass on the uname() machine, but for arm, x86
and mips we need some special handling.
2016-02-08 12:52:46 +01:00
Alexander Larsson
dd1e967b60
Don't export app-info files
...
Also, pick up the non-exported files when updating the appdata branch
2016-02-08 10:19:30 +01:00
Timm Bäder
fbcdb07768
app-utils: typo
2016-02-03 15:43:49 +01:00
Alexander Larsson
2d85126fc4
Add app-path to the xdg-app-info in the sandbox
...
This lets you find where the host can see your files. This is useful
for instance when you want an external app (such as a help reader) to
read your files.
2016-02-03 14:12:36 +01:00
Alexander Larsson
05f79d8d66
common: Always resolve active symlink when looking up deploy dir
2016-02-03 14:12:08 +01:00
Alexander Larsson
8144a70bd7
helper: Make ~/.local/share/xdg-app writable again (if you have homedir access)
...
This makes the gnome-software app work, and if you have homedir access
you have all sort of ways to mess up apps anyway, so this is fake security.
2016-02-01 21:39:20 +01:00
Alexander Larsson
a754db12a2
Merge pull request #106 from smcv/symbol-hiding
...
Hide non-public symbols from libglnx and libxdgapp-common
2016-01-29 09:01:37 +01:00
Alexander Larsson
4ac5befb7f
Support a proxy on the system bus similar to the one on the session bus
2016-01-29 08:50:11 +01:00
Simon McVittie
73b0adfe0a
Hide non-public symbols from libglnx and libxdgapp-common
...
This avoids exporting glnx_*, calc_sizes(), etc. However, we do want to
export xdg_app_error_quark(), so do that.
Signed-off-by: Simon McVittie <smcv@debian.org>
2016-01-28 23:43:30 +01:00
Alexander Larsson
a12bb89c9c
utils: Fix nul termination of xdg_app_spawn output
...
The terminating zero byte was written after the output stream
was closed, so it never got added to the string.
2016-01-28 16:20:59 +01:00
Alexander Larsson
96d9204f86
helper: Update the error messages to not refer to --disable-userns
2016-01-28 14:38:59 +01:00
Alexander Larsson
225c359128
Fix include order to build with older libsoup versions
2016-01-28 14:35:46 +01:00
Alexander Larsson
a741ba418f
Finish the optional xauth work
2016-01-28 14:34:22 +01:00
Alexander Larsson
927e3cab48
Make xauth use optional
...
This is not needed on some Xservers, and not if you're only building stuff.
So, lets make it optional.
2016-01-28 12:01:08 +01:00
Alexander Larsson
f8d502ad19
Require some way to set cgroup for apps (currently systemd --user)
...
When the portal looks up the peer app id it needs to know whether it
can trust that the cgroup path would be set, so that it can tell
whether the app is sandboxed or trusted. We used to check if the
cgroup was session-$uid.slice, and if so it was trusted, but this
failed in the case of per-user dbus (not per-session) where
e.g. gnome-terminal would be outside the session.
Now we just fail if we can't set up a cgroup, thus whenever the cgroup
path is not right we know that the app is trusted.
2016-01-28 11:15:58 +01:00
Alexander Larsson
6349b3ffc1
helper: Make user namespace support vs setuid a runtime, not build-time option
...
We now check at runtime if we have raised privs, and only if not so do we try
to use unprivileged user namespaces. This means you can build xdg-app however,
and then setuid/setcap the binary however you want afterwards.
2016-01-28 09:43:45 +01:00
Alexander Larsson
4671149722
update-repo: Escape text when writing xml
2016-01-25 13:13:24 +01:00
Alexander Larsson
4eb7b14996
update-appstream: Fix crash in case there are no 128x128 icons
2016-01-24 21:26:40 +01:00
Alexander Larsson
a95c99270a
Move the GZlib* autoptr backport to libglnx
2016-01-22 15:30:48 +01:00
Alexander Larsson
a7b2f05a6a
dir: Properly finish OstreeAsyncProgress objects
2016-01-22 15:12:05 +01:00
Alexander Larsson
85aef6666e
XdgAppDir: Make sure we always constole end status lines that we start
2016-01-22 15:01:09 +01:00
Alexander Larsson
47fb77ec45
common: fix handling of no_chown in xdg_app_cp_a
2016-01-22 11:58:00 +01:00
Alexander Larsson
b099dc7021
common: Add xdg_app_cp_a
2016-01-22 11:43:58 +01:00
Alexander Larsson
33fba3c67e
xdg-app-utils: Add autocleanup for GZlib*
2016-01-22 10:55:01 +01:00
Alexander Larsson
64da5f5602
utils: Extract the xml helpers
2016-01-21 21:37:29 +01:00
Alexander Larsson
455d3a7b29
build-update-repo: Update the appstream using a GMarkup parser on the app-info files
2016-01-21 21:16:37 +01:00
Alexander Larsson
8da9d592ba
appstream: Add timestamp which is updated each time the appstream is pulled
2016-01-20 15:14:01 +01:00
Alexander Larsson
bc892f1745
run: Use the new xdg_app_list_extensions helper
2016-01-20 14:00:49 +01:00
Alexander Larsson
d959ed016c
common: Add xdg_app_list_extensions util
2016-01-20 14:00:49 +01:00
Alexander Larsson
c6df1665a6
appstream: Don't try to remove old appstream if it doesn't exist
2016-01-19 22:05:16 +01:00
Alexander Larsson
0b8515ac07
update-appstream: Don't fail badly if remote has not appstream branch
2016-01-19 21:58:44 +01:00
Alexander Larsson
2bede34952
lib: Add getter for installed size on InstalledRef
2016-01-19 15:05:06 +01:00
Alexander Larsson
071561637a
Remove unused variables
2016-01-19 12:37:51 +01:00
Alexander Larsson
24ec8445a3
override: Fix error if override file doesn't already exist
2016-01-19 12:09:54 +01:00
Alexander Larsson
6e204a4d2e
Add support to gpg sign summaries and appstream
2016-01-18 21:36:57 +01:00
Alexander Larsson
de7e19e40f
The plural of appdata is appstream
2016-01-18 21:06:42 +01:00
Alexander Larsson
d114069b8a
XdgAppDir: Document some args to xdg_app_dir_fetch_sizes
2016-01-15 16:06:26 +01:00