This mirrors the one for flatpak.git. There are bits of the
flatpak-builder code which are P2P-specific and which couldn’t be
enabled before.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Closes: #68
Approved by: alexlarsson
This lets you modify the project_license field in the appdata file.
This is useful because appdata files from upstream generally only
contain license information for the app itself, whereas the
bundled app may contain other code with additional licenses.
Closes: #41
Approved by: alexlarsson
A series of following commits will introduce a peer to peer feature for
pulling apps and runtimes from LAN peers and USB sticks without needing
an internet connection. This requires experimental API in libostree
(which needs to have been configured with --enable-experimental-api), so
needs to be hidden behind a configure option in flatpak too. It’s called
--enable-p2p, and bumps our libostree dependency to 2017.8 with
experimental API required too.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
This includes a change in how ostree reports missing gpg signatures
which makes the test-suite pass. Additionally that change requires
us to change how we detect such missing gpg signatures in one place.
We could try to support both versions, but the easiest fix is to just
require the latest ostree.
This uses the new libostree APIs that landed recently to ensure
that we reject any files with mode outside of `0775` for system
helper pulls, and we also mask directory modes during checkout.
However, this does *not* fix up any already downloaded content.
For that, one could uninstall/reinstall; or a future patch could
do a one-time fixup pass.
Note that I am not aware of a way for flatpak applications to escalate their
privileges directly with this flaw; the bubblewrap `PR_SET_NO_NEW_PRIVS` turns
of setuid. However, in combination with code execution on the host via another
mechanism (e.g. unsandboxed app), a setuid app injected could be used to gain
full host privileges.
At this time we're not aware of any flatpak content exploiting this issue.
Closes: https://github.com/flatpak/flatpak/issues/845
This allows us to rely on the new BARE_USER_ONLY mode, as
well as the fixes to progress reporting. Also, it has a lot
of bugfixes that are nice. If you need an old ostree you can
run the old flatpak series.
We only allow globs, not magic matches, and we drop the glob
priority to a very low level (weight=5) which means that its
hard for app-installed mimetypes to override the system installed
ones. That should make exporting mimetypes pretty safe.
gpgme is built with large file support by default, and checks that
its ABI (size of off_t) matches the ABI expected by library users
like flatpak. This caused build failures on Debian i386 and powerpc.
Signed-off-by: Simon McVittie <smcv@debian.org>
In ostree I maintain what I consider a "baseline" set of compiler
warnings that should *always* be fatal for a modern C project.
I noticed while working on a previous patch that a `-Werror=format`
warning wasn't fatal.
There are a few that are really, really important like
`-Werror=missing-prototypes`. I also take some like `-Werror=misleading-indentation`
which already caught some bugs. See also https://lwn.net/Articles/678019/
This is required for e.g. G_DECLARE_FINAL_TYPE, and most current
distros have this now.
This fixes https://github.com/flatpak/flatpak/issues/622
For distributions that want to build against older glib, see
the issue above, it has patches to make that work.