forked from Mirrors/flatpak-builder
864 lines
26 KiB
C
864 lines
26 KiB
C
#include "config.h"
|
|
|
|
#include <locale.h>
|
|
#include <stdlib.h>
|
|
#include <string.h>
|
|
#include <sys/stat.h>
|
|
#include <sys/types.h>
|
|
#include <unistd.h>
|
|
#include <fcntl.h>
|
|
#include <errno.h>
|
|
|
|
#include <gio/gio.h>
|
|
#include <gio/gunixfdlist.h>
|
|
#include "xdp-dbus.h"
|
|
#include "xdp-util.h"
|
|
#include "flatpak-db.h"
|
|
#include "flatpak-dbus.h"
|
|
#include "flatpak-utils.h"
|
|
#include "flatpak-portal-error.h"
|
|
#include "xdp-fuse.h"
|
|
|
|
#include <sys/eventfd.h>
|
|
|
|
#define TABLE_NAME "documents"
|
|
|
|
typedef struct
|
|
{
|
|
char *doc_id;
|
|
int fd;
|
|
char *owner;
|
|
guint flags;
|
|
|
|
GDBusMethodInvocation *finish_invocation;
|
|
} XdpDocUpdate;
|
|
|
|
|
|
static GMainLoop *loop = NULL;
|
|
static FlatpakDb *db = NULL;
|
|
static FlatpakPermissionStore *permission_store;
|
|
static int daemon_event_fd = -1;
|
|
static int final_exit_status = 0;
|
|
static dev_t fuse_dev = 0;
|
|
|
|
G_LOCK_DEFINE (db);
|
|
|
|
char **
|
|
xdp_list_apps (void)
|
|
{
|
|
AUTOLOCK (db);
|
|
return flatpak_db_list_apps (db);
|
|
}
|
|
|
|
char **
|
|
xdp_list_docs (void)
|
|
{
|
|
AUTOLOCK (db);
|
|
return flatpak_db_list_ids (db);
|
|
}
|
|
|
|
FlatpakDbEntry *
|
|
xdp_lookup_doc (const char *doc_id)
|
|
{
|
|
AUTOLOCK (db);
|
|
return flatpak_db_lookup (db, doc_id);
|
|
}
|
|
|
|
static gboolean
|
|
persist_entry (FlatpakDbEntry *entry)
|
|
{
|
|
guint32 flags = xdp_entry_get_flags (entry);
|
|
|
|
return (flags & XDP_ENTRY_FLAG_TRANSIENT) == 0;
|
|
}
|
|
|
|
static void
|
|
do_set_permissions (FlatpakDbEntry *entry,
|
|
const char *doc_id,
|
|
const char *app_id,
|
|
XdpPermissionFlags perms)
|
|
{
|
|
g_autofree const char **perms_s = xdg_unparse_permissions (perms);
|
|
|
|
g_autoptr(FlatpakDbEntry) new_entry = NULL;
|
|
|
|
g_debug ("set_permissions %s %s %x", doc_id, app_id, perms);
|
|
|
|
new_entry = flatpak_db_entry_set_app_permissions (entry, app_id, perms_s);
|
|
flatpak_db_set_entry (db, doc_id, new_entry);
|
|
|
|
if (persist_entry (new_entry))
|
|
{
|
|
flatpak_permission_store_call_set_permission (permission_store,
|
|
TABLE_NAME,
|
|
FALSE,
|
|
doc_id,
|
|
app_id,
|
|
perms_s,
|
|
NULL,
|
|
NULL, NULL);
|
|
}
|
|
}
|
|
|
|
static void
|
|
portal_grant_permissions (GDBusMethodInvocation *invocation,
|
|
GVariant *parameters,
|
|
const char *app_id)
|
|
{
|
|
const char *target_app_id;
|
|
const char *id;
|
|
g_autofree const char **permissions = NULL;
|
|
XdpPermissionFlags perms;
|
|
|
|
g_autoptr(FlatpakDbEntry) entry = NULL;
|
|
|
|
g_variant_get (parameters, "(&s&s^a&s)", &id, &target_app_id, &permissions);
|
|
|
|
{
|
|
AUTOLOCK (db);
|
|
|
|
entry = flatpak_db_lookup (db, id);
|
|
if (entry == NULL)
|
|
{
|
|
g_dbus_method_invocation_return_error (invocation, FLATPAK_PORTAL_ERROR, FLATPAK_PORTAL_ERROR_NOT_FOUND,
|
|
"No such document: %s", id);
|
|
return;
|
|
}
|
|
|
|
if (!flatpak_is_valid_name (target_app_id))
|
|
{
|
|
g_dbus_method_invocation_return_error (invocation, FLATPAK_PORTAL_ERROR, FLATPAK_PORTAL_ERROR_INVALID_ARGUMENT,
|
|
"Invalid app name: %s", target_app_id);
|
|
return;
|
|
}
|
|
|
|
perms = xdp_parse_permissions (permissions);
|
|
|
|
/* Must have grant-permissions and all the newly granted permissions */
|
|
if (!xdp_entry_has_permissions (entry, app_id,
|
|
XDP_PERMISSION_FLAGS_GRANT_PERMISSIONS | perms))
|
|
{
|
|
g_dbus_method_invocation_return_error (invocation, FLATPAK_PORTAL_ERROR, FLATPAK_PORTAL_ERROR_NOT_ALLOWED,
|
|
"Not enough permissions");
|
|
return;
|
|
}
|
|
|
|
do_set_permissions (entry, id, target_app_id,
|
|
perms | xdp_entry_get_permissions (entry, target_app_id));
|
|
}
|
|
|
|
/* Invalidate with lock dropped to avoid deadlock */
|
|
xdp_fuse_invalidate_doc_app (id, target_app_id);
|
|
|
|
g_dbus_method_invocation_return_value (invocation, g_variant_new ("()"));
|
|
}
|
|
|
|
static void
|
|
portal_revoke_permissions (GDBusMethodInvocation *invocation,
|
|
GVariant *parameters,
|
|
const char *app_id)
|
|
{
|
|
const char *target_app_id;
|
|
const char *id;
|
|
g_autofree const char **permissions = NULL;
|
|
|
|
g_autoptr(FlatpakDbEntry) entry = NULL;
|
|
XdpPermissionFlags perms;
|
|
|
|
g_variant_get (parameters, "(&s&s^a&s)", &id, &target_app_id, &permissions);
|
|
|
|
{
|
|
AUTOLOCK (db);
|
|
|
|
entry = flatpak_db_lookup (db, id);
|
|
if (entry == NULL)
|
|
{
|
|
g_dbus_method_invocation_return_error (invocation, FLATPAK_PORTAL_ERROR, FLATPAK_PORTAL_ERROR_NOT_FOUND,
|
|
"No such document: %s", id);
|
|
return;
|
|
}
|
|
|
|
if (!flatpak_is_valid_name (target_app_id))
|
|
{
|
|
g_dbus_method_invocation_return_error (invocation, FLATPAK_PORTAL_ERROR, FLATPAK_PORTAL_ERROR_INVALID_ARGUMENT,
|
|
"Invalid app name: %s", target_app_id);
|
|
return;
|
|
}
|
|
|
|
perms = xdp_parse_permissions (permissions);
|
|
|
|
/* Must have grant-permissions, or be itself */
|
|
if (!xdp_entry_has_permissions (entry, app_id,
|
|
XDP_PERMISSION_FLAGS_GRANT_PERMISSIONS) ||
|
|
strcmp (app_id, target_app_id) == 0)
|
|
{
|
|
g_dbus_method_invocation_return_error (invocation, FLATPAK_PORTAL_ERROR, FLATPAK_PORTAL_ERROR_NOT_ALLOWED,
|
|
"Not enough permissions");
|
|
return;
|
|
}
|
|
|
|
do_set_permissions (entry, id, target_app_id,
|
|
~perms & xdp_entry_get_permissions (entry, target_app_id));
|
|
}
|
|
|
|
/* Invalidate with lock dropped to avoid deadlock */
|
|
xdp_fuse_invalidate_doc_app (id, target_app_id);
|
|
|
|
g_dbus_method_invocation_return_value (invocation, g_variant_new ("()"));
|
|
}
|
|
|
|
static void
|
|
portal_delete (GDBusMethodInvocation *invocation,
|
|
GVariant *parameters,
|
|
const char *app_id)
|
|
{
|
|
const char *id;
|
|
|
|
g_autoptr(FlatpakDbEntry) entry = NULL;
|
|
g_autofree const char **old_apps = NULL;
|
|
int i;
|
|
|
|
g_variant_get (parameters, "(s)", &id);
|
|
|
|
{
|
|
AUTOLOCK (db);
|
|
|
|
entry = flatpak_db_lookup (db, id);
|
|
if (entry == NULL)
|
|
{
|
|
g_dbus_method_invocation_return_error (invocation, FLATPAK_PORTAL_ERROR, FLATPAK_PORTAL_ERROR_NOT_FOUND,
|
|
"No such document: %s", id);
|
|
return;
|
|
}
|
|
|
|
if (!xdp_entry_has_permissions (entry, app_id, XDP_PERMISSION_FLAGS_DELETE))
|
|
{
|
|
g_dbus_method_invocation_return_error (invocation, FLATPAK_PORTAL_ERROR, FLATPAK_PORTAL_ERROR_NOT_ALLOWED,
|
|
"Not enough permissions");
|
|
return;
|
|
}
|
|
|
|
g_debug ("delete %s", id);
|
|
|
|
flatpak_db_set_entry (db, id, NULL);
|
|
|
|
if (persist_entry (entry))
|
|
flatpak_permission_store_call_delete (permission_store, TABLE_NAME,
|
|
id, NULL, NULL, NULL);
|
|
}
|
|
|
|
/* All i/o is done now, so drop the lock so we can invalidate the fuse caches */
|
|
old_apps = flatpak_db_entry_list_apps (entry);
|
|
for (i = 0; old_apps[i] != NULL; i++)
|
|
xdp_fuse_invalidate_doc_app (id, old_apps[i]);
|
|
xdp_fuse_invalidate_doc_app (id, NULL);
|
|
|
|
/* Now fuse view is up-to-date, so we can return the call */
|
|
g_dbus_method_invocation_return_value (invocation, g_variant_new ("()"));
|
|
}
|
|
|
|
char *
|
|
do_create_doc (struct stat *parent_st_buf, const char *path, gboolean reuse_existing, gboolean persistent)
|
|
{
|
|
g_autoptr(GVariant) data = NULL;
|
|
g_autoptr(FlatpakDbEntry) entry = NULL;
|
|
g_auto(GStrv) ids = NULL;
|
|
char *id = NULL;
|
|
guint32 flags = 0;
|
|
|
|
if (!reuse_existing)
|
|
flags |= XDP_ENTRY_FLAG_UNIQUE;
|
|
if (!persistent)
|
|
flags |= XDP_ENTRY_FLAG_TRANSIENT;
|
|
data =
|
|
g_variant_ref_sink (g_variant_new ("(^ayttu)",
|
|
path,
|
|
(guint64) parent_st_buf->st_dev,
|
|
(guint64) parent_st_buf->st_ino,
|
|
flags));
|
|
|
|
if (reuse_existing)
|
|
{
|
|
ids = flatpak_db_list_ids_by_value (db, data);
|
|
|
|
if (ids[0] != NULL)
|
|
return g_strdup (ids[0]); /* Reuse pre-existing entry with same path */
|
|
}
|
|
|
|
while (TRUE)
|
|
{
|
|
g_autoptr(FlatpakDbEntry) existing = NULL;
|
|
|
|
g_clear_pointer (&id, g_free);
|
|
id = xdp_name_from_id ((guint32) g_random_int ());
|
|
existing = flatpak_db_lookup (db, id);
|
|
if (existing == NULL)
|
|
break;
|
|
}
|
|
|
|
g_debug ("create_doc %s", id);
|
|
|
|
entry = flatpak_db_entry_new (data);
|
|
flatpak_db_set_entry (db, id, entry);
|
|
|
|
if (persistent)
|
|
{
|
|
flatpak_permission_store_call_set (permission_store,
|
|
TABLE_NAME,
|
|
TRUE,
|
|
id,
|
|
g_variant_new_array (G_VARIANT_TYPE ("{sas}"), NULL, 0),
|
|
g_variant_new_variant (data),
|
|
NULL, NULL, NULL);
|
|
}
|
|
|
|
return id;
|
|
}
|
|
|
|
static void
|
|
portal_add (GDBusMethodInvocation *invocation,
|
|
GVariant *parameters,
|
|
const char *app_id)
|
|
{
|
|
GDBusMessage *message;
|
|
GUnixFDList *fd_list;
|
|
g_autofree char *id = NULL;
|
|
g_autofree char *proc_path = NULL;
|
|
int fd_id, fd, fds_len, fd_flags;
|
|
glnx_fd_close int dir_fd = -1;
|
|
const int *fds;
|
|
char path_buffer[PATH_MAX + 1];
|
|
ssize_t symlink_size;
|
|
struct stat st_buf, real_st_buf, real_parent_st_buf;
|
|
g_autofree char *dirname = NULL;
|
|
g_autofree char *name = NULL;
|
|
gboolean reuse_existing, persistent;
|
|
|
|
g_variant_get (parameters, "(hbb)", &fd_id, &reuse_existing, &persistent);
|
|
|
|
message = g_dbus_method_invocation_get_message (invocation);
|
|
fd_list = g_dbus_message_get_unix_fd_list (message);
|
|
|
|
fd = -1;
|
|
if (fd_list != NULL)
|
|
{
|
|
fds = g_unix_fd_list_peek_fds (fd_list, &fds_len);
|
|
if (fd_id < fds_len)
|
|
fd = fds[fd_id];
|
|
}
|
|
|
|
proc_path = g_strdup_printf ("/proc/self/fd/%d", fd);
|
|
|
|
if (fd == -1 ||
|
|
/* Must be able to get fd flags */
|
|
(fd_flags = fcntl (fd, F_GETFL)) == -1 ||
|
|
/* Must be O_PATH */
|
|
((fd_flags & O_PATH) != O_PATH) ||
|
|
/* Must not be O_NOFOLLOW (because we want the target file) */
|
|
((fd_flags & O_NOFOLLOW) == O_PATH) ||
|
|
/* Must be able to fstat */
|
|
fstat (fd, &st_buf) < 0 ||
|
|
/* Must be a regular file */
|
|
(st_buf.st_mode & S_IFMT) != S_IFREG ||
|
|
/* Must be able to read path from /proc/self/fd */
|
|
/* This is an absolute and (at least at open time) symlink-expanded path */
|
|
(symlink_size = readlink (proc_path, path_buffer, sizeof (path_buffer) - 1)) < 0)
|
|
{
|
|
g_dbus_method_invocation_return_error (invocation,
|
|
FLATPAK_PORTAL_ERROR, FLATPAK_PORTAL_ERROR_INVALID_ARGUMENT,
|
|
"Invalid fd passed");
|
|
return;
|
|
}
|
|
|
|
path_buffer[symlink_size] = 0;
|
|
|
|
/* We open the parent directory and do the stat in that, so that we have
|
|
trustworthy parent dev/ino for later verification. Otherwise the caller
|
|
could later replace a parent with a symlink and make us read some other file */
|
|
dirname = g_path_get_dirname (path_buffer);
|
|
name = g_path_get_basename (path_buffer);
|
|
dir_fd = open (dirname, O_CLOEXEC | O_PATH);
|
|
|
|
if (fstat (dir_fd, &real_parent_st_buf) < 0 ||
|
|
fstatat (dir_fd, name, &real_st_buf, AT_SYMLINK_NOFOLLOW) < 0 ||
|
|
st_buf.st_dev != real_st_buf.st_dev ||
|
|
st_buf.st_ino != real_st_buf.st_ino)
|
|
{
|
|
/* Don't leak any info about real file path existance, etc */
|
|
g_dbus_method_invocation_return_error (invocation,
|
|
FLATPAK_PORTAL_ERROR, FLATPAK_PORTAL_ERROR_INVALID_ARGUMENT,
|
|
"Invalid fd passed");
|
|
return;
|
|
}
|
|
|
|
g_debug ("portal_add %s", path_buffer);
|
|
|
|
if (st_buf.st_dev == fuse_dev)
|
|
{
|
|
/* The passed in fd is on the fuse filesystem itself */
|
|
g_autoptr(FlatpakDbEntry) old_entry = NULL;
|
|
|
|
id = xdp_fuse_lookup_id_for_inode (st_buf.st_ino);
|
|
g_debug ("path on fuse, id %s", id);
|
|
if (id == NULL)
|
|
{
|
|
g_dbus_method_invocation_return_error (invocation,
|
|
FLATPAK_PORTAL_ERROR, FLATPAK_PORTAL_ERROR_INVALID_ARGUMENT,
|
|
"Invalid fd passed");
|
|
return;
|
|
}
|
|
|
|
/* Don't lock the db before doing the fuse call above, because it takes takes a lock
|
|
that can block something calling back, causing a deadlock on the db lock */
|
|
|
|
AUTOLOCK (db);
|
|
|
|
/* If the entry doesn't exist anymore, fail. Also fail if not
|
|
resuse_existing, because otherwise the user could use this to
|
|
get a copy with permissions and thus escape later permission
|
|
revocations */
|
|
old_entry = flatpak_db_lookup (db, id);
|
|
if (old_entry == NULL ||
|
|
!reuse_existing)
|
|
{
|
|
g_dbus_method_invocation_return_error (invocation,
|
|
FLATPAK_PORTAL_ERROR, FLATPAK_PORTAL_ERROR_INVALID_ARGUMENT,
|
|
"Invalid fd passed");
|
|
return;
|
|
}
|
|
}
|
|
else
|
|
{
|
|
{
|
|
AUTOLOCK (db);
|
|
|
|
id = do_create_doc (&real_parent_st_buf, path_buffer, reuse_existing, persistent);
|
|
|
|
if (app_id[0] != '\0')
|
|
{
|
|
g_autoptr(FlatpakDbEntry) entry = NULL;
|
|
XdpPermissionFlags perms =
|
|
XDP_PERMISSION_FLAGS_GRANT_PERMISSIONS |
|
|
XDP_PERMISSION_FLAGS_READ |
|
|
XDP_PERMISSION_FLAGS_WRITE;
|
|
{
|
|
entry = flatpak_db_lookup (db, id);
|
|
|
|
/* If its a unique one its safe for the creator to
|
|
delete it at will */
|
|
if (!reuse_existing)
|
|
perms |= XDP_PERMISSION_FLAGS_DELETE;
|
|
|
|
do_set_permissions (entry, id, app_id, perms);
|
|
}
|
|
}
|
|
}
|
|
|
|
/* Invalidate with lock dropped to avoid deadlock */
|
|
xdp_fuse_invalidate_doc_app (id, NULL);
|
|
if (app_id[0] != '\0')
|
|
xdp_fuse_invalidate_doc_app (id, app_id);
|
|
}
|
|
|
|
g_dbus_method_invocation_return_value (invocation,
|
|
g_variant_new ("(s)", id));
|
|
}
|
|
|
|
static void
|
|
portal_add_named (GDBusMethodInvocation *invocation,
|
|
GVariant *parameters,
|
|
const char *app_id)
|
|
{
|
|
GDBusMessage *message;
|
|
GUnixFDList *fd_list;
|
|
g_autofree char *id = NULL;
|
|
g_autofree char *proc_path = NULL;
|
|
int parent_fd_id, parent_fd, fds_len, fd_flags;
|
|
const int *fds;
|
|
char parent_path_buffer[PATH_MAX + 1];
|
|
g_autofree char *path = NULL;
|
|
ssize_t symlink_size;
|
|
struct stat parent_st_buf;
|
|
const char *filename;
|
|
gboolean reuse_existing, persistent;
|
|
|
|
g_autoptr(GVariant) filename_v = NULL;
|
|
|
|
g_variant_get (parameters, "(h@aybb)", &parent_fd_id, &filename_v, &reuse_existing, &persistent);
|
|
filename = g_variant_get_bytestring (filename_v);
|
|
|
|
/* This is only allowed from the host, or else we could leak existance of files */
|
|
if (*app_id != 0)
|
|
{
|
|
g_dbus_method_invocation_return_error (invocation, FLATPAK_PORTAL_ERROR, FLATPAK_PORTAL_ERROR_NOT_ALLOWED,
|
|
"Not enough permissions");
|
|
return;
|
|
}
|
|
|
|
message = g_dbus_method_invocation_get_message (invocation);
|
|
fd_list = g_dbus_message_get_unix_fd_list (message);
|
|
|
|
parent_fd = -1;
|
|
if (fd_list != NULL)
|
|
{
|
|
fds = g_unix_fd_list_peek_fds (fd_list, &fds_len);
|
|
if (parent_fd_id < fds_len)
|
|
parent_fd = fds[parent_fd_id];
|
|
}
|
|
|
|
if (strchr (filename, '/') != NULL)
|
|
{
|
|
g_dbus_method_invocation_return_error (invocation,
|
|
FLATPAK_PORTAL_ERROR, FLATPAK_PORTAL_ERROR_INVALID_ARGUMENT,
|
|
"Invalid filename passed");
|
|
return;
|
|
}
|
|
|
|
proc_path = g_strdup_printf ("/proc/self/fd/%d", parent_fd);
|
|
|
|
if (parent_fd == -1 ||
|
|
/* Must be able to get fd flags */
|
|
(fd_flags = fcntl (parent_fd, F_GETFL)) == -1 ||
|
|
/* Must be O_PATH */
|
|
((fd_flags & O_PATH) != O_PATH) ||
|
|
/* Must not be O_NOFOLLOW (because we want the target file) */
|
|
((fd_flags & O_NOFOLLOW) == O_PATH) ||
|
|
/* Must be able to fstat */
|
|
fstat (parent_fd, &parent_st_buf) < 0 ||
|
|
/* Must be a directory file */
|
|
(parent_st_buf.st_mode & S_IFMT) != S_IFDIR ||
|
|
/* Must be able to read path from /proc/self/fd */
|
|
/* This is an absolute and (at least at open time) symlink-expanded path */
|
|
(symlink_size = readlink (proc_path, parent_path_buffer, sizeof (parent_path_buffer) - 1)) < 0)
|
|
{
|
|
g_dbus_method_invocation_return_error (invocation,
|
|
FLATPAK_PORTAL_ERROR, FLATPAK_PORTAL_ERROR_INVALID_ARGUMENT,
|
|
"Invalid fd passed");
|
|
return;
|
|
}
|
|
|
|
if (parent_st_buf.st_dev == fuse_dev)
|
|
{
|
|
g_dbus_method_invocation_return_error (invocation,
|
|
FLATPAK_PORTAL_ERROR, FLATPAK_PORTAL_ERROR_INVALID_ARGUMENT,
|
|
"Invalid fd passed");
|
|
return;
|
|
}
|
|
|
|
parent_path_buffer[symlink_size] = 0;
|
|
|
|
path = g_build_filename (parent_path_buffer, filename, NULL);
|
|
|
|
g_debug ("portal_add_named %s", path);
|
|
|
|
AUTOLOCK (db);
|
|
|
|
id = do_create_doc (&parent_st_buf, path, reuse_existing, persistent);
|
|
|
|
g_dbus_method_invocation_return_value (invocation,
|
|
g_variant_new ("(s)", id));
|
|
}
|
|
|
|
|
|
typedef void (*PortalMethod) (GDBusMethodInvocation *invocation,
|
|
GVariant *parameters,
|
|
const char *app_id);
|
|
|
|
static void
|
|
got_app_id_cb (GObject *source_object,
|
|
GAsyncResult *res,
|
|
gpointer user_data)
|
|
{
|
|
GDBusMethodInvocation *invocation = G_DBUS_METHOD_INVOCATION (source_object);
|
|
|
|
g_autoptr(GError) error = NULL;
|
|
g_autofree char *app_id = NULL;
|
|
PortalMethod portal_method = user_data;
|
|
|
|
app_id = flatpak_invocation_lookup_app_id_finish (invocation, res, &error);
|
|
|
|
if (app_id == NULL)
|
|
g_dbus_method_invocation_return_gerror (invocation, error);
|
|
else
|
|
portal_method (invocation, g_dbus_method_invocation_get_parameters (invocation), app_id);
|
|
}
|
|
|
|
static gboolean
|
|
handle_method (GCallback method_callback,
|
|
GDBusMethodInvocation *invocation)
|
|
{
|
|
flatpak_invocation_lookup_app_id (invocation, NULL, got_app_id_cb, method_callback);
|
|
|
|
return TRUE;
|
|
}
|
|
|
|
static gboolean
|
|
handle_get_mount_point (XdpDbusDocuments *object, GDBusMethodInvocation *invocation)
|
|
{
|
|
xdp_dbus_documents_complete_get_mount_point (object, invocation, xdp_fuse_get_mountpoint ());
|
|
return TRUE;
|
|
}
|
|
|
|
static void
|
|
on_bus_acquired (GDBusConnection *connection,
|
|
const gchar *name,
|
|
gpointer user_data)
|
|
{
|
|
XdpDbusDocuments *helper;
|
|
GError *error = NULL;
|
|
|
|
helper = xdp_dbus_documents_skeleton_new ();
|
|
|
|
g_signal_connect_swapped (helper, "handle-get-mount-point", G_CALLBACK (handle_get_mount_point), NULL);
|
|
g_signal_connect_swapped (helper, "handle-add", G_CALLBACK (handle_method), portal_add);
|
|
g_signal_connect_swapped (helper, "handle-add-named", G_CALLBACK (handle_method), portal_add_named);
|
|
g_signal_connect_swapped (helper, "handle-grant-permissions", G_CALLBACK (handle_method), portal_grant_permissions);
|
|
g_signal_connect_swapped (helper, "handle-revoke-permissions", G_CALLBACK (handle_method), portal_revoke_permissions);
|
|
g_signal_connect_swapped (helper, "handle-delete", G_CALLBACK (handle_method), portal_delete);
|
|
|
|
flatpak_connection_track_name_owners (connection);
|
|
|
|
if (!g_dbus_interface_skeleton_export (G_DBUS_INTERFACE_SKELETON (helper),
|
|
connection,
|
|
"/org/freedesktop/portal/documents",
|
|
&error))
|
|
{
|
|
g_warning ("error: %s", error->message);
|
|
g_error_free (error);
|
|
}
|
|
}
|
|
|
|
static void
|
|
daemon_report_done (int status)
|
|
{
|
|
if (daemon_event_fd != -1)
|
|
{
|
|
guint64 counter;
|
|
|
|
counter = status + 1;
|
|
write (daemon_event_fd, &counter, sizeof (counter));
|
|
|
|
daemon_event_fd = -1;
|
|
}
|
|
}
|
|
|
|
static void
|
|
do_exit (int status)
|
|
{
|
|
daemon_report_done (status);
|
|
exit (status);
|
|
}
|
|
|
|
static void
|
|
on_name_acquired (GDBusConnection *connection,
|
|
const gchar *name,
|
|
gpointer user_data)
|
|
{
|
|
g_autoptr(GError) error = NULL;
|
|
struct stat stbuf;
|
|
|
|
g_debug ("org.freedesktop.portal.Documents acquired");
|
|
|
|
if (!xdp_fuse_init (&error))
|
|
{
|
|
final_exit_status = 6;
|
|
g_printerr ("fuse init failed: %s\n", error->message);
|
|
g_main_loop_quit (loop);
|
|
return;
|
|
}
|
|
|
|
if (stat (xdp_fuse_get_mountpoint (), &stbuf) != 0)
|
|
{
|
|
final_exit_status = 7;
|
|
g_printerr ("fuse stat failed: %s\n", strerror (errno));
|
|
g_main_loop_quit (loop);
|
|
return;
|
|
}
|
|
|
|
fuse_dev = stbuf.st_dev;
|
|
|
|
daemon_report_done (0);
|
|
}
|
|
|
|
static void
|
|
on_name_lost (GDBusConnection *connection,
|
|
const gchar *name,
|
|
gpointer user_data)
|
|
{
|
|
g_debug ("org.freedesktop.portal.Documents lost");
|
|
final_exit_status = 20;
|
|
g_main_loop_quit (loop);
|
|
}
|
|
|
|
static void
|
|
session_bus_closed (GDBusConnection *connection,
|
|
gboolean remote_peer_vanished,
|
|
GError *bus_error)
|
|
{
|
|
g_main_loop_quit (loop);
|
|
}
|
|
|
|
static void
|
|
exit_handler (int sig)
|
|
{
|
|
g_main_loop_quit (loop);
|
|
}
|
|
|
|
static int
|
|
set_one_signal_handler (int sig,
|
|
void (*handler)(int),
|
|
int remove)
|
|
{
|
|
struct sigaction sa;
|
|
struct sigaction old_sa;
|
|
|
|
memset (&sa, 0, sizeof (struct sigaction));
|
|
sa.sa_handler = remove ? SIG_DFL : handler;
|
|
sigemptyset (&(sa.sa_mask));
|
|
sa.sa_flags = 0;
|
|
|
|
if (sigaction (sig, NULL, &old_sa) == -1)
|
|
{
|
|
g_warning ("cannot get old signal handler");
|
|
return -1;
|
|
}
|
|
|
|
if (old_sa.sa_handler == (remove ? handler : SIG_DFL) &&
|
|
sigaction (sig, &sa, NULL) == -1)
|
|
{
|
|
g_warning ("cannot set signal handler");
|
|
return -1;
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
static gboolean opt_verbose;
|
|
static gboolean opt_daemon;
|
|
static gboolean opt_replace;
|
|
|
|
static GOptionEntry entries[] = {
|
|
{ "verbose", 'v', 0, G_OPTION_ARG_NONE, &opt_verbose, "Print debug information during command processing", NULL },
|
|
{ "daemon", 'd', 0, G_OPTION_ARG_NONE, &opt_daemon, "Run in background", NULL },
|
|
{ "replace", 'r', 0, G_OPTION_ARG_NONE, &opt_replace, "Replace", NULL },
|
|
{ NULL }
|
|
};
|
|
|
|
static void
|
|
message_handler (const gchar *log_domain,
|
|
GLogLevelFlags log_level,
|
|
const gchar *message,
|
|
gpointer user_data)
|
|
{
|
|
/* Make this look like normal console output */
|
|
if (log_level & G_LOG_LEVEL_DEBUG)
|
|
g_printerr ("XDP: %s\n", message);
|
|
else
|
|
g_printerr ("%s: %s\n", g_get_prgname (), message);
|
|
}
|
|
|
|
int
|
|
main (int argc,
|
|
char **argv)
|
|
{
|
|
guint owner_id;
|
|
|
|
g_autoptr(GError) error = NULL;
|
|
g_autofree char *path = NULL;
|
|
GDBusConnection *session_bus;
|
|
GOptionContext *context;
|
|
|
|
setlocale (LC_ALL, "");
|
|
|
|
/* Avoid even loading gvfs to avoid accidental confusion */
|
|
g_setenv ("GIO_USE_VFS", "local", TRUE);
|
|
|
|
context = g_option_context_new ("- document portal");
|
|
g_option_context_add_main_entries (context, entries, NULL);
|
|
if (!g_option_context_parse (context, &argc, &argv, &error))
|
|
{
|
|
g_printerr ("option parsing failed: %s\n", error->message);
|
|
return 1;
|
|
}
|
|
|
|
if (opt_daemon)
|
|
{
|
|
pid_t pid;
|
|
ssize_t read_res;
|
|
|
|
daemon_event_fd = eventfd (0, EFD_CLOEXEC);
|
|
pid = fork ();
|
|
if (pid != 0)
|
|
{
|
|
guint64 counter;
|
|
|
|
read_res = read (daemon_event_fd, &counter, sizeof (counter));
|
|
if (read_res != 8)
|
|
exit (1);
|
|
exit (counter - 1);
|
|
}
|
|
}
|
|
|
|
if (opt_verbose)
|
|
g_log_set_handler (NULL, G_LOG_LEVEL_DEBUG, message_handler, NULL);
|
|
|
|
g_set_prgname (argv[0]);
|
|
|
|
loop = g_main_loop_new (NULL, FALSE);
|
|
|
|
path = g_build_filename (g_get_user_data_dir (), "xdg-app/db", TABLE_NAME, NULL);
|
|
db = flatpak_db_new (path, FALSE, &error);
|
|
if (db == NULL)
|
|
{
|
|
g_printerr ("Failed to load db: %s\n", error->message);
|
|
do_exit (2);
|
|
}
|
|
|
|
session_bus = g_bus_get_sync (G_BUS_TYPE_SESSION, NULL, &error);
|
|
if (session_bus == NULL)
|
|
{
|
|
g_printerr ("No session bus: %s\n", error->message);
|
|
do_exit (3);
|
|
}
|
|
|
|
permission_store = flatpak_permission_store_proxy_new_sync (session_bus, G_DBUS_PROXY_FLAGS_NONE,
|
|
"org.freedesktop.Flatpak",
|
|
"/org/freedesktop/Flatpak/PermissionStore",
|
|
NULL, &error);
|
|
if (permission_store == NULL)
|
|
{
|
|
g_print ("No permission store: %s\n", error->message);
|
|
do_exit (4);
|
|
}
|
|
|
|
/* We want do do our custom post-mainloop exit */
|
|
g_dbus_connection_set_exit_on_close (session_bus, FALSE);
|
|
|
|
g_signal_connect (session_bus, "closed", G_CALLBACK (session_bus_closed), NULL);
|
|
|
|
if (set_one_signal_handler (SIGHUP, exit_handler, 0) == -1 ||
|
|
set_one_signal_handler (SIGINT, exit_handler, 0) == -1 ||
|
|
set_one_signal_handler (SIGTERM, exit_handler, 0) == -1 ||
|
|
set_one_signal_handler (SIGPIPE, SIG_IGN, 0) == -1)
|
|
do_exit (5);
|
|
|
|
owner_id = g_bus_own_name (G_BUS_TYPE_SESSION,
|
|
"org.freedesktop.portal.Documents",
|
|
G_BUS_NAME_OWNER_FLAGS_ALLOW_REPLACEMENT | (opt_replace ? G_BUS_NAME_OWNER_FLAGS_REPLACE : 0),
|
|
on_bus_acquired,
|
|
on_name_acquired,
|
|
on_name_lost,
|
|
NULL,
|
|
NULL);
|
|
|
|
g_main_loop_run (loop);
|
|
|
|
xdp_fuse_exit ();
|
|
|
|
g_bus_unown_name (owner_id);
|
|
|
|
do_exit (final_exit_status);
|
|
|
|
return 0;
|
|
}
|