context: Show a warning if we cannot provide any $HOME

If $HOME is below a reserved path (for example `/usr/home/thompson` for Unix traditionalists) or otherwise cannot be shared, or is a symbolic link to somewhere that cannot be shared, then we will end up running the app with $HOME not existing. This is unexpected, so we should make more noise about it. There are two situations here, both of which get a warning: if we have --filesystem=home or --filesystem=host then we are trying to share the real $HOME with the application, and if we do not, then we are trying to create a directory at the location of the real $HOME and replicate the chain of symlinks (if any) leading from $HOME to that location. Unlike the previous commit, this is not expected to happen during unit testing, so we do not use a g_warning() for this. Diagnoses: https://github.com/flatpak/flatpak/issues/5035 Signed-off-by: Simon McVittie <smcv@collabora.com>
2026-04-04 15:15:25 -04:00 · 2022-12-14 13:22:22 +00:00
parent dc7b1e873b
commit b85d30365e
1 changed files with 8 additions and 4 deletions
--- a/common/flatpak-context.c
+++ b/common/flatpak-context.c
@@ -2580,8 +2580,12 @@ flatpak_context_export (FlatpakContext *context,

      if (!flatpak_exports_add_path_expose (exports, MAX (home_mode, fs_mode), g_get_home_dir (), &local_error))
        {
-          log_cannot_export_error (MAX (home_mode, fs_mode), g_get_home_dir (),
-                                   local_error);
+          /* Even if the error is one that we would normally silence, like
+           * the path not existing, it seems reasonable to make more of a fuss
+           * about the home directory not existing or otherwise being unusable,
+           * so this is intentionally not using cannot_export() */
+          g_warning (_("Not allowing home directory access: %s"),
+                     local_error->message);
          g_clear_error (&local_error);
        }
    }
@@ -2799,8 +2803,8 @@ flatpak_context_get_exports_full (FlatpakContext *context,
      /* Ensure we always have a homedir */
      if (!flatpak_exports_add_path_dir (exports, g_get_home_dir (), &local_error))
        {
-          g_debug ("Unable to provide a temporary home directory in the sandbox: %s",
-                   local_error->message);
+          g_warning (_("Unable to provide a temporary home directory in the sandbox: %s"),
+                     local_error->message);
          g_clear_error (&local_error);
        }
    }