From b85d30365e186a55415482a9d65d32102946d2f0 Mon Sep 17 00:00:00 2001
From: Simon McVittie <smcv@collabora.com>
Date: Wed, 14 Dec 2022 13:22:22 +0000
Subject: [PATCH] context: Show a warning if we cannot provide any $HOME

If $HOME is below a reserved path (for example `/usr/home/thompson`
for Unix traditionalists) or otherwise cannot be shared, or is a
symbolic link to somewhere that cannot be shared, then we will end
up running the app with $HOME not existing. This is unexpected, so
we should make more noise about it.

There are two situations here, both of which get a warning: if we have
--filesystem=home or --filesystem=host then we are trying to share the
real $HOME with the application, and if we do not, then we are trying
to create a directory at the location of the real $HOME and replicate
the chain of symlinks (if any) leading from $HOME to that location.

Unlike the previous commit, this is not expected to happen during unit
testing, so we do not use a g_warning() for this.

Diagnoses: https://github.com/flatpak/flatpak/issues/5035
Signed-off-by: Simon McVittie <smcv@collabora.com>
---
 common/flatpak-context.c | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/common/flatpak-context.c b/common/flatpak-context.c
index 9a8413b9..ddc891db 100644
--- a/common/flatpak-context.c
+++ b/common/flatpak-context.c
@@ -2580,8 +2580,12 @@ flatpak_context_export (FlatpakContext *context,
 
       if (!flatpak_exports_add_path_expose (exports, MAX (home_mode, fs_mode), g_get_home_dir (), &local_error))
         {
-          log_cannot_export_error (MAX (home_mode, fs_mode), g_get_home_dir (),
-                                   local_error);
+          /* Even if the error is one that we would normally silence, like
+           * the path not existing, it seems reasonable to make more of a fuss
+           * about the home directory not existing or otherwise being unusable,
+           * so this is intentionally not using cannot_export() */
+          g_warning (_("Not allowing home directory access: %s"),
+                     local_error->message);
           g_clear_error (&local_error);
         }
     }
@@ -2799,8 +2803,8 @@ flatpak_context_get_exports_full (FlatpakContext *context,
       /* Ensure we always have a homedir */
       if (!flatpak_exports_add_path_dir (exports, g_get_home_dir (), &local_error))
         {
-          g_debug ("Unable to provide a temporary home directory in the sandbox: %s",
-                   local_error->message);
+          g_warning (_("Unable to provide a temporary home directory in the sandbox: %s"),
+                     local_error->message);
           g_clear_error (&local_error);
         }
     }