mirror/flatpak
1
0
Fork 0
mirror of https://github.com/flatpak/flatpak.git synced 2026-05-14 03:24:50 -04:00
Code Issues Packages Projects Releases Wiki Activity

flatpak-dir: Allow root to bypass parental controls

Browse Source 
In elementary OS, we're building our images with some flatpaks pre-installed. To do this, we run noninteractive `flatpak install` commands in the chroot as part of the build scripts. We've bumped into some build failures recently after switching to a version of flatpak with malcontent support built in.

After some debugging, it turns out installations are failing the parental controls checks with errors like `Failed to install org.gnome.Epiphany: Could not connect: No such file or directory` message. I'm assuming this is a failure to connect to the system bus in this method (since there isn't one in the chroot).

Is it reasonable to assume that UID 0 should be allowed to install whatever they want regardless of parental controls? I believe this would fix our issue too.
This commit is contained in:
David Hewitt
2020-12-09 15:32:15 +00:00
committed by Alexander Larsson
parent 9bf4982202
commit d762a2f536
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
common/flatpak-dir.c
View File

@@ -7856,6 +7856,11 @@ flatpak_dir_check_parental_controls (FlatpakDir *self,
gboolean authorized; gboolean authorized;
gboolean repo_installation_allowed, app_is_appropriate; gboolean repo_installation_allowed, app_is_appropriate;
/* Assume that root is allowed to install any ref and shouldn't have any
* parental controls restrictions applied to them */
if (getuid () == 0)
return TRUE;
/* The ostree-metadata and appstream/ branches should not have any parental /* The ostree-metadata and appstream/ branches should not have any parental
* controls restrictions. Similarly, for the moment, there is no point in * controls restrictions. Similarly, for the moment, there is no point in
* restricting runtimes. */ * restricting runtimes. */