diff --git a/common/flatpak-context.c b/common/flatpak-context.c index 4ff235b1..04719dcd 100644 --- a/common/flatpak-context.c +++ b/common/flatpak-context.c @@ -84,6 +84,8 @@ const char *flatpak_context_features[] = { const char *flatpak_context_special_filesystems[] = { "home", "host", + "host-etc", + "host-os", NULL }; @@ -765,7 +767,7 @@ flatpak_context_verify_filesystem (const char *filesystem_and_mode, return TRUE; g_set_error (error, G_OPTION_ERROR, G_OPTION_ERROR_FAILED, - _("Unknown filesystem location %s, valid locations are: host, home, xdg-*[/…], ~/dir, /dir"), filesystem); + _("Unknown filesystem location %s, valid locations are: host, host-os, host-etc, home, xdg-*[/…], ~/dir, /dir"), filesystem); return FALSE; } @@ -2059,7 +2061,7 @@ flatpak_context_export (FlatpakContext *context, gboolean *home_access_out) { gboolean home_access = FALSE; - FlatpakFilesystemMode fs_mode, home_mode; + FlatpakFilesystemMode fs_mode, os_mode, etc_mode, home_mode; GHashTableIter iter; gpointer key, value; @@ -2089,9 +2091,20 @@ flatpak_context_export (FlatpakContext *context, closedir (dir); } flatpak_exports_add_path_expose (exports, fs_mode, "/run/media"); - flatpak_exports_add_host_expose (exports, fs_mode); } + os_mode = MAX ((FlatpakFilesystemMode) g_hash_table_lookup (context->filesystems, "host-os"), + fs_mode); + + if (os_mode != 0) + flatpak_exports_add_host_os_expose (exports, os_mode); + + etc_mode = MAX ((FlatpakFilesystemMode) g_hash_table_lookup (context->filesystems, "host-etc"), + fs_mode); + + if (etc_mode != 0) + flatpak_exports_add_host_etc_expose (exports, etc_mode); + home_mode = (FlatpakFilesystemMode) g_hash_table_lookup (context->filesystems, "home"); if (home_mode != 0) { diff --git a/common/flatpak-exports-private.h b/common/flatpak-exports-private.h index 61064d0a..bd335e44 100644 --- a/common/flatpak-exports-private.h +++ b/common/flatpak-exports-private.h @@ -37,8 +37,10 @@ void flatpak_exports_free (FlatpakExports *exports); FlatpakExports *flatpak_exports_new (void); void flatpak_exports_append_bwrap_args (FlatpakExports *exports, FlatpakBwrap *bwrap); -void flatpak_exports_add_host_expose (FlatpakExports *exports, - FlatpakFilesystemMode mode); +void flatpak_exports_add_host_etc_expose (FlatpakExports *exports, + FlatpakFilesystemMode mode); +void flatpak_exports_add_host_os_expose (FlatpakExports *exports, + FlatpakFilesystemMode mode); void flatpak_exports_add_path_expose (FlatpakExports *exports, FlatpakFilesystemMode mode, const char *path); diff --git a/common/flatpak-exports.c b/common/flatpak-exports.c index 9cf223b2..37a93e13 100644 --- a/common/flatpak-exports.c +++ b/common/flatpak-exports.c @@ -94,7 +94,8 @@ typedef struct struct _FlatpakExports { GHashTable *hash; - FlatpakFilesystemMode host_fs; + FlatpakFilesystemMode host_etc; + FlatpakFilesystemMode host_os; }; static void @@ -221,6 +222,27 @@ path_is_symlink (const char *path) return S_ISLNK (s.st_mode); } +/* + * @name: A file or directory below /etc + * @test: How we test whether it is suitable + * + * The paths in /etc that are required if we want to make use of the + * host /usr (and /lib, and so on). + */ +typedef struct +{ + const char *name; + GFileTest test; +} LibsNeedEtc; + +static const LibsNeedEtc libs_need_etc[] = +{ + /* glibc */ + { "ld.so.cache", G_FILE_TEST_IS_REGULAR }, + /* Used for executables and a few libraries on e.g. Debian */ + { "alternatives", G_FILE_TEST_IS_DIR } +}; + void flatpak_exports_append_bwrap_args (FlatpakExports *exports, FlatpakBwrap *bwrap) @@ -279,17 +301,17 @@ flatpak_exports_append_bwrap_args (FlatpakExports *exports, } } - if (exports->host_fs != 0) + if (exports->host_os != 0) { - const char *host_bind_mode = "--bind"; + const char *os_bind_mode = "--bind"; int i; - if (exports->host_fs == FLATPAK_FILESYSTEM_MODE_READ_ONLY) - host_bind_mode = "--ro-bind"; + if (exports->host_os == FLATPAK_FILESYSTEM_MODE_READ_ONLY) + os_bind_mode = "--ro-bind"; if (g_file_test ("/usr", G_FILE_TEST_IS_DIR)) flatpak_bwrap_add_args (bwrap, - host_bind_mode, "/usr", "/run/host/usr", NULL); + os_bind_mode, "/usr", "/run/host/usr", NULL); for (i = 0; flatpak_abs_usrmerged_dirs[i] != NULL; i++) { @@ -329,14 +351,49 @@ flatpak_exports_append_bwrap_args (FlatpakExports *exports, * or is a plain directory because the host OS has not * undergone the /usr merge; bind-mount the directory instead */ flatpak_bwrap_add_args (bwrap, - host_bind_mode, subdir, run_host_subdir, + os_bind_mode, subdir, run_host_subdir, NULL); } } + if (exports->host_etc == 0) + { + guint i; + + /* We are exposing the host /usr (and friends) but not the + * host /etc. Additionally expose just enough of /etc to make + * things that want to read /usr work as expected. + * + * (If exports->host_etc is nonzero, we'll do this as part of + * /etc instead.) */ + + for (i = 0; i < G_N_ELEMENTS (libs_need_etc); i++) + { + const LibsNeedEtc *item = &libs_need_etc[i]; + g_autofree gchar *host_path = g_strconcat ("/etc/", item->name, NULL); + + if (g_file_test (host_path, item->test)) + { + g_autofree gchar *run_host_path = g_strconcat ("/run/host/etc/", item->name, NULL); + + flatpak_bwrap_add_args (bwrap, + os_bind_mode, host_path, run_host_path, + NULL); + } + } + } + } + + if (exports->host_etc != 0) + { + const char *etc_bind_mode = "--bind"; + + if (exports->host_etc == FLATPAK_FILESYSTEM_MODE_READ_ONLY) + etc_bind_mode = "--ro-bind"; + if (g_file_test ("/etc", G_FILE_TEST_IS_DIR)) flatpak_bwrap_add_args (bwrap, - host_bind_mode, "/etc", "/run/host/etc", NULL); + etc_bind_mode, "/etc", "/run/host/etc", NULL); } } @@ -677,8 +734,15 @@ flatpak_exports_add_path_dir (FlatpakExports *exports, } void -flatpak_exports_add_host_expose (FlatpakExports *exports, - FlatpakFilesystemMode mode) +flatpak_exports_add_host_etc_expose (FlatpakExports *exports, + FlatpakFilesystemMode mode) { - exports->host_fs = mode; + exports->host_etc = mode; +} + +void +flatpak_exports_add_host_os_expose (FlatpakExports *exports, + FlatpakFilesystemMode mode) +{ + exports->host_os = mode; } diff --git a/doc/flatpak-build-finish.xml b/doc/flatpak-build-finish.xml index d92eeb4d..e942d39e 100644 --- a/doc/flatpak-build-finish.xml +++ b/doc/flatpak-build-finish.xml @@ -225,7 +225,7 @@ Allow the application access to a subset of the filesystem. This updates the [Context] group in the metadata. - FS can be one of: home, host, xdg-desktop, xdg-documents, xdg-download, + FS can be one of: home, host, host-os, host-etc, xdg-desktop, xdg-documents, xdg-download, xdg-music, xdg-pictures, xdg-public-share, xdg-templates, xdg-videos, xdg-run, xdg-config, xdg-cache, xdg-data, an absolute path, or a homedir-relative path like ~/dir or paths relative to the xdg dirs, like xdg-download/subdir. @@ -245,7 +245,7 @@ Remove access to the specified subset of the filesystem from the application. This overrides to the Context section from the application metadata. - FILESYSTEM can be one of: home, host, xdg-desktop, xdg-documents, xdg-download, + FILESYSTEM can be one of: home, host, host-os, host-etc, xdg-desktop, xdg-documents, xdg-download, xdg-music, xdg-pictures, xdg-public-share, xdg-templates, xdg-videos, an absolute path, or a homedir-relative path like ~/dir. This option can be used multiple times. diff --git a/doc/flatpak-build.xml b/doc/flatpak-build.xml index 55e3ec89..4414f144 100644 --- a/doc/flatpak-build.xml +++ b/doc/flatpak-build.xml @@ -219,7 +219,7 @@ Allow the application access to a subset of the filesystem. This overrides to the Context section from the application metadata. - FILESYSTEM can be one of: home, host, xdg-desktop, xdg-documents, xdg-download, + FILESYSTEM can be one of: home, host, host-os, host-etc, xdg-desktop, xdg-documents, xdg-download, xdg-music, xdg-pictures, xdg-public-share, xdg-templates, xdg-videos, xdg-run, xdg-config, xdg-cache, xdg-data, an absolute path, or a homedir-relative path like ~/dir or paths relative to the xdg dirs, like xdg-download/subdir. @@ -239,7 +239,7 @@ Remove access to the specified subset of the filesystem from the application. This overrides to the Context section from the application metadata. - FILESYSTEM can be one of: home, host, xdg-desktop, xdg-documents, xdg-download, + FILESYSTEM can be one of: home, host, host-os, host-etc, xdg-desktop, xdg-documents, xdg-download, xdg-music, xdg-pictures, xdg-public-share, xdg-templates, xdg-videos, an absolute path, or a homedir-relative path like ~/dir. This option can be used multiple times. diff --git a/doc/flatpak-metadata.xml b/doc/flatpak-metadata.xml index 7e445ac1..325a381a 100644 --- a/doc/flatpak-metadata.xml +++ b/doc/flatpak-metadata.xml @@ -231,6 +231,21 @@ shared. This option does not make additional files in /sys available. + + Additionally, this keyword provides all of the + same directories in + /run/host as the + and + keywords. + If this keyword is used in conjunction + with one of the + keywords, whichever access level is higher + (more permissive) will be used for the + directories in /run/host: + for example, + host:rw;host-os:ro; is + equivalent to host:rw;. + These other reserved directories are currently excluded: @@ -253,6 +268,54 @@ Available since 0.3. + + + The host operating system's libraries, + executables and static data from + /usr + and the related directories + /bin, + /lib, + /lib32, + /lib64, + /sbin. + Additionally, this keyword provides access + to a subset of /etc that + is associated with packaged libraries and + executables, even if the + keyword + was not used: + /etc/ld.so.cache, + (used by the dynamic linker) and + /etc/alternatives + (on operating systems that use it, such as + Debian). + + + To avoid conflicting with the Flatpak + runtime, these are mounted in the sandbox + at /run/host/usr, + /run/host/etc/ld.so.cache + and so on. + + + Available since 1.7. + + + + + The host operating system's configuration from + /etc. + + + To avoid conflicting with the Flatpak + runtime, this is mounted in the sandbox + at /run/host/etc. + + + Available since 1.7. + + , , , diff --git a/doc/flatpak-override.xml b/doc/flatpak-override.xml index 8f131575..ef941bd8 100644 --- a/doc/flatpak-override.xml +++ b/doc/flatpak-override.xml @@ -201,7 +201,7 @@ Allow the application access to a subset of the filesystem. This overrides to the Context section from the application metadata. - FILESYSTEM can be one of: home, host, xdg-desktop, xdg-documents, xdg-download, + FILESYSTEM can be one of: home, host, host-os, host-etc, xdg-desktop, xdg-documents, xdg-download, xdg-music, xdg-pictures, xdg-public-share, xdg-templates, xdg-videos, xdg-run, xdg-config, xdg-cache, xdg-data, an absolute path, or a homedir-relative path like ~/dir or paths @@ -222,7 +222,7 @@ Remove access to the specified subset of the filesystem from the application. This overrides to the Context section from the application metadata. - FILESYSTEM can be one of: home, host, xdg-desktop, xdg-documents, xdg-download, + FILESYSTEM can be one of: home, host, host-os, host-etc, xdg-desktop, xdg-documents, xdg-download, xdg-music, xdg-pictures, xdg-public-share, xdg-templates, xdg-videos, an absolute path, or a homedir-relative path like ~/dir. This option can be used multiple times. diff --git a/doc/flatpak-run.xml b/doc/flatpak-run.xml index 5077c1a9..815ce23e 100644 --- a/doc/flatpak-run.xml +++ b/doc/flatpak-run.xml @@ -341,7 +341,7 @@ Allow the application access to a subset of the filesystem. This overrides to the Context section from the application metadata. - FILESYSTEM can be one of: home, host, xdg-desktop, xdg-documents, xdg-download, + FILESYSTEM can be one of: home, host, host-os, host-etc, xdg-desktop, xdg-documents, xdg-download, xdg-music, xdg-pictures, xdg-public-share, xdg-templates, xdg-videos, xdg-run, xdg-config, xdg-cache, xdg-data, an absolute path, or a homedir-relative path like ~/dir or paths @@ -362,7 +362,7 @@ Remove access to the specified subset of the filesystem from the application. This overrides to the Context section from the application metadata. - FILESYSTEM can be one of: home, host, xdg-desktop, xdg-documents, xdg-download, + FILESYSTEM can be one of: home, host, host-os, host-etc, xdg-desktop, xdg-documents, xdg-download, xdg-music, xdg-pictures, xdg-public-share, xdg-templates, xdg-videos, an absolute path, or a homedir-relative path like ~/dir. This option can be used multiple times.