This allows searching for applications easily greatly improving
the UX of the cli. This relies upon appstream data which currently
must be updated with `flatpak update --appstream`.
Closes: #1136
Approved by: mwleeds
This introduces no functional changes, but makes it a bit more obvious
that we do temporarily have ownership of the FlatpakInstallation
instance.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Closes: #1138
Approved by: alexlarsson
If a particular system installation is inaccessible (for example,
because it doesn’t currently exist, and we don’t have permissions to
create it), don’t error out of flatpak_get_system_installations().
Instead, do what the documentation says will happen, and ignore the
failure (emit a warning message about it).
The function continues to return an error if *no* installations could be
found.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Closes: #1138
Approved by: alexlarsson
The commitstate check in parent dir was fixed in ostree 2017.13,
so we only apply the workaround for previous versions.
Closes: #1131
Approved by: alexlarsson
The return value of flatpak_deploy_data_get_subpaths needs a (shallow)
free, so put it in a separate autofree variable.
Closes: #1126
Approved by: alexlarsson
This is a mostly trivial conversion to use FlatpakBwrap instead
of separate argv_array/fd_array/envp variables. Anywhere it is
trivial to pass the bwrap we do, but for anything complicated
we keep the old code with separated args.
Closes: #1114
Approved by: alexlarsson
This is a wrapper around the argv, envp and fd array that
are used in the code when invoking bubblewrap. We collect them
in a single object to avoid passing a lot of arguments around.
Closes: #1114
Approved by: alexlarsson
If regenerate_ld_cache was used then the fds involved in the
ld.so.conf files were used twice, which means they are at
the end the second time. So, we tweak the child setup to always
seek back to the start of all fds.
Closes: #1112
Approved by: alexlarsson
fd_array is always non-NULL at this point; adding a conditional there
confuses the code, confuses static analysis, and leaves open the
possibility for ld_so_fd to be leaked if that conditional is not taken
in future.
Coverity CID: #1457790
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Closes: #1108
Approved by: alexlarsson
Whenever we add a add a local dependency we add both the languages
based on the current locale, and (in case of an update) whatever was
installed before. We also properly merge this with any normally
specified (non-dependency) update (typically happens e.g. when just
doing a "flatpak update", which adds .Locale updates both as
dependencies and regular updates).
This means you can just configure a new language and then flatpak
update will pull everything with those languages.
Closes: #1098
Approved by: alexlarsson
This is mostly a cleanup of some code and extracting common code to
helper functions. But additionally, we switch the xa.languages config
value to be a list of languages, rather than dirs, although for
backwars compat we still support if it specifies dirs.
Closes: #1098
Approved by: alexlarsson
This version has an important fix to the pull code that ensures
that all outstanding operations are settled before returning.
This is particularily important for flatpak that can do multiple
flatpak operations in different threads.
Closes: #1092
Approved by: alexlarsson
Followup to the previous commit to use `O_TMPFILE`, for
the cases here what we really want is to use sealed memfds. This
ensures the container can't mutate the data we pass.
Now, the args fd I was looking at turned out to be a bwrap bug,
but this is a good example of the mitigation:
```
$ flatpak run --command="/bin/sh" org.test.Hello
ls -al /proc/$$/fd
total 0
dr-x------. 2 1000 1000 0 Oct 1 16:43 .
dr-xr-xr-x. 9 1000 1000 0 Oct 1 16:43 ..
lrwx------. 1 1000 1000 64 Oct 1 16:43 0 -> /dev/pts/2
lrwx------. 1 1000 1000 64 Oct 1 16:43 1 -> /dev/pts/2
lrwx------. 1 1000 1000 64 Oct 1 16:43 2 -> /dev/pts/2
lrwx------. 1 1000 1000 64 Oct 1 16:43 255 -> /dev/pts/2
lrwx------. 1 1000 1000 64 Oct 1 16:43 9 -> /memfd:bwrap-args (deleted)
org.test.Hello$ echo foo > /proc/self/fd/9
sh: /proc/self/fd/9: Operation not permitted
```
Closes: #1064
Approved by: alexlarsson
We should not check if a persistence target exists outside of the
chroot, since its existance is irrelevant.
Fixes#1088Closes: #1089
Approved by: alexlarsson
* build-finish: Add --extension-priority option
This lets you set the priority of the extension.
* fixup! build-finish: Add --extension-priority option
* fixup! build-finish: Add --extension-priority option
There's an oustanding bubblewrap PR where we'd like to change how
we set up the rootfs; a side effect of this will be that /newroot
disappears from the `/proc` links:
[bubblewrap pull 172](https://github.com/projectatomic/bubblewrap/pull/172).
I took a stab here at adapting the code to work in both the old and new cases.
Just compile tested at the moment. There's a lot of subtleties in this code; in
particular how we end up mutating-in-place the path buffer and how that
interacts with inspecting it.
Closes: #1063
Approved by: alexlarsson
In general libglnx has expanded a lot to have a good set of low-level wrappers
for things like writing a buffer to a fd. Also, we should use `O_TMPFILE`
if available - I think the code reduction speaks for itself here.
Writing this patch as a result of looking at what fds flatpak injects.
However, *really* we want to use sealed memfds. I'll likely copy the
systemd wrappers for that into libglnx too.
Also, it took me a while to figure out the reason the `--args` code
worked before was because we were leaking the fd.
(Updated by Alexander Larsson <alexl@redhat.com> to use O_TMPFILE
in more places, like for the seccomp code, and rebased on
some preparatory cleanups)
Closes: #1060
Approved by: alexlarsson