When uninstalling, if no specific installation was specified with e.g.
--user or --system, automatically chose any unique match, or error
out if there are multiple alternatives.
Fixes#1321
When a collection ID is set on a remote configuration,
gpg-verify-summary should be set to FALSE because flatpak uses signed
per-repo and per-commit metadata instead. The flatpak command line
already does this (use flatpak remote-modify --collection-id=... and
notice that gpg-verify-summary is then set to false). This commit
changes libflatpak to have the same behavior. Specifically, with a
collection ID set gpg-verify-summary is set to false and otherwise its
value matches that of gpg-verify. This commit also adds a test for this
in testlibrary.c.
Fixes https://github.com/flatpak/flatpak/issues/1479Closes: #1501
Approved by: pwithnall
This is now in xdg-desktop-portal. We keep a version of the document
portal dbus XML so that we avoid weird build dependencies.
Flatpak itself is technically not dependent on the document portal,
but it is very much recommended that you use it.
Closes: #1398
Approved by: alexlarsson
The test used to verify that metadata was coming from the
ostree-metadata ref rather than the summary file, by ensuring that
xa.title was set in one but not the other, by regenerating one
separately from the other. However, since the test was written, OSTree
has changed so that it now writes them both out, at the same time, with
no possibility of separating the two.
Trim down this test so it no longer tries to check the source of the
updated metadata, and instead just checks that it is updated.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Closes: #1201
Approved by: alexlarsson
If you're installing something and its already installed, we undeploy
the old install first before deploying the new. This makes it very
easy to switch an application from one remote to another, without
having to uninstall first, which is both painful and could cause
the download to be unnecessary large.
Closes: #1241
Approved by: alexlarsson
Currently "flatpak remotes" shows remotes across user and system
installations, but other remote commands (remote-delete, remote-modify,
remote-ls, remote-info) only work on one installation: the system one
unless overridden using --user or --installation. This commit changes
each command to infer the correct installation by checking which has
the specified remote. In case multiple installations have remotes by
the same name, the user is prompted to decide which to use.
This commit also adds unit tests and updates the man pages for the
aforementioned commands.
Fixes https://github.com/flatpak/flatpak/issues/787Closes: #1205
Approved by: alexlarsson
Instead of setting LD_LIBRARY_PATH to make the app load the right
libraries we run ldconfig to generate a ld.so.cache that we feed
to the sandbox as /etc/ld.so.cache. The cache itself is generated
by running ldconfig at run time, but for apps we cache the
result in $HOME/.var/app/$APPID/.ld.so/cache based on the
current app/runtime/extensions commit ids.
We also unset LD_LIBRARY_PATH, to ensure any host-side value
does not mess with the sandbox.
The default ld.so.conf we set (if the runtime has none, or an empty
one) is:
include /run/flatpak/ld.so.conf.d/*.conf
include /app/etc/ld.so.conf
/app/lib
Additionally all the extension points that have add_ld_path set gets a
ld.so.conf snippet in /run/flatpak/ld.so.conf.d.
This allows applications and extensions to install their own paths if
needed, and if the runtime wants more location they can install a
custom ld.so.conf that includes the above.
In the flatpak build case we still use LD_LIBRARY_PATH like before,
because there is no good key (like the commit ids) for keeping the
cache up-to-date. Also, the behaviour is different when building an
app for instance. If /app/lib is not in LD_LIBRARY_PATH then the
sandbox-wide /etc/ld.so.cache must be updated for a newly installed
library to work, but the sandbox is not allowed to update
/etc/ld.so.cache.
This code was originally written by Valentin David <valentin.david@gmail.com>
with changes by Alexander Larsson <alexl@redhat.com>.
Closes: #1073
Approved by: alexlarsson
The kernel used on some autobuilders for the Debian PA-RISC port
can do "bwrap --ro-bind / / /bin/true", but not the bwrap invocations
made during the actual testing, which fail with "Creating new namespace
failed: Invalid argument". Make the trial bwrap invocation more like
what Flatpak actually does, so that these tests will hopefully be
skipped on such kernels.
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876743
Signed-off-by: Simon McVittie <smcv@debian.org>
We'll need this to be able to skip system-mode tests without xattrs.
This partially reverts commit a53a752a35.
Signed-off-by: Simon McVittie <smcv@collabora.com>
This makes it easier to reason about. In the absence of
FLATPAK_SYSTEM_CACHE_DIR, it would use /var/tmp even during tests that
prefer /tmp.
Signed-off-by: Simon McVittie <smcv@collabora.com>
- Replace `if (g_test_verbose ()) g_print("...\n")` with
`g_test_message ("...")`, which prints the message if the test is
either verbose or in TAP mode. Otherwise, post-mortem debugging
of failing tests on an autobuilder is very difficult.
In some cases, since commit f1dbe9bc "tests: Print spawned program
argv in testlibrary" we already had the g_test_message(), but
still had the redundant g_print() too.
- Factor out running a subprocess into a helper function to reduce
duplication.
- Capture invoked subprocesses' stderr and stdout where possible, so we
can log it as diagnostics. Again, this should make it easier to carry
out post-mortem debugging based on autobuilder logs.
Signed-off-by: Simon McVittie <smcv@collabora.com>
This is declared in the header file, but was never actually implemented.
Oops.
If anybody is hit by this issue, they can work around it by using
g_object_get() to get the FlatpakRemote:type property, which this is the
getter for.
Add it to the tests as well, so it gets exercised.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Use g_main_context_iteration() manually in a loop instead; this makes
the termination conditions more obvious. This does not change the
behaviour of the test.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
This adds variable support for collection IDs: they can either be
enabled on the server, on the server and client, or not at all. If
enabled on the server, apps and runtimes are built with collection IDs
and the repository has one set. If enabled on the client, the remote
config is added to the local repository with a collection ID and GPG
verification enabled. They are controlled with
USE_COLLECTIONS_IN_{SERVER,CLIENT}={yes,no}.
These variables are used in the new wrapper tests,
test-repo-collections.sh and test-repo-collections-server-only.sh.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
This isn’t really used internally, but will be used by gnome-software
for when it configures new flatpak remotes.
This is new public API, but is only declared if compiling with
--enable-p2p.
Includes some basic smoketests.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
In order to provide a transition path for repositories to add collection
IDs to themselves and propagate those collection IDs to clients’ remote
configurations, add another repo config key which controls whether the
repository’s collection ID is published. If xa.collection-id is set in
the repo’s published metadata, the client will update its configuration
to the given ID — but only if no ID is set already. This is a one-time
transition to prevent malicious repositories from remotely changing the
user’s configuration to associate their remote with a well-known
collection ID they don’t own.
Add a test for this.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
This adds a new collection-id property which is only enabled if
FLATPAK_ENABLE_P2P is defined. The internal machinery for handling it is
always enabled, to reduce the amount of #ifdef spam.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
For example, add $(AM_CFLAGS) to mumble_CFLAGS. Since $(WARN_CFLAGS) is
only added to $(AM_CFLAGS), this fixes the lack of inclusion of the
compiler warning flags in the compilation of half of flatpak.
Note that $(AM_*) variables are only used by automake if a more specific
(per-target) special variable is not defined instead. So if you define
mumble_CFLAGS, AM_CFLAGS will not be used for that target unless
explicitly included in mumble_CFLAGS.
See
https://www.gnu.org/software/automake/manual/html_node/Flag-Variables-Ordering.html.
Do the same for $(AM_LIBADD), $(AM_LDFLAGS), etc. These are not
currently defined, but it’s good practice to include them in
mumble_LIBADD (etc.) just in case they’re defined in future. Hopefully
their inclusions will be cargo-culted to any new targets which are
added, retaining full coverage of the code base.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Clang otherwise complains about the printf() format string not being a
string literal, which is a bit pants.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
The library test previously used the real ~/.cache, while the
library test and the shell-script tests would use the real ~/.config
to look up the XDG user-dirs.dirs. Other home-directory-related code
might have used the real $HOME.
As a general rule, build-time tests should not affect the real home
directory. Debian autobuilders run as a user whose home directory
does not exist, in order to catch packages whose build process could
affect or be affected by the contents of the home directory. This
caused testlibrary to fail when it tried to create that nonexistent
directory, which I think happened while trying to create ~/.cache.
Signed-off-by: Simon McVittie <smcv@debian.org>
Any build-args specified in the manifest should be used during the
cleanup and platform-cleanup stages. This is because if you are using
QEMU to build for another architecture, for example, you need to pass
--bind-mount in the build-args, and the bind mount also needs to be
present while running cleanup commands.
These will be useful in upcoming tests, as they are in the right format
to be substituted into a .flatpakref file.
Generated using `gpg2 --homedir test-keyring --armor --export
${FL_GPG_ID}`, then stripping the packet header and removing line
breaks.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
This mirrors the same environment variable in OSTree’s unit tests, which
keeps the temporary directory around after tests have completed (or
failed) so the developer can examine it.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
This allows you to add multiple paths at the same time, plus
grant an app access to it, plus it returns the fuse mount path.
This allows you to avoid a lot of roundtrip in common cases.
This removes some duplicated code, and also follows the new
redirect-url property on initial add.
This also means we're requiring gpg signatures to be correct
on remote-add, so fix up the tests
