If p11-kit server is installed on the host, we spawn a copy of this, forwarding the access to the
p11-kit trust module in a read-only way.
We then (if the above worked) bind mount the socket as /run/user/$UID/p11-kit/pkcs11 in the sandbox,
which is the default socket path for the p11-kit-client module.
We also add a configuration file in /etc/pkcs11/modules/p11-kit-trust.module that makes the trust
module actually load the client module instead. This means applications automatically switch
to using the host certs for trust if possible, and use the runtime ca-certificates otherwise.
Additionally we add a config file that always disables pkcs user
config merging, because pkcs11 modules on the host are unlikely to work in a random runtime.
Closes: #1757
Approved by: alexlarsson
We only checked this in transaction. This is now the recommended way to installation
via libflatpak too, but if you use the old API this check also ensures that
installation fails if the required version is too old.
Also, we add a specific error code for this so callers can check for it.
Fixes https://github.com/flatpak/flatpak/issues/881Closes: #1755
Approved by: alexlarsson
Simplify some of the return logic when handling pushing/popping the
thread default main context by using g_autoptr(GMainContextPopDefault).
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Closes: #1736
Approved by: alexlarsson
The idea is for e.g. the gl extension to have
download-if=active-gl-driver
autoprune-unless=active-gl-driver
And then we can automatically find and uninstall unused gl drivers.
Closes: #1754
Approved by: alexlarsson
We were not correctly handling the partial refs that ostree_repo_list_refs()
returned, instead assuming they were full refs.
Closes: #1754
Approved by: alexlarsson
This moves the triggers from out of flatpak_install/update/uninstall
and instead calls them manually at all the sites that call this.
This allows FlatpakTransaction to only run the triggers once for the
entire operation.
Closes: #1743
Approved by: alexlarsson
In the no-pull case and when uninstalling, we never want to do any network
i/o for e.g. detecting depenedencies.
Closes: #1744
Approved by: alexlarsson
This does no network i/o and just keeps track of remote name
and collection id. This can be used for no-pull transactions.
Closes: #1744
Approved by: alexlarsson
This reads the current commit for a ref in the local repo.
This can be used e.g. to get at the metadata for an already pulled ref.
Closes: #1744
Approved by: alexlarsson
This is the same as flatpak_dir_search_for_dependency, but it looks only in the local
repo for already pulled dependencies. This is useful if you're in no-pull mode.
Closes: #1744
Approved by: alexlarsson
This makes info, list, remotes, and search work if there is no
system flatpak repo. Before it failed with EPERM.
Closes: #1742
Approved by: alexlarsson
The pop was missing, meaning that calling flatpak_dir_find_latest_rev()
corrupted the thread default main context stack of the caller.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
We only need to prune when an already existing ref is changed
to a new value. For example, never on install/update if no_pull, and
not on fresh install (but on reinstall).
We add an error signal to Transaction that the calle (cli) handles. It
decides what to do with the error and whether to continue or abort.
A new error ABORTED is returned from flatpak_run() to indicate
that it errored out because you chose to abort. We also add a new
error SKIPPED that we use to report that some operation is skipped
(due to earlier errors).
This also means we remote the stop_on_first_error argument
from flatpak_transaction_run() as this is now controlled by
the caller.
This reworks the dbus proxy to be more in line with the API proposed at
https://bugs.freedesktop.org/show_bug.cgi?id=101902
In particular, it makes the filtering language more expressive. You
can now filter both calls and broadcast recieves, and filters now work
with wildcarded object paths, bus names and interfaces
(BUS_NAME_IS_SUBTREE, OBJECT_PATH_IS_SUBTREE and empty interface in
dbus API). We also more correctly track the rules for unique ids so
that filter matching work for those too (previously filters only
worked if you sent to the well known bus name, not the unique name).
In terms of implementation, things have been simplified to *only* use
Filter rules rather than tracking policies and filters separately.
Also we track all the previously known owned names for a unique id
rather than just the highest policy for it. We can then look up all
filters for it, instead of a simplified policy only check.
In terms of the CLI everything is the same, except --filter=foo has
been renamed to --call=foo, to avoid the weird conflict with the
--filter (no =..) option. We also added a similar --broadcast to
filter received broadcasts.
Closes: #1730
Approved by: alexlarsson
This just keeps the fd alive until the FlatpakBwrap is freed, it
doesn't actually pass it on to the child.
We want to use this to keep a file lock held until the sandbox has
started where it takes over the lock.
Closes: #1730
Approved by: alexlarsson
