Just because stdout/stderr happen to be going to a terminal doesn't
necessarily mean that we want the command launched by HostCommand
to take ownership of the terminal - in the case where 'flatpak run'
is launched from a terminal, stderr will typically be left pointing
to the terminal for any command. In that case the terminal already
has a controlling process, and TIOCSCTTY will fail; avoid scary
messages by making the failure only a g_debug()
(cherry picked from commit 5f12c9e328)
It turned out that some sources where bind-mounted read-write
which should have been read-only:
* Extensions
* Fonts
* resolv.conf
* localtime
* machine-id
Many of these are not generally writable by the user, but
some are, which is pretty bad. For instance if the an
app is user-installed it will be able to write to its
locale data.
We fix this by using --ro-bind where needed.
(cherry picked from commit bc5ea57226)
We make /etc just a symlink to /usr/etc when we're building a runtime
and /etc is supposed to be writable. Otherwise the bind-mount we
normally have there don't allow use to replace existing files in /etc.
(cherry picked from commit ab446ebac5)
The socket directory then ended up in $HOME which was read-only, so
we couldn't create the socket. We solve this by putting the sockets
in a subdirectory and always making this directory writable in the
proxy.
(cherry picked from commit 0bea92bd73)
Before this commit
$ flatpak install --arch someArch --from some.flatpakref
Would completely ignore the arch argument and only install for the
default flatpak architecture. Since flatpakref files don't include
an arch field, there's no reason we can't attempt to install the
arch specified on the command line.
(cherry picked from commit ee83b5a70d)
If EXTERNAL_INSTALL_DIR wasn't defined (which is likely, since nothing
in the build system does), then we would tell the system helper
to search /exports/share, which is not Flatpak's territory
(but is a semi-commonly-used path for site-specific NFS shares,
which might have contents that are inappropriate to search here).
Installations that do define an external installation directory
(Endless OS?) can easily override the Environment to include it
by placing a drop-in in
/etc/systemd/user/flatpak-system-helper.service.d/external.conf
or similar.
(cherry picked from commit 1d6834db4d)
If the homedir is on a symlink (say /home -> /var/home) but the homedir
is in /home, then we shouldn't create a directory in /home because
then the symlink creation will fail. Instead we move the homedir
creation to the end, where we will create it in the symlink if needed.
This should fix https://github.com/flatpak/flatpak/issues/493
(cherry picked from commit fa6f7228886e983a5c1ff64e1d9db8ea0014ec26)
If you are exposing a symlink, say /link (-> /target) and
also a child of it, say /link/child, then we run into dependency
issues. For instance, the /link symlink is created, pointing to /target,
but then we try to to create /link/child before the /target
bind mount is setup, which will fail.
We work around this by adding a level, and the dependency of a symlink
(/target in the above case) will always be handled first. This isn't
a perfect solution, but is likely to be good enough in practice.
(cherry picked from commit 5c4c4bbe56807ce94ef2eb0cc860b1cf488371f5)
During setup the new root is in /newroot, so absolute symlinks don't work.
We make them realtive so that we can resolve the symlinks during setup.
(cherry picked from commit b1dd1c3f7a865f39ef9f296e3a0f96304f96247c)
We need to use g_build_filename, g_build_path takes a separator
as the first arg, not a path!
(cherry picked from commit 896c483cac6897cef6202055ed127e37e09f5ab8)
This change fixes GCC compiler warnings where a cleanup function was
specified on an uninitialised pointer, which in the view of GCC could
result in an errornous free of uninitialised memory, if the functions
that initialise them do not return NULL.
Signed-off-by: Ikey Doherty <ikey@solus-project.com>
(cherry picked from commit 605c7ee87b)
Typically Linux distributions employ /etc/profile.d for system wide
environment manipulation prior to multi-user initialisation. Modern
distribution efforts split the vendor configuration from the local
sysadmin configuration and data, by not using the /etc/ directories,
for example.
To enable this stateless pattern, this change adds a new --with-profile-dir
option to use an alternative location, such as within /usr/share/. This
ensures that the data (not configuration) is owned through the update
process, and does not conflict with changes made locally to the system,
enforcing domains of ownership.
To preserve backwards compatible behaviour, the default directory remains
set to /etc/profile.d.
Signed-off-by: Ikey Doherty <ikey@solus-project.com>
(cherry picked from commit 3b64fbc4f5)
Newer versions of dbus support stateless directories, and many distributions
now use /usr/share/dbus-1/system.d for the vendor configuration files, as
opposed to the legacy /etc/dbus-1/system.d directory.
To enable this, we add a new --with-dbus-config-dir option to control the
configuration directory, whilst retaining backwards compatibility for those
still using older versions of dbus.
Signed-off-by: Ikey Doherty <ikey@solus-project.com>
(cherry picked from commit ca107ebb16)
Not being documented makes it hard to know that this actually
takes the url of a flatpakrepo file, as opposed to the other url
key in this file, which takes the url to a remote.
Apps may rely on /var/tmp not being in ram, for instance when
downloading large files. See for instance:
http://0pointer.net/blog/projects/tmp.html
We make /var/tmp point to ~/.var/app/cache/tmp so that each app get
its own instane, and so that its cleared whe removing xdg-cache-dir
for the app.
