When allocating an instance id we create a unique directory
in $XDG_RUN_DIR/.flatpak/$id and create a .ref file in it which
we then read-lock (with F_SETLK). This lock is also taken by
the bwrap pid 1, so it will be taken for as long as the
app lives.
To clean up old is we remove any directories where we can successfully
write-lock the .ref file. As long as the sandbox lives this should
make it safe against removal.
However, there is a tiny race in the sandbox setup between the inital
O_CREAT of the .ref file and the F_SETLK fcntl. A GC at this point
may find the .ref file existing but not locked and then remove the
directory.
We work around this by only trying to lock .ref files that are more
than 3 seconds old.
The --verbose and --ostree-verbose options are global to all
subcommands, but --version can only be used with the main "flatpak"
command, so fix the man pages to reflect that.
The positional argument for the uninstall command is now called REF
rather than NAME, so update the docs to reflect that, and fix a typo in
the flatpak-list man page.
Now that flatpak depends on ostree 2018.6 we don't need to check if we
have 2018.5. Remove the check and update a comment.
Closes: #1813
Approved by: alexlarsson
This allows us to resolve as many operations as possible in parallel
which is much faster than doing the p2p queries for each potential
update.
Fixes#1592Closes: #1796
Approved by: alexlarsson
This takes a list of refs + remotes and optional commit, all
which need to be p2p (i.e. have collection-id != NULL) refs, and
uses the p2p API to resolve the refs to the latest available commit
it and the matching metadata for that version.
It does this by doing a find_remotes() and then a pull_from_remotes
with PULL_FLAG_COMMIT_ONLY and then extracting the metadata
from the commit object.
We also do some checking before pulling so that if we have the latest
reported commit already available locally then we don't pull anything
for that ref (instead resolving to the locally available metadata).
We always pull to a child repo so that we have write-rights even as a
user (in the system case) and so we can properly clean up the temporary
results.
Note, this unconditionally uses the p2p APIs, and it relies on the latest
ostree master which has a fix that allows us to read the latest refs from
the transaction.
Closes: #1796
Approved by: alexlarsson
There is no need to force a fsync after pulling into the child repo,
because we will anyway copy/verify it into the system repo. It is
never used for stable storage.
This makes system installation faster.
Closes: #1808
Approved by: alexlarsson
This commit removes fetches of ostree-metadata from
flatpak_dir_install() and flatpak_dir_update(), which both pull it into
the child repo when doing system-helper deployments. Both functions have
a FlatpakRemoteState object passed in and when that is initialized,
_flatpak_dir_fetch_remote_state_metadata_branch() pulls and deploys
ostree-metadata so it can be queried against for repo metadata and
served onto LAN and USB peers. So there's no need to pull it again here.
The issue of resolving a ref and its metadata atomically remains, but
that will be addressed by https://github.com/flatpak/flatpak/pull/1796.
Closes: #1806
Approved by: alexlarsson
This is a pretty lowlevel version of the permissions, and there
is no nice API for the library to produce these. However its got
the basics of permission tracking.
Closes: #1799
Approved by: alexlarsson
This changes the signals to use a FlatpakTransactionOperation
argument instead of a bunch of arguments in the signal, making
this easier to extend in the future.
This is an API break, but nobody is using this API yet, and it
was only available in one unstable release.
Closes: #1797
Approved by: alexlarsson
This signal is emitted after all the added operations and their dependencies
are resolved and we have the full list of things that will be
done as part of the transaction. At this point you can call
flatpak_transaction_get_operations() and decide if you want to
continue with the operation.
Closes: #1797
Approved by: alexlarsson
Instead use FlatpakTransactionOperationType internally too,
but extend it with a INSTALL_OR_UPDATE value which is not public.
Closes: #1797
Approved by: alexlarsson
SSH authentication sockets can be placed in a number of places, so it
is difficult for applications to just mount a fixed directory or
directories, hoping that SSH_AUTH_SOCK points somewhere inside the
mounted content.
Closes: #1764
Approved by: alexlarsson
I generated this list mechanically from the big if () condition in
flatpak-builtins-info.c, which is why they're one per line, and I think
it's more maintainable in this layout. (Whitespace has no effect on the
HTML or manpage output.)
Closes: #1788
Approved by: alexlarsson
Compared to `flatpak info --help` (which is what actually counts), 6
options were not documented, and one (--version) was documented but
doesn't exist.
Closes: #1788
Approved by: alexlarsson
