mirror of
https://github.com/flatpak/flatpak.git
synced 2026-03-14 05:02:44 -04:00
a84f725211
This gives the application full access to the host /dev. Obviously this is not great in terms of sandboxing, but its nice for applications that use flatpak mostly as a way to do distribution of the app. Also, its not like the app has full access to anything, its still limited to the access right of the user.
303 lines
12 KiB
XML
303 lines
12 KiB
XML
<?xml version='1.0'?> <!--*-nxml-*-->
|
|
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
|
|
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
|
|
|
|
<refentry id="flatpak-build">
|
|
|
|
<refentryinfo>
|
|
<title>flatpak build</title>
|
|
<productname>flatpak</productname>
|
|
|
|
<authorgroup>
|
|
<author>
|
|
<contrib>Developer</contrib>
|
|
<firstname>Alexander</firstname>
|
|
<surname>Larsson</surname>
|
|
<email>alexl@redhat.com</email>
|
|
</author>
|
|
</authorgroup>
|
|
</refentryinfo>
|
|
|
|
<refmeta>
|
|
<refentrytitle>flatpak build</refentrytitle>
|
|
<manvolnum>1</manvolnum>
|
|
</refmeta>
|
|
|
|
<refnamediv>
|
|
<refname>flatpak-build</refname>
|
|
<refpurpose>Build in a directory</refpurpose>
|
|
</refnamediv>
|
|
|
|
<refsynopsisdiv>
|
|
<cmdsynopsis>
|
|
<command>flatpak build</command>
|
|
<arg choice="opt" rep="repeat">OPTION</arg>
|
|
<arg choice="plain">DIRECTORY</arg>
|
|
<arg choice="opt">COMMAND <arg choice="opt" rep="repeat">ARG</arg></arg>
|
|
</cmdsynopsis>
|
|
</refsynopsisdiv>
|
|
|
|
<refsect1>
|
|
<title>Description</title>
|
|
|
|
<para>
|
|
Runs a build command in a directory. <arg choice="plain">DIRECTORY</arg>
|
|
must have been initialized with <command>flatpak build-init</command>.
|
|
</para>
|
|
<para>
|
|
The sdk that is specified in the <filename>metadata</filename> file
|
|
in the directory is mounted at <filename>/usr</filename> and the
|
|
<filename>files</filename> and <filename>var</filename> subdirectories
|
|
are mounted at <filename>/app</filename> and <filename>/var</filename>,
|
|
respectively. They are writable, and their contents are preserved between
|
|
build commands, to allow accumulating build artifacts there.
|
|
</para>
|
|
</refsect1>
|
|
|
|
<refsect1>
|
|
<title>Options</title>
|
|
|
|
<para>The following options are understood:</para>
|
|
|
|
<variablelist>
|
|
<varlistentry>
|
|
<term><option>-h</option></term>
|
|
<term><option>--help</option></term>
|
|
|
|
<listitem><para>
|
|
Show help options and exit.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><option>-v</option></term>
|
|
<term><option>--verbose</option></term>
|
|
|
|
<listitem><para>
|
|
Print debug information during command processing.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><option>--version</option></term>
|
|
|
|
<listitem><para>
|
|
Print version information and exit.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><option>--default-arch</option></term>
|
|
|
|
<listitem><para>
|
|
Print the default arch and exit.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><option>-r</option></term>
|
|
<term><option>--runtime</option></term>
|
|
|
|
<listitem><para>
|
|
Use the non-devel runtime that is specified in the application metadata instead of the devel runtime.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><option>--bind-mount=DEST=SOURCE</option></term>
|
|
|
|
<listitem><para>
|
|
Add a custom bind mount in the build namespace. Can be specified multiple times.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><option>--build-dir=PATH</option></term>
|
|
|
|
<listitem><para>
|
|
Start the build in this directory (default is in the current directory).
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><option>--share=SUBSYSTEM</option></term>
|
|
|
|
<listitem><para>
|
|
Share a subsystem with the host session. This overrides
|
|
the Context section from the application metadata.
|
|
SUBSYSTEM must be one of: network, ipc.
|
|
This option can be used multiple times.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><option>--unshare=SUBSYSTEM</option></term>
|
|
|
|
<listitem><para>
|
|
Don't share a subsystem with the host session. This overrides
|
|
the Context section from the application metadata.
|
|
SUBSYSTEM must be one of: network, ipc.
|
|
This option can be used multiple times.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><option>--socket=SOCKET</option></term>
|
|
|
|
<listitem><para>
|
|
Expose a well-known socket to the application. This overrides to
|
|
the Context section from the application metadata.
|
|
SOCKET must be one of: x11, wayland, pulseaudio, system-bus, session-bus.
|
|
This option can be used multiple times.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><option>--nosocket=SOCKET</option></term>
|
|
|
|
<listitem><para>
|
|
Don't expose a well-known socket to the application. This overrides to
|
|
the Context section from the application metadata.
|
|
SOCKET must be one of: x11, wayland, pulseaudio, system-bus, session-bus.
|
|
This option can be used multiple times.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><option>--device=DEVICE</option></term>
|
|
|
|
<listitem><para>
|
|
Expose a device to the application. This overrides to
|
|
the Context section from the application metadata.
|
|
DEVICE must be one of: dri, all.
|
|
This option can be used multiple times.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><option>--nodevice=DEVICE</option></term>
|
|
|
|
<listitem><para>
|
|
Don't expose a device to the application. This overrides to
|
|
the Context section from the application metadata.
|
|
DEVICE must be one of: dri, all.
|
|
This option can be used multiple times.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><option>--filesystem=FILESYSTEM[:ro]</option></term>
|
|
|
|
<listitem><para>
|
|
Allow the application access to a subset of the filesystem.
|
|
This overrides to the Context section from the application metadata.
|
|
FILESYSTEM can be one of: home, host, xdg-desktop, xdg-documents, xdg-download
|
|
xdg-music, xdg-pictures, xdg-public-share, xdg-templates, xdg-videos,
|
|
an absolute path, or a homedir-relative path like ~/dir.
|
|
The optional :ro suffix indicates that the location will be read-only.
|
|
This option can be used multiple times.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><option>--nofilesystem=FILESYSTEM</option></term>
|
|
|
|
<listitem><para>
|
|
Remove access to the specified subset of the filesystem from
|
|
the application. This overrides to the Context section from the
|
|
application metadata.
|
|
FILESYSTEM can be one of: home, host, xdg-desktop, xdg-documents, xdg-download
|
|
xdg-music, xdg-pictures, xdg-public-share, xdg-templates, xdg-videos,
|
|
an absolute path, or a homedir-relative path like ~/dir.
|
|
This option can be used multiple times.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><option>--env=VAR=VALUE</option></term>
|
|
|
|
<listitem><para>
|
|
Set an environment variable in the application.
|
|
This overrides to the Context section from the application metadata.
|
|
This option can be used multiple times.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><option>--own-name=NAME</option></term>
|
|
|
|
<listitem><para>
|
|
Allow the application to own the well-known name NAME on the session bus.
|
|
This overrides to the Context section from the application metadata.
|
|
This option can be used multiple times.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><option>--talk-name=NAME</option></term>
|
|
|
|
<listitem><para>
|
|
Allow the application to talk to the well-known name NAME on the session bus.
|
|
This overrides to the Context section from the application metadata.
|
|
This option can be used multiple times.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><option>--system-own-name=NAME</option></term>
|
|
|
|
<listitem><para>
|
|
Allow the application to own the well-known name NAME on the system bus.
|
|
This overrides to the Context section from the application metadata.
|
|
This option can be used multiple times.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><option>--system-talk-name=NAME</option></term>
|
|
|
|
<listitem><para>
|
|
Allow the application to talk to the well-known name NAME on the system bus.
|
|
This overrides to the Context section from the application metadata.
|
|
This option can be used multiple times.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><option>--persist=FILENAME</option></term>
|
|
|
|
<listitem><para>
|
|
If the application doesn't have access to the real homedir, make the (homedir-relative) path
|
|
FILENAME a bind mount to the corresponding path in the per-application directory,
|
|
allowing that location to be used for persistent data.
|
|
This overrides to the Context section from the application metadata.
|
|
This option can be used multiple times.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
</variablelist>
|
|
</refsect1>
|
|
|
|
<refsect1>
|
|
<title>Examples</title>
|
|
|
|
<para>
|
|
<command>$ flatpak build /build/my-app rpmbuild my-app.src.rpm</command>
|
|
</para>
|
|
|
|
</refsect1>
|
|
|
|
<refsect1>
|
|
<title>See also</title>
|
|
|
|
<para>
|
|
<citerefentry><refentrytitle>flatpak</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
|
|
<citerefentry><refentrytitle>flatpak-build-init</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
|
|
<citerefentry><refentrytitle>flatpak-build-finish</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
|
|
<citerefentry><refentrytitle>flatpak-build-export</refentrytitle><manvolnum>1</manvolnum></citerefentry>
|
|
</para>
|
|
|
|
</refsect1>
|
|
|
|
</refentry>
|