mirror of
https://github.com/flatpak/flatpak.git
synced 2026-01-28 17:41:14 -05:00
f8a9153d0e
The system-helper (ie., the `flatpak-system-helper` process) is labelled with flatpak_helper_exec_t and runs in the flatpak_helper_t domain, and tries to set up an inotify(7) watch on it's own binary so that it can exit when the binary is replaced. This explicitly permits it to do so to avoid running into SELinux denials. The corecmd_watch_bin_dirs SELinux interface is a recent addition [1], and is therefore used conditionally when defined. [1] https://github.com/fedora-selinux/selinux-policy/commit/88072fd293 https://github.com/fedora-selinux/selinux-policy/pull/1133 https://bugzilla.redhat.com/show_bug.cgi?id=2053634
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux.
See https://flatpak.org/ for more information.
Community discussion happens in #flatpak:matrix.org, on the mailing list, and on the Flathub Discourse.
Read documentation for Flatpak here.
Contributing
Flatpak welcomes contributions from anyone! Here are some ways you can help:
- Fix one of the issues and submit a PR
- Update flatpak's translations and submit a PR
- Improve flatpak's documentation, hosted at http://docs.flatpak.org and developed over in flatpak-docs
- Find a bug and submit a detailed report including your OS, flatpak version, and the steps to reproduce
- Add your favorite application to Flathub by writing a flatpak-builder manifest and submitting it
- Improve the Flatpak support in your favorite Linux distribution
Hacking
See CONTRIBUTING.md
Related Projects
Here are some notable projects in the Flatpak ecosystem:
- Flatseal: An app for managing permissions of Flatpak apps without using the CLI
- Flat-manager: A tool for managing Flatpak repositories