Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: unblock
Please reduce flatpak's time delay, or unblock it: unblock flatpak/0.8.2-1 Shortly before the soft freeze, flatpak upstream introduced a new stable branch 0.8.x, which I hope will be minimal enough to use as a source for future stable updates if needed. 0.8.1 has been in testing for 7 days without new bug reports, but 0.8.2 was released today to fix a gap in the sandboxing. flatpak will need to migrate together with bubblewrap, which was uploaded at the same time as flatpak 0.8.1: they have a Breaks/Depends pair to ensure that CVE-2017-5226 does not come back (responsibility for preventing it was moved from bubblewrap to flatpak to fix a functional regression in the version currently in testing). The attached debdiff was filtered to exclude: - Autotools noise (configure, Makefile.in, aclocal.m4) - prebuilt HTML documentation (gtk-doc) - the bundled copy of bubblewrap (we use the system version in Debian) - dropped patches in debian/patches (they were applied upstream) - translation updates Regards, S -- System Information: Debian Release: 9.0 APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
debdiff --exclude=configure --exclude=\*.patch --exclude=\*.html --exclude=aclocal.m4 --exclude=bubblewrap --exclude=po --exclude=Makefile.in flatpak_0.8.0-1.dsc flatpak_0.8.2-1.dsc diffstat for flatpak-0.8.0 flatpak-0.8.2 Makefile.am | 7 NEWS | 56 ++ app/flatpak-builtins-build.c | 8 app/flatpak-builtins-install.c | 2 app/flatpak-builtins-list.c | 2 app/flatpak-main.c | 4 app/flatpak-transaction.c | 23 builder/builder-main.c | 2 builder/builder-manifest.c | 9 builder/builder-source-bzr.c | 2 builder/builder-source.c | 2 common/flatpak-dir.c | 9 common/flatpak-dir.h | 1 common/flatpak-json.c | 7 common/flatpak-oci-registry.c | 8 common/flatpak-run.c | 258 +++++++--- common/flatpak-run.h | 1 common/flatpak-utils.c | 30 - common/flatpak-utils.h | 1 configure.ac | 18 debian/changelog | 48 + debian/control | 2 debian/patches/series | 2 debian/tests/builder-python | 6 debian/tests/control | 9 debian/tests/gnome-desktop-testing | 4 doc/flatpak-builder.xml | 2 doc/flatpak-flatpakref.xml | 4 doc/flatpak-flatpakrepo.xml | 4 document-portal/xdp-fuse.c | 67 +- lib/flatpak-installation.c | 2 lib/flatpak-version-macros.h | 2 permission-store/xdg-permission-store.c | 2 session-helper/flatpak-session-helper.c | 4 system-helper/Makefile.am.inc | 2 system-helper/flatpak-system-helper.c | 2 system-helper/flatpak-system-helper.service.in | 1 system-helper/org.freedesktop.Flatpak.SystemHelper.service.in | 1 tests/Makefile.am.inc | 2 tests/libtest.sh | 8 tests/make-test-app.sh | 3 tests/make-test-runtime.sh | 3 tests/package_version.txt | 2 tests/test-builder.sh | 2 tests/test-bundle.sh | 22 tests/test-extensions.sh | 19 tests/test-oci.sh | 30 + tests/test-run.sh | 16 tests/testlibrary.c | 7 49 files changed, 570 insertions(+), 158 deletions(-) diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/app/flatpak-builtins-build.c flatpak-0.8.2/app/flatpak-builtins-build.c --- flatpak-0.8.0/app/flatpak-builtins-build.c 2016-10-28 09:41:14.000000000 +0100 +++ flatpak-0.8.2/app/flatpak-builtins-build.c 2017-01-27 09:50:41.000000000 +0000 @@ -85,6 +85,7 @@ g_autoptr(FlatpakContext) app_context = NULL; gboolean custom_usr; g_auto(GStrv) runtime_ref_parts = NULL; + FlatpakRunFlags run_flags; context = g_option_context_new (_("DIRECTORY [COMMAND [args...]] - Build in directory")); g_option_context_set_translation_domain (context, GETTEXT_PACKAGE); @@ -180,9 +181,12 @@ "--lock-file", "/usr/.ref", NULL); + run_flags = FLATPAK_RUN_FLAG_DEVEL | FLATPAK_RUN_FLAG_NO_SESSION_HELPER; + if (custom_usr) + run_flags |= FLATPAK_RUN_FLAG_WRITABLE_ETC; + if (!flatpak_run_setup_base_argv (argv_array, NULL, runtime_files, NULL, runtime_ref_parts[2], - FLATPAK_RUN_FLAG_DEVEL | FLATPAK_RUN_FLAG_NO_SESSION_HELPER, - error)) + run_flags, error)) return FALSE; /* After setup_base to avoid conflicts with /var symlinks */ diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/app/flatpak-builtins-install.c flatpak-0.8.2/app/flatpak-builtins-install.c --- flatpak-0.8.0/app/flatpak-builtins-install.c 2016-12-20 15:26:38.000000000 +0000 +++ flatpak-0.8.2/app/flatpak-builtins-install.c 2017-01-24 08:54:11.000000000 +0000 @@ -354,7 +354,7 @@ if (!handle_runtime_repo_deps_from_keyfile (dir, file_data, error)) return FALSE; - if (!flatpak_dir_create_remote_for_ref_file (dir, file_data, &remote, &ref, error)) + if (!flatpak_dir_create_remote_for_ref_file (dir, file_data, opt_arch, &remote, &ref, error)) return FALSE; /* Need to pick up the new config, in case it was applied in the system helper. */ diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/app/flatpak-builtins-list.c flatpak-0.8.2/app/flatpak-builtins-list.c --- flatpak-0.8.0/app/flatpak-builtins-list.c 2016-12-19 09:06:18.000000000 +0000 +++ flatpak-0.8.2/app/flatpak-builtins-list.c 2017-01-27 09:50:24.000000000 +0000 @@ -210,7 +210,7 @@ if (strcmp (parts[0], "app") == 0) { - g_autofree char *current; + g_autofree char *current = NULL; current = flatpak_dir_current_ref (dir, parts[1], cancellable); if (current && strcmp (ref, current) == 0) diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/app/flatpak-main.c flatpak-0.8.2/app/flatpak-main.c --- flatpak-0.8.0/app/flatpak-main.c 2016-12-19 09:05:13.000000000 +0000 +++ flatpak-0.8.2/app/flatpak-main.c 2017-01-27 09:50:24.000000000 +0000 @@ -174,7 +174,7 @@ gboolean is_error) { GOptionContext *context; - g_autofree char *help; + g_autofree char *help = NULL; context = flatpak_option_context_new_with_commands (commands); @@ -344,7 +344,7 @@ if (!command->fn) { GOptionContext *context; - g_autofree char *help; + g_autofree char *help = NULL; context = flatpak_option_context_new_with_commands (commands); diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/app/flatpak-transaction.c flatpak-0.8.2/app/flatpak-transaction.c --- flatpak-0.8.0/app/flatpak-transaction.c 2016-12-20 15:26:38.000000000 +0000 +++ flatpak-0.8.2/app/flatpak-transaction.c 2017-01-24 08:54:11.000000000 +0000 @@ -419,8 +419,11 @@ /* Update if in same dir */ if (dir_ref_is_installed (self->dir, full_runtime_ref, &runtime_remote)) { - flatpak_transaction_add_op (self, runtime_remote, full_runtime_ref, NULL, NULL, NULL, - FLATPAK_TRANSACTION_OP_KIND_UPDATE); + FlatpakTransactionOp *op; + g_debug ("Updating dependent runtime %s", full_runtime_ref); + op = flatpak_transaction_add_op (self, runtime_remote, full_runtime_ref, NULL, NULL, NULL, + FLATPAK_TRANSACTION_OP_KIND_UPDATE); + op->non_fatal = TRUE; } } } @@ -447,6 +450,7 @@ const char *pref; g_autofree char *remote_metadata = NULL; g_autoptr(GKeyFile) metakey = NULL; + g_autoptr(GError) local_error = NULL; pref = strchr (ref, '/') + 1; @@ -466,7 +470,7 @@ } remote = origin; } - else + else if (kind == FLATPAK_TRANSACTION_OP_KIND_INSTALL) { g_assert (remote != NULL); if (dir_ref_is_installed (self->dir, ref, NULL)) @@ -477,9 +481,16 @@ } } - if (metadata == NULL && remote != NULL && - flatpak_dir_fetch_ref_cache (self->dir, remote, ref, NULL, NULL, &remote_metadata, NULL, NULL)) - metadata = remote_metadata; + if (metadata == NULL && remote != NULL) + { + if (flatpak_dir_fetch_ref_cache (self->dir, remote, ref, NULL, NULL, &remote_metadata, NULL, &local_error)) + metadata = remote_metadata; + else + { + g_print ("Warning: Can't find dependencies: %s\n", local_error->message); + g_clear_error (&local_error); + } + } if (metadata) { diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/builder/builder-main.c flatpak-0.8.2/builder/builder-main.c --- flatpak-0.8.0/builder/builder-main.c 2016-12-19 13:53:59.000000000 +0000 +++ flatpak-0.8.2/builder/builder-main.c 2017-01-19 14:33:30.000000000 +0000 @@ -200,7 +200,7 @@ g_autoptr(GFileEnumerator) dir_enum2 = NULL; GFileInfo *next = NULL; const char *platform_id = NULL; - g_autofree char **orig_argv; + g_autofree char **orig_argv = NULL; gboolean is_run = FALSE; gboolean is_show_deps = FALSE; gboolean app_dir_is_empty = FALSE; diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/builder/builder-manifest.c flatpak-0.8.2/builder/builder-manifest.c --- flatpak-0.8.0/builder/builder-manifest.c 2016-11-28 11:24:52.000000000 +0000 +++ flatpak-0.8.2/builder/builder-manifest.c 2017-01-27 09:50:24.000000000 +0000 @@ -906,14 +906,19 @@ { const char *module_path = json_node_get_string (element_node); g_autofree char *json = NULL; + g_autoptr(GError) error = NULL; - if (g_file_get_contents (module_path, &json, NULL, NULL)) + if (g_file_get_contents (module_path, &json, NULL, &error)) { module = json_gobject_from_data (BUILDER_TYPE_MODULE, - json, -1, NULL); + json, -1, &error); if (module) builder_module_set_json_path (BUILDER_MODULE (module), module_path); } + if (error != NULL) + { + g_error ("Failed to load included manifest (%s): %s", module_path, error->message); + } } else if (JSON_NODE_HOLDS_OBJECT (element_node)) module = json_gobject_deserialize (BUILDER_TYPE_MODULE, element_node); diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/builder/builder-source-bzr.c flatpak-0.8.2/builder/builder-source-bzr.c --- flatpak-0.8.0/builder/builder-source-bzr.c 2016-10-28 09:41:14.000000000 +0100 +++ flatpak-0.8.2/builder/builder-source-bzr.c 2017-01-19 14:33:30.000000000 +0000 @@ -245,7 +245,7 @@ BuilderContext *context) { BuilderSourceBzr *self = BUILDER_SOURCE_BZR (source); - g_autofree char *current_commit; + g_autofree char *current_commit = NULL; g_autoptr(GError) error = NULL; diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/builder/builder-source.c flatpak-0.8.2/builder/builder-source.c --- flatpak-0.8.0/builder/builder-source.c 2016-11-28 11:24:52.000000000 +0000 +++ flatpak-0.8.2/builder/builder-source.c 2017-01-19 14:33:30.000000000 +0000 @@ -264,7 +264,7 @@ { BuilderSourceClass *class; - g_autoptr(GFile) real_dest; + g_autoptr(GFile) real_dest = NULL; class = BUILDER_SOURCE_GET_CLASS (self); diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/common/flatpak-dir.c flatpak-0.8.2/common/flatpak-dir.c --- flatpak-0.8.0/common/flatpak-dir.c 2016-12-20 15:27:47.000000000 +0000 +++ flatpak-0.8.2/common/flatpak-dir.c 2017-01-24 08:54:11.000000000 +0000 @@ -2603,7 +2603,7 @@ { gboolean ret = FALSE; - g_autoptr(GFile) base; + g_autoptr(GFile) base = NULL; g_autoptr(GFileEnumerator) dir_enum = NULL; g_autoptr(GFileInfo) child_info = NULL; GError *temp_error = NULL; @@ -6635,6 +6635,7 @@ gboolean flatpak_dir_create_remote_for_ref_file (FlatpakDir *self, GBytes *data, + const char *default_arch, char **remote_name_out, char **ref_out, GError **error) @@ -6652,7 +6653,7 @@ if (!parse_ref_file (data, &name, &branch, &url, &title, &gpg_data, &is_runtime, error)) return FALSE; - ref = flatpak_compose_ref (!is_runtime, name, branch, NULL, error); + ref = flatpak_compose_ref (!is_runtime, name, branch, default_arch, error); if (ref == NULL) return FALSE; @@ -7282,7 +7283,7 @@ if (cache_v == NULL) { g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND, - _("Data not found")); + _("No flatpak cache in remote summary")); return FALSE; } @@ -7291,7 +7292,7 @@ if (res == NULL) { g_set_error (error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND, - _("Data not found for ref %s"), ref); + _("No entry for %s in remote summary flatpak cache "), ref); return FALSE; } diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/common/flatpak-dir.h flatpak-0.8.2/common/flatpak-dir.h --- flatpak-0.8.0/common/flatpak-dir.h 2016-12-20 15:26:38.000000000 +0000 +++ flatpak-0.8.2/common/flatpak-dir.h 2017-01-24 08:54:11.000000000 +0000 @@ -463,6 +463,7 @@ GError **error); gboolean flatpak_dir_create_remote_for_ref_file (FlatpakDir *self, GBytes *data, + const char *default_arch, char **remote_name_out, char **ref_out, GError **error); diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/common/flatpak-json.c flatpak-0.8.2/common/flatpak-json.c --- flatpak-0.8.0/common/flatpak-json.c 2016-12-13 14:55:18.000000000 +0000 +++ flatpak-0.8.2/common/flatpak-json.c 2016-12-21 13:20:28.000000000 +0000 @@ -588,10 +588,15 @@ flatpak_json_to_bytes (FlatpakJson *self) { g_autoptr(JsonNode) node = NULL; + g_autoptr(JsonGenerator) generator = NULL; char *str; node = flatpak_json_to_node (FLATPAK_JSON (self)); - str = json_to_string (node, TRUE); + generator = json_generator_new (); + json_generator_set_pretty (generator, TRUE); + json_generator_set_root (generator, node); + + str = json_generator_to_data (generator, NULL); return g_bytes_new_take (str, strlen (str)); } diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/common/flatpak-oci-registry.c flatpak-0.8.2/common/flatpak-oci-registry.c --- flatpak-0.8.0/common/flatpak-oci-registry.c 2016-12-19 10:15:44.000000000 +0000 +++ flatpak-0.8.2/common/flatpak-oci-registry.c 2017-01-11 23:17:16.000000000 +0000 @@ -297,7 +297,7 @@ return NULL; } - return json_node_ref (root); + return json_node_copy (root); } static gboolean @@ -1014,6 +1014,12 @@ error)) return NULL; + if (fchmod (tmp_fd, 0644) != 0) + { + glnx_set_error_from_errno (error); + return NULL; + } + a = archive_write_new (); if (archive_write_set_format_gnutar (a) != ARCHIVE_OK || archive_write_add_filter_none (a) != ARCHIVE_OK) diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/common/flatpak-run.c flatpak-0.8.2/common/flatpak-run.c --- flatpak-0.8.0/common/flatpak-run.c 2016-12-13 14:55:18.000000000 +0000 +++ flatpak-0.8.2/common/flatpak-run.c 2017-01-27 09:51:06.000000000 +0000 @@ -26,6 +26,7 @@ #include <unistd.h> #include <sys/utsname.h> #include <sys/socket.h> +#include <sys/ioctl.h> #include <grp.h> #ifdef ENABLE_SECCOMP @@ -92,6 +93,12 @@ "tmp", "etc", "app", "run", "proc", "sys", "dev", "var", NULL }; +/* We don't want to export paths pointing into these, because they are readonly + (so we can't create mountpoints there) and don't match whats on the host anyway */ +const char *dont_export_in[] = { + "/lib/", "/lib32/", "/lib64/", "/bin/", "/sbin/", "/usr/", "/etc/", "/app/", NULL +}; + typedef enum { FLATPAK_CONTEXT_DEVICE_DRI = 1 << 0, FLATPAK_CONTEXT_DEVICE_ALL = 1 << 1, @@ -562,7 +569,7 @@ { char *slash; const char *rest; - g_autofree char *prefix; + g_autofree char *prefix = NULL; const char *dir = NULL; gsize len; @@ -596,7 +603,7 @@ { char *slash; const char *rest; - g_autofree char *prefix; + g_autofree char *prefix = NULL; gsize len; slash = strchr (filesystem, '/'); @@ -2014,9 +2021,13 @@ static char * create_proxy_socket (char *template) { - g_autofree char *proxy_socket = g_build_filename (g_get_user_runtime_dir (), template, NULL); + g_autofree char *proxy_socket_dir = g_build_filename (g_get_user_runtime_dir (), ".dbus-proxy", NULL); + g_autofree char *proxy_socket = g_build_filename (proxy_socket_dir, template, NULL); int fd; + if (!glnx_shutil_mkdir_p_at (AT_FDCWD, proxy_socket_dir, 0755, NULL, NULL)) + return NULL; + fd = g_mkstemp (proxy_socket); if (fd == -1) return NULL; @@ -2054,7 +2065,7 @@ else if (dbus_proxy_argv && g_hash_table_size (context->system_bus_policy) > 0) { - g_autofree char *proxy_socket = create_proxy_socket (".system-bus-proxy-XXXXXX"); + g_autofree char *proxy_socket = create_proxy_socket ("system-bus-proxy-XXXXXX"); if (proxy_socket == NULL) return FALSE; @@ -2105,7 +2116,7 @@ } else if (dbus_proxy_argv && dbus_address != NULL) { - g_autofree char *proxy_socket = create_proxy_socket (".session-bus-proxy-XXXXXX"); + g_autofree char *proxy_socket = create_proxy_socket ("session-bus-proxy-XXXXXX"); if (proxy_socket == NULL) return FALSE; @@ -2186,7 +2197,7 @@ } add_args (argv_array, - "--bind", ext->files_path, full_directory, + "--ro-bind", ext->files_path, full_directory, NULL); if (g_file_test (real_ref, G_FILE_TEST_EXISTS)) @@ -2200,9 +2211,40 @@ return TRUE; } +static char * +make_relative (const char *base, const char *path) +{ + GString *s = g_string_new (""); + + while (*base != 0) + { + while (*base == '/') + base++; + + if (*base != 0) + g_string_append (s, "../"); + + while (*base != '/' && *base != 0) + base++; + } + + while (*path == '/') + path++; + + g_string_append (s, path); + + return g_string_free (s, FALSE); +} + #define FAKE_MODE_HIDDEN 0 #define FAKE_MODE_SYMLINK G_MAXINT +typedef struct { + char *path; + int level; + guint mode; +} ExportedPath; + static gboolean path_is_visible (const char **keys, guint n_keys, @@ -2216,14 +2258,13 @@ for (i = 0; i < n_keys; i++) { const char *mounted_path = keys[i]; - guint mode; - mode = GPOINTER_TO_INT (g_hash_table_lookup (hash_table, mounted_path)); + ExportedPath *ep = g_hash_table_lookup (hash_table, mounted_path); if (flatpak_has_path_prefix (path, mounted_path)) { - if (mode == FAKE_MODE_HIDDEN) + if (ep->mode == FAKE_MODE_HIDDEN) is_visible = FALSE; - else if (mode != FAKE_MODE_SYMLINK) + else if (ep->mode != FAKE_MODE_SYMLINK) is_visible = TRUE; } } @@ -2231,33 +2272,47 @@ return is_visible; } +static gint +compare_eps (const ExportedPath *a, + const ExportedPath *b) +{ + if (a->level == b->level) + return g_strcmp0 (a->path, b->path); + else + return b->level - a->level; +} + static void add_file_args (GPtrArray *argv_array, GHashTable *hash_table) { guint n_keys; g_autofree const char **keys = (const char **)g_hash_table_get_keys_as_array (hash_table, &n_keys); - guint i; + g_autoptr(GList) eps = NULL; + GList *l; + + eps = g_hash_table_get_values (hash_table); + eps = g_list_sort (eps, (GCompareFunc)compare_eps); g_qsort_with_data (keys, n_keys, sizeof (char *), (GCompareDataFunc) flatpak_strcmp0_ptr, NULL); - for (i = 0; i < n_keys; i++) + for (l = eps; l != NULL; l = l->next) { - const char *path = keys[i]; - guint mode; + ExportedPath *ep = l->data; + const char *path = ep->path; - mode = GPOINTER_TO_INT (g_hash_table_lookup (hash_table, path)); - - if (mode == FAKE_MODE_SYMLINK) + if (ep->mode == FAKE_MODE_SYMLINK) { if (!path_is_visible (keys, n_keys, hash_table, path)) { g_autofree char *resolved = flatpak_resolve_link (path, NULL); + g_autofree char *parent = g_path_get_dirname (path); + g_autofree char *relative = make_relative (parent, resolved); if (resolved) - add_args (argv_array, "--symlink", resolved, path, NULL); + add_args (argv_array, "--symlink", relative, path, NULL); } } - else if (mode == FAKE_MODE_HIDDEN) + else if (ep->mode == FAKE_MODE_HIDDEN) { /* Mount a tmpfs to hide the subdirectory, but only if either its not visible (then we can always create the @@ -2268,9 +2323,11 @@ add_args (argv_array, "--tmpfs", path, NULL); } else - add_args (argv_array, - (mode == FLATPAK_FILESYSTEM_MODE_READ_ONLY) ? "--ro-bind" : "--bind", - path, path, NULL); + { + add_args (argv_array, + (ep->mode == FLATPAK_FILESYSTEM_MODE_READ_ONLY) ? "--ro-bind" : "--bind", + path, path, NULL); + } } } @@ -2279,50 +2336,100 @@ const char *path) { guint old_mode; + ExportedPath *ep = g_new0 (ExportedPath, 1); + ExportedPath *old_ep; - old_mode = GPOINTER_TO_INT (g_hash_table_lookup (hash_table, path)); - g_hash_table_insert (hash_table, g_strdup (path), - GINT_TO_POINTER ( MAX (old_mode, FAKE_MODE_HIDDEN))); -} + old_ep = g_hash_table_lookup (hash_table, path); + if (old_ep) + old_mode = old_ep->mode; + else + old_mode = 0; -static void -add_expose_path (GHashTable *hash_table, - FlatpakFilesystemMode mode, - const char *path) + ep->path = g_strdup (path); + ep->level = 0; + ep->mode = MAX (old_mode, FAKE_MODE_HIDDEN); + g_hash_table_insert (hash_table, ep->path, ep); +} + +/* We use the level to make sure we get the ordering somewhat right. + * For instance if /symlink -> /z_dir is exported, then we want to create + * /z_dir before /symlink, because otherwise an export like /symlink/foo + * will fail. The approach we use is to just bump the sort prio based on the + * symlink resolve depth. This it not perfect, but gets the common situation + * such as --filesystem=/link --filesystem=/link/dir right. + */ +static gboolean +_add_expose_path (GHashTable *hash_table, + FlatpakFilesystemMode mode, + const char *path, + int level) { + g_autofree char *canonical = flatpak_canonicalize_filename (path); struct stat st; + int i; + + if (!g_path_is_absolute (path)) + { + g_debug ("Not exposing relative path %s", path); + return FALSE; + } + + for (i = 0; dont_export_in[i] != NULL; i++) + { + /* Don't expose files in non-mounted dirs like /app or /usr, as + they are not the same as on the host, and we generally can't + create the parents for them anyway */ + if (g_str_has_prefix (canonical, dont_export_in[i])) + { + g_debug ("skipping export for path %s", canonical); + return FALSE; + } + } if (lstat (path, &st) != 0) - return; + return FALSE; if (S_ISDIR (st.st_mode) || S_ISREG (st.st_mode) || S_ISLNK (st.st_mode) || S_ISSOCK (st.st_mode)) { - guint old_mode; + ExportedPath *old_ep = g_hash_table_lookup (hash_table, path); + guint old_mode = 0; - old_mode = GPOINTER_TO_INT (g_hash_table_lookup (hash_table, path)); + if (old_ep != NULL) + old_mode = old_ep->mode; if (S_ISLNK (st.st_mode)) { g_autofree char *resolved = flatpak_resolve_link (path, NULL); - /* Don't keep symlinks into /app or /usr, as they are not the - same as on the host, and we generally can't create the parents - for them anyway */ - if (resolved && - !g_str_has_prefix (resolved, "/app/") && - !g_str_has_prefix (resolved, "/usr/")) - { - add_expose_path (hash_table, mode, resolved); - mode = FAKE_MODE_SYMLINK; - } + + if (resolved && _add_expose_path (hash_table, mode, resolved, level + 1)) + mode = FAKE_MODE_SYMLINK; else mode = 0; } + if (mode > 0) - g_hash_table_insert (hash_table, g_strdup (path), GINT_TO_POINTER ( MAX (old_mode, mode))); + { + ExportedPath *ep = g_new0 (ExportedPath, 1); + ep->path = g_strdup (path); + ep->mode = MAX (old_mode, mode); + ep->level = level; + g_hash_table_insert (hash_table, ep->path, ep); + return TRUE; + } } + + return FALSE; +} + +static gboolean +add_expose_path (GHashTable *hash_table, + FlatpakFilesystemMode mode, + const char *path) +{ + return _add_expose_path (hash_table, mode, path, 0); } void @@ -2343,7 +2450,7 @@ GString *xdg_dirs_conf = NULL; FlatpakFilesystemMode fs_mode, home_mode; g_autoptr(GFile) user_flatpak_dir = NULL; - g_autoptr(GHashTable) fs_paths = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, NULL); + g_autoptr(GHashTable) fs_paths = g_hash_table_new_full (g_str_hash, g_str_equal, NULL, g_free); if ((context->shares & FLATPAK_CONTEXT_SHARED_IPC) == 0) { @@ -2373,6 +2480,13 @@ g_debug ("Allowing dri access"); if (g_file_test ("/dev/dri", G_FILE_TEST_IS_DIR)) add_args (argv_array, "--dev-bind", "/dev/dri", "/dev/dri", NULL); + if (g_file_test ("/dev/mali", G_FILE_TEST_EXISTS)) + { + add_args (argv_array, + "--dev-bind", "/dev/mali", "/dev/mali", + "--dev-bind", "/dev/umplock", "/dev/umplock", + NULL); + } if (g_file_test ("/dev/nvidiactl", G_FILE_TEST_EXISTS)) { add_args (argv_array, @@ -2554,6 +2668,11 @@ /* This actually outputs the args for the hide/expose operations above */ add_file_args (argv_array, fs_paths); + /* Ensure we always have a homedir */ + add_args (argv_array, + "--dir", g_get_home_dir (), + NULL); + /* Special case subdirectories of the cache, config and data xdg dirs. * If these are accessible explicilty, in a read-write fashion, then * we bind-mount these in the app-id dir. This allows applications to @@ -2573,7 +2692,7 @@ xdg_path = get_xdg_dir_from_string (filesystem, &rest, &where); if (xdg_path != NULL && *rest != 0 && - mode > FLATPAK_FILESYSTEM_MODE_READ_WRITE) + mode >= FLATPAK_FILESYSTEM_MODE_READ_WRITE) { g_autoptr(GFile) app_version = g_file_get_child (app_id_dir, where); g_autoptr(GFile) app_version_subdir = g_file_resolve_relative_path (app_version, rest); @@ -2829,6 +2948,7 @@ g_autoptr(GFile) dir = flatpak_get_data_dir (app_id); g_autoptr(GFile) data_dir = g_file_get_child (dir, "data"); g_autoptr(GFile) cache_dir = g_file_get_child (dir, "cache"); + g_autoptr(GFile) tmp_dir = g_file_get_child (cache_dir, "tmp"); g_autoptr(GFile) config_dir = g_file_get_child (dir, "config"); if (!flatpak_mkdir_p (data_dir, cancellable, error)) @@ -2837,6 +2957,9 @@ if (!flatpak_mkdir_p (cache_dir, cancellable, error)) return NULL; + if (!flatpak_mkdir_p (tmp_dir, cancellable, error)) + return NULL; + if (!flatpak_mkdir_p (config_dir, cancellable, error)) return NULL; @@ -2964,7 +3087,7 @@ if (g_file_test (SYSTEM_FONTS_DIR, G_FILE_TEST_EXISTS)) { add_args (argv_array, - "--bind", SYSTEM_FONTS_DIR, "/run/host/fonts", + "--ro-bind", SYSTEM_FONTS_DIR, "/run/host/fonts", NULL); } @@ -2975,13 +3098,13 @@ if (g_file_query_exists (user_font1, NULL)) { add_args (argv_array, - "--bind", flatpak_file_get_path_cached (user_font1), "/run/host/user-fonts", + "--ro-bind", flatpak_file_get_path_cached (user_font1), "/run/host/user-fonts", NULL); } else if (g_file_query_exists (user_font2, NULL)) { add_args (argv_array, - "--bind", flatpak_file_get_path_cached (user_font2), "/run/host/user-fonts", + "--ro-bind", flatpak_file_get_path_cached (user_font2), "/run/host/user-fonts", NULL); } } @@ -3128,7 +3251,7 @@ NULL, NULL)) { add_args (argv_array, - "--bind", monitor_path, "/run/host/monitor", + "--ro-bind", monitor_path, "/run/host/monitor", NULL); add_args (argv_array, "--symlink", "/run/host/monitor/localtime", "/etc/localtime", @@ -3159,7 +3282,7 @@ else { add_args (argv_array, - "--bind", "/etc/localtime", "/etc/localtime", + "--ro-bind", "/etc/localtime", "/etc/localtime", NULL); } } @@ -3167,7 +3290,7 @@ if (g_file_test ("/etc/resolv.conf", G_FILE_TEST_EXISTS)) { add_args (argv_array, - "--bind", "/etc/resolv.conf", "/etc/resolv.conf", + "--ro-bind", "/etc/resolv.conf", "/etc/resolv.conf", NULL); } } @@ -3274,6 +3397,7 @@ gsize bwrap_args_len; glnx_fd_close int bwrap_args_fd = -1; g_autofree char *bwrap_args_data = NULL; + g_autofree char *proxy_socket_dir = g_build_filename (g_get_user_runtime_dir (), ".dbus-proxy/", NULL); if (!glnx_dirfd_iterator_init_at (AT_FDCWD, "/", FALSE, &dir_iter, error)) return FALSE; @@ -3319,6 +3443,10 @@ } } + g_ptr_array_add (bwrap_args, g_strdup ("--bind")); + g_ptr_array_add (bwrap_args, g_strdup (proxy_socket_dir)); + g_ptr_array_add (bwrap_args, g_strdup (proxy_socket_dir)); + g_ptr_array_add (bwrap_args, g_strdup ("--ro-bind-data")); g_ptr_array_add (bwrap_args, g_strdup_printf ("%d", app_info_fd)); g_ptr_array_add (bwrap_args, g_strdup ("/.flatpak-info")); @@ -3519,6 +3647,9 @@ {SCMP_SYS (mount)}, {SCMP_SYS (pivot_root)}, {SCMP_SYS (clone), &SCMP_A0 (SCMP_CMP_MASKED_EQ, CLONE_NEWUSER, CLONE_NEWUSER)}, + + /* Don't allow faking input to the controlling tty (CVE-2017-5226) */ + {SCMP_SYS (ioctl), &SCMP_A1(SCMP_CMP_EQ, (int)TIOCSTI)}, }; struct @@ -3738,19 +3869,27 @@ "--ro-bind", "/sys/class", "/sys/class", "--ro-bind", "/sys/dev", "/sys/dev", "--ro-bind", "/sys/devices", "/sys/devices", + NULL); + + if (flags & FLATPAK_RUN_FLAG_WRITABLE_ETC) + add_args (argv_array, + "--dir", "/usr/etc", + "--symlink", "usr/etc", "/etc", + NULL); + + add_args (argv_array, "--bind-data", passwd_fd_str, "/etc/passwd", "--bind-data", group_fd_str, "/etc/group", - /* Always create a homedir to start from, although it may be covered later */ - "--dir", g_get_home_dir (), NULL); if (g_file_test ("/etc/machine-id", G_FILE_TEST_EXISTS)) - add_args (argv_array, "--bind", "/etc/machine-id", "/etc/machine-id", NULL); + add_args (argv_array, "--ro-bind", "/etc/machine-id", "/etc/machine-id", NULL); else if (g_file_test ("/var/lib/dbus/machine-id", G_FILE_TEST_EXISTS)) - add_args (argv_array, "--bind", "/var/lib/dbus/machine-id", "/etc/machine-id", NULL); + add_args (argv_array, "--ro-bind", "/var/lib/dbus/machine-id", "/etc/machine-id", NULL); etc = g_file_get_child (runtime_files, "etc"); - if (g_file_query_exists (etc, NULL)) + if ((flags & FLATPAK_RUN_FLAG_WRITABLE_ETC) == 0 && + g_file_query_exists (etc, NULL)) { g_auto(GLnxDirFdIterator) dfd_iter = { 0, }; struct dirent *dent; @@ -3797,6 +3936,7 @@ if (app_id_dir != NULL) { g_autoptr(GFile) app_cache_dir = g_file_get_child (app_id_dir, "cache"); + g_autoptr(GFile) app_tmp_dir = g_file_get_child (app_cache_dir, "tmp"); g_autoptr(GFile) app_data_dir = g_file_get_child (app_id_dir, "data"); g_autoptr(GFile) app_config_dir = g_file_get_child (app_id_dir, "config"); @@ -3805,6 +3945,7 @@ "--bind", flatpak_file_get_path_cached (app_cache_dir), "/var/cache", "--bind", flatpak_file_get_path_cached (app_data_dir), "/var/data", "--bind", flatpak_file_get_path_cached (app_config_dir), "/var/config", + "--bind", flatpak_file_get_path_cached (app_tmp_dir), "/var/tmp", NULL); } @@ -3833,7 +3974,8 @@ return FALSE; #endif - add_monitor_path_args ((flags & FLATPAK_RUN_FLAG_NO_SESSION_HELPER) == 0, argv_array); + if ((flags & FLATPAK_RUN_FLAG_WRITABLE_ETC) == 0) + add_monitor_path_args ((flags & FLATPAK_RUN_FLAG_NO_SESSION_HELPER) == 0, argv_array); return TRUE; } diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/common/flatpak-run.h flatpak-0.8.2/common/flatpak-run.h --- flatpak-0.8.0/common/flatpak-run.h 2016-10-28 09:41:14.000000000 +0100 +++ flatpak-0.8.2/common/flatpak-run.h 2017-01-27 09:50:41.000000000 +0000 @@ -103,6 +103,7 @@ FLATPAK_RUN_FLAG_LOG_SYSTEM_BUS = (1 << 3), FLATPAK_RUN_FLAG_NO_SESSION_HELPER = (1 << 4), FLATPAK_RUN_FLAG_MULTIARCH = (1 << 5), + FLATPAK_RUN_FLAG_WRITABLE_ETC = (1 << 6), } FlatpakRunFlags; gboolean flatpak_run_setup_base_argv (GPtrArray *argv_array, diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/common/flatpak-utils.c flatpak-0.8.2/common/flatpak-utils.c --- flatpak-0.8.0/common/flatpak-utils.c 2016-12-20 15:26:38.000000000 +0000 +++ flatpak-0.8.2/common/flatpak-utils.c 2017-01-19 14:36:06.000000000 +0000 @@ -2182,7 +2182,14 @@ return g_steal_pointer (&link); dirname = g_path_get_dirname (path); - return g_build_path (dirname, link, NULL); + return g_build_filename (dirname, link, NULL); +} + +char * +flatpak_canonicalize_filename (const char *path) +{ + g_autoptr(GFile) file = g_file_new_for_path (path); + return g_file_get_path (file); } gboolean flatpak_file_rename (GFile *from, @@ -2925,8 +2932,11 @@ return FALSE; id_text = g_strstrip (g_strdup (id_text_node->text)); - if (!g_str_has_prefix (id_text, id) || - !g_str_has_suffix (id_text, ".desktop")) + + if (g_str_has_suffix (id_text, ".desktop")) + id_text[strlen(id_text)-strlen(".desktop")] = 0; + + if (!g_str_has_prefix (id_text, id)) { g_warning ("Invalid id %s", id_text); return FALSE; @@ -4579,6 +4589,7 @@ GError **error) { GBytes *bytes = NULL; + g_autoptr(GMainContext) context = NULL; g_autoptr(SoupRequestHTTP) request = NULL; g_autoptr(GMainLoop) loop = NULL; g_autoptr(GString) content = g_string_new (""); @@ -4586,7 +4597,10 @@ g_debug ("Loading %s using libsoup", uri); - loop = g_main_loop_new (NULL, TRUE); + context = g_main_context_new (); + g_main_context_push_thread_default (context); + + loop = g_main_loop_new (context, TRUE); data.loop = loop; data.content = content; data.progress = progress; @@ -4603,6 +4617,7 @@ load_uri_callback, &data); g_main_loop_run (loop); + g_main_context_pop_thread_default (context); if (data.error) { @@ -4627,11 +4642,15 @@ { g_autoptr(SoupRequestHTTP) request = NULL; g_autoptr(GMainLoop) loop = NULL; + g_autoptr(GMainContext) context = NULL; LoadUriData data = { NULL }; g_debug ("Loading %s using libsoup", uri); - loop = g_main_loop_new (NULL, TRUE); + context = g_main_context_new (); + g_main_context_push_thread_default (context); + + loop = g_main_loop_new (context, TRUE); data.loop = loop; data.out = out; data.progress = progress; @@ -4648,6 +4667,7 @@ load_uri_callback, &data); g_main_loop_run (loop); + g_main_context_pop_thread_default (context); if (data.error) { diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/common/flatpak-utils.h flatpak-0.8.2/common/flatpak-utils.h --- flatpak-0.8.0/common/flatpak-utils.h 2016-12-20 15:26:38.000000000 +0000 +++ flatpak-0.8.2/common/flatpak-utils.h 2017-01-19 14:33:34.000000000 +0000 @@ -383,6 +383,7 @@ GError **error); char * flatpak_resolve_link (const char *path, GError **error); +char * flatpak_canonicalize_filename (const char *path); gboolean flatpak_file_rename (GFile *from, GFile *to, diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/configure.ac flatpak-0.8.2/configure.ac --- flatpak-0.8.0/configure.ac 2016-12-20 15:44:00.000000000 +0000 +++ flatpak-0.8.2/configure.ac 2017-01-27 10:34:12.000000000 +0000 @@ -15,8 +15,8 @@ m4_define([flatpak_major_version], [0]) m4_define([flatpak_minor_version], [8]) -m4_define([flatpak_micro_version], [0]) -m4_define([flatpak_interface_age], [0]) +m4_define([flatpak_micro_version], [2]) +m4_define([flatpak_interface_age], [2]) m4_define([flatpak_binary_age], [m4_eval(10000 * flatpak_major_version + 100 * flatpak_minor_version + flatpak_micro_version)]) m4_define([flatpak_version], @@ -78,6 +78,12 @@ DBUS_SERVICE_DIR=$with_dbus_service_dir AC_SUBST(DBUS_SERVICE_DIR) +AC_ARG_WITH(dbus_config_dir, + AS_HELP_STRING([--with-dbus-config-dir=PATH],[choose directory for dbus config files, [default=SYSCONFDIR/dbus-1/system.d]]), + with_dbus_config_dir="$withval", with_dbus_config_dir=${sysconfdir}/dbus-1/system.d) +DBUS_CONFIG_DIR=$with_dbus_config_dir +AC_SUBST(DBUS_CONFIG_DIR) + AC_ARG_WITH([systemduserunitdir], [AS_HELP_STRING([--with-systemduserunitdir=DIR], [Directory for systemd user service files (default=PREFIX/lib/systemd/user)])], @@ -102,6 +108,12 @@ SYSTEM_FONTS_DIR=$with_system_fonts_dir AC_SUBST(SYSTEM_FONTS_DIR) +AC_ARG_WITH(profile_dir, + AS_HELP_STRING([--with-profile-dir=PATH],[choose directory for profile.d files, [default=SYSCONFDIR/profile.d]]), + with_profile_dir="$withval", with_profile_dir=${sysconfdir}/profile.d) +PROFILE_DIR=$with_profile_dir +AC_SUBST(PROFILE_DIR) + AC_ARG_VAR([BWRAP], [Bubblewrap executable]) AC_ARG_WITH([system-bubblewrap], [AS_HELP_STRING([--with-system-bubblewrap], [Use system bwrap executable [default=check $BWRAP]])], @@ -247,7 +259,7 @@ [with_dwarf_header=yes]) AS_IF([test "x$with_dwarf_header" = "xyes"], - [CPPFLAGS="$CPPFLAGS -I$(eval echo \"$includedir\")/libdwarf" + [CPPFLAGS="$CPPFLAGS -I$(eval echo \"$includedir\")/libdwarf -I/usr/include/libdwarf" AC_CHECK_HEADER([dwarf.h]) AS_IF([test "x$ac_cv_header_dwarf_h" != "xyes"], [AC_MSG_ERROR([dwarf.h is required but was not found; locate it using --with-dwarf-header=/path/containing/header])])], diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/debian/changelog flatpak-0.8.2/debian/changelog --- flatpak-0.8.0/debian/changelog 2016-12-21 14:13:52.000000000 +0000 +++ flatpak-0.8.2/debian/changelog 2017-01-27 21:56:51.000000000 +0000 @@ -1,3 +1,51 @@ +flatpak (0.8.2-1) unstable; urgency=medium + + * New upstream bugfix release + - drop remaining patch, applied upstream + - security fix: prevent writing to per-user-installed fonts + and Flatpak extensions (typically locales) + * d/control: flatpak-tests Recommends python, which is needed for + one test (silencing a lintian warning) + + -- Simon McVittie <s...@debian.org> Fri, 27 Jan 2017 21:56:51 +0000 + +flatpak (0.8.1-1) unstable; urgency=medium + + * New upstream release, very similar to 0.8.0-2 + - drop all patches + * d/p/flatpak-system-helper-remove-dangling-reference-to-EXTERN.patch: + do not search /export/share, which seems to have been unintended + + -- Simon McVittie <s...@debian.org> Thu, 19 Jan 2017 14:55:24 +0000 + +flatpak (0.8.0-2) unstable; urgency=medium + + * d/p/Use-seccomp-to-filter-out-TIOCSTI-ioctl.patch: + Add patch from upstream to prevent contained apps from using + TIOCSTI ioctl. This would let the app inject commands into the + terminal from which it was invoked (CVE-2017-5226). This was + initially fixed in bubblewrap by calling setsid(), but that + breaks the ability to use Ctrl+Z or Ctrl+C on a flatpak-confined + process, so it is being made optional; prevent the attack here + instead, in a way that doesn't break shells. + * d/p/Fix-update-of-standalone-bundle.patch: + Add patch from upstream to fix updating an existing app with + "flatpak install --bundle foo.flatpak" + * d/p/Make-sure-var-tmp-is-not-on-tmpfs.patch: + Add patch from upstream to mount ~/.var/APP/cache/tmp at /var/tmp + inside the sandbox, so apps can rely on /var/tmp being on disk + * d/p/Document-the-DefaultBranch-key.patch, + d/p/Document-RuntimeRepo-key.patch: + Add patches from upstream to fill in some missing documentation + * d/p/testlibrary-ensure-that-contents_array-is-NULL-terminated.patch, + d/p/tests-Install-testpython.py-executable.patch, + d/p/tests-Move-the-test-repo-to-a-subdirectory-repos-test.patch: + Fix some bugs in the tests + * debian/tests/: split out builder-python into a separate autopkgtest, + it too has more dependencies + + -- Simon McVittie <s...@debian.org> Wed, 18 Jan 2017 00:02:19 +0000 + flatpak (0.8.0-1) unstable; urgency=medium * New upstream stable release diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/debian/control flatpak-0.8.2/debian/control --- flatpak-0.8.0/debian/control 2016-12-21 14:13:52.000000000 +0000 +++ flatpak-0.8.2/debian/control 2017-01-27 21:56:51.000000000 +0000 @@ -117,6 +117,8 @@ shared-mime-info, ${misc:Depends}, ${shlibs:Depends}, +Recommends: + python, Description: Application deployment framework for desktop apps (tests) Flatpak installs, manages and runs sandboxed desktop application bundles. See the flatpak package for a more comprehensive description. diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/debian/patches/series flatpak-0.8.2/debian/patches/series --- flatpak-0.8.0/debian/patches/series 2016-12-21 14:13:52.000000000 +0000 +++ flatpak-0.8.2/debian/patches/series 1970-01-01 01:00:00.000000000 +0100 @@ -1,2 +0,0 @@ -Update-Polish-translation.patch -flatpak-builder-1-fix-typo.patch diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/debian/tests/builder-python flatpak-0.8.2/debian/tests/builder-python --- flatpak-0.8.0/debian/tests/builder-python 1970-01-01 01:00:00.000000000 +0100 +++ flatpak-0.8.2/debian/tests/builder-python 2017-01-27 21:56:51.000000000 +0000 @@ -0,0 +1,6 @@ +#!/bin/sh + +set -e +exec 2>&1 + +exec gnome-desktop-testing-runner Flatpak/test-builder-python.sh.test diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/debian/tests/control flatpak-0.8.2/debian/tests/control --- flatpak-0.8.0/debian/tests/control 2016-12-21 14:13:52.000000000 +0000 +++ flatpak-0.8.2/debian/tests/control 2017-01-27 21:56:51.000000000 +0000 @@ -12,6 +12,15 @@ gnome-desktop-testing, make, +Tests: builder-python +Restrictions: isolation-machine +Depends: + flatpak-builder, + flatpak-tests, + gnome-desktop-testing, + make, + python, + Tests: gnome-desktop-testing Restrictions: isolation-machine Depends: diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/debian/tests/gnome-desktop-testing flatpak-0.8.2/debian/tests/gnome-desktop-testing --- flatpak-0.8.0/debian/tests/gnome-desktop-testing 2016-12-21 14:13:52.000000000 +0000 +++ flatpak-0.8.2/debian/tests/gnome-desktop-testing 2017-01-27 21:56:51.000000000 +0000 @@ -19,6 +19,10 @@ # has more dependencies continue ;; + (Flatpak/test-builder-python.sh.test) + # has more dependencies + continue + ;; esac gnome-desktop-testing-runner "$t" < /dev/null || touch "$ADTTMP"/failed diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/doc/flatpak-builder.xml flatpak-0.8.2/doc/flatpak-builder.xml --- flatpak-0.8.0/doc/flatpak-builder.xml 2016-12-01 08:39:57.000000000 +0000 +++ flatpak-0.8.2/doc/flatpak-builder.xml 2017-01-27 09:50:24.000000000 +0000 @@ -782,7 +782,7 @@ <listitem><para> Limit the number of parallel jobs during the build. - The default is the nubmer of CPUs on the machine. + The default is the number of CPUs on the machine. </para></listitem> </varlistentry> diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/doc/flatpak-flatpakref.xml flatpak-0.8.2/doc/flatpak-flatpakref.xml --- flatpak-0.8.0/doc/flatpak-flatpakref.xml 2016-10-28 09:41:14.000000000 +0100 +++ flatpak-0.8.2/doc/flatpak-flatpakref.xml 2017-01-17 15:50:54.000000000 +0000 @@ -90,6 +90,10 @@ <term><option>GPGKey</option> (string)</term> <listitem><para>The base64-encoded gpg key for the remote.</para></listitem> </varlistentry> + <varlistentry> + <term><option>RuntimeRepo</option> (string)</term> + <listitem><para>The url for a .flatpakref file for the runtime.</para></listitem> + </varlistentry> </variablelist> </refsect2> </refsect1> diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/doc/flatpak-flatpakrepo.xml flatpak-0.8.2/doc/flatpak-flatpakrepo.xml --- flatpak-0.8.0/doc/flatpak-flatpakrepo.xml 2016-10-28 09:41:14.000000000 +0100 +++ flatpak-0.8.2/doc/flatpak-flatpakrepo.xml 2017-01-17 15:50:54.000000000 +0000 @@ -74,6 +74,10 @@ <term><option>GPGKey</option> (string)</term> <listitem><para>The base64-encoded gpg key for the remote.</para></listitem> </varlistentry> + <varlistentry> + <term><option>DefaultBranch</option> (string)</term> + <listitem><para>The default branch to use for this remote.</para></listitem> + </varlistentry> </variablelist> </refsect2> </refsect1> diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/document-portal/xdp-fuse.c flatpak-0.8.2/document-portal/xdp-fuse.c --- flatpak-0.8.0/document-portal/xdp-fuse.c 2016-11-28 11:24:52.000000000 +0000 +++ flatpak-0.8.2/document-portal/xdp-fuse.c 2017-01-18 10:32:44.000000000 +0000 @@ -701,7 +701,7 @@ inode->dir_fd = glnx_steal_fd (&dir_fd); inode->fd = glnx_steal_fd (&fd); inode->trunc_fd = glnx_steal_fd (&trunc_fd); - if (inode->trunc_fd != -1 && truncate) + if (inode->trunc_fd != -1 && (truncate || exclusive)) { inode->truncated = TRUE; g_free (inode->backing_filename); @@ -1876,7 +1876,7 @@ if (res != 0) { - fuse_reply_err (req, ENOSYS); + fuse_reply_err (req, res); } else { @@ -1941,6 +1941,7 @@ fd = xdp_inode_locked_get_write_fd (inode); if (fd == -1) { + g_debug ("xdp_fuse_write_buf <- error %s", strerror (errno)); fuse_reply_err (req, errno); } else @@ -2134,37 +2135,59 @@ if (inode->type != XDP_INODE_DOC_FILE) { - g_debug ("xdp_fuse_access <- not file ENOSYS"); - fuse_reply_err (req, ENOSYS); - return; - } + int dir_mask = 0; - entry = xdp_lookup_doc (inode->doc_id); - if (entry == NULL || - !app_can_see_doc (entry, inode->app_id)) - { - g_debug ("xdp_fuse_access <- no entry error ENOENT"); - fuse_reply_err (req, ENOENT); - return; - } + switch (inode->type) + { + case XDP_INODE_ROOT: + case XDP_INODE_BY_APP: + case XDP_INODE_APP_DIR: + dir_mask = R_OK | X_OK; + break; + case XDP_INODE_APP_DOC_DIR: + case XDP_INODE_DOC_DIR: + dir_mask = R_OK | X_OK | W_OK; + break; - if (mask == F_OK) - { - if (!app_can_see_doc (entry, inode->app_id)) + default: + g_assert_not_reached (); + } + + if (mask != F_OK && ((mask & dir_mask) != mask)) { fuse_reply_err (req, EACCES); return; } } - else + else /* A file */ { - if (((mask & R_OK) && !app_can_see_doc (entry, inode->app_id)) || - ((mask & W_OK) && !app_can_write_doc (entry, inode->app_id)) || - (mask & X_OK)) + entry = xdp_lookup_doc (inode->doc_id); + if (entry == NULL || + !app_can_see_doc (entry, inode->app_id)) { - fuse_reply_err (req, EACCES); + g_debug ("xdp_fuse_access <- no entry error ENOENT"); + fuse_reply_err (req, ENOENT); return; } + + if (mask == F_OK) + { + if (!app_can_see_doc (entry, inode->app_id)) + { + fuse_reply_err (req, EACCES); + return; + } + } + else + { + if (((mask & R_OK) && !app_can_see_doc (entry, inode->app_id)) || + ((mask & W_OK) && !app_can_write_doc (entry, inode->app_id)) || + (mask & X_OK)) + { + fuse_reply_err (req, EACCES); + return; + } + } } fuse_reply_err (req, 0); diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/lib/flatpak-installation.c flatpak-0.8.2/lib/flatpak-installation.c --- flatpak-0.8.0/lib/flatpak-installation.c 2016-12-20 15:26:38.000000000 +0000 +++ flatpak-0.8.2/lib/flatpak-installation.c 2017-01-24 08:54:11.000000000 +0000 @@ -1281,7 +1281,7 @@ g_autofree char *remote = NULL; g_autofree char *ref = NULL; - if (!flatpak_dir_create_remote_for_ref_file (dir, ref_file_data, &remote, &ref, error)) + if (!flatpak_dir_create_remote_for_ref_file (dir, ref_file_data, NULL, &remote, &ref, error)) return NULL; if (!flatpak_installation_drop_caches (self, cancellable, error)) diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/lib/flatpak-version-macros.h flatpak-0.8.2/lib/flatpak-version-macros.h --- flatpak-0.8.0/lib/flatpak-version-macros.h 2016-12-20 15:44:14.000000000 +0000 +++ flatpak-0.8.2/lib/flatpak-version-macros.h 2017-01-27 10:34:38.000000000 +0000 @@ -27,7 +27,7 @@ #define FLATPAK_MAJOR_VERSION (0) #define FLATPAK_MINOR_VERSION (8) -#define FLATPAK_MICRO_VERSION (0) +#define FLATPAK_MICRO_VERSION (2) #define FLATPAK_CHECK_VERSION(major,minor,micro) \ (FLATPAK_MAJOR_VERSION > (major) || \ diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/Makefile.am flatpak-0.8.2/Makefile.am --- flatpak-0.8.0/Makefile.am 2016-10-28 09:41:14.000000000 +0100 +++ flatpak-0.8.2/Makefile.am 2017-01-20 14:08:47.000000000 +0000 @@ -6,6 +6,7 @@ noinst_LTLIBRARIES = $(NULL) libexec_PROGRAMS = $(NULL) CLEANFILES = $(NULL) +MAINTAINERCLEANFILES = $(NULL) DISTCLEANFILES= $(NULL) BUILT_SOURCES = $(NULL) EXTRA_DIST = @@ -22,7 +23,9 @@ SUBDIRS += po %.service: %.service.in config.log - $(AM_V_GEN) $(SED) -e "s|\@libexecdir\@|$(libexecdir)|" -e "s|\@extraargs\@||" $< > $@ + $(AM_V_GEN) $(SED) -e "s|\@libexecdir\@|$(libexecdir)|" \ + -e "s|\@localstatedir\@|$(localstatedir)|" \ + -e "s|\@extraargs\@||" $< > $@ dbus_servicedir = $(DBUS_SERVICE_DIR) service_in_files = $(NULL) @@ -115,7 +118,7 @@ completion_DATA = completion/flatpak EXTRA_DIST += $(completion_DATA) -profiledir = $(sysconfdir)/profile.d +profiledir = $(PROFILE_DIR) profile_DATA = flatpak.sh EXTRA_DIST += \ profile/flatpak.sh.in \ diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/NEWS flatpak-0.8.2/NEWS --- flatpak-0.8.0/NEWS 2016-12-20 21:16:21.000000000 +0000 +++ flatpak-0.8.2/NEWS 2017-01-27 10:33:34.000000000 +0000 @@ -1,3 +1,59 @@ +Major changes in 0.8.2 +====================== + +This is a bugfix and security update. + +Some of the bind-mounts that flatpak sets up were not read-only as +they should have. This includes: extensions, system fonts, +resolv.conf, localtime and machine-id. Many of thse are typically only +writable by root, but some, like the user-specific fonts and +user-installed extensions could be modified from the sandbox. + +Everyone using 0.8.x is recommended to update to this version. + +Other fixes: + + * There are new configure options for where to install dbus configuration + * Broken symlinks in the root directory no longer break flatpak run + * flatpak run with HOME in /var now works + * dri access now also handles mali devices + * install handles --arch when installing flatpakrefs + * system-helper activation fixed on systemd-less setups + * dbus-proxy now works without /run + * During installation, failing to update a dependency is now not + fatal. + * /etc is now fully writable when building runtimes + * --filesystem=xdg-config/foo now sets up the bind-mount from the host dir + even when not using :create. + +Major changes in 0.8.1 +====================== + +This is a bugfix and security update (CVE-2017-5226). + +Flatpak now uses seccomp to disallow the TIOCSTI ioctl in the sandbox, +which works around the possibility to inject text on the controlling +tty (CVE-2017-5226). + +This was previously fixed in bubblewrap in 0.1.6, but that change has +now been reverted as it introduced other problems for flatpak. + + * Update bundled bubblewrap to 0.1.7 + * Fix writing new file with O_EXCL in the document portal. + * Allow appstream data that doesn't have .desktop in the component id, + such as data for runtimes. + * Drop json-glib dependency from 1.2 to 1.0 + * Builder: Fail if unable to read included file + * OCI: Ensure exported layers are readable by everyone + * Fix extra-data download in gnome-software + * Fix update-mime-database trigger when installing via + the system helper. + * Updating an app by installing a newer bundle now works + again. + * Make /var/tmp not be on a tmpfs (it is now in + ~/.var/app/$appid/cache/tmp). + * Documentation / translation updates + Major changes in 0.8.0 ====================== diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/permission-store/xdg-permission-store.c flatpak-0.8.2/permission-store/xdg-permission-store.c --- flatpak-0.8.0/permission-store/xdg-permission-store.c 2016-10-28 09:41:14.000000000 +0100 +++ flatpak-0.8.2/permission-store/xdg-permission-store.c 2017-01-19 14:33:30.000000000 +0000 @@ -329,7 +329,7 @@ g_variant_iter_init (&iter, app_permissions); while ((child = g_variant_iter_next_value (&iter))) { - g_autoptr(FlatpakDbEntry) old_entry; + g_autoptr(FlatpakDbEntry) old_entry = NULL; const char *child_app_id; g_autofree const char **permissions; diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/session-helper/flatpak-session-helper.c flatpak-0.8.2/session-helper/flatpak-session-helper.c --- flatpak-0.8.0/session-helper/flatpak-session-helper.c 2016-11-28 11:24:52.000000000 +0000 +++ flatpak-0.8.2/session-helper/flatpak-session-helper.c 2017-01-27 09:51:09.000000000 +0000 @@ -152,8 +152,8 @@ if (fd_map[i].from == data->tty) { if (ioctl (fd_map[i].final, TIOCSCTTY, 0) == -1) - g_warning ("ioctl(%d, TIOCSCTTY, 0) failed: %s", - fd_map[i].final, strerror (errno)); + g_debug ("ioctl(%d, TIOCSCTTY, 0) failed: %s", + fd_map[i].final, strerror (errno)); break; } } diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/system-helper/flatpak-system-helper.c flatpak-0.8.2/system-helper/flatpak-system-helper.c --- flatpak-0.8.0/system-helper/flatpak-system-helper.c 2016-12-20 15:26:38.000000000 +0000 +++ flatpak-0.8.2/system-helper/flatpak-system-helper.c 2017-01-19 14:33:30.000000000 +0000 @@ -663,7 +663,7 @@ if (action) { - g_autoptr(AutoPolkitAuthorizationResult) result; + g_autoptr(AutoPolkitAuthorizationResult) result = NULL; g_autoptr(GError) error = NULL; result = polkit_authority_check_authorization_sync (authority, subject, diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/system-helper/flatpak-system-helper.service.in flatpak-0.8.2/system-helper/flatpak-system-helper.service.in --- flatpak-0.8.0/system-helper/flatpak-system-helper.service.in 2016-10-28 09:41:14.000000000 +0100 +++ flatpak-0.8.2/system-helper/flatpak-system-helper.service.in 2017-01-20 14:08:47.000000000 +0000 @@ -3,5 +3,6 @@ [Service] BusName=org.freedesktop.Flatpak.SystemHelper +Environment=XDG_DATA_DIRS=@localstatedir@/lib/flatpak/exports/share/:/usr/local/share/:/usr/share/ ExecStart=@libexecdir@/flatpak-system-helper Type=dbus diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/system-helper/Makefile.am.inc flatpak-0.8.2/system-helper/Makefile.am.inc --- flatpak-0.8.0/system-helper/Makefile.am.inc 2016-10-28 09:41:14.000000000 +0100 +++ flatpak-0.8.2/system-helper/Makefile.am.inc 2017-01-19 14:33:21.000000000 +0000 @@ -8,7 +8,7 @@ service_in_files += system-helper/org.freedesktop.Flatpak.SystemHelper.service.in dbussystemservice_DATA = system-helper/org.freedesktop.Flatpak.SystemHelper.service -dbusconfdir = ${sysconfdir}/dbus-1/system.d +dbusconfdir = $(DBUS_CONFIG_DIR) dbusconf_DATA = system-helper/org.freedesktop.Flatpak.SystemHelper.conf service_in_files += system-helper/flatpak-system-helper.service.in diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/system-helper/org.freedesktop.Flatpak.SystemHelper.service.in flatpak-0.8.2/system-helper/org.freedesktop.Flatpak.SystemHelper.service.in --- flatpak-0.8.0/system-helper/org.freedesktop.Flatpak.SystemHelper.service.in 2016-10-28 09:41:14.000000000 +0100 +++ flatpak-0.8.2/system-helper/org.freedesktop.Flatpak.SystemHelper.service.in 2017-01-24 08:54:11.000000000 +0000 @@ -2,3 +2,4 @@ Name=org.freedesktop.Flatpak.SystemHelper Exec=@libexecdir@/flatpak-system-helper@extraargs@ SystemdService=flatpak-system-helper.service +User=root diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/tests/libtest.sh flatpak-0.8.2/tests/libtest.sh --- flatpak-0.8.0/tests/libtest.sh 2016-12-20 15:18:04.000000000 +0000 +++ flatpak-0.8.2/tests/libtest.sh 2017-01-11 23:17:16.000000000 +0000 @@ -180,17 +180,17 @@ GPGARGS="$FL_GPGARGS" . $(dirname $0)/make-test-runtime.sh org.test.Platform bash ls cat echo readlink > /dev/null GPGARGS="$FL_GPGARGS" . $(dirname $0)/make-test-app.sh > /dev/null update_repo - ostree trivial-httpd --autoexit --daemonize -p httpd-port . + ostree trivial-httpd --autoexit --daemonize -p httpd-port repos port=$(cat httpd-port) - flatpak remote-add ${U} --gpg-import=${FL_GPG_HOMEDIR}/pubring.gpg test-repo "http://127.0.0.1:${port}/repo" + flatpak remote-add ${U} --gpg-import=${FL_GPG_HOMEDIR}/pubring.gpg test-repo "http://127.0.0.1:${port}/test" } update_repo () { - ${FLATPAK} build-update-repo $FL_GPGARGS ${UPDATE_REPO_ARGS-} repo + ${FLATPAK} build-update-repo $FL_GPGARGS ${UPDATE_REPO_ARGS-} repos/test } make_updated_app () { - GPGARGS="$FL_GPGARGS" . $(dirname $0)/make-test-app.sh UPDATED > /dev/null + GPGARGS="$FL_GPGARGS" . $(dirname $0)/make-test-app.sh ${1:-UPDATED} > /dev/null update_repo } diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/tests/Makefile.am.inc flatpak-0.8.2/tests/Makefile.am.inc --- flatpak-0.8.0/tests/Makefile.am.inc 2016-12-12 15:26:27.000000000 +0000 +++ flatpak-0.8.2/tests/Makefile.am.inc 2017-01-18 10:32:44.000000000 +0000 @@ -79,6 +79,7 @@ tests/make-test-app.sh \ tests/make-test-runtime.sh \ tests/make-test-bundles.sh \ + tests/testpython.py \ $(NULL) dist_installed_test_data = \ @@ -89,7 +90,6 @@ tests/session.conf.in \ tests/0001-Add-test-logo.patch \ tests/org.test.Python.json \ - tests/testpython.py \ tests/importme.py \ tests/importme2.py \ $(NULL) diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/tests/make-test-app.sh flatpak-0.8.2/tests/make-test-app.sh --- flatpak-0.8.0/tests/make-test-app.sh 2016-10-28 09:41:14.000000000 +0100 +++ flatpak-0.8.2/tests/make-test-app.sh 2017-01-11 23:17:16.000000000 +0000 @@ -54,5 +54,6 @@ cp $(dirname $0)/org.test.Hello.png ${DIR}/files/share/app-info/icons/flatpak/64x64/ flatpak build-finish --command=hello.sh ${DIR} -flatpak build-export ${GPGARGS-} repo ${DIR} +mkdir -p repos +flatpak build-export ${GPGARGS-} repos/test ${DIR} rm -rf ${DIR} diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/tests/make-test-runtime.sh flatpak-0.8.2/tests/make-test-runtime.sh --- flatpak-0.8.0/tests/make-test-runtime.sh 2016-10-28 09:41:14.000000000 +0100 +++ flatpak-0.8.2/tests/make-test-runtime.sh 2017-01-11 23:17:16.000000000 +0000 @@ -57,5 +57,6 @@ mkdir -p ${DIR}/usr/lib/locale/ cp -r /usr/lib/locale/C.* ${DIR}/usr/lib/locale/en_US -flatpak build-export --runtime ${GPGARGS-} repo ${DIR} +mkdir -p repos +flatpak build-export --runtime ${GPGARGS-} repos/test ${DIR} rm -rf ${DIR} diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/tests/package_version.txt flatpak-0.8.2/tests/package_version.txt --- flatpak-0.8.0/tests/package_version.txt 2016-12-20 15:44:31.000000000 +0000 +++ flatpak-0.8.2/tests/package_version.txt 2017-01-27 10:34:39.000000000 +0000 @@ -1 +1 @@ -0.8.0 +0.8.2 diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/tests/test-builder.sh flatpak-0.8.2/tests/test-builder.sh --- flatpak-0.8.0/tests/test-builder.sh 2016-11-28 11:24:52.000000000 +0000 +++ flatpak-0.8.2/tests/test-builder.sh 2017-01-11 23:17:16.000000000 +0000 @@ -32,7 +32,7 @@ install_sdk_repo # Need /var/tmp cwd for xattrs -REPO=`pwd`/repo +REPO=`pwd`/repos/test cd $TEST_DATA_DIR/ cp -a $(dirname $0)/test-configure . diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/tests/test-bundle.sh flatpak-0.8.2/tests/test-bundle.sh --- flatpak-0.8.0/tests/test-bundle.sh 2016-12-20 15:26:38.000000000 +0000 +++ flatpak-0.8.2/tests/test-bundle.sh 2017-01-16 10:47:22.000000000 +0000 @@ -24,16 +24,16 @@ skip_without_bwrap skip_without_user_xattrs -echo "1..6" +echo "1..7" mkdir bundles setup_repo -${FLATPAK} build-bundle repo --repo-url=file://`pwd`/repo --gpg-keys=${FL_GPG_HOMEDIR}/pubring.gpg bundles/hello.flatpak org.test.Hello +${FLATPAK} build-bundle repos/test --repo-url=file://`pwd`/repos/test --gpg-keys=${FL_GPG_HOMEDIR}/pubring.gpg bundles/hello.flatpak org.test.Hello assert_has_file bundles/hello.flatpak -${FLATPAK} build-bundle repo --runtime --repo-url=file://`pwd`/repo --gpg-keys=${FL_GPG_HOMEDIR}/pubring.gpg bundles/platform.flatpak org.test.Platform +${FLATPAK} build-bundle repos/test --runtime --repo-url=file://`pwd`/repos/test --gpg-keys=${FL_GPG_HOMEDIR}/pubring.gpg bundles/platform.flatpak org.test.Platform assert_has_file bundles/platform.flatpak echo "ok create bundles" @@ -147,3 +147,19 @@ assert_file_has_content hello_out '^Hello world, from a sandboxUPDATED$' echo "ok update" + +make_updated_app UPDATED2 + +${FLATPAK} build-bundle repos/test --repo-url=file://`pwd`/repos/test --gpg-keys=${FL_GPG_HOMEDIR}/pubring.gpg bundles/hello2.flatpak org.test.Hello +assert_has_file bundles/hello2.flatpak + +${FLATPAK} install ${U} -y --bundle bundles/hello2.flatpak + +NEW2_COMMIT=`${FLATPAK} ${U} info --show-commit org.test.Hello` + +assert_not_streq "$NEW_COMMIT" "$NEW2_COMMIT" + +run org.test.Hello > hello_out +assert_file_has_content hello_out '^Hello world, from a sandboxUPDATED2$' + +echo "ok update as bundle" diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/tests/test-extensions.sh flatpak-0.8.2/tests/test-extensions.sh --- flatpak-0.8.0/tests/test-extensions.sh 2016-10-28 09:41:14.000000000 +0100 +++ flatpak-0.8.2/tests/test-extensions.sh 2017-01-11 23:17:16.000000000 +0000 @@ -38,7 +38,7 @@ touch ${DIR}/usr/exists touch ${DIR}/usr/extension-$ID:$VERSION - ${FLATPAK} build-export --runtime ${GPGARGS-} repo ${DIR} ${VERSION} + ${FLATPAK} build-export --runtime ${GPGARGS-} repos/test ${DIR} ${VERSION} rm -rf ${DIR} ${FLATPAK} --user install test-repo $ID $VERSION @@ -85,17 +85,18 @@ EOF } -ostree init --repo=repo --mode=archive-z2 +mkdir -p repos +ostree init --repo=repos/test --mode=archive-z2 . $(dirname $0)/make-test-runtime.sh org.test.Platform bash ls cat echo readlink > /dev/null . $(dirname $0)/make-test-app.sh > /dev/null # Modify platform metadata -ostree checkout -U --repo=repo runtime/org.test.Platform/${ARCH}/master platform +ostree checkout -U --repo=repos/test runtime/org.test.Platform/${ARCH}/master platform add_extensions platform -ostree commit --repo=repo --owner-uid=0 --owner-gid=0 --no-xattrs --branch=runtime/org.test.Platform/${ARCH}/master -s "modified metadata" platform -ostree summary -u --repo=repo +ostree commit --repo=repos/test --owner-uid=0 --owner-gid=0 --no-xattrs --branch=runtime/org.test.Platform/${ARCH}/master -s "modified metadata" platform +ostree summary -u --repo=repos/test -${FLATPAK} remote-add --user --no-gpg-verify test-repo repo +${FLATPAK} remote-add --user --no-gpg-verify test-repo repos/test ${FLATPAK} --user install test-repo org.test.Platform master ${FLATPAK} --user install test-repo org.test.Hello master @@ -139,10 +140,10 @@ echo "ok runtime extensions" # Modify app metadata -ostree checkout -U --repo=repo app/org.test.Hello/${ARCH}/master hello +ostree checkout -U --repo=repos/test app/org.test.Hello/${ARCH}/master hello add_extensions hello -ostree commit --repo=repo --owner-uid=0 --owner-gid=0 --no-xattrs --branch=app/org.test.Hello/${ARCH}/master -s "modified metadata" hello -ostree summary -u --repo=repo +ostree commit --repo=repos/test --owner-uid=0 --owner-gid=0 --no-xattrs --branch=app/org.test.Hello/${ARCH}/master -s "modified metadata" hello +ostree summary -u --repo=repos/test ${FLATPAK} --user update org.test.Hello master diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/tests/testlibrary.c flatpak-0.8.2/tests/testlibrary.c --- flatpak-0.8.0/tests/testlibrary.c 2016-12-20 15:26:38.000000000 +0000 +++ flatpak-0.8.2/tests/testlibrary.c 2017-01-18 10:32:44.000000000 +0000 @@ -579,7 +579,7 @@ { int status; g_autoptr(GError) error = NULL; - char *argv[] = { "flatpak", "build-update-repo", "--gpg-homedir=", "--gpg-sign=", "repo", NULL }; + char *argv[] = { "flatpak", "build-update-repo", "--gpg-homedir=", "--gpg-sign=", "repos/test", NULL }; GSpawnFlags flags = G_SPAWN_SEARCH_PATH; g_auto(GStrv) gpgargs = NULL; @@ -605,7 +605,7 @@ { int status; g_autoptr(GError) error = NULL; - char *argv[] = { "ostree", "trivial-httpd", "--autoexit", "--daemonize", "-p", "http-port", ".", NULL }; + char *argv[] = { "ostree", "trivial-httpd", "--autoexit", "--daemonize", "-p", "http-port", "repos", NULL }; GSpawnFlags flags = G_SPAWN_SEARCH_PATH; if (g_test_verbose ()) @@ -640,7 +640,7 @@ port[strlen (port) - 1] = '\0'; gpgimport = g_strdup_printf ("--gpg-import=%s/pubring.gpg", gpg_homedir); - repo_url = g_strdup_printf ("http://127.0.0.1:%s/repo", port); + repo_url = g_strdup_printf ("http://127.0.0.1:%s/test", port); argv[3] = gpgimport; argv[4] = (char *)repo_name; @@ -691,6 +691,7 @@ if (priority != NULL) g_ptr_array_add (contents_array, g_strdup_printf ("Priority=%s", priority)); + g_ptr_array_add (contents_array, NULL); contents_string = g_strjoinv ("\n", (char**)contents_array->pdata); conffile_path = g_strconcat (flatpak_installationsdir, "/", id, ".conf", NULL); diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/tests/test-oci.sh flatpak-0.8.2/tests/test-oci.sh --- flatpak-0.8.0/tests/test-oci.sh 2016-12-12 15:26:27.000000000 +0000 +++ flatpak-0.8.2/tests/test-oci.sh 2017-01-11 23:17:16.000000000 +0000 @@ -24,13 +24,13 @@ skip_without_bwrap skip_without_user_xattrs -echo "1..4" +echo "1..6" setup_repo ${FLATPAK} ${U} install test-repo org.test.Platform master -${FLATPAK} build-bundle --oci repo oci-dir org.test.Hello +${FLATPAK} build-bundle --oci repos/test oci-dir org.test.Hello assert_has_file oci-dir/oci-layout assert_has_dir oci-dir/blobs/sha256 @@ -64,10 +64,34 @@ echo "ok install oci" make_updated_app -${FLATPAK} build-bundle --oci repo oci-dir org.test.Hello +${FLATPAK} build-bundle --oci repos/test oci-dir org.test.Hello ${FLATPAK} update ${U} org.test.Hello run org.test.Hello > hello_out assert_file_has_content hello_out '^Hello world, from a sandboxUPDATED$' echo "ok update oci" + +flatpak uninstall ${U} org.test.Hello + +make_updated_app HTTP +${FLATPAK} build-bundle --oci repos/test oci-dir org.test.Hello + +ostree trivial-httpd --autoexit --daemonize -p oci-port `pwd`/oci-dir +ociport=$(cat oci-port) + +${FLATPAK} install -v ${U} --oci http://127.0.0.1:${ociport} latest + +run org.test.Hello > hello_out +assert_file_has_content hello_out '^Hello world, from a sandboxHTTP$' + +echo "ok install oci http" + +make_updated_app UPDATEDHTTP +${FLATPAK} build-bundle --oci repos/test oci-dir org.test.Hello + +${FLATPAK} update ${U} org.test.Hello +run org.test.Hello > hello_out +assert_file_has_content hello_out '^Hello world, from a sandboxUPDATEDHTTP$' + +echo "ok update oci http" diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/tests/test-run.sh flatpak-0.8.2/tests/test-run.sh --- flatpak-0.8.0/tests/test-run.sh 2016-12-14 12:48:51.000000000 +0000 +++ flatpak-0.8.2/tests/test-run.sh 2017-01-11 23:17:16.000000000 +0000 @@ -220,7 +220,7 @@ echo "nope" > ${DIR}/files/nope ${FLATPAK} build-finish --command=hello.sh ${DIR} -${FLATPAK} build-export ${FL_GPGARGS} repo ${DIR} +${FLATPAK} build-export ${FL_GPGARGS} repos/test ${DIR} update_repo ${FLATPAK} ${U} install test-repo org.test.Split --subpath=/a --subpath=/b --subpath=/nosuchdir master @@ -246,7 +246,7 @@ echo "f" > ${DIR}/files/f/data rm -rf ${DIR}/files/b -${FLATPAK} build-export ${FL_GPGARGS} repo ${DIR} +${FLATPAK} build-export ${FL_GPGARGS} repos/test ${DIR} update_repo ${FLATPAK} ${U} update --subpath=/a --subpath=/b --subpath=/e --subpath=/nosuchdir org.test.Split @@ -266,7 +266,7 @@ assert_not_has_file $FL_DIR/app/org.test.Split/$ARCH/master/active/files/f assert_not_has_file $FL_DIR/app/org.test.Split/$ARCH/master/active/files/nope -${FLATPAK} build-export ${FL_GPGARGS} repo ${DIR} +${FLATPAK} build-export ${FL_GPGARGS} repos/test ${DIR} update_repo # Test reusing the old subpath list @@ -294,15 +294,15 @@ DIR=`mktemp -d` ${FLATPAK} build-init ${DIR} org.test.CurrentVersion org.test.Platform org.test.Platform ${FLATPAK} build-finish --require-version=${VERSION} --command=hello.sh ${DIR} -${FLATPAK} build-export ${FL_GPGARGS} repo ${DIR} +${FLATPAK} build-export ${FL_GPGARGS} repos/test ${DIR} DIR=`mktemp -d` ${FLATPAK} build-init ${DIR} org.test.OldVersion org.test.Platform org.test.Platform ${FLATPAK} build-finish --require-version=0.6.10 --command=hello.sh ${DIR} -${FLATPAK} build-export ${FL_GPGARGS} repo ${DIR} +${FLATPAK} build-export ${FL_GPGARGS} repos/test ${DIR} DIR=`mktemp -d` ${FLATPAK} build-init ${DIR} org.test.NewVersion org.test.Platform org.test.Platform ${FLATPAK} build-finish --require-version=${VERSION}9 --command=hello.sh ${DIR} -${FLATPAK} build-export ${FL_GPGARGS} repo ${DIR} +${FLATPAK} build-export ${FL_GPGARGS} repos/test ${DIR} update_repo @@ -313,14 +313,14 @@ DIR=`mktemp -d` ${FLATPAK} build-init ${DIR} org.test.OldVersion org.test.Platform org.test.Platform ${FLATPAK} build-finish --require-version=99.0.0 --command=hello.sh ${DIR} -${FLATPAK} build-export ${FL_GPGARGS} repo ${DIR} +${FLATPAK} build-export ${FL_GPGARGS} repos/test ${DIR} (! ${FLATPAK} ${U} update org.test.OldVersion) DIR=`mktemp -d` ${FLATPAK} build-init ${DIR} org.test.OldVersion org.test.Platform org.test.Platform ${FLATPAK} build-finish --require-version=0.1.1 --command=hello.sh ${DIR} -${FLATPAK} build-export ${FL_GPGARGS} repo ${DIR} +${FLATPAK} build-export ${FL_GPGARGS} repos/test ${DIR} ${FLATPAK} ${U} update org.test.OldVersion