Package: release.debian.org
Severity: normal
User: release.debian....@packages.debian.org
Usertags: unblock
I would like release team pre-approval for uploading flatpak/0.8.3-1
with the attached debdiff.
The main reason is a bug that affects the configuration in which
we use it, making it impossible for "portal" services outside
the sandbox to identify which sandbox a requesting app is in
(<https://bugs.debian.org/855129>). The upstream fix for this is
deleting one line, which I definitely want to get into stretch,
either in 0.8.3 or as a patch.
However, since upstream stable branch 0.8.x receives cherry-picked
bugfixes from master and basically only exists for Debian's benefit,
I'd like to track it for as long as we can. Having flatpak pull in
proprietary OpenGL drivers automatically accounts for a lot of the diff,
and is arguably more feature than bugfix, but seems like something
usability of stable could really benefit from.
https://bugs.debian.org/846338 (copying the profile.d snippet into
Xsession.d) seems like a low-risk/high-utility change, but I can
drop it if you don't like it.
If there's anything here that's particularly objectionable for stable,
please let me know and I'll ask upstream to be more strict about 0.8.x.
Debdiff filtered to exclude */po/* (l10n) from the diff but not the
diffstat.
Thanks,
S
diffstat for flatpak-0.8.2 flatpak-0.8.3
INSTALL | 55 ++++
Makefile.am | 4
Makefile.in | 1
NEWS | 23 ++
README.md | 56 +++++
app/flatpak-builtins-build.c | 7
app/flatpak-builtins-list.c | 4
app/flatpak-main.c | 11
app/flatpak-transaction.c | 10
builder/builder-manifest.c | 10
builder/builder-module.c | 2
common/flatpak-dir.c | 68 ++++--
common/flatpak-run.c | 97 ++++++--
common/flatpak-run.h | 1
common/flatpak-utils.c | 149 +++++++++++--
common/flatpak-utils.h | 9
configure | 44 +--
configure.ac | 7
debian/changelog | 22 +
debian/flatpak.install | 1
debian/rules | 3
doc/flatpak-builder.xml | 4
doc/flatpak.xml | 8
doc/reference/html/flatpak-Version-information.html | 2
doc/reference/html/index.html | 2
document-portal/xdp-fuse.c | 2
lib/flatpak-installation.c | 33 ++
lib/flatpak-version-macros.h | 2
po/de.gmo |binary
po/de.po | 223 ++++++++++---------
po/flatpak.pot | 224 ++++++++++----------
po/hu.gmo |binary
po/hu.po | 223 ++++++++++---------
po/pl.gmo |binary
po/pl.po | 223 ++++++++++---------
po/pt_BR.gmo |binary
po/pt_BR.po | 223 ++++++++++---------
po/ru.gmo |binary
po/ru.po | 223 ++++++++++---------
po/sk.gmo |binary
po/sk.po | 223 ++++++++++---------
po/sv.gmo |binary
po/sv.po | 223 ++++++++++---------
po/uk.gmo |binary
po/uk.po | 223 ++++++++++---------
tests/package_version.txt | 2
46 files changed, 1549 insertions(+), 1098 deletions(-)
diff -Nru flatpak-0.8.2/app/flatpak-builtins-build.c flatpak-0.8.3/app/flatpak-builtins-build.c
--- flatpak-0.8.2/app/flatpak-builtins-build.c 2017-01-27 09:50:41.000000000 +0000
+++ flatpak-0.8.3/app/flatpak-builtins-build.c 2017-02-14 10:13:28.000000000 +0000
@@ -215,13 +215,14 @@
envp = flatpak_run_get_minimal_env (TRUE);
envp = flatpak_run_apply_env_vars (envp, app_context);
- flatpak_run_add_environment_args (argv_array, NULL, &envp, NULL, NULL, app_id,
- app_context, NULL);
if (!custom_usr &&
- !flatpak_run_add_extension_args (argv_array, runtime_metakey, runtime_ref, cancellable, error))
+ !flatpak_run_add_extension_args (argv_array, &envp, runtime_metakey, runtime_ref, cancellable, error))
return FALSE;
+ flatpak_run_add_environment_args (argv_array, NULL, &envp, NULL, NULL, app_id,
+ app_context, NULL);
+
for (i = 0; opt_bind_mounts != NULL && opt_bind_mounts[i] != NULL; i++)
{
char *split = strchr (opt_bind_mounts[i], '=');
diff -Nru flatpak-0.8.2/app/flatpak-builtins-list.c flatpak-0.8.3/app/flatpak-builtins-list.c
--- flatpak-0.8.2/app/flatpak-builtins-list.c 2017-01-27 09:50:24.000000000 +0000
+++ flatpak-0.8.3/app/flatpak-builtins-list.c 2017-02-14 10:13:28.000000000 +0000
@@ -151,9 +151,9 @@
if (arch != NULL && strcmp (arch, parts[1]) != 0)
continue;
- deploy_data = flatpak_dir_get_deploy_data (dir, ref, cancellable, error);
+ deploy_data = flatpak_dir_get_deploy_data (dir, ref, cancellable, NULL);
if (deploy_data == NULL)
- return FALSE;
+ continue;
repo = flatpak_deploy_data_get_origin (deploy_data);
diff -Nru flatpak-0.8.2/app/flatpak-main.c flatpak-0.8.3/app/flatpak-main.c
--- flatpak-0.8.2/app/flatpak-main.c 2017-01-27 09:50:24.000000000 +0000
+++ flatpak-0.8.3/app/flatpak-main.c 2017-02-14 10:13:28.000000000 +0000
@@ -38,6 +38,7 @@
static gboolean opt_version;
static gboolean opt_default_arch;
static gboolean opt_supported_arches;
+static gboolean opt_gl_drivers;
static gboolean opt_user;
static char *opt_installation;
@@ -110,6 +111,7 @@
{ "version", 0, 0, G_OPTION_ARG_NONE, &opt_version, N_("Print version information and exit"), NULL },
{ "default-arch", 0, 0, G_OPTION_ARG_NONE, &opt_default_arch, N_("Print default arch and exit"), NULL },
{ "supported-arches", 0, 0, G_OPTION_ARG_NONE, &opt_supported_arches, N_("Print supported arches and exit"), NULL },
+ { "gl-drivers", 0, 0, G_OPTION_ARG_NONE, &opt_gl_drivers, N_("Print active gl drivers and exit"), NULL },
{ NULL }
};
@@ -236,6 +238,15 @@
exit (EXIT_SUCCESS);
}
+ if (opt_gl_drivers)
+ {
+ const char **drivers = flatpak_get_gl_drivers ();
+ int i;
+ for (i = 0; drivers[i] != NULL; i++)
+ g_print ("%s\n", drivers[i]);
+ exit (EXIT_SUCCESS);
+ }
+
if (!(flags & FLATPAK_BUILTIN_FLAG_NO_DIR))
{
if (opt_user)
diff -Nru flatpak-0.8.2/app/flatpak-transaction.c flatpak-0.8.3/app/flatpak-transaction.c
--- flatpak-0.8.2/app/flatpak-transaction.c 2017-01-24 08:54:11.000000000 +0000
+++ flatpak-0.8.3/app/flatpak-transaction.c 2017-02-14 09:49:43.000000000 +0000
@@ -501,8 +501,16 @@
if (metakey)
{
- g_autofree char *required_version = g_key_file_get_string (metakey, "Application", "required-flatpak", NULL);
+ g_autofree char *required_version = NULL;
+ const char *group;
int required_major, required_minor, required_micro;
+
+ if (g_str_has_prefix (ref, "app/"))
+ group = "Application";
+ else
+ group = "Runtime";
+
+ required_version = g_key_file_get_string (metakey, group, "required-flatpak", NULL);
if (required_version)
{
if (sscanf (required_version, "%d.%d.%d", &required_major, &required_minor, &required_micro) != 3)
diff -Nru flatpak-0.8.2/builder/builder-manifest.c flatpak-0.8.3/builder/builder-manifest.c
--- flatpak-0.8.2/builder/builder-manifest.c 2017-01-27 09:50:24.000000000 +0000
+++ flatpak-0.8.3/builder/builder-manifest.c 2017-02-14 10:13:28.000000000 +0000
@@ -1623,6 +1623,7 @@
g_autoptr(GFile) appdata_dir = NULL;
g_autofree char *appdata_basename = NULL;
g_autoptr(GFile) appdata_file = NULL;
+ g_autoptr(GFile) appdata_source = NULL;
int i;
builder_manifest_checksum_for_cleanup (self, cache, context);
@@ -1672,8 +1673,15 @@
}
app_root = g_file_get_child (app_dir, "files");
- appdata_dir = g_file_resolve_relative_path (app_root, "share/appdata");
+
appdata_basename = g_strdup_printf ("%s.appdata.xml", self->id);
+ appdata_dir = g_file_resolve_relative_path (app_root, "share/appdata");
+ appdata_source = g_file_get_child (appdata_dir, self->rename_appdata_file ? self->rename_appdata_file : appdata_basename);
+ if (!g_file_query_exists (appdata_source, NULL))
+ {
+ g_object_unref (appdata_dir);
+ appdata_dir = g_file_resolve_relative_path (app_root, "share/metainfo");
+ }
appdata_file = g_file_get_child (appdata_dir, appdata_basename);
if (self->rename_appdata_file != NULL)
diff -Nru flatpak-0.8.2/builder/builder-module.c flatpak-0.8.3/builder/builder-module.c
--- flatpak-0.8.2/builder/builder-module.c 2017-01-27 09:50:24.000000000 +0000
+++ flatpak-0.8.3/builder/builder-module.c 2017-02-14 10:13:28.000000000 +0000
@@ -1445,7 +1445,7 @@
}
}
- if (self->cmake)
+ if (cmake)
configure_prefix_arg = g_strdup_printf ("-DCMAKE_INSTALL_PREFIX:PATH='%s'",
builder_options_get_prefix (self->build_options, context));
else /* autotools and meson */
diff -Nru flatpak-0.8.2/common/flatpak-dir.c flatpak-0.8.3/common/flatpak-dir.c
--- flatpak-0.8.2/common/flatpak-dir.c 2017-01-24 08:54:11.000000000 +0000
+++ flatpak-0.8.3/common/flatpak-dir.c 2017-02-14 10:14:38.000000000 +0000
@@ -1843,6 +1843,7 @@
if (progress)
{
+ ostree_async_progress_set_uint64 (progress, "start-time-extra-data", g_get_monotonic_time ());
ostree_async_progress_set_uint (progress, "outstanding-extra-data", n_extra_data);
ostree_async_progress_set_uint (progress, "total-extra-data", n_extra_data);
ostree_async_progress_set_uint64 (progress, "total-extra-data-bytes", total_download_size);
@@ -2123,8 +2124,7 @@
goto out;
}
- if (g_str_has_prefix (ref, "app/") &&
- !flatpak_dir_pull_extra_data (self, repo,
+ if (!flatpak_dir_pull_extra_data (self, repo,
repository,
ref, rev,
flatpak_flags,
@@ -3414,13 +3414,24 @@
g_autoptr(GVariant) detached_metadata = NULL;
g_autoptr(GVariant) extra_data = NULL;
g_autoptr(GVariant) extra_data_sources = NULL;
+ g_autoptr(GError) local_error = NULL;
gsize i, n_extra_data = 0;
gsize n_extra_data_sources;
extra_data_sources = flatpak_repo_get_extra_data_sources (self->repo, checksum,
- cancellable, NULL);
+ cancellable, &local_error);
if (extra_data_sources == NULL)
- return TRUE;
+ {
+ /* This should protect us against potential errors at the OSTree level
+ (e.g. ostree_repo_load_variant), so that we don't report success. */
+ if (!g_error_matches (local_error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND))
+ {
+ g_propagate_error (error, g_steal_pointer (&local_error));
+ return FALSE;
+ }
+
+ return TRUE;
+ }
n_extra_data_sources = g_variant_n_children (extra_data_sources);
if (n_extra_data_sources == 0)
@@ -3572,7 +3583,7 @@
g_autofree char *metadata_contents = NULL;
gsize metadata_size;
g_autoptr(GKeyFile) metakey = NULL;
- g_autofree char *app_id = NULL;
+ g_autofree char *id = NULL;
g_autofree char *runtime = NULL;
g_autofree char *runtime_ref = NULL;
g_autoptr(FlatpakDeploy) runtime_deploy = NULL;
@@ -3588,6 +3599,8 @@
g_autoptr(GArray) fd_array = NULL;
g_auto(GStrv) envp = NULL;
int exit_status;
+ const char *group = "Application";
+ g_autoptr(GError) local_error = NULL;
apply_extra_file = g_file_resolve_relative_path (checkoutdir, "files/bin/apply_extra");
if (!g_file_query_exists (apply_extra_file, cancellable))
@@ -3602,11 +3615,20 @@
if (!g_key_file_load_from_data (metakey, metadata_contents, metadata_size, 0, error))
return FALSE;
- app_id = g_key_file_get_string (metakey, "Application", "name", error);
- if (app_id == NULL)
- return FALSE;
+ id = g_key_file_get_string (metakey, group, "name", &local_error);
+ if (id == NULL)
+ {
+ group = "Runtime";
+ id = g_key_file_get_string (metakey, group, "name", NULL);
+ if (id == NULL)
+ {
+ g_propagate_error (error, g_steal_pointer (&local_error));
+ return FALSE;
+ }
+ g_clear_error (&local_error);
+ }
- runtime = g_key_file_get_string (metakey, "Application", "runtime", error);
+ runtime = g_key_file_get_string (metakey, group, "runtime", error);
if (runtime == NULL)
return FALSE;
@@ -3647,7 +3669,7 @@
app_context = flatpak_context_new ();
envp = flatpak_run_get_minimal_env (FALSE);
- flatpak_run_add_environment_args (argv_array, fd_array, &envp, NULL, NULL, app_id,
+ flatpak_run_add_environment_args (argv_array, fd_array, &envp, NULL, NULL, id,
app_context, NULL);
g_ptr_array_add (argv_array, g_strdup ("/app/bin/apply_extra"));
@@ -7377,6 +7399,7 @@
const char *extension_ref,
const char *checksum,
gboolean no_autodownload,
+ const char *download_if,
gboolean autodelete)
{
g_autoptr(GVariant) deploy_data = NULL;
@@ -7384,19 +7407,20 @@
g_autoptr(GPtrArray) subpaths = g_ptr_array_new_with_free_func (g_free);
int i;
FlatpakRelated *rel;
- gboolean download = TRUE;
+ gboolean download;
gboolean delete = autodelete;
+ g_auto(GStrv) ref_parts = g_strsplit (extension_ref, "/", -1);
deploy_data = flatpak_dir_get_deploy_data (self, extension_ref, NULL, NULL);
if (deploy_data)
old_subpaths = flatpak_deploy_data_get_subpaths (deploy_data);
- /* Only apply no-autodownload for uninstalled refs, we want to update
- if you manually installed them */
-
- if (no_autodownload && deploy_data == NULL)
- download = FALSE;
+ /* Only respect no-autodownload/download-if for uninstalled refs, we
+ always want to update if you manually installed something */
+ download =
+ flatpak_extension_matches_reason (ref_parts[1], download_if, !no_autodownload) ||
+ deploy_data != NULL;
if (g_str_has_suffix (extension, ".Debug"))
{
@@ -7502,6 +7526,8 @@
"subdirectories", NULL);
gboolean no_autodownload = g_key_file_get_boolean (metakey, groups[i],
"no-autodownload", NULL);
+ g_autofree char *download_if = g_key_file_get_string (metakey, groups[i],
+ "download-if", NULL);
gboolean autodelete = g_key_file_get_boolean (metakey, groups[i],
"autodelete", NULL);
const char *branch;
@@ -7519,7 +7545,7 @@
extension_ref,
&checksum))
{
- add_related (self, related, extension, extension_ref, checksum, no_autodownload, autodelete);
+ add_related (self, related, extension, extension_ref, checksum, no_autodownload, download_if, autodelete);
}
else if (subdirectories)
{
@@ -7530,7 +7556,7 @@
if (flatpak_summary_lookup_ref (summary,
refs[j],
&checksum))
- add_related (self, related, extension, refs[j], checksum, no_autodownload, autodelete);
+ add_related (self, related, extension, refs[j], checksum, no_autodownload, download_if, autodelete);
}
}
}
@@ -7636,6 +7662,8 @@
"subdirectories", NULL);
gboolean no_autodownload = g_key_file_get_boolean (metakey, groups[i],
"no-autodownload", NULL);
+ g_autofree char *download_if = g_key_file_get_string (metakey, groups[i],
+ "download-if", NULL);
gboolean autodelete = g_key_file_get_boolean (metakey, groups[i],
"autodelete", NULL);
const char *branch;
@@ -7657,7 +7685,7 @@
NULL))
{
add_related (self, related, extension, extension_ref,
- checksum, no_autodownload, autodelete);
+ checksum, no_autodownload, download_if, autodelete);
}
else if (subdirectories)
{
@@ -7679,7 +7707,7 @@
{
add_related (self, related, extension,
match, match_checksum,
- no_autodownload, autodelete);
+ no_autodownload, download_if, autodelete);
}
}
}
diff -Nru flatpak-0.8.2/common/flatpak-run.c flatpak-0.8.3/common/flatpak-run.c
--- flatpak-0.8.2/common/flatpak-run.c 2017-01-27 09:51:06.000000000 +0000
+++ flatpak-0.8.3/common/flatpak-run.c 2017-02-14 10:13:28.000000000 +0000
@@ -2163,6 +2163,7 @@
gboolean
flatpak_run_add_extension_args (GPtrArray *argv_array,
+ char ***envp_p,
GKeyFile *metakey,
const char *full_ref,
GCancellable *cancellable,
@@ -2171,6 +2172,10 @@
g_auto(GStrv) parts = NULL;
gboolean is_app;
GList *extensions, *l;
+ g_autoptr(GHashTable) mounted_tmpfs =
+ g_hash_table_new_full (g_str_hash, g_str_equal, g_free, NULL);
+ g_autoptr(GHashTable) created_symlink =
+ g_hash_table_new_full (g_str_hash, g_str_equal, g_free, NULL);
parts = g_strsplit (full_ref, "/", 0);
if (g_strv_length (parts) != 4)
@@ -2184,16 +2189,23 @@
for (l = extensions; l != NULL; l = l->next)
{
FlatpakExtension *ext = l->data;
- g_autofree char *full_directory = g_build_filename (is_app ? "/app" : "/usr", ext->directory, NULL);
+ g_autofree char *directory = g_build_filename (is_app ? "/app" : "/usr", ext->directory, NULL);
+ g_autofree char *full_directory = g_build_filename (directory, ext->subdir_suffix, NULL);
g_autofree char *ref = g_build_filename (full_directory, ".ref", NULL);
g_autofree char *real_ref = g_build_filename (ext->files_path, ext->directory, ".ref", NULL);
+ int i;
if (ext->needs_tmpfs)
{
- g_autofree char *parent = g_path_get_dirname (full_directory);
- add_args (argv_array,
- "--tmpfs", parent,
- NULL);
+ g_autofree char *parent = g_path_get_dirname (directory);
+
+ if (g_hash_table_lookup (mounted_tmpfs, parent) == NULL)
+ {
+ add_args (argv_array,
+ "--tmpfs", parent,
+ NULL);
+ g_hash_table_insert (mounted_tmpfs, g_steal_pointer (&parent), "mounted");
+ }
}
add_args (argv_array,
@@ -2204,6 +2216,46 @@
add_args (argv_array,
"--lock-file", ref,
NULL);
+
+ if (ext->add_ld_path)
+ {
+ g_autofree char *ld_path = g_build_filename (full_directory, ext->add_ld_path, NULL);
+ const gchar *old_ld_path = g_environ_getenv (*envp_p, "LD_LIBRARY_PATH");
+ g_autofree char *new_ld_path = NULL;
+
+ if (old_ld_path != NULL)
+ new_ld_path = g_strconcat (old_ld_path, ":", ld_path, NULL);
+ else
+ new_ld_path = g_strdup (new_ld_path);
+
+ *envp_p = g_environ_setenv (*envp_p, "LD_LIBRARY_PATH", new_ld_path , TRUE);
+ }
+
+ for (i = 0; ext->merge_dirs != NULL && ext->merge_dirs[i] != NULL; i++)
+ {
+ g_autofree char *parent = g_path_get_dirname (directory);
+ g_autofree char *merge_dir = g_build_filename (parent, ext->merge_dirs[i], NULL);
+ g_autofree char *source_dir = g_build_filename (ext->files_path, ext->merge_dirs[i], NULL);
+ g_auto(GLnxDirFdIterator) source_iter = { 0 };
+ struct dirent *dent;
+
+ if (glnx_dirfd_iterator_init_at (AT_FDCWD, source_dir, TRUE, &source_iter, NULL))
+ {
+ while (glnx_dirfd_iterator_next_dent (&source_iter, &dent, NULL, NULL) && dent != NULL)
+ {
+ g_autofree char *symlink_path = g_build_filename (merge_dir, dent->d_name, NULL);
+ /* Only create the first, because extensions are listed in prio order */
+ if (g_hash_table_lookup (created_symlink, symlink_path) == NULL)
+ {
+ g_autofree char *symlink = g_build_filename (directory, ext->merge_dirs[i], dent->d_name, NULL);
+ add_args (argv_array,
+ "--symlink", symlink, symlink_path,
+ NULL);
+ g_hash_table_insert (created_symlink, g_steal_pointer (&symlink_path), "created");
+ }
+ }
+ }
+ }
}
g_list_free_full (extensions, (GDestroyNotify) flatpak_extension_free);
@@ -2478,23 +2530,25 @@
if (context->devices & FLATPAK_CONTEXT_DEVICE_DRI)
{
g_debug ("Allowing dri access");
- if (g_file_test ("/dev/dri", G_FILE_TEST_IS_DIR))
- add_args (argv_array, "--dev-bind", "/dev/dri", "/dev/dri", NULL);
- if (g_file_test ("/dev/mali", G_FILE_TEST_EXISTS))
- {
- add_args (argv_array,
- "--dev-bind", "/dev/mali", "/dev/mali",
- "--dev-bind", "/dev/umplock", "/dev/umplock",
- NULL);
- }
- if (g_file_test ("/dev/nvidiactl", G_FILE_TEST_EXISTS))
+ int i;
+ char *dri_devices[] = {
+ "/dev/dri",
+ /* mali */
+ "/dev/mali",
+ "/dev/umplock",
+ /* nvidia */
+ "/dev/nvidiactl",
+ "/dev/nvidia0",
+ "/dev/nvidia-modeset",
+ };
+
+ for (i = 0; i < G_N_ELEMENTS(dri_devices); i++)
{
- add_args (argv_array,
- "--dev-bind", "/dev/nvidiactl", "/dev/nvidiactl",
- "--dev-bind", "/dev/nvidia0", "/dev/nvidia0",
- NULL);
+ if (g_file_test (dri_devices[i], G_FILE_TEST_EXISTS))
+ add_args (argv_array, "--dev-bind", dri_devices[i], dri_devices[i], NULL);
}
}
+
if (context->devices & FLATPAK_CONTEXT_DEVICE_KVM)
{
g_debug ("Allowing kvm access");
@@ -3856,7 +3910,6 @@
add_args (argv_array,
"--unshare-pid",
- "--unshare-user-try",
"--proc", "/proc",
"--dir", "/tmp",
"--dir", "/var/tmp",
@@ -4165,10 +4218,10 @@
return FALSE;
if (metakey != NULL &&
- !flatpak_run_add_extension_args (argv_array, metakey, app_ref, cancellable, error))
+ !flatpak_run_add_extension_args (argv_array, &envp, metakey, app_ref, cancellable, error))
return FALSE;
- if (!flatpak_run_add_extension_args (argv_array, runtime_metakey, runtime_ref, cancellable, error))
+ if (!flatpak_run_add_extension_args (argv_array, &envp, runtime_metakey, runtime_ref, cancellable, error))
return FALSE;
add_document_portal_args (argv_array, app_ref_parts[1]);
diff -Nru flatpak-0.8.2/common/flatpak-run.h flatpak-0.8.3/common/flatpak-run.h
--- flatpak-0.8.2/common/flatpak-run.h 2017-01-27 09:50:41.000000000 +0000
+++ flatpak-0.8.3/common/flatpak-run.h 2017-02-10 15:13:02.000000000 +0000
@@ -72,6 +72,7 @@
G_DEFINE_AUTOPTR_CLEANUP_FUNC (FlatpakContext, flatpak_context_free)
gboolean flatpak_run_add_extension_args (GPtrArray *argv_array,
+ char ***envp_p,
GKeyFile *metakey,
const char *full_ref,
GCancellable *cancellable,
diff -Nru flatpak-0.8.2/common/flatpak-utils.c flatpak-0.8.3/common/flatpak-utils.c
--- flatpak-0.8.2/common/flatpak-utils.c 2017-01-19 14:36:06.000000000 +0000
+++ flatpak-0.8.3/common/flatpak-utils.c 2017-02-14 10:14:41.000000000 +0000
@@ -359,6 +359,47 @@
return (const char **)arches;
}
+const char **
+flatpak_get_gl_drivers (void)
+{
+ static gsize drivers = 0;
+ if (g_once_init_enter (&drivers))
+ {
+ gsize new_drivers;
+ char **new_drivers_c = 0;
+ const char *env = g_getenv ("FLATPAK_GL_DRIVERS");
+ if (env != NULL && *env != 0)
+ new_drivers_c = g_strsplit (env, ":", -1);
+ else
+ {
+ g_autofree char *nvidia_version = NULL;
+ char *dot;
+ GPtrArray *array = g_ptr_array_new ();
+
+ if (g_file_get_contents ("/sys/module/nvidia/version",
+ &nvidia_version, NULL, NULL))
+ {
+ g_strstrip (nvidia_version);
+ /* Convert dots to dashes */
+ while ((dot = strchr (nvidia_version, '.')) != NULL)
+ *dot = '-';
+ g_ptr_array_add (array, g_strconcat ("nvidia-", nvidia_version, NULL));
+ }
+
+ g_ptr_array_add (array, (char *)"default");
+ g_ptr_array_add (array, (char *)"host");
+
+ g_ptr_array_add (array, NULL);
+ new_drivers_c = (char **)g_ptr_array_free (array, FALSE);
+ }
+
+ new_drivers = (gsize)new_drivers_c;
+ g_once_init_leave (&drivers, new_drivers);
+ }
+
+ return (const char **)drivers;
+}
+
gboolean
flatpak_is_in_sandbox (void)
{
@@ -3450,14 +3491,30 @@
g_free (extension->ref);
g_free (extension->directory);
g_free (extension->files_path);
+ g_free (extension->add_ld_path);
+ g_free (extension->subdir_suffix);
+ g_strfreev (extension->merge_dirs);
g_free (extension);
}
+static int
+flatpak_extension_compare (gconstpointer _a,
+ gconstpointer _b)
+{
+ const FlatpakExtension *a = _a;
+ const FlatpakExtension *b = _b;
+
+ return b->priority - a->priority;
+}
+
static FlatpakExtension *
flatpak_extension_new (const char *id,
const char *extension,
const char *ref,
const char *directory,
+ const char *add_ld_path,
+ const char *subdir_suffix,
+ char **merge_dirs,
GFile *files,
gboolean is_unmaintained)
{
@@ -3468,10 +3525,58 @@
ext->ref = g_strdup (ref);
ext->directory = g_strdup (directory);
ext->files_path = g_file_get_path (files);
+ ext->add_ld_path = g_strdup (add_ld_path);
+ ext->subdir_suffix = g_strdup (subdir_suffix);
+ ext->merge_dirs = g_strdupv (merge_dirs);
ext->is_unmaintained = is_unmaintained;
+
+ if (is_unmaintained)
+ ext->priority = 1000;
+ else
+ {
+ g_autoptr(GKeyFile) keyfile = g_key_file_new ();
+ g_autofree char *metadata_path = g_build_filename (ext->files_path, "../metadata", NULL);
+
+ if (g_key_file_load_from_file (keyfile, metadata_path, G_KEY_FILE_NONE, NULL))
+ ext->priority = g_key_file_get_integer (keyfile, "ExtensionOf", "priority", NULL);
+ }
+
return ext;
}
+gboolean
+flatpak_extension_matches_reason (const char *extension_id,
+ const char *reason,
+ gboolean default_value)
+{
+ const char *extension_basename;
+
+ if (reason == NULL || *reason == 0)
+ return default_value;
+
+ extension_basename = strrchr (extension_id, '.');
+ if (extension_basename == NULL)
+ return FALSE;
+ extension_basename += 1;
+
+ if (strcmp (reason, "active-gl-driver") == 0)
+ {
+ /* handled below */
+ const char **gl_drivers = flatpak_get_gl_drivers ();
+ int i;
+
+ for (i = 0; gl_drivers[i] != NULL; i++)
+ {
+ if (strcmp (gl_drivers[i], extension_basename) == 0)
+ return TRUE;
+ }
+
+ return FALSE;
+ }
+
+ return FALSE;
+}
+
GList *
flatpak_list_extensions (GKeyFile *metakey,
const char *arch,
@@ -3497,6 +3602,10 @@
{
g_autofree char *directory = g_key_file_get_string (metakey, groups[i], "directory", NULL);
g_autofree char *version = g_key_file_get_string (metakey, groups[i], "version", NULL);
+ g_autofree char *add_ld_path = g_key_file_get_string (metakey, groups[i], "add-ld-path", NULL);
+ g_auto(GStrv) merge_dirs = g_key_file_get_string_list (metakey, groups[i], "merge-dirs", NULL, NULL);
+ g_autofree char *enable_if = g_key_file_get_string (metakey, groups[i], "enable-if", NULL);
+ g_autofree char *subdir_suffix = g_key_file_get_string (metakey, groups[i], "subdirectory-suffix", NULL);
g_autofree char *ref = NULL;
const char *branch;
gboolean is_unmaintained = FALSE;
@@ -3522,8 +3631,11 @@
/* Prefer a full extension (org.freedesktop.Locale) over subdirectory ones (org.freedesktop.Locale.sv) */
if (files != NULL)
{
- ext = flatpak_extension_new (extension, extension, ref, directory, files, is_unmaintained);
- res = g_list_prepend (res, ext);
+ if (flatpak_extension_matches_reason (extension, enable_if, TRUE))
+ {
+ ext = flatpak_extension_new (extension, extension, ref, directory, add_ld_path, subdir_suffix, merge_dirs, files, is_unmaintained);
+ res = g_list_prepend (res, ext);
+ }
}
else if (g_key_file_get_boolean (metakey, groups[i],
"subdirectories", NULL))
@@ -3532,7 +3644,6 @@
g_auto(GStrv) refs = NULL;
g_auto(GStrv) unmaintained_refs = NULL;
int j;
- gboolean needs_tmpfs = TRUE;
refs = flatpak_list_deployed_refs ("runtime", prefix, arch, branch,
NULL, NULL);
@@ -3542,11 +3653,10 @@
g_autofree char *dir_ref = g_build_filename ("runtime", refs[j], arch, branch, NULL);
g_autoptr(GFile) subdir_files = flatpak_find_files_dir_for_ref (dir_ref, NULL, NULL);
- if (subdir_files)
+ if (subdir_files && flatpak_extension_matches_reason (refs[j], enable_if, TRUE))
{
- ext = flatpak_extension_new (extension, refs[j], dir_ref, extended_dir, subdir_files, FALSE);
- ext->needs_tmpfs = needs_tmpfs;
- needs_tmpfs = FALSE; /* Only first subdir needs a tmpfs */
+ ext = flatpak_extension_new (extension, refs[j], dir_ref, extended_dir, add_ld_path, subdir_suffix, merge_dirs, subdir_files, FALSE);
+ ext->needs_tmpfs = TRUE;
res = g_list_prepend (res, ext);
}
}
@@ -3559,11 +3669,10 @@
g_autofree char *dir_ref = g_build_filename ("runtime", unmaintained_refs[j], arch, branch, NULL);
g_autoptr(GFile) subdir_files = flatpak_find_unmaintained_extension_dir_if_exists (unmaintained_refs[j], arch, branch, NULL);
- if (subdir_files)
+ if (subdir_files && flatpak_extension_matches_reason (unmaintained_refs[j], enable_if, TRUE))
{
- ext = flatpak_extension_new (extension, unmaintained_refs[j], dir_ref, extended_dir, subdir_files, TRUE);
- ext->needs_tmpfs = needs_tmpfs;
- needs_tmpfs = FALSE; /* Only first subdir needs a tmpfs */
+ ext = flatpak_extension_new (extension, unmaintained_refs[j], dir_ref, extended_dir, add_ld_path, subdir_suffix, merge_dirs, subdir_files, TRUE);
+ ext->needs_tmpfs = TRUE;
res = g_list_prepend (res, ext);
}
}
@@ -3571,10 +3680,9 @@
}
}
- return g_list_reverse (res);
+ return g_list_sort (g_list_reverse (res), flatpak_extension_compare);
}
-
typedef struct
{
FlatpakXml *current;
@@ -4441,6 +4549,7 @@
GString *content;
char buffer[16*1024];
FlatpakLoadUriProgress progress;
+ GCancellable *cancellable;
gpointer user_data;
guint64 last_progress_time;
} LoadUriData;
@@ -4506,7 +4615,7 @@
}
g_input_stream_read_async (stream, data->buffer, sizeof (data->buffer),
- G_PRIORITY_DEFAULT, NULL,
+ G_PRIORITY_DEFAULT, data->cancellable,
load_uri_read_cb, data);
}
@@ -4550,7 +4659,7 @@
}
g_input_stream_read_async (in, data->buffer, sizeof (data->buffer),
- G_PRIORITY_DEFAULT, NULL,
+ G_PRIORITY_DEFAULT, data->cancellable,
load_uri_read_cb, data);
}
@@ -4597,13 +4706,13 @@
g_debug ("Loading %s using libsoup", uri);
- context = g_main_context_new ();
- g_main_context_push_thread_default (context);
+ context = g_main_context_ref_thread_default ();
loop = g_main_loop_new (context, TRUE);
data.loop = loop;
data.content = content;
data.progress = progress;
+ data.cancellable = cancellable;
data.user_data = user_data;
data.last_progress_time = g_get_monotonic_time ();
@@ -4617,7 +4726,6 @@
load_uri_callback, &data);
g_main_loop_run (loop);
- g_main_context_pop_thread_default (context);
if (data.error)
{
@@ -4647,13 +4755,13 @@
g_debug ("Loading %s using libsoup", uri);
- context = g_main_context_new ();
- g_main_context_push_thread_default (context);
+ context = g_main_context_ref_thread_default ();
loop = g_main_loop_new (context, TRUE);
data.loop = loop;
data.out = out;
data.progress = progress;
+ data.cancellable = cancellable;
data.user_data = user_data;
data.last_progress_time = g_get_monotonic_time ();
@@ -4667,7 +4775,6 @@
load_uri_callback, &data);
g_main_loop_run (loop);
- g_main_context_pop_thread_default (context);
if (data.error)
{
diff -Nru flatpak-0.8.2/common/flatpak-utils.h flatpak-0.8.3/common/flatpak-utils.h
--- flatpak-0.8.2/common/flatpak-utils.h 2017-01-19 14:33:34.000000000 +0000
+++ flatpak-0.8.3/common/flatpak-utils.h 2017-02-14 10:13:28.000000000 +0000
@@ -64,6 +64,11 @@
const char * flatpak_get_arch (void);
const char ** flatpak_get_arches (void);
+const char ** flatpak_get_gl_drivers (void);
+gboolean flatpak_extension_matches_reason (const char *extension_id,
+ const char *reason,
+ gboolean default_value);
+
const char * flatpak_get_bwrap (void);
char ** flatpak_get_current_locale_subpaths (void);
@@ -324,6 +329,10 @@
char *ref;
char *directory;
char *files_path;
+ char *subdir_suffix;
+ char *add_ld_path;
+ char **merge_dirs;
+ int priority;
gboolean needs_tmpfs;
gboolean is_unmaintained;
} FlatpakExtension;
diff -Nru flatpak-0.8.2/configure flatpak-0.8.3/configure
--- flatpak-0.8.2/configure 2017-01-27 10:34:36.000000000 +0000
+++ flatpak-0.8.3/configure 2017-02-14 10:16:22.000000000 +0000
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for Flatpak 0.8.2.
+# Generated by GNU Autoconf 2.69 for Flatpak 0.8.3.
#
# Report bugs to <https://github.com/flatpak/flatpak/issues>.
#
@@ -590,8 +590,8 @@
# Identity of this package.
PACKAGE_NAME='Flatpak'
PACKAGE_TARNAME='flatpak'
-PACKAGE_VERSION='0.8.2'
-PACKAGE_STRING='Flatpak 0.8.2'
+PACKAGE_VERSION='0.8.3'
+PACKAGE_STRING='Flatpak 0.8.3'
PACKAGE_BUGREPORT='https://github.com/flatpak/flatpak/issues'
PACKAGE_URL='http://flatpak.org/'
@@ -697,8 +697,6 @@
SUDO_BIN
PRIV_MODE_SETUID_FALSE
PRIV_MODE_SETUID_TRUE
-PRIV_MODE_FILECAPS_FALSE
-PRIV_MODE_FILECAPS_TRUE
LIBSECCOMP_LIBS
LIBSECCOMP_CFLAGS
JSON_LIBS
@@ -1495,7 +1493,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures Flatpak 0.8.2 to adapt to many kinds of systems.
+\`configure' configures Flatpak 0.8.3 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1565,7 +1563,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of Flatpak 0.8.2:";;
+ short | recursive ) echo "Configuration of Flatpak 0.8.3:";;
esac
cat <<\_ACEOF
@@ -1647,7 +1645,7 @@
[default=SYSCONFDIR/profile.d]
--with-system-bubblewrap
Use system bwrap executable [default=check $BWRAP]
- --with-priv-mode=setuid/caps/none
+ --with-priv-mode=setuid/none
How to set privilege-raising during install (only
needed if userns not working)
--with-system-install-dir=DIR
@@ -1773,7 +1771,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-Flatpak configure 0.8.2
+Flatpak configure 0.8.3
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@@ -2142,7 +2140,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by Flatpak $as_me 0.8.2, which was
+It was created by Flatpak $as_me 0.8.3, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@@ -12689,7 +12687,7 @@
# Define the identity of the package.
PACKAGE='flatpak'
- VERSION='0.8.2'
+ VERSION='0.8.3'
# Some tools Automake needs.
@@ -16593,14 +16591,6 @@
fi
- if test "x$with_priv_mode" = "xcaps"; then
- PRIV_MODE_FILECAPS_TRUE=
- PRIV_MODE_FILECAPS_FALSE='#'
-else
- PRIV_MODE_FILECAPS_TRUE='#'
- PRIV_MODE_FILECAPS_FALSE=
-fi
-
if test "x$with_priv_mode" = "xsetuid"; then
PRIV_MODE_SETUID_TRUE=
PRIV_MODE_SETUID_FALSE='#'
@@ -17737,9 +17727,9 @@
FLATPAK_MAJOR_VERSION=0
FLATPAK_MINOR_VERSION=8
-FLATPAK_MICRO_VERSION=2
-FLATPAK_INTERFACE_AGE=2
-FLATPAK_VERSION=0.8.2
+FLATPAK_MICRO_VERSION=3
+FLATPAK_INTERFACE_AGE=3
+FLATPAK_VERSION=0.8.3
@@ -17771,7 +17761,7 @@
-LT_VERSION_INFO="800:2:800"
+LT_VERSION_INFO="800:3:800"
LT_CURRENT_MINUS_AGE=0
@@ -17931,10 +17921,6 @@
as_fn_error $? "conditional \"BUILD_SYSTEM_HELPER\" was never defined.
Usually this means the macro was only invoked conditionally." "$LINENO" 5
fi
-if test -z "${PRIV_MODE_FILECAPS_TRUE}" && test -z "${PRIV_MODE_FILECAPS_FALSE}"; then
- as_fn_error $? "conditional \"PRIV_MODE_FILECAPS\" was never defined.
-Usually this means the macro was only invoked conditionally." "$LINENO" 5
-fi
if test -z "${PRIV_MODE_SETUID_TRUE}" && test -z "${PRIV_MODE_SETUID_FALSE}"; then
as_fn_error $? "conditional \"PRIV_MODE_SETUID\" was never defined.
Usually this means the macro was only invoked conditionally." "$LINENO" 5
@@ -18384,7 +18370,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by Flatpak $as_me 0.8.2, which was
+This file was extended by Flatpak $as_me 0.8.3, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -18451,7 +18437,7 @@
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-Flatpak config.status 0.8.2
+Flatpak config.status 0.8.3
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
diff -Nru flatpak-0.8.2/configure.ac flatpak-0.8.3/configure.ac
--- flatpak-0.8.2/configure.ac 2017-01-27 10:34:12.000000000 +0000
+++ flatpak-0.8.3/configure.ac 2017-02-14 10:15:55.000000000 +0000
@@ -15,8 +15,8 @@
m4_define([flatpak_major_version], [0])
m4_define([flatpak_minor_version], [8])
-m4_define([flatpak_micro_version], [2])
-m4_define([flatpak_interface_age], [2])
+m4_define([flatpak_micro_version], [3])
+m4_define([flatpak_interface_age], [3])
m4_define([flatpak_binary_age],
[m4_eval(10000 * flatpak_major_version + 100 * flatpak_minor_version + flatpak_micro_version)])
m4_define([flatpak_version],
@@ -206,12 +206,11 @@
fi
AC_ARG_WITH(priv-mode,
- AS_HELP_STRING([--with-priv-mode=setuid/caps/none],
+ AS_HELP_STRING([--with-priv-mode=setuid/none],
[How to set privilege-raising during install (only needed if userns not working)]),
[],
[with_priv_mode="none"])
-AM_CONDITIONAL(PRIV_MODE_FILECAPS, test "x$with_priv_mode" = "xcaps")
AM_CONDITIONAL(PRIV_MODE_SETUID, test "x$with_priv_mode" = "xsetuid")
AC_ARG_ENABLE(sudo,
diff -Nru flatpak-0.8.2/debian/changelog flatpak-0.8.3/debian/changelog
--- flatpak-0.8.2/debian/changelog 2017-01-27 21:56:51.000000000 +0000
+++ flatpak-0.8.3/debian/changelog 2017-02-14 14:14:45.000000000 +0000
@@ -1,3 +1,25 @@
+flatpak (0.8.3-1) unstable; urgency=medium
+
+ * New upstream bugfix release
+ - fixes portals' ability to identify confined apps
+ (Closes: #855129)
+ - better support for third-party (proprietary) OpenGL drivers
+ - better handling of errors for extra-data
+ - handle extra-data properly for runtimes (as well as apps)
+ - respect required version for runtimes (as well as apps)
+ - flatpak list: Don't break if some local ref is not deployed
+ - builder: Look for appstream data in /app/share/metadata also
+ - builder: Fix buildsystem=cmake builds
+ - Add progress reporting to extra-data download
+ - Fix uid/gid for directories in document portal
+ * Duplicate the profile.d snippet in /etc/X11/Xsession.d so it
+ applies to X11 sessions, not just login shells. This matches the
+ upstream intention: X11 sessions have traditionally run in a login
+ shell on Red Hat derivatives, but not in Debian derivatives.
+ (Closes: #846338)
+
+ -- Simon McVittie <s...@debian.org> Tue, 14 Feb 2017 14:14:45 +0000
+
flatpak (0.8.2-1) unstable; urgency=medium
* New upstream bugfix release
diff -Nru flatpak-0.8.2/debian/flatpak.install flatpak-0.8.3/debian/flatpak.install
--- flatpak-0.8.2/debian/flatpak.install 2017-01-27 21:56:51.000000000 +0000
+++ flatpak-0.8.3/debian/flatpak.install 2017-02-14 14:14:45.000000000 +0000
@@ -1,4 +1,5 @@
debian/org.freedesktop.Flatpak.pkla var/lib/polkit-1/localauthority/10-vendor.d/
+etc/X11/Xsession.d
etc/dbus-1/system.d
etc/profile.d/
lib/systemd/system/flatpak-system-helper.service
diff -Nru flatpak-0.8.2/debian/rules flatpak-0.8.3/debian/rules
--- flatpak-0.8.2/debian/rules 2017-01-27 21:56:51.000000000 +0000
+++ flatpak-0.8.3/debian/rules 2017-02-14 14:14:45.000000000 +0000
@@ -24,6 +24,9 @@
$(NULL)
override_dh_install:
+ install -d debian/tmp/etc/X11/Xsession.d
+ install -m644 debian/tmp/etc/profile.d/flatpak.sh \
+ debian/tmp/etc/X11/Xsession.d/20flatpak
rm -f debian/tmp/usr/lib/*/*.la
dh_install --fail-missing
diff -Nru flatpak-0.8.2/doc/flatpak-builder.xml flatpak-0.8.3/doc/flatpak-builder.xml
--- flatpak-0.8.2/doc/flatpak-builder.xml 2017-01-27 09:50:24.000000000 +0000
+++ flatpak-0.8.3/doc/flatpak-builder.xml 2017-02-14 10:14:47.000000000 +0000
@@ -286,6 +286,10 @@
<listitem><para>This is an array containing extra options to pass to flatpak build.</para></listitem>
</varlistentry>
<varlistentry>
+ <term><option>config-opts</option> (array of strings)</term>
+ <listitem><para>This is an array containing extra options to pass to configure.</para></listitem>
+ </varlistentry>
+ <varlistentry>
<term><option>strip</option> (boolean)</term>
<listitem><para>If this is true (the default is false) then all ELF files will be stripped after install.</para></listitem>
</varlistentry>
diff -Nru flatpak-0.8.2/doc/flatpak.xml flatpak-0.8.3/doc/flatpak.xml
--- flatpak-0.8.2/doc/flatpak.xml 2017-01-27 09:50:24.000000000 +0000
+++ flatpak-0.8.3/doc/flatpak.xml 2017-02-14 10:13:28.000000000 +0000
@@ -138,6 +138,14 @@
</para></listitem>
</varlistentry>
+ <varlistentry>
+ <term><option>--gl-drivers</option></term>
+
+ <listitem><para>
+ Print the list of active gl drivers and exit.
+ </para></listitem>
+ </varlistentry>
+
</variablelist>
</refsect1>
diff -Nru flatpak-0.8.2/doc/reference/html/flatpak-Version-information.html flatpak-0.8.3/doc/reference/html/flatpak-Version-information.html
--- flatpak-0.8.2/doc/reference/html/flatpak-Version-information.html 2017-01-27 10:36:25.000000000 +0000
+++ flatpak-0.8.3/doc/reference/html/flatpak-Version-information.html 2017-02-14 10:24:24.000000000 +0000
@@ -86,7 +86,7 @@
<hr>
<div class="refsect2">
<a name="FLATPAK-MICRO-VERSION:CAPS"></a><h3>FLATPAK_MICRO_VERSION</h3>
-<pre class="programlisting">#define FLATPAK_MICRO_VERSION (2)
+<pre class="programlisting">#define FLATPAK_MICRO_VERSION (3)
</pre>
</div>
</div>
diff -Nru flatpak-0.8.2/doc/reference/html/index.html flatpak-0.8.3/doc/reference/html/index.html
--- flatpak-0.8.2/doc/reference/html/index.html 2017-01-27 10:36:25.000000000 +0000
+++ flatpak-0.8.3/doc/reference/html/index.html 2017-02-14 10:24:24.000000000 +0000
@@ -15,7 +15,7 @@
<div>
<div><table class="navigation" id="top" width="100%" cellpadding="2" cellspacing="0"><tr><th valign="middle"><p class="title">Flatpak Library Reference Manual</p></th></tr></table></div>
<div><p class="releaseinfo">
- For flatpak 0.8.2
+ For flatpak 0.8.3
</p></div>
</div>
diff -Nru flatpak-0.8.2/document-portal/xdp-fuse.c flatpak-0.8.3/document-portal/xdp-fuse.c
--- flatpak-0.8.2/document-portal/xdp-fuse.c 2017-01-18 10:32:44.000000000 +0000
+++ flatpak-0.8.3/document-portal/xdp-fuse.c 2017-02-14 10:14:44.000000000 +0000
@@ -848,6 +848,8 @@
struct stat *stbuf)
{
stbuf->st_ino = inode->ino;
+ stbuf->st_uid = getuid ();
+ stbuf->st_gid = getgid ();
switch (inode->type)
{
diff -Nru flatpak-0.8.2/INSTALL flatpak-0.8.3/INSTALL
--- flatpak-0.8.2/INSTALL 2017-01-25 17:51:32.000000000 +0000
+++ flatpak-0.8.3/INSTALL 2017-01-30 11:10:56.000000000 +0000
@@ -0,0 +1,55 @@
+Flatpak uses a traditional autoconf-style build mechanism. To build just do
+ ./configure [args]
+ make
+ make install
+
+Most configure arguments are documented in ./configure --help. However, there
+are some options that are a bit more complicated.
+
+Flatpak relies on a project called bubblewrap[1] for the lowlevel sandboxing.
+By default, an in-tree copy of this is built (distributed in the tarball
+or using git submodules in the git tree). This will build a helper
+called flatpak-bwrap. If your system have a recent enough
+version of bubblewrap already, you can use --with-system-bubblewrap to
+use that instead.
+
+Bubblewrap can run in two modes, either using unprivileged user
+namespaces. This requires that the kernel supports this, which some
+distributions disable. For instance, Arch completely disables user
+namespaces, while Debian supports unprivileged user
+namespaces, but only if you turn on the kernel.unprivileged_userns_clone
+sysctl.
+
+If unprivileged user namespaces is not available, then bubblewrap must
+be built as setuid root. This is believed to be safe, as it is
+designed to do this. Any build of bubblewrap supports both
+unprivileged and setuid mode, you just need to set the setuid bit for
+it to change mode.
+
+However, this it does complicate the installation a bit. If you pass
+--with-priv-mode=setuid to configure (of flatpak or bubblewrap) then
+make install will try to set the setuid bit. However that means you
+have to run make install as root. Alternatively, you can pass
+--enable-sudo to configure and it will call sudo when setting the
+setuid bit. Alternatively you can enable setuid completely outside of
+the installation, which is common for example when packaging bubblewrap
+in a .deb or .rpm.
+
+There are some complications when building flatpak to a different
+prefix than the system-installed version. First of all, the newly
+built flatpak will look for system-installed flatpaks in
+$PREFIX/var/lib/flatpak, which will not match existing installed
+flatpaks. You can use --with-system-install-dir=/var/lib/flatpak
+to make both installations use the same location.
+
+Secondly, flatpak ships with a root-privileged policykit helper for
+system-installation, called flatpak-system-helper. This is dbus
+activated (on the system-bus) and if you install in a non-standard
+location it is likely that this will not be found by dbus and
+policykit. However, if the system installation is synchronized it
+you can often use the system installed helper instead. At least
+if the two versions are close in versions.
+
+
+
+[1] https://github.com/projectatomic/bubblewrap.
diff -Nru flatpak-0.8.2/lib/flatpak-installation.c flatpak-0.8.3/lib/flatpak-installation.c
--- flatpak-0.8.2/lib/flatpak-installation.c 2017-01-24 08:54:11.000000000 +0000
+++ flatpak-0.8.3/lib/flatpak-installation.c 2017-02-14 10:14:38.000000000 +0000
@@ -1112,10 +1112,13 @@
guint total_delta_parts;
guint64 bytes_transferred;
guint64 total_delta_part_size;
+ guint outstanding_extra_data;
+ guint64 total_extra_data_bytes;
+ guint64 transferred_extra_data_bytes;
guint fetched;
guint metadata_fetched;
guint requested;
- guint64 elapsed_time;
+ guint64 current_time;
guint new_progress = 0;
gboolean estimating = FALSE;
@@ -1130,10 +1133,13 @@
total_delta_parts = ostree_async_progress_get_uint (progress, "total-delta-parts");
total_delta_part_size = ostree_async_progress_get_uint64 (progress, "total-delta-part-size");
bytes_transferred = ostree_async_progress_get_uint64 (progress, "bytes-transferred");
+ outstanding_extra_data = ostree_async_progress_get_uint (progress, "outstanding-extra-data");
+ total_extra_data_bytes = ostree_async_progress_get_uint64 (progress, "total-extra-data-bytes");
+ transferred_extra_data_bytes = ostree_async_progress_get_uint64 (progress, "transferred-extra-data-bytes");
fetched = ostree_async_progress_get_uint (progress, "fetched");
metadata_fetched = ostree_async_progress_get_uint (progress, "metadata-fetched");
requested = ostree_async_progress_get_uint (progress, "requested");
- elapsed_time = (g_get_monotonic_time () - ostree_async_progress_get_uint64 (progress, "start-time")) / G_USEC_PER_SEC;
+ current_time = g_get_monotonic_time ();
if (status)
{
@@ -1141,7 +1147,9 @@
}
else if (outstanding_fetches)
{
- guint64 bytes_sec = bytes_transferred / elapsed_time;
+ guint64 elapsed_time =
+ (current_time - ostree_async_progress_get_uint64 (progress, "start-time")) / G_USEC_PER_SEC;
+ guint64 bytes_sec = (elapsed_time > 0) ? bytes_transferred / elapsed_time : 0;
g_autofree char *formatted_bytes_transferred =
g_format_size_full (bytes_transferred, 0);
g_autofree char *formatted_bytes_sec = NULL;
@@ -1182,6 +1190,25 @@
fetched, requested, formatted_bytes_sec, formatted_bytes_transferred);
}
}
+ else if (outstanding_extra_data)
+ {
+ guint64 elapsed_time =
+ (current_time - ostree_async_progress_get_uint64 (progress, "start-time-extra-data")) / G_USEC_PER_SEC;
+ guint64 bytes_sec = (elapsed_time > 0) ? transferred_extra_data_bytes / elapsed_time : 0;
+ g_autofree char *formatted_bytes_transferred =
+ g_format_size_full (transferred_extra_data_bytes, 0);
+ g_autofree char *formatted_bytes_sec = NULL;
+
+ if (!bytes_sec) // Ignore first second
+ formatted_bytes_sec = g_strdup ("-");
+ else
+ formatted_bytes_sec = g_format_size (bytes_sec);
+
+ new_progress = (100 * transferred_extra_data_bytes) / total_extra_data_bytes;
+ g_string_append_printf (buf, "Downloading extra data: %u%% (%lu/%lu) %s/s %s",
+ (guint) ((((double) transferred_extra_data_bytes) / total_extra_data_bytes) * 100),
+ transferred_extra_data_bytes, total_extra_data_bytes, formatted_bytes_sec, formatted_bytes_transferred);
+ }
else if (outstanding_writes)
{
g_string_append_printf (buf, "Writing objects: %u", outstanding_writes);
diff -Nru flatpak-0.8.2/lib/flatpak-version-macros.h flatpak-0.8.3/lib/flatpak-version-macros.h
--- flatpak-0.8.2/lib/flatpak-version-macros.h 2017-01-27 10:34:38.000000000 +0000
+++ flatpak-0.8.3/lib/flatpak-version-macros.h 2017-02-14 10:16:24.000000000 +0000
@@ -27,7 +27,7 @@
#define FLATPAK_MAJOR_VERSION (0)
#define FLATPAK_MINOR_VERSION (8)
-#define FLATPAK_MICRO_VERSION (2)
+#define FLATPAK_MICRO_VERSION (3)
#define FLATPAK_CHECK_VERSION(major,minor,micro) \
(FLATPAK_MAJOR_VERSION > (major) || \
diff -Nru flatpak-0.8.2/Makefile.am flatpak-0.8.3/Makefile.am
--- flatpak-0.8.2/Makefile.am 2017-01-20 14:08:47.000000000 +0000
+++ flatpak-0.8.3/Makefile.am 2017-02-10 15:13:02.000000000 +0000
@@ -107,10 +107,6 @@
if PRIV_MODE_SETUID
$(SUDO_BIN) chown root $(DESTDIR)$(libexecdir)/flatpak-bwrap
$(SUDO_BIN) chmod u+s $(DESTDIR)$(libexecdir)/flatpak-bwrap
-else
-if PRIV_MODE_FILECAPS
- $(SUDO_BIN) setcap cap_sys_admin,cap_net_admin,cap_sys_chroot,cap_setuid,cap_setgid+ep $(DESTDIR)$(libexecdir)/flatpak-bwrap
-endif # PRIV_MODE_FILECAPS
endif # !PRIV_MODE_SETUID
endif # !WITH_SYSTEM_BWRAP
diff -Nru flatpak-0.8.2/Makefile.in flatpak-0.8.3/Makefile.in
--- flatpak-0.8.2/Makefile.in 2017-01-27 10:34:36.000000000 +0000
+++ flatpak-0.8.3/Makefile.in 2017-02-14 10:16:21.000000000 +0000
@@ -5090,7 +5090,6 @@
$(MAKE) $(AM_MAKEFLAGS) install-test-data-hook
@PRIV_MODE_SETUID_TRUE@@WITH_SYSTEM_BWRAP_FALSE@ $(SUDO_BIN) chown root $(DESTDIR)$(libexecdir)/flatpak-bwrap
@PRIV_MODE_SETUID_TRUE@@WITH_SYSTEM_BWRAP_FALSE@ $(SUDO_BIN) chmod u+s $(DESTDIR)$(libexecdir)/flatpak-bwrap
-@PRIV_MODE_FILECAPS_TRUE@@PRIV_MODE_SETUID_FALSE@@WITH_SYSTEM_BWRAP_FALSE@ $(SUDO_BIN) setcap cap_sys_admin,cap_net_admin,cap_sys_chroot,cap_setuid,cap_setgid+ep $(DESTDIR)$(libexecdir)/flatpak-bwrap
flatpak.sh: profile/flatpak.sh.in
$(AM_V_GEN) $(SED) -e "s|\@localstatedir\@|$(localstatedir)|" \
diff -Nru flatpak-0.8.2/NEWS flatpak-0.8.3/NEWS
--- flatpak-0.8.2/NEWS 2017-01-27 10:33:34.000000000 +0000
+++ flatpak-0.8.3/NEWS 2017-02-14 10:15:18.000000000 +0000
@@ -1,3 +1,26 @@
+Major changes in 0.8.3
+======================
+
+In addition to the regular list of bugfixes this stable release
+include backports of a the updated OpenGL support from master. This,
+in combination with the work in the runtime allows flatpak to work out
+of the box with out-of-tree OpenGL drivers, including the nvidia
+driver.
+
+Additionally, due to some complicated issues wrt ptrace and user
+namespaces this version disables the use of user namespaces if
+bubblewrap is setuid, as it cause problems for the way flatpak
+portals identifies applications. (See issue #557 for details)
+
+ * Better handling of errors for extra-data
+ * Handle extra-data properly for runtimes (as well as apps)
+ * Respect required version for runtimes (as well as apps)
+ * flatpak list: Don't break if some local ref is not deployed
+ * builder: Look for appstream data in /app/share/metadata also
+ * builder: Fix buildsystem=cmake builds
+ * Add progress reporting to extra-data download
+ * Fix uid/gid for directories in document portal
+
Major changes in 0.8.2
======================
Binary files /tmp/61rUw3kGHO/flatpak-0.8.2/po/de.gmo and /tmp/mvPb86m1Cq/flatpak-0.8.3/po/de.gmo differ
Binary files /tmp/61rUw3kGHO/flatpak-0.8.2/po/hu.gmo and /tmp/mvPb86m1Cq/flatpak-0.8.3/po/hu.gmo differ
Binary files /tmp/61rUw3kGHO/flatpak-0.8.2/po/pl.gmo and /tmp/mvPb86m1Cq/flatpak-0.8.3/po/pl.gmo differ
Binary files /tmp/61rUw3kGHO/flatpak-0.8.2/po/pt_BR.gmo and /tmp/mvPb86m1Cq/flatpak-0.8.3/po/pt_BR.gmo differ
Binary files /tmp/61rUw3kGHO/flatpak-0.8.2/po/ru.gmo and /tmp/mvPb86m1Cq/flatpak-0.8.3/po/ru.gmo differ
Binary files /tmp/61rUw3kGHO/flatpak-0.8.2/po/sk.gmo and /tmp/mvPb86m1Cq/flatpak-0.8.3/po/sk.gmo differ
Binary files /tmp/61rUw3kGHO/flatpak-0.8.2/po/sv.gmo and /tmp/mvPb86m1Cq/flatpak-0.8.3/po/sv.gmo differ
Binary files /tmp/61rUw3kGHO/flatpak-0.8.2/po/uk.gmo and /tmp/mvPb86m1Cq/flatpak-0.8.3/po/uk.gmo differ
diff -Nru flatpak-0.8.2/README.md flatpak-0.8.3/README.md
--- flatpak-0.8.2/README.md 2016-10-28 09:41:14.000000000 +0100
+++ flatpak-0.8.3/README.md 2017-02-10 15:13:02.000000000 +0000
@@ -9,3 +9,59 @@
See http://flatpak.org/ for more information.
Read documentation for the flatpak [commandline tools](http://flatpak.github.io/flatpak/flatpak-docs.html) and for the libflatpak [library API](http://flatpak.github.io/flatpak/reference/html/index.html).
+
+# INSTALLATION
+
+Flatpak uses a traditional autoconf-style build mechanism. To build just do
+```
+ ./configure [args]
+ make
+ make install
+```
+
+Most configure arguments are documented in ./configure --help. However, there
+are some options that are a bit more complicated.
+
+Flatpak relies on a project called
+[bubblewrap](https://github.com/projectatomic/bubblewrap) for the
+lowlevel sandboxing. By default, an in-tree copy of this is built
+(distributed in the tarball or using git submodules in the git
+tree). This will build a helper called flatpak-bwrap. If your system
+have a recent enough version of bubblewrap already, you can use
+`--with-system-bubblewrap` to use that instead.
+
+Bubblewrap can run in two modes, either using unprivileged user
+namespaces. This requires that the kernel supports this, which some
+distributions disable. For instance, Arch completely disables user
+namespaces, while Debian supports unprivileged user namespaces, but
+only if you turn on the kernel.unprivileged_userns_clone sysctl.
+
+If unprivileged user namespaces is not available, then bubblewrap must
+be built as setuid root. This is believed to be safe, as it is
+designed to do this. Any build of bubblewrap supports both
+unprivileged and setuid mode, you just need to set the setuid bit for
+it to change mode.
+
+However, this it does complicate the installation a bit. If you pass
+`--with-priv-mode=setuid` to configure (of flatpak or bubblewrap) then
+make install will try to set the setuid bit. However that means you
+have to run make install as root. Alternatively, you can pass
+`--enable-sudo` to configure and it will call sudo when setting the
+setuid bit. Alternatively you can enable setuid completely outside of
+the installation, which is common for example when packaging bubblewrap
+in a .deb or .rpm.
+
+There are some complications when building flatpak to a different
+prefix than the system-installed version. First of all, the newly
+built flatpak will look for system-installed flatpaks in
+`$PREFIX/var/lib/flatpak`, which will not match existing installed
+flatpaks. You can use `--with-system-install-dir=/var/lib/flatpak`
+to make both installations use the same location.
+
+Secondly, flatpak ships with a root-privileged policykit helper for
+system-installation, called flatpak-system-helper. This is dbus
+activated (on the system-bus) and if you install in a non-standard
+location it is likely that this will not be found by dbus and
+policykit. However, if the system installation is synchronized it
+you can often use the system installed helper instead. At least
+if the two versions are close in versions.
diff -Nru flatpak-0.8.2/tests/package_version.txt flatpak-0.8.3/tests/package_version.txt
--- flatpak-0.8.2/tests/package_version.txt 2017-01-27 10:34:39.000000000 +0000
+++ flatpak-0.8.3/tests/package_version.txt 2017-02-14 10:16:26.000000000 +0000
@@ -1 +1 @@
-0.8.2
+0.8.3
