On Sun, 30 Jul 2017 at 22:59:15 +0100, Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Thu, 2017-07-27 at 07:28 +0100, Simon McVittie wrote: > > > > Filtered diff (patched tree in security vs. what I propose) in > > https://lists.debian.org/debian-release/2017/07/msg00555.html aka > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864028#57 aka > > Message-ID: <20170715163609.nemdxrefaeird...@perpetual.pseudorandom.co.uk>. > > Notes on the differences and what I filtered are in the same mail. > > > > I would also be happy to add the equivalent of > > https://anonscm.debian.org/git/collab-maint/flatpak.git/diff/?id=debian/0.8.7-2&id2=debian/0.8.7-1 > > to make this flatpak compatible with buster's libostree, if the SRMs > > would be OK with that; that would turn it into 0.8.7-2~deb9u1. The > > relevant commits will be in upstream release 0.8.8 eventually. > > That sounds okay to me. Sorry for the delay in getting back to you.
I've assumed you meant "yes, please also include the 0.8.7-2 changes" (i.e. compatibility with buster's libostree), and uploaded 0.8.7-2~deb9u1. If that was wrong, please reject it and I'll go for 0.8.7-1~deb9u1. I tested against stretch's libostree on a stretch system to make sure it works correctly with both. The attached debdiff is the difference between what you already saw in https://lists.debian.org/debian-release/2017/07/msg00555.html aka https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864028#57 aka Message-ID: <20170715163609.nemdxrefaeird...@perpetual.pseudorandom.co.uk>, and what I uploaded. Improve-and-simplify-profile-snippet.patch was just moved into a subdirectory, there are no functional changes to it. Thanks, S
diffstat for flatpak-0.8.7 flatpak-0.8.7 changelog | 29 + patches/0.8.8/Manually-copy-summary-for-update-and-appdata-too.patch | 100 ++++ patches/0.8.8/common-Store-the-summary-signature-in-the-cache-too.patch | 226 ++++++++++ patches/0.8.8/install-Manually-save-summary-.sig-in-cache-repo.patch | 61 ++ patches/0.8.8/test-run-Allow-org.test.Setuid-to-install-as-long-as-it-s.patch | 66 ++ patches/0.9.1/Improve-and-simplify-profile-snippet.patch | 46 ++ patches/Improve-and-simplify-profile-snippet.patch | 46 -- patches/series | 6 8 files changed, 531 insertions(+), 49 deletions(-) diff -Nru --exclude aclocal.m4 --exclude configure --exclude config.guess --exclude config.sub --exclude po --exclude html --exclude Makefile.in flatpak-0.8.7/debian/changelog flatpak-0.8.7/debian/changelog --- flatpak-0.8.7/debian/changelog 2017-06-21 12:36:34.000000000 +0100 +++ flatpak-0.8.7/debian/changelog 2017-07-31 08:44:53.000000000 +0100 @@ -1,9 +1,20 @@ -flatpak (0.8.7-1~deb9u1) stretch; urgency=medium +flatpak (0.8.7-2~deb9u1) stretch; urgency=medium * Rebuild for stretch + * Merge changelog from stretch-security * debian/gbp.conf: Switch branch to debian/stretch - -- Simon McVittie <s...@debian.org> Wed, 21 Jun 2017 12:36:34 +0100 + -- Simon McVittie <s...@debian.org> Mon, 31 Jul 2017 08:44:53 +0100 + +flatpak (0.8.7-2) unstable; urgency=medium + + * Move upstreamed patch to debian/patches/0.9.1/ to make it obvious + when it can be dropped + * d/p/0.8.8/: add patches backported from upstream 0.9.4, 0.9.6, + together with a new patch to the tests, to restore compatibility + with libostree 2017.7 (all applied upstream already) + + -- Simon McVittie <s...@debian.org> Wed, 28 Jun 2017 11:55:18 +0100 flatpak (0.8.7-1) unstable; urgency=high @@ -20,6 +31,20 @@ -- Simon McVittie <s...@debian.org> Wed, 21 Jun 2017 09:50:09 +0100 +flatpak (0.8.5-2+deb9u1) stretch-security; urgency=high + + * d/p/Ensure-we-don-t-install-world-writable-dirs-or-setuid-fil.patch: + Patch from upstream stable release 0.8.7. + Prevent deploying files with inappropriate permissions + (world-writable, setuid, etc.) (Closes: #865413) + * d/p/dir-Ensure-.local-share-flatpak-is-0700.patch: + Patch from upstream stable release 0.8.7. + Make ~/.local/share/flatpak private to user to defend against app + vendors that might have released files with inappropriate permissions + in the past + + -- Simon McVittie <s...@debian.org> Wed, 21 Jun 2017 12:05:49 +0100 + flatpak (0.8.6-1) unstable; urgency=medium * New upstream release diff -Nru --exclude aclocal.m4 --exclude configure --exclude config.guess --exclude config.sub --exclude po --exclude html --exclude Makefile.in flatpak-0.8.7/debian/patches/0.8.8/common-Store-the-summary-signature-in-the-cache-too.patch flatpak-0.8.7/debian/patches/0.8.8/common-Store-the-summary-signature-in-the-cache-too.patch --- flatpak-0.8.7/debian/patches/0.8.8/common-Store-the-summary-signature-in-the-cache-too.patch 1970-01-01 01:00:00.000000000 +0100 +++ flatpak-0.8.7/debian/patches/0.8.8/common-Store-the-summary-signature-in-the-cache-too.patch 2017-07-31 08:44:53.000000000 +0100 @@ -0,0 +1,226 @@ +From: Alexander Larsson <al...@redhat.com> +Date: Mon, 8 May 2017 12:00:32 +0200 +Subject: common: Store the summary signature in the cache too + +We will need this later + +Origin: backport, 0.9.4, commit:b06e38073a17dc2e67a7774768100f6cc9769791 +Forwarded: https://github.com/flatpak/flatpak/pull/874 +Applied-upstream: 0.8.8, commit:f76f5002368b73360d48093dfae72ad9de53c6eb +--- + common/flatpak-dir.c | 60 ++++++++++++++++++++++++++++++++++------------------ + 1 file changed, 39 insertions(+), 21 deletions(-) + +diff --git a/common/flatpak-dir.c b/common/flatpak-dir.c +index 819027b..f83fb71 100644 +--- a/common/flatpak-dir.c ++++ b/common/flatpak-dir.c +@@ -61,12 +61,14 @@ static OstreeRepo * flatpak_dir_create_system_child_repo (FlatpakDir *self, + static gboolean flatpak_dir_remote_fetch_summary (FlatpakDir *self, + const char *name, + GBytes **out_summary, ++ GBytes **out_summary_sig, + GCancellable *cancellable, + GError **error); + + typedef struct + { + GBytes *bytes; ++ GBytes *bytes_sig; + char *remote; + char *url; + guint64 time; +@@ -2250,7 +2252,7 @@ flatpak_dir_pull (FlatpakDir *self, + g_autoptr(GVariant) summary = NULL; + + if (!flatpak_dir_remote_fetch_summary (self, repository, +- &summary_bytes, ++ &summary_bytes, NULL, + cancellable, error)) + return FALSE; + +@@ -4869,7 +4871,7 @@ flatpak_dir_update (FlatpakDir *self, + } + } + else if (flatpak_dir_remote_fetch_summary (self, remote_name, +- &summary_bytes, ++ &summary_bytes, NULL, + cancellable, NULL)) + { + g_autoptr(GVariant) summary = +@@ -5716,6 +5718,8 @@ static void + cached_summary_free (CachedSummary *summary) + { + g_bytes_unref (summary->bytes); ++ if (summary->bytes_sig) ++ g_bytes_unref (summary->bytes_sig); + g_free (summary->remote); + g_free (summary->url); + g_free (summary); +@@ -5723,24 +5727,29 @@ cached_summary_free (CachedSummary *summary) + + static CachedSummary * + cached_summary_new (GBytes *bytes, ++ GBytes *bytes_sig, + const char *remote, + const char *url) + { + CachedSummary *summary = g_new0 (CachedSummary, 1); + summary->bytes = g_bytes_ref (bytes); ++ if (bytes_sig) ++ summary->bytes_sig = g_bytes_ref (bytes_sig); + summary->url = g_strdup (url); + summary->remote = g_strdup (remote); + summary->time = g_get_monotonic_time (); + return summary; + } + +-static GBytes * ++static gboolean + flatpak_dir_lookup_cached_summary (FlatpakDir *self, ++ GBytes **bytes_out, ++ GBytes **bytes_sig_out, + const char *name, + const char *url) + { + CachedSummary *summary; +- GBytes *res = NULL; ++ gboolean res = FALSE; + + G_LOCK (cache); + +@@ -5755,7 +5764,15 @@ flatpak_dir_lookup_cached_summary (FlatpakDir *self, + strcmp (url, summary->url) == 0) + { + g_debug ("Using cached summary for remote %s", name); +- res = g_bytes_ref (summary->bytes); ++ *bytes_out = g_bytes_ref (summary->bytes); ++ if (bytes_sig_out) ++ { ++ if (summary->bytes_sig) ++ *bytes_sig_out = g_bytes_ref (summary->bytes_sig); ++ else ++ *bytes_sig_out = NULL; ++ } ++ res = TRUE; + } + } + +@@ -5767,6 +5784,7 @@ flatpak_dir_lookup_cached_summary (FlatpakDir *self, + static void + flatpak_dir_cache_summary (FlatpakDir *self, + GBytes *bytes, ++ GBytes *bytes_sig, + const char *name, + const char *url) + { +@@ -5781,7 +5799,7 @@ flatpak_dir_cache_summary (FlatpakDir *self, + /* This was already initialized in the cache-miss lookup */ + g_assert (self->summary_cache != NULL); + +- summary = cached_summary_new (bytes, name, url); ++ summary = cached_summary_new (bytes, bytes_sig, name, url); + g_hash_table_replace (self->summary_cache, summary->remote, summary); + + G_UNLOCK (cache); +@@ -5886,6 +5904,7 @@ static gboolean + flatpak_dir_remote_fetch_summary (FlatpakDir *self, + const char *name, + GBytes **out_summary, ++ GBytes **out_summary_sig, + GCancellable *cancellable, + GError **error) + { +@@ -5893,7 +5912,8 @@ flatpak_dir_remote_fetch_summary (FlatpakDir *self, + gboolean is_local; + g_autoptr(GError) local_error = NULL; + g_autofree char *oci_uri = NULL; +- GBytes *summary; ++ g_autoptr(GBytes) summary = NULL; ++ g_autoptr(GBytes) summary_sig = NULL; + + if (!ostree_repo_remote_get_url (self->repo, name, &url, error)) + return FALSE; +@@ -5903,12 +5923,8 @@ flatpak_dir_remote_fetch_summary (FlatpakDir *self, + /* No caching for local files */ + if (!is_local) + { +- GBytes *cached_summary = flatpak_dir_lookup_cached_summary (self, name, url); +- if (cached_summary) +- { +- *out_summary = cached_summary; +- return TRUE; +- } ++ if (flatpak_dir_lookup_cached_summary (self, out_summary, out_summary_sig, name, url)) ++ return TRUE; + } + + /* Seems ostree asserts if this is NULL */ +@@ -5928,7 +5944,7 @@ flatpak_dir_remote_fetch_summary (FlatpakDir *self, + else + { + if (!ostree_repo_remote_fetch_summary (self->repo, name, +- &summary, NULL, ++ &summary, &summary_sig, + cancellable, + error)) + return FALSE; +@@ -5939,9 +5955,11 @@ flatpak_dir_remote_fetch_summary (FlatpakDir *self, + "Check the URL passed to remote-add was valid\n", name); + + if (!is_local) +- flatpak_dir_cache_summary (self, summary, name, url); ++ flatpak_dir_cache_summary (self, summary, summary_sig, name, url); + +- *out_summary = summary; ++ *out_summary = g_steal_pointer (&summary); ++ if (out_summary_sig) ++ *out_summary_sig = g_steal_pointer (&summary_sig); + + return TRUE; + } +@@ -5956,7 +5974,7 @@ flatpak_dir_remote_has_ref (FlatpakDir *self, + g_autoptr(GError) local_error = NULL; + + if (!flatpak_dir_remote_fetch_summary (self, remote, +- &summary_bytes, ++ &summary_bytes, NULL, + NULL, &local_error)) + { + g_debug ("Can't get summary for remote %s: %s\n", remote, local_error->message); +@@ -5986,7 +6004,7 @@ flatpak_dir_remote_list_refs (FlatpakDir *self, + GVariant *child; + + if (!flatpak_dir_remote_fetch_summary (self, remote_name, +- &summary_bytes, ++ &summary_bytes, NULL, + cancellable, error)) + return FALSE; + +@@ -7362,7 +7380,7 @@ fetch_remote_summary_file (FlatpakDir *self, + return NULL; + + if (!flatpak_dir_remote_fetch_summary (self, remote, +- &summary_bytes, ++ &summary_bytes, NULL, + cancellable, error)) + return NULL; + +@@ -7633,7 +7651,7 @@ flatpak_dir_fetch_ref_cache (FlatpakDir *self, + return FALSE; + + if (!flatpak_dir_remote_fetch_summary (self, remote_name, +- &summary_bytes, ++ &summary_bytes, NULL, + cancellable, error)) + return FALSE; + +@@ -7776,7 +7794,7 @@ flatpak_dir_find_remote_related (FlatpakDir *self, + return g_steal_pointer (&related); /* Empty url, silently disables updates */ + + if (!flatpak_dir_remote_fetch_summary (self, remote_name, +- &summary_bytes, ++ &summary_bytes, NULL, + cancellable, error)) + return NULL; + diff -Nru --exclude aclocal.m4 --exclude configure --exclude config.guess --exclude config.sub --exclude po --exclude html --exclude Makefile.in flatpak-0.8.7/debian/patches/0.8.8/install-Manually-save-summary-.sig-in-cache-repo.patch flatpak-0.8.7/debian/patches/0.8.8/install-Manually-save-summary-.sig-in-cache-repo.patch --- flatpak-0.8.7/debian/patches/0.8.8/install-Manually-save-summary-.sig-in-cache-repo.patch 1970-01-01 01:00:00.000000000 +0100 +++ flatpak-0.8.7/debian/patches/0.8.8/install-Manually-save-summary-.sig-in-cache-repo.patch 2017-07-31 08:44:53.000000000 +0100 @@ -0,0 +1,61 @@ +From: Alexander Larsson <al...@redhat.com> +Date: Mon, 19 Jun 2017 13:09:33 +0200 +Subject: install: Manually save summary[.sig] in cache repo + +With the latest ostree, pull --mirror does not mirror the +summary for partial pulls, so system-wide installs fail. We +fix it by manually updating the summary. + +Origin: backport, 0.9.6, commit:e987d92ad03981895a2a60db4f82420a12cd6cb7 +Forwarded: https://github.com/flatpak/flatpak/pull/874 +Applied-upstream: 0.8.8, commit:82495934823a501dccd54486143dee790ffe3f32 +--- + common/flatpak-dir.c | 23 +++++++++++++++++++++++ + 1 file changed, 23 insertions(+) + +diff --git a/common/flatpak-dir.c b/common/flatpak-dir.c +index f83fb71..83c0f1b 100644 +--- a/common/flatpak-dir.c ++++ b/common/flatpak-dir.c +@@ -4509,11 +4509,20 @@ flatpak_dir_install (FlatpakDir *self, + /* We're pulling from a remote source, we do the network mirroring pull as a + user and hand back the resulting data to the system-helper, that trusts us + due to the GPG signatures in the repo */ ++ g_autoptr(GBytes) summary_copy = NULL; ++ g_autoptr(GBytes) summary_sig_copy = NULL; ++ g_autoptr(GFile) summary_file = NULL; ++ g_autoptr(GFile) summary_sig_file = NULL; + + child_repo = flatpak_dir_create_system_child_repo (self, &child_repo_lock, error); + if (child_repo == NULL) + return FALSE; + ++ if (!flatpak_dir_remote_fetch_summary (self, remote_name, ++ &summary_copy, &summary_sig_copy, ++ cancellable, error)) ++ return FALSE; ++ + if (!flatpak_dir_pull (self, remote_name, ref, NULL, subpaths, + child_repo, + FLATPAK_PULL_FLAGS_DOWNLOAD_EXTRA_DATA | FLATPAK_PULL_FLAGS_SIDELOAD_EXTRA_DATA, +@@ -4521,6 +4530,20 @@ flatpak_dir_install (FlatpakDir *self, + progress, cancellable, error)) + return FALSE; + ++ summary_file = g_file_get_child (ostree_repo_get_path (child_repo), "summary"); ++ if (!g_file_replace_contents (summary_file, ++ g_bytes_get_data (summary_copy, NULL), ++ g_bytes_get_size (summary_copy), ++ NULL, FALSE, 0, NULL, cancellable, NULL)) ++ return FALSE; ++ ++ summary_sig_file = g_file_get_child (ostree_repo_get_path (child_repo), "summary.sig"); ++ if (!g_file_replace_contents (summary_sig_file, ++ g_bytes_get_data (summary_sig_copy, NULL), ++ g_bytes_get_size (summary_sig_copy), ++ NULL, FALSE, 0, NULL, cancellable, NULL)) ++ return FALSE; ++ + child_repo_path = g_file_get_path (ostree_repo_get_path (child_repo)); + } + diff -Nru --exclude aclocal.m4 --exclude configure --exclude config.guess --exclude config.sub --exclude po --exclude html --exclude Makefile.in flatpak-0.8.7/debian/patches/0.8.8/Manually-copy-summary-for-update-and-appdata-too.patch flatpak-0.8.7/debian/patches/0.8.8/Manually-copy-summary-for-update-and-appdata-too.patch --- flatpak-0.8.7/debian/patches/0.8.8/Manually-copy-summary-for-update-and-appdata-too.patch 1970-01-01 01:00:00.000000000 +0100 +++ flatpak-0.8.7/debian/patches/0.8.8/Manually-copy-summary-for-update-and-appdata-too.patch 2017-07-31 08:44:53.000000000 +0100 @@ -0,0 +1,100 @@ +From: Alexander Larsson <al...@redhat.com> +Date: Mon, 19 Jun 2017 15:01:19 +0200 +Subject: Manually copy summary for update and appdata too + +Origin: backport, 0.9.6, commit:67ffd9a0b6f2f76de8aa08e6eb00505e48c48cbd +Forwarded: https://github.com/flatpak/flatpak/pull/874 +Applied-upstream: 0.8.8, commit:0723efdcc8f960cadf6d9235f0e93e715f287fd0 +--- + common/flatpak-dir.c | 46 ++++++++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 46 insertions(+) + +diff --git a/common/flatpak-dir.c b/common/flatpak-dir.c +index 83c0f1b..4f6f54d 100644 +--- a/common/flatpak-dir.c ++++ b/common/flatpak-dir.c +@@ -1652,6 +1652,10 @@ flatpak_dir_update_appstream (FlatpakDir *self, + g_autoptr(OstreeRepo) child_repo = NULL; + g_auto(GLnxLockFile) child_repo_lock = GLNX_LOCK_FILE_INIT; + FlatpakSystemHelper *system_helper; ++ g_autoptr(GBytes) summary_copy = NULL; ++ g_autoptr(GBytes) summary_sig_copy = NULL; ++ g_autoptr(GFile) summary_file = NULL; ++ g_autoptr(GFile) summary_sig_file = NULL; + + child_repo = flatpak_dir_create_system_child_repo (self, &child_repo_lock, error); + if (child_repo == NULL) +@@ -1661,11 +1665,30 @@ flatpak_dir_update_appstream (FlatpakDir *self, + + g_assert (system_helper != NULL); + ++ if (!flatpak_dir_remote_fetch_summary (self, remote, ++ &summary_copy, &summary_sig_copy, ++ cancellable, error)) ++ return FALSE; ++ + if (!flatpak_dir_pull (self, remote, branch, NULL, NULL, + child_repo, FLATPAK_PULL_FLAGS_NONE, OSTREE_REPO_PULL_FLAGS_MIRROR, + progress, cancellable, error)) + return FALSE; + ++ summary_file = g_file_get_child (ostree_repo_get_path (child_repo), "summary"); ++ if (!g_file_replace_contents (summary_file, ++ g_bytes_get_data (summary_copy, NULL), ++ g_bytes_get_size (summary_copy), ++ NULL, FALSE, 0, NULL, cancellable, NULL)) ++ return FALSE; ++ ++ summary_sig_file = g_file_get_child (ostree_repo_get_path (child_repo), "summary.sig"); ++ if (!g_file_replace_contents (summary_sig_file, ++ g_bytes_get_data (summary_sig_copy, NULL), ++ g_bytes_get_size (summary_sig_copy), ++ NULL, FALSE, 0, NULL, cancellable, NULL)) ++ return FALSE; ++ + if (!ostree_repo_resolve_rev (child_repo, branch, TRUE, &new_checksum, error)) + return FALSE; + +@@ -4979,6 +5002,10 @@ flatpak_dir_update (FlatpakDir *self, + user and hand back the resulting data to the system-helper, that trusts us + due to the GPG signatures in the repo */ + FlatpakPullFlags flatpak_flags; ++ g_autoptr(GBytes) summary_copy = NULL; ++ g_autoptr(GBytes) summary_sig_copy = NULL; ++ g_autoptr(GFile) summary_file = NULL; ++ g_autoptr(GFile) summary_sig_file = NULL; + + child_repo = flatpak_dir_create_system_child_repo (self, &child_repo_lock, error); + if (child_repo == NULL) +@@ -4988,12 +5015,31 @@ flatpak_dir_update (FlatpakDir *self, + if (checksum_or_latest != NULL) + flatpak_flags |= FLATPAK_PULL_FLAGS_ALLOW_DOWNGRADE; + ++ if (!flatpak_dir_remote_fetch_summary (self, remote_name, ++ &summary_copy, &summary_sig_copy, ++ cancellable, error)) ++ return FALSE; ++ + if (!flatpak_dir_pull (self, remote_name, ref, rev, subpaths, + child_repo, + flatpak_flags, OSTREE_REPO_PULL_FLAGS_MIRROR, + progress, cancellable, error)) + return FALSE; + ++ summary_file = g_file_get_child (ostree_repo_get_path (child_repo), "summary"); ++ if (!g_file_replace_contents (summary_file, ++ g_bytes_get_data (summary_copy, NULL), ++ g_bytes_get_size (summary_copy), ++ NULL, FALSE, 0, NULL, cancellable, NULL)) ++ return FALSE; ++ ++ summary_sig_file = g_file_get_child (ostree_repo_get_path (child_repo), "summary.sig"); ++ if (!g_file_replace_contents (summary_sig_file, ++ g_bytes_get_data (summary_sig_copy, NULL), ++ g_bytes_get_size (summary_sig_copy), ++ NULL, FALSE, 0, NULL, cancellable, NULL)) ++ return FALSE; ++ + if (!ostree_repo_resolve_rev (child_repo, ref, FALSE, &latest_checksum, error)) + return FALSE; + diff -Nru --exclude aclocal.m4 --exclude configure --exclude config.guess --exclude config.sub --exclude po --exclude html --exclude Makefile.in flatpak-0.8.7/debian/patches/0.8.8/test-run-Allow-org.test.Setuid-to-install-as-long-as-it-s.patch flatpak-0.8.7/debian/patches/0.8.8/test-run-Allow-org.test.Setuid-to-install-as-long-as-it-s.patch --- flatpak-0.8.7/debian/patches/0.8.8/test-run-Allow-org.test.Setuid-to-install-as-long-as-it-s.patch 1970-01-01 01:00:00.000000000 +0100 +++ flatpak-0.8.7/debian/patches/0.8.8/test-run-Allow-org.test.Setuid-to-install-as-long-as-it-s.patch 2017-07-31 08:44:53.000000000 +0100 @@ -0,0 +1,66 @@ +From: Simon McVittie <s...@debian.org> +Date: Wed, 28 Jun 2017 10:47:29 +0100 +Subject: test-run: Allow org.test.Setuid to install, + as long as it's not setuid + +libostree attempts to strip the setuid and setgid bits from file +permissions in user-mode checkouts, which, if successful, would make +Flatpak's check for setuid ineffective and unnecessary. In versions +older than 2017.7 this was not consistently applied, making commits +2c8e241 and 02a299f necessary to defeat CVE-2017-9780 (see #845). + +libostree 2017.7 removes setuid and setgid bits more thoroughly +as a result of fixing https://github.com/ostreedev/ostree/issues/633 +in PR https://github.com/ostreedev/ostree/pull/903, which means that +this test fails when linking flatpak 0.8.x to libostree 2017.7. + +Signed-off-by: Simon McVittie <s...@debian.org> +Forwarded: https://github.com/flatpak/flatpak/pull/874 +Applied-upstream: 0.8.8, commit:3ba6e122e1ba49aae6129d7af444fd8db48e6b7e +--- + tests/libtest.sh | 8 ++++++++ + tests/test-run.sh | 7 ++++--- + 2 files changed, 12 insertions(+), 3 deletions(-) + +diff --git a/tests/libtest.sh b/tests/libtest.sh +index 8f415b4..0f35195 100644 +--- a/tests/libtest.sh ++++ b/tests/libtest.sh +@@ -138,6 +138,14 @@ assert_not_file_has_content () { + fi + } + ++assert_file_has_mode () { ++ mode=$(stat -c '%a' $1) ++ if [ "$mode" != "$2" ]; then ++ echo 1>&2 "File '$1' has wrong mode: expected $2, but got $mode" ++ exit 1 ++ fi ++} ++ + assert_not_has_dir () { + if test -d "$1"; then + echo 1>&2 "Directory '$1' exists"; exit 1 +diff --git a/tests/test-run.sh b/tests/test-run.sh +index 2b70ff2..934dad3 100755 +--- a/tests/test-run.sh ++++ b/tests/test-run.sh +@@ -358,14 +358,15 @@ rm -rf app + flatpak build-init app org.test.Setuid org.test.Platform org.test.Platform + mkdir -p app/files/ + touch app/files/exe +-chmod u+s app/files/exe ++chmod 04644 app/files/exe + flatpak build-finish --command=hello.sh app + ostree --repo=repos/test commit ${FL_GPGARGS} --branch=app/org.test.Setuid/$ARCH/master app + update_repo + + if ${FLATPAK} ${U} install test-repo org.test.Setuid &> err2.txt; then +- assert_not_reached "Should not be able to install with setuid file" ++ assert_file_has_mode "$FL_DIR/app/org.test.Setuid/$ARCH/master/active/files/exe" 644 ++else ++ assert_file_has_content err2.txt [Ii]nvalid + fi +-assert_file_has_content err2.txt [Ii]nvalid + + echo "ok no setuid" diff -Nru --exclude aclocal.m4 --exclude configure --exclude config.guess --exclude config.sub --exclude po --exclude html --exclude Makefile.in flatpak-0.8.7/debian/patches/0.9.1/Improve-and-simplify-profile-snippet.patch flatpak-0.8.7/debian/patches/0.9.1/Improve-and-simplify-profile-snippet.patch --- flatpak-0.8.7/debian/patches/0.9.1/Improve-and-simplify-profile-snippet.patch 1970-01-01 01:00:00.000000000 +0100 +++ flatpak-0.8.7/debian/patches/0.9.1/Improve-and-simplify-profile-snippet.patch 2017-07-31 08:44:53.000000000 +0100 @@ -0,0 +1,46 @@ +From: Simon McVittie <s...@debian.org> +Date: Fri, 10 Mar 2017 20:01:49 +0000 +Subject: Improve and simplify profile snippet + +Avoid setting a temporary variable flatpak_dirs which, while not +exported to the environment, would still be defined as a +shell "parameter" (variable) in the login shell itself. + +Consistently put the Flatpak directories before other XDG_DATA_DIRS, +rather than putting them last if XDG_DATA_DIRS happens to be already +set. + +Expand XDG_DATA_HOME if necessary, rather than assuming it will +always be ~/.local/share. + +I don't know exactly which shells source profile.d, but it's possible +that one of them might only implement POSIX test syntax, so prefer +[ x = y ] over [ x == y ]. + +Fix some insufficient quoting that could have gone wrong if +XDG_DATA_DIRS somehow contained spaces. + +Signed-off-by: Simon McVittie <s...@debian.org> +Applied-upstream: 0.9.1, commit:e572311a26911b74e96c593987e250fb4bbc532b +--- + profile/flatpak.sh.in | 8 ++------ + 1 file changed, 2 insertions(+), 6 deletions(-) + +diff --git a/profile/flatpak.sh.in b/profile/flatpak.sh.in +index cc9c342..8b350e8 100644 +--- a/profile/flatpak.sh.in ++++ b/profile/flatpak.sh.in +@@ -1,11 +1,7 @@ + # @sysconfdir@/profile.d/flatpak.sh - set XDG_DATA_DIRS + +-flatpak_dirs=$HOME/.local/share/flatpak/exports/share/:@localstatedir@/lib/flatpak/exports/share/ +- +-if [ -z "${XDG_DATA_DIRS}" ]; then +- XDG_DATA_DIRS="$flatpak_dirs:/usr/local/share/:/usr/share/" +-elif [ "${XDG_DATA_DIRS#*flatpak}" == ${XDG_DATA_DIRS} ]; then +- XDG_DATA_DIRS="$XDG_DATA_DIRS:$flatpak_dirs" ++if [ "${XDG_DATA_DIRS#*flatpak}" = "${XDG_DATA_DIRS}" ]; then ++ XDG_DATA_DIRS="${XDG_DATA_HOME:-"$HOME/.local/share"}/flatpak/exports/share:@localstatedir@/lib/flatpak/exports/share:${XDG_DATA_DIRS:-/usr/local/share:/usr/share}" + fi + + export XDG_DATA_DIRS diff -Nru --exclude aclocal.m4 --exclude configure --exclude config.guess --exclude config.sub --exclude po --exclude html --exclude Makefile.in flatpak-0.8.7/debian/patches/Improve-and-simplify-profile-snippet.patch flatpak-0.8.7/debian/patches/Improve-and-simplify-profile-snippet.patch --- flatpak-0.8.7/debian/patches/Improve-and-simplify-profile-snippet.patch 2017-06-21 12:36:34.000000000 +0100 +++ flatpak-0.8.7/debian/patches/Improve-and-simplify-profile-snippet.patch 1970-01-01 01:00:00.000000000 +0100 @@ -1,46 +0,0 @@ -From: Simon McVittie <s...@debian.org> -Date: Fri, 10 Mar 2017 20:01:49 +0000 -Subject: Improve and simplify profile snippet - -Avoid setting a temporary variable flatpak_dirs which, while not -exported to the environment, would still be defined as a -shell "parameter" (variable) in the login shell itself. - -Consistently put the Flatpak directories before other XDG_DATA_DIRS, -rather than putting them last if XDG_DATA_DIRS happens to be already -set. - -Expand XDG_DATA_HOME if necessary, rather than assuming it will -always be ~/.local/share. - -I don't know exactly which shells source profile.d, but it's possible -that one of them might only implement POSIX test syntax, so prefer -[ x = y ] over [ x == y ]. - -Fix some insufficient quoting that could have gone wrong if -XDG_DATA_DIRS somehow contained spaces. - -Signed-off-by: Simon McVittie <s...@debian.org> -Applied-upstream: 0.9.1, commit:e572311a26911b74e96c593987e250fb4bbc532b ---- - profile/flatpak.sh.in | 8 ++------ - 1 file changed, 2 insertions(+), 6 deletions(-) - -diff --git a/profile/flatpak.sh.in b/profile/flatpak.sh.in -index cc9c342..8b350e8 100644 ---- a/profile/flatpak.sh.in -+++ b/profile/flatpak.sh.in -@@ -1,11 +1,7 @@ - # @sysconfdir@/profile.d/flatpak.sh - set XDG_DATA_DIRS - --flatpak_dirs=$HOME/.local/share/flatpak/exports/share/:@localstatedir@/lib/flatpak/exports/share/ -- --if [ -z "${XDG_DATA_DIRS}" ]; then -- XDG_DATA_DIRS="$flatpak_dirs:/usr/local/share/:/usr/share/" --elif [ "${XDG_DATA_DIRS#*flatpak}" == ${XDG_DATA_DIRS} ]; then -- XDG_DATA_DIRS="$XDG_DATA_DIRS:$flatpak_dirs" -+if [ "${XDG_DATA_DIRS#*flatpak}" = "${XDG_DATA_DIRS}" ]; then -+ XDG_DATA_DIRS="${XDG_DATA_HOME:-"$HOME/.local/share"}/flatpak/exports/share:@localstatedir@/lib/flatpak/exports/share:${XDG_DATA_DIRS:-/usr/local/share:/usr/share}" - fi - - export XDG_DATA_DIRS diff -Nru --exclude aclocal.m4 --exclude configure --exclude config.guess --exclude config.sub --exclude po --exclude html --exclude Makefile.in flatpak-0.8.7/debian/patches/series flatpak-0.8.7/debian/patches/series --- flatpak-0.8.7/debian/patches/series 2017-06-21 12:36:34.000000000 +0100 +++ flatpak-0.8.7/debian/patches/series 2017-07-31 08:44:53.000000000 +0100 @@ -1 +1,5 @@ -Improve-and-simplify-profile-snippet.patch +0.8.8/test-run-Allow-org.test.Setuid-to-install-as-long-as-it-s.patch +0.8.8/common-Store-the-summary-signature-in-the-cache-too.patch +0.8.8/install-Manually-save-summary-.sig-in-cache-repo.patch +0.8.8/Manually-copy-summary-for-update-and-appdata-too.patch +0.9.1/Improve-and-simplify-profile-snippet.patch
