|
|
55c332 |
From 3f5235e925ba6555cd9c639684660356867c952f Mon Sep 17 00:00:00 2001
|
|
|
55c332 |
From: "Owen W. Taylor" <otaylor@fishsoup.net>
|
|
|
55c332 |
Date: Fri, 30 Nov 2018 16:11:06 -0500
|
|
|
55c332 |
Subject: [PATCH 1/3] flatpak_cache_http_uri: save downloaded files with
|
|
|
55c332 |
permission 0644
|
|
|
55c332 |
|
|
|
55c332 |
Previously, downloaded files were being saved with 0600 permissions,
|
|
|
55c332 |
which prevented OCI icons downloaded by the system helper at appstream
|
|
|
55c332 |
creation time from being read by users.
|
|
|
55c332 |
|
|
|
55c332 |
Closes: #2362
|
|
|
55c332 |
Approved by: matthiasclasen
|
|
|
55c332 |
---
|
|
|
55c332 |
common/flatpak-utils-http.c | 3 +++
|
|
|
55c332 |
1 file changed, 3 insertions(+)
|
|
|
55c332 |
|
|
|
55c332 |
diff --git a/common/flatpak-utils-http.c b/common/flatpak-utils-http.c
|
|
|
55c332 |
index 53074162..997c9db8 100644
|
|
|
55c332 |
--- a/common/flatpak-utils-http.c
|
|
|
55c332 |
+++ b/common/flatpak-utils-http.c
|
|
|
55c332 |
@@ -645,6 +645,9 @@ sync_and_rename_tmpfile (GLnxTmpfile *tmpfile,
|
|
|
55c332 |
if (fdatasync (tmpfile->fd) != 0)
|
|
|
55c332 |
return glnx_throw_errno_prefix (error, "fdatasync");
|
|
|
55c332 |
|
|
|
55c332 |
+ if (fchmod (tmpfile->fd, 0644) != 0)
|
|
|
55c332 |
+ return glnx_throw_errno_prefix (error, "fchmod");
|
|
|
55c332 |
+
|
|
|
55c332 |
if (!glnx_link_tmpfile_at (tmpfile,
|
|
|
55c332 |
GLNX_LINK_TMPFILE_REPLACE,
|
|
|
55c332 |
tmpfile->src_dfd, dest_name, error))
|
|
|
55c332 |
--
|
|
|
55c332 |
2.19.2
|
|
|
55c332 |
|
|
|
55c332 |
|
|
|
55c332 |
From 3263827dbbd4d84919899e91ca066d2d3cf338bc Mon Sep 17 00:00:00 2001
|
|
|
55c332 |
From: Alexander Larsson <alexl@redhat.com>
|
|
|
55c332 |
Date: Fri, 30 Nov 2018 10:30:20 +0100
|
|
|
55c332 |
Subject: [PATCH 2/3] OCI: Use system helper to generate summary for OCI
|
|
|
55c332 |
remotes
|
|
|
55c332 |
|
|
|
55c332 |
The OCI support relies on downloading a json index and converting it
|
|
|
55c332 |
to a ostree-style summary, which we the use in all sorts of operations
|
|
|
55c332 |
in the client code. Currently this happens in the user code, which means
|
|
|
55c332 |
that it will fail (due to permissions) in the system installation case.
|
|
|
55c332 |
|
|
|
55c332 |
We could do the conversion as the user, but when eventually installing
|
|
|
55c332 |
something the system-helper will anyway do this download and
|
|
|
55c332 |
conversion, so that would only double the work and risk things going out
|
|
|
55c332 |
of sync. Also, the OCI index is not gpg signed, so we can't realy on
|
|
|
55c332 |
downloads done as the user.
|
|
|
55c332 |
|
|
|
55c332 |
So, the solution done here is to add a GenerateOciSummary
|
|
|
55c332 |
system-helper call which we use instead of directly generating the
|
|
|
55c332 |
oci summary.
|
|
|
55c332 |
|
|
|
55c332 |
This fixes https://github.com/flatpak/flatpak/issues/2350
|
|
|
55c332 |
|
|
|
55c332 |
Closes: #2363
|
|
|
55c332 |
Approved by: matthiasclasen
|
|
|
55c332 |
---
|
|
|
55c332 |
common/flatpak-dir-private.h | 5 ++
|
|
|
55c332 |
common/flatpak-dir.c | 94 +++++++++++++++++++--------
|
|
|
55c332 |
data/org.freedesktop.Flatpak.xml | 5 ++
|
|
|
55c332 |
system-helper/flatpak-system-helper.c | 52 ++++++++++++++-
|
|
|
55c332 |
4 files changed, 129 insertions(+), 27 deletions(-)
|
|
|
55c332 |
|
|
|
55c332 |
diff --git a/common/flatpak-dir-private.h b/common/flatpak-dir-private.h
|
|
|
55c332 |
index 64a72758..f6126056 100644
|
|
|
55c332 |
--- a/common/flatpak-dir-private.h
|
|
|
55c332 |
+++ b/common/flatpak-dir-private.h
|
|
|
55c332 |
@@ -718,6 +718,11 @@ FlatpakRemoteState * flatpak_dir_get_remote_state_for_summary (FlatpakDir *sel
|
|
|
55c332 |
GBytes *opt_summary_sig,
|
|
|
55c332 |
GCancellable *cancellable,
|
|
|
55c332 |
GError **error);
|
|
|
55c332 |
+gboolean flatpak_dir_remote_make_oci_summary (FlatpakDir *self,
|
|
|
55c332 |
+ const char *remote,
|
|
|
55c332 |
+ GBytes **out_summary,
|
|
|
55c332 |
+ GCancellable *cancellable,
|
|
|
55c332 |
+ GError **error);
|
|
|
55c332 |
FlatpakRemoteState * flatpak_dir_get_remote_state_optional (FlatpakDir *self,
|
|
|
55c332 |
const char *remote,
|
|
|
55c332 |
GCancellable *cancellable,
|
|
|
55c332 |
diff --git a/common/flatpak-dir.c b/common/flatpak-dir.c
|
|
|
55c332 |
index 828945ca..7853b74a 100644
|
|
|
55c332 |
--- a/common/flatpak-dir.c
|
|
|
55c332 |
+++ b/common/flatpak-dir.c
|
|
|
55c332 |
@@ -1385,6 +1385,22 @@ flatpak_dir_system_helper_call_update_summary (FlatpakDir *self,
|
|
|
55c332 |
return ret != NULL;
|
|
|
55c332 |
}
|
|
|
55c332 |
|
|
|
55c332 |
+static gboolean
|
|
|
55c332 |
+flatpak_dir_system_helper_call_generate_oci_summary (FlatpakDir *self,
|
|
|
55c332 |
+ const gchar *arg_origin,
|
|
|
55c332 |
+ const gchar *arg_installation,
|
|
|
55c332 |
+ GCancellable *cancellable,
|
|
|
55c332 |
+ GError **error)
|
|
|
55c332 |
+{
|
|
|
55c332 |
+ g_autoptr(GVariant) ret =
|
|
|
55c332 |
+ flatpak_dir_system_helper_call (self, "GenerateOciSummary",
|
|
|
55c332 |
+ g_variant_new ("(ss)",
|
|
|
55c332 |
+ arg_origin,
|
|
|
55c332 |
+ arg_installation),
|
|
|
55c332 |
+ cancellable, error);
|
|
|
55c332 |
+ return ret != NULL;
|
|
|
55c332 |
+}
|
|
|
55c332 |
+
|
|
|
55c332 |
static OstreeRepo *
|
|
|
55c332 |
system_ostree_repo_new (GFile *repodir)
|
|
|
55c332 |
{
|
|
|
55c332 |
@@ -9088,7 +9104,7 @@ flatpak_dir_cache_summary (FlatpakDir *self,
|
|
|
55c332 |
G_UNLOCK (cache);
|
|
|
55c332 |
}
|
|
|
55c332 |
|
|
|
55c332 |
-static gboolean
|
|
|
55c332 |
+gboolean
|
|
|
55c332 |
flatpak_dir_remote_make_oci_summary (FlatpakDir *self,
|
|
|
55c332 |
const char *remote,
|
|
|
55c332 |
GBytes **out_summary,
|
|
|
55c332 |
@@ -9103,42 +9119,68 @@ flatpak_dir_remote_make_oci_summary (FlatpakDir *self,
|
|
|
55c332 |
g_autoptr(GError) local_error = NULL;
|
|
|
55c332 |
g_autoptr(GMappedFile) mfile = NULL;
|
|
|
55c332 |
g_autoptr(GBytes) cache_bytes = NULL;
|
|
|
55c332 |
+ g_autoptr(GBytes) summary_bytes = NULL;
|
|
|
55c332 |
|
|
|
55c332 |
- self_name = flatpak_dir_get_name (self);
|
|
|
55c332 |
-
|
|
|
55c332 |
- index_cache = flatpak_dir_update_oci_index (self, remote, &index_uri, cancellable, error);
|
|
|
55c332 |
- if (index_cache == NULL)
|
|
|
55c332 |
- return FALSE;
|
|
|
55c332 |
+ if (flatpak_dir_use_system_helper (self, NULL))
|
|
|
55c332 |
+ {
|
|
|
55c332 |
+ const char *installation = flatpak_dir_get_id (self);
|
|
|
55c332 |
|
|
|
55c332 |
- summary_cache = flatpak_dir_get_oci_summary_location (self, remote, error);
|
|
|
55c332 |
- if (summary_cache == NULL)
|
|
|
55c332 |
- return FALSE;
|
|
|
55c332 |
+ if (!flatpak_dir_system_helper_call_generate_oci_summary (self, remote,
|
|
|
55c332 |
+ installation ? installation : "",
|
|
|
55c332 |
+ cancellable, error))
|
|
|
55c332 |
+ return FALSE;
|
|
|
55c332 |
|
|
|
55c332 |
- if (check_destination_mtime (index_cache, summary_cache, cancellable))
|
|
|
55c332 |
+ summary_cache = flatpak_dir_get_oci_summary_location (self, remote, error);
|
|
|
55c332 |
+ if (summary_cache == NULL)
|
|
|
55c332 |
+ return FALSE;
|
|
|
55c332 |
+ }
|
|
|
55c332 |
+ else
|
|
|
55c332 |
{
|
|
|
55c332 |
- mfile = g_mapped_file_new (flatpak_file_get_path_cached (summary_cache), FALSE, NULL);
|
|
|
55c332 |
- if (mfile)
|
|
|
55c332 |
+ self_name = flatpak_dir_get_name (self);
|
|
|
55c332 |
+
|
|
|
55c332 |
+ index_cache = flatpak_dir_update_oci_index (self, remote, &index_uri, cancellable, error);
|
|
|
55c332 |
+ if (index_cache == NULL)
|
|
|
55c332 |
+ return FALSE;
|
|
|
55c332 |
+
|
|
|
55c332 |
+ summary_cache = flatpak_dir_get_oci_summary_location (self, remote, error);
|
|
|
55c332 |
+ if (summary_cache == NULL)
|
|
|
55c332 |
+ return FALSE;
|
|
|
55c332 |
+
|
|
|
55c332 |
+ if (!check_destination_mtime (index_cache, summary_cache, cancellable))
|
|
|
55c332 |
{
|
|
|
55c332 |
- cache_bytes = g_mapped_file_get_bytes (mfile);
|
|
|
55c332 |
- *out_summary = g_steal_pointer (&cache_bytes);
|
|
|
55c332 |
+ summary = flatpak_oci_index_make_summary (index_cache, index_uri, cancellable, &local_error);
|
|
|
55c332 |
+ if (summary == NULL)
|
|
|
55c332 |
+ {
|
|
|
55c332 |
+ g_propagate_error (error, g_steal_pointer (&local_error));
|
|
|
55c332 |
+ return FALSE;
|
|
|
55c332 |
+ }
|
|
|
55c332 |
+
|
|
|
55c332 |
+ summary_bytes = g_variant_get_data_as_bytes (summary);
|
|
|
55c332 |
+
|
|
|
55c332 |
+ if (!g_file_replace_contents (summary_cache,
|
|
|
55c332 |
+ g_bytes_get_data (summary_bytes, NULL),
|
|
|
55c332 |
+ g_bytes_get_size (summary_bytes),
|
|
|
55c332 |
+ NULL, FALSE, 0, NULL, cancellable, error))
|
|
|
55c332 |
+ {
|
|
|
55c332 |
+ g_prefix_error (error, _("Failed to write summary cache: "));
|
|
|
55c332 |
+ return FALSE;
|
|
|
55c332 |
+ }
|
|
|
55c332 |
+
|
|
|
55c332 |
+ if (out_summary)
|
|
|
55c332 |
+ *out_summary = g_steal_pointer (&summary_bytes);
|
|
|
55c332 |
return TRUE;
|
|
|
55c332 |
}
|
|
|
55c332 |
}
|
|
|
55c332 |
|
|
|
55c332 |
- summary = flatpak_oci_index_make_summary (index_cache, index_uri, cancellable, &local_error);
|
|
|
55c332 |
- if (summary == NULL)
|
|
|
55c332 |
+ if (out_summary)
|
|
|
55c332 |
{
|
|
|
55c332 |
- g_propagate_error (error, g_steal_pointer (&local_error));
|
|
|
55c332 |
- return FALSE;
|
|
|
55c332 |
- }
|
|
|
55c332 |
-
|
|
|
55c332 |
- *out_summary = g_variant_get_data_as_bytes (summary);
|
|
|
55c332 |
+ mfile = g_mapped_file_new (flatpak_file_get_path_cached (summary_cache), FALSE, error);
|
|
|
55c332 |
+ if (mfile == NULL)
|
|
|
55c332 |
+ return FALSE;
|
|
|
55c332 |
|
|
|
55c332 |
- if (!g_file_replace_contents (summary_cache,
|
|
|
55c332 |
- g_bytes_get_data (*out_summary, NULL),
|
|
|
55c332 |
- g_bytes_get_size (*out_summary),
|
|
|
55c332 |
- NULL, FALSE, 0, NULL, cancellable, NULL))
|
|
|
55c332 |
- g_warning ("Failed to write summary cache");
|
|
|
55c332 |
+ cache_bytes = g_mapped_file_get_bytes (mfile);
|
|
|
55c332 |
+ *out_summary = g_steal_pointer (&cache_bytes);
|
|
|
55c332 |
+ }
|
|
|
55c332 |
|
|
|
55c332 |
return TRUE;
|
|
|
55c332 |
}
|
|
|
55c332 |
diff --git a/data/org.freedesktop.Flatpak.xml b/data/org.freedesktop.Flatpak.xml
|
|
|
55c332 |
index 25dc8a02..8b1606c6 100644
|
|
|
55c332 |
--- a/data/org.freedesktop.Flatpak.xml
|
|
|
55c332 |
+++ b/data/org.freedesktop.Flatpak.xml
|
|
|
55c332 |
@@ -144,6 +144,11 @@
|
|
|
55c332 |
<arg type='s' name='installation' direction='in'/>
|
|
|
55c332 |
</method>
|
|
|
55c332 |
|
|
|
55c332 |
+ <method name="GenerateOciSummary">
|
|
|
55c332 |
+ <arg type='s' name='origin' direction='in'/>
|
|
|
55c332 |
+ <arg type='s' name='installation' direction='in'/>
|
|
|
55c332 |
+ </method>
|
|
|
55c332 |
+
|
|
|
55c332 |
</interface>
|
|
|
55c332 |
|
|
|
55c332 |
</node>
|
|
|
55c332 |
diff --git a/system-helper/flatpak-system-helper.c b/system-helper/flatpak-system-helper.c
|
|
|
55c332 |
index ce647b6e..29a2d3e1 100644
|
|
|
55c332 |
--- a/system-helper/flatpak-system-helper.c
|
|
|
55c332 |
+++ b/system-helper/flatpak-system-helper.c
|
|
|
55c332 |
@@ -1122,6 +1122,54 @@ handle_update_summary (FlatpakSystemHelper *object,
|
|
|
55c332 |
return TRUE;
|
|
|
55c332 |
}
|
|
|
55c332 |
|
|
|
55c332 |
+static gboolean
|
|
|
55c332 |
+handle_generate_oci_summary (FlatpakSystemHelper *object,
|
|
|
55c332 |
+ GDBusMethodInvocation *invocation,
|
|
|
55c332 |
+ const gchar *arg_origin,
|
|
|
55c332 |
+ const gchar *arg_installation)
|
|
|
55c332 |
+{
|
|
|
55c332 |
+ g_autoptr(FlatpakDir) system = NULL;
|
|
|
55c332 |
+ g_autoptr(GError) error = NULL;
|
|
|
55c332 |
+ gboolean is_oci;
|
|
|
55c332 |
+
|
|
|
55c332 |
+ g_debug ("GenerateOciSummary %s %s", arg_origin, arg_installation);
|
|
|
55c332 |
+
|
|
|
55c332 |
+ system = dir_get_system (arg_installation, &error);
|
|
|
55c332 |
+ if (system == NULL)
|
|
|
55c332 |
+ {
|
|
|
55c332 |
+ g_dbus_method_invocation_return_gerror (invocation, error);
|
|
|
55c332 |
+ return TRUE;
|
|
|
55c332 |
+ }
|
|
|
55c332 |
+
|
|
|
55c332 |
+ if (!flatpak_dir_ensure_repo (system, NULL, &error))
|
|
|
55c332 |
+ {
|
|
|
55c332 |
+ g_dbus_method_invocation_return_error (invocation, G_DBUS_ERROR, G_DBUS_ERROR_FAILED,
|
|
|
55c332 |
+ "Can't open system repo %s", error->message);
|
|
|
55c332 |
+ return TRUE;
|
|
|
55c332 |
+ }
|
|
|
55c332 |
+
|
|
|
55c332 |
+ is_oci = flatpak_dir_get_remote_oci (system, arg_origin);
|
|
|
55c332 |
+ if (!is_oci)
|
|
|
55c332 |
+ {
|
|
|
55c332 |
+ g_dbus_method_invocation_return_error (invocation, G_DBUS_ERROR, G_DBUS_ERROR_INVALID_ARGS,
|
|
|
55c332 |
+ "%s is not a OCI remote", arg_origin);
|
|
|
55c332 |
+ return TRUE;
|
|
|
55c332 |
+ }
|
|
|
55c332 |
+
|
|
|
55c332 |
+ if (!flatpak_dir_remote_make_oci_summary (system, arg_origin, NULL, NULL, &error))
|
|
|
55c332 |
+ {
|
|
|
55c332 |
+ g_dbus_method_invocation_return_error (invocation, G_DBUS_ERROR, G_DBUS_ERROR_FAILED,
|
|
|
55c332 |
+ "Failed to update OCI summary: %s", error->message);
|
|
|
55c332 |
+ return TRUE;
|
|
|
55c332 |
+ }
|
|
|
55c332 |
+
|
|
|
55c332 |
+
|
|
|
55c332 |
+ flatpak_system_helper_complete_generate_oci_summary (object, invocation);
|
|
|
55c332 |
+
|
|
|
55c332 |
+ return TRUE;
|
|
|
55c332 |
+}
|
|
|
55c332 |
+
|
|
|
55c332 |
+
|
|
|
55c332 |
static gboolean
|
|
|
55c332 |
flatpak_authorize_method_handler (GDBusInterfaceSkeleton *interface,
|
|
|
55c332 |
GDBusMethodInvocation *invocation,
|
|
|
55c332 |
@@ -1250,7 +1298,8 @@ flatpak_authorize_method_handler (GDBusInterfaceSkeleton *interface,
|
|
|
55c332 |
g_strcmp0 (method_name, "PruneLocalRepo") == 0 ||
|
|
|
55c332 |
g_strcmp0 (method_name, "EnsureRepo") == 0 ||
|
|
|
55c332 |
g_strcmp0 (method_name, "RunTriggers") == 0 ||
|
|
|
55c332 |
- g_strcmp0 (method_name, "UpdateSummary") == 0)
|
|
|
55c332 |
+ g_strcmp0 (method_name, "UpdateSummary") == 0 ||
|
|
|
55c332 |
+ g_strcmp0 (method_name, "GenerateOciSummary") == 0)
|
|
|
55c332 |
{
|
|
|
55c332 |
const char *remote;
|
|
|
55c332 |
|
|
|
55c332 |
@@ -1321,6 +1370,7 @@ on_bus_acquired (GDBusConnection *connection,
|
|
|
55c332 |
g_signal_connect (helper, "handle-ensure-repo", G_CALLBACK (handle_ensure_repo), NULL);
|
|
|
55c332 |
g_signal_connect (helper, "handle-run-triggers", G_CALLBACK (handle_run_triggers), NULL);
|
|
|
55c332 |
g_signal_connect (helper, "handle-update-summary", G_CALLBACK (handle_update_summary), NULL);
|
|
|
55c332 |
+ g_signal_connect (helper, "handle-generate-oci-summary", G_CALLBACK (handle_generate_oci_summary), NULL);
|
|
|
55c332 |
|
|
|
55c332 |
g_signal_connect (helper, "g-authorize-method",
|
|
|
55c332 |
G_CALLBACK (flatpak_authorize_method_handler),
|
|
|
55c332 |
--
|
|
|
55c332 |
2.19.2
|
|
|
55c332 |
|
|
|
55c332 |
|
|
|
55c332 |
From b7f1d5118fc4e1df472f7108472f122e279fe2b9 Mon Sep 17 00:00:00 2001
|
|
|
55c332 |
From: Matthias Clasen <mclasen@redhat.com>
|
|
|
55c332 |
Date: Fri, 7 Dec 2018 14:39:06 -0500
|
|
|
55c332 |
Subject: [PATCH 3/3] Fix oci pull progress reporting
|
|
|
55c332 |
|
|
|
55c332 |
Comparing the code in flatpak-utils.c:progress_cb,
|
|
|
55c332 |
we need to set bytes-transferred for the total amount
|
|
|
55c332 |
of data that has been transferred so far. The value
|
|
|
55c332 |
we were setting so far, fetched-delta-part-size, refers
|
|
|
55c332 |
to the size of the objects we already have locally, and
|
|
|
55c332 |
is subtracted from the total, which explains oci progress
|
|
|
55c332 |
running backwards.
|
|
|
55c332 |
|
|
|
55c332 |
Closes: #2392
|
|
|
55c332 |
|
|
|
55c332 |
Closes: #2400
|
|
|
55c332 |
Approved by: matthiasclasen
|
|
|
55c332 |
---
|
|
|
55c332 |
common/flatpak-dir.c | 2 +-
|
|
|
55c332 |
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
55c332 |
|
|
|
55c332 |
diff --git a/common/flatpak-dir.c b/common/flatpak-dir.c
|
|
|
55c332 |
index 7853b74a..51cd1e66 100644
|
|
|
55c332 |
--- a/common/flatpak-dir.c
|
|
|
55c332 |
+++ b/common/flatpak-dir.c
|
|
|
55c332 |
@@ -4154,7 +4154,7 @@ oci_pull_progress_cb (guint64 total_size, guint64 pulled_size,
|
|
|
55c332 |
"total-delta-parts", "u", n_layers,
|
|
|
55c332 |
"fetched-delta-fallbacks", "u", 0,
|
|
|
55c332 |
"total-delta-fallbacks", "u", 0,
|
|
|
55c332 |
- "fetched-delta-part-size", "t", pulled_size,
|
|
|
55c332 |
+ "bytes-transferred", "t", pulled_size,
|
|
|
55c332 |
"total-delta-part-size", "t", total_size,
|
|
|
55c332 |
"total-delta-part-usize", "t", total_size,
|
|
|
55c332 |
"total-delta-superblocks", "u", 0,
|
|
|
55c332 |
--
|
|
|
55c332 |
2.19.2
|
|
|
55c332 |
|