luc14n0/glib
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/glib.git synced 2024-11-06 01:16:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
d02f5816bf
glib/gio/gportalsupport.c

179 lines
4.7 KiB
C
Raw Normal View History

Add portal helpers These are private helper functions that will be used in the following commits to get information about whether we are running in a flatpak sandbox, etc. We allow the use of GTK_USE_PORTAL=1 in the environment to force the use of portals. This can be useful for testing and debugging portal interaction. https://bugzilla.gnome.org/show_bug.cgi?id=768498
2016-07-07 05:34:55 +02:00
/* GIO - GLib Input, Output and Streaming Library
*
* Copyright 2016 Red Hat, Inc.
*
gio: Add SPDX license headers automatically Add SPDX license (but not copyright) headers to all files which follow a certain pattern in their existing non-machine-readable header comment. This commit was entirely generated using the command: ``` git ls-files gio/*.[ch] | xargs perl -0777 -pi -e 's/\n \*\n \* This library is free software; you can redistribute it and\/or\n \* modify it under the terms of the GNU Lesser General Public/\n \*\n \* SPDX-License-Identifier: LGPL-2.1-or-later\n \*\n \* This library is free software; you can redistribute it and\/or\n \* modify it under the terms of the GNU Lesser General Public/igs' ``` Signed-off-by: Philip Withnall <pwithnall@endlessos.org> Helps: #1415
2022-05-18 10:12:45 +02:00
* SPDX-License-Identifier: LGPL-2.1-or-later
*
Add portal helpers These are private helper functions that will be used in the following commits to get information about whether we are running in a flatpak sandbox, etc. We allow the use of GTK_USE_PORTAL=1 in the environment to force the use of portals. This can be useful for testing and debugging portal interaction. https://bugzilla.gnome.org/show_bug.cgi?id=768498
2016-07-07 05:34:55 +02:00
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
gio/: LGPLv2+ -> LGPLv2.1+ Sub-directories inside gio/ already processed in a previous commit: - fam/ - gdbus-2.0/ (which contains only codegen/) - gvdb/ - inotify/ - tests/ - win32/ - xdgmime/ Other sub-directories inside gio/: - completion/: no license headers - kqueue/: not LGPL, BSD-style license https://bugzilla.gnome.org/show_bug.cgi?id=776504
2017-05-27 18:21:30 +02:00
* version 2.1 of the License, or (at your option) any later version.
Add portal helpers These are private helper functions that will be used in the following commits to get information about whether we are running in a flatpak sandbox, etc. We allow the use of GTK_USE_PORTAL=1 in the environment to force the use of portals. This can be useful for testing and debugging portal interaction. https://bugzilla.gnome.org/show_bug.cgi?id=768498
2016-07-07 05:34:55 +02:00
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General
* Public License along with this library; if not, see <http://www.gnu.org/licenses/>.
*/
#include "config.h"
portal: Check for snap plugs before accessing portals This is of particular use in the gsettings backend, which is currently using dconf for all snaps. Fully confined snaps should use the keyfile backend, as Flatpaks do. Co-Authored-by: Marco Trevisan <mail@3v1n0.net>
2022-10-26 23:35:30 +02:00
#include "glib-private.h"
Add portal helpers These are private helper functions that will be used in the following commits to get information about whether we are running in a flatpak sandbox, etc. We allow the use of GTK_USE_PORTAL=1 in the environment to force the use of portals. This can be useful for testing and debugging portal interaction. https://bugzilla.gnome.org/show_bug.cgi?id=768498
2016-07-07 05:34:55 +02:00
#include "gportalsupport.h"
gio: Create a sandbox checking function
2022-10-31 12:07:52 +01:00
#include "gsandbox.h"
Add portal helpers These are private helper functions that will be used in the following commits to get information about whether we are running in a flatpak sandbox, etc. We allow the use of GTK_USE_PORTAL=1 in the environment to force the use of portals. This can be useful for testing and debugging portal interaction. https://bugzilla.gnome.org/show_bug.cgi?id=768498
2016-07-07 05:34:55 +02:00
portal: Check for snap plugs before accessing portals This is of particular use in the gsettings backend, which is currently using dconf for all snaps. Fully confined snaps should use the keyfile backend, as Flatpaks do. Co-Authored-by: Marco Trevisan <mail@3v1n0.net>
2022-10-26 23:35:30 +02:00
static GSandboxType sandbox_type = G_SANDBOX_TYPE_UNKNOWN;
Add portal helpers These are private helper functions that will be used in the following commits to get information about whether we are running in a flatpak sandbox, etc. We allow the use of GTK_USE_PORTAL=1 in the environment to force the use of portals. This can be useful for testing and debugging portal interaction. https://bugzilla.gnome.org/show_bug.cgi?id=768498
2016-07-07 05:34:55 +02:00
static gboolean use_portal;
static gboolean network_available;
portal: Add a getter for dconf access Add method to find whether the sandbox provides access to dconf. This will be used to tweak the priorities for the keyfile settings backend.
2019-07-12 17:30:30 +02:00
static gboolean dconf_access;
Add portal helpers These are private helper functions that will be used in the following commits to get information about whether we are running in a flatpak sandbox, etc. We allow the use of GTK_USE_PORTAL=1 in the environment to force the use of portals. This can be useful for testing and debugging portal interaction. https://bugzilla.gnome.org/show_bug.cgi?id=768498
2016-07-07 05:34:55 +02:00
gportalsupport: Force use /usr/bin/snapctl to get snap connection status Do not search in path for snapctl to avoid it to be potentially overridden by changing the PATH env variable. Still allow testing by using an ifdef to check if we're building for the test files or not.
2022-11-24 05:54:07 +01:00
#ifdef G_PORTAL_SUPPORT_TEST
static const char *snapctl = "snapctl";
#else
static const char *snapctl = "/usr/bin/snapctl";
#endif
portal: Check for snap plugs before accessing portals This is of particular use in the gsettings backend, which is currently using dconf for all snaps. Fully confined snaps should use the keyfile backend, as Flatpaks do. Co-Authored-by: Marco Trevisan <mail@3v1n0.net>
2022-10-26 23:35:30 +02:00
static gboolean
snap_plug_is_connected (const gchar *plug_name)
{
gint wait_status;
gportalsupport: Force use /usr/bin/snapctl to get snap connection status Do not search in path for snapctl to avoid it to be potentially overridden by changing the PATH env variable. Still allow testing by using an ifdef to check if we're building for the test files or not.
2022-11-24 05:54:07 +01:00
const gchar *argv[] = { snapctl, "is-connected", plug_name, NULL };
portal: Check for snap plugs before accessing portals This is of particular use in the gsettings backend, which is currently using dconf for all snaps. Fully confined snaps should use the keyfile backend, as Flatpaks do. Co-Authored-by: Marco Trevisan <mail@3v1n0.net>
2022-10-26 23:35:30 +02:00
/* Bail out if our process is privileged - we don't want to pass those
gportalsupport: Force use /usr/bin/snapctl to get snap connection status Do not search in path for snapctl to avoid it to be potentially overridden by changing the PATH env variable. Still allow testing by using an ifdef to check if we're building for the test files or not.
2022-11-24 05:54:07 +01:00
* privileges to snapctl. It could be overridden and this would
portal: Check for snap plugs before accessing portals This is of particular use in the gsettings backend, which is currently using dconf for all snaps. Fully confined snaps should use the keyfile backend, as Flatpaks do. Co-Authored-by: Marco Trevisan <mail@3v1n0.net>
2022-10-26 23:35:30 +02:00
* allow arbitrary code execution.
*/
if (GLIB_PRIVATE_CALL (g_check_setuid) ())
return FALSE;
if (!g_spawn_sync (NULL, (gchar **) argv, NULL,
gportalsupport: Force use /usr/bin/snapctl to get snap connection status Do not search in path for snapctl to avoid it to be potentially overridden by changing the PATH env variable. Still allow testing by using an ifdef to check if we're building for the test files or not.
2022-11-24 05:54:07 +01:00
#ifdef G_PORTAL_SUPPORT_TEST
portal: Check for snap plugs before accessing portals This is of particular use in the gsettings backend, which is currently using dconf for all snaps. Fully confined snaps should use the keyfile backend, as Flatpaks do. Co-Authored-by: Marco Trevisan <mail@3v1n0.net>
2022-10-26 23:35:30 +02:00
G_SPAWN_SEARCH_PATH |
gportalsupport: Force use /usr/bin/snapctl to get snap connection status Do not search in path for snapctl to avoid it to be potentially overridden by changing the PATH env variable. Still allow testing by using an ifdef to check if we're building for the test files or not.
2022-11-24 05:54:07 +01:00
#endif
portal: Check for snap plugs before accessing portals This is of particular use in the gsettings backend, which is currently using dconf for all snaps. Fully confined snaps should use the keyfile backend, as Flatpaks do. Co-Authored-by: Marco Trevisan <mail@3v1n0.net>
2022-10-26 23:35:30 +02:00
G_SPAWN_STDOUT_TO_DEV_NULL |
G_SPAWN_STDERR_TO_DEV_NULL,
NULL, NULL, NULL, NULL, &wait_status,
NULL))
return FALSE;
return g_spawn_check_wait_status (wait_status, NULL);
}
Add portal helpers These are private helper functions that will be used in the following commits to get information about whether we are running in a flatpak sandbox, etc. We allow the use of GTK_USE_PORTAL=1 in the environment to force the use of portals. This can be useful for testing and debugging portal interaction. https://bugzilla.gnome.org/show_bug.cgi?id=768498
2016-07-07 05:34:55 +02:00
static void
portal: Rename function to not be flatpak specific It will also read snap information
2022-10-27 05:34:21 +02:00
sandbox_info_read (void)
Add portal helpers These are private helper functions that will be used in the following commits to get information about whether we are running in a flatpak sandbox, etc. We allow the use of GTK_USE_PORTAL=1 in the environment to force the use of portals. This can be useful for testing and debugging portal interaction. https://bugzilla.gnome.org/show_bug.cgi?id=768498
2016-07-07 05:34:55 +02:00
{
portal: Check for snap plugs before accessing portals This is of particular use in the gsettings backend, which is currently using dconf for all snaps. Fully confined snaps should use the keyfile backend, as Flatpaks do. Co-Authored-by: Marco Trevisan <mail@3v1n0.net>
2022-10-26 23:35:30 +02:00
static gsize sandbox_info_is_read = 0;
gportalsupport: Fix compilation failure from previous commit Igor says: Thith code did not path the compilation check. Signed-off-by: Philip Withnall <withnall@endlessm.com>
2017-05-01 20:34:51 +02:00
portal: Check for snap plugs before accessing portals This is of particular use in the gsettings backend, which is currently using dconf for all snaps. Fully confined snaps should use the keyfile backend, as Flatpaks do. Co-Authored-by: Marco Trevisan <mail@3v1n0.net>
2022-10-26 23:35:30 +02:00
/* Sandbox type and Flatpak info is static, so only read once */
if (!g_once_init_enter (&sandbox_info_is_read))
Add portal helpers These are private helper functions that will be used in the following commits to get information about whether we are running in a flatpak sandbox, etc. We allow the use of GTK_USE_PORTAL=1 in the environment to force the use of portals. This can be useful for testing and debugging portal interaction. https://bugzilla.gnome.org/show_bug.cgi?id=768498
2016-07-07 05:34:55 +02:00
return;
gio: Create a sandbox checking function
2022-10-31 12:07:52 +01:00
sandbox_type = glib_get_sandbox_type ();
portal: Check for snap plugs before accessing portals This is of particular use in the gsettings backend, which is currently using dconf for all snaps. Fully confined snaps should use the keyfile backend, as Flatpaks do. Co-Authored-by: Marco Trevisan <mail@3v1n0.net>
2022-10-26 23:35:30 +02:00
gio: Create a sandbox checking function
2022-10-31 12:07:52 +01:00
switch (sandbox_type)
Add portal helpers These are private helper functions that will be used in the following commits to get information about whether we are running in a flatpak sandbox, etc. We allow the use of GTK_USE_PORTAL=1 in the environment to force the use of portals. This can be useful for testing and debugging portal interaction. https://bugzilla.gnome.org/show_bug.cgi?id=768498
2016-07-07 05:34:55 +02:00
{
gio: Create a sandbox checking function
2022-10-31 12:07:52 +01:00
case G_SANDBOX_TYPE_FLATPAK:
{
GKeyFile *keyfile;
gio/tests: Add tests for flatpak infos Support testing flatpak infos, we do it by faking /.flatpak-info file in case we're building in test mode.
2022-11-24 19:07:27 +01:00
const char *keyfile_path = "/.flatpak-info";
Add portal helpers These are private helper functions that will be used in the following commits to get information about whether we are running in a flatpak sandbox, etc. We allow the use of GTK_USE_PORTAL=1 in the environment to force the use of portals. This can be useful for testing and debugging portal interaction. https://bugzilla.gnome.org/show_bug.cgi?id=768498
2016-07-07 05:34:55 +02:00
use_portal = TRUE;
gio: Create a sandbox checking function
2022-10-31 12:07:52 +01:00
network_available = FALSE;
dconf_access = FALSE;
keyfile = g_key_file_new ();
gio/tests: Add tests for flatpak infos Support testing flatpak infos, we do it by faking /.flatpak-info file in case we're building in test mode.
2022-11-24 19:07:27 +01:00
#ifdef G_PORTAL_SUPPORT_TEST
char *test_key_file =
g_build_filename (g_get_user_runtime_dir (), keyfile_path, NULL);
keyfile_path = test_key_file;
#endif
if (g_key_file_load_from_file (keyfile, keyfile_path, G_KEY_FILE_NONE, NULL))
gio: Create a sandbox checking function
2022-10-31 12:07:52 +01:00
{
char **shared = NULL;
char *dconf_policy = NULL;
shared = g_key_file_get_string_list (keyfile, "Context", "shared", NULL, NULL);
if (shared)
{
gio: Fix formatting
2022-11-01 10:20:11 +01:00
network_available = g_strv_contains ((const char *const *) shared, "network");
gio: Create a sandbox checking function
2022-10-31 12:07:52 +01:00
g_strfreev (shared);
}
dconf_policy = g_key_file_get_string (keyfile, "Session Bus Policy", "ca.desrt.dconf", NULL);
if (dconf_policy)
{
if (strcmp (dconf_policy, "talk") == 0)
dconf_access = TRUE;
g_free (dconf_policy);
}
}
gio/tests: Add tests for flatpak infos Support testing flatpak infos, we do it by faking /.flatpak-info file in case we're building in test mode.
2022-11-24 19:07:27 +01:00
#ifdef G_PORTAL_SUPPORT_TEST
g_clear_pointer (&test_key_file, g_free);
#endif
gio: Create a sandbox checking function
2022-10-31 12:07:52 +01:00
g_key_file_unref (keyfile);
}
break;
case G_SANDBOX_TYPE_SNAP:
portal: Check for snap plugs before accessing portals This is of particular use in the gsettings backend, which is currently using dconf for all snaps. Fully confined snaps should use the keyfile backend, as Flatpaks do. Co-Authored-by: Marco Trevisan <mail@3v1n0.net>
2022-10-26 23:35:30 +02:00
break;
case G_SANDBOX_TYPE_UNKNOWN:
gio: Create a sandbox checking function
2022-10-31 12:07:52 +01:00
{
const char *var;
gio: Rename GTK_USE_PORTAL to GIO_USE_PORTALS The `GTK_USE_PORTAL` environment variable has started to be misused by users, which is causing deployment issues (such as portal services themselves ending up being forced to use portals, which is never going to work). Try and sidestep users’ broken configurations by renaming the environment variable, and also separating it from the old GTK environment variable, since the GLib one affects a lot more processes. This environment variable is meant to be used for debugging and development, and never in production. GTK already renamed their environment variable in https://gitlab.gnome.org/GNOME/gtk/-/merge_requests/4829, so keeping the `GTK_USE_PORTAL` name in GLib doesn’t make sense anyway. Signed-off-by: Philip Withnall <pwithnall@endlessos.org> Fixes: #3107
2023-10-02 16:00:23 +02:00
var = g_getenv ("GIO_USE_PORTALS");
gio: Create a sandbox checking function
2022-10-31 12:07:52 +01:00
if (var && var[0] == '1')
use_portal = TRUE;
network_available = TRUE;
dconf_access = TRUE;
}
break;
Add portal helpers These are private helper functions that will be used in the following commits to get information about whether we are running in a flatpak sandbox, etc. We allow the use of GTK_USE_PORTAL=1 in the environment to force the use of portals. This can be useful for testing and debugging portal interaction. https://bugzilla.gnome.org/show_bug.cgi?id=768498
2016-07-07 05:34:55 +02:00
}
portal: Read /.flatpak-info in thread-safe fashion There is no guarantee that this function would not be called concurrently. Particularly since flatpak_info_read was set to TRUE before /.flatpak-info is actually read from disk, there is a potential race where a second thread would return default values for the various flags set from that file. Fixes #2159
2020-07-13 17:26:44 +02:00
portal: Check for snap plugs before accessing portals This is of particular use in the gsettings backend, which is currently using dconf for all snaps. Fully confined snaps should use the keyfile backend, as Flatpaks do. Co-Authored-by: Marco Trevisan <mail@3v1n0.net>
2022-10-26 23:35:30 +02:00
g_once_init_leave (&sandbox_info_is_read, 1);
Add portal helpers These are private helper functions that will be used in the following commits to get information about whether we are running in a flatpak sandbox, etc. We allow the use of GTK_USE_PORTAL=1 in the environment to force the use of portals. This can be useful for testing and debugging portal interaction. https://bugzilla.gnome.org/show_bug.cgi?id=768498
2016-07-07 05:34:55 +02:00
}
gboolean
glib_should_use_portal (void)
{
portal: Rename function to not be flatpak specific It will also read snap information
2022-10-27 05:34:21 +02:00
sandbox_info_read ();
portal: Check for snap plugs before accessing portals This is of particular use in the gsettings backend, which is currently using dconf for all snaps. Fully confined snaps should use the keyfile backend, as Flatpaks do. Co-Authored-by: Marco Trevisan <mail@3v1n0.net>
2022-10-26 23:35:30 +02:00
if (sandbox_type == G_SANDBOX_TYPE_SNAP)
return snap_plug_is_connected ("desktop");
Add portal helpers These are private helper functions that will be used in the following commits to get information about whether we are running in a flatpak sandbox, etc. We allow the use of GTK_USE_PORTAL=1 in the environment to force the use of portals. This can be useful for testing and debugging portal interaction. https://bugzilla.gnome.org/show_bug.cgi?id=768498
2016-07-07 05:34:55 +02:00
return use_portal;
}
gboolean
glib_network_available_in_sandbox (void)
{
portal: Rename function to not be flatpak specific It will also read snap information
2022-10-27 05:34:21 +02:00
sandbox_info_read ();
portal: Check for snap plugs before accessing portals This is of particular use in the gsettings backend, which is currently using dconf for all snaps. Fully confined snaps should use the keyfile backend, as Flatpaks do. Co-Authored-by: Marco Trevisan <mail@3v1n0.net>
2022-10-26 23:35:30 +02:00
if (sandbox_type == G_SANDBOX_TYPE_SNAP)
{
/* FIXME: This is inefficient doing multiple calls to check connections.
* See https://github.com/snapcore/snapd/pull/12301 for a proposed
* improvement to snapd for this.
*/
return snap_plug_is_connected ("desktop") ||
snap_plug_is_connected ("network-status");
}
Add portal helpers These are private helper functions that will be used in the following commits to get information about whether we are running in a flatpak sandbox, etc. We allow the use of GTK_USE_PORTAL=1 in the environment to force the use of portals. This can be useful for testing and debugging portal interaction. https://bugzilla.gnome.org/show_bug.cgi?id=768498
2016-07-07 05:34:55 +02:00
return network_available;
}
portal: Add a getter for dconf access Add method to find whether the sandbox provides access to dconf. This will be used to tweak the priorities for the keyfile settings backend.
2019-07-12 17:30:30 +02:00
gboolean
glib_has_dconf_access_in_sandbox (void)
{
portal: Rename function to not be flatpak specific It will also read snap information
2022-10-27 05:34:21 +02:00
sandbox_info_read ();
portal: Check for snap plugs before accessing portals This is of particular use in the gsettings backend, which is currently using dconf for all snaps. Fully confined snaps should use the keyfile backend, as Flatpaks do. Co-Authored-by: Marco Trevisan <mail@3v1n0.net>
2022-10-26 23:35:30 +02:00
if (sandbox_type == G_SANDBOX_TYPE_SNAP)
return snap_plug_is_connected ("gsettings");
portal: Add a getter for dconf access Add method to find whether the sandbox provides access to dconf. This will be used to tweak the priorities for the keyfile settings backend.
2019-07-12 17:30:30 +02:00
return dconf_access;
}
Reference in New Issue Copy Permalink