gsandbox: Mark classic snaps as UNKNOWN sandbox type

Classic snaps are just a kind of packages with no sandbox at all, so there's no point to mark them as sandboxed. In this way we can just do IO checks once without having to multiply them. Co-Authored-by: Robert Ancell <robert.ancell@canonical.com>
2025-07-30 22:03:29 +02:00 · 2022-11-24 04:26:19 +01:00
parent 660242af07
commit 0e4dff445f
2 changed files with 89 additions and 2 deletions
--- a/gio/gsandbox.c
+++ b/gio/gsandbox.c
@@ -22,27 +22,78 @@

 #include "gsandbox.h"

+#include <string.h>
+
+#define SNAP_CONFINEMENT_PREFIX "confinement:"
+
 static gboolean
 is_flatpak (void)
 {
  return g_file_test ("/.flatpak-info", G_FILE_TEST_EXISTS);
 }

+static gchar *
+get_snap_confinement (const char  *snap_yaml,
+                      GError     **error)
+{
+  char *confinement = NULL;
+  char *yaml_contents;
+
+  if (g_file_get_contents (snap_yaml, &yaml_contents, NULL, error))
+    {
+      const char *line = yaml_contents;
+
+      do
+        {
+          if (g_str_has_prefix (line, SNAP_CONFINEMENT_PREFIX))
+            break;
+
+          line = strchr (line, '\n');
+          if (line)
+            line += 1;
+        }
+      while (line != NULL);
+
+      if (line)
+        {
+          const char *start = line + strlen (SNAP_CONFINEMENT_PREFIX);
+          const char *end = strchr (start, '\n');
+
+          confinement =
+            g_strstrip (end ? g_strndup (start, end-start) : g_strdup (start));
+        }
+
+      g_free (yaml_contents);
+    }
+
+  return g_steal_pointer (&confinement);
+}
+
 static gboolean
 is_snap (void)
 {
+  GError *error = NULL;
  const gchar *snap_path;
  gchar *yaml_path;
+  char *confinement;
  gboolean result;

  snap_path = g_getenv ("SNAP");
  if (snap_path == NULL)
    return FALSE;

+  result = FALSE;
  yaml_path = g_build_filename (snap_path, "meta", "snap.yaml", NULL);
-  result = g_file_test (yaml_path, G_FILE_TEST_EXISTS);
+  confinement = get_snap_confinement (yaml_path, &error);
  g_free (yaml_path);

+  /* Classic snaps are de-facto no sandboxed apps, so we can ignore them */
+  if (!error && g_strcmp0 (confinement, "classic") != 0)
+    result = TRUE;
+
+  g_clear_error (&error);
+  g_free (confinement);
+
  return result;
 }