This implements https://gitlab.freedesktop.org/dbus/dbus/-/merge_requests/350
for GDBus's server implementation.
Abstract sockets belong to the network namespace instead of the mount
namespace. As a result, mount namespace-based sandboxes (e.g. Flatpak)
cannot restrict access to abstract sockets (and therefore GDBus's
unix:tmpdir= server addresses), at least for applications with network
access permission, which may result in sandbox escapes unless the
application running the GDBus server explicitly check that the connecting
process is not in a sandbox. As of the time of writing, no known
applications using GDBusServer does this.
Fix this by always using non-abstract sockets for unix:tmpdir=, which is
allowed by the DBus specification.
Previously it was marked as failing on macOS, but commit
ed3998b390 seems to have fixed that. yay!
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
Helps: #1392
The access and creation time tests create a file, gets the time in
seconds, then gets the time in microseconds and assumes that the
difference between the two has to be above 0.
As rare as this may be, it can happen:
$ stat g-file-info-test-50A450 -c %y
2021-07-06 18:24:56.000000767 +0100
Change the test to simply assert that the difference not negative to
handle this case.
This is the same fix as 289f8b, but that was just modification time.
Signed-off-by: Ross Burton <ross.burton@arm.com>
g_close() now is async-signal-safe, as long as we don't request a GError
and pass a valid file descriptor.
Update "gspawn.c" to drop its safe_close() function and use
g_close() instead.
g_close() does something useful. It is not trivial to get EINTR handling of
close() right, in a portable manner. g_close() abstracts this.
We should allow glib users to use the function even in async-signal-safe
contexts, at least if the user heeds the caveat about GError and take care
not to fail assertions.
Retry on EINTR is wrong on many OS, including Linux. See the comment
in g_close() why that is.
As we cannot use g_close() after fork, we had safe_close(). This had the
wrong retry loop on EINTR. Drop that.
This was especially problematic since commit 6f46294227 ('gspawn: Don’t
use g_close() in async-signal-safe context'). Before, safe_close() was
only called after fork, where there is only one thread and there is no
concern about a race.
This patch only exists for easier backporting of the bugfix. The code
will be reworked further next.
Fixes: 6f46294227 ('gspawn: Don’t use g_close() in async-signal-safe context')
In recent Clang we may get a build warning as per:
../gio/gtask.c: warning: implicit truncation from 'int' to a
one-bit wide bit-field changes value from 1 to -1
[-Wsingle-bit-bitfield-constant-conversion]
This is because we use gboolean (and thus a signed type) for bit-fields.
Now, this is not an issue in practice for the way we're using them, but
still better to mute such compiler warns in the right way.
Freebsd doesn't always have /proc mounted, so relying on
/proc for the tests isn't ideal.
This commit changes the desktop-app-info tests to use
mkfifo instead of /proc/../fd/.. to relay terminal
arguments.
Might help with this error message I'm seeing in CI:
/tmp/bin-path-H1UQT1/gnome-terminal: cannot create /proc/38961/fd/6: No such file or directory
In case the XDG database is not initialized yet we may try to sniff a
0-length data, making our content-type routines to mark non-empty files
as `application/x-zerosize`.
This is wrong, so in case the sniff size is not set, let's just
try to read the default value. To avoid false-application/x-zerosize
results (that are not something we want as per legacy assumptions).
See: https://bugzilla.gnome.org/show_bug.cgi?id=755795
Fixes: https://gitlab.gnome.org/GNOME/glib/-/issues/2742