ahill/flatpak
1
0
Fork 0
mirror of https://github.com/flatpak/flatpak.git synced 2026-01-26 14:13:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

context: Add --share-if and --allow-if context options

Browse Source 
Actually make it possible to use the command line to use the new
conditional permission system.
This commit is contained in:
Sebastian Wick 2025-12-05 17:00:07 +01:00
parent 6667e1d361
commit 2a4441382f
4 changed files with 201 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

90
common/flatpak-context.c
View File

@ -2043,6 +2043,27 @@ flatpak_context_merge (FlatpakContext *context,
flatpak_context_add_nousb_query (context, value);
}
static gboolean
parse_if_option (const char *option_name,
const char *value,
char **name_out,
char **condition_out,
GError **error)
{
g_auto(GStrv) tokens = g_strsplit (value, ":", 2);
if (g_strv_length (tokens) != 2)
{
g_set_error (error, G_OPTION_ERROR, G_OPTION_ERROR_FAILED,
_("Invalid syntax for %s: %s"), option_name, value);
return FALSE;
}
*name_out = g_strdup (tokens[0]);
*condition_out = g_strdup (tokens[1]);
return TRUE;
}
static gboolean
option_share_cb (const gchar *option_name,
const gchar *value,
@ -2079,6 +2100,29 @@ option_unshare_cb (const gchar *option_name,
return TRUE;
}
static gboolean
option_share_if_cb (const gchar *option_name,
const gchar *value,
gpointer data,
GError **error)
{
FlatpakContext *context = data;
g_autofree char *name = NULL;
g_autofree char *condition = NULL;
FlatpakContextShares share;
if (!parse_if_option (option_name, value, &name, &condition, error))
return FALSE;
share = flatpak_context_share_from_string (name, error);
if (share == 0)
return FALSE;
flatpak_permissions_set_allowed_if (context->shares_permissions,
name, condition);
return TRUE;
}
static gboolean
option_socket_cb (const gchar *option_name,
const gchar *value,
@ -2132,27 +2176,6 @@ option_nosocket_cb (const gchar *option_name,
return TRUE;
}
static gboolean
parse_if_option (const char *option_name,
const char *value,
char **name_out,
char **condition_out,
GError **error)
{
g_auto(GStrv) tokens = g_strsplit (value, ":", 2);
if (g_strv_length (tokens) != 2)
{
g_set_error (error, G_OPTION_ERROR, G_OPTION_ERROR_FAILED,
_("Invalid syntax for %s: %s"), option_name, value);
return FALSE;
}
*name_out = g_strdup (tokens[0]);
*condition_out = g_strdup (tokens[1]);
return TRUE;
}
static gboolean
option_socket_if_cb (const gchar *option_name,
const gchar *value,
@ -2280,6 +2303,29 @@ option_disallow_cb (const gchar *option_name,
return TRUE;
}
static gboolean
option_allow_if_cb (const gchar *option_name,
const gchar *value,
gpointer data,
GError **error)
{
FlatpakContext *context = data;
g_autofree char *name = NULL;
g_autofree char *condition = NULL;
FlatpakContextFeatures feature;
if (!parse_if_option (option_name, value, &name, &condition, error))
return FALSE;
feature = flatpak_context_feature_from_string (name, error);
if (feature == 0)
return FALSE;
flatpak_permissions_set_allowed_if (context->features_permissions,
name, condition);
return TRUE;
}
static gboolean
option_filesystem_cb (const gchar *option_name,
const gchar *value,
@ -2675,6 +2721,7 @@ static gboolean option_no_desktop_deprecated;
static GOptionEntry context_options[] = {
{ "share", 0, G_OPTION_FLAG_IN_MAIN, G_OPTION_ARG_CALLBACK, &option_share_cb, N_("Share with host"), N_("SHARE") },
{ "unshare", 0, G_OPTION_FLAG_IN_MAIN, G_OPTION_ARG_CALLBACK, &option_unshare_cb, N_("Unshare with host"), N_("SHARE") },
{ "share-if", 0, G_OPTION_FLAG_IN_MAIN, G_OPTION_ARG_CALLBACK, &option_share_if_cb, N_("Require conditions to be met for a subsystem to get shared"), N_("SHARE:CONDITION") },
{ "socket", 0, G_OPTION_FLAG_IN_MAIN, G_OPTION_ARG_CALLBACK, &option_socket_cb, N_("Expose socket to app"), N_("SOCKET") },
{ "nosocket", 0, G_OPTION_FLAG_IN_MAIN, G_OPTION_ARG_CALLBACK, &option_nosocket_cb, N_("Don't expose socket to app"), N_("SOCKET") },
{ "socket-if", 0, G_OPTION_FLAG_IN_MAIN, G_OPTION_ARG_CALLBACK, &option_socket_if_cb, N_("Require conditions to be met for a socket to get exposed"), N_("SOCKET:CONDITION") },
@ -2683,6 +2730,7 @@ static GOptionEntry context_options[] = {
{ "device-if", 0, G_OPTION_FLAG_IN_MAIN, G_OPTION_ARG_CALLBACK, &option_device_if_cb, N_("Require conditions to be met for a device to get exposed"), N_("DEVICE:CONDITION") },
{ "allow", 0, G_OPTION_FLAG_IN_MAIN, G_OPTION_ARG_CALLBACK, &option_allow_cb, N_("Allow feature"), N_("FEATURE") },
{ "disallow", 0, G_OPTION_FLAG_IN_MAIN, G_OPTION_ARG_CALLBACK, &option_disallow_cb, N_("Don't allow feature"), N_("FEATURE") },
{ "allow-if", 0, G_OPTION_FLAG_IN_MAIN, G_OPTION_ARG_CALLBACK, &option_allow_if_cb, N_("Require conditions to be met for a feature to get allowed"), N_("FEATURE:CONDITION") },
{ "filesystem", 0, G_OPTION_FLAG_IN_MAIN | G_OPTION_FLAG_FILENAME, G_OPTION_ARG_CALLBACK, &option_filesystem_cb, N_("Expose filesystem to app (:ro for read-only)"), N_("FILESYSTEM[:ro]") },
{ "nofilesystem", 0, G_OPTION_FLAG_IN_MAIN | G_OPTION_FLAG_FILENAME, G_OPTION_ARG_CALLBACK, &option_nofilesystem_cb, N_("Don't expose filesystem to app"), N_("FILESYSTEM") },
{ "env", 0, G_OPTION_FLAG_IN_MAIN, G_OPTION_ARG_CALLBACK, &option_env_cb, N_("Set environment variable"), N_("VAR=VALUE") },

44
doc/flatpak-build-finish.xml
View File

@ -127,6 +127,28 @@
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--share-if=SUBSYSTEM:CONDITION</option></term>
<listitem><para>
Share a subsystem with the host session conditionally,
only when the specified condition is met at runtime.
This updates the [Context] group in the metadata.
<arg choice="plain">SUBSYSTEM</arg> must be one of: network, ipc.
<arg choice="plain">CONDITION</arg> must be one of:
<option>true</option>, <option>false</option>,
<option>has-input-device</option>, <option>has-wayland</option>.
Conditions can be negated with <literal>!</literal>,
for example <option>!has-input-device</option>.
This option can be used multiple times.
Available since 1.17.
</para><para>
See the Conditional Permissions section in
<citerefentry><refentrytitle>flatpak-metadata</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for more details.
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--socket=SOCKET</option></term>
@ -269,6 +291,28 @@
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--allow-if=FEATURE:CONDITION</option></term>
<listitem><para>
Allow access to a specific feature conditionally,
only when the specified condition is met at runtime.
This updates the [Context] group in the metadata.
<arg choice="plain">FEATURE</arg> must be one of: devel, multiarch, bluetooth.
<arg choice="plain">CONDITION</arg> must be one of:
<option>true</option>, <option>false</option>,
<option>has-input-device</option>, <option>has-wayland</option>.
Conditions can be negated with <literal>!</literal>,
for example <option>!has-input-device</option>.
This option can be used multiple times.
Available since 1.17.
</para><para>
See the Conditional Permissions section in
<citerefentry><refentrytitle>flatpak-metadata</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for more details.
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--filesystem=FS</option></term>

44
doc/flatpak-override.xml
View File

@ -130,6 +130,28 @@
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--share-if=SUBSYSTEM:CONDITION</option></term>
<listitem><para>
Share a subsystem with the host session conditionally,
only when the specified condition is met at runtime.
This overrides to the Context section from the application metadata.
<arg choice="plain">SUBSYSTEM</arg> must be one of: network, ipc.
<arg choice="plain">CONDITION</arg> must be one of:
<option>true</option>, <option>false</option>,
<option>has-input-device</option>, <option>has-wayland</option>.
Conditions can be negated with <literal>!</literal>,
for example <option>!has-input-device</option>.
This option can be used multiple times.
Available since 1.17.
</para><para>
See the Conditional Permissions section in
<citerefentry><refentrytitle>flatpak-metadata</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for more details.
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--socket=SOCKET</option></term>
@ -248,6 +270,28 @@
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--allow-if=FEATURE:CONDITION</option></term>
<listitem><para>
Allow access to a specific feature conditionally,
only when the specified condition is met at runtime.
This overrides to the Context section from the application metadata.
<arg choice="plain">FEATURE</arg> must be one of: devel, multiarch, bluetooth.
<arg choice="plain">CONDITION</arg> must be one of:
<option>true</option>, <option>false</option>,
<option>has-input-device</option>, <option>has-wayland</option>.
Conditions can be negated with <literal>!</literal>,
for example <option>!has-input-device</option>.
This option can be used multiple times.
Available since 1.17.
</para><para>
See the Conditional Permissions section in
<citerefentry><refentrytitle>flatpak-metadata</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for more details.
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--filesystem=FILESYSTEM</option></term>

44
doc/flatpak-run.xml
View File

@ -325,6 +325,28 @@
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--share-if=SUBSYSTEM:CONDITION</option></term>
<listitem><para>
Share a subsystem with the host session conditionally,
only when the specified condition is met at runtime.
This overrides to the Context section from the application metadata.
<arg choice="plain">SUBSYSTEM</arg> must be one of: network, ipc.
<arg choice="plain">CONDITION</arg> must be one of:
<option>true</option>, <option>false</option>,
<option>has-input-device</option>, <option>has-wayland</option>.
Conditions can be negated with <literal>!</literal>,
for example <option>!has-input-device</option>.
This option can be used multiple times.
Available since 1.17.
</para><para>
See the Conditional Permissions section in
<citerefentry><refentrytitle>flatpak-metadata</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for more details.
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--socket=SOCKET</option></term>
@ -441,6 +463,28 @@
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--allow-if=FEATURE:CONDITION</option></term>
<listitem><para>
Allow access to a specific feature conditionally,
only when the specified condition is met at runtime.
This overrides to the Context section from the application metadata.
<arg choice="plain">FEATURE</arg> must be one of: devel, multiarch, bluetooth.
<arg choice="plain">CONDITION</arg> must be one of:
<option>true</option>, <option>false</option>,
<option>has-input-device</option>, <option>has-wayland</option>.
Conditions can be negated with <literal>!</literal>,
for example <option>!has-input-device</option>.
This option can be used multiple times.
Available since 1.17.
</para><para>
See the Conditional Permissions section in
<citerefentry><refentrytitle>flatpak-metadata</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for more details.
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--filesystem=FILESYSTEM</option></term>