From 1728bc8d22ffe5e340dfb7cf3a8627f3638f5616 Mon Sep 17 00:00:00 2001 From: worldofpeace Date: Mon, 22 Jul 2019 15:35:46 -0400 Subject: [PATCH] flatpak: 1.2.4 -> 1.4.2 * Regenerated all patches for 1.4.2 and resolved any conflicts. * fix-test-paths.patch doesn't copy the whole locale archive because we have C.UTF8 now. * nixos/flatpak creates a Flatpak system helper user Change introduced in 1.3.2. Changes: See https://github.com/flatpak/flatpak/releases/tag/1.3.1 through 1.4.2. --- nixos/modules/services/desktops/flatpak.nix | 8 +++++ .../libraries/flatpak/bubblewrap-paths.patch | 4 +-- .../development/libraries/flatpak/default.nix | 8 ++--- .../libraries/flatpak/fix-paths.patch | 6 ++-- .../libraries/flatpak/fix-test-paths.patch | 29 ++++++++++++------- .../respect-xml-catalog-files-var.patch | 4 ++- .../libraries/flatpak/unset-env-vars.patch | 4 ++- .../flatpak/use-flatpak-from-path.patch | 22 +++++++------- .../flatpak/validate-icon-pixbuf.patch | 4 +-- 9 files changed, 56 insertions(+), 33 deletions(-) diff --git a/nixos/modules/services/desktops/flatpak.nix b/nixos/modules/services/desktops/flatpak.nix index 1492d855aa03..edae8c1cad86 100644 --- a/nixos/modules/services/desktops/flatpak.nix +++ b/nixos/modules/services/desktops/flatpak.nix @@ -38,5 +38,13 @@ in { "$HOME/.local/share/flatpak/exports" "/var/lib/flatpak/exports" ]; + + users.users.flatpak = { + description = "Flatpak system helper"; + group = "flatpak"; + isSystemUser = true; + }; + + users.groups.flatpak = { }; }; } diff --git a/pkgs/development/libraries/flatpak/bubblewrap-paths.patch b/pkgs/development/libraries/flatpak/bubblewrap-paths.patch index 79257fd6be50..407811736f83 100644 --- a/pkgs/development/libraries/flatpak/bubblewrap-paths.patch +++ b/pkgs/development/libraries/flatpak/bubblewrap-paths.patch @@ -1,8 +1,8 @@ diff --git a/icon-validator/validate-icon.c b/icon-validator/validate-icon.c -index 6e23d9f2..8c621ec4 100644 +index 9e885070..d02eeb8c 100644 --- a/icon-validator/validate-icon.c +++ b/icon-validator/validate-icon.c -@@ -149,8 +149,8 @@ rerun_in_sandbox (const char *arg_width, +@@ -156,8 +156,8 @@ rerun_in_sandbox (const char *arg_width, "--unshare-ipc", "--unshare-net", "--unshare-pid", diff --git a/pkgs/development/libraries/flatpak/default.nix b/pkgs/development/libraries/flatpak/default.nix index 4c4949b37be8..d29be4cb9304 100644 --- a/pkgs/development/libraries/flatpak/default.nix +++ b/pkgs/development/libraries/flatpak/default.nix @@ -1,18 +1,18 @@ { stdenv, fetchurl, autoreconfHook, docbook_xml_dtd_412, docbook_xml_dtd_42, docbook_xml_dtd_43, docbook_xsl, which, libxml2 , gobject-introspection, gtk-doc, intltool, libxslt, pkgconfig, xmlto, appstream-glib, substituteAll, glibcLocales, yacc, xdg-dbus-proxy, p11-kit -, bubblewrap, bzip2, dbus, glib, gpgme, json-glib, libarchive, libcap, libseccomp, coreutils, gettext, hicolor-icon-theme +, bubblewrap, bzip2, dbus, glib, gpgme, json-glib, libarchive, libcap, libseccomp, coreutils, gettext, hicolor-icon-theme, fuse , libsoup, lzma, ostree, polkit, python3, systemd, xorg, valgrind, glib-networking, wrapGAppsHook, gnome3, gsettings-desktop-schemas, librsvg }: stdenv.mkDerivation rec { pname = "flatpak"; - version = "1.2.4"; + version = "1.4.2"; # TODO: split out lib once we figure out what to do with triggerdir outputs = [ "out" "man" "doc" "installedTests" ]; src = fetchurl { url = "https://github.com/flatpak/flatpak/releases/download/${version}/${pname}-${version}.tar.xz"; - sha256 = "1qf3ys84fzv11z6f6li59rxjdjbyrv7cyi9539k73r9i9pckjr8v"; + sha256 = "08nmpp26mgv0vp3mlwk97rnp0j7i108h4hr9nllja19sjxnrlygj"; }; patches = [ @@ -43,7 +43,7 @@ stdenv.mkDerivation rec { buildInputs = [ bubblewrap bzip2 dbus gnome3.dconf glib gpgme json-glib libarchive libcap libseccomp - libsoup lzma ostree polkit python3 systemd xorg.libXau + libsoup lzma ostree polkit python3 systemd xorg.libXau fuse gsettings-desktop-schemas glib-networking librsvg # for flatpak-validate-icon ]; diff --git a/pkgs/development/libraries/flatpak/fix-paths.patch b/pkgs/development/libraries/flatpak/fix-paths.patch index 49fcaa2b3f9b..746b4382864b 100644 --- a/pkgs/development/libraries/flatpak/fix-paths.patch +++ b/pkgs/development/libraries/flatpak/fix-paths.patch @@ -1,6 +1,8 @@ +diff --git a/session-helper/flatpak-session-helper.c b/session-helper/flatpak-session-helper.c +index 5dd7629e..ddc71a4c 100644 --- a/session-helper/flatpak-session-helper.c +++ b/session-helper/flatpak-session-helper.c -@@ -624,7 +624,7 @@ +@@ -693,7 +693,7 @@ start_p11_kit_server (const char *flatpak_dir) g_auto(GStrv) stdout_lines = NULL; int i; char *p11_argv[] = { @@ -9,7 +11,7 @@ /* We explicitly request --sh here, because we then fail on earlier versions that doesn't support * this flag. This is good, because those earlier versions did not properly daemonize and caused * the spawn_sync to hang forever, waiting for the pipe to close. -@@ -770,7 +770,7 @@ +@@ -836,7 +836,7 @@ main (int argc, exit (1); } diff --git a/pkgs/development/libraries/flatpak/fix-test-paths.patch b/pkgs/development/libraries/flatpak/fix-test-paths.patch index f987899e3bcb..85b222152d0a 100644 --- a/pkgs/development/libraries/flatpak/fix-test-paths.patch +++ b/pkgs/development/libraries/flatpak/fix-test-paths.patch @@ -1,6 +1,8 @@ +diff --git a/tests/libtest.sh b/tests/libtest.sh +index 46bcefb3..0134425e 100644 --- a/tests/libtest.sh +++ b/tests/libtest.sh -@@ -328,7 +328,7 @@ +@@ -352,7 +352,7 @@ if [ -z "${FLATPAK_BWRAP:-}" ]; then # running installed-tests: assume we know what we're doing _flatpak_bwrap_works=true elif ! "$FLATPAK_BWRAP" --unshare-ipc --unshare-net --unshare-pid \ @@ -9,7 +11,7 @@ _flatpak_bwrap_works=false else _flatpak_bwrap_works=true -@@ -309,12 +309,12 @@ +@@ -426,12 +426,12 @@ dbus-daemon --fork --config-file=session.conf --print-address=3 --print-pid=4 \ export DBUS_SESSION_BUS_ADDRESS="$(cat dbus-session-bus-address)" DBUS_SESSION_BUS_PID="$(cat dbus-session-bus-pid)" @@ -24,9 +26,11 @@ gpg-connect-agent --homedir "${FL_GPG_HOMEDIR}" killagent /bye || true fusermount -u $XDG_RUNTIME_DIR/doc || : if test -n "${TEST_SKIP_CLEANUP:-}"; then +diff --git a/tests/make-test-app.sh b/tests/make-test-app.sh +index 0a0a28f1..16fd51fe 100755 --- a/tests/make-test-app.sh +++ b/tests/make-test-app.sh -@@ -114,13 +114,13 @@ msgid "Hello world" +@@ -129,13 +129,13 @@ msgid "Hello world" msgstr "Hallo Welt" EOF mkdir -p ${DIR}/files/de/share/de/LC_MESSAGES @@ -42,9 +46,11 @@ flatpak build-finish ${DIR} mkdir -p repos +diff --git a/tests/make-test-runtime.sh b/tests/make-test-runtime.sh +index 57899b75..9236996f 100755 --- a/tests/make-test-runtime.sh +++ b/tests/make-test-runtime.sh -@@ -26,6 +26,7 @@ +@@ -28,6 +28,7 @@ EOF PATH="$PATH:/usr/sbin:/sbin" # Add bash and dependencies @@ -52,7 +58,7 @@ mkdir -p ${DIR}/usr/bin mkdir -p ${DIR}/usr/lib ln -s ../lib ${DIR}/usr/lib64 -@@ -35,48 +36,27 @@ +@@ -37,48 +38,23 @@ if test -f /sbin/ldconfig.real; then else cp `which ldconfig` ${DIR}/usr/bin fi @@ -105,21 +111,20 @@ -# We copy the C.UTF8 locale and call it en_US. Its a bit of a lie, but -# the real en_US locale is often not available, because its in the -# local archive. +-mkdir -p ${DIR}/usr/lib/locale/ +-cp -r /usr/lib/locale/C.* ${DIR}/usr/lib/locale/en_US +mv ${DIR}/nix/store ${DIR}/usr/store # files outside /usr are not permitted, we will have to replace /nix/store with /usr/store +chmod -R u+w ${DIR} # nix store has read-only directories which would cause problems during clean-up, files need to be writable for sed +find ${DIR} -type f -print0 | xargs -0 sed -i 's~/nix/store/~/usr/store/~g' # replace hardcoded paths +find ${DIR} -type l | xargs -I '{}' sh -c 'tg="$(readlink "$1")"; newtg="${tg#/nix/store/}"; if [ "$tg" != "$newtg" ]; then ln -fs "/usr/store/$newtg" "$1"; fi' -- '{}' # replace symlink targets -+ -+# We copy the whole locale archive because we do not have C.UTF8 locale - mkdir -p ${DIR}/usr/lib/locale/ --cp -r /usr/lib/locale/C.* ${DIR}/usr/lib/locale/en_US -+cp @glibcLocales@/lib/locale/locale-archive ${DIR}/usr/lib/locale/locale-archive if [ x$COLLECTION_ID != x ]; then collection_args=--collection-id=${COLLECTION_ID} +diff --git a/tests/testlibrary.c b/tests/testlibrary.c +index f2773dc8..3af9026f 100644 --- a/tests/testlibrary.c +++ b/tests/testlibrary.c -@@ -584,7 +584,7 @@ +@@ -1053,7 +1053,7 @@ check_bwrap_support (void) { gint exit_code = 0; char *argv[] = { (char *) bwrap, "--unshare-ipc", "--unshare-net", @@ -128,6 +133,8 @@ g_autofree char *argv_str = g_strjoinv (" ", argv); g_test_message ("Spawning %s", argv_str); g_spawn_sync (NULL, argv, NULL, G_SPAWN_SEARCH_PATH, NULL, NULL, NULL, NULL, &exit_code, &error); +diff --git a/triggers/gtk-icon-cache.trigger b/triggers/gtk-icon-cache.trigger +index 711cfab2..10c220ec 100755 --- a/triggers/gtk-icon-cache.trigger +++ b/triggers/gtk-icon-cache.trigger @@ -1,7 +1,7 @@ diff --git a/pkgs/development/libraries/flatpak/respect-xml-catalog-files-var.patch b/pkgs/development/libraries/flatpak/respect-xml-catalog-files-var.patch index 0e259aebd8a5..4cee60be2d07 100644 --- a/pkgs/development/libraries/flatpak/respect-xml-catalog-files-var.patch +++ b/pkgs/development/libraries/flatpak/respect-xml-catalog-files-var.patch @@ -1,6 +1,8 @@ +diff --git a/acinclude.m4 b/acinclude.m4 +index 92ec3985..b3fccf1d 100644 --- a/acinclude.m4 +++ b/acinclude.m4 -@@ -40,8 +40,8 @@ +@@ -40,8 +40,8 @@ AC_DEFUN([JH_CHECK_XML_CATALOG], [ AC_REQUIRE([JH_PATH_XML_CATALOG],[JH_PATH_XML_CATALOG(,[:])])dnl AC_MSG_CHECKING([for ifelse([$2],,[$1],[$2]) in XML catalog]) diff --git a/pkgs/development/libraries/flatpak/unset-env-vars.patch b/pkgs/development/libraries/flatpak/unset-env-vars.patch index 798e388b23c2..63ce0d12fe07 100644 --- a/pkgs/development/libraries/flatpak/unset-env-vars.patch +++ b/pkgs/development/libraries/flatpak/unset-env-vars.patch @@ -1,6 +1,8 @@ +diff --git a/common/flatpak-run.c b/common/flatpak-run.c +index 8d52d3a5..81700183 100644 --- a/common/flatpak-run.c +++ b/common/flatpak-run.c -@@ -1192,6 +1192,7 @@ static const ExportData default_exports[] = { +@@ -1232,6 +1232,7 @@ static const ExportData default_exports[] = { {"PERLLIB", NULL}, {"PERL5LIB", NULL}, {"XCURSOR_PATH", NULL}, diff --git a/pkgs/development/libraries/flatpak/use-flatpak-from-path.patch b/pkgs/development/libraries/flatpak/use-flatpak-from-path.patch index 408198bda5cb..01363ffb7b34 100644 --- a/pkgs/development/libraries/flatpak/use-flatpak-from-path.patch +++ b/pkgs/development/libraries/flatpak/use-flatpak-from-path.patch @@ -1,6 +1,8 @@ +diff --git a/common/flatpak-dir.c b/common/flatpak-dir.c +index 8f9dc66c..d3ab6e5f 100644 --- a/common/flatpak-dir.c +++ b/common/flatpak-dir.c -@@ -5758,7 +5758,7 @@ export_desktop_file (const char *app, +@@ -6701,7 +6701,7 @@ export_desktop_file (const char *app, new_exec = g_string_new (""); g_string_append_printf (new_exec, @@ -9,7 +11,7 @@ escaped_branch, escaped_arch); -@@ -6935,8 +6935,8 @@ flatpak_dir_deploy (FlatpakDir *self, +@@ -7891,8 +7891,8 @@ flatpak_dir_deploy (FlatpakDir *self, error)) return FALSE; @@ -21,28 +23,28 @@ G_FILE_CREATE_REPLACE_DESTINATION, NULL, cancellable, error)) return FALSE; diff --git a/tests/test-bundle.sh b/tests/test-bundle.sh -index 6937b041..01f8add7 100755 +index dff17f33..a9857adc 100755 --- a/tests/test-bundle.sh +++ b/tests/test-bundle.sh @@ -59,7 +59,7 @@ assert_has_dir $FL_DIR/app/org.test.Hello/$ARCH/master/active/files assert_has_dir $FL_DIR/app/org.test.Hello/$ARCH/master/active/export assert_has_file $FL_DIR/exports/share/applications/org.test.Hello.desktop # Ensure Exec key is rewritten --assert_file_has_content $FL_DIR/exports/share/applications/org.test.Hello.desktop "^Exec=.*/flatpak run --branch=master --arch=$ARCH --command=hello.sh org.test.Hello$" -+assert_file_has_content $FL_DIR/exports/share/applications/org.test.Hello.desktop "^Exec=flatpak run --branch=master --arch=$ARCH --command=hello.sh org.test.Hello$" +-assert_file_has_content $FL_DIR/exports/share/applications/org.test.Hello.desktop "^Exec=.*/flatpak run --branch=master --arch=$ARCH --command=hello\.sh org\.test\.Hello$" ++assert_file_has_content $FL_DIR/exports/share/applications/org.test.Hello.desktop "^Exec=flatpak run --branch=master --arch=$ARCH --command=hello\.sh org\.test\.Hello$" assert_has_file $FL_DIR/exports/share/icons/hicolor/64x64/apps/org.test.Hello.png assert_has_file $FL_DIR/exports/share/icons/HighContrast/64x64/apps/org.test.Hello.png diff --git a/tests/test-run.sh b/tests/test-run.sh -index 9d83d82e..234e4ec6 100755 +index 233df9ad..76e0b23b 100644 --- a/tests/test-run.sh +++ b/tests/test-run.sh -@@ -42,7 +42,7 @@ assert_has_dir $FL_DIR/app/org.test.Hello/$ARCH/master/active/files - assert_has_dir $FL_DIR/app/org.test.Hello/$ARCH/master/active/export +@@ -45,7 +45,7 @@ assert_has_dir $FL_DIR/app/org.test.Hello/$ARCH/stable/active/files + assert_has_dir $FL_DIR/app/org.test.Hello/$ARCH/stable/active/export assert_has_file $FL_DIR/exports/share/applications/org.test.Hello.desktop # Ensure Exec key is rewritten --assert_file_has_content $FL_DIR/exports/share/applications/org.test.Hello.desktop "^Exec=.*/flatpak run --branch=master --arch=$ARCH --command=hello.sh org.test.Hello$" -+assert_file_has_content $FL_DIR/exports/share/applications/org.test.Hello.desktop "^Exec=flatpak run --branch=master --arch=$ARCH --command=hello.sh org.test.Hello$" +-assert_file_has_content $FL_DIR/exports/share/applications/org.test.Hello.desktop "^Exec=.*/flatpak run --branch=stable --arch=$ARCH --command=hello\.sh org\.test\.Hello$" ++assert_file_has_content $FL_DIR/exports/share/applications/org.test.Hello.desktop "^Exec=flatpak run --branch=stable --arch=$ARCH --command=hello\.sh org\.test\.Hello$" assert_has_file $FL_DIR/exports/share/icons/hicolor/64x64/apps/org.test.Hello.png assert_not_has_file $FL_DIR/exports/share/icons/hicolor/64x64/apps/dont-export.png assert_has_file $FL_DIR/exports/share/icons/HighContrast/64x64/apps/org.test.Hello.png diff --git a/pkgs/development/libraries/flatpak/validate-icon-pixbuf.patch b/pkgs/development/libraries/flatpak/validate-icon-pixbuf.patch index 5b8cc2d0383f..086114e11c30 100644 --- a/pkgs/development/libraries/flatpak/validate-icon-pixbuf.patch +++ b/pkgs/development/libraries/flatpak/validate-icon-pixbuf.patch @@ -1,8 +1,8 @@ diff --git a/icon-validator/validate-icon.c b/icon-validator/validate-icon.c -index 6e23d9f2..f0659a78 100644 +index 9e885070..44fea035 100644 --- a/icon-validator/validate-icon.c +++ b/icon-validator/validate-icon.c -@@ -193,6 +193,8 @@ rerun_in_sandbox (const char *arg_width, +@@ -200,6 +200,8 @@ rerun_in_sandbox (const char *arg_width, add_args (args, "--setenv", "G_MESSAGES_DEBUG", g_getenv ("G_MESSAGES_DEBUG"), NULL); if (g_getenv ("G_MESSAGES_PREFIXED")) add_args (args, "--setenv", "G_MESSAGES_PREFIXED", g_getenv ("G_MESSAGES_PREFIXED"), NULL);