Having all booster sockets reside at the same level in /run/user
directory structure makes it difficult to limit what boosters
sandboxed applications have access to.
Move socket files to booster specific sub-directories. And as an enabler
for sandboxed boosters, add another sub-directory level that can be used
for identifying application specific boosters.
As an example, silica-qt booster socket file path changes from
/run/user/UID/mapplauncherd/silica-qt5
to
/run/user/UID/mapplauncherd/_default/silica-qt5/socket
and sandboxed silica-qt5 booster for application APP would use
/run/user/UID/mapplauncherd/_APP/silica-qt5/socket
Signed-off-by: Simo Piiroinen <simo.piiroinen@jolla.com>
Comparing signed vs unsigned integers.
Unused static data.
Questionable variable declarations.
Const correctness issues.
Unchecked socket and pipe i/o.
Unchecked chdir() call.
String sender that silently skips null strings while protocol does
not make it possible for receiver to detect such omissions.
Signed-off-by: Simo Piiroinen <simo.piiroinen@jolla.com>
Without including libgen.h, basename is not available on Musl.
sourceArgv[0] is a const char* which can not be converted to char*, so
cast it instead
RTLD_DEEPBIND is not available on Musl, only on glibc (since 2.3.4)
ARG_MAX is already defined so it has to be renamed
Even according to glibc itself, <bits/socket.h> should never be included
directly and <sys/socket.h> should, which is already done anyway
Separate cgroups of sandboxed apps. Previously they were all put to the
same group with this change they are in separate groups.
Looking at invoker.c appName and fileName are the same and can be used
interchangeably.
Also change --desktop-file to have a bit more accurate description.
Signed-off-by: Tomi Leppänen <tomi.leppanen@jolla.com>
This patch adds a new -F/--desktop-file command line option to
invoker which takes a desktop file name as argument. Using it will
notify lipstick that the app which goes with that desktop file is
being started.
As a GNU extension, passing '+' to getopt_long can be used as an
alternative to the POSIXLY_CORRECT environment variable to get the
argument behavior that invoker relies on. Variables set in the invoker
environment will pass onto child processes, and adding this to the
environment would break some applications.
The old name was vague and didn't indicate the change in behavior at
all. Its documentation also described the behavior incorrectly. If the
-o or --keep-oom-score parameter is passed, the OOM score of the boosted
process will be unchanged. Normally, it will be reset to 0 on launch.
The --daemon-mode parameter is kept as an alias for compatibility.
This allows the application to look up its installation prefix (e.g.
/usr) by just looking at argv[0] and calculating relative paths from
there (previously one would need to pass the full path to invoker).
This feature only encourages poor application interactivity: anything which is
sufficiently slow to require a splash screen should be made faster instead.
In addition to that, the feature is poorly implemented (X11-specific), and thus
useless. Rip it out, and remove the last dependency on X11 from applauncherd.
Single-character booster types could potentially conflict when
using out-of-tree boosters, and quickly become confusing.
Old types are mapped for compatibility.
This is a compatibility-breaking change with boosters. The socketId
field is now expected to be a socket name, not a path. Sockets are
placed under ${XDG_RUNTIME_DIR}/mapplauncherd/, defaulting to /tmp/.
Invoker currently expects sockets in that path and named 'booster-X'
where X is the single character booster type. That is expected to
change when types are refactored to use full strings.
Having a single applauncherd process with boosters as plugins is a
flawed idea: most notably, it's not possible to have two boosters with
conflicting libraries, like Qt4 and Qt5.
A much cleaner solution is to turn libapplauncherd into a support
library for boosters, and have each booster run as an independent
process.
After receiving a signal, a pipe is written, which is polled by select.
As of ac1ed61, that pipe is never read, causing the select() to
repeatedly trigger and use 100% CPU after receiving any signal that
doesn't cause the process to terminate.
Partial revert of ac1ed61, plus a one-line fix for the select() fd set
RevBy: Antti Kervinen
Details:
--boot-mode starts applauncherd in the boot mode:
* Boosters won't initialize cache
* Booster respawn delay is zero
Sending SIGUSR1 forces the launcher to enter the normal mode again.
Simo Piiroinen
pvuorela
Bart Ribbers
Tomi Leppänen
Martin Jones
Giulio Camuffo
John Brooks
Robin Burchell
Robin Burchell
Thomas Perl
John Brooks
Dmitry Rozenshtein
Juha Lintula
Nimika Keshri
Alexey Shilov
Jussi Lind
Antti Kervinen
Pertti Kellomäki