When booster is executing in sandbox as an applicatiom booster, it
needs to verify that command line received from invoker matches
Exec line in application desktop file, application launch is allowed,
and permissions granted are as was expected at the time of booster
launch.
Provide booster-generic@.service that can be used for instantiating
sandboxed application boosters.
D-Bus ipc with sailjaild is modified version of similar code in
sailjailclient. The biggest difference is that this version uses
private connection via libdbus to avoid leaving stray dbus connections
or threads behind when transferring control to application code
without use of exec*() functions.
Remove cap_sys_ptrace from booster executable as makes it impossible
to run the booster within a no-new-privs sandbox.
Fix socket passing from booster instance to booster daemon so that it
works also when invoker is running in different namespace than booster
instance (invoker pid might be unresolvable).
Replace ad-hoc booster argument parsing with getopt_long().
Fix issues with argv handling: using const pointers for non-const
data, passing data by reference between objects that might have
different lifespans and never releasing the dynamically allocated
arrays.
Fix issues with env passing: duplicating invoker env at booster
side as-is can lead to problems like loss of customg session
bus socket address that has been set up by firejail.
If booster bumps into command read problems, bailout immediately
instead of relying on out-of sequence data possibly triggering
exit due to unknown commands.
As an enabler for sharing code between invoker (written in c) and
daemon (written in c++), modify Logger class used by c++ code so
that it is just a wrapper for logging functionality used by invoker.
Signed-off-by: Simo Piiroinen <simo.piiroinen@jolla.com>
This allows packagers to set the proper directories to install stuff
too using CMAKE_INSTALL_PREFIX, CMAKE_INSTALL_LIBDIR, etc.
Also make installing systemd unit files optional, for systemd without
systemd, but enable them by default
This is mainly useful for non-glibc systems. Yes, systemd doesn't even run
on non-glibc systems, but elogind does and this way it links to both systemd
and elogind.
However due to switching the way we link to systemd, we now also make
sure systemd is actually installed on the system before we even try to
compile, thus preventing compiler errors when systemd isn't present.
This feature only encourages poor application interactivity: anything which is
sufficiently slow to require a splash screen should be made faster instead.
In addition to that, the feature is poorly implemented (X11-specific), and thus
useless. Rip it out, and remove the last dependency on X11 from applauncherd.
Having a single applauncherd process with boosters as plugins is a
flawed idea: most notably, it's not possible to have two boosters with
conflicting libraries, like Qt4 and Qt5.
A much cleaner solution is to turn libapplauncherd into a support
library for boosters, and have each booster run as an independent
process.
EventHandler is only used by qdeclarativebooster and its derivatives
at the moment. It can't be included in libapplauncherd, because of the
Qt dependency, but it needs to be available for out-of-tree plugins.
Putting it into libmdeclarativecache seems like the most reasonable
option at present.
Sets pid, wmclass, portrait splash image, landscape splash
image, and pixmap id in the _MEEGO_SPLASH_SCREEN X11 property
of the compositor window. Pid is the booster/application
pid, wmclass is derived from the application binary name,
splash images are the parameters given for --splash and
--splash-landscape. The pixmap id is set to the empty stirng.
RevBy: Antti Kervinen
Bart Ribbers
Simo Piiroinen
Tomi Leppänen
Niels Breet
Sergey Chupligin
Robin Burchell
John Brooks
Pekka Lundstrom
Pertti Kellomäki
Antti Kervinen
Alexey Shilov
Juha Lintula
Jussi Lind