Add patch for GNOME Software to facilitate sandboxing

This commit is contained in:
Bruce Leidl 2024-09-27 07:39:48 -04:00
parent 4c6f4f4a3d
commit 9599d3da9d
2 changed files with 74 additions and 0 deletions

View File

@ -0,0 +1,73 @@
From cfb9327280c3e173b4cfb0ec3ec3d62e729f1e21 Mon Sep 17 00:00:00 2001
From: Bruce Leidl <bruce@subgraph.com>
Date: Fri, 27 Sep 2024 07:34:13 -0400
Subject: [PATCH] Remove System Bus and close application on quit
To facilitage sandboxing remove dependency on system bus. The
system bus is not needed for any plugin that we are using. Also
close the application rather than just hiding the window when
the user exits the application. Otherwise the sandbox will run
forever.
---
lib/gs-plugin-loader.c | 5 +----
lib/gs-plugin.c | 1 -
src/gs-shell.c | 4 +++-
3 files changed, 4 insertions(+), 6 deletions(-)
diff --git a/lib/gs-plugin-loader.c b/lib/gs-plugin-loader.c
index 6661b73..ac57bdc 100644
--- a/lib/gs-plugin-loader.c
+++ b/lib/gs-plugin-loader.c
@@ -1964,8 +1964,6 @@ gs_plugin_loader_setup_async (GsPluginLoader *plugin_loader,
* time. */
if (plugin_loader->session_bus_connection == NULL)
g_bus_get (G_BUS_TYPE_SESSION, cancellable, get_session_bus_cb, g_object_ref (task));
- if (plugin_loader->system_bus_connection == NULL)
- g_bus_get (G_BUS_TYPE_SYSTEM, cancellable, get_system_bus_cb, g_object_ref (task));
finish_setup_get_bus (task);
}
@@ -2032,8 +2030,7 @@ finish_setup_get_bus (GTask *task)
g_autoptr(GError) local_error = NULL;
/* Wait until weve got all the buses we need. */
- if (plugin_loader->session_bus_connection == NULL ||
- plugin_loader->system_bus_connection == NULL)
+ if (plugin_loader->session_bus_connection == NULL)
return;
/* use the default, but this requires a 'make install' */
diff --git a/lib/gs-plugin.c b/lib/gs-plugin.c
index 97bc47e..514d97a 100644
--- a/lib/gs-plugin.c
+++ b/lib/gs-plugin.c
@@ -1606,7 +1606,6 @@ gs_plugin_constructed (GObject *object)
/* Check all required properties have been set. */
g_assert (priv->session_bus_connection != NULL);
- g_assert (priv->system_bus_connection != NULL);
}
static void
diff --git a/src/gs-shell.c b/src/gs-shell.c
index 5c069e2..13bdcc6 100644
--- a/src/gs-shell.c
+++ b/src/gs-shell.c
@@ -1081,6 +1081,8 @@ main_window_closed_cb (GtkWidget *dialog, gpointer user_data)
/* Free unused memory with GNU extension of malloc.h */
malloc_trim (0);
#endif
+ GApplication *app = g_application_get_default ();
+ g_action_group_activate_action(G_ACTION_GROUP(app), "quit", NULL);
return TRUE;
}
@@ -2505,7 +2507,7 @@ gs_shell_class_init (GsShellClass *klass)
gtk_widget_class_bind_template_callback (widget_class, gs_shell_details_page_metainfo_loaded_cb);
gtk_widget_class_bind_template_callback (widget_class, details_page_app_clicked_cb);
- gtk_widget_class_add_binding_action (widget_class, GDK_KEY_q, GDK_CONTROL_MASK, "window.close", NULL);
+ gtk_widget_class_add_binding_action (widget_class, GDK_KEY_q, GDK_CONTROL_MASK, "app.quit", NULL);
}
static void

View File

@ -28,6 +28,7 @@ RDEPENDS:${PN} = "iso-codes"
EXTRA_OEMESON += "-Dtests=false -Dsoup2=false"
SRC_URI += " file://0001-Remove-System-Bus-and-close-application-on-quit.patch"
SRC_URI[archive.sha256sum] = "b6eeb789100de94b50ebe2e77f16b26be4c2db15489905f198d060c425e19076"
PACKAGECONFIG ?= "flatpak"