The URL schema of the target site has changed and now returns a 404 for the old URL. This URL accommodates the new URL scheme and points to the original content.
Signed-off-by: Aaron Brooks <aaron@brooks1.net>
I find it easier to write this as I go along, instead of writing it all
as part of doing each release.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Before Meson 1.3.0, this would not do what we meant (instead defining
prefix to a wrong value composed from the remaining arguments).
The only reason we needed to redefine prefix in the first place is that
bash-completion older than 2.10 did not allow users of its
pkg-config file to override the datadir used to compute its
completionsdir, but that was addressed in version 2.10 (2019).
Users of older bash-completion should set bubblewrap's
bash_completion_dir build option, if the automatically-discovered
default is not appropriate.
Related to https://github.com/containers/bubblewrap/issues/609
Signed-off-by: Simon McVittie <smcv@collabora.com>
As documented in cmsg(3), the alignment of control messages is not
guaranteed, so for portability to architectures with strong alignment
requirements we should memcpy to and from a suitably aligned instance
of the desired data structure on the stack.
Helps: https://github.com/containers/bubblewrap/issues/637
Signed-off-by: Simon McVittie <smcv@collabora.com>
bubblewrap is used in some surprisingly old environments, including
version 1 of the Steam Runtime, which has gcc 4.6 or 4.8 as its
default compiler (depending on exactly how you define "default").
These very old versions don't support the builtin used here.
Signed-off-by: Simon McVittie <smcv@collabora.com>
We don't need to reinvent these, especially in a confusing form
(bool type like stdbool.h, but TRUE and FALSE constants like GLib).
stdbool.h was available in the gcc 4.6 that is the default compiler in
Ubuntu 12.04, more than a decade ago, so it seems sufficiently
ubiquitous.
Signed-off-by: Simon McVittie <smcv@collabora.com>
If a blocking operation is interrupted by a signal, including SIGCHLD,
various things can fail with EINTR. This is not a "real" error and can
result in spurious failures.
Resolves: https://github.com/containers/bubblewrap/issues/657
Signed-off-by: Simon McVittie <smcv@collabora.com>
It isn't entirely clear to me what the incompatibilities are, but
hopefully in simple cases like ours it's functionally equivalent.
Signed-off-by: Simon McVittie <smcv@collabora.com>
This prepends a severity level such as <3> to each line of diagnostic
output, with numeric severity levels taken from matching syslog(3)
(such as LOG_ERR = 3), so that the diagnostic output can be parsed by
tools like `logger --prio-prefix` and `systemd-cat --level-prefix=1`
that support that encoding.
The facility (LOG_USER, etc.) is not included, since it makes little
sense to vary on a per-message basis. logger(1) supports prefixes
with or without a facility, and systemd-cat(1) only supports prefixes
without a facility, so this is compatible with both.
A future version of Steam's pressure-vessel is likely to use this to
make warnings and fatal errors from bubblewrap more visible.
Signed-off-by: Simon McVittie <smcv@collabora.com>
This takes a syslog-style severity level, allowing a larger program
that runs bwrap and reads a pipe from its stderr to filter or highlight
messages based on the severity.
Take the opportunity to make the __debug__ macro (which normally expands
to nothing, but can be enabled by changing a `#if 0` to `#if 1`) less
weird and easier to use, by taking it out of the reserved-for-the-compiler
namespace, adding a newline automatically, and not requiring nested
parentheses.
Signed-off-by: Simon McVittie <smcv@collabora.com>
This is useful for example if you for some reason don't have the real
path. It is also a way to make bind-mounts race-free (i.e. to have the
mount actually be the thing you wanted to be mounted, avoiding issues
where some other process replaces the target in parallel with the bwrap
launch.
Unfortunately due to some technical details we can't actually directly
mount the dirfd, as they come from different user namespace which is not
permitted, but at least we can delay resolving the fd to a path as much as
possible, and then validate after mount that we actually mounted the right
thing.
Signed-off-by: Alexander Larsson <alexl@redhat.com>
For some reason the second flags is "2<<0", but really flags should
be 1<<N, and in this case 1<<1. Both happen to be the same value, so its
not like this matter deeply, but lets fix it if we do later changes.
Signed-off-by: Alexander Larsson <alexl@redhat.com>
The size to be allocated is tracked as ssize_t, so if it's larger than
this, doubling it would cause a signed overflow.
Limiting the data we will read into memory to SSIZE_MAX/2 still lets it
occupy 25% of addressable memory (1 GiB on 32-bit or some very large
amount on 64-bit), which should be adequate. In practice we expect this
function to read a few KiB at most.
In practice we're likely to run out of memory before reaching this
point; changing this to SSIZE_MAX / 8, compiling as 32-bit and running
`${builddir}/bwrap --args 0 < /dev/zero` is a convenient way to test
this code path.
Fixes: 422c078e "Check for allocation size overflows"
Signed-off-by: Simon McVittie <smcv@collabora.com>
