Move buildMountHome after buildPrivateDir, because it depends on private
directory that are initialized within buildPrivateDir.
Correct private config, cache, state directory mounting.
Signed-off-by: reddevillg <reddevillg@gmail.com>
Previously, app-specific patches were identified by matching the patch
filename (without the extension) against the application ID. This
approach was flawed as it caused patch conflicts between different
applications. For example, a patch named `com.app.A.json`, intended
only for `com.app.A`, would be incorrectly applied as a global patch
to `com.app.B`.
This commit introduces a directory-based mechanism to correctly isolate
application-specific patches. All patches for a specific app must now
reside within a subdirectory named after the app ID.
Signed-off-by: reddevillg <reddevillg@gmail.com>
Mounting may fail if the file types differed between the build layer and
host (e.g., regular file vs. symbolic link).
Implemented solution through two approaches
1. Build phase: Proactively remove /etc/localtime and /etc/resolv.conf
from base layer during overlayfs preparation to prevent conflicts
with host.
2. Container configuration: Introduced dedicated buildMountLocalTime
and buildNetworkConf methods to handle timezone and resolv.conf
mounts, with enableSelfAdjustingMount properly managing these cases.
Signed-off-by: reddevillg <reddevillg@gmail.com>
- Add content-based validation for ld.so.conf to detect layer path
changes
- Include configuration sources hash in ld.so.conf for validation
- In PackageManager GenerateCache always generate cache,
tryGenerateCache will skip it if cache directory exists
- use memcpy in sha256 to avoid unaligned visit
This ensures that ld.so.cache is properly regenerated when the
underlying layer configuration changes, preventing stale cache issues.
Signed-off-by: reddevillg <reddevillg@gmail.com>
1. Ensure container HOME env matches the host environment exactly, we
rely on it before support portal well.
2. remove /run/udev bind, udev database path and file across different
versions are not guaranteed to be compatible.
3. add all_proxy env to defulat forward list.
Signed-off-by: reddevillg <reddevillg@gmail.com>
1. provide application level patches
2. application level patches will apply after global patches
move configure.h.in to src root, becasue lib utils depends on QT,
we don't want to introduce QT in certain scenarios.
Signed-off-by: reddevillg <reddevillg@gmail.com>
1. apply extension environment
2. apply app and extension permission binds
3. run ldconfig with -X option in cache generate phase
4. introduce dummy extension which is enabled by default
Signed-off-by: reddevillg <reddevillg@gmail.com>
Introduce RunContext to unify runtime layer resolution, requiring
changes across the builder, CLI, and PM.
Signed-off-by: reddevillg <reddevillg@gmail.com>
when host use systemd-resolved to manage dns and systemd-resolved
working on stub mode, the file /etc/resolv.conf is a symlink to
/run/systemd/resolve/stub-resolv.conf.
refactoring the process for normalization.
Signed-off-by: ComixHe <heyuming@deepin.org>
reddevillg
dengbo
ComixHe
ComixHe
myml
ice909
kamiyadm