1
0
mirror of https://github.com/qTox/qTox.git synced 2024-03-22 14:00:36 +08:00
Commit Graph

6988 Commits

Author SHA1 Message Date
Vincas Dargis
c8eb34f028 fix(apparmor): Fix spam of DENIED messages on openSUSE
AppArmor produced spams lot's of log messages like these:
```
type=AVC msg=audit(1548784382.499:2192): apparmor="DENIED"
operation="file_mmap" profile="qtox" name="/tmp/#13317" pid=6389 comm="qtox"
requested_mask="m" denied_mask="m" fsuid=1000 ouid=1000
```

These appears to be libpcre2 mmaped shared memory, related to jitting.

Deny mmap()'ing files for execution from /tmp directory because currently there
is no way to allow shared memory access explicitly with AppArmor, so we choose
more secure way (while probably loosing regex performance).
2019-03-25 20:14:01 +02:00
Vincas Dargis
1d120b15c2 fix(apparmor): Fix DBUS denies on Kubuntu 18.04
AppArmor denies access to systray on Kubuntu 18.04.

Add DBUS rules to make systray icon work.
2019-03-25 20:14:01 +02:00
Vincas Dargis
79f800b39a fix(apparmor): Backport dri-enumerate abstraction
AppArmor 2.12 (Ubuntu 18.04) does not have dri-enumerate abstraction,
so policy compilation fails.

Backport dri-enumerate abstraction as inline rules.
2019-03-25 20:14:01 +02:00
Vincas Dargis
e13b8a973e fix(apparmor): Fix .local/share/qTox/ access
Capturing desktop screenshot produces this DENIED messages:
```
type=AVC msg=audit(1548516170.837:3146): apparmor="DENIED"
operation="mkdir" profile="qtox" name="/home/vincas/.local/share/qTox/"
pid=12605 comm="qtox" requested_mask="c" denied_mask="c" fsuid=1000
ouid= 1000
```

Add rule to allow writing to .local/share/qTox/
2019-03-25 20:14:01 +02:00
Vincas Dargis
514cd36826 fix(apparmor): Fix access to openssl configuration
AppArmor denies access to openssl configuration files:
```
type=AVC msg=audit(1548516028.121:3031): apparmor="DENIED"
operation="open" profile="qtox" name="/etc/ssl/openssl.cnf" pid=12416
comm="qtox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
```

Fix deny by including openssl abstraction.
2019-03-25 20:14:01 +02:00
Vincas Dargis
a6c01eb007 fix(apparmor): Fix dbus access
Add rules to allow DBus access (send & receive) to various DBus
interfaces. Detected on Ubuntu 18.04.
2019-03-25 20:14:01 +02:00
Vincas Dargis
577aeb8fa3 fix(apparmor): Fix hunspell access
AppArmor denies access to hunspell files:
```
type=AVC msg=audit(1548511779.241:1773): apparmor="DENIED"
operation="open" profile="qtox" name="/usr/share/hunspell/lt_LT.aff"
pid=9833 comm="qtox" requested_mask="r" denied_mask="r" fsuid=1000
ouid=0

type=AVC msg=audit(1548511779.241:1774): apparmor="DENIED"
operation="open" profile="qtox" name="/usr/share/hunspell/lt_LT.dic"
pid=9833 comm="qtox" requested_mask="r" denied_mask="r" fsuid=1000
ouid=0
```

Add rule to allow reading hunspell dictionaries.
2019-03-25 20:14:01 +02:00
Vincas Dargis
a67faf2976 fix(apparmor): Fix accessibility DBus access
AppArmor denies access to a11y:
```
Jan 26 15:23:31 vincas-ubuntu1804 dbus-daemon: apparmor="DENIED"
operation="dbus_method_call"  bus="accessibility"
path="/org/freedesktop/DBus" interface="org.freedesktop.DBus"
member="Hello" mask="send" name="org.freedesktop.DBus" pid=8011
label="qtox" peer_label="unconfined"

Jan 26 15:23:31 vincas-ubuntu1804 dbus-daemon[1474]: apparmor="DENIED"
operation="dbus_method_call"  bus="session" path="/org/a11y/bus"
interface="org.freedesktop.DBus.Properties" member="Get" mask="send"
name="org.a11y.Bus" pid=8011 label="qtox" peer_pid=1620
peer_label="unconfined"
```

Include dbus-accessibility abstraction and one addition dbus rule to fix
denies.
2019-03-25 20:14:01 +02:00
Vincas Dargis
aef4705636 fix(apparmor): Fix qTox cache access
AppAmor denies access to qTox cache directory:
```
type=AVC msg=audit(1548508759.153:640): apparmor="DENIED"
operation="mkdir" profile="qtox" name="/home/vincas/.cache/qTox/"
pid=7802 comm="qtox" requested_mask="c" denied_mask="c" fsuid=1000
ouid=1000
```

Add rule to allow access to qTox cache directory.
2019-03-25 20:14:01 +02:00
Vincas Dargis
9fc8933883 fix(apparmor): Add ibus abstraction
IBus-related rules are needed detected on Gnome-based desktop (Ubuntu
18.40):
```
type=AVC msg=audit(1548508639.169:546): apparmor="DENIED"
operation="open" profile="qtox"
name="/home/vincas/.config/ibus/bus/c3d8689228fc49d8867d4e63e4408e23-unix-0"
pid=7653 comm="qtox" requested_mask="r" denied_mask="r" fsuid=1000
ouid=1000
```

Include ibus abstraction to fix IBus functionality.
2019-03-25 20:14:01 +02:00
Vincas Dargis
6aa4435d17 fix(apparmor): Backport qt5 abstraction for v2.12.1 profile
AppArmor 2.12.1 does not have qt5 abstraction, with Qt5-related rules.

Backport qt5 abstraction from AppArmor upstream as inline rules.
2019-03-25 20:14:01 +02:00
Vincas Dargis
5fad77b9f8 fix(apparmor): Fix loading libraries from custom install prefix
If qtox is installed in /usr/local prefix (for example), launching qTox
fails because loading libraries from @{qtox_prefix} directory was not
allowed.

Add rule to allow loading libraries from @{qtox_prefix}/lib directory.
2019-03-25 20:14:01 +02:00
Vincas Dargis
f8f7a2d145 fix(apparmor): Fix AppArmor profile for version 2.12.1
* Remove `include if exists` usage.
* Remove @{uid} usage.
* Backport missing AppArmor abstractions as inline rules.
2019-03-25 20:14:00 +02:00
Vincas Dargis
d6ef3d2eae feat(apparmor): Add AppArmor v2.12.1 profile
Copy 2.13.2 profile into 2.12.1 place to be the starting point for
modifying (backporting) AppArmor profile for version 2.12.1 (on Ubuntu
18.04, Debian Stretch, etc).

At this point 2.12.1 profile does not work, as AppArmor v2.12.1 does not
have needed abstractions and policy language features (such as `include
if exists`). Followup commits will fix these issues.
2019-03-25 20:14:00 +02:00
Vincas Dargis
89514eee6d feat(apparmor): Add AppArmor profile
Introduce AppArmor profile, designed to work with AppArmor version
2.13.2 (Debian Buster).
2019-03-25 20:14:00 +02:00
Anthony Bilinski
477950737f
fix(UI): update peer label's style after setting audio playing property 2019-03-24 17:41:28 -07:00
Anthony Bilinski
7f802f593e
fix(ui): update UI when leaving group call due to being last member 2019-03-24 17:39:55 -07:00
sudden6
7bbbb7377a
fix(CircleCI): make cache depend on script files
CircleCI caches are immutable once they are written, make them depend on
the script files they are generated from.
2019-03-25 00:39:59 +01:00
sudden6
acb99f8327
chore(travis): increase cache timeout for MacOS builds
The timeout is triggered since storing the brew cache takes more time.
2019-03-25 00:39:55 +01:00
Anthony Bilinski
ca02dcefaa
Merge pull request #5584
TriKriSta (2):
      style: edit colors for transfer widget
      refactor: delete unused files
2019-03-24 15:14:51 -07:00
sudden6
cd50376c2f
fix(notification): implement review comments 2019-03-24 11:58:10 +01:00
sudden6
9f8d0915f2
chore(build): fix snorenotify path in appimage 2019-03-24 11:58:10 +01:00
sudden6
4cb00957f3
feat(notify): integrate desktop notifications into settings 2019-03-24 11:58:10 +01:00
sudden6
7189b46d3d
chore(deploy): add snorenotify to Flatpak manifest 2019-03-24 11:58:09 +01:00
sudden6
5880ab8a42
chore(deploy): add snorenotify to AppImage deployment 2019-03-24 11:58:09 +01:00
sudden6
66e2c01029
feat(notify): add desktop notifications using snorenotify
This commit adds very basic support for desktop notifications on friend
request, group invites, friend messages and group messages.
2019-03-24 11:58:09 +01:00
TriKriSta
7c251b0cdc refactor: delete unused files 2019-03-23 15:09:38 +02:00
TriKriSta
5ed1065230 style: edit colors for transfer widget 2019-03-23 14:58:44 +02:00
Anthony Bilinski
18b52ce568
fix: register RowId meta type for use in fileInserted signal 2019-03-21 14:00:59 -07:00
sudden6
c0f493b6b8
chore: do Travis Windows builds only on master 2019-03-18 18:20:55 +01:00
sudden6
1629e3a33e
chore: build 32bit windows builds on CircleCI 2019-03-18 16:40:21 +01:00
sudden6
fc2baea969
chore: more caching on MacOS Travis 2019-03-18 06:56:11 +01:00
sudden6
b7b9b58d42
refactor: make ToxCall non-moveable
We don't need move functionality and the code for it is complex and
error prone.
2019-03-17 19:32:34 +01:00
sudden6
a66490f127
Merge pull request #5569
Patrick (3):
      test(core): Add test cases for core, initial
      test(core): Added test for startup with invalid proxy
      test(core): Implement recommended changes
2019-03-17 19:05:05 +01:00
Patrick
9d2a8a3af6 test(core): Implement recommended changes 2019-03-17 13:52:42 +01:00
Patrick
e3a02b6ccb test(core): Added test for startup with invalid proxy 2019-03-17 13:52:42 +01:00
Patrick
cf32ccfa0e test(core): Add test cases for core, initial 2019-03-17 13:52:42 +01:00
sudden6
a91c70b0c0
chore(build): cache apt packages between runs
For now only in the windows docker. This saves a lot of bandwidth when
doing test builds locally.
2019-03-17 11:59:15 +01:00
sudden6
900e48ef48
chore(ci): add debug builds to CircleCI 2019-03-17 11:59:15 +01:00
sudden6
a3f7732db2
chore: temporarily disable spell checking for MacOS 2019-03-17 11:59:07 +01:00
Anthony Bilinski
e489168775
fix(groups): add peers if already playing audio when netcam created 2019-03-08 09:08:29 -08:00
Anthony Bilinski
7c13b8b7db
fix(groups): don't add peers to netcam view until they play audio
Fix #5536
2019-03-08 09:08:29 -08:00
sudden6
86415cb71c
Merge pull request #5564
TriKriSta (1):
      refactor: edit styles
2019-03-07 11:20:09 +01:00
sudden6
80f5cb5f7a
fix(audio): input device not closed under certain circumstances
fixes #3625

Input device was not closed after the following steps:
- Select "Disabled" for audio source
- Switch away from A/V settings
- Switch back to A/V settings
- Switch to some audio input device
- Switch away from A/V settings
-> audio input device still open, but unused
2019-03-04 23:20:36 +01:00
TriKriSta
f64bb48a92 refactor: edit styles
edit typing color and image,
move colors for background selected text and background searched text
in palette files
2019-03-02 01:58:58 +02:00
sudden6
acef759a58
feat: remove old boostrap nodes code
This commit replaces the bootstrap node list in the qtox.ini file with
the boostrapnodeupdater class.
2019-03-01 10:39:24 +01:00
sudden6
1f2bdf3a1b
feat: load bootstrap nodes directly from JSON
This allows us to easily update the list of bootstrap nodes.
2019-03-01 10:39:24 +01:00
sudden6
8fbffa9fe7
refactor: link ressources into qtox_static library target
This allows tests to use the ressources too.
2019-03-01 10:39:20 +01:00
sudden6
d6d433c617
Merge pull request #5558
TriKriSta (8):
      style: add dark style
      refactor: move palette colors in ini files
      feat: edit reload themes
      refactor: rename palette colors
      style: edit styles
      feat: add color for links in palette
      refactor: edit variables for themes
      fix: initialization theme
2019-02-26 18:20:28 +01:00
sudden6
5b0c3a8d42
chore: fix caching in CircleCi 2019-02-25 20:08:54 +01:00