From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from atuin.qyliss.net (localhost [IPv6:::1])
	by atuin.qyliss.net (Postfix) with ESMTP id 4AF4212188;
	Mon, 08 Dec 2025 21:11:56 +0000 (UTC)
Received: by atuin.qyliss.net (Postfix, from userid 993)
	id 34179120F6; Mon, 08 Dec 2025 21:11:53 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on atuin.qyliss.net
X-Spam-Level: 
X-Spam-Status: No, score=-0.8 required=3.0 tests=DKIM_SIGNED,DKIM_VALID,
	DKIM_VALID_AU,DMARC_MISSING,RCVD_IN_DNSWL_LOW,SPF_HELO_PASS
	autolearn=unavailable autolearn_force=no version=4.0.1
Received: from fout-a6-smtp.messagingengine.com
 (fout-a6-smtp.messagingengine.com [103.168.172.149])
	by atuin.qyliss.net (Postfix) with ESMTPS id 7CD3C1215B
	for <devel@spectrum-os.org>; Mon, 08 Dec 2025 21:11:52 +0000 (UTC)
Received: from phl-compute-02.internal (phl-compute-02.internal [10.202.2.42])
	by mailfout.phl.internal (Postfix) with ESMTP id 69FF3EC061E
	for <devel@spectrum-os.org>; Mon,  8 Dec 2025 16:11:50 -0500 (EST)
Received: from phl-mailfrontend-01 ([10.202.2.162])
  by phl-compute-02.internal (MEProxy); Mon, 08 Dec 2025 16:11:50 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alyssa.is; h=cc
	:content-transfer-encoding:content-type:date:date:from:from
	:in-reply-to:message-id:mime-version:reply-to:subject:subject:to
	:to; s=fm3; t=1765228310; x=1765314710; bh=BytXuVDzpO0qh0xFLX6e/
	n7Gm88q20fJvpa9K0uvQ+E=; b=k3AGBAEXbndTe6L0rqsDBqNbPqvJT0LceLA3k
	Bdk6RhLo9BdBIUF5BXT/tSHBMp4guBuI+ObHV3Lxvvhuk5OlCrgorinAhG61EzaY
	nPVTLMA+IEffvNfT54JIkyn2XNArpqWVn+WrC8AfcYsUY31YPMaBBJ5drK5haju6
	6azYOq72Snb34mZOH/lWwVd6xpp1D0xPS/vEjD/iS1sZxu1I0E5VObYNfGO8erri
	rZD0WT4J1KTOrFPIdF6QnQDGAQx0OI9nENYSxqVgqk8CNknaUX09inunJmZtMR5S
	8sWIjKtTZ7Bfe4QYHpz0AN+Qo8W7k2aevb3uSBbUGj+ZmEngg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
	messagingengine.com; h=cc:content-transfer-encoding:content-type
	:date:date:feedback-id:feedback-id:from:from:in-reply-to
	:message-id:mime-version:reply-to:subject:subject:to:to
	:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t=
	1765228310; x=1765314710; bh=BytXuVDzpO0qh0xFLX6e/n7Gm88q20fJvpa
	9K0uvQ+E=; b=LZ3z7iysGn0NB50gCsh6b8oeFBLwnp7crJh3IOBkoRsFrlX2r9l
	d8zs7WVY0FyZ+D2kQvLDtxStxZeuAZd2l8o2u3UP7tWaxUihievPssBNH5wlSZOV
	DCIQOz3hrbaQR03ecaFniU20w8wphYrRfD4u7CTZa9Szd/0hOd2vAlmISyAjLmzi
	5zYvzIi5P6oPbS26dO+vEoZ5rmA1BAlYLjdG9e2nbV9m6t6xsa2WxJqe05XLsU6O
	JpkUAJ60eahzfuiEIiksAHO5yPQM0w5K3AoJnnJC/K/Pi1R5W2wbsfG1JQdkyd2d
	Yv0HfpVd1KjGMlrbbH48Ezh/iJxelFG4wbw==
X-ME-Sender: <xms:Fj83aTPPSJ1skorQlHZcThV3xcuDkMo_POfM8N8HIlQR346kuus4KA>
    <xme:Fj83aT2cyRH2Oj22Qla6MwfOJKZXamE9mlJRngGJzioQFt7GWxlSpjZbxkx9u4A_6
    blxB6QapmCH7Xr048KiVUW3rgzZHqeoDs1Pa6NdJLkjNJwuXJp0TA>
X-ME-Received: 
 <xmr:Fj83adUgI6zDplMKpUAIJh9Oauy2xMO0AzDZIz0UrQHvf0Bm5YuDiwnPuzRz8SR_xA>
X-ME-Proxy-Cause: 
 gggruggvucftvghtrhhoucdtuddrgeefgedrtddtgddujeejfecutefuodetggdotefrod
    ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpuffrtefokffrpgfnqfghnecuuegr
    ihhlohhuthemuceftddtnecunecujfgurhephffvufffkffoggfgsedtkeertdertddtne
    cuhfhrohhmpeetlhihshhsrgcutfhoshhsuceohhhisegrlhihshhsrgdrihhsqeenucgg
    tffrrghtthgvrhhnpeehvdffgffhteeijefgteeftdfghfdvheeuhedvjedugfeggfelje
    fgleefvefgfeenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhr
    ohhmpehhihesrghlhihsshgrrdhishdpnhgspghrtghpthhtohepuddpmhhouggvpehsmh
    htphhouhhtpdhrtghpthhtohepuggvvhgvlhesshhpvggtthhruhhmqdhoshdrohhrgh
X-ME-Proxy: <xmx:Fj83aUhtcHuITZNMHBjOv1Gicv2GFkn1_dG5aFt0UoeEl5DTQBNegg>
    <xmx:Fj83afCijzvMT3HSEPA8mByxdTaL2iYx4zEUVDj4PNjRgAxU4bvDNg>
    <xmx:Fj83aVeBQSYKYd_yP-23z4r9OkyQZdPxKD7vDHB-_aRCGGChvgLVyQ>
    <xmx:Fj83aXcxcXO-nNR5k7aahWgYQxewX_x-uBZy_oCEXTaFxO8Uacm29Q>
    <xmx:Fj83adsluWmhz2perLD1jFHSG26o74MA78Xof9RLBGyDZruqGZ_gFbBU>
Feedback-ID: i12284293:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA for
 <devel@spectrum-os.org>; Mon, 8 Dec 2025 16:11:50 -0500 (EST)
Received: by fw12.qyliss.net (Postfix, from userid 1000)
	id 37FED5BB1318; Mon, 08 Dec 2025 22:11:34 +0100 (CET)
From: Alyssa Ross <hi@alyssa.is>
To: devel@spectrum-os.org
Subject: [PATCH] img/app: fix running AppImages
Date: Mon,  8 Dec 2025 22:11:01 +0100
Message-ID: <20251208211101.430776-1-hi@alyssa.is>
X-Mailer: git-send-email 2.51.0
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Message-ID-Hash: T3YPNEXZOKONFGKFWRDDCOAPHS5EEL6B
X-Message-ID-Hash: T3YPNEXZOKONFGKFWRDDCOAPHS5EEL6B
X-MailFrom: hi@alyssa.is
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency;
 loop; banned-address; member-moderation;
 header-match-devel.spectrum-os.org-0; header-match-devel.spectrum-os.org-1;
 header-match-devel.spectrum-os.org-2; header-match-devel.spectrum-os.org-3;
 header-match-devel.spectrum-os.org-4; nonmember-moderation; administrivia;
 implicit-dest; max-recipients; max-size; news-moderation; no-subject;
 digests; suspicious-header
X-Mailman-Version: 3.3.9
Precedence: list
List-Id: Patches and low-level development discussion <devel.spectrum-os.org>
Archived-At: 
 <https://spectrum-os.org/lists/hyperkitty/list/devel@spectrum-os.org/message/T3YPNEXZOKONFGKFWRDDCOAPHS5EEL6B/>
List-Archive: 
 <https://spectrum-os.org/lists/hyperkitty/list/devel@spectrum-os.org/>
List-Help: <mailto:devel-request@spectrum-os.org?subject=help>
List-Owner: <mailto:devel-owner@spectrum-os.org>
List-Post: <mailto:devel@spectrum-os.org>
List-Subscribe: <mailto:devel-join@spectrum-os.org>
List-Unsubscribe: <mailto:devel-leave@spectrum-os.org>

The non-root user that applications run as can't mount FUSE
filesystems.  I don't want to introduce setuid or an IPC service just
for running AppImages, although we could revisit if we find that
applications themselves rely on being able to mount FUSE filesystems.
For now, it'll be more efficient to use the in-kernel squashfs
implementation anyway.

We do need to set a few environment variables normally set by the
AppImage runtime, but as far as I can tell it doesn't do much more
than this that applications could rely on.

This only works for type 2 AppImages, but I expect that's just about
every AppImage nowadays, and if turns out not to be it shouldn't be
too hard to support type 1.

Fixes: 8bfcbf9 ("img/app: run applications as non-root")
Signed-off-by: Alyssa Ross <hi@alyssa.is>
---
 img/app/Makefile                |  2 +-
 img/app/image/etc/s6-rc/app/run | 11 +++++++++--
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/img/app/Makefile b/img/app/Makefile
index ddfc8ef..7354f89 100644
--- a/img/app/Makefile
+++ b/img/app/Makefile
@@ -30,7 +30,7 @@ $(imgdir)/appvm/blk/root.img: ../../scripts/make-gpt.sh ../../scripts/sfdisk-fie
 	    build/rootfs.erofs:root:5460386f-2203-4911-8694-91400125c604:root
 	mv $@.tmp $@
 
-DIRS = dev home/user run proc sys tmp \
+DIRS = dev home/user run mnt proc sys tmp \
 	etc/s6-linux-init/run-image/pipewire \
 	etc/s6-linux-init/run-image/service \
 	etc/s6-linux-init/run-image/user \
diff --git a/img/app/image/etc/s6-rc/app/run b/img/app/image/etc/s6-rc/app/run
index e05d4fe..e691a63 100755
--- a/img/app/image/etc/s6-rc/app/run
+++ b/img/app/image/etc/s6-rc/app/run
@@ -14,10 +14,17 @@ foreground {
   withstdinas -E type
   case $type {
     appimage {
-      if { modprobe fuse }
+      if { modprobe loop }
+      if {
+        backtick -E offset { /run/virtiofs/virtiofs0/config/run --appimage-offset }
+        mount -o offset=${offset} /run/virtiofs/virtiofs0/config/run /mnt
+      }
       s6-setuidgid user
+      export APPIMAGE /run/virtiofs/virtiofs0/config/run
+      export APPDIR /mnt
+      export ARGV0 /mnt/AppRun
       export LD_LIBRARY_PATH /lib64
-      /run/virtiofs/virtiofs0/config/run
+      /mnt/AppRun
     }
     flatpak {
       s6-envdir -fnL /run/virtiofs/virtiofs0/config/params

base-commit: 5104fa720ce8b00612c5487fc47124fbf99e58c6
-- 
2.51.0