loolmount now works and supports mounting and
unmounting, plus numerous improvements,
refactoring, logging, etc.. When enabled,
binding improves the jail setup time by anywhere
from 2x to orders of magnitude (in docker, f.e.).
A new config entry mount_jail_tree controls
whether mounting is used or the old method of
linking/copying of jail contents. It is set to
true by default and falls back to linking/copying.
A test mount is done when the setting is enabled,
and if mounting fails, it's disabled to avoid noise.
Temporarily disabled for unit-tests until we can
cleanup lingering mounts after Jenkins aborts our
build job. In a future patch we will have mount/jail
cleanup as part of make.
The network/system files in /etc that need frequent
refreshing are now updated in systemplate to make
their most recent version available in the jails.
These files can change during the course of loolwsd
lifetime, and are unlikely to be updated in
systemplate after installation at all. We link to
them in the systemplate/etc directory, and if that
fails, we copy them before forking each kit
instance to have the latest.
This reworks the approach used to bind-mount the
jails and the templates such that the total is
now down to only three mounts: systemplate, lo, tmp.
As now systemplate and lotemplate are shared, they
must be mounted as readonly, this means that user/
must now be moved into tmp/user/ which is writable.
The mount-points must be recursive, because we mount
lo/ within the mount-point of systemplate (which is
the root of the jail). But because we (re)bind
recursively, and because both systemplate and
lotemplate are mounted for each jails, we need to
make them unbindable, so they wouldn't multiply the
mount-points for each jails (an explosive growth!)
Contrarywise, we don't want the mount-points to
be shared, because we don't expect to add/remove
mounts after a jail is created.
The random temp directory is now created and set
correctly, plus many logging and other improvements.
Change-Id: Iae3fda5e876cf47d2cae6669a87b5b826a8748df
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/92829
Tested-by: Jenkins
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Environment variable in sysconfig.loolwsd was not good, because:
1) it was a systemd antipattern
2) this systemd environment file was not present on all distros
3) we had to take care about this separately, when we did not start
loolwsd from systemd
Change-Id: I5c47668ca388c2f4b0afd6da8c575a3fb3cfab3b
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/96291
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Andras Timar <andras.timar@collabora.com>
This is the new default - do as we're told by the client.
The old setting is left to allow users to force SSL if they are
concerned that they may receive unhelpful URLs.
Change-Id: Idea83aacea6826a8f37264e34d49c7550efe6d27
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/93179
Tested-by: Michael Meeks <michael.meeks@collabora.com>
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
This reverts commit df4a241d0f.
Reason for revert: As we agreed, we have to improve the default,
but this patch actually just doubles something that is working
out of the box.
Change-Id: Idc22dabc3621d537f1bba3bc3b13a7d943c80c36
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/92299
Tested-by: Jan Holesovsky <kendy@collabora.com>
Reviewed-by: Jan Holesovsky <kendy@collabora.com>
If you don't want protocol logging by default in debugging builds
then either poke loolwsd.xml:
<protocol type="bool" descr="Enable minimal client-site JS protocol logging from the start">false</protocol>
Or - configure with --disable-debug and --disable-debug-protocol.
Also remove redundant and unused co-ordinate parameters to the
message queue, and logging.
Change-Id: I489e32ef4758a6f0ef35c8d8d322a402a3e268e6
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/91096
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
For better performance, many comment boxes reduce performance in
browser.
Change-Id: If041c3d147ee7512d90f41a4a1bfe7a1ff8646a9
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/89065
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
Tested-by: Michael Meeks <michael.meeks@collabora.com>
in loolwsd.xml. If set, watermarks will be the same
as entered for all the views instead of per view
watermarks sent in CheckFileInfo
Change-Id: I0943520423abc2567f44920f8679057b3cfbf01f
Reviewed-on: https://gerrit.libreoffice.org/83666
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
Tested-by: Michael Meeks <michael.meeks@collabora.com>
Also add a config option for logging.protocol - to help catch early
protocol issues during startup.
Change-Id: I6f0cc6dcf14b2797bc6b2bd36c44750d74eb0608
storage.ssl.enable=false by default is not good. loolwsd default config should
work, e.g. in case of snapshot docker images. When ssl.enable=true, this implies
storage.ssl.enable=true, because browsers do not allow mixed content, so it is
not possible to connect to the storage with plain HTTP, while the content from
loolwsd is served with HTTPS.
TODO: find out what to do in case of upgrade, when the user has an old config
file. Probably storage.ssl.enable should default to ssl.enable when it is not
present in config file.
Change-Id: Ifdcb070745d649dd9840dccf2e5641058a13d4e4
Reviewed-on: https://gerrit.libreoffice.org/80660
Reviewed-by: Andras Timar <andras.timar@collabora.com>
Tested-by: Andras Timar <andras.timar@collabora.com>
It was not very useful to let this setting configurable by the user.
On the other hand, old path in config file caused issues after
upgrade. It is better to decide the location of LOKit core
during compilation. From now on the --with-lo-path configure
option is compulsory.
Change-Id: Icdcbc21bde5dad329fdb6e30ed17efde6b0e73de
Reviewed-on: https://gerrit.libreoffice.org/79943
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Andras Timar <andras.timar@collabora.com>
Better hashing algorithm based on FNV-1a.
Adds support for salting the hash, and
for providing salt via configuration.
More unit-tests added, and better formatting.
Change-Id: I2be42675d0cdbaa73c3d7faed99e07631a9c20fc
Reviewed-on: https://gerrit.libreoffice.org/70034
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
Reviewed-on: https://gerrit.libreoffice.org/71091
This simplifies the anonymization configuration
as virtually always they are all either enabled
together, or not at all.
Change-Id: I6fe60f5287fc5d71cd7a6ac3268eac67e5e6e9fb
Reviewed-on: https://gerrit.libreoffice.org/70033
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
Reviewed-on: https://gerrit.libreoffice.org/71090
The default behavior is unchanged: once the last editor exits, we still
only perform a save when the document is modified.
It's possible to opt in for the new behavior, though: in that case the
save after the exit of the last editor will happen even for unmodified
documents.
Change-Id: I14c17035a932cf952217f3b71fdef57fede0ce24
The code already assumed a signed integer, but the configuration advertised
unsigned, standardize on signed.
This way it doesn't matter if the "disable" value is zero or a negative
number.
Change-Id: I56632c8a36be01afefdc5f2a35e70bde945d69d3
It is not a good idea to change the configuration directory, it will affect all the existing installations.
And the service is called loolwsd - so the configuration should be called that way too.
This reverts commit 9278574289.
Change-Id: I7e6eee644e21ad2dd842742585d16133ff8e36c9
Reviewed-on: https://gerrit.libreoffice.org/72730
Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>
Tested-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>
After 1dbbc5acc7
Change-Id: I64a12fb13bc8f9371821b2d5969941bfddc2514a
Reviewed-on: https://gerrit.libreoffice.org/72728
Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>
Tested-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>
document_signing_url in loolwsd now accepts a vereign server URL
endpoint. If not provided, the signing functionallity won't be
available.
The document signing infobar is now shown dynamically so by
default it is not shown, but when the users clicks in menu the
"sign document", the infobar is shown (the document-content is
css "top" value is adjusted via JQuery).
Change-Id: I9d5f6b68ba3612eeeb9de28c9c0333b4d1bf41d8
Reviewed-on: https://gerrit.libreoffice.org/64298
Reviewed-by: Tomaž Vajngerl <quikee@gmail.com>
Tested-by: Tomaž Vajngerl <quikee@gmail.com>
Beforehand, any host could embed the iframe as the Referer was always allowed.
Now, only the loolwsd and the WOPI host are allowed to do that.
Additionally, a config option has been added to add more allowed hosts.
X-Frame-Options supports has been removed as it supports only one host
and CSP is meanwhile supported in ~all major browsers.
Change-Id: I222720e1220116102708c50edaf08e2a4a0aebda
Reviewed-on: https://gerrit.libreoffice.org/63864
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>
Tested-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>
It's not too easy to customize CSS, so move the top position of the
document container to loleaflet.html, where it's convenient to handle
this.
JS can dynamically query if the menu item should be there, similar to
the about dialog.
Change-Id: I4b2799a41f8ad31e3a9b4983fd1947d2e0363a2b
