The amount of system frameworks (both public and private) needed by
the LO libraries is staggering. It will not work to try to list them
here. If you are crazy enough to want to run this on OS X, use some
other tool than this script to set up the system template for the
chroot jail. Like mkjail from https://github.com/glvnst/shlibs.
No idea. Does not even work from the command line... But after
"fixing" this, we run into other weird problems anyway. (Maybe one
needs to use lower-level (Mach) APIs for esoteric stuff like chroot?)
So, getting loolwsd to work on OS X seems unexpectedly hard even
before considering what changes might be needed to LibreOfficeKit. Oh
well.
Not sure if this is the right thing to do, but should work for our purposes
for now. If and when somebody else wants to fine-tune this stuff, feel free.
Wonder if it would be good style to expand the spec file from a .in one by the
configury, so that one could use autoconf expansions for the version number in
it?
At least when not running as the owner of those files. Refactor the capability
dropping so that we can separately drop the CAP_FOWNER and CAP_SYS_CHROOT
capabilities. The child process never needs CAP_FOWNER and the parent process
never needs CAP_SYS_CHROOT.
It was a bit misleading to have "chroot" in the name of the script as it isn't
a chroot jail as such that the script is setting up, but a *template* that
will be copied (hardlinked) into each chroot jail.
The script should be installed, so that a loolwsd package can include it. We
don't want to loolwsd use to depend on having the sources available,
obviously.
The parent currently uses a fixed-size 100000 byte buffer to receive
messages. Even with a tile size of 256x256 pixels, that is not enough for some
tiles that compress badly as PNG. Add a nextmessage: message that gives the
size of the immediately following message. Send a such before each tile:
message, and handle it appropriately. The nextmessage: message is used only
from child to parent process, it is never sent to the Websocket client.
Once Poco 1.6.1 is released, this will not be necessary.
I have made a pseudo-release tarball (for internal testing purposed) with the
version 1.0.0.
Use the following policy for versioning: When doing a release tarball, bump
the version in configure.ac so that the third (micro) version number is
even. Don't commit that to git, but do run make dist. After you have the
tarball, bump the micro version number again to an odd number. Commit. This
way, anything from git will always have an odd micro version number.
Useful when building loolwsd on a system that doesn't have new enough
LibreOfficeKit headers available. (It makes sense to use them only if the
resulting loolwsd will then be run on a system with a new enough LibreOffice
installation anyway.)
Pass the --with-lokit-path=bundled/include configure option to use them.
It doesn't work to debug a program that has file capabilities set, it seems,
so to debug the loolwsd master process, one in practice needs to run sudo gdb
on it. But it is not necessarily a good idea to run all of the code as
root. When configured for debugging (--enable-debug), reset real and effective
uid to a non-root one, either one given with an --uid option (typically that
of the developer), or "nobody".
Catch IOException when trying to copy the document and send error message.
Otherwise, the exception will just propagate up to handleRequest() and the
connection will be silently closed. Closing the connection is fine as such, I
think, but we need to send an error message first.
Currently we require the current version, 1.6.0, and as soon as 1.6.1 is out,
I will start requiring that, because I want to use a feature I submitted to
it.
Surround most of configure.ac with AC_LANG_PUSH([C++]) while at it, as this is
all C++ code anyway.