For Namespaces the parent uses e.g.
jails/195178-46f603be/tmp/cool-82ChWNp1XiISVSpV/
to pass files to what is normally the child's (hidden) bind mount of that as
jails/195178-46f603be/82ChWNp1XiISVSpV/tmp
If BindMounting fails and we fallback to linking, then symlink
jails/195178-46f603be/tmp/cool-82ChWNp1XiISVSpV/ to the fallback
jails/195178-46f603be/82ChWNp1XiISVSpV/tmp so the parent can still
use the path expected for Namespaces.
So we can still get the goodness of namespaces wrt capabilities even
if we have the ills of bind-mounting fail.
Signed-off-by: Caolán McNamara <caolan.mcnamara@collabora.com>
Change-Id: I9a6f9e8db8f6edced18fe20367afc4d599a29ed2
in a failed BindMount the wait period to restart a failed coolforkit
is the default CHILD_TIMEOUT_MS * 4 which is 20s, while the test
default timeout is 10s
Signed-off-by: Caolán McNamara <caolan.mcnamara@collabora.com>
Change-Id: I527aaadd802d7f8cd752ae1c4a6ed6597608f09e
so we don't have multiple threads, which is problematic for
linux namespace creation.
The make check unittests use multiple threads even if the
normal coolwsd usage doesn't.
Given that, then restore the Poco log archive thread seeing as disabling
it in coolwsd isn't needed anymore.
Signed-off-by: Caolán McNamara <caolan.mcnamara@collabora.com>
Change-Id: Ife8f579076a7d76a6ec7a18ca6629c8988c700cc
Example use of filter:
curl -F "data=@docStructure2.docx" -F "filter=contentcontrol" http://localhost:9980/cool/extract-document-structure > out.json
it will extract contentControls only if filter=contentcontrol is used,
or if no filter is used.
No filter means extract everything.
Signed-off-by: Attila Szűcs <attila.szucs@collabora.com>
Change-Id: I001a2cc525be7502d53b5849bb61a99d087ed807
added format parameter support
added tests
Signed-off-by: Attila Szűcs <attila.szucs@collabora.com>
Change-Id: I1fe6afc583a15eaeedf5da73dbca72569593cae9
Use extract-document-structure to get document structure
Use transform-document-structure to change its content
Example use of Transform:
curl -F "data=@CC.odt" -F "transform={\"Transforms\":{\"ContentControls.ByIndex.1\":{\"content\":\"Short text\"}}}"
https://localhost:9980/cool/transform-document-structure > out.odt
Note: Please do not use \n (EOL) in transform.
Example output for extract
{
"DocStructure": {
"ContentControls.ByIndex.0": {
"id": 0,
"tag": "",
"alias": "",
"content": "FieldValue1",
"type": "plain-text"
},
"ContentControls.ByIndex.1": {
"id": 0,
"tag": "",
"alias": "",
"content": "☒",
"type": "checkbox",
"Checked": "true"
}
}
}
Signed-off-by: Attila Szűcs <attila.szucs@collabora.com>
Change-Id: I4b362376651e9bb5482949529e2bd7720231debf
It pays from a latency perspective to have fewer machines or
containers each with more threads, rather than more of them with
fewer threads.
Signed-off-by: Michael Meeks <michael.meeks@collabora.com>
Change-Id: Id791438d080989ffcf6b079e551f622cf92353e2
Otherwise we would not respond at all, leaving the socket open;
possibly related to cool#9349
Change-Id: Iba8a29da6ab0263f2545b9495f15e20f37145de0
Signed-off-by: Michael Meeks <michael.meeks@collabora.com>
e.g. download as pdf/save as pdf
move buildLocalPathToJail to FileUtil instead of JailUtil given
that the JailUtil code isn't built on mobile
Signed-off-by: Caolán McNamara <caolan.mcnamara@collabora.com>
Change-Id: I8d727e9cdffc413c027bfb9dc6b0520a7d591b47
I missed this case in the previous commit.
Signed-off-by: Andras Timar <andras.timar@collabora.com>
Change-Id: I48829591ce20bcfabb239e510041799c41ea50dc
and add some explanation for why there is use of linux namespaces in
coolwsd itself
Signed-off-by: Caolán McNamara <caolan.mcnamara@collabora.com>
Change-Id: I5d5687cf095de1b7d5d978dcb6ad6a97f6e9c642
create mount namespace with local uid 0 just before we need to do the
mounts and create another with the original uid when done.
The inner orig-uid probably doesn't amount to a whole lot in practice,
but its more reassuring to run as not-0.
Disconnect namespace config option from experimental, but continue to
default off.
Signed-off-by: Caolán McNamara <caolan.mcnamara@collabora.com>
Change-Id: Ia68c1c1c0bc7a91eb158f5d189453b683fea0ef0
[ websrv_poll ] SIG Fatal signal received: SIGABRT code: 18446744073709551610 for address: 0x730000696e
Backtrace 26990 - wsd 24.04.4.4snapshot 07bc101:
__GI_abort glibc-2.27/stdlib/abort.c:81
__GI___pthread_mutex_lock glibc-2.27/nptl/../nptl/pthread_mutex_lock.c:67
ServerAuditUtil::set(std::string, std::string) /usr/include/c++/12/bits/std_mutex.h:103
SocketDisposition::execute() /usr/include/c++/12/bits/std_function.h:591
SocketPoll::poll(long) /usr/include/c++/12/bits/shared_ptr_base.h:1070
Also cleanup member naming to match the COOL standard.
Signed-off-by: Michael Meeks <michael.meeks@collabora.com>
Change-Id: I4fd6f4d57c3cbfe1edf7121895e5dab7e13fa4fc
We don't need a mutex & a condition - we can just spin our own
TerminatingPoll to get what we need; saves launching an
un-necessary thread, and reducing threading complexity.
Signed-off-by: Michael Meeks <michael.meeks@collabora.com>
Change-Id: Ia65398aa8a59ca297cd0a0caf0fa607681960764
The URL given may be invalid, empty, or for some
reason we might fail to create a session.
In all these cases, we must fail the clipboard
request gracefully.
Change-Id: I32871edf1c8926ee5d37a9b8ce7ba8a60973b733
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
We need to initialize these, because we saw in the wild that
a customer removed the empty defaults from coolwsd.xml and
coolwsd stopped with fatal error.
Signed-off-by: Andras Timar <andras.timar@collabora.com>
Change-Id: Ifc75e3eb2fe50c2028f84d8f61ba5a034b14b4cf
This adds support for getting the presentation info from core.
This change uses the new GetPresentationInfo() funciton that was
added to the LOKit API.
Signed-off-by: Tomaž Vajngerl <tomaz.vajngerl@collabora.co.uk>
Change-Id: I19f5809fd841e4b2603a2446e1d9d54392dd1bd7
If a file exists, we should be able
to rename it. Otherwise, complain.
Change-Id: I6f5346c5b3e855615dc5d7c2270903175ace1daf
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
if experimental_features and mount_namespaces is enabled and it is
possible to "unshare" then instead of coolforkit exec coolforkitns which
doesn't have any capabilities set and inprocess mount inside a namespace
instead of calling coolmount
Signed-off-by: Caolán McNamara <caolan.mcnamara@collabora.com>
Change-Id: I48bef12b9156f41c78221e750a30aacee8a737a9
Re-write Server of proxied requests to avoid:
coolwsd: ./net/HttpRequest.hpp:945: bool http::Response::writeData(Buffer &) const:
Assertion `get("Server") == http::getServerString() &&
"Server Agent is always set in http::Response ctor"' failed.
Change-Id: I6076dbc355b0f42a6367271893c9732195c8eb2a
Signed-off-by: Michael Meeks <michael.meeks@collabora.com>
So that we fall back from storage.ssl.*_file_path to ssl.*_file_path when
ssl.enable=true, because in this case we can expect that these fallbacks
exist. Otherwise we do not fall back.
ssl.termination does not matter.
Signed-off-by: Andras Timar <andras.timar@collabora.com>
Change-Id: I6ca86c5ce5849fffcd5c41f0ce2a54977ab50faa
The iOS and Android platforms run the LibreOffice backend in the client
process so there is no SSL sockets. Instead, all client and server
communication is done through a buffer shared between threads.
Signed-off-by: Patrick Luby <guibomacdev@gmail.com>
Change-Id: I50f2697a8c915967b38dddb530cb5d74c88b5cb8