Merge c76e5dc269 into 68f8338d20

Revert "Disable gVisor's DirectFS feature."
This reverts commit 73b0f8b7d4. Unfortunately, disabling DirectFS causes a problem in Linux systems that enable Yama mode 2. Turns out that Tails is such a system, so we have to revert this change, if we want to support it. Refs #982
2025-04-28 18:02:38 +02:00 · 2024-10-30 19:11:07 +01:00 · 2024-10-30 19:10:26 +01:00 · 2024-10-30 16:45:45 +01:00 · 2024-10-30 16:43:50 +01:00 · 2024-10-30 17:41:15 +02:00
9 changed files with 7 additions and 26 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@ -33,8 +33,6 @@ jobs:
            version: "20.04"
          - distro: ubuntu
            version: "22.04"
-          - distro: ubuntu
-            version: "23.10"
          - distro: ubuntu
            version: "24.04"
          - distro: ubuntu
--- a/.github/workflows/check_repos.yml
+++ b/.github/workflows/check_repos.yml
@ -23,8 +23,6 @@ jobs:
            version: "24.10"  # oracular
          - distro: ubuntu
            version: "24.04"  # noble
-          - distro: ubuntu
-            version: "23.10"  # mantic
          - distro: ubuntu
            version: "22.04"  # jammy
          - distro: ubuntu
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@ -159,8 +159,6 @@ jobs:
            version: "20.04"
          - distro: ubuntu
            version: "22.04"
-          - distro: ubuntu
-            version: "23.10"
          - distro: ubuntu
            version: "24.04"
          - distro: ubuntu
@ -229,8 +227,6 @@ jobs:
            version: "20.04"
          - distro: ubuntu
            version: "22.04"
-          - distro: ubuntu
-            version: "23.10"
          - distro: ubuntu
            version: "24.04"
          - distro: ubuntu
@ -350,8 +346,6 @@ jobs:
            version: "20.04"
          - distro: ubuntu
            version: "22.04"
-          - distro: ubuntu
-            version: "23.10"
          - distro: ubuntu
            version: "24.04"
          - distro: ubuntu
--- a/INSTALL.md
+++ b/INSTALL.md
@ -11,7 +11,6 @@ an isolated environment. It will be installed automatically when installing Dang
 Dangerzone is available for:
 - Ubuntu 24.10 (oracular)
 - Ubuntu 24.04 (noble)
- Ubuntu 23.10 (mantic)
 - Ubuntu 22.04 (jammy)
 - Ubuntu 20.04 (focal)
 - Debian 13 (trixie)
--- a/dangerzone/gvisor_wrapper/entrypoint.py
+++ b/dangerzone/gvisor_wrapper/entrypoint.py
@ -142,9 +142,6 @@ runsc_argv = [
    "--rootless=true",
    "--network=none",
    "--root=/home/dangerzone/.containers",
-    # Disable DirectFS for to make the seccomp filter even stricter,
-    # at some performance cost.
-    "--directfs=false",
 ]
 if os.environ.get("RUNSC_DEBUG"):
    runsc_argv += ["--debug=true", "--alsologtostderr=true"]
--- a/dev_scripts/env.py
+++ b/dev_scripts/env.py
@ -696,8 +696,6 @@ class Env:
                    DOCKERFILE_CONMON_UPDATE + DOCKERFILE_BUILD_DEV_DEBIAN_DEPS
                )
            elif self.distro == "ubuntu" and self.version in (
-                "23.10",
-                "mantic",
                "24.04",
                "noble",
                "24.10",
@ -784,8 +782,6 @@ class Env:
                # package (see https://github.com/freedomofpress/dangerzone/issues/685)
                install_deps = DOCKERFILE_CONMON_UPDATE + DOCKERFILE_BUILD_DEBIAN_DEPS
            elif self.distro == "ubuntu" and self.version in (
-                "23.10",
-                "mantic",
                "24.04",
                "noble",
                "24.10",
--- a/dev_scripts/qa.py
+++ b/dev_scripts/qa.py
@ -978,11 +978,6 @@ class QAUbuntu2204(QADebianBased):
    VERSION = "22.04"


-class QAUbuntu2310(QADebianBased):
-    DISTRO = "ubuntu"
-    VERSION = "23.10"
-
-
 class QAUbuntu2404(QADebianBased):
    DISTRO = "ubuntu"
    VERSION = "24.04"
--- a/setup-windows.py
+++ b/setup-windows.py
@ -4,7 +4,6 @@ from cx_Freeze import Executable, setup
 with open("share/version.txt") as f:
    version = f.read().strip()

-packages = ["dangerzone", "dangerzone.gui"]

 setup(
    name="dangerzone",
@ -12,10 +11,13 @@ setup(
    # On Windows description will show as the app's name in the "Open With" menu. See:
    # https://github.com/freedomofpress/dangerzone/issues/283#issuecomment-1365148805
    description="Dangerzone",
-    packages=packages,
    options={
        "build_exe": {
-            "packages": packages,
+            # Explicitly specify pymupdf.util module to fix building the executables
+            # with cx_freeze. See https://github.com/marcelotduarte/cx_Freeze/issues/2653
+            # for more details.
+            # TODO: Upgrade to cx_freeze 7.3.0 which should include a fix.
+            "packages": ["dangerzone", "dangerzone.gui", "pymupdf.utils"],
            "excludes": ["test", "tkinter"],
            "include_files": [("share", "share"), ("LICENSE", "LICENSE")],
            "include_msvcr": True,
--- a/tests/isolation_provider/base.py
+++ b/tests/isolation_provider/base.py
@ -164,6 +164,7 @@ class IsolationProviderTermination:
        terminate_proc_mock = mocker.patch.object(
            provider, "terminate_doc_to_pixels_proc", return_value=None
        )
+        kill_pg_orig = base.kill_process_group
        kill_pg_mock = mocker.patch(
            "dangerzone.isolation_provider.base.kill_process_group", return_value=None
        )
@ -178,6 +179,7 @@ class IsolationProviderTermination:

        # Reset the function to the original state.
        provider.terminate_doc_to_pixels_proc = terminate_proc_orig  # type: ignore [method-assign]
+        base.kill_process_group = kill_pg_orig

        # Really kill the spawned process, so that it doesn't linger after the tests
        # complete.
Author	SHA1	Message	Date
Alexis Métaireau	25f9b11947	Merge `c76e5dc269` into `68f8338d20`	2024-10-30 19:11:07 +01:00
Alex Pyrgiotis	68f8338d20	Revert "Disable gVisor's DirectFS feature." This reverts commit `73b0f8b7d4`. Unfortunately, disabling DirectFS causes a problem in Linux systems that enable Yama mode 2. Turns out that Tails is such a system, so we have to revert this change, if we want to support it. Refs #982	2024-10-30 19:10:26 +01:00
Alex Pyrgiotis	d561878e03	tests: Restore previously mocked function Restore the `isolation_provider.base.kill_process_group()` function, which was previously mocked, at the end of the `test_linger_unkillable()` test. This function is initially mocked, in order to simulate a hang process. After the mocking completes, the test needs the original function once more, in order to actually kill the spawned process.	2024-10-30 16:45:45 +01:00
Alexis Métaireau	59e1666c28	Drop support for Ubuntu Mantic (23.10), which is EOL since 11 Jul 2024.	2024-10-30 16:43:50 +01:00
jkarasti	95d7d8a4d9	Fix: Error with cx_freeze when building the windows executables	2024-10-30 17:41:15 +02:00
jkarasti	ed2791bbbc	Revert: "fix win build failure due to package autodiscovery" This reverts commit `4d9f729654`. The error described in #178 doesen't happen anymore so this workaround is not needed.	2024-10-30 17:41:15 +02:00