Commit grafiek

133 Commits

Auteur SHA1 Bericht Datum
f29f997289 gui: ipc sandbox: Restrict sandbox further
Switch to QCoreApplication, since the ipc worker is not a GUI application.

We can also remove some vows this ways. Furthermore, disable connect() syscall
explicitly.
2022-06-09 10:04:48 +02:00
87ebc137d5 shared/gui: Add LOOQS_DISABLE_SANDBOX env to allow disabling sandboxing
Mainly for devs to check whether a problem is caused by sandboxing.
2022-06-06 23:23:07 +02:00
67189f34c6 gui: main: Make sandboxing work on kernels without landlock
Those are still around of course, so deal with that
2022-06-06 22:16:36 +02:00
0d81452a67 rename icon to looqs.svg 2022-06-06 15:55:21 +02:00
f8d6a1a586 gui: mainwindow: Use Unicode category class to extract highlight words 2022-06-06 09:34:37 +02:00
52b296ff01 gui: mainwindow: Set default query limit to 1000 2022-06-05 14:39:57 +02:00
862168418b gui: mainwindow: Reword warning for inaccessible files 2022-06-05 14:39:57 +02:00
8f69be229b gui: mainwindow: Exclude HTML files from previews until we can do it properly 2022-06-05 14:39:57 +02:00
4187c3bfca gui: mainwindow: Switch to results tab when searching from indexer tab 2022-06-04 17:09:26 +02:00
1ec42e4949 gui: mainwindow: Add 'sync index' menu option
Opens a progress dialog while syncing takes place.
2022-06-04 17:09:26 +02:00
1ec7a5a865 gui: main: Ensure a clean exit 2022-06-04 17:09:26 +02:00
3f85f214e3 gui: mainwindow: Add menu opening config and About dialogs 2022-06-04 17:09:26 +02:00
ae57a22078 gui: MainWindow: Set, save and restore ignore patterns 2022-06-04 17:09:26 +02:00
145cd150b1 gui: PreviewGenerator: Make previews for all text files 2022-06-04 17:09:26 +02:00
40207c3399 gui: Remove enableSandbox() for general GUI
While f67a37bc21 indicated the last remaining code could stay,
it can't because there is a launch failure of SandboxedProcessor.

This has been revealed by the changes of the previous commit,
aa03d0a4920e.

Hence, the GUI will be untouched by exile. We only sandbox
the preview generation and the indexing trough IPC.
2022-06-04 17:09:26 +02:00
e715be9787 gui: Fix dispatch of SandboxedProcessor
There was an off-by-one, the SandboxedProcessor was only passed
'process', not the path to the file.

No processor was found for 'process', thus 'nothingProcessor' was
returned. Therefore, we never sandboxed (because we never had
to process anything).

The sandboxing would have failed though, because we need to launch
QCoreApplication, not QApplication.

The CLI was never affected.
2022-06-04 17:09:26 +02:00
bb1e653690 gui: PreviewGeneratorPlainText: Truncate dirtily to avoid lags
It was possible the text was getting too big. The GUI
was lagging for previews of some text files. The first
assumption was that we would only have a couple of hits,
which is unreasonable for large .txt files and common
words.

We only ever see a handful of previews, it makes no sense
to get all snippets. So just allow 7 snippets, that's it.

Also, just cut after 1000 chars no matter what.
2022-06-04 17:09:26 +02:00
4aa850d5ed gui: IPCPreviewClient: Raise error signal() instead of exception 2022-06-04 17:09:26 +02:00
11af6e530e gui: sandbox: Add 'error' to vow_promises to avoid getting killed on ioctl() with TIOCSTI 2022-06-04 17:09:26 +02:00
1108a138f4 gui: mainwindow: Also resize mtime column to fit content 2022-06-04 17:09:26 +02:00
aeafa9560e mainwindow: Disable page switcher while generation is running
This prevents 'spam'. User may have scrolled 10 pages forward, while
we are still generating old pages. Then the user wonders why
they arrive so late.

So disable switching pages while the generation is still running

It is unlikely that a user will have to quickly go through search
results like that.
2022-05-29 11:20:28 +02:00
a82818dc43 gui: init previewProcessBar with 0 on start 2022-05-29 11:20:28 +02:00
c867652b6f gui: IPCPreviewWorker(): Don't allocate mapfunctor on heap 2022-05-29 11:20:28 +02:00
f8fe21d50b gui: Add label showing total number of preview pages 2022-05-29 11:20:28 +02:00
1e97f8dd26 gui: mainwindow: Fix preview page number calculation
The paging now works on the actual pages to be rendered.
2022-05-29 11:20:28 +02:00
ad0fc74439 ipc: Place socket in /tmp/.looqs/, remove ipc path settings 2022-05-29 11:20:28 +02:00
e44fb1a942 gui: main: Enable exile.h for IPC preview generation 2022-05-29 11:20:28 +02:00
472661bff6 gui: Begin simple IPC error reporting 2022-05-29 11:20:28 +02:00
4aa6d43674 gui: Open files/previews directly without IPC again
Since the main GUI process is not sandboxed again
2022-05-29 11:20:28 +02:00
2591a4ccba gui: ipc: Support cancellation of preview generation 2022-05-29 11:20:28 +02:00
d66e395fda gui: main: Kill IPCServer process on exit 2022-05-29 11:20:28 +02:00
0d6fb1d482 gui: mainwindow: Use new IPCPreviewClient 2022-05-29 11:20:28 +02:00
8f2e77b152 gui: Introduce IPCPreviewClient 2022-05-29 10:44:19 +02:00
3bdcb76d8e gui: PreviewResult: Add serialization() methods for IPC 2022-05-27 09:29:28 +02:00
ee18142e36 gui: PreviewGenerator*: Wrap PreviewResult in QSharedPointer 2022-05-27 09:28:21 +02:00
3e03fed1a2 gui: IpcServer: Use IPCPreviewWorker 2022-05-27 09:26:37 +02:00
6439adffc6 gui: Begin IPCPreviewWorker 2022-05-27 09:26:03 +02:00
02642a147a gui: Retire IPCClient and PreviewWorker 2022-05-27 09:24:42 +02:00
fe29641d0a IpcServer: Remove docOpen(), fileOpen(). MainWindow will do it
As it is no longer subject to sandboxing as a whole, it is not
restricted and thus, should call these functions itself
2022-05-17 19:23:03 +02:00
830226ae59 RenderConfig: Add serialization, basically for IPC 2022-05-17 19:20:06 +02:00
6a5cb69e27 gui: Add RenderTarget struct, an IPC helper class 2022-05-17 19:19:02 +02:00
b137dec434 gui: indexer tab: Show filepicker dialog when corresponding button clicked 2022-05-03 16:20:06 +02:00
f67a37bc21 GUI: Disable general sandbox due to inpracticability
Qt is usually built with Accessibility and D-Bus. If D-Bus
connections work, a bypass should be considered trivial.
If we block D-Bus, we experience quite some slowdowns in
certain contexts. That's because Qt makes D-Bus connections
for accessibility features etc. They appear to run into timeouts,
but this slows down things. Sandboxing also makes things
like showing (native) file picker dialogs harder.

Sandboxing efforts will focus on the critical paths such as
the existing Indexer sandbox and the to be implemented sandboxing
for preview generation.

We keep no_new_privs for now as chances are that this shouldn't hurt.
2022-05-03 15:56:08 +02:00
9d160ed7a0 gui: Add icon
Not the best on dark themes, better than nothing for now.
2022-04-28 09:13:34 +02:00
a132485924 gui: enableSandbox: Don't unshare network due to slowdowns
The indexer is quite slow with unshared network namespaces. It appears something in
Qt needs it as IPC or whatever. Seeing also dbus-related errors:

Issue: #33

So disable it for now.
2022-04-24 19:40:43 +02:00
d2d576e617 gui: Call enableSandboxing() after ensureConfigured() so all paths are guaranteed to exist 2022-04-24 19:40:43 +02:00
08da6b4349 gui: main: Remove vows from exile policy
SandboxedProcessor is not launched via IPCServer at this point.
The vow set is already very big and SandboxedProcessor
would require exec too.

So use exile default policy and add some path permisisons.

Once SandboxedProcessor is handled by IPC and preview generation
is also exiled separately, it has to be reevaluated whether
it makes sense for vows to return.
2022-04-24 19:40:43 +02:00
629c1efba5 IpcServer: Add addFile() 2022-04-24 15:52:20 +02:00
d73674937d gui: Begin support to also preview results in plain text files 2022-04-24 15:52:20 +02:00
59aa02f0cd gui: MainWindow: handleSearchResults: Use PreviewGenerator::get 2022-04-24 15:52:20 +02:00