diff --git a/src/DEBIAN/control b/src/DEBIAN/control index 88847dd..01f4080 100755 --- a/src/DEBIAN/control +++ b/src/DEBIAN/control @@ -3,7 +3,7 @@ Source: amber-ce Version: 1.1.3 Architecture: amd64 Maintainer: shenmo -Installed-Size: 48980 +Installed-Size: 48992 Depends: bubblewrap, flatpak, policykit-1 | pkexec | polkit-1 | polkit, systemd, procps,coreutils,fuse-overlayfs,xz-utils,libnotify-bin,curl,xdg-user-dirs,bash Recommends: dpkg, fakeroot, busybox Section: misc diff --git a/src/usr/bin/amber-pm-convert b/src/usr/bin/amber-pm-convert index 57add67..847bb69 100755 --- a/src/usr/bin/amber-pm-convert +++ b/src/usr/bin/amber-pm-convert @@ -240,10 +240,11 @@ find "$EXTRACT_DIR" -name "*.desktop" | while read -r desktop_file; do sed -i 's/^Exec=\(.*\)$/Exec=apm run '"$NEW_PKGNAME"' \1/' "$desktop_file" fi - # 处理TryExec行 - if grep -q '^TryExec=' "$desktop_file"; then - sed -i 's/^TryExec=\(.*\)$/TryExec=apm run '"$NEW_PKGNAME"' \1/' "$desktop_file" - fi +# 处理TryExec行 - 直接删除 +if grep -q '^TryExec=' "$desktop_file"; then + sed -i '/^TryExec=/d' "$desktop_file" + log.info "已删除TryExec行" +fi # 处理Icon路径 icon_line=$(grep "^Icon=" "$desktop_file") @@ -400,7 +401,7 @@ EOF OUTPUT_DEB="${NEW_PKGNAME}_${NEW_VERSION}_${ORIG_ARCH}.deb" # 打包 -fakeroot dpkg-deb --build "$PKG_BUILD_DIR" "$OUTPUT_DEB" +fakeroot dpkg-deb -Z xz --build "$PKG_BUILD_DIR" "$OUTPUT_DEB" log.info "转换完成!" log.info "生成的APM包: $OUTPUT_DEB" diff --git a/src/usr/bin/apm b/src/usr/bin/apm index 5f9a17f..ae46d14 100755 --- a/src/usr/bin/apm +++ b/src/usr/bin/apm @@ -1,5 +1,5 @@ #!/bin/bash -VERSION=1.1.2 +VERSION=1.1.3 # 获取脚本名称用于帮助信息 SCRIPT_NAME=$(basename "$0") PATH_PREFIX=/var/lib/apm/apm/files/ace-env/ @@ -23,6 +23,7 @@ Commands: remove 卸载软件包 run 运行指定软件包的可执行文件 sandbox-run 运行指定软件包的可执行文件(主目录沙箱化) + bwrap-run 运行指定软件包的可执行文件(使用特殊的挂载参数以支持bwrap) update 更新软件包信息 hold 锁定软件包版本 @@ -54,11 +55,10 @@ apm_exec(){ local lowerdirs=() local current_dir="${PATH_PREFIX}/var/lib/apm/${coredir}" # 当前目录开始 local next_info_file="" - if [[ "$APM_USE_SANDBOX" = "1" ]];then - APM_RUN_EXEC=/var/lib/apm/apm/files/ace-run-sandbox - else + + # 使用统一的 ace-run 脚本 APM_RUN_EXEC=/var/lib/apm/apm/files/ace-run - fi + while : ; do # 构建info文件的路径 next_info_file="${current_dir}/info" @@ -241,7 +241,7 @@ case "$1" in apm-nvidia-toggle amber-pm-gxde-desktop-fix ;; - download|search|policy|list|update|clean|show) + download|search|policy|list|update|clean|show|depends|rdepends|changelog|moo) command=$1 shift amber-pm-debug aptss "$command" "$@" @@ -325,6 +325,12 @@ case "$1" in shift $0 run "$@" ;; + bwrap-run) + # 运行包命令:使用特殊的挂载参数以支持bwrap + export APM_USE_BWRAP=1 + shift + $0 run "$@" + ;; debug) shift debug_info $@ @@ -360,4 +366,4 @@ case "$1" in *) show_help ;; -esac +esac \ No newline at end of file diff --git a/src/usr/share/bash-completion/completions/apm b/src/usr/share/bash-completion/completions/apm index 2a38d7e..2f701d0 100755 --- a/src/usr/share/bash-completion/completions/apm +++ b/src/usr/share/bash-completion/completions/apm @@ -45,6 +45,7 @@ _apm() "upgrade" "full-upgrade" "dist-upgrade" "run" "sandbox-run" + "bwrap-run" "help" "source" "build-dep" "clean" "autoclean" @@ -239,7 +240,7 @@ fi command grep "^Source: $cur" | sort -u | cut -f2 -d" " ) ) return 0 ;; - run|sandbox-run) + run|sandbox-run|bwrap-run) COMPREPLY=( $( compgen -W "$(apm_run_compgen)" "$cur" ) ) return 0 ;; diff --git a/src/var/lib/apm/apm/files/ace-run b/src/var/lib/apm/apm/files/ace-run index 166ec1a..977de58 100755 --- a/src/var/lib/apm/apm/files/ace-run +++ b/src/var/lib/apm/apm/files/ace-run @@ -33,10 +33,17 @@ APM_PKG_NAME="${APM_PKG_NAME:-apm-general}" non_root_user=$(who | awk '{print $1}' | head -n 1) uid=$(id -u $non_root_user) -ensure_dir $HOME/.apm/${APM_PKG_NAME}/.deepinwine - - +ensure_dir $HOME/.apm/${APM_PKG_NAME}/ +# 根据沙盒模式决定是否创建其他目录 +if [ "${APM_USE_SANDBOX:-0}" = "1" ]; then + ensure_dir $HOME/.apm/${APM_PKG_NAME}/$(basename $(xdg-user-dir DESKTOP)) + ensure_dir $HOME/.apm/${APM_PKG_NAME}/$(basename $(xdg-user-dir DOCUMENTS)) + ensure_dir $HOME/.apm/${APM_PKG_NAME}/$(basename $(xdg-user-dir PICTURES)) + ensure_dir $HOME/.apm/${APM_PKG_NAME}/$(basename $(xdg-user-dir DOWNLOAD)) + ensure_dir $HOME/.apm/${APM_PKG_NAME}/$(basename $(xdg-user-dir VIDEOS)) + ensure_dir $HOME/.apm/${APM_PKG_NAME}/$(basename $(xdg-user-dir MUSIC)) +fi #### This part is for args pharm if [ "$1" = "" ];then @@ -92,13 +99,6 @@ for directory in "/usr/share/icons"/*; do fi fi done - - - - - - - } ##########合成bwrap 3. 环境变量和目录绑定配置段 # 添加环境变量和其他初始设置 @@ -111,7 +111,8 @@ ENV_VARS=( "XDG_DATA_DIRS /amber-ce-tools/additional-data-dir-in-container:\$XDG_DATA_DIRS" ) -BIND_DIRS=( +# 基础绑定目录(始终绑定) +BASE_BIND_DIRS=( "--dev-bind $chrootEnvPath/ /" "--dev-bind-try /media /media" "--dev-bind-try /mnt /mnt" @@ -128,12 +129,32 @@ BIND_DIRS=( "--ro-bind-try /usr/share/fonts /usr/local/share/fonts" "--dev-bind-try /etc/resolv.conf /etc/resolv.conf" "--dev-bind-try /home /home" - "--dev-bind-try $HOME/.apm/${APM_PKG_NAME}/.deepinwine $HOME/.deepinwine" + "--dev-bind-try $HOME/.apm/${APM_PKG_NAME}/ $HOME/" ) -EXTRA_ARGS=( - "--cap-add CAP_SYS_ADMIN" + +# 沙盒模式下的额外绑定目录 +SANDBOX_BIND_DIRS=( + "--dev-bind-try $(xdg-user-dir DESKTOP) $(xdg-user-dir DESKTOP)" + "--dev-bind-try $(xdg-user-dir DOCUMENTS) $(xdg-user-dir DOCUMENTS)" + "--dev-bind-try $(xdg-user-dir PICTURES) $(xdg-user-dir PICTURES)" + "--dev-bind-try $(xdg-user-dir DOWNLOAD) $(xdg-user-dir DOWNLOAD)" + "--dev-bind-try $(xdg-user-dir VIDEOS) $(xdg-user-dir VIDEOS)" + "--dev-bind-try $(xdg-user-dir MUSIC) $(xdg-user-dir MUSIC)" ) +# 非沙盒模式下的绑定目录(只绑定.deepinwine) +NON_SANDBOX_BIND_DIRS=( + "--dev-bind-try $HOME/.deepinwine $HOME/.deepinwine" +) + +# 根据 APM_USE_BWRAP 决定是否添加 CAP_SYS_ADMIN +EXTRA_ARGS=() +if [ "${APM_USE_BWRAP:-0}" != "1" ]; then + EXTRA_ARGS=( + "--cap-add CAP_SYS_ADMIN" + ) +fi + EXTRA_SCRIPTS=( # cursor_theme_dir_integration ) @@ -144,10 +165,23 @@ for var in "${ENV_VARS[@]}"; do add_env_var $var done -for var in "${BIND_DIRS[@]}"; do +# 添加基础绑定目录 +for var in "${BASE_BIND_DIRS[@]}"; do add_command "$var" done +# 根据沙盒模式添加不同的绑定目录 +if [ "${APM_USE_SANDBOX:-0}" = "1" ]; then + for var in "${SANDBOX_BIND_DIRS[@]}"; do + add_command "$var" + done +else + for var in "${NON_SANDBOX_BIND_DIRS[@]}"; do + add_command "$var" + done +fi + +# 添加额外参数 for var in "${EXTRA_ARGS[@]}"; do add_command "$var" done @@ -163,6 +197,4 @@ add_command "bash -c \"${container_command}\"" # echo "${EXEC_COMMAND}" # 注意: 实际执行时,请确保所有变量(如 $uid, $chrootEnvPath 等)都已正确定义 -eval ${EXEC_COMMAND} - - +eval ${EXEC_COMMAND} \ No newline at end of file diff --git a/src/var/lib/apm/apm/files/ace-run-bwrap b/src/var/lib/apm/apm/files/ace-run-bwrap new file mode 100755 index 0000000..166ec1a --- /dev/null +++ b/src/var/lib/apm/apm/files/ace-run-bwrap @@ -0,0 +1,168 @@ +#!/bin/bash + +function bash(){ +/usr/bin/bash --rcfile <(cat ~/.bashrc; echo "PS1=\"\[\e[37;40m\][\[\e[32;40m\]\u\[\e[37;40m\]@Amber-PM \[\e[36;40m\]\w\[\e[0m\]]\\\$ \"") $@ +} +export -f bash +function ensure_dir() { + local dir="$1" + + # 检查目录是否为空 + if [ -z "$dir" ]; then + echo "错误: 目录路径不能为空" + return 1 + fi + + # 检查目录是否存在 + if [ ! -d "$dir" ]; then + echo "目录 '$dir' 不存在,正在创建..." + if mkdir -p "$dir"; then + echo "成功创建目录 '$dir'" + return 0 + else + echo "错误: 无法创建目录 '$dir'" + return 1 + fi + else + return 0 + fi +} +chrootEnvPath="${chrootEnvPath:-$(pwd)/ace-env}" + +APM_PKG_NAME="${APM_PKG_NAME:-apm-general}" + +non_root_user=$(who | awk '{print $1}' | head -n 1) +uid=$(id -u $non_root_user) +ensure_dir $HOME/.apm/${APM_PKG_NAME}/.deepinwine + + + + +#### This part is for args pharm +if [ "$1" = "" ];then +container_command="bash" +else +container_command="$1" +shift +for arg in "$@"; do + arg="$(echo "${arg}x" | sed 's|'\''|'\'\\\\\'\''|g')" + arg="${arg%x}" + container_command="${container_command} '${arg}'" +done +fi +######################################################################################### +##########合成bwrap 1. 基础函数配置段 +# 初始化 EXEC_COMMAND 为 bwrap 基础指令 +EXEC_COMMAND="bwrap --dev-bind / / bwrap" + +# add_command 函数定义 +function add_command() { + # 参数拼接,考虑到转义和空格的处理 + for arg in "$@"; do + EXEC_COMMAND="${EXEC_COMMAND} ${arg}" + done +} + +function add_env_var() { + local var_name="${1}" + local var_value="${2}" + if [ "$var_value" != "" ]; then + add_command "--setenv $var_name $var_value" + + fi +} +##########合成bwrap 2. 特殊需求函数配置段 +function cursor_theme_dir_integration() { + +local directory="" +if [ "$(id -u)" = "0" ]; then #####We don't want bother root to install themes,but will try to fix the unwriteable issue + mkdir -p $chrootEnvPath/usr/share/icons + chmod 777 -R $chrootEnvPath/usr/share/icons + return +fi + +for directory in "/usr/share/icons"/*; do + # 检查是否为目录 + if [ -d "$directory" ]; then + # 检查目录中是否存在 cursors 文件 + if [ -d "$directory/cursors" ]; then + if [ -w $chrootEnvPath/usr/share/icons ];then + add_command "--ro-bind-try $directory $directory" + fi + fi + fi +done + + + + + + + +} +##########合成bwrap 3. 环境变量和目录绑定配置段 +# 添加环境变量和其他初始设置 +ENV_VARS=( + "FAKEROOTDONTTRYCHOWN 1" + "PULSE_SERVER /run/user/\$uid/pulse/native" + "PATH /amber-ce-tools/bin-override:\$PATH" + "IS_ACE_ENV 1" + "GTK_USE_PORTAL 1" + "XDG_DATA_DIRS /amber-ce-tools/additional-data-dir-in-container:\$XDG_DATA_DIRS" +) + +BIND_DIRS=( + "--dev-bind $chrootEnvPath/ /" + "--dev-bind-try /media /media" + "--dev-bind-try /mnt /mnt" + "--dev-bind-try /tmp /tmp" + "--dev-bind-try /data /data" + "--dev-bind-try /dev /dev" + "--proc /proc" + "--dev-bind /sys /sys" + "--dev-bind /run /run" + "--dev-bind-try /run/user/\$uid/pulse /run/user/\$uid/pulse" + "--dev-bind / /host" + "--ro-bind-try /usr/share/themes /usr/local/share/themes" + "--ro-bind-try /usr/share/icons /usr/share/icons" + "--ro-bind-try /usr/share/fonts /usr/local/share/fonts" + "--dev-bind-try /etc/resolv.conf /etc/resolv.conf" + "--dev-bind-try /home /home" + "--dev-bind-try $HOME/.apm/${APM_PKG_NAME}/.deepinwine $HOME/.deepinwine" +) +EXTRA_ARGS=( + "--cap-add CAP_SYS_ADMIN" +) + +EXTRA_SCRIPTS=( +# cursor_theme_dir_integration +) + +##########合成bwrap 4. 合成并执行指令 +# 逐一添加到 EXEC_COMMAND +for var in "${ENV_VARS[@]}"; do + add_env_var $var +done + +for var in "${BIND_DIRS[@]}"; do + add_command "$var" +done + +for var in "${EXTRA_ARGS[@]}"; do + add_command "$var" +done + +for var in "${EXTRA_SCRIPTS[@]}"; do + $var +done + +# 添加最终的 bash 命令 +add_command "bash -c \"${container_command}\"" + +# 输出完整的 EXEC_COMMAND 以查看 +# echo "${EXEC_COMMAND}" + +# 注意: 实际执行时,请确保所有变量(如 $uid, $chrootEnvPath 等)都已正确定义 +eval ${EXEC_COMMAND} + +