'\" t .\" Title: flatpak build-finish .\" Author: Alexander Larsson .\" Generator: DocBook XSL Stylesheets v1.79.1 .\" Date: 04/14/2021 .\" Manual: flatpak build-finish .\" Source: flatpak .\" Language: English .\" .TH "FLATPAK BUILD\-FINIS" "1" "" "flatpak" "flatpak build-finish" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .\" http://bugs.debian.org/507673 .\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .ie \n(.g .ds Aq \(aq .el .ds Aq ' .\" ----------------------------------------------------------------- .\" * set default formatting .\" ----------------------------------------------------------------- .\" disable hyphenation .nh .\" disable justification (adjust text to left margin only) .ad l .\" ----------------------------------------------------------------- .\" * MAIN CONTENT STARTS HERE * .\" ----------------------------------------------------------------- .SH "NAME" flatpak-build-finish \- Finalize a build directory .SH "SYNOPSIS" .HP \w'\fBflatpak\ build\-finish\fR\ 'u \fBflatpak build\-finish\fR [OPTION...] DIRECTORY .SH "DESCRIPTION" .PP Finalizes a build directory, to prepare it for exporting\&. DIRECTORY is the name of the directory\&. .PP The result of this command is that desktop files, icons and D\-Bus service files from the files subdirectory are copied to a new export subdirectory\&. In the metadata file, the command key is set in the [Application] group, and the supported keys in the [Environment] group are set according to the options\&. .PP As part of finalization you can also specify permissions that the app needs, using the various options specified below\&. Additionally during finalization the permissions from the runtime are inherited into the app unless you specify \fB\-\-no\-inherit\-permissions\fR .PP You should review the exported files and the application metadata before creating and distributing an application bundle\&. .PP It is an error to run build\-finish on a directory that has not been initialized as a build directory, or has already been finalized\&. .SH "OPTIONS" .PP The following options are understood: .PP \fB\-h\fR, \fB\-\-help\fR .RS 4 Show help options and exit\&. .RE .PP \fB\-\-command=COMMAND\fR .RS 4 The command to use\&. If this option is not specified, the first executable found in files/bin is used\&. .sp Note that the command is used when the application is run via \fBflatpak run\fR, and does not affect what gets executed when the application is run in other ways, e\&.g\&. via the desktop file or D\-Bus activation\&. .RE .PP \fB\-\-require\-version=MAJOR\&.MINOR\&.MICRO\fR .RS 4 Require this version or later of flatpak to install/update to this build\&. .RE .PP \fB\-\-share=SUBSYSTEM\fR .RS 4 Share a subsystem with the host session\&. This updates the [Context] group in the metadata\&. SUBSYSTEM must be one of: network, ipc\&. This option can be used multiple times\&. .RE .PP \fB\-\-unshare=SUBSYSTEM\fR .RS 4 Don\*(Aqt share a subsystem with the host session\&. This updates the [Context] group in the metadata\&. SUBSYSTEM must be one of: network, ipc\&. This option can be used multiple times\&. .RE .PP \fB\-\-socket=SOCKET\fR .RS 4 Expose a well\-known socket to the application\&. This updates the [Context] group in the metadata\&. SOCKET must be one of: x11, wayland, fallback\-x11, pulseaudio, system\-bus, session\-bus, ssh\-auth, pcsc, cups\&. This option can be used multiple times\&. .sp The fallback\-x11 option makes the X11 socket available only if there is no Wayland socket\&. This option was introduced in 0\&.11\&.3\&. To support older Flatpak releases, specify both x11 and fallback\-x11\&. The fallback\-x11 option takes precedence when both are supported\&. .RE .PP \fB\-\-nosocket=SOCKET\fR .RS 4 Don\*(Aqt expose a well known socket to the application\&. This updates the [Context] group in the metadata\&. SOCKET must be one of: x11, wayland, fallback\-x11, pulseaudio, system\-bus, session\-bus, ssh\-auth, pcsc, cups\&. This option can be used multiple times\&. .RE .PP \fB\-\-device=DEVICE\fR .RS 4 Expose a device to the application\&. This updates the [Context] group in the metadata\&. DEVICE must be one of: dri, kvm, shm, all\&. This option can be used multiple times\&. .RE .PP \fB\-\-nodevice=DEVICE\fR .RS 4 Don\*(Aqt expose a device to the application\&. This updates the [Context] group in the metadata\&. DEVICE must be one of: dri, kvm, shm, all\&. This option can be used multiple times\&. .RE .PP \fB\-\-allow=FEATURE\fR .RS 4 Allow access to a specific feature\&. This updates the [Context] group in the metadata\&. FEATURE must be one of: devel, multiarch, bluetooth, canbus\&. This option can be used multiple times\&. .sp The devel feature allows the application to access certain syscalls such as ptrace(), and perf_event_open()\&. .sp The multiarch feature allows the application to execute programs compiled for an ABI other than the one supported natively by the system\&. For example, for the x86_64 architecture, 32\-bit x86 binaries will be allowed as well\&. .sp The bluetooth feature allows the application to use bluetooth (AF_BLUETOOTH) sockets\&. Note, for bluetooth to fully work you must also have network access\&. .sp The canbus feature allows the application to use canbus (AF_CAN) sockets\&. Note, for this work you must also have network access\&. .RE .PP \fB\-\-disallow=FEATURE\fR .RS 4 Disallow access to a specific feature\&. This updates the [Context] group in the metadata\&. FEATURE must be one of: devel, multiarch, bluetooth, canbus\&. This option can be used multiple times\&. .RE .PP \fB\-\-filesystem=FS\fR .RS 4 Allow the application access to a subset of the filesystem\&. This updates the [Context] group in the metadata\&. FS can be one of: home, host, host\-os, host\-etc, xdg\-desktop, xdg\-documents, xdg\-download, xdg\-music, xdg\-pictures, xdg\-public\-share, xdg\-templates, xdg\-videos, xdg\-run, xdg\-config, xdg\-cache, xdg\-data, an absolute path, or a homedir\-relative path like ~/dir or paths relative to the xdg dirs, like xdg\-download/subdir\&. The optional :ro suffix indicates that the location will be read\-only\&. The optional :create suffix indicates that the location will be read\-write and created if it doesn\*(Aqt exist\&. This option can be used multiple times\&. See the "[Context] filesystems" list in \fBflatpak-metadata\fR(5) for details of the meanings of these filesystems\&. .RE .PP \fB\-\-nofilesystem=FILESYSTEM\fR .RS 4 Remove access to the specified subset of the filesystem from the application\&. This overrides to the Context section from the application metadata\&. FILESYSTEM can be one of: home, host, host\-os, host\-etc, xdg\-desktop, xdg\-documents, xdg\-download, xdg\-music, xdg\-pictures, xdg\-public\-share, xdg\-templates, xdg\-videos, an absolute path, or a homedir\-relative path like ~/dir\&. This option can be used multiple times\&. .RE .PP \fB\-\-add\-policy=SUBSYSTEM\&.KEY=VALUE\fR .RS 4 Add generic policy option\&. For example, "\-\-add\-policy=subsystem\&.key=v1 \-\-add\-policy=subsystem\&.key=v2" would map to this metadata: .sp .if n \{\ .RS 4 .\} .nf [Policy subsystem] key=v1;v2; .fi .if n \{\ .RE .\} .sp This option can be used multiple times\&. .RE .PP \fB\-\-remove\-policy=SUBSYSTEM\&.KEY=VALUE\fR .RS 4 Remove generic policy option\&. This option can be used multiple times\&. .RE .PP \fB\-\-env=VAR=VALUE\fR .RS 4 Set an environment variable in the application\&. This updates the [Environment] group in the metadata\&. This overrides to the Context section from the application metadata\&. This option can be used multiple times\&. .RE .PP \fB\-\-unset\-env=VAR\fR .RS 4 Unset an environment variable in the application\&. This updates the unset\-environment entry in the [Context] group of the metadata\&. This option can be used multiple times\&. .RE .PP \fB\-\-env\-fd=\fR\fB\fIFD\fR\fR .RS 4 Read environment variables from the file descriptor \fIFD\fR, and set them as if via \fB\-\-env\fR\&. This can be used to avoid environment variables and their values becoming visible to other users\&. .sp Each environment variable is in the form \fIVAR\fR=\fIVALUE\fR followed by a zero byte\&. This is the same format used by env \-0 and /proc/*/environ\&. .RE .PP \fB\-\-own\-name=NAME\fR .RS 4 Allow the application to own the well known name NAME on the session bus\&. If NAME ends with \&.*, it allows the application to own all matching names\&. This updates the [Session Bus Policy] group in the metadata\&. This option can be used multiple times\&. .RE .PP \fB\-\-talk\-name=NAME\fR .RS 4 Allow the application to talk to the well known name NAME on the session bus\&. If NAME ends with \&.*, it allows the application to talk to all matching names\&. This updates the [Session Bus Policy] group in the metadata\&. This option can be used multiple times\&. .RE .PP \fB\-\-system\-own\-name=NAME\fR .RS 4 Allow the application to own the well known name NAME on the system bus\&. If NAME ends with \&.*, it allows the application to own all matching names\&. This updates the [System Bus Policy] group in the metadata\&. This option can be used multiple times\&. .RE .PP \fB\-\-system\-talk\-name=NAME\fR .RS 4 Allow the application to talk to the well known name NAME on the system bus\&. If NAME ends with \&.*, it allows the application to talk to all matching names\&. This updates the [System Bus Policy] group in the metadata\&. This option can be used multiple times\&. .RE .PP \fB\-\-persist=FILENAME\fR .RS 4 If the application doesn\*(Aqt have access to the real homedir, make the (homedir\-relative) path FILENAME a bind mount to the corresponding path in the per\-application directory, allowing that location to be used for persistent data\&. This updates the [Context] group in the metadata\&. This option can be used multiple times\&. .RE .PP \fB\-\-runtime=RUNTIME\fR, \fB\-\-sdk=SDK\fR .RS 4 Change the runtime or sdk used by the app to the specified partial ref\&. Unspecified parts of the ref are taken from the old values or defaults\&. .RE .PP \fB\-\-metadata=GROUP=KEY[=VALUE]\fR .RS 4 Set a generic key in the metadata file\&. If value is left out it will be set to "true"\&. .RE .PP \fB\-\-extension=NAME=VARIABLE[=VALUE]\fR .RS 4 Add extension point info\&. See the documentation for \fBflatpak-metadata\fR(5) for the possible values of \fIVARIABLE\fR and \fIVALUE\fR\&. .RE .PP \fB\-\-remove\-extension=NAME\fR .RS 4 Remove extension point info\&. .RE .PP \fB\-\-extension\-priority=VALUE\fR .RS 4 Set the priority (library override order) of the extension point\&. Only useful for extensions\&. 0 is the default, and higher value means higher priority\&. .RE .PP \fB\-\-extra\-data=NAME:SHA256:DOWNLOAD\-SIZE:INSTALL\-SIZE:URL\fR .RS 4 Adds information about extra data uris to the app\&. These will be downloaded and verified by the client when the app is installed and placed in the /app/extra directory\&. You can also supply an /app/bin/apply_extra script that will be run after the files are downloaded\&. .RE .PP \fB\-\-no\-exports\fR .RS 4 Don\*(Aqt look for exports in the build\&. .RE .PP \fB\-\-no\-inherit\-permissions\fR .RS 4 Don\*(Aqt inherit runtime permissions in the app\&. .RE .PP \fB\-v\fR, \fB\-\-verbose\fR .RS 4 Print debug information during command processing\&. .RE .PP \fB\-\-ostree\-verbose\fR .RS 4 Print OSTree debug information during command processing\&. .RE .SH "EXAMPLES" .PP \fB$ flatpak build\-finish /build/my\-app \-\-socket=x11 \-\-share=ipc\fR .sp .if n \{\ .RS 4 .\} .nf Exporting share/applications/gnome\-calculator\&.desktop Exporting share/dbus\-1/services/org\&.gnome\&.Calculator\&.SearchProvider\&.service More than one executable Using gcalccmd as command Please review the exported files and the metadata .fi .if n \{\ .RE .\} .SH "SEE ALSO" .PP \fBflatpak\fR(1), \fBflatpak-build-init\fR(1), \fBflatpak-build\fR(1), \fBflatpak-build-export\fR(1)