From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2.migadu.com ([2001:41d0:303:e224::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms1.migadu.com with LMTPS id GA9jKlbII2bGJAEAe85BDQ:P1 (envelope-from ) for ; Sat, 20 Apr 2024 15:51:18 +0200 Received: from aspmx1.migadu.com ([2001:41d0:303:e224::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2.migadu.com with LMTPS id GA9jKlbII2bGJAEAe85BDQ (envelope-from ) for ; Sat, 20 Apr 2024 15:51:18 +0200 X-Envelope-To: larch@yhetil.org Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=quic.us header.s=default header.b=ZjHNAojh; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org"; dmarc=none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1713621078; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:resent-cc: resent-from:resent-sender:resent-message-id:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=lWHbDDMMKBuU5HOAXh29Nf3ifMsRWFtrF3H+P0Tdqv8=; b=gue7IrTDF4VhHuqsEv/5G9F/La/WLyvOZlMOgHNAgZT3DSSqKakHqcM8weW5l+lBVUEpYq jCyAwBtQJoPeowS8rXscvrsgR1tpNlXeITGB9WbVKYeqVNA4+3U3ZePwgdrNsdWeGQKbiA SIXUqiotmgMBBXCrgvIccLi2H1o9DY4V09jtfGomxjoZ7bdQ5ofsBPBAGtrjhPj5tmOqfB IqlE5mlmXML1U0zr6DvnMSb16Niu+Gp8xaYHkvISG0EP5Nk67C1JbLjep6HT2HmBWALM2q NK4JlrOX+udAYdnz3/sTdB52zFxggBDodkY8LShI41Zf6MHpt4qE1FFJfXtb9A== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1713621078; a=rsa-sha256; cv=none; b=jgFsmnyNLDlr6lhDfDqbNQiCQDqgrLRsMLwyjZ9nFLLyDdF5ktRBgJkyISkwLWg1Q52uyJ qq8X6odvMcEgQVz7xk91I7OQZtBrMfoTfUiWl338B8h9cCHUW5J7FyTB5RX3Tsyz0r8vCB lFuCr0SeBm03zRyTV3iMWw3aGPQnFEHt+L47xOZ30GAFtEvPc+a3Hrd0rmYXSCeYXdcNCw QAmc1Gaat33y3D/HWTr+khvRbb7DA99auxHdC3Zt73ZKHXWsV5ZMmdpa3fcJXkbdHmV87I 4XaAaw97TpGIF9h6P6lTRu6O5AYLrsB8QMoLVjV9WsWlOy8dvPFZUDbrcvXZoA== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=quic.us header.s=default header.b=ZjHNAojh; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org"; dmarc=none Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 6D1F9116BA for ; Sat, 20 Apr 2024 15:51:18 +0200 (CEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1ryB7I-0001XT-UD; Sat, 20 Apr 2024 09:50:57 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1ryB7G-0001X0-AF for guix-patches@gnu.org; Sat, 20 Apr 2024 09:50:54 -0400 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1ryB7F-00056I-M8 for guix-patches@gnu.org; Sat, 20 Apr 2024 09:50:53 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1ryB7T-0000Yf-HP; Sat, 20 Apr 2024 09:51:07 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#70446] [PATCH v4] gnu: webkitgtk: Add access to system locale path and to paths from GUIX_LOCPATH, LOCPATH, and LIBVA_DRIVERS_PATH to gtk sandbox in order to silence gtk locale warnings and enable hardware accelerated video. References: <34830675a6123b15bd652b2aae0922ff95d15f54.1713408724.git.abhi@quic.us> In-Reply-To: <34830675a6123b15bd652b2aae0922ff95d15f54.1713408724.git.abhi@quic.us> Resent-From: Abhishek Cherath Original-Sender: "Debbugs-submit" Resent-CC: liliana.prikler@gmail.com, maxim.cournoyer@gmail.com, vivien@planete-kraus.eu, guix-patches@gnu.org Resent-Date: Sat, 20 Apr 2024 13:51:07 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 70446 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 70446@debbugs.gnu.org Cc: Abhishek Cherath , Liliana Marie Prikler , Maxim Cournoyer , Vivien Kraus X-Debbugs-Original-Xcc: Liliana Marie Prikler , Maxim Cournoyer , Vivien Kraus Received: via spool by 70446-submit@debbugs.gnu.org id=B70446.17136210091656 (code B ref 70446); Sat, 20 Apr 2024 13:51:07 +0000 Received: (at 70446) by debbugs.gnu.org; 20 Apr 2024 13:50:09 +0000 Received: from localhost ([127.0.0.1]:36426 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ryB6T-0000Q4-2X for submit@debbugs.gnu.org; Sat, 20 Apr 2024 09:50:08 -0400 Received: from mta-10-4.privateemail.com ([198.54.122.149]:9745) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ryB6N-0000OX-59 for 70446@debbugs.gnu.org; Sat, 20 Apr 2024 09:50:02 -0400 Received: from mta-10.privateemail.com (localhost [127.0.0.1]) by mta-10.privateemail.com (Postfix) with ESMTP id 40C6C18000AF; Sat, 20 Apr 2024 09:49:38 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=quic.us; s=default; t=1713620978; bh=2kem6GbuluofU8uK56M6Yb4KmSgwxMpB8SNZvCea/xI=; h=From:To:Cc:Subject:Date:From; b=ZjHNAojh3YYuSUZ2r6w+qERnML+Izyh9+8lCJxd36VSCSCZWWO+OG4x/OXzXL7Aog zjZKiaBW6rRWubDnI3stTmu3Yi9vPSM90HkF6O/X764AtrD5tyejGcUjAnje1lcZzP 1sj3cUssy3M3vBjIV8I4aUvrbtIWaJOShY8eHUszNfw30xahyD0xywO62ju6+x6uSH zrAp6KgEAZTxxYo1NNSK3K+qKSw4fzaP/LI0VRLaANhprajXvX7mmdpSxCpqFtBJBf FGa+K1JFoICW37lKAg0YRucFNMhDFZyx4qryb7IhQWDRyr/dCtZFTw2grjeuXhffjH iDDb869c0QOQg== Received: from localhost (207-237-25-55.s5642.c3-0.wsd-cbr1.qens-wsd.ny.cable.rcncustomer.com [207.237.25.55]) by mta-10.privateemail.com (Postfix) with ESMTPA; Sat, 20 Apr 2024 09:49:36 -0400 (EDT) Received: from localhost (localhost [local]) by localhost (OpenSMTPD) with ESMTPA id a41b26ce; Sat, 20 Apr 2024 13:49:34 +0000 (UTC) From: Abhishek Cherath Date: Sat, 20 Apr 2024 09:44:03 -0400 Message-ID: <337ee6c76e8326b875045f6c8bf54304ff017311.1713620642.git.abhi@quic.us> X-Mailer: git-send-email 2.41.0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Virus-Scanned: ClamAV using ClamSMTP X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: guix-patches-bounces+larch=yhetil.org@gnu.org X-Migadu-Flow: FLOW_IN X-Migadu-Country: US X-Migadu-Spam-Score: 3.34 X-Spam-Score: 3.34 X-Migadu-Queue-Id: 6D1F9116BA X-Migadu-Scanner: mx12.migadu.com X-TUID: 9Lx9LzxVVwqY * gnu/packages/patches/webkitgtk-adjust-bubblewrap-paths.patch: Add @dridir@ and @localedir@ to bubblewrap gtk sandbox Add paths from GUIX_LOCPATH, LOCPATH, and LIBVA_DRIVERS_PATH to bubblewrap gtk sandbox. * gnu/packages/webkit.scm (webkitgtk)[arguments]: In the 'configure-bubblewrap-store-directory' phase, also supply system locale to webkitgtk-adjust-bubblewrap-paths.patch template. Change-Id: I6be0c473ebaa6c04ebb00a2b4afcae2c89396e4f --- Thanks @LillianaPrikler@gmail.com for all the help :D, I thought about this a bit more and looked at all the utility stuff in BubblewrapLauncher.cpp. I realized that the correct thing to do here is to simply mount the LIBVA_DRIVERS_PATH paths. I'm wondering if this shouldn't be part of the gstreamer default mounts even upstream? along with the LOCPATH mount. .../patches/webkitgtk-adjust-bubblewrap-paths.patch | 13 ++++++++++++- gnu/packages/webkit.scm | 8 +++++++- 2 files changed, 19 insertions(+), 2 deletions(-) diff --git a/gnu/packages/patches/webkitgtk-adjust-bubblewrap-paths.patch b/gnu/packages/patches/webkitgtk-adjust-bubblewrap-paths.patch index 18ddb645ad..4195aca388 100644 --- a/gnu/packages/patches/webkitgtk-adjust-bubblewrap-paths.patch +++ b/gnu/packages/patches/webkitgtk-adjust-bubblewrap-paths.patch @@ -1,11 +1,13 @@ Share /gnu/store in the BubbleWrap container and remove FHS mounts. +Also share system locale directory and paths in LOCPATH, GUIX_LOCPATH, +and LIBVA_DRIVERS_PATH This is a Guix-specific patch not meant to be upstreamed. diff --git a/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp b/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp index f0a5e4b05dff..88b11f806968 100644 --- a/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp +++ b/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp -@@ -854,27 +854,12 @@ GRefPtr bubblewrapSpawn(GSubprocessLauncher* launcher, const Proces +@@ -854,27 +854,21 @@ GRefPtr bubblewrapSpawn(GSubprocessLauncher* launcher, const Proces "--ro-bind", "/sys/dev", "/sys/dev", "--ro-bind", "/sys/devices", "/sys/devices", @@ -33,6 +35,15 @@ index f0a5e4b05dff..88b11f806968 100644 + + // Bind mount the store inside the WebKitGTK sandbox. + "--ro-bind", "@storedir@", "@storedir@", ++ ++ // This is needed for system locales ++ "--ro-bind-try", "@localedir@", "@localedir@", }; ++ // User specified locale directory ++ bindPathVar(sandboxArgs, "LOCPATH"); ++ // Locales in case of foreign system. ++ bindPathVar(sandboxArgs, "GUIX_LOCPATH"); ++ // Drivers for video hardware acceleration (va-api) ++ bindPathVar(sandboxArgs, "LIBVA_DRIVERS_PATH"); if (launchOptions.processType == ProcessLauncher::ProcessType::DBusProxy) { diff --git a/gnu/packages/webkit.scm b/gnu/packages/webkit.scm index bf24a65e83..d057bb3aa2 100644 --- a/gnu/packages/webkit.scm +++ b/gnu/packages/webkit.scm @@ -8,6 +8,7 @@ ;;; Copyright © 2019 Marius Bakke ;;; Copyright © 2021, 2022, 2023 Maxim Cournoyer ;;; Copyright © 2022, 2023 Efraim Flashner +;;; Copyright © 2024 Abhishek Cherath ;;; ;;; This file is part of GNU Guix. ;;; @@ -190,7 +191,12 @@ (define-public webkitgtk (let ((store-directory (%store-directory))) (substitute* "Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp" - (("@storedir@") store-directory))))) + (("@storedir@") store-directory) + ;; this silences gtk locale errors + ;; Unfortunately, simply bind mounting /run/current-system + ;; does not work since it leads to weird issues + ;; with symlinks that confuse bubblewrap. + (("@localedir@") "/run/current-system/locale"))))) (add-after 'unpack 'do-not-disable-new-dtags ;; Ensure the linker uses new dynamic tags as this is what Guix ;; uses and validates in the validate-runpath phase. base-commit: b05bb6608c7f25ddce6b563194ba5a3007009282 -- 2.41.0