From: Jack Hill <jackhill@jackhill.us>
To: 40837 <40837@debbugs.gnu.org>
Cc: sirgazil <sirgazil@zoho.com>
Subject: bug#40837: core-updates: epiphany web process crashes
Date: Sat, 25 Apr 2020 23:03:01 -0400 (EDT) [thread overview]
Message-ID: <alpine.DEB.2.20.2004252257540.5735@marsh.hcoop.net> (raw)
In-Reply-To: <alpine.DEB.2.20.2004252139570.5735@marsh.hcoop.net>
[-- Attachment #1: Type: text/plain, Size: 926 bytes --]
On Sat, 25 Apr 2020, Jack Hill wrote:
> in Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp of WebKitGTK,
> I set the PULSE_CLIENTCONFIG environemnt variable to the store path rather
> than /etc/pulse/client.conf, which is what it was set to before.
>
> That allowed epiphany to get past the problem with client.conf. However, it
> then hits another problem with something not being shared as seen in this
> session:
I tried patching webkitgtk to share the whole /gnu/store in the new mount
namespace (see attached patch). Unfortunately, when I ran epiphany with
that patch applied and PULSE_CLIENTCONFIG set to /etc/pulse/client.conf,
the "bwrap: Can't create file at /etc/pulse/client.conf: No such file or
directory" error returned.
Via strace, I saw that my patch was having an effect on the arguments to
bwrap. Could it be that the order of the --bind/--ro-bind arguments
matters?
Thoughts?
Jack
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: Type: text/x-diff; name=0001-gnu-webkitgtk-Patch-to-share-store-via-bwarp.patch, Size: 3165 bytes --]
From f8901a83e2abc2c6ab34f5883663315b8d715e2f Mon Sep 17 00:00:00 2001
From: Jack Hill <jackhill@jackhill.us>
Date: Sat, 25 Apr 2020 22:03:48 -0400
Subject: [PATCH] gnu: webkitgtk: Patch to share store via bwarp
* gnu/packages/patches/webkitgtk-share-store.patch: New File.
* gnu/local.mk: Add here.
* gnu/packages/webkit.scm (webkitgtk)[source]: Apply patch.
---
gnu/local.mk | 1 +
.../patches/webkitgtk-share-store.patch | 18 ++++++++++++++++++
gnu/packages/webkit.scm | 4 +++-
3 files changed, 22 insertions(+), 1 deletion(-)
create mode 100644 gnu/packages/patches/webkitgtk-share-store.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index 2780434455..6c11a07c24 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1554,6 +1554,7 @@ dist_patch_DATA = \
%D%/packages/patches/vte-CVE-2012-2738-pt1.patch \
%D%/packages/patches/vte-CVE-2012-2738-pt2.patch \
%D%/packages/patches/weasyprint-library-paths.patch \
+ %D%/packages/patches/webkitgtk-share-store.patch \
%D%/packages/patches/websocketpp-fix-for-boost-1.70.patch \
%D%/packages/patches/wicd-bitrate-none-fix.patch \
%D%/packages/patches/wicd-get-selected-profile-fix.patch \
diff --git a/gnu/packages/patches/webkitgtk-share-store.patch b/gnu/packages/patches/webkitgtk-share-store.patch
new file mode 100644
index 0000000000..b927ab7b0a
--- /dev/null
+++ b/gnu/packages/patches/webkitgtk-share-store.patch
@@ -0,0 +1,18 @@
+Author: Jack Hill <jackhill@jackhill.us>
+Tell bubblewrap to share the store
+---
+diff --git a/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp b/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp
+index ad301ab2..d53b680e 100644
+--- a/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp
++++ b/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp
+@@ -737,6 +737,10 @@ GRefPtr<GSubprocess> bubblewrapSpawn(GSubprocessLauncher* launcher, const Proces
+ "--ro-bind-try", "/usr/local/share", "/usr/local/share",
+ "--ro-bind-try", DATADIR, DATADIR,
+
++ // TESTING: bind moutn /gnu/store
++ // This should be improved
++ "--ro-bind", "/gnu/store", "/gnu/store",
++
+ // We only grant access to the libdirs webkit is built with and
+ // guess system libdirs. This will always have some edge cases.
+ "--ro-bind-try", "/lib", "/lib",
diff --git a/gnu/packages/webkit.scm b/gnu/packages/webkit.scm
index 377fc0dfaf..fcfd28666b 100644
--- a/gnu/packages/webkit.scm
+++ b/gnu/packages/webkit.scm
@@ -128,7 +128,9 @@ engine that uses Wayland for graphics output.")
"webkitgtk-" version ".tar.xz"))
(sha256
(base32
- "1n7k4yriqhr38f4fgy8pzdn1nm60m53z8p478sgg64swxnijdg5c"))))
+ "1n7k4yriqhr38f4fgy8pzdn1nm60m53z8p478sgg64swxnijdg5c"))
+ (patches
+ (search-patches "webkitgtk-share-store.patch"))))
(build-system cmake-build-system)
(outputs '("out" "doc"))
(arguments
--
2.26.2
next prev parent reply other threads:[~2020-04-26 3:04 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-04-25 2:55 bug#40837: core-updates: epiphany web process crashes Jack Hill
2020-04-25 3:19 ` Jack Hill
2020-04-25 21:55 ` sirgazil via Bug reports for GNU Guix
2020-04-26 1:23 ` Jack Hill
2020-04-26 1:46 ` Jack Hill
2020-04-26 3:03 ` Jack Hill [this message]
2020-04-26 20:42 ` bug#40837: core-updates: webkitgtk web process sandbox incomplete Jack Hill
2020-04-27 22:02 ` Jack Hill
2020-04-28 3:03 ` Jack Hill
2020-04-28 16:27 ` Jack Hill
2020-04-28 16:33 ` sirgazil via Bug reports for GNU Guix
2020-05-06 16:39 ` Marius Bakke
2020-05-06 20:17 ` Jack Hill
2020-05-06 20:53 ` Marius Bakke
2020-05-04 19:27 ` bug#40837: (no subject) sirgazil via web
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=alpine.DEB.2.20.2004252257540.5735@marsh.hcoop.net \
--to=jackhill@jackhill.us \
--cc=40837@debbugs.gnu.org \
--cc=sirgazil@zoho.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.