From mboxrd@z Thu Jan 1 00:00:00 1970 From: Jack Hill Subject: bug#40837: core-updates: webkitgtk web process sandbox incomplete Date: Tue, 28 Apr 2020 12:27:57 -0400 (EDT) Message-ID: References: <171b356d9e2.1154aefce15638.8921669740072490388@zoho.com> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed Return-path: Received: from eggs.gnu.org ([2001:470:142:3::10]:33382) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jTT9i-0006LC-MD for bug-guix@gnu.org; Tue, 28 Apr 2020 12:33:02 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.90_1) (envelope-from ) id 1jTT6W-00059s-3l for bug-guix@gnu.org; Tue, 28 Apr 2020 12:32:22 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:57851) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1jTT6U-00059j-7e for bug-guix@gnu.org; Tue, 28 Apr 2020 12:29:03 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1jTT6U-0005ck-3U for bug-guix@gnu.org; Tue, 28 Apr 2020 12:29:02 -0400 Sender: "Debbugs-submit" Resent-Message-ID: In-Reply-To: List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane-mx.org@gnu.org Sender: "bug-Guix" To: 40837 <40837@debbugs.gnu.org> Cc: sirgazil After further discussion on the Bubblewrap issue [0], it was determined that the problem should be fixed by having WebKitGTK canonicalize paths before passing them to bwrap. There is now a WebKit issue for that fix [1]. [0] https://github.com/containers/bubblewrap/issues/195 [1] https://bugs.webkit.org/show_bug.cgi?id=211131 When the WebKit issue is fixed, that should solve the problem with /etc/pulse/client.conf. I believe that we will still have work to do in Guix to make sure the store is available inside the sandbox. Best, Jack