On Sat, 25 Apr 2020, Jack Hill wrote:
in Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp of WebKitGTK,
I set the PULSE_CLIENTCONFIG environemnt variable to the store path rather
than /etc/pulse/client.conf, which is what it was set to before.
That allowed epiphany to get past the problem with client.conf. However, it
then hits another problem with something not being shared as seen in this
session:
I tried patching webkitgtk to share the whole /gnu/store in the new mount
namespace (see attached patch). Unfortunately, when I ran epiphany with
that patch applied and PULSE_CLIENTCONFIG set to /etc/pulse/client.conf,
the "bwrap: Can't create file at /etc/pulse/client.conf: No such file or
directory" error returned.
Via strace, I saw that my patch was having an effect on the arguments to
bwrap. Could it be that the order of the --bind/--ro-bind arguments
matters?
Thoughts?
Jack
From f8901a83e2abc2c6ab34f5883663315b8d715e2f Mon Sep 17 00:00:00 2001
From: Jack Hill <jackh...@jackhill.us>
Date: Sat, 25 Apr 2020 22:03:48 -0400
Subject: [PATCH] gnu: webkitgtk: Patch to share store via bwarp
* gnu/packages/patches/webkitgtk-share-store.patch: New File.
* gnu/local.mk: Add here.
* gnu/packages/webkit.scm (webkitgtk)[source]: Apply patch.
---
gnu/local.mk | 1 +
.../patches/webkitgtk-share-store.patch | 18 ++++++++++++++++++
gnu/packages/webkit.scm | 4 +++-
3 files changed, 22 insertions(+), 1 deletion(-)
create mode 100644 gnu/packages/patches/webkitgtk-share-store.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index 2780434455..6c11a07c24 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1554,6 +1554,7 @@ dist_patch_DATA = \
%D%/packages/patches/vte-CVE-2012-2738-pt1.patch \
%D%/packages/patches/vte-CVE-2012-2738-pt2.patch \
%D%/packages/patches/weasyprint-library-paths.patch \
+ %D%/packages/patches/webkitgtk-share-store.patch \
%D%/packages/patches/websocketpp-fix-for-boost-1.70.patch \
%D%/packages/patches/wicd-bitrate-none-fix.patch \
%D%/packages/patches/wicd-get-selected-profile-fix.patch \
diff --git a/gnu/packages/patches/webkitgtk-share-store.patch b/gnu/packages/patches/webkitgtk-share-store.patch
new file mode 100644
index 0000000000..b927ab7b0a
--- /dev/null
+++ b/gnu/packages/patches/webkitgtk-share-store.patch
@@ -0,0 +1,18 @@
+Author: Jack Hill <jackh...@jackhill.us>
+Tell bubblewrap to share the store
+---
+diff --git a/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp b/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp
+index ad301ab2..d53b680e 100644
+--- a/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp
++++ b/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp
+@@ -737,6 +737,10 @@ GRefPtr<GSubprocess> bubblewrapSpawn(GSubprocessLauncher* launcher, const Proces
+ "--ro-bind-try", "/usr/local/share", "/usr/local/share",
+ "--ro-bind-try", DATADIR, DATADIR,
+
++ // TESTING: bind moutn /gnu/store
++ // This should be improved
++ "--ro-bind", "/gnu/store", "/gnu/store",
++
+ // We only grant access to the libdirs webkit is built with and
+ // guess system libdirs. This will always have some edge cases.
+ "--ro-bind-try", "/lib", "/lib",
diff --git a/gnu/packages/webkit.scm b/gnu/packages/webkit.scm
index 377fc0dfaf..fcfd28666b 100644
--- a/gnu/packages/webkit.scm
+++ b/gnu/packages/webkit.scm
@@ -128,7 +128,9 @@ engine that uses Wayland for graphics output.")
"webkitgtk-" version ".tar.xz"))
(sha256
(base32
- "1n7k4yriqhr38f4fgy8pzdn1nm60m53z8p478sgg64swxnijdg5c"))))
+ "1n7k4yriqhr38f4fgy8pzdn1nm60m53z8p478sgg64swxnijdg5c"))
+ (patches
+ (search-patches "webkitgtk-share-store.patch"))))
(build-system cmake-build-system)
(outputs '("out" "doc"))
(arguments
--
2.26.2
