Some additional observations:
With my patched webkitgtk, if I set:
PULSE_CLIENTCONFIG=/gnu/store/zc4dsmvdabi00nvisrjhi9w00ff4igs7-client.conf
it does work, which is an improvement compared to without the patch.
I notice that Nix [0] has a similar patch:
"""
diff -ru
old/webkitgtk-2.26.0/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp
webkitgtk-2.26.0/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp
---
old/webkitgtk-2.26.0/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp
2019-09-09 04:47:07.000000000 -0400
+++
webkitgtk-2.26.0/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp
2019-09-20 21:14:10.537921173 -0400
@@ -585,7 +585,7 @@
{ SCMP_SYS(keyctl), nullptr },
{ SCMP_SYS(request_key), nullptr },
- // Scary VM/NUMA ops
+ // Scary VM/NUMA ops
{ SCMP_SYS(move_pages), nullptr },
{ SCMP_SYS(mbind), nullptr },
{ SCMP_SYS(get_mempolicy), nullptr },
@@ -724,6 +724,10 @@
"--ro-bind-try", "/usr/local/lib64", "/usr/local/lib64",
"--ro-bind-try", PKGLIBEXECDIR, PKGLIBEXECDIR,
+
+ // Nix Directories
+ "--ro-bind", "@storeDir@", "@storeDir@",
+ "--ro-bind", "/run/current-system", "/run/current-system",
};
// We would have to parse ld config files for more info.
bindPathVar(sandboxArgs, "LD_LIBRARY_PATH");
"""
[0]
https://github.com/NixOS/nixpkgs/blob/465566948393cf533e3617704d1c4ccc34cf3753/pkgs/development/libraries/webkitgtk/fix-bubblewrap-paths.patch
so I wonder if I didn't do the mounts in the right place and or if it is
becasue I missed /run/current-system.
I'm going to try to adapt the Nix patch to see if that helps.
Best,
Jack
