me/guix
Archived
1
0
Fork 0
Code Activity
This repository has been archived on 2024-08-07. You can view files and clone it, but cannot push or open issues or pull requests.
guix/gnu/packages/patches/webkitgtk-share-store.patch
Jack Hill a6919866b0
gnu: webkitgtk: Patch to share store via Bubblewrap. 
Fixes <https://bugs.gnu.org/40837>.

* gnu/packages/patches/webkitgtk-share-store.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/webkit.scm (webkitgtk)[source](patches): Use it.

Co-authored-by: Marius Bakke <mbakke@fastmail.com>
2020-05-06 22:49:55 +02:00

19 lines
975 B
Diff
Raw Blame History

Tell bubblewrap to share the store. Required for programs that use the
sandboxing features such as Epiphany.
See <https://bugs.gnu.org/40837>.
Author: Jack Hill <jackhill@jackhill.us>
---
diff --git a/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp b/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp
--- a/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp
+++ b/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp
@@ -737,6 +737,9 @@ GRefPtr<GSubprocess> bubblewrapSpawn(GSubprocessLauncher* launcher, const Proces
"--ro-bind-try", "/usr/local/share", "/usr/local/share",
"--ro-bind-try", DATADIR, DATADIR,
+ // Bind mount the store inside the WebKitGTK sandbox.
+ "--ro-bind", "@storedir@", "@storedir@",
+
// We only grant access to the libdirs webkit is built with and
// guess system libdirs. This will always have some edge cases.
"--ro-bind-try", "/lib", "/lib",
View git blame Copy permalink