rpms
/
chromium
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix flatpak build

Browse Source
i10e
Arkady L. Shane 4 weeks ago
parent 19b3fe07b0
commit ab6e548726
Signed by: tigro
GPG Key ID: 1EC08A25C9DB2503
4 changed files with 1768 additions and 18 deletions
Show Stats Download Patch File Download Diff File

1325
SOURCES/flatpak-Add-initial-sandbox-support.patch
View File

File diff suppressed because it is too large Load Diff

86
SOURCES/flatpak-Adjust-paths-for-the-sandbox.patch
Unescape View File

@ -0,0 +1,86 @@
From 997c9dc4160c468f26acb851eb65408f41e2a091 Mon Sep 17 00:00:00 2001
From: Ryan Gonzalez <rymg19@gmail.com>
Date: Tue, 25 Aug 2020 19:26:07 -0500
Subject: [PATCH] flatpak: Adjust paths for the sandbox
---
chrome/common/BUILD.gn | 4 ++++
chrome/common/chrome_paths.cc | 26 +++++++++++++++++++++++++-
2 files changed, 29 insertions(+), 1 deletion(-)
diff --git a/chrome/common/BUILD.gn b/chrome/common/BUILD.gn
index 76cf6a5985990..4044c87b656c4 100644
--- a/chrome/common/BUILD.gn
+++ b/chrome/common/BUILD.gn
@@ -642,6 +642,10 @@ static_library("constants") {
"//third_party/widevine/cdm:headers",
]
}
+
+ if (is_linux) {
+ deps += [ "//sandbox/linux:sandbox_services" ]
+ }
}
# Use a static library here because many test binaries depend on this but don't
diff --git a/chrome/common/chrome_paths.cc b/chrome/common/chrome_paths.cc
index ec09803ffabcf..ecbc300b99e1d 100644
--- a/chrome/common/chrome_paths.cc
+++ b/chrome/common/chrome_paths.cc
@@ -38,6 +38,10 @@
#include "base/win/registry.h"
#endif
+#if BUILDFLAG(IS_LINUX)
+#include "sandbox/linux/services/flatpak_sandbox.h"
+#endif
+
#if BUILDFLAG(ENABLE_WIDEVINE)
#include "third_party/widevine/cdm/widevine_cdm_common.h" // nogncheck
#endif
@@ -537,6 +541,14 @@ bool PathProvider(int key, base::FilePath* result) {
break;
#if BUILDFLAG(IS_POSIX) && !BUILDFLAG(IS_MAC) && !BUILDFLAG(IS_OPENBSD)
case chrome::DIR_POLICY_FILES: {
+#if defined(OS_LINUX)
+ if (sandbox::FlatpakSandbox::GetInstance()->GetSandboxLevel() >
+ sandbox::FlatpakSandbox::SandboxLevel::kNone) {
+ cur = base::FilePath(
+ FILE_PATH_LITERAL("/app/chromium/extensions/policies"));
+ break;
+ }
+#endif
cur = base::FilePath(policy::kPolicyPath);
break;
}
@@ -557,7 +569,13 @@ bool PathProvider(int key, base::FilePath* result) {
#endif
#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
case chrome::DIR_STANDALONE_EXTERNAL_EXTENSIONS: {
- cur = base::FilePath(kFilepathSinglePrefExtensions);
+ if (sandbox::FlatpakSandbox::GetInstance()->GetSandboxLevel() >
+ sandbox::FlatpakSandbox::SandboxLevel::kNone) {
+ cur = base::FilePath(
+ FILE_PATH_LITERAL("/app/chromium/extensions/extensions"));
+ } else {
+ cur = base::FilePath(kFilepathSinglePrefExtensions);
+ }
break;
}
#endif
@@ -604,6 +622,12 @@ bool PathProvider(int key, base::FilePath* result) {
"/Library/Application Support/Chromium/NativeMessagingHosts"));
#endif
#else // BUILDFLAG(IS_MAC)
+ if (sandbox::FlatpakSandbox::GetInstance()->GetSandboxLevel() >
+ sandbox::FlatpakSandbox::SandboxLevel::kNone) {
+ cur = base::FilePath(FILE_PATH_LITERAL(
+ "/app/chromium/extensions/native-messaging-hosts"));
+ break;
+ }
#if BUILDFLAG(GOOGLE_CHROME_BRANDING)
cur = base::FilePath(
FILE_PATH_LITERAL("/etc/opt/chrome/native-messaging-hosts"));
--
2.46.1

326
SOURCES/flatpak-Expose-Widevine-into-the-sandbox.patch
Unescape View File

@ -0,0 +1,326 @@
From 0446b3432c90bbab893c7bde22a5e664e14753af Mon Sep 17 00:00:00 2001
From: Ryan Gonzalez <rymg19@gmail.com>
Date: Tue, 17 Nov 2020 13:00:39 -0600
Subject: [PATCH] flatpak: Expose Widevine into the sandbox
---
.../zygote_host/zygote_host_impl_linux.cc | 54 +++++++++++++-
sandbox/linux/services/flatpak_sandbox.cc | 74 ++++++++++++++-----
sandbox/linux/services/flatpak_sandbox.h | 27 ++++++-
3 files changed, 131 insertions(+), 24 deletions(-)
diff --git a/content/browser/zygote_host/zygote_host_impl_linux.cc b/content/browser/zygote_host/zygote_host_impl_linux.cc
index 1703fb6ade044..3e8eb87981230 100644
--- a/content/browser/zygote_host/zygote_host_impl_linux.cc
+++ b/content/browser/zygote_host/zygote_host_impl_linux.cc
@@ -9,7 +9,10 @@
#include <sys/types.h>
#include "base/files/file_enumerator.h"
+#include "base/files/file_util.h"
#include "base/logging.h"
+#include "base/nix/xdg_util.h"
+#include "base/path_service.h"
#include "base/posix/unix_domain_socket.h"
#include "base/process/kill.h"
#include "base/process/launch.h"
@@ -18,9 +21,12 @@
#include "base/types/fixed_array.h"
#include "build/build_config.h"
#include "build/chromeos_buildflags.h"
+#include "chrome/common/chrome_paths.h" // nogncheck
#include "content/common/zygote/zygote_commands_linux.h"
#include "content/common/zygote/zygote_communication_linux.h"
#include "content/common/zygote/zygote_handle_impl_linux.h"
+#include "content/public/common/cdm_info.h"
+#include "content/public/common/content_client.h"
#include "content/public/common/zygote/zygote_handle.h"
#include "sandbox/linux/services/credentials.h"
#include "sandbox/linux/services/flatpak_sandbox.h"
@@ -29,6 +35,7 @@
#include "sandbox/linux/suid/common/sandbox.h"
#include "sandbox/policy/linux/sandbox_linux.h"
#include "sandbox/policy/switches.h"
+#include "third_party/widevine/cdm/buildflags.h" // nogncheck
#if BUILDFLAG(IS_CHROMEOS)
#include "content/common/zygote/zygote_communication_linux.h"
@@ -193,8 +200,51 @@ pid_t ZygoteHostImpl::LaunchZygote(
if (is_sandboxed_zygote && use_namespace_sandbox_) {
process = sandbox::NamespaceSandbox::LaunchProcess(*cmd_line, options);
} else if (is_sandboxed_zygote && use_flatpak_sandbox_) {
- process = sandbox::FlatpakSandbox::GetInstance()->LaunchProcess(*cmd_line,
- options);
+ sandbox::FlatpakSandbox::SpawnOptions spawn_options;
+
+#if BUILDFLAG(ENABLE_LIBRARY_CDMS)
+ // Expose the CDM paths into the sandbox. This is similar to PreSandboxInit
+ // in content_main_runner_impl.cc.
+ std::vector<CdmInfo> cdms;
+ GetContentClient()->AddContentDecryptionModules(&cdms, nullptr);
+ for (const auto& cdm : cdms) {
+ if (!spawn_options.ExposePathRo(cdm.path)) {
+ LOG(ERROR) << "Failed to expose CDM module";
+ }
+ }
+#endif
+
+#if BUILDFLAG(ENABLE_WIDEVINE_CDM_COMPONENT)
+ // Make sure we also expose the full Widevine CDM folder so it can be
+ // detected.
+ // TODO: Remove the explicit dependencies on chrome::.
+ base::FilePath widevine_cdm_path;
+ if (!base::PathService::Get(chrome::DIR_COMPONENT_UPDATED_WIDEVINE_CDM,
+ &widevine_cdm_path)) {
+ LOG(ERROR) << "Failed to get Widevine CDM folder for sandbox forwarding";
+ }
+
+ LOG(INFO) << "Widevine CDM path IS: " << widevine_cdm_path;
+
+ if (!widevine_cdm_path.empty() && base::PathExists(widevine_cdm_path)) {
+ if (!spawn_options.ExposePathRo(widevine_cdm_path)) {
+ LOG(ERROR) << "Failed to expose updated Widevine CDM path";
+ }
+ }
+
+ // The Widevine data is found relative to $XDG_CONFIG_HOME, which is not set
+ // by default when running a sandboxed process.
+ auto env = base::Environment::Create();
+ base::FilePath xdgConfigHome = base::nix::GetXDGDirectory(
+ env.get(), base::nix::kXdgConfigHomeEnvVar, nullptr);
+ if (!xdgConfigHome.empty()) {
+ options.environment[base::nix::kXdgConfigHomeEnvVar] =
+ xdgConfigHome.value();
+ }
+#endif
+
+ process = sandbox::FlatpakSandbox::GetInstance()->LaunchProcess(
+ *cmd_line, options, spawn_options);
} else {
process = base::LaunchProcess(*cmd_line, options);
}
diff --git a/sandbox/linux/services/flatpak_sandbox.cc b/sandbox/linux/services/flatpak_sandbox.cc
index 2a915a5b9fa11..ed8d4c0556f63 100644
--- a/sandbox/linux/services/flatpak_sandbox.cc
+++ b/sandbox/linux/services/flatpak_sandbox.cc
@@ -4,6 +4,7 @@
#include "sandbox/linux/services/flatpak_sandbox.h"
+#include <fcntl.h>
#include <signal.h>
#include <sstream>
#include <string>
@@ -92,6 +93,18 @@ enum FlatpakSpawnSandboxFlags {
kFlatpakSpawnSandbox_ShareA11yBus = 1 << 4,
};
+bool FlatpakSandbox::SpawnOptions::ExposePathRo(base::FilePath path) {
+ base::ScopedFD fd(
+ HANDLE_EINTR(open(path.value().c_str(), O_PATH | O_NOFOLLOW)));
+ if (!fd.is_valid()) {
+ PLOG(ERROR) << "Failed to expose path " << path;
+ return false;
+ }
+
+ sandbox_expose_ro.push_back(std::move(fd));
+ return true;
+}
+
FlatpakSandbox::FlatpakSandbox()
: bus_thread_("FlatpakPortalBus"), process_info_cv_(&process_info_lock_) {}
@@ -168,8 +181,9 @@ bool FlatpakSandbox::IsPidSandboxed(base::ProcessId relative_pid) {
base::Process FlatpakSandbox::LaunchProcess(
const base::CommandLine& cmdline,
- const base::LaunchOptions& launch_options) {
- base::ProcessId external_pid = Spawn(cmdline, launch_options);
+ const base::LaunchOptions& launch_options,
+ const SpawnOptions& spawn_options /*= {}*/) {
+ base::ProcessId external_pid = Spawn(cmdline, launch_options, spawn_options);
if (external_pid == base::kNullProcessId) {
return base::Process();
}
@@ -363,9 +377,9 @@ void FlatpakSandbox::OnSpawnExitedSignal(dbus::Signal* signal) {
process_info_cv_.Broadcast();
}
-base::ProcessId FlatpakSandbox::Spawn(
- const base::CommandLine& cmdline,
- const base::LaunchOptions& launch_options) {
+base::ProcessId FlatpakSandbox::Spawn(const base::CommandLine& cmdline,
+ const base::LaunchOptions& launch_options,
+ const SpawnOptions& spawn_options) {
base::ScopedBlockingCall scoped_blocking_call(FROM_HERE,
base::BlockingType::MAY_BLOCK);
base::ScopedAllowBaseSyncPrimitives allow_wait;
@@ -391,24 +405,26 @@ base::ProcessId FlatpakSandbox::Spawn(
FROM_HERE,
base::BindOnce(&FlatpakSandbox::SpawnOnBusThread, base::Unretained(this),
base::Unretained(&external_pid), base::Unretained(&event),
- cmdline, launch_options));
+ base::Unretained(&cmdline),
+ base::Unretained(&launch_options),
+ base::Unretained(&spawn_options)));
event.Wait();
return external_pid;
}
-void FlatpakSandbox::SpawnOnBusThread(
- base::ProcessId* out_external_pid,
- base::WaitableEvent* event,
- const base::CommandLine& cmdline,
- const base::LaunchOptions& launch_options) {
+void FlatpakSandbox::SpawnOnBusThread(base::ProcessId* out_external_pid,
+ base::WaitableEvent* event,
+ const base::CommandLine* cmdline,
+ const base::LaunchOptions* launch_options,
+ const SpawnOptions* spawn_options) {
dbus::ObjectProxy* object_proxy = GetPortalObjectProxy();
dbus::MethodCall method_call(kFlatpakPortalInterfaceName, "Spawn");
dbus::MessageWriter writer(&method_call);
const base::FilePath& current_directory =
- !launch_options.current_directory.empty()
- ? launch_options.current_directory
+ !launch_options->current_directory.empty()
+ ? launch_options->current_directory
// Change to /app since it's guaranteed to always be present in
// the sandbox.
: kFlatpakAppPath;
@@ -417,7 +433,7 @@ void FlatpakSandbox::SpawnOnBusThread(
dbus::MessageWriter argv_writer(nullptr);
writer.OpenArray("ay", &argv_writer);
- for (const std::string& arg : cmdline.argv()) {
+ for (const std::string& arg : cmdline->argv()) {
WriteStringAsByteArray(&argv_writer, arg);
}
@@ -439,7 +455,7 @@ void FlatpakSandbox::SpawnOnBusThread(
WriteFdPairMap(&fds_writer, STDOUT_FILENO, STDOUT_FILENO);
WriteFdPairMap(&fds_writer, STDERR_FILENO, STDERR_FILENO);
- for (const auto& pair : launch_options.fds_to_remap) {
+ for (const auto& pair : launch_options->fds_to_remap) {
WriteFdPairMap(&fds_writer, pair.first, pair.second);
}
@@ -448,7 +464,7 @@ void FlatpakSandbox::SpawnOnBusThread(
dbus::MessageWriter env_writer(nullptr);
writer.OpenArray("{ss}", &env_writer);
- for (const auto& pair : launch_options.environment) {
+ for (const auto& pair : launch_options->environment) {
dbus::MessageWriter entry_writer(nullptr);
env_writer.OpenDictEntry(&entry_writer);
@@ -472,11 +488,11 @@ void FlatpakSandbox::SpawnOnBusThread(
#else
#endif
- if (launch_options.clear_environment) {
+ if (launch_options->clear_environment) {
spawn_flags |= kFlatpakSpawn_ClearEnvironment;
}
- if (launch_options.kill_on_parent_death) {
+ if (launch_options->kill_on_parent_death) {
spawn_flags |= kFlatpakSpawn_WatchBus;
}
@@ -485,6 +501,28 @@ void FlatpakSandbox::SpawnOnBusThread(
dbus::MessageWriter options_writer(nullptr);
writer.OpenArray("{sv}", &options_writer);
+ if (!spawn_options->sandbox_expose_ro.empty()) {
+ dbus::MessageWriter entry_writer(nullptr);
+ options_writer.OpenDictEntry(&entry_writer);
+
+ entry_writer.AppendString("sandbox-expose-fd-ro");
+
+ dbus::MessageWriter variant_writer(nullptr);
+ entry_writer.OpenVariant("ah", &variant_writer);
+
+ dbus::MessageWriter fds_writer(nullptr);
+ variant_writer.OpenArray("h", &fds_writer);
+
+ for (const base::ScopedFD& fd : spawn_options->sandbox_expose_ro) {
+ CHECK(fd.is_valid()) << "Invalid spawn expose fd";
+ fds_writer.AppendFileDescriptor(fd.get());
+ }
+
+ variant_writer.CloseContainer(&fds_writer);
+ entry_writer.CloseContainer(&variant_writer);
+ options_writer.CloseContainer(&entry_writer);
+ }
+
if (sandbox_flags != 0) {
dbus::MessageWriter entry_writer(nullptr);
options_writer.OpenDictEntry(&entry_writer);
diff --git a/sandbox/linux/services/flatpak_sandbox.h b/sandbox/linux/services/flatpak_sandbox.h
index 167bbc85945ad..de8e7165b4573 100644
--- a/sandbox/linux/services/flatpak_sandbox.h
+++ b/sandbox/linux/services/flatpak_sandbox.h
@@ -9,6 +9,8 @@
#include "base/compiler_specific.h"
#include "base/containers/flat_map.h"
#include "base/containers/flat_set.h"
+#include "base/files/file_path.h"
+#include "base/files/scoped_file.h"
#include "base/no_destructor.h"
#include "base/process/kill.h"
#include "base/process/launch.h"
@@ -34,6 +36,20 @@ namespace sandbox {
// it is known inside the sandbox's PID namespace.
class SANDBOX_EXPORT FlatpakSandbox {
public:
+ class SpawnOptions {
+ public:
+ SpawnOptions() = default;
+ SpawnOptions(const SpawnOptions& other) = delete;
+ SpawnOptions(SpawnOptions&& other) = delete;
+
+ bool ExposePathRo(base::FilePath path);
+
+ private:
+ friend class FlatpakSandbox;
+
+ std::vector<base::ScopedFD> sandbox_expose_ro;
+ };
+
static FlatpakSandbox* GetInstance();
// Represents the level of sandboxing inside a Flatpak. kNone means this is
@@ -55,7 +71,8 @@ class SANDBOX_EXPORT FlatpakSandbox {
// GetRelativePid. This is the reason why a vanilla ProcessId is returned
// rather than a base::Process instance.
base::Process LaunchProcess(const base::CommandLine& cmdline,
- const base::LaunchOptions& launch_options);
+ const base::LaunchOptions& launch_options,
+ const SpawnOptions& spawn_options = {});
// Indefinitely waits for the given process and fills the exit code pointer
// if given and non-null. Returns false on wait failure.
@@ -84,11 +101,13 @@ class SANDBOX_EXPORT FlatpakSandbox {
void OnSpawnExitedSignal(dbus::Signal* signal);
base::ProcessId Spawn(const base::CommandLine& cmdline,
- const base::LaunchOptions& launch_options);
+ const base::LaunchOptions& launch_options,
+ const SpawnOptions& spawn_options);
void SpawnOnBusThread(base::ProcessId* out_external_pid,
base::WaitableEvent* event,
- const base::CommandLine& cmdline,
- const base::LaunchOptions& launch_options);
+ const base::CommandLine* cmdline,
+ const base::LaunchOptions* launch_options,
+ const SpawnOptions* spawn_options);
void OnSpawnResponse(base::ProcessId* out_external_pid,
base::WaitableEvent* event,
dbus::Response* response,
--
2.46.1

49
SPECS/chromium.spec
Unescape View File

@ -40,7 +40,7 @@
ninja -j %{numjobs} -C '%1' '%2' ninja -j %{numjobs} -C '%1' '%2'
# enable|disable headless client build # enable|disable headless client build
%if %{with gost} %if %{with gost} || 0%{?flatpak}
%global build_headless 0 %global build_headless 0
%else %else
%global build_headless 1 %global build_headless 1
@ -55,7 +55,7 @@
%endif %endif
# enable|disable headless client build # enable|disable headless client build
%if %{with gost} %if %{with gost} || 0%{?flatpak}
%global build_chromedriver 0 %global build_chromedriver 0
%else %else
%global build_chromedriver 1 %global build_chromedriver 1
@ -478,6 +478,12 @@ Patch412: add-ppc64-architecture-to-extensions.diff
Patch413: fix-unknown-warning-option-messages.diff Patch413: fix-unknown-warning-option-messages.diff
Patch414: cargo-add-ppc64.diff Patch414: cargo-add-ppc64.diff
# flatpak sandbox patches from
# https://github.com/flathub/org.chromium.Chromium/tree/master/patches/chromium
Patch416: flatpak-Add-initial-sandbox-support.patch
Patch417: flatpak-Adjust-paths-for-the-sandbox.patch
Patch418: flatpak-Expose-Widevine-into-the-sandbox.patch
# Old Yandex patch # Old Yandex patch
Patch600: 0001-Yandex-as-default-search-engine.patch Patch600: 0001-Yandex-as-default-search-engine.patch
# MSVSphere # MSVSphere
@ -739,7 +745,7 @@ BuildRequires: libXNVCtrl-devel
%endif %endif
# One of the python scripts invokes git to look for a hash. So helpful. # One of the python scripts invokes git to look for a hash. So helpful.
BuildRequires: /usr/bin/git BuildRequires: git-core
BuildRequires: hwdata BuildRequires: hwdata
BuildRequires: kernel-headers BuildRequires: kernel-headers
%if ! %{bundlelibevent} %if ! %{bundlelibevent}
@ -858,7 +864,7 @@ Requires: nss-mdns%{_isa}
# GTK modules it expects to find for some reason. # GTK modules it expects to find for some reason.
Requires: libcanberra-gtk3%{_isa} Requires: libcanberra-gtk3%{_isa}
%if 0%{?fedora} %if 0%{?fedora} && %{undefined flatpak}
# This enables support for u2f tokens # This enables support for u2f tokens
Requires: u2f-hidraw-policy Requires: u2f-hidraw-policy
%endif %endif
@ -999,9 +1005,11 @@ Provides: bundled(xdg-mime)
Provides: bundled(xdg-user-dirs) Provides: bundled(xdg-user-dirs)
# Provides: bundled(zlib) = 1.2.11 # Provides: bundled(zlib) = 1.2.11
%if %{undefined flatpak}
# For selinux scriptlet # For selinux scriptlet
Requires(post): /usr/sbin/semanage Requires(post): /usr/sbin/semanage
Requires(post): /usr/sbin/restorecon Requires(post): /usr/sbin/restorecon
%endif
# Package with libffmpeg.so # Package with libffmpeg.so
Requires: %{name}-ffmpeg%{_isa} = %{version}-%{release} Requires: %{name}-ffmpeg%{_isa} = %{version}-%{release}
@ -1284,6 +1292,12 @@ sed -i 's/std::string data_dir_basename = "chromium"/std::string data_dir_basena
%patch -P414 -p1 -b .rust-add-ppc64-case %patch -P414 -p1 -b .rust-add-ppc64-case
%endif %endif
%if 0%{?flatpak}
%patch -P416 -p1 -b .flatpak-initial-sandbox
%patch -P417 -p1 -b .flatpak-sandbox-paths
%patch -P418 -p1 -b .flatpak-widevine
%endif
%patch -P601 -p1 -b .Added-Russian-description-and-summary-for-gnome-soft %patch -P601 -p1 -b .Added-Russian-description-and-summary-for-gnome-soft
%if ! %{with gost} %if ! %{with gost}
%patch -P602 -p1 -b .Yandex-as-default-search-engine %patch -P602 -p1 -b .Yandex-as-default-search-engine
@ -1336,12 +1350,12 @@ popd
popd popd
%else %else
mkdir -p third_party/node/linux/node-linux-x64/bin mkdir -p third_party/node/linux/node-linux-x64/bin
ln -sf %{_bindir}/node third_party/node/linux/node-linux-x64/bin/node ln -s $(which node) third_party/node/linux/node-linux-x64/bin/node
%endif %endif
# Get rid of the bundled esbuild # Get rid of the bundled esbuild
%if 0%{?fedora} %if 0%{?fedora}
ln -sf %{_bindir}/esbuild third_party/devtools-frontend/src/third_party/esbuild/esbuild ln -sf $(which esbuild) third_party/devtools-frontend/src/third_party/esbuild/esbuild
%else %else
%ifarch x86_64 %ifarch x86_64
tar -zxf %{SOURCE14} --directory %{_tmppath} tar -zxf %{SOURCE14} --directory %{_tmppath}
@ -1356,7 +1370,7 @@ popd
rm -rf buildtools/third_party/eu-strip/bin/eu-strip rm -rf buildtools/third_party/eu-strip/bin/eu-strip
# Replace it with a symlink to the Fedora copy # Replace it with a symlink to the Fedora copy
ln -s %{_bindir}/eu-strip buildtools/third_party/eu-strip/bin/eu-strip ln -s $(which eu-strip) buildtools/third_party/eu-strip/bin/eu-strip
%if %{bundlelibusbx} %if %{bundlelibusbx}
# no hackity hack hack # no hackity hack hack
@ -1364,7 +1378,7 @@ ln -s %{_bindir}/eu-strip buildtools/third_party/eu-strip/bin/eu-strip
# hackity hack hack # hackity hack hack
rm -rf third_party/libusb/src/libusb/libusb.h rm -rf third_party/libusb/src/libusb/libusb.h
# we _shouldn't need to do this, but it looks like we do. # we _shouldn't need to do this, but it looks like we do.
cp -a %{_includedir}/libusb-1.0/libusb.h third_party/libusb/src/libusb/libusb.h cp -a $(pkg-config --variable=includedir libusb-1.0)/libusb-1.0/libusb.h third_party/libusb/src/libusb/libusb.h
%endif %endif
# Hard code extra version # Hard code extra version
@ -1431,11 +1445,8 @@ export RUSTC_BOOTSTRAP=1
# set rustc version # set rustc version
rustc_version="$(rustc --version)" rustc_version="$(rustc --version)"
# set rust bindgen root # set rust bindgen root
%if 0%{?rhel} == 8 rust_bindgen_root="$(which bindgen | sed 's#/bin/.*##')"
rust_bindgen_root="$PWD%{_prefix}" rust_sysroot_absolute="$(rustc --print sysroot)"
%else
rust_bindgen_root="%{_prefix}"
%endif
# set clang version # set clang version
clang_version="$(clang --version | sed -n 's/clang version //p' | cut -d. -f1)" clang_version="$(clang --version | sed -n 's/clang version //p' | cut -d. -f1)"
@ -1479,7 +1490,7 @@ CHROMIUM_CORE_GN_DEFINES+=' clang_use_chrome_plugins=false'
CHROMIUM_CORE_GN_DEFINES+=' use_lld=true' CHROMIUM_CORE_GN_DEFINES+=' use_lld=true'
# enable system rust # enable system rust
CHROMIUM_CORE_GN_DEFINES+=' rust_sysroot_absolute="%{_prefix}"' CHROMIUM_CORE_GN_DEFINES+=" rust_sysroot_absolute=\"$rust_sysroot_absolute\""
CHROMIUM_CORE_GN_DEFINES+=" rust_bindgen_root=\"$rust_bindgen_root\"" CHROMIUM_CORE_GN_DEFINES+=" rust_bindgen_root=\"$rust_bindgen_root\""
CHROMIUM_CORE_GN_DEFINES+=" rustc_version=\"$rustc_version\"" CHROMIUM_CORE_GN_DEFINES+=" rustc_version=\"$rustc_version\""
@ -1526,13 +1537,13 @@ CHROMIUM_BROWSER_GN_DEFINES+=' rtc_use_h264=true'
CHROMIUM_BROWSER_GN_DEFINES+=' use_kerberos=true' CHROMIUM_BROWSER_GN_DEFINES+=' use_kerberos=true'
%if %{use_qt} %if %{use_qt}
CHROMIUM_BROWSER_GN_DEFINES+=' use_qt=true moc_qt5_path="%{_libdir}/qt5/bin/"' CHROMIUM_BROWSER_GN_DEFINES+=" use_qt=true moc_qt5_path=\"$(%{_qt5_qmake} -query QT_HOST_BINS)\""
%else HROMIUM_BROWSER_GN_DEFINES+="
CHROMIUM_BROWSER_GN_DEFINES+=' use_qt=false' CHROMIUM_BROWSER_GN_DEFINES+=' use_qt=false'
%endif %endif
%if %{use_qt6} %if %{use_qt6}
CHROMIUM_BROWSER_GN_DEFINES+=' use_qt6=true moc_qt6_path="%{_libdir}/qt6/libexec/"' CHROMIUM_BROWSER_GN_DEFINES+=" use_qt6=true moc_qt6_path=\"$(%{_qt6_qmake} -query QT_HOST_LIBEXECS)\""
%else %else
CHROMIUM_BROWSER_GN_DEFINES+=' use_qt6=false' CHROMIUM_BROWSER_GN_DEFINES+=' use_qt6=false'
%endif %endif
@ -1698,7 +1709,7 @@ fi
%if %{bootstrap} %if %{bootstrap}
tools/gn/bootstrap/bootstrap.py --gn-gen-args="$CHROMIUM_CORE_GN_DEFINES $CHROMIUM_BROWSER_GN_DEFINES" tools/gn/bootstrap/bootstrap.py --gn-gen-args="$CHROMIUM_CORE_GN_DEFINES $CHROMIUM_BROWSER_GN_DEFINES"
%else %else
mkdir -p %{chromebuilddir} && cp -a %{_bindir}/gn %{chromebuilddir}/ mkdir -p %{chromebuilddir} && cp -a $(which gn) %{chromebuilddir}/
%endif %endif
%{chromebuilddir}/gn --script-executable=%{chromium_pybin} gen --args="$CHROMIUM_CORE_GN_DEFINES $CHROMIUM_BROWSER_GN_DEFINES" %{chromebuilddir} %{chromebuilddir}/gn --script-executable=%{chromium_pybin} gen --args="$CHROMIUM_CORE_GN_DEFINES $CHROMIUM_BROWSER_GN_DEFINES" %{chromebuilddir}
@ -1936,6 +1947,7 @@ cp -a %{SOURCE9} %{buildroot}%{_datadir}/gnome-control-center/default-apps/
# README.fedora # README.fedora
cp %{SOURCE1} . cp %{SOURCE1} .
%if %{undefined flatpak}
%post %post
# Set SELinux labels - semanage itself will adjust the lib directory naming # Set SELinux labels - semanage itself will adjust the lib directory naming
# But only do it when selinux is enabled, otherwise, it gets noisy. # But only do it when selinux is enabled, otherwise, it gets noisy.
@ -1945,6 +1957,7 @@ if selinuxenabled; then
semanage fcontext -a -t chrome_sandbox_exec_t /usr/lib/chrome-sandbox &>/dev/null || : semanage fcontext -a -t chrome_sandbox_exec_t /usr/lib/chrome-sandbox &>/dev/null || :
restorecon -R -v %{chromium_path}/%{chromium_browser_channel} &>/dev/null || : restorecon -R -v %{chromium_path}/%{chromium_browser_channel} &>/dev/null || :
fi fi
%endif
%if %{build_remoting} %if %{build_remoting}
%pretrans -n chrome-remote-desktop -p <lua> %pretrans -n chrome-remote-desktop -p <lua>

Write Preview
Loading…
Cancel
Save