On Mon, 14 Feb 2022 at 01:06:11 +0900, Roger Shimizu wrote: > I also tried v98 based tree, and result is the same, same build error as > above. > My conclusion is that buster cannot get chromiium major version > updated easily (except flatpak way, of course).
buster's version of flatpak does not have features that Chromium needs, so running Chromium as a Flatpak app on buster requires an updated flatpak from buster-backports. If the security and release teams want this to be possible, the only way that I think is realistic would be to take the bullseye version of flatpak, as backported into buster-backports, and copy it into buster via -proposed-updates or -security; that seems like it will be lower-risk than backporting arbitrary subsets of flatpak 1.10.x into (our fork of) flatpak 1.2.x. Chromium as a Flatpak app also requires access to unprivileged creation of user namespaces, which buster kernels don't allow by default. The bullseye version of bubblewrap enables this as part of the transition path to bullseye, but the buster-backports version does not. I could easily make the buster-backports version of bubblewrap enable unprivileged creation of user namespaces, but that doesn't seem like a "least astonishment" change for oldstable, so I'm not going to do that unless the security/stable-release teams ask me to. If we aren't willing to backport this sort of thing, which we have not historically been, then "don't use oldstable for desktop machines" seems like the only proportionate response - sorry, Flatpak can do a lot to facilitate app updates, but it isn't magic. smcv