On Tue, Jun 02, 2020 at 01:18:50PM -0500, joshua stein wrote: > On Tue, 02 Jun 2020 at 17:07:18 +0100, Laurence Tratt wrote: > > At some point recently our mozilla-firefox port stopped automatically > > opening > > downloaded files for me. pkg/README says: > > > > Due to unveil(2) limiting filesystem access, only the default MIME > > handler registered for a given type can be chosen when opening a > > downloaded file. For example, to use the mupdf package to read > > PDFs, it must be registered as the default with XDG: > > > > $ xdg-mime default mupdf.desktop application/pdf > > > > And, indeed, I have had that set for some while and it used to work fine. > > However, when I click on a PDF link in Firefox, it now brings up the > > (not-very-useful because of unveil!) "launch application" window. > > > > I'm sure I'm missing out on something obvious, but I'm not sure what it > > might > > be (and I know someone else who's equally baffled). In case it's relevant, > > I'm using XFCE (so DBUS is running) on -current as of a couple of days ago, > > with the firefox-76.0p0 package on amd64. If anyone has any pointers, I know > > at least two of us who will welcome them! > > Firefox tries to execute xdg-open to parse the MIME stuff and run > the appropriate handler for application/pdf. > > https://github.com/mozilla/gecko-dev/blob/c686b5d5614da653c20c689cea96a80ae598a1a1/toolkit/system/gnome/nsGIOService.cpp#L504-L514 > > Up until Glib 2.64.2, this was done by executing gio-launch-desktop > with xdg-open as an argument. This worked out for us because > xdg-open is a shell script and gio-launch-desktop was a binary, so > we could just unveil /usr/local/bin/gio-launch-desktop in Firefox's > unveil.main. > > This changed as of updating our Glib port to 2.64.2 a few weeks ago, > and now Glib no longer ships with gio-launch-desktop, trying to run > xdg-open via /bin/sh directly: > > https://gitlab.gnome.org/GNOME/glib/-/merge_requests/1362/diffs > > I'm not sure how best to handle this going forward, but unveiling > /bin/sh is not a good idea.
Definitely. Filed https://gitlab.gnome.org/GNOME/glib/-/issues/2123 to try to get upstream to revert said MR and reinstate gio-launch-desktop, thanks for finding this change. > Perhaps we include a small compiled utility with Firefox that just > hard-codes execve("/usr/local/bin/xdg-open", ...) and then unveil > that binary instead of gio-launch-desktop? Firefox would still need > modifying to exec that utility directly instead of using Glib's > g_app_info_create_from_commandline. That's imo ugly, as it would only 'fix' it for firefox and not all potential unveiled glib apps. Plus, it would have to be upstreamed first at mozilla (you know my own policy..) Landry
