bug#47092: Icecat sandbox causes issues with fonts in --pure env

2021-10-28 Thread Mark H Weaver 
Hi,

Martin via Bug reports for GNU Guix  writes:

> Problem fixed with the newest IceCat v91.2.0-guix0-preview1 in the
>   guix c1ca853
>      repository URL: https://git.savannah.gnu.org/git/guix.git
>      branch: master
>      commit: c1ca85323d5246fc805a31e03b4164b8da08e930

Thanks for letting us know!  I'm closing this bug now.

 Regards,
   Mark

-- 
Disinformation flourishes because many people care deeply about injustice
but very few check the facts.  Ask me about .

bug#47092: Icecat sandbox causes issues with fonts in --pure env

2021-10-28 Thread Martin via Bug reports for GNU Guix 

Problem fixed with the newest IceCat v91.2.0-guix0-preview1 in the
 guix c1ca853
    repository URL: https://git.savannah.gnu.org/git/guix.git
    branch: master
    commit: c1ca85323d5246fc805a31e03b4164b8da08e930

bug#47092: Icecat sandbox causes issues with fonts in --pure env

2021-03-12 Thread Martin via Bug reports for GNU Guix 

On 3/12/21 10:51 AM, zimoun wrote:

Indeed, the package eolie is broken; which is another issue–and BTW
thanks for pointing this out.  Back to your initial report about icecat,
what about something like that:

--8<---cut here---start->8---
guix environment --preserve='^DISPLAY$' --container --network \
  --expose=/etc/machine-id \
  --expose=/etc/ssl/certs/ \
  --share=$HOME/.local/share/icecat/=$HOME/.local/share/icecat/ \
  --ad-hoc icecat nss-certs dbus --  icecat
--8<---cut here---end--->8---
It's still not relevant to my issue. To run icecat using your example 
you should change one parameter to 
"--share=$HOME/.mozilla=$HOME/.mozilla" but again with the default 
"security.sandbox.content.level=4" the fonts will be tofued. I think 
once the issue could be fixed with simpler command, i.e. 'guix 
environment --pure --ad-hoc icecat -- icecat' than it would be easier to 
port the solution on the --container case.


Kind regards!
Martin

bug#47092: Icecat sandbox causes issues with fonts in --pure env

2021-03-12 Thread zimoun 
Hi,

On Fri, 12 Mar 2021 at 10:15, Martin via Bug reports for GNU Guix 
 wrote:
> no it doesn't help in this case and in general eolie package seems to be 
> broken because it doesn't work even with the simple 'guix environment 
> --ad-hoc eolie --  eolie':

Indeed, the package eolie is broken; which is another issue–and BTW
thanks for pointing this out.  Back to your initial report about icecat,
what about something like that:

--8<---cut here---start->8---
   guix environment --preserve='^DISPLAY$' --container --network \
 --expose=/etc/machine-id \
 --expose=/etc/ssl/certs/ \
 --share=$HOME/.local/share/icecat/=$HOME/.local/share/icecat/ \
 --ad-hoc icecat nss-certs dbus --  icecat
--8<---cut here---end--->8---


All the best,
simon

bug#47092: Icecat sandbox causes issues with fonts in --pure env

2021-03-12 Thread zimoun 
Hi,

For discussion, please CC the bug.


On Fri, 12 Mar 2021 at 10:14, Martin  wrote:
> Hi Simon,
> no it doesn't help in this case and in general eolie package seems to be 
> broken because it doesn't work even with the simple 'guix environment 
> --ad-hoc eolie --  eolie':

The manual example is:

--8<---cut here---start->8---
guix environment --preserve='^DISPLAY$' --container --network \
  --expose=/etc/machine-id \
  --expose=/etc/ssl/certs/ \
  --share=$HOME/.local/share/eolie/=$HOME/.local/share/eolie/ \
  --ad-hoc eolie nss-certs dbus --  eolie
--8<---cut here---end--->8---

from 


Does it not work for you?

Then it should be adapted for your use-case.



All the best,
simon

bug#47092: Icecat sandbox causes issues with fonts in --pure env

2021-03-12 Thread Martin via Bug reports for GNU Guix 

Hi Simon,
no it doesn't help in this case and in general eolie package seems to be 
broken because it doesn't work even with the simple 'guix environment 
--ad-hoc eolie --  eolie':


Traceback (most recent call last):
  File 
"/gnu/store/w47sa5q3vki5siwk5lb62ld4ksxa5gcn-eolie-0.9.101/bin/.eolie-real", 
line 20, in 

    from eolie.application import Application
  File 
"/gnu/store/w47sa5q3vki5siwk5lb62ld4ksxa5gcn-eolie-0.9.101/lib/python3.8/site-packages/eolie/application.py", 
line 19, in 

    gi.require_version("Handy", "1")
  File 
"/gnu/store/597f7p79vyxjhwsv2qqnn76hx107xgj1-python-pygobject-3.34.0/lib/python3.8/site-packages/gi/__init__.py", 
line 129, in require_version

    raise ValueError('Namespace %s not available' % namespace)
ValueError: Namespace Handy not available

Kind regards!
Martin

On 3/12/21 9:53 AM, zimoun wrote:

Hi,

The example about ’eolie’ adapted to your usecase, does it not work?

See:



All the best,
simon

bug#47092: Icecat sandbox causes issues with fonts in --pure env

2021-03-12 Thread zimoun 
Hi,

The example about ’eolie’ adapted to your usecase, does it not work?

See:



All the best,
simon

bug#47092: Icecat sandbox causes issues with fonts in --pure env

2021-03-12 Thread Martin via Bug reports for GNU Guix 

Hello,
whenever I'm trying to run 'guix environment --pure --ad-hoc icecat -- 
icecat' or similar commands in a --container I'm ending up with some 
tofu ugly font fallback box glyphs in the app. However everything works 
fine running 'guix environment --ad-hoc icecat -- icecat'. Moreover I've 
noticed that when I edit the default value of 
"security.sandbox.content.level" from 4 to 2 in "about:config" then the 
problem disappear and the fonts are properly displayed in --pure and 
--container env. I was trying to install all possible fonts, running 
'fc-cache -rfv' and analyze the icecat logs with "MOZ_SANDBOX_LOGGING=1" 
to include blocking paths into the 
"security.sandbox.content.read_path_whitelist" but still I couldn't fix 
this issue with the icecat default sandbox level. Any ideas how to solve 
it in Guix System and what are the side effects of using 
"security.sandbox.content.level=2" in --pure env?


Kind regards!
Martin

security.sandbox.content.read_path_whitelist