Bug#928415: Possibly helpful follow-up

[Baptiste Carvello]

Hi everybody,

and first of all thanks to our maintainer for quickly fixing this very
annoying bug.

On Sun, 5 May 2019 12:50:47 -0700 Larry Doolittle
 wrote:
> Alexis Murzeau  wrote:
> > See here: https://news.ycombinator.com/item?id=19826903
> 
> Which instructs people to install
> https://storage.googleapis.com/moz-fx-normandy-prod-addons/extensions/hotfix-update-xpi-intermediate%40mozilla.com-1.0.2-signed.xpi
> 
> [...]
While the bug is now fixed, I wanted to record a more generally
applicable solution that saved me yesterday (you never know, it could
happen again).

On a single-user system, and if you are willing to manage extensions
updates manually, you can sidestep the signature checks by moving your
extensions to
"/usr/share/mozilla/extensions/{ec8030f7-c20a-464f-9b0e-13a3a9e97384}"
(you need root for that, which is arguably a good thing).

# cd "/usr/share/mozilla/extensions/{ec8030f7-c20a-464f-9b0e-13a3a9e97384}"
# mv -i $FF_PROFILE/extensions/*.xpi .
# chown root.root *.xpi
# chmod a+r *.xpi

Philosophical conclusion:
1) all DRM, however well-meaning, is user-unfriendly
2) and Debian is right to provide a way around it
3) which should be unashamedly documented.

Cheers,
Baptiste

Bug#928415: Possibly helpful follow-up

[Larry Doolittle]

Alexis Murzeau  wrote:
> See here: https://news.ycombinator.com/item?id=19826903

Which instructs people to install
https://storage.googleapis.com/moz-fx-normandy-prod-addons/extensions/hotfix-update-xpi-intermediate%40mozilla.com-1.0.2-signed.xpi

For me at least, that download resulted in a file with sha256sum
b25031ac78020aad3be1fb8144cacbcf4a9b2d866585f066a577c10b835cd800  
hotfix-update-xpi-intermedi...@mozilla.com-1.0.2-signed.xpi
and installing it (i.e., with
  firefox hotfix-update-xpi-intermedi...@mozilla.com-1.0.2-signed.xpi
) seems to have the desired effect.
I had to use a mouse-click to confirm my wish to install it.

  - Larry