Package: xvfb
Version: 2:1.4.2-3
Severity: wishlist
File: /usr/bin/xvfb-run
Tags: patch
For e.g. automated testing of desktop applications, it would be nice
to have an xvfb-run mode that makes an effort to isolate the processes
it spawns from the user's normal environment. Specifically, it should
provide its own, empty, $HOME and $TMPDIR, and should attempt to unset
all environment variables that identify desktop services.
I attach a patch that does just this. It's not perfect: the biggest flaw
being that it relies on a list of shell glob patterns matching environment
variables to unset, and that list is surely incomplete. I don't use
KDE, for instance, so I had to guess what environment variables might
be relevant there. It works beautifully for my purposes, though.
$PATH is left intact, as is the current directory; this is intentional.
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.25-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages xvfb depends on:
ii libc6 2.7-13 GNU C Library: Shared libraries
ii libdbus-1-3 1.2.1-3simple interprocess messaging syst
ii libfontenc1 1:1.0.4-3 X11 font encoding library
ii libhal1 0.5.11-2 Hardware Abstraction Layer - share
ii libpixman-1-0 0.10.0-2 pixel-manipulation library for X a
ii libxau6 1:1.0.3-3 X11 authorisation library
ii libxdmcp6 1:1.0.2-3 X11 Display Manager Control Protoc
ii libxfont1 1:1.3.3-1 X11 font rasterisation library
ii x11-common1:7.3+15 X Window System (X.Org) infrastruc
Versions of packages xvfb recommends:
ii xbase-clients 1:7.3+15 miscellaneous X clients - metapack
ii xfonts-base 1:1.0.0-5 standard fonts for X
xvfb suggests no packages.
-- no debconf information
--- /usr/bin/xvfb-run 2008-08-02 15:26:56.0 -0700
+++ src/mozilla/xvfb-run2008-08-07 18:24:21.206536935 -0700
@@ -50,6 +50,8 @@
Options:
-a--auto-servernum try to get a free server number, starting
at
--server-num
+-i--isolate try to isolate processes running under Xvfb
+from the parent environment
-e FILE --error-file=FILE file used to store xauth errors and Xvfb
output (default: $ERRORFILE)
-f FILE --auth-file=FILE file used to store auth cookie
@@ -94,9 +96,22 @@
fi
}
+# Unset environment variables which might apply to a parent session
+# rather than the virtual session. This list is undoubtedly incomplete.
+clean_env() {
+for var in $(set | cut -d= -f1); do
+case $var in
+ DBUS_* | DESKTOP_* | DISPLAY | GDM* | GNOME_* | GPG_* | GTK_* | \
+ KDE* | QT* | SESSION_* | SSH_* | SCREEN* | XAUTHORITY )
+ unset $var
+ ;;
+ esac
+done
+}
+
# Parse the command line.
-ARGS=$(getopt --options +ae:f:hn:lp:s:w: \
- --long
auto-servernum,error-file:,auth-file:,help,server-num:,listen-tcp,xauth-protocol:,server-args:,wait:
\
+ARGS=$(getopt --options +aie:f:hn:lp:s:w: \
+ --long
auto-servernum,isolate,error-file:,auth-file:,help,server-num:,listen-tcp,xauth-protocol:,server-args:,wait:
\
--name "$PROGNAME" -- "$@")
GETOPT_STATUS=$?
@@ -111,6 +126,7 @@
case "$1" in
-a|--auto-servernum) SERVERNUM=$(find_free_servernum) ;;
-e|--error-file) ERRORFILE="$2"; shift ;;
+ -i|--isolate) ISOLATE="yes" ;;
-f|--auth-file) AUTHFILE="$2"; shift ;;
-h|--help) SHOWHELP="yes" ;;
-n|--server-num) SERVERNUM="$2"; shift ;;
@@ -144,16 +160,28 @@
# tidy up after ourselves
trap clean_up EXIT
-# If the user did not specify an X authorization file to use, set up a
temporary
-# directory to house one.
-if [ -z "$AUTHFILE" ]; then
+# If the user did not specify an X authorization file to use, or requested
+# a sanitized environment, we need a temporary directory.
+if [ -z "$AUTHFILE" ] || [ "$CLEANENV" ]; then
XVFB_RUN_TMPDIR="${TMPDIR:-/tmp}/$PROGNAME.$$"
if ! mkdir -p -m 700 "$XVFB_RUN_TMPDIR"; then
-error "temporary directory $XVFB_RUN_TMPDIR already exists"
exit 4
fi
+fi
+if [ -z "$AUTHFILE" ]; then
AUTHFILE=$(tempfile -n "$XVFB_RUN_TMPDIR/Xauthority")
fi
+if [ "$ISOLATE" ]; then
+ clean_env
+ if ! mkdir -p "$XVFB_RUN_TMPDIR/home" "$XVFB_RUN_TMPDIR/tmp"; then
+ exit 4
+ fi
+ HOME="$XVFB_RUN_TMPDIR/home"
+ TMP="$XVFB_RUN_TMPDIR/tmp"
+ TEMP="$XVFB_RUN_TMPDIR/tmp"
+ TMPDIR="$XVFB_RUN_TMPDIR/tmp"
+ export HOME TMP TEMP TMPDIR
+fi
# Start Xvfb.
MCOOKIE=$(mcookie)