[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
01/13: gnu: ungoogled-chromium: Enable RUNPATH validation.
From: |
guix-commits |
Subject: |
01/13: gnu: ungoogled-chromium: Enable RUNPATH validation. |
Date: |
Thu, 16 Dec 2021 16:23:10 -0500 (EST) |
mbakke pushed a commit to branch master
in repository guix.
commit 48a1bb314dd77916203deadc8ce7bc664e0f95f9
Author: Marius Bakke <marius@gnu.org>
AuthorDate: Wed Dec 15 18:16:20 2021 +0100
gnu: ungoogled-chromium: Enable RUNPATH validation.
* gnu/packages/patches/ungoogled-chromium-RUNPATH.patch: New file.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
* gnu/packages/chromium.scm (%guix-patches): Add it.
(ungoogled-chromium)[arguments]: Remove #:validate-runpath?.
---
gnu/local.mk | 1 +
gnu/packages/chromium.scm | 5 +++--
.../patches/ungoogled-chromium-RUNPATH.patch | 22 ++++++++++++++++++++++
3 files changed, 26 insertions(+), 2 deletions(-)
diff --git a/gnu/local.mk b/gnu/local.mk
index 2d91c95..c5ed210 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1849,6 +1849,7 @@ dist_patch_DATA =
\
%D%/packages/patches/ucx-tcp-iface-ioctl.patch \
%D%/packages/patches/ungoogled-chromium-extension-search-path.patch \
%D%/packages/patches/ungoogled-chromium-ffmpeg-compat.patch \
+ %D%/packages/patches/ungoogled-chromium-RUNPATH.patch \
%D%/packages/patches/ungoogled-chromium-system-nspr.patch \
%D%/packages/patches/unison-fix-ocaml-4.08.patch \
%D%/packages/patches/unknown-horizons-python-3.8-distro.patch \
diff --git a/gnu/packages/chromium.scm b/gnu/packages/chromium.scm
index f3028d3..a6df47e 100644
--- a/gnu/packages/chromium.scm
+++ b/gnu/packages/chromium.scm
@@ -375,6 +375,9 @@
(search-patch "ungoogled-chromium-extension-search-path.patch")))
(local-file
(assume-valid-file-name
+ (search-patch "ungoogled-chromium-RUNPATH.patch")))
+ (local-file
+ (assume-valid-file-name
(search-patch "ungoogled-chromium-ffmpeg-compat.patch")))
(local-file
(assume-valid-file-name
@@ -483,8 +486,6 @@
(build-system gnu-build-system)
(arguments
`(#:tests? #f
- ;; FIXME: Chromiums RUNPATH lacks entries for some libraries.
- #:validate-runpath? #f
#:modules ((guix build gnu-build-system)
(guix build utils)
(srfi srfi-26))
diff --git a/gnu/packages/patches/ungoogled-chromium-RUNPATH.patch
b/gnu/packages/patches/ungoogled-chromium-RUNPATH.patch
new file mode 100644
index 0000000..379c47a
--- /dev/null
+++ b/gnu/packages/patches/ungoogled-chromium-RUNPATH.patch
@@ -0,0 +1,22 @@
+Use RUNPATH instead of RPATH so that end users can override the library
+search path (and the 'validate-runpath' phase can do its work).
+
+diff --git a/build/config/gcc/BUILD.gn b/build/config/gcc/BUILD.gn
+--- a/build/config/gcc/BUILD.gn
++++ b/build/config/gcc/BUILD.gn
+@@ -99,7 +99,14 @@ config("executable_config") {
+ ]
+ }
+
+- if (!is_android && current_os != "aix") {
++ if (is_linux) {
++ ldflags += [
++ # Set DT_RUNPATH instead of DT_RPATH which is important because the
++ # former can be overridden at runtime, and Guix has support for
++ # verifying that nothing is missing.
++ "-Wl,--enable-new-dtags",
++ ]
++ } else if (!is_android && current_os != "aix") {
+ ldflags += [
+ # TODO(GYP): Do we need a check on the binutils version here?
+ #
- branch master updated (d2af1df -> 00ec9e3), guix-commits, 2021/12/16
- 04/13: chromium-extension: Simplify builder code., guix-commits, 2021/12/16
- 03/13: gnu: ungoogled-chromium: Improve Vulkan support., guix-commits, 2021/12/16
- 10/13: gnu: file: Add 5.41., guix-commits, 2021/12/16
- 12/13: gnu: python-vcrpy: Fix test failure., guix-commits, 2021/12/16
- 08/13: gnu: python-daemon: Fix test failure., guix-commits, 2021/12/16
- 11/13: gnu: python-magic: Work around crash on .crx files., guix-commits, 2021/12/16
- 09/13: gnu: python-magic: Run more tests., guix-commits, 2021/12/16
- 05/13: chromium-extension: Reduce imported-modules scope., guix-commits, 2021/12/16
- 01/13: gnu: ungoogled-chromium: Enable RUNPATH validation.,
guix-commits <=
- 07/13: chromium-extension: Build .crx files in a deterministic fashion., guix-commits, 2021/12/16
- 13/13: gnu: rtv: Disable sanity check., guix-commits, 2021/12/16
- 02/13: gnu: ungoogled-chromium: Unexpire accelerated video decoding., guix-commits, 2021/12/16
- 06/13: chromium-extension: Avoid usage of gcrypt at evaluation time., guix-commits, 2021/12/16