diff --git a/pkgs/development/libraries/webkitgtk/default.nix b/pkgs/development/libraries/webkitgtk/default.nix index a4f728f42c85..f37ba500a227 100644 --- a/pkgs/development/libraries/webkitgtk/default.nix +++ b/pkgs/development/libraries/webkitgtk/default.nix @@ -53,6 +53,7 @@ , xdg-dbus-proxy , substituteAll , glib +, addOpenGLRunpath }: assert enableGeoLocation -> geoclue2 != null; @@ -74,6 +75,7 @@ stdenv.mkDerivation rec { (substituteAll { src = ./fix-bubblewrap-paths.patch; inherit (builtins) storeDir; + inherit (addOpenGLRunpath) driverLink; }) ./libglvnd-headers.patch ]; diff --git a/pkgs/development/libraries/webkitgtk/fix-bubblewrap-paths.patch b/pkgs/development/libraries/webkitgtk/fix-bubblewrap-paths.patch index 03a6b6903a8a..d502958f4f1a 100644 --- a/pkgs/development/libraries/webkitgtk/fix-bubblewrap-paths.patch +++ b/pkgs/development/libraries/webkitgtk/fix-bubblewrap-paths.patch @@ -1,16 +1,7 @@ diff -ru old/webkitgtk-2.26.0/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp webkitgtk-2.26.0/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp --- old/webkitgtk-2.26.0/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp 2019-09-09 04:47:07.000000000 -0400 +++ webkitgtk-2.26.0/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp 2019-09-20 21:14:10.537921173 -0400 -@@ -585,7 +585,7 @@ - { SCMP_SYS(keyctl), nullptr }, - { SCMP_SYS(request_key), nullptr }, - -- // Scary VM/NUMA ops -+ // Scary VM/NUMA ops - { SCMP_SYS(move_pages), nullptr }, - { SCMP_SYS(mbind), nullptr }, - { SCMP_SYS(get_mempolicy), nullptr }, -@@ -724,6 +724,11 @@ +@@ -724,6 +724,12 @@ "--ro-bind-try", "/usr/local/lib64", "/usr/local/lib64", "--ro-bind-try", PKGLIBEXECDIR, PKGLIBEXECDIR, @@ -18,7 +9,8 @@ diff -ru old/webkitgtk-2.26.0/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLa + // Nix Directories + "--ro-bind", "@storeDir@", "@storeDir@", + "--ro-bind", "/run/current-system", "/run/current-system", -+ "--ro-bind", "/run/opengl-driver", "/run/opengl-driver", ++ "--ro-bind-try", "@driverLink@/lib", "@driverLink@/lib", ++ "--ro-bind-try", "@driverLink@/share", "@driverLink@/share", }; // We would have to parse ld config files for more info. bindPathVar(sandboxArgs, "LD_LIBRARY_PATH");