7e5109a541
The upgrade currently doesn't involve the -lite package, as we need to use a few more dependencies from nixpkgs first before we can finally fully switch over to the lite package, even though the update script will try to fetch it anyway. In this update, one particular problem that arises in conjuction with the seccomp BPF sandbox is caused by this commit: https://chromiumcodereview.appspot.com/12209029 Which particularily filters flags to the clone() syscall. I've spent (wasted?) a few hours figuring out the troublesome flag, eventually figuring it out and - just by curiousity ("Do other distributions have the same problem?") - searched the web for "chromium CLONE_DETACHED" and BEHOLD... A post from our OWN mailinglist pops up with the same patch I intended to do: http://article.gmane.org/gmane.linux.distributions.nixos/10356 So shame on me for not being subscribed to the mailing list, and big thanks to Ian Farmer for the patch. As a consequence I'm now subscribed. So, back to chromium itself, version 26 builds fine and works so far without much (more to come in later commits) trouble. We also had to introduce three more dependencies: * protobuf: This one is because we don't need to use the bundled one anymore, so we can use the version in nixpkgs. * speechd: Not sure whether this was bundled or not, but let's use nixpkgs version as well to keep down build time. * libXdamage: Needed for screen capturing support. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
20 lines
935 B
Diff
20 lines
935 B
Diff
From 222f1e980ab84ffd3a21001feaf06dd537570a1a Mon Sep 17 00:00:00 2001
|
|
From: Ian Farmer <ian@ianfarmer.net>
|
|
Date: Sat, 16 Feb 2013 09:38:10 -0800
|
|
Subject: [PATCH] Update Chromium dev channel version to 26.0.1410.5.
|
|
|
|
This version requires a patch for compatibility with versions
|
|
of glibc that support older kernel versions.
|
|
|
|
--- a/content/common/sandbox_seccomp_bpf_linux.cc 2013-02-15 23:26:06.000000000 -0800
|
|
+++ b/content/common/sandbox_seccomp_bpf_linux.cc 2013-02-15 23:26:24.000000000 -0800
|
|
@@ -1313,7 +1313,7 @@
|
|
return Sandbox::Cond(0, ErrorCode::TP_32BIT, ErrorCode::OP_EQUAL,
|
|
CLONE_VM | CLONE_FS | CLONE_FILES | CLONE_SIGHAND |
|
|
CLONE_THREAD | CLONE_SYSVSEM | CLONE_SETTLS |
|
|
- CLONE_PARENT_SETTID | CLONE_CHILD_CLEARTID,
|
|
+ CLONE_PARENT_SETTID | CLONE_CHILD_CLEARTID | CLONE_DETACHED,
|
|
ErrorCode(ErrorCode::ERR_ALLOWED),
|
|
Sandbox::Trap(ReportCloneFailure, NULL));
|
|
} else {
|