[tbb-dev] [tor-dev] RFC: porting torbrowser

ng0 ng0 at n0.is
Fri Mar 9 18:11:08 UTC 2018


Hi,

Matthew Finkel transcribed 5.2K bytes:
> On Fri, Mar 09, 2018 at 02:19:44PM +0000, ng0 wrote:
> > Georg Koppen transcribed 11K bytes:
> > > ng0:
> > > > Hi,
> > > > 
> > > > (top-posting and keeping the old email as reference in complete quote)
> > > > I have now started working on a package for Guix. While I've had some
> > > > exposure to the packaging of the ESR or Firefox and also some old code
> > > > base fork of Firefox (Palemoon), I'm not sure if the problem I experience
> > > > is something I can report or ask for at your side or elsewhere.
> > > > 
> > > > Building fails in the part of the build phase where interaction with quitter
> > > > happens (for a lack of more insight into the actual codebase).
> > > > 
> [...]
> > 
> > Sorry, I just learned that we don't keep build logs on disk for failed builds.
> > 
> > > > processing /tmp/guix-build-tor-browser-7.5.drv-0/tor-browser-7.5-checkout/testing/marionette/jar.mn
> > > > make[4]: Leaving directory '/tmp/guix-build-tor-browser-7.5.drv-0/tor-browser-7.5-checkout/ff/testing/marionette'
> > > > make[4]: Entering directory '/tmp/guix-build-tor-browser-7.5.drv-0/tor-browser-7.5-checkout/ff/tools/quitter'
> > > > mkdir -p '../../dist/xpi-stage/quitter/chrome/'
> [...]
> > > > /tmp/guix-build-tor-browser-7.5.drv-0/tor-browser-7.5-checkout/tools/quitter/jar.mn
> > > > processing /tmp/guix-build-tor-browser-7.5.drv-0/tor-browser-7.5-checkout/tools/quitter/jar.mn
> > > > Traceback (most recent call last):
> [...]
> > > >     addEntriesToListFile(manifestPath, myregister.iterkeys())
> > > >   File "/tmp/guix-build-tor-browser-7.5.drv-0/tor-browser-7.5-checkout/python/mozbuild/mozbuild/action/buildlist.py", line 36, in 
> > > > addEntriesToListFile
> > > >     with open(listFile, 'wb') as f:
> > > > IOError: [Errno 13] Permission denied: '../../dist/xpi-stage/quitter/chrome.manifest'
> 
> It's surprising creating '../../dist/xpi-stage/quitter/chrome/' is
> successful, but creating '../../dist/xpi-stage/quitter/chrome.manifest'
> fails. Do you have an apparmor or selinux policy enforced? I don't see
> anything immediately obvious that would specifically cause EPERM at this
> place during the build.

There's no apparmor or SELinux present in our buildenvironment.
I already had to fix up permissions for .mozconfig, but I figured
it isn't connected to the later write error.

> > > 
> > > What exactly did you check out and how?
> > 
> > The build is run with Guix, the rather hacky package definition so far is this commit:
> > https://c.n0.is/ng0/ports/commit/?id=320fa06ca3af881ba7c1b26514f04eb69d56f0a6
> > For reader convenience I'll attach the guile module to this email. It is in early stages
> > and I was mainly focused on getting the configure and build stages running, the rest
> > is inherited from an firefox-esr package and needs to be adjusted once I get there.
> > 
> > As you can read in the file, I use the following checkout url and commit/tag:
> > +       (uri (git-reference
> > +             (url "https://git.torproject.org/tor-browser.git")
> > +             (commit "tor-browser-52.6.0esr-7.5-2-build1")))
> > 
> > > What .mozconfig file are you using (if any)?
> > 
> > The .mozconfig is programmatically assembled in the package definition. It boils down to
> > these lines, ";;" is a commented line:
> > 
> > +                     ". $topsrcdir/browser/config/mozconfig\n"
> [...]
> > +                     "ac_add_options --enable-extensions=default\n"
> 
> Is this included for a reason? Do you include additional extensions
> using this?

No, I just copied what poncho does:
https://github.com/MeisterP/torbrowser-overlay/blob/master/www-client/torbrowser/torbrowser-52.6.0_p750.ebuild#L161
poncho inherits this from the Gentoo Firefox ebuilds, but as we have
no additional extentions here and do not expect them to appear in
the near future, I can leave it out. Thanks for pointing it out.

> [...]
> > +                     ;; "ac_add_options --disable-debug\n"
> > +                     ;; ac_add_options --disable-maintenance-service
> > +                     ;; ac_add_options --disable-crashreporter
> 
> These are duplicated, and included/enabled, below.

Thanks, I'll check again.
Actually ";;" is a comment in Guile and nothing that ends up in the file later on.

> [...]
> > +                     "ac_add_options --with-app-name=torbrowser\n"
> > +                     "ac_add_options --with-app-basename=torbrowser\n"
> 
> We don't change these in the official build.

I know I'm missing one or two more seds Gentoo applies to change the profile folder, but:
The exectuable ends up as "firefox" in that case (not changing the appname and the app-basename,
right? And the folder for the profile in the $home will be firefox, not torbrowser?

Or could you explain this and why you don't change them?

> [...]
> > 
> 
> I noticed you don't enable bundled fonts. Is that on purpose?

It's not on purpose. What do I search for to enable them?
My idea was to get the fonts and other data from the release tarball,
but that's just my first path. Fixes applied could lead to discover that
the data from tarball approach poncho does for Gentoo is unnecessary.

> Overall, this is exciting. I hope this is successful.

Thanks!

-- 
A88C8ADD129828D7EAC02E52E22F9BBFEE348588
https://n0.is/~ng0


More information about the tbb-dev mailing list