From 56674ea70849b3a793fa7b862945163aa10b36b8 Mon Sep 17 00:00:00 2001 From: "J. Ryan Stinnett" Date: Fri, 16 Aug 2019 13:34:12 +0100 Subject: [PATCH 1/2] Set SUID bit on chrome-sandbox for Debian This tweaks Linux packages for Riot to SUID `chrome-sandbox` after install. This is required as of Electron 5 for certain distros, such as Debian. This change has also been provided to `electron-builder` upstream, so ideally they'll include it in the future and this becomes redundant. Fixes https://github.com/vector-im/riot-web/issues/10509 --- electron_app/build/linux/after-install.tpl | 12 ++++++++++++ package.json | 3 +++ 2 files changed, 15 insertions(+) create mode 100644 electron_app/build/linux/after-install.tpl diff --git a/electron_app/build/linux/after-install.tpl b/electron_app/build/linux/after-install.tpl new file mode 100644 index 0000000000..13f14ef11d --- /dev/null +++ b/electron_app/build/linux/after-install.tpl @@ -0,0 +1,12 @@ +#!/bin/bash + +# Link to the binary +ln -sf '/opt/${productFilename}/${executable}' '/usr/bin/${executable}' + +# SUID chrome-sandbox for Electron 5+ +# Remove this custom after-install.tpl once this change has been upstreamed +# https://github.com/electron-userland/electron-builder/pull/4163 +chmod 4755 '/opt/${productFilename}/chrome-sandbox' || true + +update-mime-database /usr/share/mime || true +update-desktop-database /usr/share/applications || true diff --git a/package.json b/package.json index b46a719040..b06c716d39 100644 --- a/package.json +++ b/package.json @@ -175,6 +175,9 @@ "StartupWMClass": "riot" } }, + "deb": { + "afterInstall": "electron_app/build/linux/after-install.tpl" + }, "mac": { "category": "public.app-category.social-networking" }, From 0617c1cd134e3d0b9b49a7f5d6508b110f5aec7c Mon Sep 17 00:00:00 2001 From: "J. Ryan Stinnett" Date: Fri, 16 Aug 2019 14:30:47 +0100 Subject: [PATCH 2/2] Tweak comment about upstream --- electron_app/build/linux/after-install.tpl | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/electron_app/build/linux/after-install.tpl b/electron_app/build/linux/after-install.tpl index 13f14ef11d..6ee772d219 100644 --- a/electron_app/build/linux/after-install.tpl +++ b/electron_app/build/linux/after-install.tpl @@ -4,7 +4,9 @@ ln -sf '/opt/${productFilename}/${executable}' '/usr/bin/${executable}' # SUID chrome-sandbox for Electron 5+ -# Remove this custom after-install.tpl once this change has been upstreamed +# Remove this entire file (after-install.tpl) and remove the reference in +# package.json once this change has been upstreamed so we go back to the copy +# from upstream. # https://github.com/electron-userland/electron-builder/pull/4163 chmod 4755 '/opt/${productFilename}/chrome-sandbox' || true