On Tue, 02 Jun 2020 at 17:07:18 +0100, Laurence Tratt wrote: > At some point recently our mozilla-firefox port stopped automatically opening > downloaded files for me. pkg/README says: > > Due to unveil(2) limiting filesystem access, only the default MIME > handler registered for a given type can be chosen when opening a > downloaded file. For example, to use the mupdf package to read > PDFs, it must be registered as the default with XDG: > > $ xdg-mime default mupdf.desktop application/pdf > > And, indeed, I have had that set for some while and it used to work fine. > However, when I click on a PDF link in Firefox, it now brings up the > (not-very-useful because of unveil!) "launch application" window. > > I'm sure I'm missing out on something obvious, but I'm not sure what it might > be (and I know someone else who's equally baffled). In case it's relevant, > I'm using XFCE (so DBUS is running) on -current as of a couple of days ago, > with the firefox-76.0p0 package on amd64. If anyone has any pointers, I know > at least two of us who will welcome them!
Firefox tries to execute xdg-open to parse the MIME stuff and run the appropriate handler for application/pdf. https://github.com/mozilla/gecko-dev/blob/c686b5d5614da653c20c689cea96a80ae598a1a1/toolkit/system/gnome/nsGIOService.cpp#L504-L514 Up until Glib 2.64.2, this was done by executing gio-launch-desktop with xdg-open as an argument. This worked out for us because xdg-open is a shell script and gio-launch-desktop was a binary, so we could just unveil /usr/local/bin/gio-launch-desktop in Firefox's unveil.main. This changed as of updating our Glib port to 2.64.2 a few weeks ago, and now Glib no longer ships with gio-launch-desktop, trying to run xdg-open via /bin/sh directly: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/1362/diffs I'm not sure how best to handle this going forward, but unveiling /bin/sh is not a good idea. Perhaps we include a small compiled utility with Firefox that just hard-codes execve("/usr/local/bin/xdg-open", ...) and then unveil that binary instead of gio-launch-desktop? Firefox would still need modifying to exec that utility directly instead of using Glib's g_app_info_create_from_commandline. FWIW, the old .mailcap style handling still works, where you list each binary specifically in ~/.mailcap and add it to your own unveil.main.
