Re: [tor-bugs] #13373 [Applications/Tor Browser]: Get rid of LD_LIBRARY_PATH and use a relative RPATH/RUNPATH in Linux bundles

2019-09-12 Thread Tor Bug Tracker & Wiki 
#13373: Get rid of LD_LIBRARY_PATH and use a relative RPATH/RUNPATH in Linux
bundles
--+
 Reporter:  gk|  Owner:  tbb-team
 Type:  enhancement   | Status:  needs_revision
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-rbm   |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by gk):

 FWIW: the updater is built with `RUNPATH` `$ORIGIN` starting with esr68.
 So using the normal `checksec.sh` tool shows a false positive now, see
 #29818.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #13373 [Applications/Tor Browser]: Get rid of LD_LIBRARY_PATH and use a relative RPATH/RUNPATH in Linux bundles

2018-10-10 Thread Tor Bug Tracker & Wiki 
#13373: Get rid of LD_LIBRARY_PATH and use a relative RPATH/RUNPATH in Linux
bundles
--+
 Reporter:  gk|  Owner:  tbb-team
 Type:  enhancement   | Status:  needs_revision
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-rbm   |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by gk):

 * status:  needs_review => needs_revision
 * keywords:  tbb-rbm, TorBrowserTeam201810R => tbb-rbm


Comment:

 Looking at the patch we are still using `LD_LIBRARY_PATH`? But the plan
 was to get rid of it. What is preventing us from doing so (this needs at
 least some commenting)?

 Are we good when updating from a Tor Browser version using the
 `LD_LIBRARY_PATH` approach to the new one implemented in this bug?

 Please use a separate commit for the snowflake issue with the respective
 bug number.

 Re the selfrando parts. I think using `chrpath` to get rid of the
 selfrando related bits seems like a good idea, as we are currently doing.
 Thus, just the `$ORIGIN/TorBrowser/Tor` should remain.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #13373 [Applications/Tor Browser]: Get rid of LD_LIBRARY_PATH and use a relative RPATH/RUNPATH in Linux bundles

2018-08-27 Thread Tor Bug Tracker & Wiki 
#13373: Get rid of LD_LIBRARY_PATH and use a relative RPATH/RUNPATH in Linux
bundles
+--
 Reporter:  gk  |  Owner:  tbb-team
 Type:  enhancement | Status:  needs_review
 Priority:  Medium  |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  tbb-rbm, TorBrowserTeam201808R  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by gk):

 * keywords:  tbb-rbm => tbb-rbm, TorBrowserTeam201808R


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #13373 [Applications/Tor Browser]: Get rid of LD_LIBRARY_PATH and use a relative RPATH/RUNPATH in Linux bundles

2018-08-27 Thread Tor Bug Tracker & Wiki 
#13373: Get rid of LD_LIBRARY_PATH and use a relative RPATH/RUNPATH in Linux
bundles
--+--
 Reporter:  gk|  Owner:  tbb-team
 Type:  enhancement   | Status:  needs_review
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-rbm   |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by sukhbir):

 * status:  new => needs_review


Comment:

 For review (will need!):

 https://github.com/azadi/tor-browser-build-1/tree/bug-13373

 This still has an issue but I thought I should submit the current state
 for review. The issue is that for selfrando and as per #22242, we do this
 in `firefox/build`:

 {{{
 219   [% IF c("var/selfrando") -%]
 220 # remove RUNPATH added by selfrando (see #22242)
 221 chrpath -d $LIB
 222   [% END -%]
 }}}

 So this removes the `RUNPATH` for `firefox.real` even if we set it during
 the build (as in the above branch). So as per the current branch and if we
 remove the selfrando line, the `RUNPATH` looks like:

 {{{
  0x001d (RUNPATH)Library runpath:
 [/var/tmp/dist/selfrando/out/x86_64/bin:$ORIGIN/TorBrowser/Tor]
 }}}

 which is we want except we don't want it for selfrando? So how should we
 handle this? Should we set the `RUNPATH` for Firefox, then remove the one
 for selfrando selectively? Or should we not bother to compile Firefox with
 the `RUNPATH` and then later change it manually using `chrpath`? I am not
 sure what is the preferred approach.

 Other things that remain: updating the tests in `tor-browser-bundle-
 testsuite.git`.

 PS: I also fixed #24465 in this commit since it was (somewhat) related and
 is a one-line change.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #13373 [Applications/Tor Browser]: Get rid of LD_LIBRARY_PATH and use a relative RPATH/RUNPATH in Linux bundles

2018-08-13 Thread Tor Bug Tracker & Wiki 
#13373: Get rid of LD_LIBRARY_PATH and use a relative RPATH/RUNPATH in Linux
bundles
--+--
 Reporter:  gk|  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-rbm   |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by gk):

 Have a look at #13359 where initial work got started to fix this ticket.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs