diff options
Diffstat (limited to 'libre-testing/iceweasel/PKGBUILD')
| -rw-r--r-- | libre-testing/iceweasel/PKGBUILD | 553 |
1 files changed, 553 insertions, 0 deletions
diff --git a/libre-testing/iceweasel/PKGBUILD b/libre-testing/iceweasel/PKGBUILD new file mode 100644 index 000000000..635568990 --- /dev/null +++ b/libre-testing/iceweasel/PKGBUILD @@ -0,0 +1,553 @@ +# Maintainer (Arch:firefox): Jan Alexander Steffens (heftig) <jan.steffens@gmail.com> +# Contributor (Arch:firefox): Ionut Biru <ibiru@archlinux.org> +# Contributor (Arch:firefox): Jakub Schmidtke <sjakub@gmail.com> + +# Contributor (ConnochaetOS): Henry Jensen <hjensen@connochaetos.org> + +# Maintainer: Andreas Grapentin <andreas@grapentin.org> +# Maintainer: Luke Shumaker <lukeshu@parabola.nu> +# Contributor: André Silva <emulatorman@hyperbola.info> +# Contributor: Márcio Silva <coadde@hyperbola.info> +# Contributor: fauno <fauno@kiwwwi.com.ar> +# Contributor: vando <facundo@esdebian.org> +# Contributor: Figue <ffigue at gmail> +# Contributor: taro-k <taro-k@movasense_com> +# Contributor: Michał Masłowski <mtjm@mtjm.eu> +# Contributor: Luke R. <g4jc@openmailbox.org> +# Contributor: Isaac David <isacdaavid@isacdaavid.info> +# Contributor: bill-auger <bill-auger@programmer.net> +# Contributor: evr <evanroman at gmail> +# Contributor: Muhammad 'MJ' Jassim <UnbreakableMJ@gmail.com> + +# Rational for inclusion in [libre]: +# - Modify the addons pages to use GNU IceCat plugins sources, rather +# than addons.mozilla.org, which hosts non-free addons. +# - Disable EME, which is implemented via the non-free libWideVine +# CDM. +# +# The above changes cause us to run afoul of the Firefox trademark +# policy[1], so making those changes also requires us to: +# - Rebrand to Iceweasel +# +# While we're at it, while not strictly nescessary for FSDG +# compliance: +# - Remove Google API keys and usage +# - Disable Mozilla telemetry and crash reporting (good manners +# because of all of the other patching we're doing +# +# [1]: https://www.mozilla.org/en-US/foundation/trademarks/policy/ + +pkgname=iceweasel +replaces=('firefox') +epoch=1 +pkgver=61.0.2 +pkgrel=1 +pkgrel+=.parabola4 +pkgdesc="Libre standalone web browser based on Mozilla Firefox" +arch=(x86_64) +arch+=(i686 armv7h) +license=(MPL GPL LGPL) +url="https://wiki.parabola.nu/$pkgname" +depends=(gtk3 mozilla-common libxt startup-notification mime-types dbus-glib ffmpeg + nss hunspell-en_US sqlite ttf-font libpulse libvpx icu) +makedepends=(unzip zip diffutils python2 yasm mesa imake gconf inetutils xorg-server-xvfb + autoconf2.13 rust mercurial clang llvm jack gtk2 python) +optdepends=('networkmanager: Location detection via available WiFi networks' + 'libnotify: Notification integration' + 'pulseaudio: Audio support' + 'speech-dispatcher: Text-to-Speech') +options=(!emptydirs !makeflags !strip) +_repo=https://hg.mozilla.org/mozilla-unified +source=("hg+$_repo#tag=FIREFOX_${pkgver//./_}_RELEASE" + $pkgname.desktop) +sha256sums=('SKIP' + 'ed350ef2f528b999a621f7080fa80948be6b351e67ce32529fb32bcf47bb21fa' + 'dabd5a0b8023e8ca13f6ae5fcb9e6c29531fc952bc781b4aa25c8a598187768e' + 'SKIP' + 'f2ebd5054b81a0f0f642b523a545145bdd5939e70b79c8129415cd1646cc6d74' + '070f9e1a8513ab66903f2f19d6fa9d13c9a2d975921a21821a6e76cd8fec53c6' + 'b695926b8a1f9560f0e11e0bad2ef42df6152d4f16f95af1027bc12c487c1ede') + +# Branding +_brandingver=$(cut -d. -f1,2<<<"$pkgver") +_brandingrel=1 +makedepends+=(mozilla-searchplugins quilt libxslt imagemagick) +source+=(https://repo.parabola.nu/other/iceweasel/${pkgname}_${_brandingver}-${_brandingrel}.branding.tar.xz{,.sig} + 0001-branding-Fix-for-v60-v61.patch + 0002-Fix-triplet-two-parts.patch + libre.patch) +validpgpkeys+=('BFA8008A8265677063B11BF47171986E4B745536') # Andreas Grapentin + +prepare() { + cd mozilla-unified + + cat >.mozconfig <<END +ac_add_options --enable-application=browser + +ac_add_options --prefix=/usr +ac_add_options --enable-release +ac_add_options --enable-linker=gold +ac_add_options --enable-hardening +ac_add_options --enable-optimize +ac_add_options --enable-rust-simd + +# Branding +ac_add_options --disable-official-branding +ac_add_options --with-branding=browser/branding/iceweasel +ac_add_options --enable-update-channel=release +ac_add_options --with-distribution-id=nu.parabola + +# System libraries +ac_add_options --with-system-zlib +ac_add_options --with-system-bz2 +ac_add_options --with-system-icu +ac_add_options --with-system-jpeg +ac_add_options --with-system-libvpx +ac_add_options --with-system-nspr +ac_add_options --with-system-nss +ac_add_options --enable-system-sqlite +ac_add_options --enable-system-ffi + +# Features +ac_add_options --enable-alsa +ac_add_options --enable-jack +ac_add_options --enable-startup-notification +ac_add_options --disable-crashreporter +ac_add_options --disable-updater +ac_add_options --disable-eme +END + + if [[ $CARCH = arm* ]]; then + sed -i '/--enable-linker=gold/d' .mozconfig + cat >> .mozconfig <<- END + ac_add_options --enable-optimize="-g -O2 -fno-schedule-insns" + END + fi # end [[ $CARCH = arm* ]] + + patch -Np1 -i "$srcdir/0002-Fix-triplet-two-parts.patch" + + ## Rebranding + local brandingdir="$srcdir/$pkgname-$_brandingver" + pushd "$brandingdir" + patch -Np1 -i "$srcdir/0001-branding-Fix-for-v60-v61.patch" + popd + # file dump + rm -rf -- browser/branding/$pkgname + cp -aT -- $brandingdir/branding browser/branding/$pkgname + # patching + rm -rf .pc + export QUILT_PATCHES=$brandingdir/patches + export QUILT_REFRESH_ARGS='-p ab --no-timestamps --no-index' + export QUILT_DIFF_ARGS='--no-timestamps' + quilt push -av + # Put "Start Page" branding images in the source code + install -m644 -t browser/base/content/abouthome -- \ + "$brandingdir/branding"/{drm-free,gnu_headshadow,parabola-banner}.png + install -m644 -t browser/extensions/onboarding/content/img -- \ + "$brandingdir/branding/watermark.svg" + # produce icons + for i in 16 22 24 32 48 64 128 192 256 384; do + rsvg-convert -w $i -h $i "$brandingdir/branding/${pkgname}_icon.svg" \ + -o "browser/branding/iceweasel/default$i.png" + done + + # Remove remaining non-free bits + patch -Np1 -i "$srcdir/libre.patch" + sed -i 's/Adobe Flash/SWF Player/g' -- \ + browser/base/content/pageinfo/permissions.js \ + browser/base/content/browser-plugins.js + sed -e '/"displayName": "Flash"/ s/Flash/SWF Player/' \ + -e '/"displayName": "Shockwave"/ s/Shockwave/DCR Player/' \ + -e '/"displayName": "QuickTime"/ s/QuickTime/MOV Player/' \ + -e '/installLinux/ s/true/false/' \ + -i -- browser/base/content/browser-plugins.js + # re-use 'abouthome' page for 'newtab' page + install -d browser/base/content/newtab + cat browser/base/content/abouthome/aboutHome.xhtml > browser/base/content/newtab/newTab.xhtml + # Load our searchplugins + rm -rf -- browser/locales/searchplugins + cp -aT -- /usr/lib/mozilla/searchplugins browser/locales/searchplugins + # Disable various components at the source level + sed -i 's/;1/;0/' toolkit/components/telemetry/TelemetryStartup.manifest + #sed -i 's/;1/;0/' browser/experiments/Experiments.manifest + sed -i '/pocket/d' browser/extensions/moz.build + sed -i '/activity-stream/d' browser/extensions/moz.build +} + +build() { + cd mozilla-unified + + export MOZ_SOURCE_REPO="$_repo" + + ./mach build + ./mach buildsymbols +} + +package() { + local _icu_ver + _icu_ver=$(pacman -S --print-format='%v' icu) + depends+=("icu>=${_icu_ver}" "icu<$((${_icu_ver%%.*} + 1))") + + cd mozilla-unified + DESTDIR="$pkgdir" ./mach install + find . -name '*crashreporter-symbols-full.zip' -exec cp -fvt "$startdir" {} + + + _vendorjs="$pkgdir/usr/lib/$pkgname/browser/defaults/preferences/vendor.js" + install -Dm644 /dev/stdin "$_vendorjs" <<END +// Use LANG environment variable to choose locale +pref("intl.locale.requested", ""); + +// Use system-provided dictionaries +pref("spellchecker.dictionary_path", "/usr/share/hunspell"); + +// Disable default browser checking. +pref("browser.shell.checkDefaultBrowser", false); + +// Don't disable our bundled extensions in the application directory +pref("extensions.autoDisableScopes", 11); +pref("extensions.shownSelectionUI", true); +END + + # Parabola additions to vendor.js + # + # TODO: Go through this and figure out what's nescessary, remove + # most of it. This is mostly cargo-cult BS. For example, disabling + # all the EME stuff... that's already off because of `--disable-eme` + # in `.mozconfig`. Some of these settings no longer exist. Some of + # these settings don't do anything on GNU/Linux. + # + # However, they don't seem to be causing any of the critical issues. + local _shortver=$(cut -d. -f1,2 <<<"$pkgver") + cat >> "$_vendorjs" <<END +// Disable "alt" as a shortcut key to open full menu bar. Conflicts with "alt" as a modifier +pref("ui.key.menuAccessKeyFocuses", false); + +// Disable the GeoLocation API for content +pref("geo.enabled", false); + +// Make sure that the request URL of the GeoLocation backend is empty +pref("geo.wifi.uri", ""); + +// Disable Freedom Violating DRM Feature +pref("browser.eme.ui.enabled", false); +// EME +pref("media.eme.enabled", false); +pref("media.eme.apiVisible", false); + +// Google Widevine DRM +// https://blog.mozilla.org/futurereleases/2016/04/08/mozilla-to-test-widevine-cdm-in-firefox-nightly/ +// https://wiki.mozilla.org/QA/Widevine_CDM +// https://bugzilla.mozilla.org/show_bug.cgi?id=1288580 +pref("media.gmp-widevinecdm.visible", false); +pref("media.gmp-widevinecdm.enabled", false); +pref("media.gmp-widevinecdm.autoupdate", false); + +// Default to classic view for about:newtab +pref("browser.newtabpage.enhanced", false); +pref("browser.newtabpage.activity-stream.enabled", false); + +// Poodle attack +pref("security.tls.version.min", 1); + +// Don't call home for blacklisting +pref("extensions.blocklist.enabled", false); + +// Disable plugin installer +pref("plugins.hide_infobar_for_missing_plugin", true); +pref("plugins.hide_infobar_for_outdated_plugin", true); +pref("plugins.notifyMissingFlash", false); + +//https://developer.mozilla.org/en-US/docs/Web/API/MediaSource +//pref("media.mediasource.enabled",true); + +// Speeding it up +pref("network.http.pipelining", true); +pref("network.http.proxy.pipelining", true); +pref("network.http.pipelining.maxrequests", 10); +pref("nglayout.initialpaint.delay", 0); + +// Disable third party cookies +pref("network.cookie.cookieBehavior", 1); + +// Prevent EULA dialog to popup on first run +pref("browser.EULA.override", true); + +// Set useragent to Firefox compatible +//pref("general.useragent.compatMode.firefox", true); +// Spoof the useragent to a generic one +pref("general.useragent.compatMode.firefox", true); +// Spoof the useragent to a generic one +pref("general.useragent.override", "Mozilla/5.0 (Windows NT 6.1; rv:$_shortver) Gecko/20100101 Firefox/$_shortver"); +pref("general.appname.override", "Netscape"); +pref("general.appversion.override", "$_shortver"); +pref("general.buildID.override", "Gecko/20100101"); +pref("general.oscpu.override", "Windows NT 6.1"); +pref("general.platform.override", "Win32"); + +// Privacy & Freedom Issues +// https://webdevelopmentaid.wordpress.com/2013/10/21/customize-privacy-settings-in-mozilla-firefox-part-1-aboutconfig/ +// https://panopticlick.eff.org +// http://ip-check.info +// http://browserspy.dk +// https://wiki.mozilla.org/Fingerprinting +// http://www.browserleaks.com +// http://fingerprint.pet-portal.eu +pref("privacy.donottrackheader.enabled", true); +pref("privacy.donottrackheader.value", 1); +pref("dom.ipc.plugins.flash.subprocess.crashreporter.enabled", false); + +// CIS 2.1.1 Disable Auto Update / Balrog +pref("app.update.auto", false); +pref("app.update.checkInstallTime", false); +pref("app.update.enabled", false); +pref("app.update.staging.enabled", false); +pref("app.update.url", "about:blank"); +pref("media.gmp-manager.certs.1.commonName", ""); +pref("media.gmp-manager.certs.2.commonName", ""); +// Disable Gecko media plugins: https://wiki.mozilla.org/GeckoMediaPlugins +pref("media.gmp-manager.url", "http://127.0.0.1/"); +pref("media.gmp-manager.url.override", "data:text/plain,"); +pref("media.gmp-provider.enabled", false); +// Don't install openh264 codec +pref("media.gmp-gmpopenh264.enabled", false); +pref("media.gmp-eme-adobe.enabled", false); +pref("media.peerconnection.video.h264_enabled", false); + +// CIS 2.3.4 Block Reported Web Forgeries +// http://kb.mozillazine.org/Browser.safebrowsing.enabled +// http://kb.mozillazine.org/Safe_browsing +// https://support.mozilla.org/en-US/kb/how-does-phishing-and-malware-protection-work +// http://forums.mozillazine.org/viewtopic.php?f=39&t=2711237&p=12896849#p12896849 +pref("browser.safebrowsing.enabled", false); + +// CIS 2.3.5 Block Reported Attack Sites +// http://kb.mozillazine.org/Browser.safebrowsing.malware.enabled +pref("browser.safebrowsing.malware.enabled", false); + +// Disable safe browsing remote lookups for downloaded files. +// This leaks information to google. +// https://www.mozilla.org/en-US/firefox/39.0/releasenotes/ +// https://wiki.mozilla.org/Security/Application_Reputation +pref("browser.safebrowsing.downloads.remote.enabled", false); +pref("browser.safebrowsing.appRepURL", "about:blank"); +pref("browser.safebrowsing.provider.mozilla.gethashURL", "about:blank"); +pref("browser.safebrowsing.provider.mozilla.updateURL", "about:blank"); +pref("browser.safebrowsing.downloads.remote.block_dangerous", false); +pref("browser.safebrowsing.downloads.remote.block_dangerous_host", false); +pref("browser.safebrowsing.downloads.remote.block_potentially_unwanted", false); +pref("browser.safebrowsing.downloads.remote.block_uncommon", false); +pref("browser.safebrowsing.downloads.remote.enabled", false); +pref("browser.safebrowsing.downloads.remote.url", "about:blank"); +pref("browser.safebrowsing.provider.google.gethashURL", "about:blank"); +pref("browser.safebrowsing.provider.google.updateURL", "about:blank"); +pref("browser.safebrowsing.provider.google.lists", "about:blank"); + +// https://bugzilla.mozilla.org/show_bug.cgi?id=1025965 +pref("browser.safebrowsing.phishing.enabled", false); +pref("browser.safebrowsing.provider.google4.lists", "about:blank"); +pref("browser.safebrowsing.provider.google4.updateURL", "about:blank"); +pref("browser.safebrowsing.provider.google4.gethashURL", "about:blank"); +pref("browser.safebrowsing.provider.google4.reportURL", "about:blank"); +pref("browser.safebrowsing.provider.mozilla.lists", "about:blank"); + +// Disable Microsoft Family Safety MiTM support +// https://bugzilla.mozilla.org/show_bug.cgi?id=1239166 +// https://wiki.mozilla.org/SecurityEngineering/Untrusted_Certificates_in_Windows_Child_Mode +// https://hg.mozilla.org/releases/mozilla-release/file/ddb37c386bb2ffa180117b4d30ca3b41a8af233c/security/manager/ssl/nsNSSComponent.cpp#l782 +pref("security.family_safety.mode", 0); +// https://bugzilla.mozilla.org/show_bug.cgi?id=1265113 +// https://hg.mozilla.org/releases/mozilla-release/rev/d9659c22b3c5 +// https://bugzilla.mozilla.org/show_bug.cgi?id=1298883 +pref("security.enterprise_roots.enabled", false); + +//pref("services.sync.privacyURL", "https://www.gnu.org/software/gnuzilla/"); +pref("social.enabled", false); +pref("social.remote-install.enabled", false); +pref("datareporting.healthreport.uploadEnabled", false); +pref("datareporting.healthreport.about.reportUrl", "127.0.0.1"); +pref("datareporting.healthreport.documentServerURI", "127.0.0.1"); +pref("healthreport.uploadEnabled", false); +pref("social.toast-notifications.enabled", false); +pref("datareporting.policy.dataSubmissionEnabled", false); +pref("datareporting.healthreport.service.enabled", false); +pref("browser.slowStartup.notificationDisabled", true); +pref("network.http.sendRefererHeader", 2); +//pref("network.http.referer.spoofSource", true); +//http://grack.com/blog/2010/01/06/3rd-party-cookies-dom-storage-and-privacy/ +//pref("dom.storage.enabled", false); +pref("dom.event.clipboardevents.enabled",false); +pref("network.prefetch-next", false); +pref("network.dns.disablePrefetch", true); +pref("network.http.sendSecureXSiteReferrer", false); +pref("toolkit.telemetry.archive.enabled", false); +pref("toolkit.telemetry.bhrPing.enabled", false); +pref("toolkit.telemetry.enabled", false); +pref("toolkit.telemetry.unified", false); +pref("toolkit.telemetry.newProfilePing.enabled", false); +pref("toolkit.telemetry.firstShutdownPing.enabled", false); +pref("toolkit.telemetry.server", "127.0.0.1"); +pref("app.shield.optoutstudies.enabled", false); +pref("experiments.enabled", false); +pref("experiments.manifest.uri", "127.0.0.1"); +pref("extensions.pocket.enabled", false); +pref("extensions.pocket.api", "127.0.0.1"); +// Do not tell what plugins do we have enabled: https://mail.mozilla.org/pipermail/firefox-dev/2013-November/001186.html +pref("plugins.enumerable_names", ""); +pref("plugin.state.flash", 0); +// Do not autoupdate search engines +pref("browser.search.update", false); +// Warn when the page tries to redirect or refresh +//pref("accessibility.blockautorefresh", true); +pref("dom.battery.enabled", false); +pref("device.sensors.enabled", false); +pref("camera.control.face_detection.enabled", false); +pref("camera.control.autofocus_moving_callback.enabled", false); +pref("network.http.speculative-parallel-limit", 0); +// No search suggestions +pref("browser.urlbar.userMadeSearchSuggestionsChoice", true); +pref("browser.search.suggest.enabled", false); + +// Crypto hardening +// https://gist.github.com/haasn/69e19fc2fe0e25f3cff5 +// General settings +//pref("security.tls.unrestricted_rc4_fallback", false); +//pref("security.tls.insecure_fallback_hosts.use_static_list", false); +//pref("security.tls.version.min", 1); +//pref("security.ssl.require_safe_negotiation", true); +//pref("security.ssl.treat_unsafe_negotiation_as_broken", true); +//pref("security.ssl3.rsa_seed_sha", true); +//pref("security.OCSP.enabled", 1); +//pref("security.OCSP.require", true); + + +// WebRTC +pref("media.peerconnection.enabled", false); +pref("media.peerconnection.ice.default_address_only", true); + +pref("font.default.x-western", "sans-serif"); + +// Preferences for the Get Add-ons panel and search engines +pref("extensions.webservice.discoverURL", "https://directory.fsf.org/wiki/GNU_IceCat"); +pref("extensions.getAddons.search.url", "https://directory.fsf.org/wiki/GNU_IceCat"); +pref("browser.search.searchEnginesURL", "https://directory.fsf.org/wiki/GNU_IceCat"); + +// Mobile +pref("privacy.announcements.enabled", false); +pref("browser.snippets.enabled", false); +pref("browser.snippets.syncPromo.enabled", false); +pref("identity.mobilepromo.android", "https://f-droid.org/repository/browse/?fdid=org.gnu.icecat&"); +pref("browser.snippets.geoUrl", "http://127.0.0.1/"); +pref("browser.snippets.updateUrl", "http://127.0.0.1/"); +pref("browser.snippets.statsUrl", "http://127.0.0.1/"); +pref("datareporting.policy.firstRunTime", 0); +pref("datareporting.policy.dataSubmissionPolicyVersion", 2); +pref("browser.webapps.checkForUpdates", 0); +pref("browser.webapps.updateCheckUrl", "http://127.0.0.1/"); +pref("app.faqURL", "http://libreplanet.org/wiki/Group:IceCat/FAQ"); + +// PFS url +pref("pfs.datasource.url", "http://gnuzilla.gnu.org/plugins/PluginFinderService.php?mimetype=%PLUGIN_MIMETYPE%"); +pref("pfs.filehint.url", "http://gnuzilla.gnu.org/plugins/PluginFinderService.php?mimetype=%PLUGIN_MIMETYPE%"); + +// Geolocation depends on third party services +pref("geo.enabled", false); +pref("geo.wifi.uri", ""); + +// Disable heartbeat +pref("browser.selfsupport.url", ""); + +// Disable Link to FireFox Marketplace, currently loaded with non-free "apps" +pref("browser.apps.URL", ""); + +// Use old style preferences, that allow javascript to be disabled +pref("browser.preferences.inContent",false); + +// Don't download ads for the newtab page +pref("browser.newtabpage.directory.source", ""); +pref("browser.newtabpage.directory.ping", ""); +pref("browser.newtabpage.introShown", true); + +// Disable home snippets +pref("browser.aboutHomeSnippets.updateUrl", "data:text/html"); + +// Disable hardware acceleration and WebGL +//pref("layers.acceleration.disabled", false); +pref("webgl.disabled", false); + +// Disable SSDP +pref("browser.casting.enabled", false); + +// Disable directory service +pref("social.directories", ""); +pref("social.whitelist", ""); +pref("social.shareDirectory", ""); + +// Disable Pocket integration +pref("browser.pocket.api", "about:blank"); +pref("browser.pocket.enabled", false); +pref("browser.pocket.enabledLocales", "about:blank"); +pref("browser.pocket.oAuthConsumerKey", "about:blank"); +pref("browser.pocket.site", "about:blank"); +pref("browser.pocket.useLocaleList", false); +pref("extensions.pocket.enabled", false); + +// Do not require xpi extensions to be signed by Mozilla +pref("xpinstall.signatures.required", false); + +// Disable File and Directory Entries API (Imported from Edge/Chromium) +// https://developer.mozilla.org/en-US/Firefox/Releases/50#Files_and_directories +// https://developer.mozilla.org/en-US/docs/Web/API/File_and_Directory_Entries_API +// https://developer.mozilla.org/en-US/docs/Web/API/File_and_Directory_Entries_API/Introduction +// https://developer.mozilla.org/en-US/docs/Web/API/File_and_Directory_Entries_API/Firefox_support +// https://bugzilla.mozilla.org/show_bug.cgi?id=1265767 +pref("dom.webkitBlink.filesystem.enabled", false); +// https://developer.mozilla.org/en-US/docs/Web/API/HTMLInputElement/webkitdirectory +// https://bugzilla.mozilla.org/show_bug.cgi?id=1258489 +// https://hg.mozilla.org/releases/mozilla-release/rev/133af19777be +pref("dom.webkitBlink.dirPicker.enabled", false); + +// Directory Upload API, webkitdirectory +// https://bugzilla.mozilla.org/show_bug.cgi?id=1188880 +// https://bugzilla.mozilla.org/show_bug.cgi?id=907707 +// https://wicg.github.io/directory-upload/proposal.html +pref("dom.input.dirpicker", false); + +// fix alsa sound sandbox issue for iceweasel-58 +// https://labs.parabola.nu/issues/1628 +pref("security.sandbox.content.syscall_whitelist", "16"); +END + + _distini="$pkgdir/usr/lib/$pkgname/distribution/distribution.ini" + install -Dm644 /dev/stdin "$_distini" <<END +[Global] +id=parabola +version=1.0 +about=Parabola Iceweasel for Parabola GNU/Linux-libre + +[Preferences] +app.distributor=parabola +app.distributor.channel=$pkgname +app.partner.parabola=parabola +END + + for i in 16 22 24 32 48 64 128 192 256 384; do + install -Dm644 browser/branding/$pkgname/default$i.png \ + "$pkgdir/usr/share/icons/hicolor/${i}x${i}/apps/$pkgname.png" + done + install -Dm644 "browser/branding/$pkgname/${pkgname}_icon.svg" \ + "$pkgdir/usr/share/icons/hicolor/scalable/apps/$pkgname.svg" + + install -Dm644 ../$pkgname.desktop \ + "$pkgdir/usr/share/applications/$pkgname.desktop" + + # Install a wrapper to avoid confusion about binary path + install -Dm755 /dev/stdin "$pkgdir/usr/bin/$pkgname" <<END +#!/bin/sh +exec /usr/lib/$pkgname/$pkgname "\$@" +END + + # Replace duplicate binary with wrapper + # https://bugzilla.mozilla.org/show_bug.cgi?id=658850 + ln -srf "$pkgdir/usr/bin/$pkgname" \ + "$pkgdir/usr/lib/$pkgname/$pkgname-bin" +} |