Bug#864082: [Fontconfig] Next steps for a reproducible Fontconfig?

Alexander Larsson alexander.larsson at gmail.com
Thu Jan 31 07:34:39 GMT 2019


On Wed, Jan 30, 2019 at 10:33 AM Akira TAGOH <akira at tagoh.org> wrote:
>
> On Wed, Jan 30, 2019 at 5:02 AM Keith Packard <keithp at keithp.com> wrote:
> > Yes, that was the plan. Alexander suggested the following syntax:
> >
> >      <salt id="randomdata">/usr/share/fonts</salt>
> >
> > I think this will work, although it seems a bit fragile. In particular,
> > if the host has salt for some directories, those will be defined
> > relative to the host paths, not the flatpak paths.
>
> Right. though this syntax looks primitive. it might manages to be done
> if one writes everything for what they want. but if we can have easier
> way - which can be done with minimal effort and inheritance for others
> from host - that may be better.
>
> > Do we need to process the 'salt' elements and 'remap-dir' elements in
> > order and remap old salt elements as remap-dir elements get loaded? That
> > also seems fragile to me.
>
> Hm, to deal with more complicated cases, I guess we may need to have
> one global salt to affect everything and a path-specific salt for
> remapped path. for flatpak case, they want to have a global salt to
> change a salt in sandbox (for /usr/share/fonts in sandbox etc) and set
> salt from host in 'remap-dir' to build cache filenames on host (for
> /run/host/fonts and so on).
> This would avoid collision between one and origins. and assuming that
> flatpaks can load config from host too, we could have:

We don't want a global salt for everything in the container. In
reality things are more complicated than that. For example, an app may
bundle fonts, which will be in like /app/share/fonts, in addition to
the runtime fonts in /usr/share/fonts. These come from different
places and may individually be different in a different (or updated)
app, so the directories need to have different salts.

Also, it is quite possible that some host font directory is *not*
remapped, but still visible to the app. For example /opt/fonts for an
app that has filesystem access. If for whatever reason fontconfig
looks at this directory it should not apply any salt for it.



More information about the Pkg-freedesktop-maintainers mailing list