Bug#864082: [Fontconfig] Next steps for a reproducible Fontconfig?

Keith Packard keithp at keithp.com
Thu Jan 31 08:40:14 GMT 2019

Alexander Larsson <alexander.larsson at gmail.com> writes:

> We don't want a global salt for everything in the container.

I guess I wonder why not? Salt + dir inside the container will always be
unique. The place where you want to have different salt is for
directories mapped from the host; I think those will always be in
remap-dir clauses, if we have salt there, that should work?

> In
> reality things are more complicated than that. For example, an app may
> bundle fonts, which will be in like /app/share/fonts, in addition to
> the runtime fonts in /usr/share/fonts. These come from different
> places and may individually be different in a different (or updated)
> app, so the directories need to have different salts.

If building the flatpak generates the font caches, then per-flatpak salt
would make those correct.

> Also, it is quite possible that some host font directory is *not*
> remapped, but still visible to the app. For example /opt/fonts for an
> app that has filesystem access. If for whatever reason fontconfig
> looks at this directory it should not apply any salt for it.

Oh, so some host directories may be visible unmapped and unknown to the
flatpak? In that case, we'll need to enumerate all flatpak visible font
directories separately.

I think we need a complete enumeration of the cases; I keep seeing more

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-freedesktop-maintainers/attachments/20190131/45b37787/attachment.sig>

More information about the Pkg-freedesktop-maintainers mailing list