From 5eaebebdea06eee6bb273be0a856ca89c144ad49 Mon Sep 17 00:00:00 2001
From: Ian Eure <ian@retrospec.tv>
Date: Sat, 5 Oct 2024 09:19:11 -0700
Subject: gnu: librewolf: Revert video acceleration fix.

This patch partly reverts #73429, because that change makes livestreaming
video refuse to play.

* gnu/packages/librewolf.scm (librewolf) [source]: Remove
the librewolf-add-paths-to-rdd-allowlist patch.
[phases] <wrap-program>: Reinstate previous LD_LIBRARY_PATH wrapping.
* gnu/packages/patches/librewolf-add-paths-to-rdd-allowlist.patch: Delete
file.
* gnu/local.mk (dist_patch_DATA): De-register it.

Modified-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Change-Id: Iaf36c64464cd078538fda677ea4fa7b13e7c110f
---
 gnu/packages/librewolf.scm | 22 +++++++++++++++++-----
 1 file changed, 17 insertions(+), 5 deletions(-)

(limited to 'gnu/packages/librewolf.scm')

diff --git a/gnu/packages/librewolf.scm b/gnu/packages/librewolf.scm
index 32b6d13d54..31de7a7171 100644
--- a/gnu/packages/librewolf.scm
+++ b/gnu/packages/librewolf.scm
@@ -212,7 +212,7 @@ (define rust-librewolf rust) ; 1.75 is the default in Guix, 1.65 is the minimum.
 ;; Update this id with every update to its release date.
 ;; It's used for cache validation and therefore can lead to strange bugs.
 ;; ex: date '+%Y%m%d%H%M%S'
-(define %librewolf-build-id "20241003201141")
+(define %librewolf-build-id "20241005085731")
 
 (define-public librewolf
   (package
@@ -223,9 +223,7 @@ (define-public librewolf
       (inherit (make-librewolf-source
                 #:version version
                 #:firefox-hash "0w4z3fq5zhm63a0wmhvmqrj263bvy962dir25q3z0x5hx6hjawh2"
-                #:librewolf-hash "0f80pihn375bdjhjmmg2v1w96wpn76zb60ycy39wafwh1dnzybrd"))
-      (patches
-       (search-patches "librewolf-add-paths-to-rdd-allowlist.patch"))))
+                #:librewolf-hash "0f80pihn375bdjhjmmg2v1w96wpn76zb60ycy39wafwh1dnzybrd"))))
     (build-system gnu-build-system)
     (arguments
      (list
@@ -592,12 +590,26 @@ (define (runpaths-of-input label)
                                        ;; For U2F and WebAuthn
                                        "eudev")))
 
+                              ;; VA-API is run in the RDD (Remote Data Decoder) sandbox
+                              ;; and must be explicitly given access to files it needs.
+                              ;; Rather than adding the whole store (as Nix had
+                              ;; upstream do, see
+                              ;; <https://github.com/NixOS/nixpkgs/pull/165964> and
+                              ;; linked upstream patches), we can just follow the
+                              ;; runpaths of the needed libraries to add everything to
+                              ;; LD_LIBRARY_PATH.  These will then be accessible in the
+                              ;; RDD sandbox.
+                              (rdd-whitelist (map (cut string-append <> "/")
+                                                  (delete-duplicates (append-map
+                                                                      runpaths-of-input
+                                                                      '("mesa"
+                                                                        "ffmpeg")))))
                               (gtk-share (string-append (assoc-ref inputs
                                                                    "gtk+")
                                                         "/share")))
                          (wrap-program (car (find-files lib "^librewolf$"))
                            `("LD_LIBRARY_PATH" prefix
-                             ,libs)
+                             (,@libs ,@rdd-whitelist))
                            `("XDG_DATA_DIRS" prefix
                              (,gtk-share))
                            `("MOZ_LEGACY_PROFILES" =
-- 
cgit v1.2.3