Re: [Plash] example evince.pkg file

From: Mark Seaborn
Subject: Re: [Plash] example evince.pkg file
Date: Wed, 09 Apr 2008 21:47:24 +0100 (BST)

Toby Murray <address@hidden> wrote:

> I'm wondering why the evince.pkg file lists the "extra" dependencies
> gtk2-engines, gnome-themes, plash-gtk-hook.
> Are these required in order to allow evince to use the powerbox?

gtk2-engines and gnome-themes just make the application look prettier.
It ends up using the same theme as non-sandboxed Gtk programs.  I'm
not exactly sure how Gtk determines what theme to use.  I think it
might use X properties, in which case that will stop working when X
security is implemented.  Otherwise, the themes are matching because I
haven't changed the theme from the Ubuntu/Debian default. :-)

The intention behind plash-gtk-hook was that this hypothetical package
would contain the preload library which is currently in the plash
package under /usr/lib/plash/lib/  Currently, as a
short term solution, plash-pkg-launch just binds the contents of
/usr/lib/plash/lib into the sandbox's /lib as a special case.  The
plan is to split the plash package up; see

Also, the Gtk preload library should go away, and we should patch Gtk
at the source level instead.  The preload library doesn't work with
Firefox because it dlopen()s Gtk.  Getting a powerbox hook into Gtk
upstream is better in the long term: more maintainable; it will help
anyone else who wants to implement powerboxes (or just replace Gtk's
unpopular file chooser); and it could help spread the powerbox

Currently, plash_pkg.choose doesn't give an error if a package
dependency can't be satisfied, only a warning, so the absence of
plash-gtk-hook doesn't stop anything from working.  The reason for
that is that plash_pkg.choose doesn't look at "Provides", so
dependencies on virtual packages do not get satisfied.


