Hello, Incoming is a series of patches that does the following: 1. Update Flatpak, libportal, xdg-desktop-portal, and xdg-desktop-portal-gtk to the latest versions 2. flatpak: fix two bugs: a. A certificate error due to p11-kit https://issues.guix.gnu.org/49957 I worked around this by adding a new p11-kit-next package with the configuration change and newest version. From testing, this may not work if there are multiple Flatpak bins installed, as the way p11-kit-server is started is, I think, through a session helper that probably goes through D-Bus. Still, I think this is the best workaround. b. Flatpak would use the store path for writing its bin, e.g. in .desktop files from installing an application. I used a modified version of the NixOS patch to make it just write "flatpak". This means it'll come from PATH, but again I don't see a better workaround that wouldn't break on Flatpak's store directory changing. 3. xdg-desktop-portal-gtk: enabled Gnome backends that are by default disabled on the newest version (they were not configurable before). These can be also be had in a separate Gnome portal, currently unpackaged. I figured for now best to keep them enabled, but later could use the Gnome portal to remove Gnome dependencies here, I think. 4. xdg-desktop-portal-gtk: Propagte xdg-desktop-portal. This was an input which is fine for building, but the portal won't fully function without that also being installed. Mostly I believe it is the D-Bus files that are needed. This should also fix a bug I encountered here https://issues.guix.gnu.org/49972#5 due to both packages having the same search-path. (On this last point I've manually worked around it before, but this should have the same effect of only one path being in this env variable.) These updates should close at least the issues mentioned above, will search if there are any older updates or related issues. Everything builds on master and should on core-updates-frozen, though xdg-desktop-portal-gtk might need a libxml2 input (not sure why?). But this should fix the build errors there. I've been using these packages with these changes (other than the propagated-inputs) and it works well, as long as I translated correctly from my channel to these patches :) Pretty sure it is the same. Thanks!John
From 71d64041fb6754a1b1cf67b0ea0e18da9b724f74 Mon Sep 17 00:00:00 2001From: John Kehayias <email@example.com>Date: Fri, 8 Oct 2021 14:15:13 -0400Subject: [PATCH 4/8] gnu: Add p11-kit-next. * gnu/packages/tls.scm (p11-kit-next): New variable.[source]: Update to latest version of p11-kit.[arguments]: Configure with system-wide CA certificate store which fixes acertificate error with Flatpak. Original patch by Andrew Whatson.--- gnu/packages/tls.scm | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+)
Re: bug#51100: [PATCH 0/8] Update and fix Flatpak and portals
(name . John Kehayias)(address . firstname.lastname@example.org)(name . email@example.com)(address . firstname.lastname@example.org)
Hi! I’ve applied the whole series, with two changes (as discussed on IRC): • making the p11-kit ‘--with-trust-paths=/etc/ssl/certs/ca-certificates.crt change’ separate; • adding the new flatpak patch to ‘gnu/local.mk’ and mentioning it in the commit log. Thanks! Ludo’.