274 lines
9.9 KiB
Bash
274 lines
9.9 KiB
Bash
|
#!/bin/bash
|
||
|
# -*- mode: sh; tab-width: 8; encoding: utf-8-unix -*-
|
||
|
|
||
|
DESC="This is a bash script to apply the ungoogled_chromium patches
|
||
|
to qtwebengine on Gentoo. You should be able to modify it for other
|
||
|
source distributions in an obvious way, but as Gentoo builds from sources,
|
||
|
its most straightforward on it.
|
||
|
|
||
|
The patches have been edited to exclude the patches that dont apply to
|
||
|
qtwebengine - the browser parts - and remove a lot of privacy outrages
|
||
|
committed by google. You can select and add to the list below.
|
||
|
|
||
|
These patches are specific to this release of qtwebengine as it is
|
||
|
specific to a given release of chromium. In general the patches apply
|
||
|
cleanly, but sometimes with a little fuzz.
|
||
|
|
||
|
"
|
||
|
[ `id -u` -ne 0 ] && ERROR $prog must be run as root && exit 1
|
||
|
|
||
|
prog=`basename $0 .bash`
|
||
|
# we build into /var/local - adjust to suit
|
||
|
PREFIX=/var/local
|
||
|
ROLE=privacy
|
||
|
DEBUG=1
|
||
|
# run them first with --dryrun to check
|
||
|
PATCH="patch -b -z.dst -p 1" # --dry-run
|
||
|
|
||
|
# we define some local extensions ols_* which can be ignored
|
||
|
if [ -f /var/local/src/var_local_src.bash ] ; then
|
||
|
# color logging
|
||
|
. /var/local/src/var_local_src.bash || exit 1
|
||
|
else
|
||
|
debug () { [ -z "$DEBUG" -o "$DEBUG" -eq 0 ] || echo DBUG: "$prog $*"; return 0 ; }
|
||
|
DBUG () { debug $* ; }
|
||
|
|
||
|
error() { echo ERROR: "$prog " $* 1>&2 ; return $1 ; }
|
||
|
ERROR () { error $* ; }
|
||
|
|
||
|
panic () {
|
||
|
retval=$1
|
||
|
shift
|
||
|
echo "PANIC: $prog " $* 1>&2
|
||
|
exit $retval
|
||
|
}
|
||
|
PANIC () { panic "$@" ; }
|
||
|
FATAL () { panic "$@" ; }
|
||
|
|
||
|
warn () { echo WARN: "$prog " $* 1>&2; return 0; }
|
||
|
WARN () { warn $* ; }
|
||
|
|
||
|
info () {echo INFO: "$prog " $* 1>&2; return 0 ; }
|
||
|
INFO () { info $* ; }
|
||
|
fi
|
||
|
|
||
|
# PORTAGE_TMPDIR MUST NOT be a symlink! - get this from make.conf
|
||
|
PORTAGE_TMPDIR='/mnt/linuxKick150154'
|
||
|
QTWE_CAT=dev-qt
|
||
|
QTWE_PKG=qtwebengine
|
||
|
QTWE_VER=6.6.3
|
||
|
# you can run into sandbox problems depending on your sysctl settings
|
||
|
# Try with FEATURES="" and if it works great - if not we trust the ebuild
|
||
|
FEATURES="-ipc-sandbox -mount-sandbox -network-sandbox -pid-sandbox -sandbox -usersandbox"
|
||
|
# chromium looks for dictionaries in an absurd place in /usr/bin
|
||
|
# or in the users ~/.config/Chrome/Dictionaries so we build the dicts
|
||
|
# there, which has to be repeated for each user.
|
||
|
# It doesnt seem to respect the environment variable
|
||
|
QTWE_USER=vagrant
|
||
|
|
||
|
# These patches are specific to this release of qtwebengine and a
|
||
|
# specific tag of ungoogled_chromium
|
||
|
UGC_TAG="112.0.5615.165-1"
|
||
|
UGC_EBUILD=ungoogled-chromium-112.0.5615.165_p1.ebuild
|
||
|
# The chromium tar that the ebuild uses can be found at:
|
||
|
# http:/distfiles.alpinelinux.org/distfiles/v3.17/chromium-112.0.5615.165.tar.xz
|
||
|
PKG=ungoogled-chromium
|
||
|
DIR=ungoogled_qtwebengine-${QTWE_VER}
|
||
|
GIT_HUB=github.com
|
||
|
GIT_USER=ungoogled-software
|
||
|
GIT_DIR=$PKG
|
||
|
|
||
|
cd $PREFIX/src || exit 2
|
||
|
WD=$PWD
|
||
|
|
||
|
if [ -d /etc/portage ] ; then
|
||
|
# these are the prereqs in order
|
||
|
ols_funtoo_requires \
|
||
|
dev-qt/qtbase:6 \
|
||
|
dev-qt/qtserialport:6 \
|
||
|
dev-qt/qtdeclarative:6 \
|
||
|
dev-qt/qtpositioning:6 \
|
||
|
dev-qt/qtlocation:6 \
|
||
|
dev-qt/qtmultimedia:6 \
|
||
|
dev-qt/qttools:6 \
|
||
|
dev-qt/qtwebchannel:6 \
|
||
|
dev-qt/qtsvg:6 \
|
||
|
dev-qt/qtwebengine:6 \
|
||
|
dev-qt/qtimageformats:6 \
|
||
|
dev-python/PyQt6-WebEngine
|
||
|
else
|
||
|
ERROR this is Gentoo specific and youll have to adapt it otherwise
|
||
|
exit 2
|
||
|
fi
|
||
|
|
||
|
WD=$PWD
|
||
|
if [ ! -d "$DIR" ] ; then
|
||
|
if [ ! -d "$PREFIX/net/Git/$GIT_HUB/$GIT_USER/$GIT_DIR" ] ; then
|
||
|
[ -d "$PREFIX/net/Git/$GIT_HUB/$GIT_USER" ] || \
|
||
|
mkdir "$PREFIX/net/Git/$GIT_HUB/$GIT_USER"
|
||
|
route | grep ^default || { DEBUG not connected ; exit 0 ; }
|
||
|
cd "$PREFIX/net/Git/$GIT_HUB/$GIT_USER"
|
||
|
git clone https://$GIT_HUB/$GIT_USER/$GIT_DIR || exit 3
|
||
|
cd $WD
|
||
|
fi
|
||
|
cp -rip "$PREFIX/net/Git/$GIT_HUB/$GIT_USER"/$GIT_DIR $DIR
|
||
|
fi
|
||
|
|
||
|
cd "$DIR"
|
||
|
|
||
|
git log | head -1 | grep "HEAD, tag: $UGC_TAG" || {
|
||
|
ERROR The first time you must: git checkout $UGC_TAG
|
||
|
iNFO well make you do this manually so you dont overwrite things
|
||
|
exit 4
|
||
|
}
|
||
|
|
||
|
[ -d /home/${QTWE_USER}/.config/chromium/Default/Dictionaries ] || \
|
||
|
mkdir -p /home/${QTWE_USER}/.config/chromium/Default/Dictionaries
|
||
|
# per user - ignore failures
|
||
|
ols_chromium_dicts /home/${QTWE_USER}/.config/chromium/Default/Dictionaries
|
||
|
|
||
|
PV_DIR=$PORTAGE_TMPDIR/portage/$QTWE_CAT/${QTWE_PKG}-${QTWE_VER}
|
||
|
WORK=$PV_DIR/work/${QTWE_PKG}-everywhere-src-${QTWE_VER}/src/3rdparty/chromium/
|
||
|
|
||
|
# configure the qtwe sources first
|
||
|
[ -e $PV_DIR/.configured ] || \
|
||
|
FEATURES="$FEATURES" \
|
||
|
ebuild /usr/portage/$QTWE_CAT/${QTWE_PKG}/${QTWE_PKG}-${QTWE_VER}.ebuild \
|
||
|
prepare configure >> ${QTWE_PKG}-${QTWE_VER}.log 2>&1 || \
|
||
|
{ ERROR .configured $? ; exit 4 ; }
|
||
|
|
||
|
# compile the qtwe sources second
|
||
|
[ -e $PV_DIR/.complied ] || \
|
||
|
FEATURES="$FEATURES" \
|
||
|
ebuild /usr/portage/$QTWE_CAT/${QTWE_PKG}/${QTWE_PKG}-${QTWE_VER}.ebuild \
|
||
|
prepare compile >> ${QTWE_PKG}-${QTWE_VER}.log 2>&1 || \
|
||
|
{ ERROR .configured $? ; exit 5 ; }
|
||
|
|
||
|
WD=$PWD
|
||
|
# The ungoogled_chromium patches need patching to remove some
|
||
|
# parts that work on files not in qtwebengine. It you dont apply
|
||
|
# these patches youll get some .rej files that are harmless
|
||
|
|
||
|
# you can check the source for .rej files before patching
|
||
|
if [ really = careful ] ; then
|
||
|
L=`find $WORK -name \*.rej | tee .rej | wc -l | sed -e 's/ .*//'`
|
||
|
[ $L -gt 0 ] && ERROR still $L .rej && exit 6
|
||
|
fi
|
||
|
|
||
|
# You can apply the patches one at a time by setting this to 1 and incrementing
|
||
|
iMAX=28
|
||
|
declare -a PATCHES
|
||
|
# This patches have been selected to exclude ones irrelevant to qtwebengine
|
||
|
PATCHES=(
|
||
|
patches/core/inox-patchset/0009-disable-google-ipv6-probes.patch
|
||
|
patches/core/iridium-browser/safe_browsing-disable-reporting-of-safebrowsing-over.patch
|
||
|
patches/core/ungoogled-chromium/block-trk-and-subdomains.patch
|
||
|
# decided not to do this for qutebrowser - should work if you want it
|
||
|
#? patches/core/ungoogled-chromium/disable-crash-reporter.patch
|
||
|
patches/core/ungoogled-chromium/disable-domain-reliability.patch
|
||
|
patches/core/ungoogled-chromium/disable-fonts-googleapis-references.patch
|
||
|
patches/core/ungoogled-chromium/disable-gcm.patch
|
||
|
patches/core/ungoogled-chromium/disable-mei-preload.patch
|
||
|
patches/core/ungoogled-chromium/disable-network-time-tracker.patch
|
||
|
patches/core/ungoogled-chromium/doh-changes.patch
|
||
|
patches/core/ungoogled-chromium/disable-webstore-urls.patch
|
||
|
patches/core/ungoogled-chromium/fix-building-with-prunned-binaries.patch
|
||
|
patches/core/ungoogled-chromium/fix-learn-doubleclick-hsts.patch
|
||
|
# decided not to do this for qutebrowser - should work if you want it
|
||
|
# patches/core/ungoogled-chromium/replace-google-search-engine-with-nosearch.patch
|
||
|
patches/extra/inox-patchset/0016-chromium-sandbox-pie.patch
|
||
|
patches/extra/inox-patchset/0019-disable-battery-status-service.patch
|
||
|
patches/extra/iridium-browser/Remove-EV-certificates.patch
|
||
|
patches/extra/iridium-browser/mime_util-force-text-x-suse-ymp-to-be-downloaded.patch
|
||
|
patches/extra/iridium-browser/net-cert-increase-default-key-length-for-newly-gener.patch
|
||
|
patches/extra/iridium-browser/prefs-only-keep-cookies-until-exit.patch
|
||
|
patches/extra/ungoogled-chromium/add-components-ungoogled.patch
|
||
|
patches/extra/ungoogled-chromium/add-extra-channel-info.patch
|
||
|
patches/extra/ungoogled-chromium/disable-download-quarantine.patch
|
||
|
|
||
|
patches/extra/ungoogled-chromium/disable-formatting-in-omnibox.patch
|
||
|
patches/extra/ungoogled-chromium/disable-remote-optimization-guide.patch
|
||
|
patches/extra/ungoogled-chromium/disable-webgl-renderer-info.patch
|
||
|
patches/extra/ungoogled-chromium/enable-default-prefetch-privacy-changes.patch
|
||
|
patches/extra/ungoogled-chromium/fix-distilled-icons.patch
|
||
|
#! missing file from source and patches: unexpire_flags.h
|
||
|
#! patches/extra/ungoogled-chromium/keep-expired-flags.patch
|
||
|
patches/extra/ungoogled-chromium/prepopulated-search-engines.patch
|
||
|
)
|
||
|
|
||
|
# The ungoogled_chromium patches need patching to remove some
|
||
|
# parts that work on files not in qtwebengine. It you dont apply
|
||
|
# these patches youll get some .rej files that are harmless
|
||
|
if [ -f ../$DIR.diff ] ; then
|
||
|
ls patches/*/*/*.diff >/dev/null || \
|
||
|
patch -b -z.dst -p 0 < ../$DIR.diff || {
|
||
|
ERROR ../$DIR.diff should have applied cleanly - YMMV
|
||
|
exit 7
|
||
|
}
|
||
|
fi
|
||
|
|
||
|
declare -a CHROME_DIRS
|
||
|
# Patches to these dirs are not be selected and are irrelevant to qtwebengine
|
||
|
CHROME_DIRS=(
|
||
|
chrome/updater
|
||
|
chrome/browser
|
||
|
)
|
||
|
i=0
|
||
|
# find patches -name \*.patch
|
||
|
ls -1 "${PATCHES[@]}" | while read file ; do
|
||
|
[ -s "$file" ] || {
|
||
|
WARN empty $file
|
||
|
continue
|
||
|
}
|
||
|
|
||
|
# a/chrome/browser is not in qtwebengine
|
||
|
for elt in "${CHROME_DIRS[@]}" ; do
|
||
|
grep "^--- a/$elt" $file && WARN $file && continue 2
|
||
|
done
|
||
|
|
||
|
i=`expr $i + 1`
|
||
|
[ $i -gt $iMAX ] && break
|
||
|
|
||
|
grep '^--- a/' $file | sed -e 's/^--- a\///' | \
|
||
|
while read target ; do
|
||
|
DST=$WORK/$target.dst
|
||
|
DBUG looking for $DST
|
||
|
[ -f $DST ] && WARN $DST already exists && continue
|
||
|
done
|
||
|
|
||
|
if [ -s $WD/$file.log ] ; then
|
||
|
# remove the log to reapply a patch
|
||
|
DBUG "skipping $WD/$file.log"
|
||
|
continue
|
||
|
else
|
||
|
DBUG $i patching from $file "to $WD/$file.log"
|
||
|
fi
|
||
|
|
||
|
cd $WORK
|
||
|
# we keep a log of each patch applied and skip the patch if theres a log
|
||
|
# remove the log to reapply a patch
|
||
|
$PATCH < $WD/$file 2>&1|tee $WD/$file.log
|
||
|
cd $WD
|
||
|
|
||
|
# we check the log of each patch applied for .rej and exit if there are any
|
||
|
grep '\.rej' $WD/$file.log && ERROR still .rej after $file.log && exit 8
|
||
|
echo $WD/$file.log >> ${DIR}.log
|
||
|
|
||
|
# if you want to be careful rebuild qtwebengine every patch
|
||
|
if [ really = slow ] ; then
|
||
|
# we are talking about weeks to build here...
|
||
|
[ ! -f /usr/portage/$QTWE_CAT/${QTWE_PKG}/${QTWE_PKG}-${QTWE_VER}.ebuild ] && \
|
||
|
ERROR /usr/portage/$QTWE_CAT/${QTWE_PKG}/${QTWE_PKG}-${QTWE_VER}.ebuild && \
|
||
|
exit 7
|
||
|
|
||
|
# remove .../portage/dev-qt/qtwebengine-6.6.3/.compiled
|
||
|
rm -f $PV_DIR/.complied $PV_DIR/.installed
|
||
|
|
||
|
EBUILD=/usr/portage/$QTWE_CAT/${QTWE_PKG}/${QTWE_PKG}-${QTWE_VER}.ebuild
|
||
|
env FEATURES="$FEATURES" ebuild $EBUILD compile install qmerge >> ${DIR}.log 2>&1 || \
|
||
|
{ ERROR compiling $file $? ; exit 9 ; }
|
||
|
fi
|
||
|
|
||
|
INFO patched from $file
|
||
|
done
|