mirror of
https://github.com/ghostty-org/ghostty.git
synced 2025-10-17 07:16:12 +00:00
d231e94535
Avoid leaking snap environment values and in particular the `$SNAP*`
values to the children that we run from the terminal.
Do this programmatically instead of the launcher, since ghostty needs
know the environment it runs in, while it must not leak the info to the
children.
We've also another leak on snap, that creates a more visible problem
(wrong matching of children applications) that is the apparmor security
profile.
I've handled it at
cc3b46f600
but that requires some love in order to fully decouple the snap option
to the build, to avoid including it in non-snap builds, so an help would
be appreciated there.
> This PR was contains code (in `filterSnapPaths`) that was improved by
DeepSeek.
65 lines
2.5 KiB
Bash
Executable File
65 lines
2.5 KiB
Bash
Executable File
#!/bin/sh
|
|
set -e
|
|
|
|
# Set these to reasonable defaults if not already set
|
|
if [ -z "$XDG_CONFIG_HOME" ]; then
|
|
export XDG_CONFIG_HOME="$SNAP_REAL_HOME/.config"
|
|
fi
|
|
|
|
if [ -z "$XDG_CACHE_HOME" ]; then
|
|
export XDG_CACHE_HOME="$SNAP_REAL_HOME/.cache"
|
|
fi
|
|
|
|
if [ -z "$XDG_DATA_HOME" ]; then
|
|
export XDG_DATA_HOME="$SNAP_REAL_HOME/.local/share"
|
|
fi
|
|
|
|
source "$SNAP_USER_DATA/.last_revision" 2>/dev/null || true
|
|
if [ "$LAST_REVISION" = "$SNAP_REVISION" ]; then
|
|
needs_update=false
|
|
else
|
|
needs_update=true
|
|
fi
|
|
|
|
export HOME="$SNAP_REAL_HOME"
|
|
|
|
if [ "$SNAP_ARCH" = "amd64" ]; then
|
|
ARCH="x86_64-linux-gnu"
|
|
elif [ "$SNAP_ARCH" = "arm64" ]; then
|
|
ARCH="aarch64-linux-gnu"
|
|
else
|
|
ARCH="$SNAP_ARCH-linux-gnu"
|
|
fi
|
|
|
|
export LD_LIBRARY_PATH=${SNAP}/usr/lib/${ARCH}:${SNAP}/usr/lib/${ARCH}/vdpau:${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}
|
|
export LIBGL_DRIVERS_PATH=${LIBGL_DRIVERS_PATH:+$LIBGL_DRIVERS_PATH:}${SNAP}/usr/lib/${ARCH}/dri/
|
|
export LIBVA_DRIVERS_PATH=${LIBVA_DRIVERS_PATH:+$LIBVA_DRIVERS_PATH:}${SNAP}/usr/lib/${ARCH}/dri/
|
|
export __EGL_VENDOR_LIBRARY_DIRS=${__EGL_VENDOR_LIBRARY_DIRS:+$__EGL_VENDOR_LIBRARY_DIRS:}${SNAP}/usr/share/glvnd/egl_vendor.d
|
|
export __EGL_EXTERNAL_PLATFORM_CONFIG_DIRS=${__EGL_EXTERNAL_PLATFORM_CONFIG_DIRS:+$__EGL_EXTERNAL_PLATFORM_CONFIG_DIRS:}${SNAP}/usr/share/egl/egl_external_platform.d
|
|
export DRIRC_CONFIGDIR=${SNAP}/usr/share/drirc.d
|
|
export VK_LAYER_PATH=${VK_LAYER_PATH:+$VK_LAYER_PATH:}${SNAP}/usr/share/vulkan/implicit_layer.d/:${SNAP}/usr/share/vulkan/explicit_layer.d/
|
|
export XDG_DATA_DIRS=${XDG_DATA_DIRS:+$XDG_DATA_DIRS:}${SNAP}/usr/share
|
|
export XLOCALEDIR="${SNAP}/usr/share/X11/locale"
|
|
export GTK_PATH="$SNAP/usr/lib/$ARCH/gtk-4.0"
|
|
|
|
# Gdk-pixbuf loaders
|
|
mkdir -p "$SNAP_USER_COMMON/.cache"
|
|
export GDK_PIXBUF_MODULE_FILE="$SNAP_USER_COMMON/.cache/gdk-pixbuf-loaders.cache"
|
|
export GDK_PIXBUF_MODULEDIR="$SNAP/usr/lib/$ARCH/gdk-pixbuf-2.0/2.10.0/loaders"
|
|
if [ "$needs_update" = true ] || [ ! -f "$GDK_PIXBUF_MODULE_FILE" ]; then
|
|
rm -f "$GDK_PIXBUF_MODULE_FILE"
|
|
if [ -f "$SNAP/usr/lib/$ARCH/gdk-pixbuf-2.0/gdk-pixbuf-query-loaders" ]; then
|
|
"$SNAP/usr/lib/$ARCH/gdk-pixbuf-2.0/gdk-pixbuf-query-loaders" > "$GDK_PIXBUF_MODULE_FILE"
|
|
fi
|
|
fi
|
|
|
|
if [ "${__NV_PRIME_RENDER_OFFLOAD:-}" != 1 ]; then
|
|
# Prevent picking VA-API (Intel/AMD) over NVIDIA VDPAU
|
|
# https://download.nvidia.com/XFree86/Linux-x86_64/510.54/README/primerenderoffload.html#configureapplications
|
|
export LIBVA_DRIVERS_PATH
|
|
fi
|
|
|
|
[ "$needs_update" = true ] && echo "LAST_REVISION=$SNAP_REVISION" > "$SNAP_USER_DATA/.last_revision"
|
|
|
|
exec "$@"
|