source: xsoft/graphweb/firefox.xml@ 2eb6c62

Last change on this file since 2eb6c62 was 2eb6c62, checked in by Pierre Labastie <pierre.labastie@…>, 2 months ago

Add a patch to prevent a crash in firefox

The crash occurs when opening HTML videos, only if firefox has been
compiled against rust-1.52.0 or higher.

Fix a lot of wrong indents in changelog (and one in firefox)

  • Property mode set to 100644
File size: 23.9 KB
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3 "" [
4 <!ENTITY % general-entities SYSTEM "../../general.ent">
5 %general-entities;
7 <!ENTITY firefox-download-http "&mozilla-http;/firefox/releases/&firefox-version;esr/source/firefox-&firefox-version;esr.source.tar.xz">
8 <!ENTITY firefox-download-ftp " ">
9 <!ENTITY firefox-md5sum "0aa9c735305304373f9fddc35c56e81b">
10 <!ENTITY firefox-size "319 MB">
11 <!-- NB with stylo, much of the build uses rust, and therefore cargo files.
12 But the extra cached cargo files, if any, seem to be minimal -->
13 <!ENTITY firefox-buildsize "5.2 GB (186 MB installed) without tests">
14 <!-- editors: with ff63 and rust-1.29, ./mach build -j4 is probably the
15 most practical way to get a timing on a machine with more cores, if taking
16 cores offline is not practical. If in doubt, round up -->
17 <!ENTITY firefox-time "30 SBU (on a 4-core machine) without tests">
20<sect1 id="firefox" xreflabel="Firefox-&firefox-version;">
21 <?dbhtml filename="firefox.html" ?>
23 <sect1info>
24 <date>$Date$</date>
25 </sect1info>
27 <title>Firefox-&firefox-version;</title>
29 <indexterm zone="firefox">
30 <primary sortas="a-Firefox">Firefox</primary>
31 </indexterm>
33 <sect2 role="package">
34 <title>Introduction to Firefox</title>
36 <para>
37 <application>Firefox</application> is a stand-alone browser based on the
38 <application>Mozilla</application> codebase.
39 </para>
41 &lfs101_checked;
43 <bridgehead renderas="sect3">Package Information</bridgehead>
44 <itemizedlist spacing="compact">
45 <listitem>
46 <para>
47 Download (HTTP): <ulink url="&firefox-download-http;"/>
48 </para>
49 </listitem>
50 <listitem>
51 <para>
52 Download (FTP): <ulink url="&firefox-download-ftp;"/>
53 </para>
54 </listitem>
55 <listitem>
56 <para>
57 Download MD5 sum: &firefox-md5sum;
58 </para>
59 </listitem>
60 <listitem>
61 <para>
62 Download size: &firefox-size;
63 </para>
64 </listitem>
65 <listitem>
66 <para>
67 Estimated disk space required: &firefox-buildsize;
68 </para>
69 </listitem>
70 <listitem>
71 <para>
72 Estimated build time: &firefox-time;
73 </para>
74 </listitem>
75 </itemizedlist>
77<bridgehead renderas="sect3">Additional Downloads</bridgehead>
78 <itemizedlist spacing="compact">
79 <listitem>
80 <para>
81 Required patch:
82 <ulink url="&patch-root;/firefox-&firefox-version;esr-rust1520-1.patch"/>
83 </para>
84 </listitem>
85 </itemizedlist>
87 <note>
88 <para>
89 The directory name is firefox-&firefox-version;
90 </para>
92 <para>
93 Extracting the tarball
94 will reset the permissions of the current directory to 0755 if you
95 have permission to do that. If you do this in a directory where
96 the sticky bit is set, such
97 as <filename class="directory">/tmp</filename> it will end with error
98 messages:
99 </para>
101<literallayout>tar: .: Cannot utime: Operation not permitted
102tar: .: Cannot change mode to rwxr-xr-t: Operation not permitted
103tar: Exiting with failure status due to previous errors
106 <para>
107 This does finish with non-zero status, but it does
108 <emphasis>NOT</emphasis> mean there is a real problem.
109 Do not untar as the <systemitem class="username">root</systemitem> user
110 in a directory where the sticky bit is set - that will unset it.
111 </para>
113 <para>
114 As with other large packages which use C++ (or rust), the SBU times
115 to build this vary more widely than you might expect. The build times
116 will increase significantly if your machine has to swap.
117 </para>
119 <!-- commented, by 78.0 it seems to work reliably
120 <para>
121 The mach build system (Python scripts) can be somewhat unreliable: if
122 the build fails and reports an Error, it can still return a status of
123 success, causing a scripted build to try to install (which does not rerun
124 the build), fail during the preparations for installing, but still exit
125 with a status of success. Also, on occasion it may limit itself to only
126 running one set of jobs - that will make the build take about 3 times as
127 long as running with four sets of jobs.
128 </para>-->
130 <para>
131 Although upstream prefer to use <application>PulseAudio</application>,
132 for the moment <application>Alsa</application> can still be used. Both
133 may need runtime configuration to get sound working.
134 </para>
135 </note>
137 <bridgehead renderas="sect3">Firefox Dependencies</bridgehead>
139 <bridgehead renderas="sect4">Required</bridgehead>
140 <para role="required">
141 <xref linkend="autoconf213"/>,
142 <xref linkend="cbindgen"/>,
143 <xref linkend="dbus-glib"/>,
144 both <xref linkend="gtk3"/> and
145 <xref linkend="gtk2"/>,
146 <xref linkend="libnotify"/>,
147 <xref linkend="llvm"/> (clang, used for bindgen even if using gcc),
148 <xref linkend="nodejs"/>,
149 <xref linkend="nss"/>,
150 <xref linkend="pulseaudio"/>
151 (or
152 <xref linkend="alsa-lib"/> if you edit the mozconfig;
153 now deprecated by mozilla), in either case please read the
154 Configuration Information,
155 <!-- rustc is required by cbindgen so not needed here
156 <xref linkend="rust"/>,-->
157 <xref linkend="python3"/> (rebuilt after installing <xref linkend="sqlite"/>),
158 <xref linkend="startup-notification"/>,
159 <xref linkend="unzip"/>,
160 <xref linkend="yasm"/>, and
161 <xref linkend="zip"/>
162 </para>
164 <bridgehead renderas="sect4">Recommended</bridgehead>
165 <para role="recommended">
166 <xref linkend="icu"/>,
167 <xref linkend="libevent"/>,
168 <xref linkend="libwebp"/>,
169 <xref linkend="nasm"/>
170 </para>
172 <note>
173 <para>
174 If you don't install recommended dependencies, then internal copies of
175 those packages will be used. They might be tested to work, but they can
176 be out of date or contain security holes.
177 </para>
178 </note>
180 <bridgehead renderas="sect4">Optional</bridgehead>
181 <para role="optional">
182 <xref linkend="curl"/>,
183 <xref linkend="doxygen"/>,
184 <xref role="runtime" linkend="ffmpeg"/> (runtime, to play mov, mp3 or mp4 files),
185 <!-- <phrase revision="sysv"><ulink url="">liboauth</ulink></phrase> -->
186 <xref linkend="liboauth"/>,
187 <xref linkend="openjdk"/>,
188 <xref linkend="valgrind"/>,
189 <xref linkend="wget"/>,
190 <xref linkend="wireless_tools"/>,
191 <ulink url="">libproxy</ulink>
192 </para>
194 <para condition="html" role="usernotes">
195 User Notes: <ulink url="&blfs-wiki;/firefox"/>
196 </para>
197 </sect2>
199 <sect2 role="installation">
200 <title>Installation of Firefox</title>
202 <para>
203 The configuration of <application>Firefox</application> is accomplished
204 by creating a <filename>mozconfig</filename> file containing the desired
205 configuration options. A default <filename>mozconfig</filename> is
206 created below. To see the entire list of available configuration options
207 (and an abbreviated description of some of them), issue <command>./mach
208 configure &amp;&amp; ./configure --help | less</command>. You may also
209 wish to review the entire file and uncomment any other desired options.
210 Create the file by issuing the following command:
211 </para>
213<screen><userinput>cat &gt; mozconfig &lt;&lt; "EOF"
214<literal># If you have a multicore machine, all cores will be used by default.
216# If you have installed (or will install) wireless-tools, and you wish
217# to use geolocation web services, comment out this line
218ac_add_options --disable-necko-wifi
220# API Keys for geolocation APIs - necko-wifi (above) is required for MLS
221# Uncomment the following line if you wish to use Mozilla Location Service
222#ac_add_options --with-mozilla-api-keyfile=$PWD/mozilla-key
224# Uncomment the following line if you wish to use Google's geolocaton API
225# (needed for use with saved maps with Google Maps)
226#ac_add_options --with-google-location-service-api-keyfile=$PWD/google-key
228# startup-notification is required since firefox-78
230# Uncomment the following option if you have not installed PulseAudio
231#ac_add_options --disable-pulseaudio
232# or uncomment this if you installed alsa-lib instead of PulseAudio
233#ac_add_options --enable-alsa
235# Comment out following options if you have not installed
236# recommended dependencies:
237ac_add_options --with-system-libevent
238ac_add_options --with-system-webp
239ac_add_options --with-system-nspr
240ac_add_options --with-system-nss
241ac_add_options --with-system-icu
243# Do not specify the gold linker which is not the default. It will take
244# longer and use more disk space when debug symbols are disabled.
246# libdavid (av1 decoder) requires nasm. Uncomment this if nasm
247# has not been installed.
248#ac_add_options --disable-av1
250# You cannot distribute the binary if you do this
251ac_add_options --enable-official-branding
253# Stripping is now enabled by default.
254# Uncomment these lines if you need to run a debugger:
255#ac_add_options --disable-strip
256#ac_add_options --disable-install-strip
258# Disabling debug symbols makes the build much smaller and a little
259# faster. Comment this if you need to run a debugger. Note: This is
260# required for compilation on i686.
261ac_add_options --disable-debug-symbols
263# The elf-hack is reported to cause failed installs (after successful builds)
264# on some machines. It is supposed to improve startup time and it shrinks
265# by a few MB - comment this if you know your machine is not affected.
266ac_add_options --disable-elf-hack
268# The BLFS editors recommend not changing anything below this line:
269ac_add_options --prefix=/usr
270ac_add_options --enable-application=browser
271ac_add_options --disable-crashreporter
272ac_add_options --disable-updater
273# enabling the tests will use a lot more space and significantly
274# increase the build time, for no obvious benefit.
275ac_add_options --disable-tests
277# The default level of optimization again produces a working build with gcc.
278ac_add_options --enable-optimize
280ac_add_options --enable-system-ffi
281ac_add_options --enable-system-pixman
283# --with-system-bz2 was removed in firefox-78
284ac_add_options --with-system-jpeg
285ac_add_options --with-system-png
286ac_add_options --with-system-zlib
288# The following option unsets Telemetry Reporting. With the Addons Fiasco,
289# Mozilla was found to be collecting user's data, including saved passwords and
290# web form data, without users consent. Mozilla was also found shipping updates
291# to systems without the user's knowledge or permission.
292# As a result of this, use the following command to permanently disable
293# telemetry reporting in Firefox.
296mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/firefox-build-dir</literal>
299 <para>
300 Compile <application>Firefox</application> by issuing the following
301 commands:
302 </para>
304 <para>
305 Apply a patch that prevent a crash when opening HTML videos if
306 compiling against rust-1.52.0 or higher:
307 </para>
309<screen><userinput>patch -Np1 -i ../firefox-&firefox-version;esr-rust1520-1.patch</userinput></screen>
311 <para>
312 In the esr version of firefox-78, the code to ensure that add-ons
313 are signed by the trusted root has been disabled, presumably for
314 organizations which require their own add-ons. To enable it as an
315 added security measure issue the following command:
316 </para>
318<screen><userinput>sed -e 's/Disable/Enable/' \
319 -e '/^MOZ_REQUIRE_SIGNING/s/0/1/' \
320 -i build/mozconfig.common</userinput></screen>
322 <para>
323 If the geolocation APIs are needed:
324 </para>
326 <note>
327 <para>
328 <!-- Taken from Arch Linux - an immensely helpful link - Thanks -->
329 The Google and Mozilla API Keys below are specific to LFS. If using
330 these instructions for another distro, or if you intend to distribute
331 binary copies of the software using these instructions, please obtain
332 your own keys following the instructions located at
333 <ulink url=""/> and
334 <ulink url=""/> respectively.
335 <!-- BLFS Devs, register an account at Google with your
336 email address, and I'll make you an administrator
337 for the 'Google APIs for LFS' project (where the API and OAuth keys
338 were created for use in the book).-->
339 </para>
340 </note>
342<screen><userinput>echo "AIzaSyDxKL42zsPjbke5O8_rPVpVrLrJ8aeE9rQ" > google-key
343echo "613364a7-9418-4c86-bcee-57e32fd70c23" > mozilla-key</userinput></screen>
345 <note>
347 <xi:include xmlns:xi=""
348 href="../../xincludes/mozshm.xml"/>
350 <xi:include xmlns:xi=""
351 href="../../xincludes/mozmach.xml"/>
353 </note>
354 <!--
355 <para>
356 If you are building on i686, apply a fix to prevent Internal Compiler
357 Errors in GCC-7+:
358 </para>
360<screen><userinput remap="pre">case $(uname -m) in
361 i?86) sed -i "562 s/mips64/i386/" gfx/skia/skia/third_party/skcms/src/Transform_inl.h ;;
363 -->
365 Apply a patch to allow this to be compiled with <xref linkend="rust"/>:
366 </para>
368<screen><userinput remap="pre">patch -p1 -i ../firefox-&firefox-version;esr-rustc1470-1.patch</userinput></screen>-->
370 <para>
371 Now invoke the Python script to compile the package.
372 </para>
374<screen><userinput>export CC=gcc CXX=g++ &amp;&amp;
375export MOZBUILD_STATE_PATH=${PWD}/mozbuild &amp;&amp;
376./mach configure &amp;&amp;
377./mach build</userinput></screen>
379 <para>
380 The <filename>mozconfig</filename> above disables the tests because
381 they use a lot more time and disk space for no obvious benefit. If
382 you have nevertheless enabled them, you can run the tests by executing
383 <command>./mach gtest</command>. This will require a network connection,
384 and to be run from within an Xorg session - there is a popup dialog
385 when it fails to connect to ALSA (that does not create a failed test).
386 One or two tests will fail. To see the details of the failure(s) you
387 will need to log the output from that command so that you can review it.
388 </para>
390 <para>
391 Now, as the <systemitem class="username">root</systemitem> user:
392 </para>
394<screen role="root"><userinput>./mach install</userinput></screen>
396 <para>
397 Set environment variables back to their values:
398 </para>
400<screen><userinput>unset CC CXX MOZBUILD_STATE_PATH</userinput></screen>
402 </sect2>
404 <sect2 role="commands">
405 <title>Command Explanations</title>
407<!--<xi:include xmlns:xi=""
408 href="../../xincludes/SIOCGSTAMP.xml"/>-->
410 <para>
411 <command>export CC=gcc CXX=g++ ...</command>: Upstream now prefer
412 <application>clang</application> so that they can use one compiler
413 everywhere. On the X86 architectures <application>clang</application>
414 now appears to support most of the same security-hardening options as
415 <application>GCC</application>.
416 <!-- supported in llvm-11
417 but the newer
418 <literal>-fstack-clash-protection</literal> is still not supported.-->
419 With the current versions and the default flags,
420 <application>GCC</application> creates a marginally bigger build but
421 takes typically 2 SBU less time on a 4-core machine using the mozconfig
422 above.
423 </para>
425 <para>
426 <command>export MOZBUILD_STATE_PATH=${PWD}/mozbuild</command>: The build
427 is now supposed to tell you that it intends to create <filename
428 class="directory">~/.mozbuild</filename>, and offer you an option to
429 press &lt;ENTER&gt; to accept this, or Ctrl-C to cancel and restart the
430 build after specifying the directory. In practice, the message may not
431 appear until after &lt;ENTER&gt; is keyed, i.e. the build stalls.
432 </para>
434 <para>
435 That directory is used for a (probably random) telemetry identifier.
436 Creating this in the build directory, and deleting that after the
437 installation, prevents it being used. If you wish to participate in
438 telemetry, export MOZBUILD_STATE_PATH to point to its default directory.
439 </para>
441 <para>
442 <command>./mach build</command>: <application>Firefox</application>
443 now uses this <application>python</application> script to run the
444 build and install.
445 </para>
447 <para>
448 <option>./mach build --verbose</option>: Use this alternative if you
449 need details of which files are being compiled, together with any C or
450 C++ flags being used. But do not add '--verbose' to the install command,
451 it is not accepted there.
452 </para>
454 <para>
455 <option>./mach build -jN</option>: The build should, by default, use
456 all the online CPU cores. If using all the cores causes the build to swap
457 because you have insufficient memory, using fewer cores can be faster.
458 </para>
460 <para>
461 <command>mkdir -pv /usr/lib/mozilla/plugins</command>: This ensures
462 that <filename class="directory">/usr/lib/mozilla/plugins/</filename>
463 exists.
464 </para>
466 <para>
467 <command>ln -sv ... /usr/lib/firefox/browser</command>:
468 This command creates a symbolic link to <filename
469 class="directory">/usr/lib/mozilla/plugins</filename>. It's not really
470 needed, as <application>Firefox</application> checks <filename
471 class="directory">/usr/lib/mozilla/plugins</filename> by default, but the
472 symbolic link is made to keep all the plugins installed in one folder.
473 </para>
475 </sect2>
477 <sect2 role="configuration">
478 <title>Configuring Firefox</title>
480 <para>
481 If you use a desktop environment like <application>Gnome</application> or
482 <application>KDE</application> you may like to create a
483 <filename>firefox.desktop</filename> file so that
484 <application>Firefox</application> appears in the panel's menus. <!--If you
485 didn't enable startup-notification in your mozconfig change the
486 StartupNotify line to false.--> As the
487 <systemitem class="username">root</systemitem> user:
488 </para>
490<screen role="root"><userinput>mkdir -pv /usr/share/applications &amp;&amp;
491mkdir -pv /usr/share/pixmaps &amp;&amp;
493cat &gt; /usr/share/applications/firefox.desktop &lt;&lt; "EOF" &amp;&amp;
494<literal>[Desktop Entry]
496Name=Firefox Web Browser
497Comment=Browse the World Wide Web
498GenericName=Web Browser
499Exec=firefox %u
508ln -sfv /usr/lib/firefox/browser/chrome/icons/default/default128.png \
509 /usr/share/pixmaps/firefox.png</userinput></screen>
511 <sect3><title>Configuration Information</title>
513 <para>
514 The application settings for firefox are accessible by keying
515 <command>about:config</command> in the address bar.
516 </para>
518 <para>
519 Occasionally, getting working sound in
520 <application>firefox</application> can be a problem. Although upstream
521 prefers pulseaudio,
522 on balance using <application>Alsa</application> may be easier.
523 </para>
525 <para>
526 If you enabled <application>Alsa</application> for sound, you may need
527 to alter one variable to get working sound. If you run
528 <command>firefox</command> from a term and try to play something with
529 sound you might encounter error messages like:
530 </para>
532 <para>
533 <literal>Sandbox: seccomp sandbox violation: pid 3941, tid 4030,
534 syscall 16, args 48 2147767296 139909894784796 0 0 0.</literal>
535 </para>
537 <para>
538 That was on x86_64, on i686 the syscall number is 54. To allow this
539 syscall, in <command>about:config</command> change
540 <command>security.sandbox.content.syscall_whitelist</command> to 16
541 (or 54 if using i686).
542 </para>
544 <para>
545 If you use <command>pulseaudio</command> in a Desktop Environment, it
546 might already be started by that DE. But if it is not, although
547 firefox-57 managed to start it, firefox-58 did not. If you run
548 <command>firefox</command> from a term and this problem is present,
549 trying to play sound will
550 encounter error messages warning <literal>Can't get cubeb
551 context!</literal>
552 </para>
554 <para>
555 The fix for this is to close firefox, start pulseaudio to check it
556 does start (if not, read the information on Configuring in <xref
557 linkend="pulseaudio"/>) and restart firefox to check it is working.
558 If it now works, add the following to your <filename>~/.xinitrc</filename>:
559<phrase revision="sysv">
560<literal>pulseaudio --verbose --log-target=syslog&amp;</literal></phrase>
561<phrase revision="systemd">
562<literal>pulseaudio --verbose --log-target=journald&amp;</literal></phrase>
563 (unfortunately, on some systems this does not work).
564 </para>
566 <para>
567 You may wish to use multiple profiles within firefox. To do that, invoke
568 firefox as <command>firefox --ProfileManager</command>. You can also
569 check which profile is currently in use from
570 <command>about:profiles</command>.
571 </para>
573 <para>
574 Although WebRender (using the GPU for compositing) is not used by
575 default, it now appears to work well on supported hardware (ATI, Nvidia
576 and Intel GPUs with Mesa-18 or later. For an explanation, please see
577 <ulink
578 url=""></ulink>.
579 The only downside seems to be that on a machine with limited RAM it might
580 use more RAM.
581 </para>
583 <para>
584 To check if WebRender is being used, look in about:support. In the Graphics
585 section Compositing will either show 'Basic' (i.e. not in use) or
586 'WebRender'. To enable it, go to about:config and change gfx.webrender.all
587 to True. You will need to restart firefox.
588 </para>
590 <para>
591 It may be useful to mention the processes from firefox which can appear in
592 <command>top</command> - as well as firefox itself, there may be multiple
593 Web Content processes, and now an RDD Process (Remote Data Decoder) which
594 appears when playing web videos encoded with av1 (libdav1d). If WebRender
595 has been enabled, a GPU Process will also appear when firefox has to
596 repaint (e.g. scrolling, opening a new tab, or playing a video).
597 </para>
599 </sect3>
600 </sect2>
602 <sect2 role="content">
603 <title>Contents</title>
605 <segmentedlist>
606 <segtitle>Installed Programs</segtitle>
607 <segtitle>Installed Libraries</segtitle>
608 <segtitle>Installed Directory</segtitle>
610 <seglistitem>
611 <seg>
612 firefox
613 </seg>
614 <seg>
615 Numerous libraries, browser components, plugins, extensions, and
616 helper modules installed in /usr/lib/firefox
617 </seg>
618 <seg>
619 /usr/lib/firefox and /usr/lib/mozilla
620 </seg>
621 </seglistitem>
622 </segmentedlist>
624 <variablelist>
625 <bridgehead renderas="sect3">Short Descriptions</bridgehead>
626 <?dbfo list-presentation="list"?>
627 <?dbhtml list-presentation="table"?>
629 <varlistentry id="firefox-prog">
630 <term><command>firefox</command></term>
631 <listitem>
632 <para>
633 is a <application>GTK+-3</application> internet browser that uses
634 the Mozilla Gecko rendering engine
635 </para>
636 <indexterm zone="firefox firefox-prog">
637 <primary sortas="b-firefox">firefox</primary>
638 </indexterm>
639 </listitem>
640 </varlistentry>
642 </variablelist>
644 </sect2>
Note: See TracBrowser for help on using the repository browser.