source: xsoft/graphweb/firefox.xml@ 74762a5

10.1 11.0 ken/refactor-virt lazarus qt5new trunk xry111/git-date xry111/git-date-for-trunk xry111/git-date-test
Last change on this file since 74762a5 was 74762a5, checked in by Ken Moffat <ken@…>, 13 months ago

LLVM: promote clang to recommended, downgrade compiler-rt to optional in the markup. And note that firefox requires clang.

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@23708 af4574ff-66df-0310-9fd7-8a98e5e911e0

  • Property mode set to 100644
File size: 23.3 KB
Line 
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3 "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4 <!ENTITY % general-entities SYSTEM "../../general.ent">
5 %general-entities;
6
7 <!ENTITY firefox-download-http "&mozilla-http;/firefox/releases/&firefox-version;esr/source/firefox-&firefox-version;esr.source.tar.xz">
8 <!ENTITY firefox-download-ftp " ">
9 <!ENTITY firefox-md5sum "e071f6c9bea8344d4556323f02bf6125">
10 <!ENTITY firefox-size "317 MB">
11 <!-- NB with stylo, much of the build uses rust, and therefore cargo files.
12 But the extra cached cargo files, if any, seem to be minimal -->
13 <!ENTITY firefox-buildsize "4.9 GB (184 MB installed) without tests">
14 <!-- editors: with ff63 and rust-1.29, ./mach build -j4 is probably the
15 most practical way to get a timing on a machine with more cores, if taking
16 cores offline is not practical. If in doubt, round up -->
17 <!ENTITY firefox-time "30 SBU (on a 4-core machine) without tests">
18]>
19
20<sect1 id="firefox" xreflabel="Firefox-&firefox-version;">
21 <?dbhtml filename="firefox.html" ?>
22
23 <sect1info>
24 <othername>$LastChangedBy$</othername>
25 <date>$Date$</date>
26 </sect1info>
27
28 <title>Firefox-&firefox-version;</title>
29
30 <indexterm zone="firefox">
31 <primary sortas="a-Firefox">Firefox</primary>
32 </indexterm>
33
34 <sect2 role="package">
35 <title>Introduction to Firefox</title>
36
37 <para>
38 <application>Firefox</application> is a stand-alone browser based on the
39 <application>Mozilla</application> codebase.
40 </para>
41
42 &lfs10_checked;
43
44 <bridgehead renderas="sect3">Package Information</bridgehead>
45 <itemizedlist spacing="compact">
46 <listitem>
47 <para>
48 Download (HTTP): <ulink url="&firefox-download-http;"/>
49 </para>
50 </listitem>
51 <listitem>
52 <para>
53 Download (FTP): <ulink url="&firefox-download-ftp;"/>
54 </para>
55 </listitem>
56 <listitem>
57 <para>
58 Download MD5 sum: &firefox-md5sum;
59 </para>
60 </listitem>
61 <listitem>
62 <para>
63 Download size: &firefox-size;
64 </para>
65 </listitem>
66 <listitem>
67 <para>
68 Estimated disk space required: &firefox-buildsize;
69 </para>
70 </listitem>
71 <listitem>
72 <para>
73 Estimated build time: &firefox-time;
74 </para>
75 </listitem>
76 </itemizedlist>
77
78 <note>
79 <para>
80 The directory name is firefox-&firefox-version;
81 </para>
82
83 <para>
84 Extracting the tarball
85 will reset the permissions of the current directory to 0755 if you
86 have permission to do that. If you do this in a directory where
87 the sticky bit is set, such
88 as <filename class="directory">/tmp</filename> it will end with error
89 messages:
90 </para>
91
92<literallayout>tar: .: Cannot utime: Operation not permitted
93tar: .: Cannot change mode to rwxr-xr-t: Operation not permitted
94tar: Exiting with failure status due to previous errors
95</literallayout>
96
97 <para>
98 This does finish with non-zero status, but it does
99 <emphasis>NOT</emphasis> mean there is a real problem.
100 Do not untar as the <systemitem class="username">root</systemitem> user
101 in a directory where the sticky bit is set - that will unset it.
102 </para>
103
104 <para>
105 As with other large packages which use C++ (or rust), the SBU times
106 to build this vary more widely than you might expect. The build times
107 will increase significantly if your machine has to swap.
108 </para>
109
110 <!-- commented, by 78.0 it seems to work reliably
111 <para>
112 The mach build system (Python scripts) can be somewhat unreliable: if
113 the build fails and reports an Error, it can still return a status of
114 success, causing a scripted build to try to install (which does not rerun
115 the build), fail during the preparations for installing, but still exit
116 with a status of success. Also, on occasion it may limit itself to only
117 running one set of jobs - that will make the build take about 3 times as
118 long as running with four sets of jobs.
119 </para>-->
120
121 <para>
122 Although upstream prefer to use <application>PulseAudio</application>,
123 for the moment <application>Alsa</application> can still be used. Both
124 may need runtime configuration to get sound working.
125 </para>
126 </note>
127
128 <bridgehead renderas="sect3">Firefox Dependencies</bridgehead>
129
130 <bridgehead renderas="sect4">Required</bridgehead>
131 <para role="required">
132 <xref linkend="autoconf213"/>,
133 <xref linkend="cbindgen"/>,
134 <xref linkend="dbus-glib"/>,
135 both <xref linkend="gtk3"/> and
136 <xref linkend="gtk2"/>,
137 <xref linkend="libnotify"/>,
138 <xref linkend="llvm"/> (clang, used for bindgen even if using gcc),
139 <xref linkend="nodejs"/>,
140 <xref linkend="nss"/>,
141 <xref linkend="pulseaudio"/>
142 (or
143 <xref linkend="alsa-lib"/> if you edit the mozconfig;
144 now deprecated by mozilla), in either case please read the
145 Configuration Information,
146 <!-- rustc is required by cbindgen so not needed here
147 <xref linkend="rust"/>,-->
148 <xref linkend="python3"/> (rebuilt after installing <xref linkend="sqlite"/>),
149 <xref linkend="startup-notification"/>,
150 <xref linkend="unzip"/>,
151 <xref linkend="yasm"/>, and
152 <xref linkend="zip"/>
153 </para>
154
155 <bridgehead renderas="sect4">Recommended</bridgehead>
156 <para role="recommended">
157 <xref linkend="icu"/>,
158 <xref linkend="libevent"/>,
159 <xref linkend="libwebp"/>,
160 <xref linkend="nasm"/>
161 </para>
162
163 <note>
164 <para>
165 If you don't install recommended dependencies, then internal copies of
166 those packages will be used. They might be tested to work, but they can
167 be out of date or contain security holes.
168 </para>
169 </note>
170
171 <bridgehead renderas="sect4">Optional</bridgehead>
172 <para role="optional">
173 <xref linkend="curl"/>,
174 <xref linkend="doxygen"/>,
175 <xref role="runtime" linkend="ffmpeg"/> (runtime, to play mov, mp3 or mp4 files),
176 <!-- <phrase revision="sysv"><ulink url="http://sourceforge.net/projects/liboauth/files/">liboauth</ulink></phrase> -->
177 <xref linkend="liboauth"/>,
178 <xref linkend="openjdk"/>,
179 <xref linkend="valgrind"/>,
180 <xref linkend="wget"/>,
181 <xref linkend="wireless_tools"/>,
182 <ulink url="https://github.com/libproxy/libproxy">libproxy</ulink>
183 </para>
184
185 <para condition="html" role="usernotes">
186 User Notes: <ulink url="&blfs-wiki;/firefox"/>
187 </para>
188 </sect2>
189
190 <sect2 role="installation">
191 <title>Installation of Firefox</title>
192
193 <para>
194 The configuration of <application>Firefox</application> is accomplished
195 by creating a <filename>mozconfig</filename> file containing the desired
196 configuration options. A default <filename>mozconfig</filename> is
197 created below. To see the entire list of available configuration options
198 (and an abbreviated description of some of them), issue <command>./mach
199 configure &amp;&amp; ./configure --help | less</command>. You may also
200 wish to review the entire file and uncomment any other desired options.
201 Create the file by issuing the following command:
202 </para>
203
204<screen><userinput>cat &gt; mozconfig &lt;&lt; "EOF"
205<literal># If you have a multicore machine, all cores will be used by default.
206
207# If you have installed (or will install) wireless-tools, and you wish
208# to use geolocation web services, comment out this line
209ac_add_options --disable-necko-wifi
210
211# API Keys for geolocation APIs - necko-wifi (above) is required for MLS
212# Uncomment the following line if you wish to use Mozilla Location Service
213#ac_add_options --with-mozilla-api-keyfile=$PWD/mozilla-key
214
215# Uncomment the following line if you wish to use Google's geolocaton API
216# (needed for use with saved maps with Google Maps)
217#ac_add_options --with-google-location-service-api-keyfile=$PWD/google-key
218
219# startup-notification is required since firefox-78
220
221# Uncomment the following option if you have not installed PulseAudio
222#ac_add_options --disable-pulseaudio
223# or uncomment this if you installed alsa-lib instead of PulseAudio
224#ac_add_options --enable-alsa
225
226# Comment out following options if you have not installed
227# recommended dependencies:
228ac_add_options --with-system-libevent
229ac_add_options --with-system-webp
230ac_add_options --with-system-nspr
231ac_add_options --with-system-nss
232ac_add_options --with-system-icu
233
234# Do not specify the gold linker which is not the default. It will take
235# longer and use more disk space when debug symbols are disabled.
236
237# libdavid (av1 decoder) requires nasm. Uncomment this if nasm
238# has not been installed.
239#ac_add_options --disable-av1
240
241# You cannot distribute the binary if you do this
242ac_add_options --enable-official-branding
243
244# Stripping is now enabled by default.
245# Uncomment these lines if you need to run a debugger:
246#ac_add_options --disable-strip
247#ac_add_options --disable-install-strip
248
249# Disabling debug symbols makes the build much smaller and a little
250# faster. Comment this if you need to run a debugger. Note: This is
251# required for compilation on i686.
252ac_add_options --disable-debug-symbols
253
254# The elf-hack is reported to cause failed installs (after successful builds)
255# on some machines. It is supposed to improve startup time and it shrinks
256# libxul.so by a few MB - comment this if you know your machine is not affected.
257ac_add_options --disable-elf-hack
258
259# The BLFS editors recommend not changing anything below this line:
260ac_add_options --prefix=/usr
261ac_add_options --enable-application=browser
262ac_add_options --disable-crashreporter
263ac_add_options --disable-updater
264# enabling the tests will use a lot more space and significantly
265# increase the build time, for no obvious benefit.
266ac_add_options --disable-tests
267
268# The default level of optimization again produces a working build with gcc.
269ac_add_options --enable-optimize
270
271ac_add_options --enable-system-ffi
272ac_add_options --enable-system-pixman
273
274# --with-system-bz2 was removed in firefox-78
275ac_add_options --with-system-jpeg
276ac_add_options --with-system-png
277ac_add_options --with-system-zlib
278
279# The following option unsets Telemetry Reporting. With the Addons Fiasco,
280# Mozilla was found to be collecting user's data, including saved passwords and
281# web form data, without users consent. Mozilla was also found shipping updates
282# to systems without the user's knowledge or permission.
283# As a result of this, use the following command to permanently disable
284# telemetry reporting in Firefox.
285unset MOZ_TELEMETRY_REPORTING
286
287mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/firefox-build-dir</literal>
288EOF</userinput></screen>
289
290 <para>
291 Compile <application>Firefox</application> by issuing the following
292 commands:
293 </para>
294
295 <para>
296 In the esr version of firefox-78, the code to ensure that add-ons
297 are signed by the trused root has been disabled, presumably for
298 organizations which require their own add-ons. To enable it as an
299 added security measure issue the following command:
300 </para>
301
302<screen><userinput>sed -i -e 's/Disable/Enable/' \
303 -e '/^MOZ_REQUIRE_SIGNING/s/0/1/' \
304 build/mozconfig.common</userinput></screen>
305
306 <para>
307 If the geolocation APIs are needed:
308 </para>
309
310 <note>
311 <para>
312 <!-- Taken from Arch Linux - an immensely helpful link - Thanks -->
313 The Google and Mozilla API Keys below are specific to LFS. If using
314 these instructions for another distro, or if you intend to distribute
315 binary copies of the software using these instructions, please obtain
316 your own keys following the instructions located at
317 <ulink url="http://www.chromium.org/developers/how-tos/api-keys"/> and
318 <ulink url="https://location.services.mozilla.com/api"/> respectively.
319 <!-- BLFS Devs, register an account at Google with your
320 @linuxfromscratch.org email address, and I'll make you an administrator
321 for the 'Google APIs for LFS' project (where the API and OAuth keys
322 were created for use in the book).-->
323 </para>
324 </note>
325
326<screen><userinput>echo "AIzaSyDxKL42zsPjbke5O8_rPVpVrLrJ8aeE9rQ" > google-key
327echo "613364a7-9418-4c86-bcee-57e32fd70c23" > mozilla-key</userinput></screen>
328
329 <note>
330
331 <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
332 href="../../xincludes/mozshm.xml"/>
333
334 <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
335 href="../../xincludes/mozmach.xml"/>
336
337 </note>
338 <!--
339 <para>
340 If you are building on i686, apply a fix to prevent Internal Compiler
341 Errors in GCC-7+:
342 </para>
343
344<screen><userinput remap="pre">case $(uname -m) in
345 i?86) sed -i "562 s/mips64/i386/" gfx/skia/skia/third_party/skcms/src/Transform_inl.h ;;
346esac</userinput></screen>
347 -->
348
349 <para>
350 Now invoke the Python script to compile the package.
351 </para>
352
353<screen><userinput>export CC=gcc CXX=g++ &amp;&amp;
354export MOZBUILD_STATE_PATH=${PWD}/mozbuild &amp;&amp;
355./mach build</userinput></screen>
356
357 <para>
358 The <filename>mozconfig</filename> above disables the tests because
359 they use a lot more time and disk space for no obvious benefit. If
360 you have nevertheless enabled them, you can run the tests by executing
361 <command>./mach gtest</command>. This will require a network connection,
362 and to be run from within an Xorg session - there is a popup dialog
363 when it fails to connect to ALSA (that does not create a failed test).
364 One or two tests will fail. To see the details of the failure(s) you
365 will need to log the output from that command so that you can review it.
366 </para>
367
368 <para>
369 Now, as the <systemitem class="username">root</systemitem> user:
370 </para>
371
372<screen role="root"><userinput>./mach install &amp;&amp;
373
374mkdir -pv /usr/lib/mozilla/plugins &amp;&amp;
375ln -sfv ../../mozilla/plugins /usr/lib/firefox/browser/</userinput></screen>
376
377 <para>
378 Set environment variables back to their values:
379 </para>
380
381<screen><userinput>unset CC CXX MOZBUILD_STATE_PATH</userinput></screen>
382
383 </sect2>
384
385 <sect2 role="commands">
386 <title>Command Explanations</title>
387
388<!--<xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
389 href="../../xincludes/SIOCGSTAMP.xml"/>-->
390
391 <para>
392 <command>export CC=gcc CXX=g++ ...</command>: Upstream now prefer
393 <application>clang</application> so that they can use one compiler
394 everywhere. On the X86 architectures <application>clang</application>
395 now appears to support most of the same security-hardening options as
396 <application>GCC</application> but the newer
397 <literal>-fstack-clash-protection</literal> is still not supported.
398 With the current versions and the default flags,
399 <application>GCC</application> creates a marginally bigger build but
400 takes typically 2 SBU less time on a 4-core machine using the mozconfig
401 above.
402 </para>
403
404 <para>
405 <command>export MOZBUILD_STATE_PATH=${PWD}/mozbuild</command>: The build
406 is now supposed to tell you that it intends to create <filename
407 class="directory">~/.mozbuild</filename>, and offer you an option to
408 press &lt;ENTER&gt; to accept this, or Ctrl-C to cancel and restart the
409 build after specifying the directory. In practice, the message may not
410 appear until after &lt;ENTER&gt; is keyed, i.e. the build stalls.
411 </para>
412
413 <para>
414 That directory is used for a (probably random) telemetry identifier.
415 Creating this in the build directory, and deleting that after the
416 installation, prevents it being used. If you wish to participate in
417 telemetry, export MOZBUILD_STATE_PATH to point to its default directory.
418 </para>
419
420 <para>
421 <command>./mach build</command>: <application>Firefox</application>
422 now uses this <application>python</application> script to run the
423 build and install.
424 </para>
425
426 <para>
427 <option>./mach build --verbose</option>: Use this alternative if you
428 need details of which files are being compiled, together with any C or
429 C++ flags being used. But do not add '--verbose' to the install command,
430 it is not accepted there.
431 </para>
432
433 <para>
434 <option>./mach build -jN</option>: The build should, by default, use
435 all the online CPU cores. If using all the cores causes the build to swap
436 because you have insufficient memory, using fewer cores can be faster.
437 </para>
438
439 <para>
440 <command>mkdir -pv /usr/lib/mozilla/plugins</command>: This ensures
441 that <filename class="directory">/usr/lib/mozilla/plugins/</filename>
442 exists.
443 </para>
444
445 <para>
446 <command>ln -sv ... /usr/lib/firefox/browser</command>:
447 This command creates a symbolic link to <filename
448 class="directory">/usr/lib/mozilla/plugins</filename>. It's not really
449 needed, as <application>Firefox</application> checks <filename
450 class="directory">/usr/lib/mozilla/plugins</filename> by default, but the
451 symbolic link is made to keep all the plugins installed in one folder.
452 </para>
453
454 </sect2>
455
456 <sect2 role="configuration">
457 <title>Configuring Firefox</title>
458
459 <para>
460 If you use a desktop environment like <application>Gnome</application> or
461 <application>KDE</application> you may like to create a
462 <filename>firefox.desktop</filename> file so that
463 <application>Firefox</application> appears in the panel's menus. <!--If you
464 didn't enable startup-notification in your mozconfig change the
465 StartupNotify line to false.--> As the
466 <systemitem class="username">root</systemitem> user:
467 </para>
468
469<screen role="root"><userinput>mkdir -pv /usr/share/applications &amp;&amp;
470mkdir -pv /usr/share/pixmaps &amp;&amp;
471
472cat &gt; /usr/share/applications/firefox.desktop &lt;&lt; "EOF" &amp;&amp;
473<literal>[Desktop Entry]
474Encoding=UTF-8
475Name=Firefox Web Browser
476Comment=Browse the World Wide Web
477GenericName=Web Browser
478Exec=firefox %u
479Terminal=false
480Type=Application
481Icon=firefox
482Categories=GNOME;GTK;Network;WebBrowser;
483MimeType=text/html;text/xml;application/xhtml+xml;application/vnd.mozilla.xul+xml;text/mml;x-scheme-handler/http;x-scheme-handler/https;
484StartupNotify=true</literal>
485EOF
486
487ln -sfv /usr/lib/firefox/browser/chrome/icons/default/default128.png \
488 /usr/share/pixmaps/firefox.png</userinput></screen>
489
490 <sect3><title>Configuration Information</title>
491
492 <para>
493 The application settings for firefox are accessible by keying
494 <command>about:config</command> in the address bar.
495 </para>
496
497 <para>
498 Occasionally, getting working sound in
499 <application>firefox</application> can be a problem. Although upstream
500 prefers pulseaudio,
501 on balance using <application>Alsa</application> may be easier.
502 </para>
503
504 <para>
505 If you enabled <application>Alsa</application> for sound, you may need
506 to alter one variable to get working sound. If you run
507 <command>firefox</command> from a term and try to play something with
508 sound you might encounter error messages like:
509 </para>
510
511 <para>
512 <literal>Sandbox: seccomp sandbox violation: pid 3941, tid 4030,
513 syscall 16, args 48 2147767296 139909894784796 0 0 0.</literal>
514 </para>
515
516 <para>
517 That was on x86_64, on i686 the syscall number is 54. To allow this
518 syscall, in <command>about:config</command> change
519 <command>security.sandbox.content.syscall_whitelist</command> to 16
520 (or 54 if using i686).
521 </para>
522
523 <para>
524 If you use <command>pulseaudio</command> in a Desktop Environment, it
525 might already be started by that DE. But if it is not, although
526 firefox-57 managed to start it, firefox-58 did not. If you run
527 <command>firefox</command> from a term and this problem is present,
528 trying to play sound will
529 encounter error messages warning <literal>Can't get cubeb
530 context!</literal>
531 </para>
532
533 <para>
534 The fix for this is to close firefox, start pulseaudio to check it
535 does start (if not, read the information on Configuring in <xref
536 linkend="pulseaudio"/>) and restart firefox to check it is working.
537 If it now works, add the following to your <filename>~/.xinitrc</filename>:
538<phrase revision="sysv">
539<literal>pulseaudio --verbose --log-target=syslog&amp;</literal></phrase>
540<phrase revision="systemd">
541<literal>pulseaudio --verbose --log-target=journald&amp;</literal></phrase>
542 (unfortunately, on some systems this does not work).
543 </para>
544
545 <para>
546 You may wish to use multiple profiles within firefox. To do that, invoke
547 firefox as <command>firefox --ProfileManager</command>. You can also
548 check which profile is currently in use from
549 <command>about:profiles</command>.
550 </para>
551
552 <para>
553 Although WebRender (using the GPU for compositing) is not used by
554 default, it now appears to work well on supported hardware (ATI, Nvidia
555 and Intel GPUs with Mesa-18 or later. For an explanation, please see
556 <ulink
557 url="https://hacks.mozilla.org/2017/10/the-whole-web-at-maximum-fps-how-webrender-gets-rid-of-jank/">hacks.mozilla.org</ulink>.
558 The only downside seems to be that on a machine with limited RAM it might
559 use more RAM.
560 </para>
561
562 <para>
563 To check if WebRender is being used, look in about:support. In the Graphics
564 section Compositing will either show 'Basic' (i.e. not in use) or
565 'WebRender'. To enable it, go to about:config and change gfx.webrender.all
566 to True. You will need to restart firefox.
567 </para>
568
569 <para>
570 It may be useful to mention the processes from firefox which can appear in
571 <command>top</command> - as well as firefox itself, there may be multiple
572 Web Content processes, and now an RDD Process (Remote Data Decoder) which
573 appears when playing web videos encoded with av1 (libdav1d). If WebRender
574 has been enabled, a GPU Process will also appear when firefox has to
575 repaint (e.g. scrolling, opening a new tab, or playing a video).
576 </para>
577
578 </sect3>
579 </sect2>
580
581 <sect2 role="content">
582 <title>Contents</title>
583
584 <segmentedlist>
585 <segtitle>Installed Programs</segtitle>
586 <segtitle>Installed Libraries</segtitle>
587 <segtitle>Installed Directory</segtitle>
588
589 <seglistitem>
590 <seg>
591 firefox
592 </seg>
593 <seg>
594 Numerous libraries, browser components, plugins, extensions, and
595 helper modules installed in /usr/lib/firefox
596 </seg>
597 <seg>
598 /usr/lib/firefox and /usr/lib/mozilla
599 </seg>
600 </seglistitem>
601 </segmentedlist>
602
603 <variablelist>
604 <bridgehead renderas="sect3">Short Descriptions</bridgehead>
605 <?dbfo list-presentation="list"?>
606 <?dbhtml list-presentation="table"?>
607
608 <varlistentry id="firefox-prog">
609 <term><command>firefox</command></term>
610 <listitem>
611 <para>
612 is a <application>GTK+-3</application> internet browser that uses
613 the Mozilla Gecko rendering engine.
614 </para>
615 <indexterm zone="firefox firefox-prog">
616 <primary sortas="b-firefox">firefox</primary>
617 </indexterm>
618 </listitem>
619 </varlistentry>
620
621 </variablelist>
622
623 </sect2>
624
625</sect1>
Note: See TracBrowser for help on using the repository browser.