Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 603654 - Add USE=firejail to `net-im/skype` to run under `firejail`
Summary: Add USE=firejail to `net-im/skype` to run under `firejail`
Status: RESOLVED WONTFIX
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal with 1 vote (vote)
Assignee: Raymond Jennings
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2016-12-24 20:04 UTC by Alex Turbov
Modified: 2017-06-04 23:09 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
patch to add USE=firejail (skype-4.3.0.37-firejail.patch,1.06 KB, patch)
2016-12-24 20:05 UTC, Alex Turbov 		Details | Diff
a wrapper script to replace binary (skype-firejail,95 bytes, application/x-shellscript)
2016-12-24 20:08 UTC, Alex Turbov 		Details
patch to add USE=firejail (skype-4.3.0.37-use-firejail.patch,1.64 KB, patch)
2016-12-29 09:40 UTC, Alex Turbov 		Details | Diff
patch for desktop file to force running in a jail (skype-4.3.0.37-desktop-firejail.patch,247 bytes, patch)
2016-12-29 09:41 UTC, Alex Turbov 		Details | Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Alex Turbov 2016-12-24 20:04:46 UTC 
I'm not a paranoid... but prefer to run closed spyware^W software in a jail.
Yeah, it is easy to start it like `firejail skype`, but after r KDE (for example) going to restore it without jail...

My solution is to replace `skype` binary with a wrapper script, so execution will always will be in a jail.

I'm going to attach a patch to run skype under `firejail`.


Reproducible: Always
Comment 1 Alex Turbov 2016-12-24 20:05:36 UTC 
Created attachment 457334 [details, diff]
patch to add USE=firejail
Comment 2 Alex Turbov 2016-12-24 20:08:26 UTC 
Created attachment 457338 [details]
a wrapper script to replace binary
Comment 3 Amadeusz Żołnowski (RETIRED) gentoo-dev 2016-12-27 21:54:21 UTC 
Wrapper script looks good to me, reassigning to actual Skype maintainer to decide and apply patch.
Comment 4 Alex Turbov 2016-12-29 09:40:45 UTC 
Created attachment 457788 [details, diff]
patch to add USE=firejail

Also added a desktop file patch at src_prepare step...
Comment 5 Alex Turbov 2016-12-29 09:41:19 UTC 
Created attachment 457790 [details, diff]
patch for desktop file to force running in a jail
Comment 6 Raymond Jennings 2017-01-02 04:56:44 UTC 
Idea has merit.  I'm going to merge this and turn in a PR as soon as I've tested it.

Holiday stuff IRL has kept me super busy.
Comment 7 Raymond Jennings 2017-06-04 20:14:56 UTC 
Upstream is EOLing this version of skype next month.

Furthermore, it has a hard dependency on the soon to be removed qt4.

There will be no further enhancements to skype classic.
Comment 8 Sergey 'L29Ah' Alirzaev 2017-06-04 22:49:48 UTC 
Can you elaborate on "Upstream is EOLing this version of skype next month."? I clearly see the linux version at https://www.skype.com/en/download-skype/skype-for-linux/
Comment 9 Raymond Jennings 2017-06-04 23:09:58 UTC 
Yeah, let's just say microsoft is being...creative.

The new "skypeforlinux" intended as an upgrade for this version of skype is so different architecturally its practically a completely separate application.

The differences necessitated a split of skype into a separate package called "skypeforlinux", to which firejail is not compatible.

The current version of skype is the classic version and has nothing to do with the skypeforlinux package, and I've just been informed that microsoft is officially deprecating the classic version, and it will be end-of-life'ed in july.