From 7e6d6e034db419c0da2743f1aca90e1d50f97135 Mon Sep 17 00:00:00 2001
From: aszlig <aszlig@redmoonstudios.org>
Date: Thu, 2 Jul 2015 10:41:51 +0200
Subject: [PATCH] chromium: Disable setuid sandbox without errors.

Just silencing the error will not prevent Chromium from trying to start
up the SUID sandbox anyway, thus flooding stderr with:

LaunchProcess: failed to execvp:

After digging a bit in the source code I found out that the SUID sandbox
binary is indeed used, but only for setting oom_score_adj within the
user namespace (as "root"). So let's build the sandbox binary and of
course don't set setuid bit.

These annoying error messages were originally introduced by 0aad4b7 and
I'm deeply sorry for annoying you guys out there with them.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
---
 pkgs/applications/networking/browsers/chromium/browser.nix     | 3 ++-
 .../networking/browsers/chromium/source/default.nix            | 2 --
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/pkgs/applications/networking/browsers/chromium/browser.nix b/pkgs/applications/networking/browsers/chromium/browser.nix
index a0bdc70f9f56..626a2b8a81a3 100644
--- a/pkgs/applications/networking/browsers/chromium/browser.nix
+++ b/pkgs/applications/networking/browsers/chromium/browser.nix
@@ -5,7 +5,7 @@ with stdenv.lib;
 mkChromiumDerivation (base: rec {
   name = "chromium-browser";
   packageName = "chromium";
-  buildTargets = [ "mksnapshot" "chrome" ];
+  buildTargets = [ "mksnapshot" "chrome_sandbox" "chrome" ];
 
   installPhase = ''
     mkdir -p "$libExecPath"
@@ -16,6 +16,7 @@ mkChromiumDerivation (base: rec {
       cp -v "$buildPath/libffmpegsumo.so" "$libExecPath/"
     ''}
     cp -v "$buildPath/chrome" "$libExecPath/$packageName"
+    cp -v "$buildPath/chrome_sandbox" "$libExecPath/chrome-sandbox"
 
     mkdir -vp "$out/share/man/man1"
     cp -v "$buildPath/chrome.1" "$out/share/man/man1/$packageName.1"
diff --git a/pkgs/applications/networking/browsers/chromium/source/default.nix b/pkgs/applications/networking/browsers/chromium/source/default.nix
index 68573d0c6af5..bb68e4a0ca8c 100644
--- a/pkgs/applications/networking/browsers/chromium/source/default.nix
+++ b/pkgs/applications/networking/browsers/chromium/source/default.nix
@@ -101,8 +101,6 @@ in stdenv.mkDerivation {
       -e 's|/bin/echo|echo|' \
       -e "/python_arch/s/: *'[^']*'/: '""'/" \
       "$out/build/common.gypi" "$main/chrome/chrome_tests.gypi"
-    sed -i -e '/LOG.*no_suid_error/d' \
-      "$main/content/browser/browser_main_loop.cc"
   '' + optionalString useOpenSSL ''
     cat $opensslPatches | patch -p1 -d "$bundled/openssl/openssl"
   '';