Bug 1896902

Summary:	Can't print from evolution
Product:	[Fedora] Fedora	Reporter:	dan
Component:	webkit2gtk3	Assignee:	Michael Catanzaro <mcatanza>
Status:	CLOSED UPSTREAM	QA Contact:	Fedora Extras Quality Assurance <extras-qa>
Severity:	high	Docs Contact:
Priority:	unspecified
Version:	34	CC:	afinkelsrc, ariscop, a_schapira, bbigby64, bojan, caillon+fedoraproject, dan, erack, gdt, gnome-sig, greg.sheppard, jyrki.tikka, lucilanga, marek78uk, mcatanza, mcrha, michel, pstadt, red, rhughes, rstrode, sandmann, scampa.giovanni, sevmek, tpopela
Target Milestone:	---	Keywords:	Reopened
Target Release:	---
Hardware:	x86_64
OS:	Linux
Whiteboard:
Fixed In Version:		Doc Type:	If docs needed, set a value
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2020-11-12 13:45:44 UTC	Type:	Bug
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:

Description dan 2020-11-11 19:42:51 UTC

Description of problem:

Printers are not found from Evolution when trying to print a message.

The printer replied “Printer not found”.

This error occurs on all installed printers.  The same printers work via other applications such as Mozilla.  I can also print a test page from the settings just fine.

This function worked prior to an upgrade to FC33.

Nothing in the logs, no selinux AVC messages.

Comment 1 Milan Crha 2020-11-12 08:14:28 UTC

Thanks for a bug report. This is a WebKitGTK bug:
https://bugs.webkit.org/show_bug.cgi?id=202363

Run evolution from a terminal as:

   $ WEBKIT_FORCE_SANDBOX=0 evolution

and it should work.

Comment 2 dan 2020-11-12 13:00:10 UTC

Provided solution did not work:

$ WEBKIT_FORCE_SANDBOX=0 evolution

(evolution:77080): GLib-GIO-WARNING **: 07:56:43.380: Your application did not unregister from D-Bus before destruction. Consider using g_application_run().

Does the above change your assessment?

Comment 3 Milan Crha 2020-11-12 13:45:44 UTC

That runtime warning is irrelevant. I guess you had running a different instance of Evolution, thus you've been switched to it, instead having opened new instance. Make sure:

   $ ps ax | grep evolution

will not show any 'evolution' process (there are processes like evolution-source-registry, evolution-alarm-notify,..., which are fine. Just check whether the whole word 'evolution' is not present).

By the way, no need to reopen, just ask and I'll reply.

Comment 4 Milan Crha 2020-11-19 08:30:24 UTC

*** Bug 1899351 has been marked as a duplicate of this bug. ***

Comment 5 Yannick Defais 2020-11-25 18:56:07 UTC

Hi,

Please fix the status of this bug : it is not closed upstream !

Regards

Comment 6 Michael Catanzaro 2020-11-25 19:01:29 UTC

CLOSED UPSTREAM means it is an upstream bug, not that the bug is fixed upstream.

This is still on my TODO.

Comment 7 Yannick Defais 2020-11-25 19:06:27 UTC

Oops, I'm sorry. Best regards.

Comment 8 Milan Crha 2020-12-01 11:49:30 UTC

*** Bug 1903111 has been marked as a duplicate of this bug. ***

Comment 9 Milan Crha 2021-01-04 13:40:21 UTC

*** Bug 1907148 has been marked as a duplicate of this bug. ***

Comment 10 Glen Turner 2021-01-15 22:35:14 UTC

For the workaround to be present when Evolution is started from the GUI, consider this command for the affected user:

sed 's/Exec=/Exec=WEBKIT_FORCE_SANDBOX=0 /' /usr/share/applications/org.gnome.Evolution.desktop > ~/.local/share/applications/evolution.desktop

Comment 11 Milan Crha 2021-03-29 06:53:38 UTC

*** Bug 1943620 has been marked as a duplicate of this bug. ***

Comment 12 Milan Crha 2021-04-21 06:57:03 UTC

*** Bug 1951833 has been marked as a duplicate of this bug. ***

Comment 13 Michel Lind 2021-04-21 18:07:35 UTC

Can we consider patching Evolution to not enable the sandbox? Thanks

Comment 14 Michel Lind 2021-04-21 18:16:50 UTC

(In reply to Glen Turner from comment #10)
> For the workaround to be present when Evolution is started from the GUI,
> consider this command for the affected user:
> 
> sed 's/Exec=/Exec=WEBKIT_FORCE_SANDBOX=0 /'
> /usr/share/applications/org.gnome.Evolution.desktop >
> ~/.local/share/applications/evolution.desktop

that should be

  sed 's/Exec=/Exec=env WEBKIT_FORCE_SANDBOX=0 /'

I find that editing the launcher with the initial invocation yields a desktop file that GNOME refuses to use

Comment 15 Milan Crha 2021-04-22 07:17:50 UTC

You can add the export into your .bashrc or /etc/environment .

I hesitate to disable the sandbox, even I did think of it too, because it has security implications, which the WebKit folks are sensitive for. It might not be that big deal for the Evolution itself, because it doesn't let the WebKit download anything from the http:// | https://, neither remote JavaScript is enabled, but not every CVE is related to the download of the remote content.

Comment 16 Michael Catanzaro 2021-04-22 15:55:44 UTC

Disabling JS reduces the attack surface dramatically, but every email is remote content. The whole point of a mail client is to allow random people to send you untrusted content to parse and render.

Fixing printing is still on my TODO, sorry. :/

Comment 17 Milan Crha 2021-04-30 10:40:36 UTC

*** Bug 1955532 has been marked as a duplicate of this bug. ***

Comment 18 Milan Crha 2021-05-21 05:49:22 UTC

*** Bug 1963003 has been marked as a duplicate of this bug. ***

Comment 19 Milan Crha 2021-05-31 17:47:57 UTC

*** Bug 1966244 has been marked as a duplicate of this bug. ***

Comment 20 Milan Crha 2021-05-31 17:50:28 UTC

There are too many downstream and upstream users repeating the print does work that I decided to disable sandboxing for the time being. As it's done through the same environment variable, the users can override it the same way they do it to enable printing. The change is included in the upcoming 3.40.2 release of the Evolution.

Comment 21 Milan Crha 2021-06-10 06:48:39 UTC

*** Bug 1969665 has been marked as a duplicate of this bug. ***