From 26d70b1bd4f09c9ac27052d3603409991bf53efe Mon Sep 17 00:00:00 2001
From: "J. Ryan Stinnett" <jryans@gmail.com>
Date: Fri, 16 Aug 2019 13:34:12 +0100
Subject: [PATCH 1/5] Set SUID bit on chrome-sandbox for Debian

This tweaks Linux packages for Riot to SUID `chrome-sandbox` after install. This
is required as of Electron 5 for certain distros, such as Debian.

This change has also been provided to `electron-builder` upstream, so ideally
they'll include it in the future and this becomes redundant.

Fixes https://github.com/vector-im/riot-web/issues/10509
---
 electron_app/build/linux/after-install.tpl | 12 ++++++++++++
 package.json                               |  3 +++
 2 files changed, 15 insertions(+)
 create mode 100644 electron_app/build/linux/after-install.tpl

diff --git a/electron_app/build/linux/after-install.tpl b/electron_app/build/linux/after-install.tpl
new file mode 100644
index 00000000..13f14ef1
--- /dev/null
+++ b/electron_app/build/linux/after-install.tpl
@@ -0,0 +1,12 @@
+#!/bin/bash
+
+# Link to the binary
+ln -sf '/opt/${productFilename}/${executable}' '/usr/bin/${executable}'
+
+# SUID chrome-sandbox for Electron 5+
+# Remove this custom after-install.tpl once this change has been upstreamed
+# https://github.com/electron-userland/electron-builder/pull/4163
+chmod 4755 '/opt/${productFilename}/chrome-sandbox' || true
+
+update-mime-database /usr/share/mime || true
+update-desktop-database /usr/share/applications || true
diff --git a/package.json b/package.json
index 8ea68b02..99d1ac03 100644
--- a/package.json
+++ b/package.json
@@ -175,6 +175,9 @@
         "StartupWMClass": "riot"
       }
     },
+    "deb": {
+      "afterInstall": "electron_app/build/linux/after-install.tpl"
+    },
     "mac": {
       "category": "public.app-category.social-networking"
     },

From aa67a3ba2aa5e8ba402816892ea7bd813422977e Mon Sep 17 00:00:00 2001
From: "J. Ryan Stinnett" <jryans@gmail.com>
Date: Fri, 16 Aug 2019 14:30:47 +0100
Subject: [PATCH 2/5] Tweak comment about upstream

---
 electron_app/build/linux/after-install.tpl | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/electron_app/build/linux/after-install.tpl b/electron_app/build/linux/after-install.tpl
index 13f14ef1..6ee772d2 100644
--- a/electron_app/build/linux/after-install.tpl
+++ b/electron_app/build/linux/after-install.tpl
@@ -4,7 +4,9 @@
 ln -sf '/opt/${productFilename}/${executable}' '/usr/bin/${executable}'
 
 # SUID chrome-sandbox for Electron 5+
-# Remove this custom after-install.tpl once this change has been upstreamed
+# Remove this entire file (after-install.tpl) and remove the reference in
+# package.json once this change has been upstreamed so we go back to the copy
+# from upstream.
 # https://github.com/electron-userland/electron-builder/pull/4163
 chmod 4755 '/opt/${productFilename}/chrome-sandbox' || true
 

From 8a58ba237416cba9332aea70e318a169043ff36d Mon Sep 17 00:00:00 2001
From: RiotRobot <releases@riot.im>
Date: Fri, 16 Aug 2019 15:23:11 +0100
Subject: [PATCH 3/5] v1.3.3

---
 electron_app/package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/electron_app/package.json b/electron_app/package.json
index c4fe2954..2e960245 100644
--- a/electron_app/package.json
+++ b/electron_app/package.json
@@ -2,7 +2,7 @@
   "name": "riot-web",
   "productName": "Riot",
   "main": "src/electron-main.js",
-  "version": "1.3.2",
+  "version": "1.3.3",
   "description": "A feature-rich client for Matrix.org",
   "author": "New Vector Ltd.",
   "dependencies": {

From 7a998e7ed722731d07a9bb752746acb6255930cd Mon Sep 17 00:00:00 2001
From: RiotRobot <releases@riot.im>
Date: Fri, 16 Aug 2019 15:26:02 +0100
Subject: [PATCH 4/5] Prepare changelog for v1.3.3

---
 CHANGELOG.md | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 36ab269c..4494b11b 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,10 @@
+Changes in [1.3.3](https://github.com/vector-im/riot-web/releases/tag/v1.3.3) (2019-08-16)
+==========================================================================================
+[Full Changelog](https://github.com/vector-im/riot-web/compare/v1.3.2...v1.3.3)
+
+ * Linux-only release to fix sandboxing with Electron 5 on Debian
+   [\#10580](https://github.com/vector-im/riot-web/pull/10580)
+
 Changes in [1.3.2](https://github.com/vector-im/riot-web/releases/tag/v1.3.2) (2019-08-05)
 ==========================================================================================
 [Full Changelog](https://github.com/vector-im/riot-web/compare/v1.3.1...v1.3.2)

From 4299cdfeacea649c67be85b8c50ccaeb9e414ba0 Mon Sep 17 00:00:00 2001
From: RiotRobot <releases@riot.im>
Date: Fri, 16 Aug 2019 15:26:03 +0100
Subject: [PATCH 5/5] v1.3.3

---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index 99d1ac03..86a216f3 100644
--- a/package.json
+++ b/package.json
@@ -2,7 +2,7 @@
   "name": "riot-web",
   "productName": "Riot",
   "main": "electron_app/src/electron-main.js",
-  "version": "1.3.2",
+  "version": "1.3.3",
   "description": "A feature-rich client for Matrix.org",
   "author": "New Vector Ltd.",
   "repository": {