Created attachment 109279 [details] sandbox.log of "sandbox qmlplugindump QtQuick.Window 2.1" The usage of `qmlplugindump` causes sandbox violations, e.g. here on Gentoo when trying to build kwin since @fe9664fd8 [1] It looks like `qmlplugindump` is not quite environment agnostic but instead tries to do all kind of stuff depending on the environment in which it is executed in, which is clearly shown by e.g. running `sandbox qmlplugindump QtQuick.Window 2.1`, (as regular user of a Plasma/Wayland session) causing at least 4 sandbox violations of which at least the one attempting to write to /dev/dri/card0 would be considered severe: trimmed sandbox.log, full log attached: F: chmod P: /run/user/1000 F: mkostemp P: /run/user/1000/wayland-cursor-shared-XXXXXX F: open_wr P: /dev/dri/card0 F: mkostemp P: /run/user/1000/mesa-shared-XXXXXX The sandbox.log of the build process (as root, no graphical session) looks similar: F: open_wr P: /dev/dri/renderD128 C: /usr/lib64/gstreamer-1.0/gst-plugin-scanner -l F: open_wr P: /dev/dri/card0 C: /usr/lib64/gstreamer-1.0/gst-plugin-scanner -l F: open_wr P: /dev/video0 C: /usr/lib64/qt5/bin/qmlplugindump QtMultimedia 5.0 This seems to only happen with QtQuick.Window, so I'm not sure whether that's an issue with the way ECM calls qmlplugindump, qmlplugindump itself or just QtDeclarative's "QtQuick.Window". [1] https://phabricator.kde.org/R108:fe9664fd8
It looks like this is actually an upstream issue: https://bugzilla.gnome.org/show_bug.cgi?id=744135 As documented in Gentoo's bugtracker: https://bugs.gentoo.org/570624
Downstream issue rather, according to https://bugzilla.gnome.org/show_bug.cgi?id=744135#c1