[Flatpak] Browser Sources stopped working after latest update

[VortexAcherontic]

Operating System Info

Other

Other OS

openSUSE Aeon

OBS Studio Version

30.1.0

OBS Studio Version (Other)

No response

OBS Studio Log URL

https://obsproject.com/logs/pCOkzB18wC0mPCoM

OBS Studio Crash Log URL

No response

Expected Behavior

• Browser sources do work

Current Behavior

• Browser sources do not work

Steps to Reproduce

1. Install OBS Studio 30.1.0
2. Add browser source
3. Note they do not work

Anything else we should know?

Browser sources seem empty. Even static HTML sites just keep blank. From a logs perspective they seem to work fine while they don't. But also I noticed browser sources which usually do test if the browser source is active to display panels on stream do not do so either. Like soundalerts for example. With the previous version 30.0.2 everything was working fine with no other changes to my system except regular updates. But since I use the flatpak the system should not be interfering with he OBS Studio install.

After manually rolling back to the previous release using:

flatpak update --commit=e641d66f8f509ff18c1e82bfd6e32e0e0021e56cb01d1471b00f56d82ea8bfa1 com.obsproject.Studio

Browser sources started working again using the same system and app configuration

[RytoEX]

So far, this seems exclusive to OpenSUSE. Works fine on Ubuntu. It would be helpful to know if this is also broken in any of the previous betas, but you would probably have to manually install them from our CI builds.

[VortexAcherontic]

So far, this seems exclusive to OpenSUSE. Works fine on Ubuntu. It would be helpful to know if this is also broken in any of the previous betas, but you would probably have to manually install them from our CI builds.

Just to be sure, you've ran the flatpak OBS Studio as well? Asking because as of now I thought the the main idea of flatpak is to be independent of the host system due to the flatpak runtimes. So that an app should run identically on any distribution.

[VortexAcherontic]

I just noticed another thing. OBS Studio 30.1.0 runs with Flatpak Runtime: runtime/org.kde.Platform/x86_64/6.6 while 30.0.2 runs with Flatpak Runtime: runtime/org.kde.Platform/x86_64/6.5 Maybe there is something different in the runtimes.

Unfortunate I can not test 30.0.2 with runtime 6.6 to see if it would break as well:

flatpak run --runtime=org.kde.Platform//6.6 com.obsproject.Studio
obs: error while loading shared libraries: libpython3.10.so.1.0: cannot open shared object file: No such file or directory

[VortexAcherontic]

I installed the *.dep 30.1.0 provided by the release page inside a Ubuntu distrobox container running on my host system and browser sources are working as expected. Maybe something is just broken with the flatpak?

For further details here is the OBS Log from the distroboxed OBS Studio running Ubuntu 22.04: https://obsproject.com/logs/fyq4B9OeG5C75BDb

[RytoEX]

So far, this seems exclusive to OpenSUSE. Works fine on Ubuntu. It would be helpful to know if this is also broken in any of the previous betas, but you would probably have to manually install them from our CI builds.

Just to be sure, you've ran the flatpak OBS Studio as well? Asking because as of now I thought the the main idea of flatpak is to be independent of the host system due to the flatpak runtimes. So that an app should run identically on any distribution.

I, myself, did not. I primarily work on Windows. Someone else tested on OpenSUSE for me and confirmed that it was having the described issue. Yet another person tested the Flatpak on Ubuntu and said it worked fine.

[VortexAcherontic]

Downgraded (30.0.2) OBS Studio flatpak https://obsproject.com/logs/MIOoOTbZBJ3JaOE2

openSUSE Leap 15.5 VM: https://obsproject.com/logs/5lCsjRYfc19bnbn0

[VortexAcherontic]

To keep track of the findings on Discord:

• It turned out to be an issue with https sources as it seems on openSUSE (Leap, Tumbleweed, Aeon and Kalpa) it is unable to verify the SSL certificate for some unknown reason. This applies to Browser Docks as well as Browser sources inside a Scene.
• Locally building and running OBS Studio 30.1.0 with runtime 6.5 does work with browser sources.
• Locally building 30.1.0 with runtime 6.6 does not work
• As of now the issue is exclusive to openSUSE, tested Ubuntu myself in a VM using the flatpak and things worked as expected.

Maybe I should pass this issue to the runtime instead of OBS Studio then.

Thank you Tarulia, Cookie and feaneron for assisting here ❤️

[VortexAcherontic]

Submitted bug report to KDE: https://bugs.kde.org/show_bug.cgi?id=483746

[VortexAcherontic]

Bug also reported to openSUSE: https://bugzilla.opensuse.org/show_bug.cgi?id=1221557

[VortexAcherontic]

To keep track of further findings: Running OBS Studio 30.1.0 natively on openSUSE using Qt 6.6.2 (Which is what the Runtime 6.6 ships as well) works fine. Also both the Tumbleweed container and the runtime 6.6 make use of libssl3.

[VortexAcherontic]

Guys it seems I am running in circles. Testing other KDE apps which do also use runtime 6.6 like neochat do work fine with SSL. Would it be possible that the embedded chromium has issues with SSL under certain circumstances with runtime 6.6? Does anyone know how I might be able to test this?

Using the debug console of a dock isn't help full. It just say nothing at all except the error message but no logs in the dev tools.

[mendres82]

Do Flatpaks come with their own certificate store or are they using the ones that are on the "host system"? Didn't have the time to dig into yet (updated my system to Gnome 46 and fixing extension shenanigans here and there), but could it be possible that certificate verification fails because of missing root certificates?

[VortexAcherontic]

Do Flatpaks come with their own certificate store or are they using the ones that are on the "host system"? Didn't have the time to dig into yet (updated my system to Gnome 46 and fixing extension shenanigans here and there), but could it be possible that certificate verification fails because of missing root certificates?

Other flat do work fine. Even KDE Apps making also use of the KDE Runtime 6.6 like neochat. As of now I was only able to reproduce this issue with OBS Studio and only with the embedded chromium. Other stuff like streaming and such did still work just fine.

[mendres82]

Hm, I see. Out of curiosity I looked into the runtime flat and it comes with all the certificates needed. So this shouldn't be a problem, just like you said.

[My2ndAngelic]

I tested this with Fedora KDE and Kubuntu, both of them works fine with the 30.1.1 flatpak release. This problem occurs only with that release of OBS on openSUSE Tumbleweed afaik.

On Fedora GNOME it launches Firefox directly instead of the embedded Chrome.

Seems very strange tbh.

[VortexAcherontic]

This problem occurs only with that release of OBS on openSUSE Tumbleweed afaik.

openSUSE Leap 15.5 is broken as well.

[Matsa59]

I still have the problem, as mention the author of this issue, the following command make browser source work again.

flatpak update --commit=e641d66f8f509ff18c1e82bfd6e32e0e0021e56cb01d1471b00f56d82ea8bfa1 com.obsproject.Studio

Thx mate

[mihawk90]

Just to keep it documented: Today we received a support request for the same issue, which is interesting because it wasn't on SUSE, but on Alpine Linux.

The "workaround" via downgrade worked here too, we have not tested building with KDER 6.5 as of yet.

[tytan652]

I dug a little by downgrading org.kde.Platform//6.6 before KF6 was added and it did not fix it.

So the issue mainly relies on the distro and Freedesktop SDK 23.08…

[mihawk90]

Got another report on Discord, this time on MX Linux... downgrading OBS worked here as well.

edit: confirmed downgrading KDE Runtime worked for them too.

[mihawk90]

Just had another report on Discord for Peppermint Linux, Debian based.

Whatever it is, it's spreading :/

[mrivero]

I haven't used OBS in a while (OpenSuse - Flatpak) but I kept it up to date and now it's doing the same thing for my browser objects (or even the embedded twitch connect).... downgrading works, but is there a way to downgrade its NDI plugin that correspond to the 30.0.2 version as well? (I've tried a few older commit numbers for it but they are erroring)

[MinimusMaximus]

I solved a SSL error in another flatpak application recently by installing p11-kit-server package. After installing the package, log out and log in or restart the system.

[p0lfilt3r]

Thank you @MinimusMaximus that solved it for me.

After installing p11-kit-server on OpenSUSE Leap 15.6 and a reboot (!!!) it works!

[derrod]

That package replaces the mozialla-nss-certs package, perhaps that one has patches that made it incompatible with Flatpak on openSUSE?

[VortexAcherontic]

That package replaces the mozialla-nss-certs package, perhaps that one has patches that made it incompatible with Flatpak on openSUSE?

Well looking up the Tumbleweed package there are quite a lot patches for various reasons 😅

https://build.opensuse.org/projects/openSUSE:Factory/packages/mozilla-nss/files/mozilla-nss.spec?expand=1

[MinimusMaximus]

That package replaces the mozialla-nss-certs package, perhaps that one has patches that made it incompatible with Flatpak on openSUSE?

When installing flatpak to Fedora (40), p11-kit-server is also installed. If the package is removed, Fedora will have the same error as openSUSE.

test@fedora:~$ rpm -qa flatpak p11*
p11-kit-0.25.3-4.fc40.x86_64
p11-kit-trust-0.25.3-4.fc40.x86_64
test@fedora:~$ sudo dnf install flatpak
Last metadata expiration check: ...
Dependencies resolved.
==============================================================================================================================================================================================
 Package                                                Architecture                           Version                                          Repository                               Size
==============================================================================================================================================================================================
Installing:
 flatpak                                                x86_64                                 1.15.8-1.fc40                                    updates                                 1.7 M
Installing dependencies:
 flatpak-selinux                                        noarch                                 1.15.8-1.fc40                                    updates                                  23 k
 flatpak-session-helper                                 x86_64                                 1.15.8-1.fc40                                    updates                                  43 k
Installing weak dependencies:
 p11-kit-server                                         x86_64                                 0.25.3-4.fc40                                    fedora                                  227 k
*
*
*
Installed:
  flatpak-1.15.8-1.fc40.x86_64           flatpak-selinux-1.15.8-1.fc40.noarch           flatpak-session-helper-1.15.8-1.fc40.x86_64           p11-kit-server-0.25.3-4.fc40.x86_64          

Complete!
test@fedora:~$ rpm -qa flatpak p11*
p11-kit-0.25.3-4.fc40.x86_64
p11-kit-trust-0.25.3-4.fc40.x86_64
p11-kit-server-0.25.3-4.fc40.x86_64
flatpak-1.15.8-1.fc40.x86_64

[derrod]

Interesting, so perhaps an issue with openSUSE's flatpak image missing that dependency.

[mrivero]

I solved a SSL error in another flatpak application recently by installing p11-kit-server package. After installing the package, log out and log in or restart the system.

@MinimusMaximus confirmed this just worked for me with the OBS browser error. Great finding, thank you!