plantuml does not work in firejailed environment even with low restrictions

[WolfgangFahl]

even with

# don't restrict
 $result = $cmd->restrict(Shell::NO_ROOT)->execute();

and setting the

which dot
/usr/bin/dot
dot -v
dot - graphviz version 2.43.0 (0)
libdir = "/usr/lib/x86_64-linux-gnu/graphviz"
Activated plugin library: libgvplugin_dot_layout.so.6
Using layout: dot:dot_layout
Activated plugin library: libgvplugin_core.so.6
Using render: dot:core
Using device: dot:dot:core
The plugin configuration file:
    /usr/lib/x86_64-linux-gnu/graphviz/config6a
        was successfully loaded.
    render  :  cairo dot dot_json fig gd json json0 map mp pic pov ps svg tk visio vml vrml xdot xdot_json
    layout  :  circo dot fdp neato nop nop1 nop2 osage patchwork sfdp twopi
    textlayout  :  textlayout
    device  :  canon cmap cmapx cmapx_np dot dot_json eps fig gd gd2 gif gv imap imap_np ismap jpe jpeg jpg json json0 mp pdf pic plain plain-ext png pov ps ps2 svg svgz tk vdx vml vmlz vrml wbmp webp x11 xdot xdot1.2 xdot1.4 xdot_json xlib
    loadimage   :  (lib) eps gd gd2 gif jpe jpeg jpg png ps svg webp xbm

and therfore

export GRAPHVIZ_DOT=/usr/bin/dot

the result is:

[samwilson]

I don't follow what you're trying to do here.

# don't restrict $result = $cmd->restrict(Shell::NO_ROOT)->execute();

Where does this code come from? It's not in this extension.

The "Cannot find Graphviz" error also isn't from this extension.

The issue title says that this is about plantuml, but you don't mention that in the description.

[WolfgangFahl]

Plantuml tries to call graphviz and can't due to the firejailed environment in which things do not work.

[WolfgangFahl]

The results are from my trials that i also did in the Piwo extension which also tries to run firejailed to no avail. The firejail environment is too restricted to get the needed software to work - at least in Ubuntu 20.04 LTS. As a work around I am using the traditional shell_exec which works and thus prooves that the problem is in the restrictions.