Share /gnu/store in the BubbleWrap container and remove FHS mounts.

This is a Guix-specific patch not meant to be upstreamed.
diff --git a/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp b/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp
index f0a5e4b05dff..88b11f806968 100644
--- a/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp
+++ b/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp
@@ -854,27 +854,12 @@ GRefPtr<GSubprocess> bubblewrapSpawn(GSubprocessLauncher* launcher, const Proces
         "--ro-bind", "/sys/dev", "/sys/dev",
         "--ro-bind", "/sys/devices", "/sys/devices",
 
-        "--ro-bind-try", "/usr/share", "/usr/share",
-        "--ro-bind-try", "/usr/local/share", "/usr/local/share",
         "--ro-bind-try", DATADIR, DATADIR,
-
-        // We only grant access to the libdirs webkit is built with and
-        // guess system libdirs. This will always have some edge cases.
-        "--ro-bind-try", "/lib", "/lib",
-        "--ro-bind-try", "/usr/lib", "/usr/lib",
-        "--ro-bind-try", "/usr/local/lib", "/usr/local/lib",
         "--ro-bind-try", LIBDIR, LIBDIR,
-#if CPU(ADDRESS64)
-        "--ro-bind-try", "/lib64", "/lib64",
-        "--ro-bind-try", "/usr/lib64", "/usr/lib64",
-        "--ro-bind-try", "/usr/local/lib64", "/usr/local/lib64",
-#else
-        "--ro-bind-try", "/lib32", "/lib32",
-        "--ro-bind-try", "/usr/lib32", "/usr/lib32",
-        "--ro-bind-try", "/usr/local/lib32", "/usr/local/lib32",
-#endif
-
         "--ro-bind-try", PKGLIBEXECDIR, PKGLIBEXECDIR,
+
+        // Bind mount the store inside the WebKitGTK sandbox.
+        "--ro-bind", "@storedir@", "@storedir@",
     };
 
     if (launchOptions.processType == ProcessLauncher::ProcessType::DBusProxy) {
earch' size='10' name='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/guix/log/?id=34d7fa58edce071292050a3553081bcd3b5e180e'>root</a>/<a href='/guix/log/AUTHORS?id=34d7fa58edce071292050a3553081bcd3b5e180e'>AUTHORS</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/AUTHORS?id=34d7fa58edce071292050a3553081bcd3b5e180e&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
h><th class='left'>Commit message (<a href='/guix/log/gnu/bootloader.scm?id=47cb05757d64777bc34b9fd776f3ab069d5857fd&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2023-10-28 00:17:24 +0200'>2023-10-28</span></td><td><a href='/guix/commit/gnu/bootloader.scm?id=344e39c928bdb8e6b7e5ac79d94535921a414a05'>profiles: Hooks honor the #:system parameter of ‘profile-derivation’.</a><span class='msg-avail'>...</span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2022-12-01 14:31:28 -0500'>2022-12-01</span></td><td><a href='/guix/commit/gnu/bootloader.scm?id=a9acbf919a7668e26863d2d26d48c5fd41b57fcd'>gnu: bootloader: Rework chaining, add grub-efi-netboot-removable-bootloader.</a><span class='msg-avail'>...</span></td><td>Stefan</td></tr>
<tr><td><span title='2022-09-08 22:30:43 +0200'>2022-09-08</span></td><td><a href='/guix/commit/gnu/bootloader.scm?id=32da9bbc91d365f514ae41528587905b21c41825'>gnu: bootloader: Report error in menu-entry.</a><span class='msg-avail'>...</span></td><td>tiantian</td></tr>
<tr><td><span title='2022-09-08 22:29:57 +0200'>2022-09-08</span></td><td><a href='/guix/commit/gnu/bootloader.scm?id=52d780ea2b0714d035a84e350b516ca2e2c19af1'>gnu: bootloader: Extend `&lt;menu-entry&gt;' for chain-loader.</a><span class='msg-avail'>...</span></td><td>tiantian</td></tr>
<tr><td><span title='2022-08-30 08:51:12 +0200'>2022-08-30</span></td><td><a href='/guix/commit/gnu/bootloader.scm?id=93ed34977eba26fbb74881bbb3d9af9b3118a663'>bootloader: Wrap lines.</a><span class='msg-avail'>...</span></td><td>Mathieu Othacehe</td></tr>
<tr><td><span title='2022-08-30 08:50:44 +0200'>2022-08-30</span></td><td><a href='/guix/commit/gnu/bootloader.scm?id=f126f23b132148192b2c9a89032a5831af0b3c52'>bootloader: Add device-tree-support? option.</a><span class='msg-avail'>...</span></td><td>Reza Alizadeh Majd</td></tr>
<tr><td><span title='2022-08-28 23:37:28 +0200'>2022-08-28</span></td><td><a href='/guix/commit/gnu/bootloader.scm?id=0811d2cb8dff5de9f535e14726c9874ec2f4a96c'>bootloader: Convert device in menu-entry to proper sexp.</a><span class='msg-avail'>...</span></td><td>Josselin Poiret</td></tr>
<tr><td><span title='2022-08-21 02:00:00 +0200'>2022-08-21</span></td><td><a href='/guix/commit/gnu/bootloader.scm?id=91b112b8dd28007db9a6f43dd65457e6763b486f'>bootloader: Remove expired export.</a><span class='msg-avail'>...</span></td><td>Tobias Geerinckx-Rice</td></tr>
<tr><td><span title='2021-11-17 23:05:58 +0100'>2021-11-17</span></td><td><a href='/guix/commit/gnu/bootloader.scm?id=7c4142628a397f7863f346635591dbe92b667b45'>gnu: system: Improve location of some configuration warnings.</a><span class='msg-avail'>...</span></td><td>Josselin Poiret</td></tr>
<tr><td><span title='2021-08-30 14:22:35 +0200'>2021-08-30</span></td><td><a href='/guix/commit/gnu/bootloader.scm?id=baf4272df2350a40bfa198f5cdb42e707e32ad71'>bootloader: Report location of the deprecated 'target' field.</a><span class='msg-avail'>...</span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2021-08-29 01:05:26 -0400'>2021-08-29</span></td><td><a href='/guix/commit/gnu/bootloader.scm?id=2ca982ff41270288913ad6b7d5d9e1cad87b06d9'>gnu: bootloader: Support multiple targets.</a><span class='msg-avail'>...</span></td><td>Maxim Cournoyer</td></tr>