From ed406bd979609fd05f5846049f571f43e6512050 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 9 Feb 2017 09:50:28 +0100 Subject: proot: fix seccomp filters --- krebs/5pkgs/default.nix | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'krebs/5pkgs') diff --git a/krebs/5pkgs/default.nix b/krebs/5pkgs/default.nix index c1ec0f333..e01b6e804 100644 --- a/krebs/5pkgs/default.nix +++ b/krebs/5pkgs/default.nix @@ -44,6 +44,14 @@ with import ; }; buildbot-worker = callPackage ./buildbot/worker.nix {}; + # https://github.com/proot-me/PRoot/issues/106 + proot = overrideDerivation pkgs.proot (oldAttrs: { + patches = singleton (pkgs.fetchurl { + url = https://github.com/openmole/PRoot/commit/10119a1f1fd7dea012464ae176c2b5fc3eb18928.diff; + sha256 = "0cmd95mz8p5ifjvfvi4g9zzyxqddbscxin2j3a9zbmbjl2wi458g"; + }); + }); + # XXX symlinkJoin changed arguments somewhere around nixpkgs d541e0d symlinkJoin = { name, paths, ... }@args: let x = pkgs.symlinkJoin args; -- cgit v1.2.3 From c34f8a33dc0d10e471fa6f4fb7d6e7dd54164ff2 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 9 Feb 2017 15:11:02 +0100 Subject: packageOverrides: allow using pkgs in addition to oldpkgs --- krebs/5pkgs/default.nix | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) (limited to 'krebs/5pkgs') diff --git a/krebs/5pkgs/default.nix b/krebs/5pkgs/default.nix index c79a639a4..ec9b6bdba 100644 --- a/krebs/5pkgs/default.nix +++ b/krebs/5pkgs/default.nix @@ -1,13 +1,13 @@ { config, lib, pkgs, ... }@args: with import ; { - nixpkgs.config.packageOverrides = pkgs: let + nixpkgs.config.packageOverrides = oldpkgs: let # This callPackage will try to detect obsolete overrides. callPackage = path: args: let override = pkgs.callPackage path args; upstream = optionalAttrs (override ? "name") - (pkgs.${(parseDrvName override.name).name} or {}); + (oldpkgs.${(parseDrvName override.name).name} or {}); in if upstream ? "name" && override ? "name" && compareVersions upstream.name override.name != -1 @@ -22,7 +22,7 @@ with import ; // { empty = pkgs.runCommand "empty-1.0.0" {} "mkdir $out"; - haskellPackages = pkgs.haskellPackages.override { + haskellPackages = oldpkgs.haskellPackages.override { overrides = self: super: mapAttrs (name: path: self.callPackage path {}) (mapAttrs' @@ -45,16 +45,15 @@ with import ; buildbot-worker = callPackage ./buildbot/worker.nix {}; # https://github.com/proot-me/PRoot/issues/106 - proot = pkgs.writeScriptBin "proot" '' - #!${pkgs.dash}/bin/dash + proot = pkgs.writeDashBin "proot" '' export PROOT_NO_SECCOMP=1 - exec ${pkgs.proot}/bin/proot "$@" + exec ${oldpkgs.proot}/bin/proot "$@" ''; # XXX symlinkJoin changed arguments somewhere around nixpkgs d541e0d symlinkJoin = { name, paths, ... }@args: let - x = pkgs.symlinkJoin args; - in if typeOf x != "lambda" then x else pkgs.symlinkJoin name paths; + x = oldpkgs.symlinkJoin args; + in if typeOf x != "lambda" then x else oldpkgs.symlinkJoin name paths; test = { infest-cac-centos7 = callPackage ./test/infest-cac-centos7 {}; -- cgit v1.2.3