ghostfox/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

push sheeet
Some checks failed
Periodic Merges (6h) / master → staging-nixos (push) Failing after 12m50s
Details
Periodic Merges (6h) / master → staging-next (push) Failing after 12m54s
Details
Periodic Merges (24h) / merge-base(master,staging) → haskell-updates (push) Failing after 11m54s
Details
Periodic Merges (6h) / staging-next → staging (push) Failing after 12m13s
Details
Periodic Merges (24h) / staging-next-25.05 → staging-25.05 (push) Failing after 13m24s
Details
Periodic Merges (24h) / release-25.05 → staging-next-25.05 (push) Failing after 14m28s
Details

Browse Source
This commit is contained in:
Dark Steveneq
2025-10-09 14:15:47 +02:00
commit 646b892680
49168 changed files with 5897842 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

428
pkgs/applications/virtualization/virtualbox/default.nix Normal file
View File

@@ -0,0 +1,428 @@
{
config,
stdenv,
fetchurl,
fetchpatch,
callPackage,
lib,
acpica-tools,
dev86,
pam,
libxslt,
libxml2,
libX11,
xorgproto,
libXext,
libXcursor,
libXfixes,
libXmu,
SDL2,
libcap,
libGL,
libGLU,
libpng,
glib,
lvm2,
libXrandr,
libXinerama,
libopus,
libtpms,
qt6,
pkg-config,
which,
docbook_xsl,
docbook_xml_dtd_43,
alsa-lib,
curl,
libvpx,
net-tools,
dbus,
replaceVars,
gsoap,
zlib,
xz,
yasm,
glslang,
nixosTests,
# If open-watcom-bin is not passed, VirtualBox will fall back to use
# the shipped alternative sources (assembly).
open-watcom-bin,
makeself,
perl,
javaBindings ? true,
jdk, # Almost doesn't affect closure size
pythonBindings ? false,
python3,
extensionPack ? null,
fakeroot,
pulseSupport ? config.pulseaudio or stdenv.hostPlatform.isLinux,
libpulseaudio,
enableHardening ? false,
headless ? false,
enable32bitGuests ? true,
enableWebService ? false,
enableKvm ? false,
extraConfigureFlags ? "",
}:
# The web services use Java infrastructure.
assert enableWebService -> javaBindings;
let
buildType = "release";
# Use maintainers/scripts/update.nix to update the version and all related hashes or
# change the hashes in extpack.nix and guest-additions/default.nix as well manually.
virtualboxVersion = "7.2.0";
virtualboxSubVersion = "";
virtualboxSha256 = "4f2804ff27848ea772aee6b637bb1e10ee74ec2da117c257413e2d2c4f670ba0";
kvmPatchVboxVersion = "7.2.0";
kvmPatchVersion = "20250903";
kvmPatchHash = "sha256-JTE9Kr+nJ6HLeDrzL2EVyDQhxzn3UsoQVIQ6zNCwioY=";
# The KVM build is not compatible to VirtualBox's kernel modules. So don't export
# modsrc at all.
withModsrc = !enableKvm;
virtualboxGuestAdditionsIso = callPackage guest-additions-iso/default.nix {
inherit virtualboxVersion;
};
inherit (lib)
optional
optionals
optionalString
getDev
getLib
;
inherit (qt6)
qtbase
qttools
qtsvg
qtwayland
qtscxml
wrapQtAppsHook
;
in
stdenv.mkDerivation (finalAttrs: {
pname = "virtualbox";
version = "${finalAttrs.virtualboxVersion}${finalAttrs.virtualboxSubVersion}";
inherit
buildType
virtualboxVersion
virtualboxSubVersion
virtualboxSha256
kvmPatchVersion
kvmPatchHash
virtualboxGuestAdditionsIso
;
src = fetchurl {
url = "https://download.virtualbox.org/virtualbox/${finalAttrs.virtualboxVersion}/VirtualBox-${finalAttrs.virtualboxVersion}${finalAttrs.virtualboxSubVersion}.tar.bz2";
sha256 = finalAttrs.virtualboxSha256;
};
outputs = [ "out" ] ++ optional withModsrc "modsrc";
nativeBuildInputs = [
pkg-config
which
docbook_xsl
docbook_xml_dtd_43
yasm
glslang
]
++ optional (!headless) wrapQtAppsHook;
# Wrap manually because we wrap just a small number of executables.
dontWrapQtApps = true;
buildInputs = [
acpica-tools
dev86
libxslt
libxml2
xorgproto
libX11
libXext
libXcursor
libcap
glib
lvm2
alsa-lib
curl
libvpx
pam
makeself
perl
libXmu
libXrandr
libpng
libopus
libtpms
python3
xz
libGL
]
++ optional javaBindings jdk
++ optional pythonBindings python3 # Python is needed even when not building bindings
++ optional pulseSupport libpulseaudio
++ optionals (!headless) [
qtbase
qttools
qtscxml
libXinerama
SDL2
libGLU
]
++ optionals enableWebService [
gsoap
zlib
];
hardeningDisable = [
"format"
"fortify"
"pic"
"stackprotector"
];
prePatch = ''
set -x
sed -e 's@MKISOFS --version@MKISOFS -version@' \
-e 's@PYTHONDIR=.*@PYTHONDIR=${optionalString pythonBindings python3}@' \
-e 's@CXX_FLAGS="\(.*\)"@CXX_FLAGS="-std=c++11 \1"@' \
${
optionalString (!headless) ''
-e 's@TOOLQT6BIN=.*@TOOLQT6BIN="${getDev qttools}/bin"@' \
''
} -i configure
ls kBuild/bin/linux.x86/k* tools/linux.x86/bin/* | xargs -n 1 patchelf --set-interpreter ${stdenv.cc.libc}/lib/ld-linux.so.2
ls kBuild/bin/linux.amd64/k* tools/linux.amd64/bin/* | xargs -n 1 patchelf --set-interpreter ${stdenv.cc.libc}/lib/ld-linux-x86-64.so.2
grep 'libpulse\.so\.0' src include -rI --files-with-match | xargs sed -i -e '
${optionalString pulseSupport ''s@"libpulse\.so\.0"@"${libpulseaudio.out}/lib/libpulse.so.0"@g''}'
grep 'libdbus-1\.so\.3' src include -rI --files-with-match | xargs sed -i -e '
s@"libdbus-1\.so\.3"@"${dbus.lib}/lib/libdbus-1.so.3"@g'
grep 'libXfixes\.so\.3' src include -rI --files-with-match | xargs sed -i -e '
s@"libXfixes\.so\.3"@"${libXfixes.out}/lib/libXfixes.so.3"@g'
grep 'libasound\.so\.2' src include -rI --files-with-match | xargs sed -i -e '
s@"libasound\.so\.2"@"${alsa-lib.out}/lib/libasound.so.2"@g'
substituteInPlace src/VBox/Devices/Graphics/DevVGA-SVGA3d-glLdr.cpp \
--replace-fail \"libGL.so.1\" \"${libGL.out}/lib/libGL.so.1\"
# this works in conjunction with fix-graphics-driver-loading.patch
substituteInPlace src/VBox/Devices/Graphics/DevVGA-SVGA3d-dx-dx11.cpp \
--replace-fail \"VBoxDxVk\" \"$out/libexec/virtualbox/VBoxDxVk.so\"
export USER=nix
set +x
'';
patches =
optional enableHardening ./hardened.patch
# Since VirtualBox 7.0.8, VBoxSDL requires SDL2, but the build framework uses SDL1
++ optionals (!headless) [
./fix-sdl.patch
# No update patch disables check for update function
# https://bugs.launchpad.net/ubuntu/+source/virtualbox-ose/+bug/272212
(fetchpatch {
url = "https://salsa.debian.org/pkg-virtualbox-team/virtualbox/-/raw/8028d88e6876ca5977de13c58b54e243229efe98/debian/patches/16-no-update.patch";
hash = "sha256-AGtFsRjwd8Yw296eqX3NC2TUptAhpFTRaOMutiheQ6Y=";
})
]
++ [ ./extra_symbols.patch ]
# When hardening is enabled, we cannot use wrapQtApp to ensure that VirtualBoxVM sees
# the correct environment variables needed for Qt to work, specifically QT_PLUGIN_PATH.
# This is because VirtualBoxVM would detect that it is wrapped that and refuse to run,
# and also because it would unset QT_PLUGIN_PATH for security reasons. We work around
# these issues by patching the code to set QT_PLUGIN_PATH to the necessary paths,
# after the code that unsets it. Note that qtsvg is included so that SVG icons from
# the user's icon theme can be loaded.
++ optional (!headless && enableHardening) (
replaceVars ./qt-env-vars.patch {
qtPluginPath = "${qtbase}/bin/${qtbase.qtPluginPrefix}:${qtsvg}/bin/${qtbase.qtPluginPrefix}:${qtwayland}/bin/${qtbase.qtPluginPrefix}";
}
)
# While the KVM patch should not break any other behavior if --with-kvm is not specified,
# we don't take any chances and only apply it if people actually want to use KVM support.
++ optional enableKvm (fetchpatch {
name = "virtualbox-${finalAttrs.virtualboxVersion}-kvm-dev-${finalAttrs.kvmPatchVersion}.patch";
url = "https://github.com/cyberus-technology/virtualbox-kvm/releases/download/dev-${finalAttrs.kvmPatchVersion}/kvm-backend-${kvmPatchVboxVersion}-dev-${finalAttrs.kvmPatchVersion}.patch";
hash = finalAttrs.kvmPatchHash;
})
++ [
./qt-dependency-paths.patch
# https://github.com/NixOS/nixpkgs/issues/123851
./fix-audio-driver-loading.patch
];
postPatch = ''
sed -i -e 's|/sbin/ifconfig|${net-tools}/bin/ifconfig|' \
src/VBox/HostDrivers/adpctl/VBoxNetAdpCtl.cpp
'';
# first line: ugly hack, and it isn't yet clear why it's a problem
configurePhase = ''
NIX_CFLAGS_COMPILE=$(echo "$NIX_CFLAGS_COMPILE" | sed 's,\-isystem ${lib.getDev stdenv.cc.libc}/include,,g')
cat >> LocalConfig.kmk <<LOCAL_CONFIG
VBOX_WITH_TESTCASES :=
VBOX_WITH_TESTSUITE :=
VBOX_WITH_VALIDATIONKIT :=
VBOX_WITH_DOCS :=
VBOX_WITH_WARNINGS_AS_ERRORS :=
VBOX_WITH_ORIGIN :=
VBOX_PATH_APP_PRIVATE_ARCH_TOP := $out/share/virtualbox
VBOX_PATH_APP_PRIVATE_ARCH := $out/libexec/virtualbox
VBOX_PATH_SHARED_LIBS := $out/libexec/virtualbox
VBOX_WITH_RUNPATH := $out/libexec/virtualbox
VBOX_PATH_APP_PRIVATE := $out/share/virtualbox
VBOX_PATH_APP_DOCS := $out/doc
VBOX_WITH_UPDATE_AGENT :=
${optionalString javaBindings ''
VBOX_JAVA_HOME := ${jdk}
''}
${optionalString (!headless) ''
VBOX_WITH_VBOXSDL := 1
PATH_QT6_TOOLS_LIB := ${getLib qttools}/lib
PATH_QT6_TOOLS_INC := ${getLib qttools}/include
PATH_QT6_SCXML_LIB := ${getLib qtscxml}/lib
PATH_QT6_SCXML_INC := ${getLib qtscxml}/include
VBOX_PATH_QT := ${getLib qttools}/
''}
${optionalString enableWebService ''
# fix gsoap missing zlib include and produce errors with --as-needed
VBOX_GSOAP_CXX_LIBS := gsoapssl++ z
''}
TOOL_QT6_LRC := ${getLib qttools}/bin/lrelease
LOCAL_CONFIG
./configure \
${optionalString headless "--build-headless"} \
${optionalString (!javaBindings) "--disable-java"} \
${optionalString (!pythonBindings) "--disable-python"} \
${optionalString (!pulseSupport) "--disable-pulse"} \
${optionalString (!enableHardening) "--disable-hardening"} \
${optionalString (!enable32bitGuests) "--disable-vmmraw"} \
${optionalString enableWebService "--enable-webservice"} \
${optionalString (open-watcom-bin != null) "--with-ow-dir=${open-watcom-bin}"} \
${optionalString enableKvm "--with-kvm"} \
${extraConfigureFlags} \
--disable-kmods
sed -e 's@PKG_CONFIG_PATH=.*@PKG_CONFIG_PATH=${glib.dev}/lib/pkgconfig@' \
-i AutoConfig.kmk
sed -e 's@arch/x86/@@' \
-i Config.kmk
substituteInPlace Config.kmk --replace-fail "VBOX_WITH_TESTCASES = 1" "#"
'';
enableParallelBuilding = true;
buildPhase = ''
source env.sh
kmk -j $NIX_BUILD_CORES BUILD_TYPE="${finalAttrs.buildType}"
'';
installPhase = ''
libexec="$out/libexec/virtualbox"
share="${if enableHardening then "$out/share/virtualbox" else "$libexec"}"
# Install VirtualBox files
mkdir -p "$libexec"
find out/linux.*/${finalAttrs.buildType}/bin -mindepth 1 -maxdepth 1 \
-name src -o -exec cp -avt "$libexec" {} +
mkdir -p $out/bin
for file in ${
optionalString (!headless) "VirtualBox VBoxSDL"
} ${optionalString enableWebService "vboxwebsrv"} VBoxManage VBoxBalloonCtrl VBoxHeadless; do
echo "Linking $file to /bin"
test -x "$libexec/$file"
ln -s "$libexec/$file" $out/bin/$file
done
${optionalString (extensionPack != null) ''
mkdir -p "$share"
"${fakeroot}/bin/fakeroot" "${stdenv.shell}" <<EOF
"$libexec/VBoxExtPackHelperApp" install \
--base-dir "$share/ExtensionPacks" \
--cert-dir "$share/ExtPackCertificates" \
--name "Oracle VirtualBox Extension Pack" \
--tarball "${extensionPack}" \
--sha-256 "${extensionPack.outputHash}"
EOF
''}
${optionalString (!headless) ''
# Create and fix desktop item
mkdir -p $out/share/applications
sed -i -e "s|Icon=VBox|Icon=$libexec/VBox.png|" $libexec/virtualbox.desktop
ln -sfv $libexec/virtualbox.desktop $out/share/applications
# Icons
mkdir -p $out/share/icons/hicolor
for size in `ls -1 $libexec/icons`; do
mkdir -p $out/share/icons/hicolor/$size/apps
ln -s $libexec/icons/$size/*.png $out/share/icons/hicolor/$size/apps
done
# Translation
mkdir -p "$out/share/virtualbox"
ln -sv $libexec/nls "$out/share/virtualbox/nls"
''}
${optionalString withModsrc ''
cp -rv out/linux.*/${finalAttrs.buildType}/bin/src "$modsrc"
''}
mkdir -p "$out/share/virtualbox"
cp -rv src/VBox/Main/UnattendedTemplates "$out/share/virtualbox"
ln -s "${finalAttrs.virtualboxGuestAdditionsIso}" "$out/share/virtualbox/VBoxGuestAdditions.iso"
'';
preFixup =
optionalString (!headless) ''
wrapQtApp $out/bin/VirtualBox
''
# If hardening is disabled, wrap the VirtualBoxVM binary instead of patching
# the source code (see postPatch).
+ optionalString (!headless && !enableHardening) ''
wrapQtApp $out/libexec/virtualbox/VirtualBoxVM
'';
passthru = {
inherit extensionPack; # for inclusion in profile to prevent gc
tests = nixosTests.virtualbox;
updateScript = ./update.sh;
};
meta = {
description = "PC emulator";
longDescription = ''
VirtualBox is an x86 and AMD64/Intel64 virtualization product for enterprise and home use.
To install on NixOS, please use the option `virtualisation.virtualbox.host.enable = true`.
Please also check other options under `virtualisation.virtualbox`.
'';
sourceProvenance = with lib.sourceTypes; [
fromSource
binaryNativeCode
];
license = lib.licenses.gpl3Only;
homepage = "https://www.virtualbox.org/";
maintainers = with lib.maintainers; [
sander
friedrichaltheide
blitz
];
platforms = [ "x86_64-linux" ];
mainProgram = "VirtualBox";
};
})

32
pkgs/applications/virtualization/virtualbox/extpack.nix Normal file
View File

@@ -0,0 +1,32 @@
{
fetchurl,
lib,
virtualbox,
}:
let
virtualboxExtPackVersion = "7.2.0";
in
fetchurl rec {
name = "Oracle_VirtualBox_Extension_Pack-${virtualboxExtPackVersion}.vbox-extpack";
url = "https://download.virtualbox.org/virtualbox/${virtualboxExtPackVersion}/${name}";
sha256 =
# Manually sha256sum the extensionPack file, must be hex!
# Thus do not use `nix-prefetch-url` but instead plain old `sha256sum`.
# Checksums can also be found at https://www.virtualbox.org/download/hashes/${version}/SHA256SUMS
let
value = "8a44f3eeaf9bb71fab297bf4b3d38bd1bc55243f3c1a12bfb0e8d78170f949a0";
in
assert (builtins.stringLength value) == 64;
value;
meta = with lib; {
description = "Oracle Extension pack for VirtualBox";
license = licenses.virtualbox-puel;
homepage = "https://www.virtualbox.org/";
maintainers = with maintainers; [
sander
friedrichaltheide
];
platforms = [ "x86_64-linux" ];
};
}

25
pkgs/applications/virtualization/virtualbox/extra_symbols.patch Normal file
View File

@@ -0,0 +1,25 @@
diff --git a/src/VBox/HostDrivers/linux/Makefile b/src/VBox/HostDrivers/linux/Makefile
index 8ba33952..3b8abe60 100644
--- a/src/VBox/HostDrivers/linux/Makefile
+++ b/src/VBox/HostDrivers/linux/Makefile
@@ -99,17 +99,17 @@ install-vboxdrv:
install-vboxnetflt:
+@if [ -d vboxnetflt ]; then \
- $(MAKE) KBUILD_VERBOSE=$(KBUILD_VERBOSE) -C vboxnetflt install; \
+ $(MAKE) KBUILD_VERBOSE=$(KBUILD_VERBOSE) KBUILD_EXTRA_SYMBOLS=$(abspath vboxnetflt/Module.symvers) -C vboxnetflt install; \
fi
install-vboxnetadp:
+@if [ -d vboxnetadp ]; then \
- $(MAKE) KBUILD_VERBOSE=$(KBUILD_VERBOSE) -C vboxnetadp install; \
+ $(MAKE) KBUILD_VERBOSE=$(KBUILD_VERBOSE) KBUILD_EXTRA_SYMBOLS=$(abspath vboxnetadp/Module.symvers) -C vboxnetadp install; \
fi
install-vboxpci:
+@if [ -d vboxpci ]; then \
- $(MAKE) KBUILD_VERBOSE=$(KBUILD_VERBOSE) -C vboxpci install; \
+ $(MAKE) KBUILD_VERBOSE=$(KBUILD_VERBOSE) KBUILD_EXTRA_SYMBOLS=$(abspath vboxpci/Module.symvers) -C vboxpci install; \
fi
install: install-vboxdrv install-vboxnetflt install-vboxnetadp install-vboxpci

26
pkgs/applications/virtualization/virtualbox/fix-audio-driver-loading.patch Normal file
View File

@@ -0,0 +1,26 @@
diff --git a/src/VBox/Devices/Audio/DrvHostAudioAlsaStubs.cpp b/src/VBox/Devices/Audio/DrvHostAudioAlsaStubs.cpp
index cfcb0abbf..2ce564f6f 100644
--- a/src/VBox/Devices/Audio/DrvHostAudioAlsaStubs.cpp
+++ b/src/VBox/Devices/Audio/DrvHostAudioAlsaStubs.cpp
@@ -258,7 +258,7 @@ static DECLCALLBACK(int32_t) drvHostAudioAlsaLibInitOnce(void *pvUser)
LogFlowFunc(("\n"));
RTLDRMOD hMod = NIL_RTLDRMOD;
- int rc = RTLdrLoadSystemEx(VBOX_ALSA_LIB, RTLDRLOAD_FLAGS_NO_UNLOAD, &hMod);
+ int rc = RTLdrLoadEx(VBOX_ALSA_LIB, &hMod, RTLDRLOAD_FLAGS_NO_UNLOAD, nullptr);
if (RT_SUCCESS(rc))
{
for (uintptr_t i = 0; i < RT_ELEMENTS(SharedFuncs); i++)
diff --git a/src/VBox/Devices/Audio/DrvHostAudioPulseAudioStubs.cpp b/src/VBox/Devices/Audio/DrvHostAudioPulseAudioStubs.cpp
index a17fc93f9..148f5c39a 100644
--- a/src/VBox/Devices/Audio/DrvHostAudioPulseAudioStubs.cpp
+++ b/src/VBox/Devices/Audio/DrvHostAudioPulseAudioStubs.cpp
@@ -332,7 +332,7 @@ static DECLCALLBACK(int32_t) drvHostAudioPulseLibInitOnce(void *pvUser)
LogFlowFunc(("\n"));
RTLDRMOD hMod = NIL_RTLDRMOD;
- int rc = RTLdrLoadSystemEx(VBOX_PULSE_LIB, RTLDRLOAD_FLAGS_NO_UNLOAD, &hMod);
+ int rc = RTLdrLoadEx(VBOX_PULSE_LIB, &hMod, RTLDRLOAD_FLAGS_NO_UNLOAD, nullptr);
if (RT_SUCCESS(rc))
{
for (unsigned i = 0; i < RT_ELEMENTS(g_aImportedFunctions); i++)

72
pkgs/applications/virtualization/virtualbox/fix-sdl.patch Normal file
View File

@@ -0,0 +1,72 @@
diff --git a/configure b/configure
index 5edefba..a17e8c5 100755
--- a/configure
+++ b/configure
@@ -1184,10 +1184,10 @@ check_sdl()
fail
fi
else
- if which_wrapper sdl-config > /dev/null; then
- FLGSDL=`sdl-config --cflags`
+ if which_wrapper sdl2-config > /dev/null; then
+ FLGSDL=`sdl2-config --cflags`
INCSDL=`strip_I "$FLGSDL"`
- LIBSDL=`sdl-config --libs`
+ LIBSDL=`sdl2-config --libs`
LIBSDLMAIN="-lSDLmain"
FLDSDL=
foundsdl=1
diff --git a/src/VBox/Frontends/VBoxSDL/Framebuffer.cpp b/src/VBox/Frontends/VBoxSDL/Framebuffer.cpp
index 16dc282..4889865 100644
--- a/src/VBox/Frontends/VBoxSDL/Framebuffer.cpp
+++ b/src/VBox/Frontends/VBoxSDL/Framebuffer.cpp
@@ -56,7 +56,7 @@ using namespace com;
# pragma warning(push)
# pragma warning(disable: 4121) /* warning C4121: 'SDL_SysWMmsg' : alignment of a member was sensitive to packing*/
# endif
-# include <SDL_syswm.h> /* for SDL_GetWMInfo() */
+# include <SDL2/SDL_syswm.h> /* for SDL_GetWMInfo() */
# ifdef _MSC_VER
# pragma warning(pop)
# endif
diff --git a/src/VBox/Frontends/VBoxSDL/Makefile.kmk b/src/VBox/Frontends/VBoxSDL/Makefile.kmk
index da43153..2aa8cd7 100644
--- a/src/VBox/Frontends/VBoxSDL/Makefile.kmk
+++ b/src/VBox/Frontends/VBoxSDL/Makefile.kmk
@@ -79,10 +79,6 @@ if !defined(VBOX_WITH_HARDENING) || "$(KBUILD_TARGET)" != "darwin" # No hardened
VBoxSDL_INCS += \
$(VBOX_XCURSOR_INCS)
endif
- ifn1of ($(KBUILD_TARGET), solaris) # Probably wrong with SDL2
- VBoxSDL_LIBS = \
- $(LIB_SDK_LIBSDL2_SDLMAIN)
- endif
if1of ($(KBUILD_TARGET), freebsd linux netbsd openbsd solaris) # X11
VBoxSDL_LIBS += \
$(PATH_STAGE_DLL)/VBoxKeyboard$(VBOX_SUFF_DLL) \
diff --git a/src/VBox/Frontends/VBoxSDL/VBoxSDL.cpp b/src/VBox/Frontends/VBoxSDL/VBoxSDL.cpp
index 065c391..22788e1 100644
--- a/src/VBox/Frontends/VBoxSDL/VBoxSDL.cpp
+++ b/src/VBox/Frontends/VBoxSDL/VBoxSDL.cpp
@@ -64,7 +64,7 @@ using namespace com;
# pragma warning(disable: 4121) /* warning C4121: 'SDL_SysWMmsg' : alignment of a member was sensitive to packing*/
#endif
#ifndef RT_OS_DARWIN
-# include <SDL_syswm.h> /* for SDL_GetWMInfo() */
+# include <SDL2/SDL_syswm.h> /* for SDL_GetWMInfo() */
#endif
#ifdef _MSC_VER
# pragma warning(pop)
diff --git a/src/VBox/Frontends/VBoxSDL/VBoxSDL.h b/src/VBox/Frontends/VBoxSDL/VBoxSDL.h
index dde548f..8fc9fb3 100644
--- a/src/VBox/Frontends/VBoxSDL/VBoxSDL.h
+++ b/src/VBox/Frontends/VBoxSDL/VBoxSDL.h
@@ -45,7 +45,7 @@
# pragma warning(disable: 4121) /* warning C4121: 'SDL_SysWMmsg' : alignment of a member was sensitive to packing*/
# pragma warning(disable: 4668) /* warning C4668: '__GNUC__' is not defined as a preprocessor macro, replacing with '0' for '#if/#elif' */
#endif
-#include <SDL.h>
+#include <SDL2/SDL.h>
#ifdef _MSC_VER
# pragma warning(pop)
#endif

25
pkgs/applications/virtualization/virtualbox/guest-additions-iso/default.nix Normal file
View File

@@ -0,0 +1,25 @@
{
fetchurl,
lib,
virtualboxVersion,
}:
fetchurl {
url = "http://download.virtualbox.org/virtualbox/${virtualboxVersion}/VBoxGuestAdditions_${virtualboxVersion}.iso";
sha256 = "43f7a1045cad0aab40e3af906fea37244ba6873b91b4e227245a14e51b399abd";
meta = {
description = "Guest additions ISO for VirtualBox";
longDescription = ''
ISO containing various add-ons which improves guests inside VirtualBox.
'';
sourceProvenance = with lib.sourceTypes; [ binaryNativeCode ];
license = lib.licenses.gpl2;
maintainers = [
lib.maintainers.sander
lib.maintainers.friedrichaltheide
];
platforms = [
"i686-linux"
"x86_64-linux"
];
};
}

173
pkgs/applications/virtualization/virtualbox/guest-additions/builder.nix Normal file
View File

@@ -0,0 +1,173 @@
{
stdenv,
kernel,
fetchurl,
lib,
pam,
libxslt,
libXext,
libXcursor,
libXmu,
glib,
libXrandr,
dbus,
xz,
pkg-config,
which,
xorg,
yasm,
patchelf,
makeself,
linuxHeaders,
openssl,
virtualboxVersion,
virtualboxSubVersion,
virtualboxSha256,
platform,
}:
let
buildType = "release";
in
stdenv.mkDerivation (finalAttrs: {
pname = "VirtualBox-GuestAdditions-builder-${kernel.version}";
version = "${virtualboxVersion}${virtualboxSubVersion}";
inherit virtualboxVersion virtualboxSubVersion;
src = fetchurl {
url = "https://download.virtualbox.org/virtualbox/${finalAttrs.virtualboxVersion}/VirtualBox-${finalAttrs.virtualboxVersion}${finalAttrs.virtualboxSubVersion}.tar.bz2";
sha256 = virtualboxSha256;
};
env.NIX_CFLAGS_COMPILE = "-Wno-error=incompatible-pointer-types -Wno-error=implicit-function-declaration";
nativeBuildInputs = [
patchelf
pkg-config
which
yasm
makeself
xorg.xorgserver
openssl
linuxHeaders
xz
]
++ kernel.moduleBuildDependencies;
buildInputs = [
dbus
libxslt
libXext
libXcursor
pam
libXmu
libXrandr
];
KERN_DIR = "${kernel.dev}/lib/modules/${kernel.modDirVersion}/build";
KERN_INCL = "${kernel.dev}/lib/modules/${kernel.modDirVersion}/source/include";
prePatch = ''
rm -r src/VBox/Additions/x11/x11include/
rm -r src/VBox/Additions/3D/mesa/mesa-*/
rm -r src/libs/openssl-*/
rm -r src/libs/curl-*/
rm -r src/libs/libpng-*/
rm -r src/libs/libxml2-*/
rm -r src/libs/liblzma-*/
rm -r src/libs/zlib*/
'';
postPatch = ''
set -x
sed -e 's@MKISOFS --version@MKISOFS -version@' \
-e 's@CXX_FLAGS="\(.*\)"@CXX_FLAGS="-std=c++17 \1"@' \
-i configure
ls kBuild/bin/linux.${platform}/k* tools/linux.${platform}/bin/* | xargs -n 1 patchelf --set-interpreter ${stdenv.cc.bintools.dynamicLinker}
substituteInPlace ./include/VBox/dbus-calls.h --replace-fail libdbus-1.so.3 ${dbus.lib}/lib/libdbus-1.so.3
substituteInPlace ./src/VBox/Additions/common/VBoxGuest/lib/VBoxGuestR3LibDrmClient.cpp --replace-fail /usr/bin/VBoxDRMClient /run/current-system/sw/bin/VBoxDRMClient
substituteInPlace ./src/VBox/Additions/common/VBoxGuest/lib/VBoxGuestR3LibDrmClient.cpp --replace-fail /usr/bin/VBoxClient /run/current-system/sw/bin/VBoxClient
substituteInPlace ./src/VBox/Additions/x11/VBoxClient/display.cpp --replace-fail /usr/X11/bin/xrandr ${xorg.xrandr}/bin/xrandr
substituteInPlace ./src/VBox/Additions/x11/vboxvideo/Makefile.kmk --replace-fail /usr/include/xorg "${xorg.xorgserver.dev}/include/xorg "
'';
configurePhase = ''
NIX_CFLAGS_COMPILE=$(echo "$NIX_CFLAGS_COMPILE" | sed 's,\-isystem ${lib.getDev stdenv.cc.libc}/include,,g')
cat >> LocalConfig.kmk <<LOCAL_CONFIG
VBOX_WITH_TESTCASES :=
VBOX_WITH_TESTSUITE :=
VBOX_WITH_VALIDATIONKIT :=
VBOX_WITH_DOCS :=
VBOX_WITH_WARNINGS_AS_ERRORS :=
VBOX_WITH_ORIGIN :=
VBOX_PATH_APP_PRIVATE_ARCH_TOP := $out/share/virtualbox
VBOX_PATH_APP_PRIVATE_ARCH := $out/libexec/virtualbox
VBOX_PATH_SHARED_LIBS := $out/libexec/virtualbox
VBOX_WITH_RUNPATH := $out/libexec/virtualbox
VBOX_PATH_APP_PRIVATE := $out/share/virtualbox
VBOX_PATH_APP_DOCS := $out/doc
VBOX_USE_SYSTEM_XORG_HEADERS := 1
VBOX_USE_SYSTEM_GL_HEADERS := 1
VBOX_NO_LEGACY_XORG_X11 := 1
SDK_VBoxLibPng_INCS :=
SDK_VBoxLibXml2_INCS :=
SDK_VBoxLibLzma_INCS := ${xz.dev}/include
SDK_VBoxLibLzma_LIBS := ${xz.out}/lib
SDK_VBoxOpenSslStatic_INCS := ${openssl.dev}/include/ssl
VBOX_ONLY_ADDITIONS := 1
VBOX_WITH_SHARED_CLIPBOARD := 1
VBOX_WITH_GUEST_PROPS := 1
VBOX_WITH_VMSVGA := 1
VBOX_WITH_SHARED_FOLDERS := 1
VBOX_WITH_GUEST_CONTROL := 1
VBOX_WITHOUT_LINUX_GUEST_PACKAGE := 1
VBOX_WITH_PAM :=
VBOX_WITH_UPDATE_AGENT :=
VBOX_WITH_AUDIO_ALSA :=
VBOX_WITH_AUDIO_PULSE :=
VBOX_BUILD_PUBLISHER := _NixOS
LOCAL_CONFIG
./configure \
--only-additions \
--with-linux=${kernel.dev} \
--disable-kmods
sed -e 's@PKG_CONFIG_PATH=.*@PKG_CONFIG_PATH=${glib.dev}/lib/pkgconfig @' \
-i AutoConfig.kmk
sed -e 's@arch/x86/@@' \
-i Config.kmk
export USER=nix
set +x
'';
enableParallelBuilding = true;
buildPhase = ''
runHook preBuild
source env.sh
VBOX_ONLY_ADDITIONS=1 VBOX_ONLY_BUILD=1 kmk -j $NIX_BUILD_CORES BUILD_TYPE="${buildType}"
VBOX_ONLY_ADDITIONS=1 VBOX_ONLY_BUILD=1 kmk packing
runHook postBuild
'';
installPhase = ''
runHook preInstall
mkdir -p $out
cp -rv ./out/linux.${platform}/${buildType}/bin/additions/VBoxGuestAdditions-${platform}.tar.bz2 $out/
runHook postInstall
'';
})

177
pkgs/applications/virtualization/virtualbox/guest-additions/default.nix Normal file
View File

@@ -0,0 +1,177 @@
{
stdenv,
kernel,
callPackage,
lib,
dbus,
xorg,
zlib,
patchelf,
makeWrapper,
wayland,
libX11,
}:
let
virtualboxVersion = "7.2.0";
virtualboxSubVersion = "";
virtualboxSha256 = "4f2804ff27848ea772aee6b637bb1e10ee74ec2da117c257413e2d2c4f670ba0";
platform =
if stdenv.hostPlatform.isAarch64 then
"arm64"
else if stdenv.hostPlatform.is32bit then
"x86"
else
"amd64";
virtualBoxNixGuestAdditionsBuilder = callPackage ./builder.nix {
inherit
virtualboxVersion
virtualboxSubVersion
virtualboxSha256
platform
;
};
# Specifies how to patch binaries to make sure that libraries loaded using
# dlopen are found. We grep binaries for specific library names and patch
# RUNPATH in matching binaries to contain the needed library paths.
dlopenLibs = [
{
name = "libdbus-1.so";
pkg = dbus;
}
{
name = "libXfixes.so";
pkg = xorg.libXfixes;
}
{
name = "libXrandr.so";
pkg = xorg.libXrandr;
}
{
name = "libwayland-client.so";
pkg = wayland;
}
{
name = "libX11.so";
pkg = libX11;
}
{
name = "libXt.so";
pkg = xorg.libXt;
}
];
in
stdenv.mkDerivation {
pname = "VirtualBox-GuestAdditions";
version = "${virtualboxVersion}${virtualboxSubVersion}-${kernel.version}";
src = "${virtualBoxNixGuestAdditionsBuilder}/VBoxGuestAdditions-${platform}.tar.bz2";
sourceRoot = ".";
KERN_DIR = "${kernel.dev}/lib/modules/${kernel.modDirVersion}/build";
KERN_INCL = "${kernel.dev}/lib/modules/${kernel.modDirVersion}/source/include";
hardeningDisable = [ "pic" ];
env.NIX_CFLAGS_COMPILE = "-Wno-error=incompatible-pointer-types -Wno-error=implicit-function-declaration";
nativeBuildInputs = [
patchelf
makeWrapper
virtualBoxNixGuestAdditionsBuilder
]
++ kernel.moduleBuildDependencies;
buildPhase = ''
runHook preBuild
# Build kernel modules.
cd src/vboxguest-${virtualboxVersion}_NixOS
# Run just make first. If we only did make install, we get symbol warnings during build.
make
cd ../..
# Change the interpreter for various binaries
for i in sbin/VBoxService bin/{VBoxClient,VBoxControl,VBoxDRMClient} other/mount.vboxsf; do
patchelf --set-interpreter ${stdenv.cc.bintools.dynamicLinker} $i
patchelf --set-rpath ${
lib.makeLibraryPath [
stdenv.cc.cc
stdenv.cc.libc
zlib
xorg.libX11
xorg.libXt
xorg.libXext
xorg.libXmu
xorg.libXfixes
xorg.libXcursor
]
} $i
done
runHook postBuild
'';
installPhase = ''
runHook preInstall
mkdir -p $out/bin
# Install kernel modules.
cd src/vboxguest-${virtualboxVersion}_NixOS
make install INSTALL_MOD_PATH=$out KBUILD_EXTRA_SYMBOLS=$PWD/vboxsf/Module.symvers
cd ../..
# Install binaries
install -D -m 755 other/mount.vboxsf $out/bin/mount.vboxsf
install -D -m 755 sbin/VBoxService $out/bin/VBoxService
install -m 755 bin/VBoxClient $out/bin
install -m 755 bin/VBoxControl $out/bin
install -m 755 bin/VBoxDRMClient $out/bin
# Don't install VBoxOGL for now
# It seems to be broken upstream too, and fixing it is far down the priority list:
# https://www.virtualbox.org/pipermail/vbox-dev/2017-June/014561.html
# Additionally, 3d support seems to rely on VBoxOGL.so being symlinked from
# libGL.so (which we can't), and Oracle doesn't plan on supporting libglvnd
# either. (#18457)
runHook postInstall
'';
# Stripping breaks these binaries for some reason.
dontStrip = true;
# Patch RUNPATH according to dlopenLibs (see the comment there).
postFixup = lib.concatMapStrings (library: ''
for i in $(grep -F ${lib.escapeShellArg library.name} -l -r $out/{lib,bin}); do
origRpath=$(patchelf --print-rpath "$i")
patchelf --set-rpath "$origRpath:${lib.makeLibraryPath [ library.pkg ]}" "$i"
done
'') dlopenLibs;
meta = {
description = "Guest additions for VirtualBox";
longDescription = ''
Various add-ons which makes NixOS work better as guest OS inside VirtualBox.
This add-on provides support for dynamic resizing of the virtual display, shared
host/guest clipboard support.
'';
sourceProvenance = with lib.sourceTypes; [ fromSource ];
license = lib.licenses.gpl3Only;
maintainers = [
lib.maintainers.sander
lib.maintainers.friedrichaltheide
];
platforms = [
"i686-linux"
"x86_64-linux"
"aarch64-linux"
];
broken = stdenv.hostPlatform.is32bit && (kernel.kernelAtLeast "5.10");
};
}

181
pkgs/applications/virtualization/virtualbox/hardened.patch Normal file
View File

@@ -0,0 +1,181 @@
diff --git a/include/iprt/mangling.h b/include/iprt/mangling.h
index 991dd9e..defc781 100644
--- a/include/iprt/mangling.h
+++ b/include/iprt/mangling.h
@@ -1802,6 +1802,7 @@
# define RTPathStripSuffix RT_MANGLER(RTPathStripSuffix)
# define RTPathStripFilename RT_MANGLER(RTPathStripFilename)
# define RTPathStripTrailingSlash RT_MANGLER(RTPathStripTrailingSlash)
+# define RTPathSuidDir RT_MANGLER(RTPathSuidDir)
# define RTPathTemp RT_MANGLER(RTPathTemp)
# define RTPathTraverseList RT_MANGLER(RTPathTraverseList)
# define RTPathUnlink RT_MANGLER(RTPathUnlink)
@@ -1842,6 +1843,7 @@
# define RTProcGetAffinityMask RT_MANGLER(RTProcGetAffinityMask)
# define RTProcGetExecutablePath RT_MANGLER(RTProcGetExecutablePath)
# define RTProcGetPriority RT_MANGLER(RTProcGetPriority)
+# define RTProcGetSuidPath RT_MANGLER(RTProcGetSuidPath)
# define RTProcIsRunningByName RT_MANGLER(RTProcIsRunningByName)
# define RTProcQueryParent RT_MANGLER(RTProcQueryParent)
# define RTProcQueryUsername RT_MANGLER(RTProcQueryUsername)
diff --git a/include/iprt/path.h b/include/iprt/path.h
index 89bf8f6..5caa578 100644
--- a/include/iprt/path.h
+++ b/include/iprt/path.h
@@ -1235,6 +1235,15 @@ RTDECL(int) RTPathCalcRelative(char *pszPathDst, size_t cbPathDst, const char *p
*/
RTDECL(int) RTPathExecDir(char *pszPath, size_t cchPath);
+/**
+ * Gets the path to the NixOS setuid wrappers directory.
+ *
+ * @returns iprt status code.
+ * @param pszPath Buffer where to store the path.
+ * @param cchPath Buffer size in bytes.
+ */
+RTDECL(int) RTPathSuidDir(char *pszPath, size_t cchPath);
+
/**
* Gets the user home directory.
*
diff --git a/include/iprt/process.h b/include/iprt/process.h
index 4ca981e..058ae7a 100644
--- a/include/iprt/process.h
+++ b/include/iprt/process.h
@@ -384,6 +384,16 @@ RTR3DECL(const char *) RTProcExecutablePath(void);
*/
RTR3DECL(char *) RTProcGetExecutablePath(char *pszExecPath, size_t cbExecPath);
+/**
+ * Gets the path to the NixOS setuid wrappers directory.
+ *
+ * @returns pszExecPath on success. NULL on buffer overflow or other errors.
+ *
+ * @param pszExecPath Where to store the path.
+ * @param cbExecPath The size of the buffer.
+ */
+RTR3DECL(char *) RTProcGetSuidPath(char *pszExecPath, size_t cbExecPath);
+
/**
* Daemonize the current process, making it a background process.
*
diff --git a/src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp b/src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp
index e78a397..ff5b541 100644
--- a/src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp
+++ b/src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp
@@ -1541,9 +1541,9 @@ static int supR3HardenedVerifyFsObject(PCSUPR3HARDENEDFSOBJSTATE pFsObjState, bo
bool fBad = !fRelaxed || pFsObjState->Stat.st_gid != 2 /*bin*/ || suplibHardenedStrCmp(pszPath, "/usr/lib/iconv");
# else
NOREF(fRelaxed);
- bool fBad = true;
+ bool fBad = !(fDir && pFsObjState->Stat.st_mode & S_ISVTX && !suplibHardenedStrCmp(pszPath, "/nix/store"));
# endif
- if (fBad)
+ if (fBad && suplibHardenedStrCmp(pszPath, "/nix/store"))
return supR3HardenedSetError3(VERR_SUPLIB_WRITE_NON_SYS_GROUP, pErrInfo,
"An unknown (and thus untrusted) group has write access to '", pszPath,
"' and we therefore cannot trust the directory content or that of any subdirectory");
diff --git a/src/VBox/Main/src-all/MachineLaunchVMCommonWorker.cpp b/src/VBox/Main/src-all/MachineLaunchVMCommonWorker.cpp
index 01d7a9f..e52a291 100644
--- a/src/VBox/Main/src-all/MachineLaunchVMCommonWorker.cpp
+++ b/src/VBox/Main/src-all/MachineLaunchVMCommonWorker.cpp
@@ -100,7 +100,7 @@ int MachineLaunchVMCommonWorker(const Utf8Str &aNameOrId,
/* Get the path to the executable directory w/ trailing slash: */
char szPath[RTPATH_MAX];
- int vrc = RTPathAppPrivateArch(szPath, sizeof(szPath));
+ int vrc = RTStrCopy(szPath, sizeof(szPath) - 1, "/run/wrappers/bin");
AssertRCReturn(vrc, vrc);
size_t cbBufLeft = RTPathEnsureTrailingSeparator(szPath, sizeof(szPath));
AssertReturn(cbBufLeft > 0, VERR_FILENAME_TOO_LONG);
diff --git a/src/VBox/Main/src-server/NetworkServiceRunner.cpp b/src/VBox/Main/src-server/NetworkServiceRunner.cpp
index 773d27f..874ec2d 100644
--- a/src/VBox/Main/src-server/NetworkServiceRunner.cpp
+++ b/src/VBox/Main/src-server/NetworkServiceRunner.cpp
@@ -198,7 +198,7 @@ int NetworkServiceRunner::start(bool aKillProcessOnStop)
* ASSUME it is relative to the directory that holds VBoxSVC.
*/
char szExePath[RTPATH_MAX];
- AssertReturn(RTProcGetExecutablePath(szExePath, RTPATH_MAX), VERR_FILENAME_TOO_LONG);
+ AssertReturn(RTProcGetSuidPath(szExePath, RTPATH_MAX), VERR_FILENAME_TOO_LONG);
RTPathStripFilename(szExePath);
int vrc = RTPathAppend(szExePath, sizeof(szExePath), m->pszProcName);
AssertLogRelRCReturn(vrc, vrc);
diff --git a/src/VBox/Main/src-server/generic/NetIf-generic.cpp b/src/VBox/Main/src-server/generic/NetIf-generic.cpp
index 1e2eb61..893344c 100644
--- a/src/VBox/Main/src-server/generic/NetIf-generic.cpp
+++ b/src/VBox/Main/src-server/generic/NetIf-generic.cpp
@@ -62,7 +62,7 @@ static int NetIfAdpCtl(const char * pcszIfName, const char *pszAddr, const char
const char *args[] = { NULL, pcszIfName, pszAddr, pszOption, pszMask, NULL };
char szAdpCtl[RTPATH_MAX];
- int vrc = RTPathExecDir(szAdpCtl, sizeof(szAdpCtl) - sizeof("/" VBOXNETADPCTL_NAME));
+ int vrc = RTPathSuidDir(szAdpCtl, sizeof(szAdpCtl) - sizeof("/" VBOXNETADPCTL_NAME));
if (RT_FAILURE(vrc))
{
LogRel(("NetIfAdpCtl: failed to get program path, vrc=%Rrc.\n", vrc));
@@ -109,7 +109,7 @@ static int NetIfAdpCtl(HostNetworkInterface * pIf, const char *pszAddr, const ch
int NetIfAdpCtlOut(const char * pcszName, const char * pcszCmd, char *pszBuffer, size_t cBufSize)
{
char szAdpCtl[RTPATH_MAX];
- int vrc = RTPathExecDir(szAdpCtl, sizeof(szAdpCtl) - sizeof("/" VBOXNETADPCTL_NAME " ") - strlen(pcszCmd));
+ int vrc = RTPathSuidDir(szAdpCtl, sizeof(szAdpCtl) - sizeof("/" VBOXNETADPCTL_NAME " ") - strlen(pcszCmd));
if (RT_FAILURE(vrc))
{
LogRel(("NetIfAdpCtlOut: Failed to get program path, vrc=%Rrc\n", vrc));
@@ -224,7 +224,7 @@ int NetIfCreateHostOnlyNetworkInterface(VirtualBox *pVirtualBox,
progress.queryInterfaceTo(aProgress);
char szAdpCtl[RTPATH_MAX];
- vrc = RTPathExecDir(szAdpCtl, sizeof(szAdpCtl) - sizeof("/" VBOXNETADPCTL_NAME " add"));
+ vrc = RTPathSuidDir(szAdpCtl, sizeof(szAdpCtl) - sizeof("/" VBOXNETADPCTL_NAME " add"));
if (RT_FAILURE(vrc))
{
progress->i_notifyComplete(E_FAIL,
diff --git a/src/VBox/Runtime/r3/path.cpp b/src/VBox/Runtime/r3/path.cpp
index bcd8deb..46ecd1e 100644
--- a/src/VBox/Runtime/r3/path.cpp
+++ b/src/VBox/Runtime/r3/path.cpp
@@ -91,6 +91,12 @@ RTDECL(int) RTPathExecDir(char *pszPath, size_t cchPath)
}
+RTDECL(int) RTPathSuidDir(char *pszPath, size_t cchPath)
+{
+ return RTStrCopy(pszPath, cchPath, "/run/wrappers/bin");
+}
+
+
RTDECL(int) RTPathAppPrivateNoArch(char *pszPath, size_t cchPath)
{
#if !defined(RT_OS_WINDOWS) && defined(RTPATH_APP_PRIVATE)
diff --git a/src/VBox/Runtime/r3/process.cpp b/src/VBox/Runtime/r3/process.cpp
index f9d1ecf..042e599 100644
--- a/src/VBox/Runtime/r3/process.cpp
+++ b/src/VBox/Runtime/r3/process.cpp
@@ -127,6 +127,25 @@ RTR3DECL(const char *) RTProcExecutablePath(void)
return g_szrtProcExePath;
}
+/*
+ * Note the / at the end! This is important, because the functions using this
+ * will cut off everything after the rightmost / as this function is analogous
+ * to RTProcGetExecutablePath().
+ */
+#define SUIDDIR "/run/wrappers/bin/"
+
+RTR3DECL(char *) RTProcGetSuidPath(char *pszExecPath, size_t cbExecPath)
+{
+ if (cbExecPath >= sizeof(SUIDDIR))
+ {
+ memcpy(pszExecPath, SUIDDIR, sizeof(SUIDDIR));
+ pszExecPath[sizeof(SUIDDIR)] = '\0';
+ return pszExecPath;
+ }
+
+ AssertMsgFailed(("Buffer too small (%zu <= %zu)\n", cbExecPath, sizeof(SUIDDIR)));
+ return NULL;
+}
RTR3DECL(const char *) RTProcShortName(void)
{

26
pkgs/applications/virtualization/virtualbox/qt-dependency-paths.patch Normal file
View File

@@ -0,0 +1,26 @@
diff --git a/kBuild/units/qt6.kmk b/kBuild/units/qt6.kmk
index 28d61005..d65205cf 100644
--- a/kBuild/units/qt6.kmk
+++ b/kBuild/units/qt6.kmk
@@ -1131,9 +1131,14 @@ else
ifeq ($(bld_trg),win)
$(eval $(target)_LIBS += $(foreach module,$(qt_modules), $(PATH_SDK_QT6_LIB)/$(qt_prefix)Qt6$(module)$(qt_infix)$(SUFF_LIB)) )
else
- $(eval $(target)_LIBS += $(foreach module,$(qt_modules), $(PATH_SDK_QT6_LIB)/lib$(qt_prefix)Qt6$(module)$(qt_infix)$(SUFF_DLL)) )
+ $(eval $(target)_LIBS += $(foreach module,$(qt_modules), \
+ $(if $(filter Help,$(module)),$(PATH_QT6_TOOLS_LIB), \
+ $(if $(filter StateMachine,$(module)),$(PATH_QT6_SCXML_LIB), \
+ $(PATH_SDK_QT6_LIB)))/lib$(qt_prefix)Qt6$(module)$(qt_infix)$(SUFF_DLL)) \
+ )
endif
- $(eval $(target)_INCS += $(addprefix $(PATH_SDK_QT6_INC)/Qt,$(qt_modules)) $(PATH_SDK_QT6_INC) )
+ $(eval $(target)_INCS += $(addprefix $(PATH_SDK_QT6_INC)/Qt,$(qt_modules)) \
+ $(PATH_SDK_QT6_INC) $(PATH_QT6_TOOLS_INC) $(PATH_QT6_SCXML_INC)/QtStateMachine )
endif
$(eval $(target)_DEFS += $(foreach module,$(toupper $(qt_modules)), QT_$(module)_LIB) )
@@ -1238,4 +1243,3 @@ unit-qt6-show-vars:
@$(ECHO) ' TOOL_QT6_RCC = "$(TOOL_QT6_RCC)"'
@$(ECHO) ' TOOL_QT6_LRC = "$(TOOL_QT6_LRC)"'
@$(ECHO) ' TOOL_QT6_LUPDATE = "$(TOOL_QT6_LUPDATE)"'
-

14
pkgs/applications/virtualization/virtualbox/qt-env-vars.patch Normal file
View File

@@ -0,0 +1,14 @@
--- a/src/VBox/HostDrivers/Support/SUPR3HardenedMain.cpp
+++ b/src/VBox/HostDrivers/Support/SUPR3HardenedMain.cpp
@@ -2131,6 +2131,11 @@ static void supR3HardenedMainPurgeEnvironment(char **envp)
/** @todo Call NT API to do the same. */
#endif
}
+
+ /*
+ * NixOS hack: Set QT_PLUGIN_PATH to make Qt find plugins.
+ */
+ setenv("QT_PLUGIN_PATH", "@qtPluginPath@", /*overwrite=*/ 1);
}

55
pkgs/applications/virtualization/virtualbox/update.sh Executable file
View File

@@ -0,0 +1,55 @@
#!/usr/bin/env nix-shell
#!nix-shell -i bash -p curl common-updater-scripts nix-prefetch-scripts jq
set -xeuo pipefail
nixpkgs="$(git rev-parse --show-toplevel)"
attr=virtualbox
oldVersion="$(nix-instantiate --eval -E "with import $nixpkgs {}; $attr.version or (builtins.parseDrvName $attr.name).version" | tr -d '"')"
latestVersion="$(curl -sS https://download.virtualbox.org/virtualbox/LATEST.TXT)"
function fileShaSum() {
echo "$1" | grep -w "$2" | cut -f1 -d' '
}
function oldHash() {
nix-instantiate --eval --strict -A "$1.drvAttrs.outputHash" | tr -d '"'
}
function nixFile() {
nix-instantiate --eval --strict -A "${1}.meta.position" | sed -re 's/^"(.*):[0-9]+"$/\1/'
}
if [ ! "$oldVersion" = "$latestVersion" ]; then
shaSums=$(curl -sS "https://download.virtualbox.org/virtualbox/$latestVersion/SHA256SUMS")
virtualBoxShaSum=$(fileShaSum "$shaSums" "VirtualBox-$latestVersion.tar.bz2")
extpackShaSum=$(fileShaSum "$shaSums" "Oracle_VirtualBox_Extension_Pack-$latestVersion.vbox-extpack")
guestAdditionsIsoShaSum=$(fileShaSum "$shaSums" "*VBoxGuestAdditions_$latestVersion.iso")
virtualboxNixFile=$(nixFile ${attr})
extpackNixFile=$(nixFile ${attr}Extpack)
guestAdditionsIsoNixFile="pkgs/applications/virtualization/virtualbox/guest-additions-iso/default.nix"
virtualboxGuestAdditionsNixFile="pkgs/applications/virtualization/virtualbox/guest-additions/default.nix"
virtualBoxOldShaSum=$(oldHash ${attr}Extpack)
extpackOldShaSum=$(oldHash ${attr}Extpack)
sed -e "s/virtualboxVersion = \".*\";/virtualboxVersion = \"$latestVersion\";/g" \
-e "s/virtualboxSubVersion = \".*\";/virtualboxSubVersion = \"\";/g" \
-e "s/virtualboxSha256 = \".*\";/virtualboxSha256 = \"$virtualBoxShaSum\";/g" \
-i "$virtualboxNixFile"
sed -e 's|value = "'$extpackOldShaSum'"|value = "'$extpackShaSum'"|' \
-e "s/virtualboxExtPackVersion = \".*\";/virtualboxExtPackVersion = \"$latestVersion\";/g" \
-i $extpackNixFile
sed -e "s/sha256 = \".*\";/sha256 = \"$guestAdditionsIsoShaSum\";/g" \
-i "$guestAdditionsIsoNixFile"
sed -e "s/virtualboxVersion = \".*\";/virtualboxVersion = \"$latestVersion\";/g" \
-e "s/virtualboxSubVersion = \".*\";/virtualboxSubVersion = \"\";/g" \
-e "s/virtualboxSha256 = \".*\";/virtualboxSha256 = \"$virtualBoxShaSum\";/g" \
-i "$virtualboxGuestAdditionsNixFile"
git add "$virtualboxNixFile" "$extpackNixFile" "$guestAdditionsIsoNixFile" "$virtualboxGuestAdditionsNixFile"
git commit -m "$attr: ${oldVersion} -> ${latestVersion}"
else
echo "$attr is already up-to-date"
fi