ghostfox/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

push sheeet
Some checks failed
Periodic Merges (6h) / master → staging-nixos (push) Failing after 12m50s
Details
Periodic Merges (6h) / master → staging-next (push) Failing after 12m54s
Details
Periodic Merges (24h) / merge-base(master,staging) → haskell-updates (push) Failing after 11m54s
Details
Periodic Merges (6h) / staging-next → staging (push) Failing after 12m13s
Details
Periodic Merges (24h) / staging-next-25.05 → staging-25.05 (push) Failing after 13m24s
Details
Periodic Merges (24h) / release-25.05 → staging-next-25.05 (push) Failing after 14m28s
Details

Browse Source
This commit is contained in:
Dark Steveneq
2025-10-09 14:15:47 +02:00
commit 646b892680
49168 changed files with 5897842 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
pkgs/by-name/co/coturn/dont-call-setgroups-unconditionally.patch Normal file
View File

@@ -0,0 +1,46 @@
From 1b5da9c7c5423eed7a567a02e66c244705116724 Mon Sep 17 00:00:00 2001
From: networkException <git@nwex.de>
Date: Thu, 30 May 2024 02:07:04 +0200
Subject: [PATCH] Don't call `setgroups` unconditionally in mainrelay
This patch moves the call to `setgroups` from the beginning of the
`drop_priviliges` function to branch in which `setuid` is actually
called. This still fulfills the intention of
acbf7e15c9290e0891a6b6b5ce6e81bbaa77ce5a, initially introducting
the call to `setgroups`:
> Fix related to POS36-C and rpmlint error
> "missing-call-to-setgroups-before-setuid".
As per this intention is is not required to call `setgroups`
otherwise, reducing the more exotic (as in not part of POSIX and
considered priviliged by systemd) system calls coturn needs to make
at startup.
---
src/apps/relay/mainrelay.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/src/apps/relay/mainrelay.c b/src/apps/relay/mainrelay.c
index cf370ec8a..56eaf82d0 100644
--- a/src/apps/relay/mainrelay.c
+++ b/src/apps/relay/mainrelay.c
@@ -2913,7 +2913,6 @@ static void drop_privileges(void) {
#if defined(WINDOWS)
// TODO: implement it!!!
#else
- setgroups(0, NULL);
if (procgroupid_set) {
if (getgid() != procgroupid) {
if (setgid(procgroupid) != 0) {
@@ -2929,6 +2928,11 @@ static void drop_privileges(void) {
if (procuserid_set) {
if (procuserid != getuid()) {
+ if (setgroups(0, NULL) != 0) {
+ perror("setgroups: Unable drop supplementary groups");
+ exit(-1);
+ }
+
if (setuid(procuserid) != 0) {
perror("setuid: Unable to change user privileges");
exit(-1);

72
pkgs/by-name/co/coturn/package.nix Normal file
View File

@@ -0,0 +1,72 @@
{
lib,
stdenv,
fetchFromGitHub,
openssl,
libevent,
pkg-config,
libprom,
libmicrohttpd,
sqlite,
nixosTests,
systemdMinimal,
}:
stdenv.mkDerivation rec {
pname = "coturn";
version = "4.7.0";
src = fetchFromGitHub {
owner = "coturn";
repo = "coturn";
tag = version;
hash = "sha256-nvImelAvcbHpv6JTxX+sKpldVXG6u9Biu+VDt95r9I4=";
};
nativeBuildInputs = [
pkg-config
];
buildInputs = [
openssl
(libevent.override { inherit openssl; })
libprom
libmicrohttpd
sqlite.dev
]
++ lib.optionals (lib.meta.availableOn stdenv.hostPlatform systemdMinimal) [
systemdMinimal
];
patches = [
./pure-configure.patch
# Don't call setgroups unconditionally in mainrelay
# https://github.com/coturn/coturn/pull/1508
./dont-call-setgroups-unconditionally.patch
];
configureFlags = [
# don't install examples due to broken symlinks
"--examplesdir=.."
];
# Workaround build failure on -fno-common toolchains like upstream
# gcc-10. Otherwise build fails as:
# ld: ...-libprom-0.1.1/include/prom_collector_registry.h:37: multiple definition of
# `PROM_COLLECTOR_REGISTRY_DEFAULT'; ...-libprom-0.1.1/include/prom_collector_registry.h:37: first defined here
# Should be fixed in libprom-1.2.0 and later: https://github.com/digitalocean/prometheus-client-c/pull/25
env.NIX_CFLAGS_COMPILE = "-fcommon";
passthru.tests.coturn = nixosTests.coturn;
meta = {
description = "TURN server";
homepage = "https://coturn.net/";
changelog = "https://github.com/coturn/coturn/blob/${version}/ChangeLog";
license = with lib.licenses; [ bsd3 ];
platforms = lib.platforms.all;
maintainers = with lib.maintainers; [ _0x4A6F ];
broken = stdenv.hostPlatform.isDarwin; # 2018-10-21
};
}

17
pkgs/by-name/co/coturn/pure-configure.patch Normal file
View File

@@ -0,0 +1,17 @@
diff --git a/configure b/configure
index 28a0625..ea25488 100755
--- a/configure
+++ b/configure
@@ -624,12 +624,6 @@ fi
TMPDIR="."
-if [ -d /var/tmp ] ; then
- TMPDIR="/var/tmp"
-elif [ -d /tmp ] ; then
- TMPDIR=/tmp
-fi
-
${ECHO_CMD} Use TMP dir ${TMPDIR}
#########################