diff --git a/nixos/modules/services/system/kerberos.nix b/nixos/modules/services/system/kerberos.nix index d151385d2f9..e2c45ed64ac 100644 --- a/nixos/modules/services/system/kerberos.nix +++ b/nixos/modules/services/system/kerberos.nix @@ -42,7 +42,7 @@ in protocol = "tcp"; user = "root"; server = "${pkgs.tcp_wrappers}/bin/tcpd"; - serverArgs = "${pkgs.heimdalFull}/bin/kadmind"; + serverArgs = "${pkgs.heimdalFull}/libexec/heimdal/kadmind"; }; systemd.services.kdc = { @@ -51,13 +51,13 @@ in preStart = '' mkdir -m 0755 -p ${stateDir} ''; - script = "${heimdalFull}/bin/kdc"; + script = "${heimdalFull}/libexec/heimdal/kdc"; }; systemd.services.kpasswdd = { description = "Kerberos Password Changing daemon"; wantedBy = [ "multi-user.target" ]; - script = "${heimdalFull}/bin/kpasswdd"; + script = "${heimdalFull}/libexec/heimdal/kpasswdd"; }; }; diff --git a/pkgs/development/libraries/kerberos/heimdal.nix b/pkgs/development/libraries/kerberos/heimdal.nix index 24adb2a141e..5b92458d89e 100644 --- a/pkgs/development/libraries/kerberos/heimdal.nix +++ b/pkgs/development/libraries/kerberos/heimdal.nix @@ -2,16 +2,11 @@ , texinfo, perlPackages , openldap, libcap_ng, sqlite, openssl, db, libedit, pam , CoreFoundation, Security, SystemConfiguration -# Extra Args -, type ? "" }: -let - libOnly = type == "lib"; -in with stdenv.lib; stdenv.mkDerivation rec { - name = "${type}heimdal-${version}"; + name = "heimdal-${version}"; version = "7.5.0"; src = fetchFromGitHub { @@ -21,28 +16,31 @@ stdenv.mkDerivation rec { sha256 = "1j38wjj4k0q8vx168k3d3k0fwa8j1q5q8f2688nnx1b9qgjd6w1d"; }; + outputs = [ "out" "dev" "man" "info" ]; + patches = [ ./heimdal-make-missing-headers.patch ]; - nativeBuildInputs = [ autoreconfHook pkgconfig python2 perl yacc flex ] - ++ (with perlPackages; [ JSON ]) - ++ optional (!libOnly) texinfo; + nativeBuildInputs = [ autoreconfHook pkgconfig python2 perl yacc flex texinfo ] + ++ (with perlPackages; [ JSON ]); buildInputs = optionals (stdenv.isLinux) [ libcap_ng ] - ++ [ db sqlite openssl libedit ] - ++ optionals (stdenv.isDarwin) [ CoreFoundation Security SystemConfiguration ] - ++ optionals (!libOnly) [ openldap pam ]; + ++ [ db sqlite openssl libedit openldap pam] + ++ optionals (stdenv.isDarwin) [ CoreFoundation Security SystemConfiguration ]; ## ugly, X should be made an option configureFlags = [ "--sysconfdir=/etc" "--localstatedir=/var" + "--infodir=$info/share/info" "--enable-hdb-openldap-module" "--with-sqlite3=${sqlite.dev}" - "--with-libedit=${libedit}" + + # ugly, --with-libedit is not enought, it fall back to bundled libedit + "--with-libedit-include=${libedit.dev}/include" + "--with-libedit-lib=${libedit}/lib" "--with-openssl=${openssl.dev}" "--without-x" "--with-berkeley-db" "--with-berkeley-db-include=${db.dev}/include" - ] ++ optionals (!libOnly) [ "--with-openldap=${openldap.dev}" ] ++ optionals (stdenv.isLinux) [ "--with-capng" @@ -50,24 +48,17 @@ stdenv.mkDerivation rec { postUnpack = '' sed -i '/^DEFAULT_INCLUDES/ s,$, -I..,' source/cf/Makefile.am.common + sed -i -e 's/date/date --date="@$SOURCE_DATE_EPOCH"/' source/configure.ac ''; - buildPhase = optionalString libOnly '' - (cd include; make -j $NIX_BUILD_CORES) - (cd lib; make -j $NIX_BUILD_CORES) - (cd tools; make -j $NIX_BUILD_CORES) - (cd include/hcrypto; make -j $NIX_BUILD_CORES) - (cd lib/hcrypto; make -j $NIX_BUILD_CORES) - ''; - - installPhase = optionalString libOnly '' - (cd include; make -j $NIX_BUILD_CORES install) - (cd lib; make -j $NIX_BUILD_CORES install) - (cd tools; make -j $NIX_BUILD_CORES install) - (cd include/hcrypto; make -j $NIX_BUILD_CORES install) - (cd lib/hcrypto; make -j $NIX_BUILD_CORES install) - rm -rf $out/{libexec,sbin,share} - find $out/bin -type f | grep -v 'krb5-config' | xargs rm + preConfigure = '' + configureFlagsArray+=( + "--bindir=$out/bin" + "--sbindir=$out/sbin" + "--libexecdir=$out/libexec/heimdal" + "--mandir=$man/share/man" + "--infodir=$man/share/info" + "--includedir=$dev/include") ''; # We need to build hcrypt for applications like samba @@ -81,9 +72,15 @@ stdenv.mkDerivation rec { (cd include/hcrypto; make -j $NIX_BUILD_CORES install) (cd lib/hcrypto; make -j $NIX_BUILD_CORES install) - # Doesn't succeed with --libexec=$out/sbin, so - mv "$out/libexec/"* $out/sbin/ - rmdir $out/libexec + # Do we need it? + rm $out/bin/su + + mkdir -p $dev/bin + mv $out/bin/krb5-config $dev/bin/ + + # asn1 compilers, move them to $dev + mv $out/libexec/heimdal/heimdal/* $dev/bin + rmdir $out/libexec/heimdal/heimdal ''; # Issues with hydra diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index f563f0dfe24..e3d59a5e6a9 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -9841,7 +9841,7 @@ with pkgs; heimdal = callPackage ../development/libraries/kerberos/heimdal.nix { inherit (darwin.apple_sdk.frameworks) CoreFoundation Security SystemConfiguration; }; - libheimdal = heimdal.override { type = "lib"; }; + libheimdal = heimdal; harfbuzz = callPackage ../development/libraries/harfbuzz { inherit (darwin.apple_sdk.frameworks) ApplicationServices CoreText;