public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

chromium: Split off sandbox from the browser.

Browse Source 
Now, we no longer tie the sandbox directly to the browser derivation but
wrap everything together into one derivation at the entry point at
default.nix.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This commit is contained in:
aszlig 2014-03-22 17:05:14 +01:00
parent c86d376c82
commit 5021717099
No known key found for this signature in database
GPG Key ID: D0EBD0EC8C2DC961
3 changed files with 28 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
pkgs/applications/networking/browsers/chromium/browser.nix
View File

@ -1,4 +1,4 @@
{ stdenv, fetchurl, makeWrapper, ninja, which { stdenv, fetchurl, ninja, which
# default dependencies # default dependencies
, bzip2, flac, speex, icu, libopus , bzip2, flac, speex, icu, libopus
@ -81,26 +81,19 @@ let
libusb1 libexif libusb1 libexif
]; ];
sandbox = import ./sandbox.nix {
inherit stdenv;
src = source.sandbox;
binary = "${packageName}_sandbox";
};
# build paths and release info # build paths and release info
packageName = "chromium"; packageName = "chromium";
buildType = "Release"; buildType = "Release";
buildPath = "out/${buildType}"; buildPath = "out/${buildType}";
libExecPath = "$out/libexec/${packageName}"; libExecPath = "$out/libexec/${packageName}";
sandboxPath = "${sandbox}/bin/${packageName}_sandbox";
in stdenv.mkDerivation rec { in stdenv.mkDerivation rec {
name = "${packageName}-${source.version}"; name = "${packageName}-browser-${source.version}";
inherit packageName; inherit packageName;
src = source; src = source;
buildInputs = defaultDependencies ++ [ buildInputs = defaultDependencies ++ [
which makeWrapper which
python perl pkgconfig python perl pkgconfig
nspr udev nspr udev
(if useOpenSSL then openssl else nss) (if useOpenSSL then openssl else nss)
@ -228,8 +221,7 @@ in stdenv.mkDerivation rec {
postPatch = '' postPatch = ''
sed -i -e '/base::FilePath exe_dir/,/^ *} *$/c \ sed -i -e '/base::FilePath exe_dir/,/^ *} *$/c \
sandbox_binary = \ sandbox_binary = base::FilePath(getenv("CHROMIUM_SANDBOX_BINARY_PATH"));
base::FilePath("'"${sandboxPath}"'");
' content/browser/browser_main_loop.cc ' content/browser/browser_main_loop.cc
''; '';
@ -245,7 +237,6 @@ in stdenv.mkDerivation rec {
use_openssl = useOpenSSL; use_openssl = useOpenSSL;
selinux = enableSELinux; selinux = enableSELinux;
use_cups = cupsSupport; use_cups = cupsSupport;
linux_sandbox_path="${sandboxPath}";
linux_sandbox_chrome_path="${libExecPath}/${packageName}"; linux_sandbox_chrome_path="${libExecPath}/${packageName}";
werror = ""; werror = "";
@ -281,7 +272,7 @@ in stdenv.mkDerivation rec {
LINK_host="${CXX}" \ LINK_host="${CXX}" \
"${ninja}/bin/ninja" -C "${buildPath}" \ "${ninja}/bin/ninja" -C "${buildPath}" \
-j$NIX_BUILD_CORES -l$NIX_BUILD_CORES \ -j$NIX_BUILD_CORES -l$NIX_BUILD_CORES \
chrome ${optionalString (!enableSELinux) "chrome_sandbox"} chrome
''; '';
installPhase = '' installPhase = ''
@ -295,10 +286,6 @@ in stdenv.mkDerivation rec {
cp -v "${buildPath}/chrome" "${libExecPath}/${packageName}" cp -v "${buildPath}/chrome" "${libExecPath}/${packageName}"
mkdir -vp "$out/bin"
makeWrapper "${libExecPath}/${packageName}" "$out/bin/${packageName}" \
--add-flags "${plugins.flagsEnabled}"
mkdir -vp "$out/share/man/man1" mkdir -vp "$out/share/man/man1"
cp -v "${buildPath}/chrome.1" "$out/share/man/man1/${packageName}.1" cp -v "${buildPath}/chrome.1" "$out/share/man/man1/${packageName}.1"
@ -313,10 +300,6 @@ in stdenv.mkDerivation rec {
done done
''; '';
passthru = {
inherit sandbox;
};
meta = { meta = {
description = "An open source web browser from Google"; description = "An open source web browser from Google";
homepage = http://www.chromium.org/; homepage = http://www.chromium.org/;

21
pkgs/applications/networking/browsers/chromium/default.nix
View File

@ -1,4 +1,4 @@
{ newScope { newScope, stdenv, makeWrapper
# package customization # package customization
, channel ? "stable" , channel ? "stable"
@ -30,9 +30,26 @@ let
pulseSupport; pulseSupport;
}; };
sandbox = callPackage ./sandbox.nix { };
plugins = callPackage ./plugins.nix { plugins = callPackage ./plugins.nix {
inherit enablePepperFlash enablePepperPDF; inherit enablePepperFlash enablePepperPDF;
}; };
}; };
in chromium.browser in stdenv.mkDerivation {
name = "chromium-${channel}-${chromium.source.version}";
buildInputs = [ makeWrapper ];
buildCommand = let
browserBinary = "${chromium.browser}/libexec/chromium/chromium";
sandboxBinary = "${chromium.sandbox}/bin/chromium-sandbox";
in ''
ensureDir "$out/bin"
ln -s "${chromium.browser}/share" "$out/share"
makeWrapper "${browserBinary}" "$out/bin/chromium" \
--set CHROMIUM_SANDBOX_BINARY_PATH "${sandboxBinary}" \
--add-flags "${chromium.plugins.flagsEnabled}"
'';
}

8
pkgs/applications/networking/browsers/chromium/sandbox.nix
View File

@ -1,8 +1,8 @@
{ stdenv, src, binary }: { stdenv, source }:
stdenv.mkDerivation { stdenv.mkDerivation {
name = "chromium-sandbox-${src.version}"; name = "chromium-sandbox-${source.version}";
inherit src; src = source.sandbox;
patchPhase = '' patchPhase = ''
sed -i -e '/#include.*base_export/c \ sed -i -e '/#include.*base_export/c \
@ -15,6 +15,6 @@ stdenv.mkDerivation {
''; '';
installPhase = '' installPhase = ''
install -svD sandbox "$out/bin/${binary}" install -svD sandbox "$out/bin/chromium-sandbox"
''; '';
} }