From 9b1bc3cc1057a2f0a51fea93d426c738581ffbfb Mon Sep 17 00:00:00 2001 From: Jan Tojnar Date: Wed, 12 Jun 2024 23:29:57 +0200 Subject: [PATCH 1/2] munge: Clean up expression & fix license - Format & re-order the expression. - Use finalAttrs pattern. - Fix license according to https://github.com/dun/munge/wiki/License-Info. - Use `lib.getDev` instead of directly using `dev` output. This provides loose coupling in case `dev` output is merged back to `out`. - Add comment to segregate cross-configuration hacks from rest of the configuration flags. They were introduced in faacc88c93086982e2c95708176863f415e03810 and appear to be still necessary to build `pkgsCross.aarch64-multiplatform.munge`. --- pkgs/tools/security/munge/default.nix | 51 +++++++++++++++++++-------- 1 file changed, 36 insertions(+), 15 deletions(-) diff --git a/pkgs/tools/security/munge/default.nix b/pkgs/tools/security/munge/default.nix index 01137be20460..6aed73ef0be3 100644 --- a/pkgs/tools/security/munge/default.nix +++ b/pkgs/tools/security/munge/default.nix @@ -1,42 +1,63 @@ -{ lib, stdenv, fetchFromGitHub, autoreconfHook, libgcrypt, zlib, bzip2 }: +{ + lib, + stdenv, + fetchFromGitHub, + autoreconfHook, + libgcrypt, + zlib, + bzip2, +}: -stdenv.mkDerivation rec { +stdenv.mkDerivation (finalAttrs: { pname = "munge"; version = "0.5.16"; src = fetchFromGitHub { owner = "dun"; repo = "munge"; - rev = "${pname}-${version}"; + rev = "munge-${finalAttrs.version}"; sha256 = "sha256-fv42RMUAP8Os33/iHXr70i5Pt2JWZK71DN5vFI3q7Ak="; }; - strictDeps = true; nativeBuildInputs = [ autoreconfHook libgcrypt # provides libgcrypt.m4 ]; - buildInputs = [ libgcrypt zlib bzip2 ]; + + buildInputs = [ + libgcrypt + zlib + bzip2 + ]; + + strictDeps = true; + + configureFlags = [ + "--localstatedir=/var" + + # Cross-compilation hacks + "--with-libgcrypt-prefix=${lib.getDev libgcrypt}" + # workaround for cross compilation: https://github.com/dun/munge/issues/103 + "ac_cv_file__dev_spx=no" + "x_ac_cv_check_fifo_recvfd=no" + ]; preAutoreconf = '' # Remove the install-data stuff, since it tries to write to /var substituteInPlace src/Makefile.am --replace "etc \\" "\\" ''; - configureFlags = [ - "--localstatedir=/var" - "--with-libgcrypt-prefix=${libgcrypt.dev}" - # workaround for cross compilation: https://github.com/dun/munge/issues/103 - "ac_cv_file__dev_spx=no" - "x_ac_cv_check_fifo_recvfd=no" - ]; - meta = with lib; { description = '' An authentication service for creating and validating credentials ''; - license = licenses.lgpl3; + license = [ + # MUNGE + licenses.gpl3Plus + # libmunge + licenses.lgpl3Plus + ]; platforms = platforms.unix; maintainers = [ maintainers.rickynils ]; }; -} +}) From 2660d70e024feeb7abcfeb08b4978ae0847ebf67 Mon Sep 17 00:00:00 2001 From: Jan Tojnar Date: Wed, 12 Jun 2024 23:40:31 +0200 Subject: [PATCH 2/2] munge: Fix installation paths MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Removing `src/etc/Makefile` is overly intrusive, as the file is responsible for installing pkg-config file. The issue when it would try to write to the specified out-of-store paths can be easily resolved by overriding them to ones within `$out` during installation. Also set `sysconfdir` path properly to allow configuring it with `environment.etc`. There should be no problem with missing files, as nothing was installed to `$out/etc` previously either, other than an empty `munge` directory. `localstatedir` is used at runtime and installation creates empty directories in `$out`. But since we do not merge those directories into running system, having them in `$out` serves no purpose. Creation of `StateDir` and logging is handled by systemd anyway. `runstatedir` defaults to `$(localstatedir)/run` but that has long been deprecated in favour of `/run`, so let’s fix that as well. `pkgconfigdir` and `sysconfigdir` (not to be confused with the standard `sysconfdir`) rely on FHS for proper detection and `systemdunitdir` tries to run `systemd --version`, let’s just hardcode them. `sysconfigdir` is mentioned in the newly installed and currently unused `munge.service` – a file within is loaded as `EnvironmentFile` when it exists so let’s override the path for installation. This will again make it so the file can serve as a template in `$out` but the service will load it from `/etc`. The last two options are installation-only so we can directly set them to `$out` subdirectories. --- pkgs/tools/security/munge/default.nix | 21 ++++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/security/munge/default.nix b/pkgs/tools/security/munge/default.nix index 6aed73ef0be3..f21a9e17add3 100644 --- a/pkgs/tools/security/munge/default.nix +++ b/pkgs/tools/security/munge/default.nix @@ -33,7 +33,15 @@ stdenv.mkDerivation (finalAttrs: { strictDeps = true; configureFlags = [ + # Load data from proper global paths "--localstatedir=/var" + "--sysconfdir=/etc" + "--runstatedir=/run" + "--with-sysconfigdir=/etc/default" + + # Install data to proper directories + "--with-pkgconfigdir=${placeholder "out"}/lib/pkgconfig" + "--with-systemdunitdir=${placeholder "out"}/lib/systemd/system" # Cross-compilation hacks "--with-libgcrypt-prefix=${lib.getDev libgcrypt}" @@ -42,9 +50,16 @@ stdenv.mkDerivation (finalAttrs: { "x_ac_cv_check_fifo_recvfd=no" ]; - preAutoreconf = '' - # Remove the install-data stuff, since it tries to write to /var - substituteInPlace src/Makefile.am --replace "etc \\" "\\" + installFlags = [ + "localstatedir=${placeholder "out"}/var" + "runstatedir=${placeholder "out"}/run" + "sysconfdir=${placeholder "out"}/etc" + "sysconfigdir=${placeholder "out"}/etc/default" + ]; + + postInstall = '' + # rmdir will notify us if anything new is installed to the directories. + rmdir "$out"/{var{/{lib,log}{/munge,},},etc/munge} ''; meta = with lib; {