2016-03-21 03:06:19 +01:00
|
|
|
|
{ stdenv, fetchurl, fetchpatch, autoreconfHook, pkgconfig, perl, docbook2x
|
2015-08-01 02:08:04 +02:00
|
|
|
|
, docbook_xml_dtd_45, python3Packages
|
|
|
|
|
|
|
|
|
|
# Optional Dependencies
|
|
|
|
|
, libapparmor ? null, gnutls ? null, libselinux ? null, libseccomp ? null
|
|
|
|
|
, cgmanager ? null, libnih ? null, dbus ? null, libcap ? null, systemd ? null
|
2013-10-03 17:08:56 +02:00
|
|
|
|
}:
|
2010-10-26 23:11:47 +02:00
|
|
|
|
|
2015-03-27 01:54:25 +01:00
|
|
|
|
let
|
|
|
|
|
enableCgmanager = cgmanager != null && libnih != null && dbus != null;
|
|
|
|
|
in
|
|
|
|
|
with stdenv.lib;
|
2012-10-20 12:10:28 +02:00
|
|
|
|
stdenv.mkDerivation rec {
|
2015-11-01 13:08:56 +01:00
|
|
|
|
name = "lxc-${version}";
|
2017-02-02 18:53:45 +01:00
|
|
|
|
version = "2.0.7";
|
2010-10-26 23:11:47 +02:00
|
|
|
|
|
2015-11-01 13:08:56 +01:00
|
|
|
|
src = fetchurl {
|
|
|
|
|
url = "https://linuxcontainers.org/downloads/lxc/lxc-${version}.tar.gz";
|
2017-02-02 18:53:45 +01:00
|
|
|
|
sha256 = "0paz0lgb9dzpgahysad1cr6gz54l6xyhqdx6dzw2kh3fy1sw028w";
|
2010-10-26 23:11:47 +02:00
|
|
|
|
};
|
|
|
|
|
|
2015-08-01 02:08:04 +02:00
|
|
|
|
nativeBuildInputs = [
|
|
|
|
|
autoreconfHook pkgconfig perl docbook2x python3Packages.wrapPython
|
|
|
|
|
];
|
2015-03-27 01:54:25 +01:00
|
|
|
|
buildInputs = [
|
2015-08-01 02:08:04 +02:00
|
|
|
|
libapparmor gnutls libselinux libseccomp cgmanager libnih dbus libcap
|
|
|
|
|
python3Packages.python systemd
|
2015-03-27 01:54:25 +01:00
|
|
|
|
];
|
2011-09-23 13:16:10 +02:00
|
|
|
|
|
2016-03-21 03:06:19 +01:00
|
|
|
|
patches = [
|
|
|
|
|
./support-db2x.patch
|
2017-03-11 07:09:51 +01:00
|
|
|
|
(fetchurl {
|
|
|
|
|
name = "CVE-2017-5985.patch";
|
|
|
|
|
url = "https://github.com/lxc/lxc/commit/d512bd5efb0e407eba350c4e649c464a65b712a3.patch";
|
|
|
|
|
sha256 = "0v1rhlfviadsxj2wmbl7nqb64p6y2bxm9y43sc44jg3k6mkr0r5c";
|
|
|
|
|
})
|
2016-03-21 03:06:19 +01:00
|
|
|
|
];
|
2011-09-26 10:12:10 +02:00
|
|
|
|
|
2015-03-27 01:54:25 +01:00
|
|
|
|
XML_CATALOG_FILES = "${docbook_xml_dtd_45}/xml/dtd/docbook/catalog.xml";
|
2010-10-26 23:11:47 +02:00
|
|
|
|
|
2017-02-24 13:39:19 +01:00
|
|
|
|
# FIXME
|
|
|
|
|
# glibc 2.25 moved major()/minor() to <sys/sysmacros.h>.
|
|
|
|
|
# this commit should detect this: https://github.com/lxc/lxc/pull/1388/commits/af6824fce9c9536fbcabef8d5547f6c486f55fdf
|
|
|
|
|
# However autotools checks if mkdev is still defined in <sys/types.h> runs before
|
|
|
|
|
# checking if major()/minor() is defined there. The mkdev check succeeds with
|
|
|
|
|
# a warning and the check which should set MAJOR_IN_SYSMACROS is skipped.
|
|
|
|
|
NIX_CFLAGS_COMPILE = [ "-DMAJOR_IN_SYSMACROS" ];
|
|
|
|
|
|
2013-04-15 11:15:55 +02:00
|
|
|
|
configureFlags = [
|
|
|
|
|
"--localstatedir=/var"
|
2015-03-27 01:54:25 +01:00
|
|
|
|
"--sysconfdir=/etc"
|
2015-08-01 02:08:04 +02:00
|
|
|
|
"--disable-api-docs"
|
2015-12-16 13:11:24 +01:00
|
|
|
|
"--with-init-script=none"
|
|
|
|
|
"--with-distro=nixos" # just to be sure it is "unknown"
|
2015-03-27 01:54:25 +01:00
|
|
|
|
] ++ optional (libapparmor != null) "--enable-apparmor"
|
2015-08-01 02:08:04 +02:00
|
|
|
|
++ optional (libselinux != null) "--enable-selinux"
|
2015-03-27 01:54:25 +01:00
|
|
|
|
++ optional (libseccomp != null) "--enable-seccomp"
|
|
|
|
|
++ optional (libcap != null) "--enable-capabilities"
|
|
|
|
|
++ [
|
2015-08-01 02:08:04 +02:00
|
|
|
|
"--disable-examples"
|
|
|
|
|
"--enable-python"
|
|
|
|
|
"--disable-lua"
|
|
|
|
|
"--enable-bash"
|
|
|
|
|
(if doCheck then "--enable-tests" else "--disable-tests")
|
|
|
|
|
"--with-rootfs-path=/var/lib/lxc/rootfs"
|
2013-04-15 11:15:55 +02:00
|
|
|
|
];
|
2011-05-08 20:46:55 +02:00
|
|
|
|
|
2015-08-01 02:08:04 +02:00
|
|
|
|
doCheck = false;
|
|
|
|
|
|
2015-05-20 08:48:55 +02:00
|
|
|
|
installFlags = [
|
|
|
|
|
"localstatedir=\${TMPDIR}"
|
|
|
|
|
"sysconfdir=\${out}/etc"
|
|
|
|
|
"sysconfigdir=\${out}/etc/default"
|
2016-11-28 13:47:46 +01:00
|
|
|
|
"bashcompdir=\${out}/share/bash-completion/completions"
|
2015-05-20 08:48:55 +02:00
|
|
|
|
"READMEdir=\${TMPDIR}/var/lib/lxc/rootfs"
|
|
|
|
|
"LXCPATH=\${TMPDIR}/var/lib/lxc"
|
|
|
|
|
];
|
2015-03-27 01:54:25 +01:00
|
|
|
|
|
2015-08-01 02:08:04 +02:00
|
|
|
|
postInstall = ''
|
|
|
|
|
wrapPythonPrograms
|
|
|
|
|
'';
|
2015-05-17 12:50:01 +02:00
|
|
|
|
|
2010-10-26 23:11:47 +02:00
|
|
|
|
meta = {
|
2011-09-26 10:12:10 +02:00
|
|
|
|
homepage = "http://lxc.sourceforge.net";
|
2016-06-20 12:53:46 +02:00
|
|
|
|
description = "Userspace tools for Linux Containers, a lightweight virtualization system";
|
2015-03-27 01:54:25 +01:00
|
|
|
|
license = licenses.lgpl21Plus;
|
2011-09-26 10:12:10 +02:00
|
|
|
|
|
|
|
|
|
longDescription = ''
|
|
|
|
|
LXC is the userspace control package for Linux Containers, a
|
|
|
|
|
lightweight virtual system mechanism sometimes described as
|
|
|
|
|
"chroot on steroids". LXC builds up from chroot to implement
|
|
|
|
|
complete virtual systems, adding resource management and isolation
|
|
|
|
|
mechanisms to Linux’s existing process management infrastructure.
|
|
|
|
|
'';
|
|
|
|
|
|
2015-03-27 01:54:25 +01:00
|
|
|
|
platforms = platforms.linux;
|
2016-05-16 22:30:20 +02:00
|
|
|
|
maintainers = with maintainers; [ wkennington globin fpletz ];
|
2010-10-26 23:11:47 +02:00
|
|
|
|
};
|
|
|
|
|
}
|