nixpkgs/pkgs/os-specific/linux/lxc/default.nix

100 lines
3.3 KiB
Nix
Raw Normal View History

{ stdenv, fetchurl, fetchpatch, autoreconfHook, pkgconfig, perl, docbook2x
2015-08-01 02:08:04 +02:00
, docbook_xml_dtd_45, python3Packages
# Optional Dependencies
, libapparmor ? null, gnutls ? null, libselinux ? null, libseccomp ? null
, cgmanager ? null, libnih ? null, dbus ? null, libcap ? null, systemd ? null
}:
2015-03-27 01:54:25 +01:00
let
enableCgmanager = cgmanager != null && libnih != null && dbus != null;
in
with stdenv.lib;
stdenv.mkDerivation rec {
name = "lxc-${version}";
2017-02-02 18:53:45 +01:00
version = "2.0.7";
src = fetchurl {
url = "https://linuxcontainers.org/downloads/lxc/lxc-${version}.tar.gz";
2017-02-02 18:53:45 +01:00
sha256 = "0paz0lgb9dzpgahysad1cr6gz54l6xyhqdx6dzw2kh3fy1sw028w";
};
2015-08-01 02:08:04 +02:00
nativeBuildInputs = [
autoreconfHook pkgconfig perl docbook2x python3Packages.wrapPython
];
2015-03-27 01:54:25 +01:00
buildInputs = [
2015-08-01 02:08:04 +02:00
libapparmor gnutls libselinux libseccomp cgmanager libnih dbus libcap
python3Packages.python systemd
2015-03-27 01:54:25 +01:00
];
patches = [
./support-db2x.patch
2017-03-11 07:09:51 +01:00
(fetchurl {
name = "CVE-2017-5985.patch";
url = "https://github.com/lxc/lxc/commit/d512bd5efb0e407eba350c4e649c464a65b712a3.patch";
sha256 = "0v1rhlfviadsxj2wmbl7nqb64p6y2bxm9y43sc44jg3k6mkr0r5c";
})
];
2015-03-27 01:54:25 +01:00
XML_CATALOG_FILES = "${docbook_xml_dtd_45}/xml/dtd/docbook/catalog.xml";
2017-02-24 13:39:19 +01:00
# FIXME
# glibc 2.25 moved major()/minor() to <sys/sysmacros.h>.
# this commit should detect this: https://github.com/lxc/lxc/pull/1388/commits/af6824fce9c9536fbcabef8d5547f6c486f55fdf
# However autotools checks if mkdev is still defined in <sys/types.h> runs before
# checking if major()/minor() is defined there. The mkdev check succeeds with
# a warning and the check which should set MAJOR_IN_SYSMACROS is skipped.
NIX_CFLAGS_COMPILE = [ "-DMAJOR_IN_SYSMACROS" ];
2013-04-15 11:15:55 +02:00
configureFlags = [
"--localstatedir=/var"
2015-03-27 01:54:25 +01:00
"--sysconfdir=/etc"
2015-08-01 02:08:04 +02:00
"--disable-api-docs"
"--with-init-script=none"
"--with-distro=nixos" # just to be sure it is "unknown"
2015-03-27 01:54:25 +01:00
] ++ optional (libapparmor != null) "--enable-apparmor"
2015-08-01 02:08:04 +02:00
++ optional (libselinux != null) "--enable-selinux"
2015-03-27 01:54:25 +01:00
++ optional (libseccomp != null) "--enable-seccomp"
++ optional (libcap != null) "--enable-capabilities"
++ [
2015-08-01 02:08:04 +02:00
"--disable-examples"
"--enable-python"
"--disable-lua"
"--enable-bash"
(if doCheck then "--enable-tests" else "--disable-tests")
"--with-rootfs-path=/var/lib/lxc/rootfs"
2013-04-15 11:15:55 +02:00
];
2015-08-01 02:08:04 +02:00
doCheck = false;
2015-05-20 08:48:55 +02:00
installFlags = [
"localstatedir=\${TMPDIR}"
"sysconfdir=\${out}/etc"
"sysconfigdir=\${out}/etc/default"
"bashcompdir=\${out}/share/bash-completion/completions"
2015-05-20 08:48:55 +02:00
"READMEdir=\${TMPDIR}/var/lib/lxc/rootfs"
"LXCPATH=\${TMPDIR}/var/lib/lxc"
];
2015-03-27 01:54:25 +01:00
2015-08-01 02:08:04 +02:00
postInstall = ''
wrapPythonPrograms
'';
2015-05-17 12:50:01 +02:00
meta = {
homepage = "http://lxc.sourceforge.net";
description = "Userspace tools for Linux Containers, a lightweight virtualization system";
2015-03-27 01:54:25 +01:00
license = licenses.lgpl21Plus;
longDescription = ''
LXC is the userspace control package for Linux Containers, a
lightweight virtual system mechanism sometimes described as
"chroot on steroids". LXC builds up from chroot to implement
complete virtual systems, adding resource management and isolation
mechanisms to Linuxs existing process management infrastructure.
'';
2015-03-27 01:54:25 +01:00
platforms = platforms.linux;
maintainers = with maintainers; [ wkennington globin fpletz ];
};
}