From a79c8da189ec590939d7fdf8d141b39275e5ecf9 Mon Sep 17 00:00:00 2001 From: bootstrap-prime Date: Tue, 28 Jun 2022 13:08:50 -0400 Subject: [PATCH 1/7] libfido2: 1.10.0 -> 1.11.0 --- pkgs/development/libraries/libfido2/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/libfido2/default.nix b/pkgs/development/libraries/libfido2/default.nix index e5d6d1c7c679..fb08aac071b4 100644 --- a/pkgs/development/libraries/libfido2/default.nix +++ b/pkgs/development/libraries/libfido2/default.nix @@ -12,12 +12,12 @@ stdenv.mkDerivation rec { pname = "libfido2"; - version = "1.10.0"; + version = "1.11.0"; # releases on https://developers.yubico.com/libfido2/Releases/ are signed src = fetchurl { url = "https://developers.yubico.com/${pname}/Releases/${pname}-${version}.tar.gz"; - sha256 = "sha256-Um79PVavcGwF0J89IfGO47CxWsDB9cXaGsvCfCcwuZs="; + sha256 = "sha256-CDDFhT47RAmalxZuDOxUpltUt/qqwHBxhy93uOTXswI="; }; nativeBuildInputs = [ cmake pkg-config ]; From 56d0dd7fc421e021a4df3f28e8ee1e3fe4cf1631 Mon Sep 17 00:00:00 2001 From: bootstrap-prime Date: Sun, 3 Jul 2022 17:11:08 -0400 Subject: [PATCH 2/7] polkit: use systemdMinimal to avoid dep cycle --- pkgs/development/libraries/polkit/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/polkit/default.nix b/pkgs/development/libraries/polkit/default.nix index 78daac0ba1c2..163e3bb9965c 100644 --- a/pkgs/development/libraries/polkit/default.nix +++ b/pkgs/development/libraries/polkit/default.nix @@ -22,7 +22,7 @@ , gtk-doc , coreutils , useSystemd ? stdenv.isLinux -, systemd +, systemdMinimal , elogind # A few tests currently fail on musl (polkitunixusertest, polkitunixgrouptest, polkitidentitytest segfault). # Not yet investigated; it may be due to the "Make netgroup support optional" @@ -106,7 +106,7 @@ stdenv.mkDerivation rec { duktape ] ++ lib.optionals stdenv.isLinux [ # On Linux, fall back to elogind when systemd support is off. - (if useSystemd then systemd else elogind) + (if useSystemd then systemdMinimal else elogind) ]; propagatedBuildInputs = [ From dad557524a8572426d03640c6f7b193027dac51a Mon Sep 17 00:00:00 2001 From: bootstrap-prime Date: Sun, 3 Jul 2022 17:11:52 -0400 Subject: [PATCH 3/7] pcsclite: use systemdMinimal to avoid dep cycle --- pkgs/tools/security/pcsclite/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/security/pcsclite/default.nix b/pkgs/tools/security/pcsclite/default.nix index bcc7163bec2f..e5f26bca5612 100644 --- a/pkgs/tools/security/pcsclite/default.nix +++ b/pkgs/tools/security/pcsclite/default.nix @@ -8,7 +8,7 @@ , python3 , dbus , polkit -, systemd +, systemdMinimal , IOKit }: @@ -59,7 +59,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ autoreconfHook autoconf-archive pkg-config perl ]; buildInputs = [ python3 ] - ++ lib.optionals stdenv.isLinux [ dbus polkit systemd ] + ++ lib.optionals stdenv.isLinux [ dbus polkit systemdMinimal ] ++ lib.optionals stdenv.isDarwin [ IOKit ]; meta = with lib; { From 3b9048a3cefb6e86af60348513624ea691cd7f41 Mon Sep 17 00:00:00 2001 From: bootstrap-prime Date: Sun, 3 Jul 2022 17:12:46 -0400 Subject: [PATCH 4/7] bluez: use systemdMinimal to avoid dep cycle also make test output unconditional --- pkgs/os-specific/linux/bluez/default.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pkgs/os-specific/linux/bluez/default.nix b/pkgs/os-specific/linux/bluez/default.nix index 3805f99e0a55..d09ef77fb0d8 100644 --- a/pkgs/os-specific/linux/bluez/default.nix +++ b/pkgs/os-specific/linux/bluez/default.nix @@ -12,7 +12,7 @@ , pkg-config , python3 , readline -, systemd +, systemdMinimal , udev , withExperimental ? false }: let @@ -48,7 +48,7 @@ in stdenv.mkDerivation rec { python3.pkgs.wrapPython ]; - outputs = [ "out" "dev" ] ++ lib.optional doCheck "test"; + outputs = [ "out" "dev" "test" ]; patches = [ # https://github.com/bluez/bluez/commit/0905a06410d4a5189f0be81e25eb3c3e8a2199c5 @@ -63,7 +63,7 @@ in stdenv.mkDerivation rec { postPatch = '' substituteInPlace tools/hid2hci.rules \ - --replace /sbin/udevadm ${systemd}/bin/udevadm \ + --replace /sbin/udevadm ${systemdMinimal}/bin/udevadm \ --replace "hid2hci " "$out/lib/udev/hid2hci " # Disable some tests: # - test-mesh-crypto depends on the following kernel settings: @@ -107,7 +107,7 @@ in stdenv.mkDerivation rec { doCheck = stdenv.hostPlatform.isx86_64; - postInstall = lib.optionalString doCheck '' + postInstall = '' mkdir -p $test/{bin,test} cp -a test $test pushd $test/test From 5f43dbea703c44643dcc280308c6ec40e0e198b4 Mon Sep 17 00:00:00 2001 From: bootstrap-prime Date: Sun, 3 Jul 2022 17:13:45 -0400 Subject: [PATCH 5/7] dbus: use systemdMinimal to avoid dep cycle --- pkgs/development/libraries/dbus/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/development/libraries/dbus/default.nix b/pkgs/development/libraries/dbus/default.nix index 4e41384847d4..075f2a67b70e 100644 --- a/pkgs/development/libraries/dbus/default.nix +++ b/pkgs/development/libraries/dbus/default.nix @@ -5,7 +5,7 @@ , pkg-config , expat , enableSystemd ? stdenv.isLinux && !stdenv.hostPlatform.isStatic -, systemd +, systemdMinimal , audit , libapparmor , dbus @@ -75,7 +75,7 @@ stdenv.mkDerivation rec { libX11 libICE libSM - ]) ++ lib.optional enableSystemd systemd + ]) ++ lib.optional enableSystemd systemdMinimal ++ lib.optionals stdenv.isLinux [ audit libapparmor ]; # ToDo: optional selinux? @@ -94,7 +94,7 @@ stdenv.mkDerivation rec { "--with-systemduserunitdir=${placeholder "out"}/etc/systemd/user" ] ++ lib.optional (!x11Support) "--without-x" ++ lib.optionals stdenv.isLinux [ "--enable-apparmor" "--enable-libaudit" ] - ++ lib.optionals enableSystemd [ "SYSTEMCTL=${systemd}/bin/systemctl" ]; + ++ lib.optionals enableSystemd [ "SYSTEMCTL=${systemdMinimal}/bin/systemctl" ]; NIX_CFLAGS_LINK = lib.optionalString (!stdenv.isDarwin) "-Wl,--as-needed"; From aa5659c1a773964840945d9a41b424812e5437d1 Mon Sep 17 00:00:00 2001 From: bootstrap-prime Date: Sun, 3 Jul 2022 17:27:01 -0400 Subject: [PATCH 6/7] python-dbusmock: refactor check, avoid dep cycle python-dbusmock relies on bluez for it's checks. Which shouldn't be a problem, and isn't one normally. However, checkPhase contained a string substitution that was always constructed regardless of the value of doCheck (and simply not used if doCheck was false), and so bluez, which was not supposed to be a dependency, was used as and registered as one and caused a dependency cycle when trying to add pcsclite as a dependency of libfido2. The string substitution has been removed in favor of something that can remain disabled when doCheck is false. --- .../python-modules/python-dbusmock/default.nix | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/pkgs/development/python-modules/python-dbusmock/default.nix b/pkgs/development/python-modules/python-dbusmock/default.nix index 1be846aa2ae8..e7cb58084b84 100644 --- a/pkgs/development/python-modules/python-dbusmock/default.nix +++ b/pkgs/development/python-modules/python-dbusmock/default.nix @@ -8,9 +8,17 @@ , bluez , networkmanager , setuptools-scm +, runCommand }: -buildPythonPackage rec { +let + # Cannot just add it to path in preCheck since that attribute will be passed to + # mkDerivation even with doCheck = false, causing a dependency cycle. + pbap-client = runCommand "pbap-client" { } '' + mkdir -p "$out/bin" + ln -s "${bluez.test}/test/pbap-client" "$out/bin/pbap-client" + ''; +in buildPythonPackage rec { pname = "python-dbusmock"; version = "0.28.3"; @@ -40,7 +48,7 @@ buildPythonPackage rec { dbus pygobject3 bluez - (lib.getOutput "test" bluez) + pbap-client networkmanager nose ]; @@ -68,7 +76,6 @@ buildPythonPackage rec { # "test_networkmanager" ]; - checkPhase = '' runHook preCheck nosetests -v From e384d91be48f18fc28fdd0ac9be87b117c4c5806 Mon Sep 17 00:00:00 2001 From: bootstrap-prime Date: Sun, 3 Jul 2022 17:29:56 -0400 Subject: [PATCH 7/7] libfido2: depend on pcsclite to support nfc keys --- pkgs/development/libraries/libfido2/default.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/pkgs/development/libraries/libfido2/default.nix b/pkgs/development/libraries/libfido2/default.nix index fb08aac071b4..3dd0465a9eea 100644 --- a/pkgs/development/libraries/libfido2/default.nix +++ b/pkgs/development/libraries/libfido2/default.nix @@ -8,6 +8,7 @@ , openssl , udev , zlib +, pcsclite }: stdenv.mkDerivation rec { @@ -24,7 +25,7 @@ stdenv.mkDerivation rec { buildInputs = [ libcbor openssl zlib ] ++ lib.optionals stdenv.isDarwin [ hidapi ] - ++ lib.optionals stdenv.isLinux [ udev ]; + ++ lib.optionals stdenv.isLinux [ udev pcsclite ]; cmakeFlags = [ "-DUDEV_RULES_DIR=${placeholder "out"}/etc/udev/rules.d" @@ -33,6 +34,7 @@ stdenv.mkDerivation rec { "-DUSE_HIDAPI=1" ] ++ lib.optionals stdenv.isLinux [ "-DNFC_LINUX=1" + "-DUSE_PCSC=1" ]; meta = with lib; {