From 6bfdb6b6bc6304f55a8e235095cde90e6d51eff9 Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Mon, 1 Mar 2021 08:55:29 +0100 Subject: [PATCH 1/6] brltty: 6.1 -> 6.3 --- pkgs/tools/misc/brltty/default.nix | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/pkgs/tools/misc/brltty/default.nix b/pkgs/tools/misc/brltty/default.nix index b71740c325a5..8a48835748bc 100644 --- a/pkgs/tools/misc/brltty/default.nix +++ b/pkgs/tools/misc/brltty/default.nix @@ -6,11 +6,12 @@ assert alsaSupport -> alsaLib != null; assert systemdSupport -> systemd != null; stdenv.mkDerivation rec { - name = "brltty-6.1"; + pname = "brltty"; + version = "6.3"; src = fetchurl { - url = "http://brltty.com/archive/${name}.tar.gz"; - sha256 = "0nk54chr7z2w579vyiak9xk2avhnvrx7x2l5sk8nyw2zplchkx9q"; + url = "https://brltty.app/archive/${pname}-${version}.tar.gz"; + sha256 = "14psxwlvgyi2fj1zh8rfykyjcjaya8xa7yg574bxd8y8n49n8hvb"; }; nativeBuildInputs = [ pkg-config python3.pkgs.cython ]; @@ -26,7 +27,7 @@ stdenv.mkDerivation rec { It drives the braille display, and provides complete screen review functionality. Some speech capability has also been incorporated. ''; - homepage = "http://www.brltty.com/"; + homepage = "https://brltty.app"; license = lib.licenses.gpl2; maintainers = [ lib.maintainers.bramd ]; platforms = lib.platforms.all; From ba27976cf1345c578664377ab479d1c9bf06c383 Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Mon, 1 Mar 2021 09:00:02 +0100 Subject: [PATCH 2/6] brltty: fix ambiguous license in meta --- pkgs/tools/misc/brltty/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/tools/misc/brltty/default.nix b/pkgs/tools/misc/brltty/default.nix index 8a48835748bc..d39a0ef41026 100644 --- a/pkgs/tools/misc/brltty/default.nix +++ b/pkgs/tools/misc/brltty/default.nix @@ -28,7 +28,7 @@ stdenv.mkDerivation rec { Some speech capability has also been incorporated. ''; homepage = "https://brltty.app"; - license = lib.licenses.gpl2; + license = lib.licenses.gpl2Plus; maintainers = [ lib.maintainers.bramd ]; platforms = lib.platforms.all; }; From 6d1d1fc6915de56a6324d0f2ff7c97cdaf2c5b2a Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Mon, 1 Mar 2021 08:57:03 +0100 Subject: [PATCH 3/6] brltty: install systemd,udev,polkit files --- pkgs/tools/misc/brltty/default.nix | 51 +++++++++++++++++++++++++++--- 1 file changed, 47 insertions(+), 4 deletions(-) diff --git a/pkgs/tools/misc/brltty/default.nix b/pkgs/tools/misc/brltty/default.nix index d39a0ef41026..90bcc0092d32 100644 --- a/pkgs/tools/misc/brltty/default.nix +++ b/pkgs/tools/misc/brltty/default.nix @@ -1,4 +1,5 @@ { lib, stdenv, fetchurl, pkg-config, python3, bluez +, tcl, acl, kmod, coreutils, shadow , alsaSupport ? stdenv.isLinux, alsaLib ? null , systemdSupport ? stdenv.isLinux, systemd ? null }: @@ -14,7 +15,7 @@ stdenv.mkDerivation rec { sha256 = "14psxwlvgyi2fj1zh8rfykyjcjaya8xa7yg574bxd8y8n49n8hvb"; }; - nativeBuildInputs = [ pkg-config python3.pkgs.cython ]; + nativeBuildInputs = [ pkg-config python3.pkgs.cython tcl ]; buildInputs = [ bluez ] ++ lib.optional alsaSupport alsaLib ++ lib.optional systemdSupport systemd; @@ -33,11 +34,53 @@ stdenv.mkDerivation rec { platforms = lib.platforms.all; }; - makeFlags = [ "PYTHON_PREFIX=$(out)" ]; - - preConfigurePhases = [ "preConfigure" ]; + makeFlags = [ + "PYTHON_PREFIX=$(out)" + "SYSTEMD_UNITS_DIRECTORY=$(out)/lib/systemd/system" + "SYSTEMD_USERS_DIRECTORY=$(out)/lib/sysusers.d" + "SYSTEMD_FILES_DIRECTORY=$(out)/lib/tmpfiles.d" + "UDEV_LIBRARY_DIRECTORY=$(out)/lib/udev" + "POLKIT_POLICY_DIR=$(out)/share/polkit-1/actions" + "POLKIT_RULE_DIR=$(out)/share/polkit-1/rules.d" + ]; + configureFlags = [ + "--with-writable-directory=/run/brltty" + "--with-updatable-directory=/var/lib/brltty" + "--with-api-socket-path=/var/lib/BrlAPI" + ]; + installFlags = [ "install-systemd" "install-udev" "install-polkit" ]; preConfigure = '' substituteInPlace configure --replace /sbin/ldconfig ldconfig + + # Some script needs a working tclsh shebang + patchShebangs . + + # Skip impure operations + substituteInPlace Programs/Makefile.in \ + --replace install-writable-directory "" \ + --replace install-apisoc-directory "" \ + --replace install-api-key "" + ''; + + postInstall = '' + # Rewrite absolute paths + substituteInPlace $out/bin/brltty-mkuser \ + --replace '/sbin/nologin' '${shadow}/bin/nologin' + ( + cd $out/lib + substituteInPlace systemd/system/brltty@.service \ + --replace '/usr/lib' "$out/lib" \ + --replace '/sbin/modprobe' '${kmod}/bin/modprobe' + substituteInPlace systemd/system/brltty-device@.service \ + --replace '/usr/bin/true' '${coreutils}/bin/true' + substituteInPlace udev/rules.d/90-brltty-uinput.rules \ + --replace '/usr/bin/setfacl' '${acl}/bin/setfacl' + substituteInPlace tmpfiles.d/brltty.conf \ + --replace "$out/etc" '/etc' + + # Remove unused commands from udev rules + sed '/initctl/d' -i udev/rules.d/90-brltty-device.rules + ) ''; } From 6fc8d59b3375de3feb7095a8ef9360beacc78c44 Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Mon, 1 Mar 2021 18:04:07 +0100 Subject: [PATCH 4/6] brltty: remove asserts for optional features Assertions can break overriding a package, see issue #73102. --- pkgs/tools/misc/brltty/default.nix | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/pkgs/tools/misc/brltty/default.nix b/pkgs/tools/misc/brltty/default.nix index 90bcc0092d32..e6999fed08a4 100644 --- a/pkgs/tools/misc/brltty/default.nix +++ b/pkgs/tools/misc/brltty/default.nix @@ -1,10 +1,8 @@ { lib, stdenv, fetchurl, pkg-config, python3, bluez , tcl, acl, kmod, coreutils, shadow -, alsaSupport ? stdenv.isLinux, alsaLib ? null -, systemdSupport ? stdenv.isLinux, systemd ? null }: - -assert alsaSupport -> alsaLib != null; -assert systemdSupport -> systemd != null; +, alsaSupport ? stdenv.isLinux, alsaLib +, systemdSupport ? stdenv.isLinux, systemd +}: stdenv.mkDerivation rec { pname = "brltty"; From 13375265e4be43cb23773aed0e810fc0e314ee78 Mon Sep 17 00:00:00 2001 From: Bram Date: Sat, 3 Apr 2021 22:15:33 +0200 Subject: [PATCH 5/6] brltty: fix systemd-wrapper script - Use absolute paths to logger and udev. - Pass the absolute path to the brltty binary to the wrapper. - Include generic USB devices in udev rules. - Remove pulse-access group from systemd unit and sysusers. --- pkgs/tools/misc/brltty/default.nix | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/misc/brltty/default.nix b/pkgs/tools/misc/brltty/default.nix index e6999fed08a4..c3bdbca7a591 100644 --- a/pkgs/tools/misc/brltty/default.nix +++ b/pkgs/tools/misc/brltty/default.nix @@ -1,5 +1,5 @@ { lib, stdenv, fetchurl, pkg-config, python3, bluez -, tcl, acl, kmod, coreutils, shadow +, tcl, acl, kmod, coreutils, shadow, util-linux, udev , alsaSupport ? stdenv.isLinux, alsaLib , systemdSupport ? stdenv.isLinux, systemd }: @@ -38,6 +38,7 @@ stdenv.mkDerivation rec { "SYSTEMD_USERS_DIRECTORY=$(out)/lib/sysusers.d" "SYSTEMD_FILES_DIRECTORY=$(out)/lib/tmpfiles.d" "UDEV_LIBRARY_DIRECTORY=$(out)/lib/udev" + "UDEV_RULES_TYPE=all" "POLKIT_POLICY_DIR=$(out)/share/polkit-1/actions" "POLKIT_RULE_DIR=$(out)/share/polkit-1/rules.d" ]; @@ -70,6 +71,8 @@ stdenv.mkDerivation rec { substituteInPlace systemd/system/brltty@.service \ --replace '/usr/lib' "$out/lib" \ --replace '/sbin/modprobe' '${kmod}/bin/modprobe' + # Ensure the systemd-wrapper script uses the correct path to the brltty binary + sed "/^Environment=\"BRLTTY_EXECUTABLE_ARGUMENTS.*/a Environment=\"BRLTTY_EXECUTABLE_PATH=$out/bin/brltty\"" -i systemd/system/brltty@.service substituteInPlace systemd/system/brltty-device@.service \ --replace '/usr/bin/true' '${coreutils}/bin/true' substituteInPlace udev/rules.d/90-brltty-uinput.rules \ @@ -79,6 +82,14 @@ stdenv.mkDerivation rec { # Remove unused commands from udev rules sed '/initctl/d' -i udev/rules.d/90-brltty-device.rules - ) + # Remove pulse-access group from systemd unit and sysusers + substituteInPlace systemd/system/brltty@.service \ + --replace 'SupplementaryGroups=pulse-access' '# SupplementaryGroups=pulse-access' + substituteInPlace sysusers.d/brltty.conf \ + --replace 'm brltty pulse-access' '# m brltty pulse-access' + ) + substituteInPlace $out/libexec/brltty/systemd-wrapper \ + --replace 'logger' "${util-linux}/bin/logger" \ + --replace 'udevadm' "${udev}/bin/udevadm" ''; } From da2923b4f82ae5636ad3632ff841732c25f91557 Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Mon, 1 Mar 2021 12:11:22 +0100 Subject: [PATCH 6/6] nixos/brltty: use upstream units Upstream has been providing a very thoroughly designed set of systemd units, udev and polkit rules. With these the brltty daemon is activated asynchronously via udev, runs as a dedicated user with runtime and state directories set up using systemd-tmpfiles. This is much better than the current unit, which runs a single instance as root and pulls in systemd-udev-settle to wait for the hardware. --- nixos/modules/services/hardware/brltty.nix | 57 ++++++++++++---------- 1 file changed, 32 insertions(+), 25 deletions(-) diff --git a/nixos/modules/services/hardware/brltty.nix b/nixos/modules/services/hardware/brltty.nix index 1266e8f81e5b..730560175327 100644 --- a/nixos/modules/services/hardware/brltty.nix +++ b/nixos/modules/services/hardware/brltty.nix @@ -5,6 +5,19 @@ with lib; let cfg = config.services.brltty; + targets = [ + "default.target" "multi-user.target" + "rescue.target" "emergency.target" + ]; + + genApiKey = pkgs.writers.writeDash "generate-brlapi-key" '' + if ! test -f /etc/brlapi.key; then + echo -n generating brlapi key... + ${pkgs.brltty}/bin/brltty-genkey -f /etc/brlapi.key + echo done + fi + ''; + in { options = { @@ -18,33 +31,27 @@ in { }; config = mkIf cfg.enable { - - systemd.services.brltty = { - description = "Braille Device Support"; - unitConfig = { - Documentation = "http://mielke.cc/brltty/"; - DefaultDependencies = "no"; - RequiresMountsFor = "${pkgs.brltty}/var/lib/brltty"; - }; - serviceConfig = { - ExecStart = "${pkgs.brltty}/bin/brltty --no-daemon"; - Type = "notify"; - TimeoutStartSec = 5; - TimeoutStopSec = 10; - Restart = "always"; - RestartSec = 30; - Nice = -10; - OOMScoreAdjust = -900; - ProtectHome = "read-only"; - ProtectSystem = "full"; - SystemCallArchitectures = "native"; - }; - wants = [ "systemd-udev-settle.service" ]; - after = [ "local-fs.target" "systemd-udev-settle.service" ]; - before = [ "sysinit.target" ]; - wantedBy = [ "sysinit.target" ]; + users.users.brltty = { + description = "BRLTTY daemon user"; + group = "brltty"; + }; + users.groups = { + brltty = { }; + brlapi = { }; }; + systemd.services."brltty@".serviceConfig = + { ExecStartPre = "!${genApiKey}"; }; + + # Install all upstream-provided files + systemd.packages = [ pkgs.brltty ]; + systemd.tmpfiles.packages = [ pkgs.brltty ]; + services.udev.packages = [ pkgs.brltty ]; + environment.systemPackages = [ pkgs.brltty ]; + + # Add missing WantedBys (see issue #81138) + systemd.paths.brltty.wantedBy = targets; + systemd.paths."brltty@".wantedBy = targets; }; }