Commit graph

81 commits

Author SHA1 Message Date
aszlig
dd832a3e8f
chromium: Update beta channel to v25.0.1364.68.
This update is a bit more problematic, as the bundled version of libpng is
version 1.2.45 and the version in nixpkgs is 1.5.13. Even if trying to run with
libpng12 from nixpkgs, it seems to collide with parts of the bundled version.

So, until this is either fixed upstream or we have a good solution, we're using
bundled libpng for chromium version 25 and higher.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2013-02-08 07:03:36 +01:00
aszlig
4f8314fb92
chromium: Update dev channel to 25.0.1364.29.
For this update we needed to fix a bunch of things:

 * Limit pulse_audio_fix.patch to version 24 only (fixed upstream in 25).
 * Avoid the use of -fstack-protector for version 25.

The -fstack-protector option seems to be passed to libvpx now by default, so
simply use -fno-stack-protector in every occurence of -fstack-protector in
common.gypi. At least for now this will do it, but ultimately and for the future
we may want to have support for that in general.

And if we need that support in chromium directly depends on some of the next
updates to this package, as it seems that we now can switch to quite a lot of
nixpkgs dependencies instead of bundled dependencies.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2013-01-14 11:34:02 +01:00
aszlig
abe2993c4b
chromium: Add myself to maintainers.
Might come in handy to actually know when things going to break.

In case you're wondering: Yes, "aszlig" is the name everyone uses in real life
(even my family uses it) and is my pending stage name (not _yet_ officially).

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2013-01-10 03:33:04 +01:00
aszlig
e2a4295844
chromium: Add pulse_audio_fix.patch to nixpkgs.
The patch previously was fetched from an Arch Linux contributor but is no longer
available there anymore. So, this is only an intermediate fix until channels get
updated (very soon I hope, even though chromium 25 could get quite messy).

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2013-01-10 03:29:44 +01:00
aszlig
8fd4b80bc7
chromium: Don't use the config attrset anymore.
We can still use the config attribute set from within all-packages to pass it to
the package expression, which we do in case of PulseAudio. In order to override
other stuff you can now conveniently use chromium.override without passing a
fake config attribute set.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2012-12-05 14:05:18 +01:00
aszlig
caabb8ee47
chromium: Allow package override on channels.
This allows for more flexible overrides instead of just passing a custom
configuration attrset like:

chromium.override { config.chromium.channel = "beta"; }

So you can now simply do:

chromium.override { channel = "beta"; }

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2012-12-05 14:05:18 +01:00
aszlig
a76e28b54c
chromium: Add dependency on pciutils for v25.
This fixes the build for latest development version 25.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2012-11-20 04:55:45 +01:00
aszlig
af8f08d638
chromium: Drop obsolete pre-v23 seccomp patch.
The patch is no longer needed, as we are now using the BPF seccomp sandbox.
Unfortunately this is not marked "adequately sandboxed" in chrome://sandbox, as
it awaits security review on http://crbug.com/26528.

Unfortunately this gets us into a position where we can't be sure if the sandbox
is working correctly, especially because the non-BPF seccomp sandbox has a bunch
of stability issues and is marked legacy. And we definitely don't want to add
support for the setuid sandbox, do we?

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2012-11-20 04:55:45 +01:00
aszlig
a28fe19203
chromium: Update dev and beta channels.
beta: 23.0.1271.60 (build successful)
dev: 24.0.1312.2 (build successful after patching)

The development version needs a patch in order to build properly against
PulseAudio. Issue and origin of the patch can be found here:

http://crbug.com/157876

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2012-11-03 12:44:47 +01:00
aszlig
737eff7166
chromium: Update beta and dev releases.
beta: 23.0.1271.26 -> 23.0.1271.40
dev: 24.0.1284.2 -> 24.0.1297.0

Both are building successful and the BPF seccomp sandbox fix has been dropped as
it has finally been applied upstream.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2012-10-23 06:08:01 +02:00
aszlig
702aec1881
chromium: Use final implementation of BPF patch.
The new version is the one already committed in trunk as revision 160697.
In order to get into beta and stable this could take some while so we're going
need to carry around that patch for some time.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2012-10-11 12:44:13 +02:00
aszlig
1983d4fdfc
chromium: Build using libusb (1.0) from nixpkgs.
This dependency has recently been added to chromium while we didn't notice it,
so let's avoid to use the bundled version.

It might make sense to remove the unneeded files in third_party/ based on a
whitelist, so that we notice future changes like this earlier.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2012-10-08 15:06:15 +02:00
aszlig
692ad8059a
chromium: Build using libexif from nixpkgs.
While libexif has been bundled with chromium for some months already, they only
recently added the GYP option to switch to using the system library. So, let's
enable it.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2012-10-08 15:05:00 +02:00
aszlig
58a4edd294
chromium: Drop seccomp patch for version 21.
Version 22 is the current version of the stable channel, so we don't need to
carry around a patch for earlier versions.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2012-10-08 07:35:57 +02:00
aszlig
17fe198695
chromium: Disable legacy seccomp sandbox in v23.
This removes the patch introduced in 949afcc0f2.
The reason behind this is because even though we patch in the legacy seccomp
sandbox by default, it won't be used anyway as both cannot coexist anymore.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2012-10-08 07:35:57 +02:00
aszlig
10679a7ba6
chromium: Fix chromium bug 149834 for version 23.
This is just a temporary fix and will only thrown away as soon as a proper fix
is included upstream, see http://crbug.com/149834 for more details about this.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2012-10-08 07:33:52 +02:00
aszlig
949afcc0f2
chromium: New seccomp patch for versions >= 23.
The BPF renderer sandbox is now the default in 23. But still, it is not regarded
as "adequately sandboxed" from Google so we still need the legacy seccomp
sandbox.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2012-10-08 07:33:51 +02:00
aszlig
77d424875c
chromium: Temporarily use bundled zlib.
Well, after looking a bit more thoroughly through the zlib patch from the
Chromium team, it seams, that this really fix an issue that hasn't yet been
applied upstream. Unfortunately neither Chromium nor Zlib give more information
about that issue. Maybe they're waiting until its resolved upstream and thus the
temporary patch?

The bad news is, that the fix for the vulnerability is incomplete in Chromium
and covers only the use cases of Chromium itself, so we can't include that
patched version in nixpkgs zlib derivation.

Until the issue is fixed upstream we're hereby safer off turning it off in
Chromium and thus use the bundled and patched version.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2012-10-08 07:33:51 +02:00
aszlig
d2df1ada27
chromium: Update channels to stable v22.0.1229.79.
dev: 23.0.1271.10
beta: 22.0.1229.91
stable: 22.0.1229.79

The revert for SVN revision 151720 is now obsolete in the current beta release
and is only needed for the stable version. So let's hope that >= 22.0.1229.91
will get stable soon.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2012-10-02 03:46:42 +02:00
Eelco Dolstra
e6077fbc46 Remove getConfig helper function
An expression like ‘getConfig [ "cabal" "libraryProfiling" ] false’
can be written more concisely as ‘config.cabal.libraryProfiling or false’.
2012-09-19 13:56:56 -04:00
aszlig
2347cfa4f9
chromium: Revert zlib changes for v22 and higher.
SVN revision 151720 breaks the build with system zlib, see:

http://src.chromium.org/viewvc/chrome?view=rev&revision=151720

The issue here is, that r151720 introduces changes directly in zlib, which
aren't upstream and unfortunately there is no more information stating the exact
reasons for this change, as all references to it are not publicly available:

http://crbug.com/139744
https://chromiumcodereview.appspot.com/10837057

So for the moment, we're going to add a patch, which applies to v22 and higher,
which essentially reverts r151720, until either more information on the issue is
available or it is resolved upstream.

As someone has already reported the issue, we just need to track the following
issue:

http://crbug.com/143623

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2012-09-11 04:54:26 +02:00
aszlig
d5c2b35b82
chromium: Re-enable legacy sandbox for version 22.
This enables legacy seccomp sandbox by default even on chromium 22, because the
BPF sandbox is still work in progress, please see:

http://crbug.com/139872
http://crbug.com/130662

Because the BPF seccomp sandbox is used in case the legacy seccomp mode
initialization fails, we might need to patch this again, as soon as the BPF
sandbox is fully implemented to fall back to legacy seccomp and use BPF by
default.

We now have two patches for "default to seccomp" - one for Chromium 21 and one
for 22 or higher.
2012-08-27 06:50:35 +02:00
aszlig
c67d8bcabe
chromium: Don't use the sandbox patch on v21.
The patch doesn't apply in version 22 and newer, because mode 1 sandboxes are
connsidered "legacy" (well, apart from the fact that I'd personally prefer BPF
anyway), for reasons I wasn't able to find, yet. But let's proceed on BPF
integration and thus gain more insight on the exact reasons.
2012-08-26 07:36:57 +02:00
aszlig
b1a6a98139
chromium: Drop dependency on subversion.
Versions older than 21 needed subversion in order to build. As the oldest
version we support is 21, we no longer need this dependency.
2012-08-26 03:03:24 +02:00
aszlig
8b4fae76b3 chromium: Build with NSS by default.
Hurray! This is the first time chromium is working with NSS _and_ is able to
verify certificates using the root certificates built in into NSS.

Optimally it would use certs from OPENSSL_X509_CERT_FILE, but at least it's
working, so let's add that at some later point.
2012-08-22 08:29:10 +02:00
aszlig
fbfd84f816 chromium: Install libffmpegsumo.so.
This caused HTML5 video to not work because this shared library is loaded at
runtime.

Unfortunately we can't use system ffmpeg yet, because upgrading would break
builds of other packages, and it would result in a copy of ffmpeg laying around
aswell, so we can defer this until we have fixed ffmpeg.

Thanks to @bluescreen303 for the bug report.
2012-08-07 19:11:58 +02:00
aszlig
834d8be46e chromium: Fix build for versions older than 21.x.
The current stable version won't build if gyp can't use svnversion from the
subversion package, so let's provide it for versions below 21.x.
2012-07-04 14:47:02 +02:00
aszlig
f6e063e7fc chromium: Use new channel based sources.
Switch to channel based sources and default to the "stable" channel.
2012-07-04 14:47:02 +02:00
Lluís Batlle i Rossell
c05fcf6a2b chromium: Making hydra build chromium for linux.
I think it will save quite a lot of users build time.
2012-06-28 12:56:51 +02:00
aszlig
d23dcbb9a5 chromium: Enable parallel building.
Always did this manually by putting -j8 into make flags, which i didn't commit,
as it obviously doesn't make sense to hardcode. However, this flag makes more
sense and obviously we need to avoid overriding buildPhase.
2012-06-22 15:53:30 -04:00
aszlig
59f8de864f chromium: Add support for pulseaudio.
Which is enabled by default if neither pulseaudio or chromium.pulseaudio is
explicitly set. The reason is that chromium falls back to ALSA in case no
pulseaudio is available.

In addition it was necessary to patch media.gyp to ignore the array-out-of-
bounds warning.
2012-06-22 15:53:30 -04:00
aszlig
a2984e3d82 chromium: Simplify names of getConfig options.
This makes it easier to remember, as so far the naming wasn't quite consistent,
sometimes "use*", sometimes "enable*". So in using just use the feature name
itself, it should be pretty clear.
2012-06-22 15:53:30 -04:00
aszlig
fc24f460f1 chromium: Use bundled versions of some libraries.
These libraries are heavily patched by the chromium project itself, so let's use
the bundled versions as those won't build anyway and also don't break functional
purity.
2012-06-22 15:53:30 -04:00
aszlig
d8e9536498 chromium: Cleanup dependencies.
This mostly is a code structure change, but also involves deleting some unused
dependencies and adding a few constraints on existing ones.
2012-06-22 15:53:30 -04:00
aszlig
c7db5ff34d chromium: Add dependency for libselinux.
This doesn't really work at the current state of NixOS and SELinux support, but
will make it easier in case we someday support SELinux altogether.
2012-06-22 15:53:30 -04:00
aszlig
a88eb35ff1 chromium: Enable proprietary codecs by default.
We now switch to using bundled ffmpeg, as this adds stuff such as support for
the H.264 codec.
2012-06-22 15:53:30 -04:00
aszlig
04ae9f288d chromium: Implement handling of enableCUPS.
We also need to patch the compilation process, so it allows deprecated
declarations when building support for the cups backend. In addition, we also
need to add libgcrypt to dependencies as it's needed by the cups implementation.
2012-06-22 15:53:29 -04:00
aszlig
70c0af9a37 chromium: Add mesa to build dependencies.
This finally enables support for WebGL and accelerated rendering.
2012-06-22 15:53:29 -04:00
aszlig
57e127099b chromium: Add flag to disable Gnome support.
This also separates gcrypt and gconf from the basic dependencies.
Unfortunately we cannot get rid of dbus_glib altogether, but maybe we want to
work on a patch to get rid of it? On the other hand it seems to be a TODO of the
chromium project itself, so let's wait and see.
2012-06-22 15:53:29 -04:00
aszlig
c2b145c32f chromium: Allow to switch off openssl support.
Currently building fails with NSS, so we're using OpenSSL by default. And that's
why we want to make this configurable so if we manage to fix that build failure,
we could switch to using NSS by default.
2012-06-22 15:53:29 -04:00
aszlig
f0cdea2e99 chromium: Use patches from system OpenSSL.
This is mainly because of the patch to use OPENSSL_X509_CERT_FILE as a way to
specify the CA bundle. A browser which isn't able to verify SSL certificates
might be somewhat useless.
2012-06-22 15:53:29 -04:00
aszlig
b1fdecc460 chromium: Rename "chrome" binary to "chromium".
This is to make it more consistent with the naming of the package file and also
consistent with the build, as we're not using the Google branded version.

In addition the derivation attribute set now has a packageName value which can
be used to easily switch the binary names and paths, just in case we want to
switch to using "chrome" (or something entirely different) again.
2012-06-22 15:53:29 -04:00
aszlig
22f5045bde chromium: Use system libraries whenever possible.
There are still some libraries left, which we either need to patch or provide
more recent versions. Plus we're going to use openssl, as libnss doesn't want to
do proper SSL (let's debug this later).
2012-06-22 15:53:28 -04:00
aszlig
6350706c0d chromium: Add "which" to build dependencies.
This is needed by a lot of scripts within chromium, so we're not going to patch
them using type, which is shell-specific anyway.
2012-06-22 15:53:28 -04:00
aszlig
ef45195126 chromium: Enable seccomp by default.
If useSELinux is not set, enable seccomp mode by default and avoid building the
SUID helper sandbox at all. This involves a small patch which causes the
commandline arguments to be swapped: --disable-seccomp-sandbox to disable it,
while the option is active by default.
2012-06-22 15:53:28 -04:00
aszlig
2571488e6a chromium: Clean up build flags.
This also includes setting compiler architectures and paths.
2012-06-22 15:53:28 -04:00
aszlig
d342672f5a chromium: Add an update script.
It fetches the latest version based on the bucketlist XML from
commondatastorage and generates a "source.nix" which contains an attribute set
about where to fetch the latest version.

The XML is parsed in a somewhat hackish way using sed, but as this is just an
updater, its okay and we don't want to break a fly on the wheel by employing a
full XML parser.
2012-06-22 15:53:28 -04:00
aszlig
b5956ec179 chromium: Add an install phase.
This tries to put pathes unte the same directory as the previous prebuilt
version of Chromium.
2012-06-22 15:53:28 -04:00
aszlig
a31301dab4 chromium: Minimal build (no install) from source.
This only gets chromium to build so far, installation is missing by upstream, so
we need to manually copy the corresponding files. And I guess with nix, we also
need to patch a few paths on installation.

Another issue is that at the moment, a lot of dependencies are used from the
source tree, rather than from the system.

Also, it would be nice to build using LLVM, as it really speeds up compilation a
*LOT* and also has the side effect of resulting in smaller binaries.

Working unit tests would be nice, too. Unfortunately they're quite heavyweight
and take hours to run, so I guess "someday" would be the most appropriate time
to integrate.

Further todo's:

- Allow to disable GConf, GIO and CUPS.
- Option to disable the sandbox (for whatever reason the user might have).
- Integrate gold binutils.
- Pulseaudio support.
- Clearly separate Linux specific stuff.
2012-06-22 15:53:27 -04:00
Arie Middelkoop
c2e7aa68e4 Bumb of Chromium version. I've been using this one for a while now.
svn path=/nixpkgs/trunk/; revision=33348
2012-03-22 10:29:43 +00:00