summary refs log tree commit diff
diff options
context:
space:
mode:
authoradisbladis <adisbladis@gmail.com>2021-02-08 16:00:53 +0100
committeradisbladis <adisbladis@gmail.com>2021-02-08 16:43:42 +0100
commit418af7d7aae6ad5c15b8c31d0fc7052d7c5625ed (patch)
treee4948365ffa27f8b7dc553e9b292b1a8354d7f04
parent94f2ba2ef39dc8743c6f873d23698e672ea241b2 (diff)
downloadnixpkgs-418af7d7aae6ad5c15b8c31d0fc7052d7c5625ed.tar
nixpkgs-418af7d7aae6ad5c15b8c31d0fc7052d7c5625ed.tar.gz
nixpkgs-418af7d7aae6ad5c15b8c31d0fc7052d7c5625ed.tar.bz2
nixpkgs-418af7d7aae6ad5c15b8c31d0fc7052d7c5625ed.tar.lz
nixpkgs-418af7d7aae6ad5c15b8c31d0fc7052d7c5625ed.tar.xz
nixpkgs-418af7d7aae6ad5c15b8c31d0fc7052d7c5625ed.tar.zst
nixpkgs-418af7d7aae6ad5c15b8c31d0fc7052d7c5625ed.zip
nixops: Fix build by disabling the libvirt backend if package marked as insecure
With this change it's possible to override the libvirt package used if you absolutely need it.
Diffstat
-rw-r--r--pkgs/development/python-modules/libvirt/5.9.0.nix4
-rw-r--r--pkgs/tools/package-management/nixops/generic.nix5
-rw-r--r--pkgs/tools/package-management/nixops/optional-virtd.patch24
3 files changed, 31 insertions, 2 deletions
diff --git a/pkgs/development/python-modules/libvirt/5.9.0.nix b/pkgs/development/python-modules/libvirt/5.9.0.nix
index bfc6b711ab2..9cbd042c55a 100644
--- a/pkgs/development/python-modules/libvirt/5.9.0.nix
+++ b/pkgs/development/python-modules/libvirt/5.9.0.nix
@@ -18,6 +18,10 @@ buildPythonPackage rec {
     nosetests
   '';
 
+  passthru = {
+    inherit libvirt;
+  };
+
   meta = with lib; {
     homepage = "http://www.libvirt.org/";
     description = "libvirt Python bindings";
diff --git a/pkgs/tools/package-management/nixops/generic.nix b/pkgs/tools/package-management/nixops/generic.nix
index 564256de35d..57f64531a9b 100644
--- a/pkgs/tools/package-management/nixops/generic.nix
+++ b/pkgs/tools/package-management/nixops/generic.nix
@@ -22,9 +22,10 @@ python2Packages.buildPythonApplication {
       pysqlite
       datadog
       digital-ocean
-      libvirt
       typing
-    ] ++ nixopsAzurePackages;
+      ]
+      ++ lib.optional (!libvirt.passthru.libvirt.meta.insecure or true) libvirt
+      ++ nixopsAzurePackages;
 
   checkPhase =
   # Ensure, that there are no (python) import errors
diff --git a/pkgs/tools/package-management/nixops/optional-virtd.patch b/pkgs/tools/package-management/nixops/optional-virtd.patch
new file mode 100644
index 00000000000..3697fdde8f2
--- /dev/null
+++ b/pkgs/tools/package-management/nixops/optional-virtd.patch
@@ -0,0 +1,24 @@
+diff --git a/nixops/backends/libvirtd.py b/nixops/backends/libvirtd.py
+index bc5f4af7..edd1348b 100644
+--- a/nixops/backends/libvirtd.py
++++ b/nixops/backends/libvirtd.py
+@@ -8,12 +8,18 @@ import shutil
+ import string
+ import subprocess
+ import time
+-import libvirt
+ 
+ from nixops.backends import MachineDefinition, MachineState
+ import nixops.known_hosts
+ import nixops.util
+ 
++try:
++    import libvirt
++except:
++    class libvirt(object):
++        def __getattribute__(self, name):
++            raise ValueError("The libvirt backend has been disabled because of security issues.")
++
+ # to prevent libvirt errors from appearing on screen, see
+ # https://www.redhat.com/archives/libvirt-users/2017-August/msg00011.html
+
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-21 18:40:16 +0000