diff options
| author | xeji <xeji@cat3.de> | 2018-02-20 10:50:50 +0100 |
|---|---|---|
| committer | xeji <xeji@cat3.de> | 2018-03-04 17:47:55 +0100 |
| commit | 1894a2ace97cc61cf833f712581d31cf2c650c35 (patch) | |
| tree | d796a249de7f918344aa840fd0dfb07943235031 /pkgs/development/libraries/spice-gtk | |
| parent | 14c6c286fcf6c7fa341511ac4c38b2d580a7ff33 (diff) | |
| download | nixpkgs-1894a2ace97cc61cf833f712581d31cf2c650c35.tar nixpkgs-1894a2ace97cc61cf833f712581d31cf2c650c35.tar.gz nixpkgs-1894a2ace97cc61cf833f712581d31cf2c650c35.tar.bz2 nixpkgs-1894a2ace97cc61cf833f712581d31cf2c650c35.tar.lz nixpkgs-1894a2ace97cc61cf833f712581d31cf2c650c35.tar.xz nixpkgs-1894a2ace97cc61cf833f712581d31cf2c650c35.tar.zst nixpkgs-1894a2ace97cc61cf833f712581d31cf2c650c35.zip | |
spice-gtk: fix usb redirection
Build with polkit and acl to enable usb redirection in virt-viewer and virt-manager. Fixes #27199 usb redirection requires a setuid wrapper, see comment in code.
Diffstat (limited to 'pkgs/development/libraries/spice-gtk')
| -rw-r--r-- | pkgs/development/libraries/spice-gtk/default.nix | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/pkgs/development/libraries/spice-gtk/default.nix b/pkgs/development/libraries/spice-gtk/default.nix index e4c614bf3b3..440ee1b2c35 100644 --- a/pkgs/development/libraries/spice-gtk/default.nix +++ b/pkgs/development/libraries/spice-gtk/default.nix @@ -1,6 +1,7 @@ { stdenv, fetchurl, pkgconfig, spice-protocol, gettext, celt_0_5_1 , openssl, libpulseaudio, pixman, gobjectIntrospection, libjpeg_turbo, zlib , cyrus_sasl, python2Packages, autoreconfHook, usbredir, libsoup +, polkit, acl, usbutils, vala , gtk3, epoxy }: with stdenv.lib; @@ -18,19 +19,33 @@ in stdenv.mkDerivation rec { buildInputs = [ spice-protocol celt_0_5_1 openssl libpulseaudio pixman gobjectIntrospection libjpeg_turbo zlib cyrus_sasl python pygtk usbredir gtk3 epoxy + polkit acl usbutils ]; - nativeBuildInputs = [ pkgconfig gettext libsoup autoreconfHook ]; + nativeBuildInputs = [ pkgconfig gettext libsoup autoreconfHook vala ]; NIX_CFLAGS_COMPILE = "-fno-stack-protector"; + # put polkit action in the $out/share/polkit-1/actions preAutoreconf = '' + substituteInPlace configure.ac \ + --replace 'POLICYDIR=`''${PKG_CONFIG} polkit-gobject-1 --variable=policydir`' "POLICYDIR=$out/share/polkit-1/actions" ''; configureFlags = [ "--with-gtk3" ]; + # usb redirection needs spice-client-glib-usb-acl-helper to run setuid root + # the helper then uses polkit to check access + # in nixos, enable this with + # security.wrappers.spice-client-glib-usb-acl-helper.source = + # "${pkgs.spice_gtk}/bin/spice-client-glib-usb-acl-helper.real"; + postFixup = '' + mv $out/bin/spice-client-glib-usb-acl-helper $out/bin/spice-client-glib-usb-acl-helper.real + ln -sf /run/wrappers/bin/spice-client-glib-usb-acl-helper $out/bin/spice-client-glib-usb-acl-helper + ''; + dontDisableStatic = true; # Needed by the coroutine test enableParallelBuilding = true; |