mirror of
https://github.com/NixOS/nixpkgs.git
synced 2025-01-02 19:14:14 +00:00
7e98527206
flatpak: attempt to fix flatpak-spawn --clear-env
209 lines
4.7 KiB
Nix
209 lines
4.7 KiB
Nix
{ lib, stdenv
|
||
, fetchurl
|
||
, fetchpatch
|
||
, autoreconfHook
|
||
, docbook_xml_dtd_45
|
||
, docbook-xsl-nons
|
||
, which
|
||
, libxml2
|
||
, gobject-introspection
|
||
, gtk-doc
|
||
, intltool
|
||
, libxslt
|
||
, pkg-config
|
||
, xmlto
|
||
, appstream-glib
|
||
, substituteAll
|
||
, bison
|
||
, xdg-dbus-proxy
|
||
, p11-kit
|
||
, bubblewrap
|
||
, bzip2
|
||
, dbus
|
||
, glib
|
||
, gpgme
|
||
, json-glib
|
||
, libarchive
|
||
, libcap
|
||
, libseccomp
|
||
, coreutils
|
||
, socat
|
||
, gettext
|
||
, hicolor-icon-theme
|
||
, shared-mime-info
|
||
, desktop-file-utils
|
||
, gtk3
|
||
, fuse
|
||
, nixosTests
|
||
, libsoup
|
||
, xz
|
||
, zstd
|
||
, ostree
|
||
, polkit
|
||
, python3
|
||
, systemd
|
||
, xorg
|
||
, valgrind
|
||
, glib-networking
|
||
, wrapGAppsNoGuiHook
|
||
, dconf
|
||
, gsettings-desktop-schemas
|
||
, librsvg
|
||
}:
|
||
|
||
stdenv.mkDerivation rec {
|
||
pname = "flatpak";
|
||
version = "1.10.2";
|
||
|
||
# TODO: split out lib once we figure out what to do with triggerdir
|
||
outputs = [ "out" "dev" "man" "doc" "devdoc" "installedTests" ];
|
||
|
||
src = fetchurl {
|
||
url = "https://github.com/flatpak/flatpak/releases/download/${version}/${pname}-${version}.tar.xz";
|
||
sha256 = "sha256-2xUnOdBy+P8pnk6IjYljobRTjaexDguGUlvkOPLh3eQ=";
|
||
};
|
||
|
||
patches = [
|
||
# Hardcode paths used by tests and change test runtime generation to use files from Nix store.
|
||
# https://github.com/flatpak/flatpak/issues/1460
|
||
(substituteAll {
|
||
src = ./fix-test-paths.patch;
|
||
inherit coreutils gettext socat gtk3;
|
||
smi = shared-mime-info;
|
||
dfu = desktop-file-utils;
|
||
hicolorIconTheme = hicolor-icon-theme;
|
||
})
|
||
|
||
# Hardcode paths used by Flatpak itself.
|
||
(substituteAll {
|
||
src = ./fix-paths.patch;
|
||
p11kit = "${p11-kit.dev}/bin/p11-kit";
|
||
})
|
||
|
||
# Adapt paths exposed to sandbox for NixOS.
|
||
(substituteAll {
|
||
src = ./bubblewrap-paths.patch;
|
||
inherit (builtins) storeDir;
|
||
})
|
||
|
||
# Allow gtk-doc to find schemas using XML_CATALOG_FILES environment variable.
|
||
# Patch taken from gtk-doc expression.
|
||
./respect-xml-catalog-files-var.patch
|
||
|
||
# Don’t hardcode flatpak binary path in launchers stored under user’s profile otherwise they will break after Flatpak update.
|
||
# https://github.com/NixOS/nixpkgs/issues/43581
|
||
./use-flatpak-from-path.patch
|
||
|
||
# Hardcode flatpak binary path for flatpak-spawn.
|
||
# When calling the portal’s Spawn command with FLATPAK_SPAWN_FLAGS_CLEAR_ENV flag,
|
||
# it will clear environment, including PATH, making the flatpak run fail.
|
||
# https://github.com/flatpak/flatpak/pull/4174
|
||
(fetchpatch {
|
||
url = "https://github.com/flatpak/flatpak/commit/495449daf6d3c072519a36c9e4bc6cc1da4d31db.patch";
|
||
sha256 = "gOX/sGupAE7Yg3MVrMhFXzWHpFn+izVyjtkuPzIckuY=";
|
||
})
|
||
|
||
# Nix environment hacks should not leak into the apps.
|
||
# https://github.com/NixOS/nixpkgs/issues/53441
|
||
./unset-env-vars.patch
|
||
|
||
# But we want the GDK_PIXBUF_MODULE_FILE from the wrapper affect the icon validator.
|
||
./validate-icon-pixbuf.patch
|
||
];
|
||
|
||
nativeBuildInputs = [
|
||
autoreconfHook
|
||
libxml2
|
||
docbook_xml_dtd_45
|
||
docbook-xsl-nons
|
||
which
|
||
gobject-introspection
|
||
gtk-doc
|
||
intltool
|
||
libxslt
|
||
pkg-config
|
||
xmlto
|
||
appstream-glib
|
||
bison
|
||
wrapGAppsNoGuiHook
|
||
];
|
||
|
||
buildInputs = [
|
||
bubblewrap
|
||
bzip2
|
||
dbus
|
||
dconf
|
||
gpgme
|
||
json-glib
|
||
libarchive
|
||
libcap
|
||
libseccomp
|
||
libsoup
|
||
xz
|
||
zstd
|
||
polkit
|
||
python3
|
||
systemd
|
||
xorg.libXau
|
||
fuse
|
||
gsettings-desktop-schemas
|
||
glib-networking
|
||
librsvg # for flatpak-validate-icon
|
||
];
|
||
|
||
# Required by flatpak.pc
|
||
propagatedBuildInputs = [
|
||
glib
|
||
ostree
|
||
];
|
||
|
||
checkInputs = [
|
||
valgrind
|
||
];
|
||
|
||
# TODO: some issues with temporary files
|
||
doCheck = false;
|
||
|
||
NIX_LDFLAGS = "-lpthread";
|
||
|
||
enableParallelBuilding = true;
|
||
|
||
configureFlags = [
|
||
"--with-system-bubblewrap=${bubblewrap}/bin/bwrap"
|
||
"--with-system-dbus-proxy=${xdg-dbus-proxy}/bin/xdg-dbus-proxy"
|
||
"--with-dbus-config-dir=${placeholder "out"}/share/dbus-1/system.d"
|
||
"--localstatedir=/var"
|
||
"--enable-gtk-doc"
|
||
"--enable-installed-tests"
|
||
];
|
||
|
||
makeFlags = [
|
||
"installed_testdir=${placeholder "installedTests"}/libexec/installed-tests/flatpak"
|
||
"installed_test_metadir=${placeholder "installedTests"}/share/installed-tests/flatpak"
|
||
];
|
||
|
||
postPatch = let
|
||
vsc-py = python3.withPackages (pp: [
|
||
pp.pyparsing
|
||
]);
|
||
in ''
|
||
patchShebangs buildutil
|
||
patchShebangs tests
|
||
PATH=${lib.makeBinPath [vsc-py]}:$PATH patchShebangs --build variant-schema-compiler/variant-schema-compiler
|
||
'';
|
||
|
||
passthru = {
|
||
tests = {
|
||
installedTests = nixosTests.installed-tests.flatpak;
|
||
};
|
||
};
|
||
|
||
meta = with lib; {
|
||
description = "Linux application sandboxing and distribution framework";
|
||
homepage = "https://flatpak.org/";
|
||
license = licenses.lgpl21Plus;
|
||
maintainers = with maintainers; [ jtojnar ];
|
||
platforms = platforms.linux;
|
||
};
|
||
}
|