movefasta/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-06-13 13:15:30 +03:00
Code Issues Projects Releases Packages Wiki Activity

lxc: enable pam_cgfs and fix module

Browse source 
pam_cgfs was part in lxcfs before and moved here

fixes #37985
This commit is contained in:
Jörg Thalheim 2018-04-09 08:13:23 +01:00
parent 8f9b21212d
commit e8cfda7f13
3 changed files with 7 additions and 17 deletions
Download patch file Download diff file Expand all files Collapse all files

2
nixos/modules/security/pam.nix
View file

@ -386,7 +386,7 @@ let
${optionalString (cfg.enableGnomeKeyring) ${optionalString (cfg.enableGnomeKeyring)
"session optional ${pkgs.gnome3.gnome-keyring}/lib/security/pam_gnome_keyring.so auto_start"} "session optional ${pkgs.gnome3.gnome-keyring}/lib/security/pam_gnome_keyring.so auto_start"}
${optionalString (config.virtualisation.lxc.lxcfs.enable) ${optionalString (config.virtualisation.lxc.lxcfs.enable)
"session optional ${pkgs.lxcfs}/lib/security/pam_cgfs.so -c freezer,memory,name=systemd,unified,cpuset"} "session optional ${pkgs.lxc}/lib/security/pam_cgfs.so -c all"}
''); '');
}; };

18
pkgs/os-specific/linux/lxc/default.nix
View file

@ -1,14 +1,11 @@
{ stdenv, fetchurl, fetchpatch, autoreconfHook, pkgconfig, perl, docbook2x { stdenv, fetchurl, fetchpatch, autoreconfHook, pkgconfig, perl, docbook2x
, docbook_xml_dtd_45, python3Packages , docbook_xml_dtd_45, python3Packages, pam
# Optional Dependencies # Optional Dependencies
, libapparmor ? null, gnutls ? null, libselinux ? null, libseccomp ? null , libapparmor ? null, gnutls ? null, libselinux ? null, libseccomp ? null
, cgmanager ? null, libnih ? null, dbus ? null, libcap ? null, systemd ? null , libcap ? null, systemd ? null
}: }:
let
enableCgmanager = cgmanager != null && libnih != null && dbus != null;
in
with stdenv.lib; with stdenv.lib;
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "lxc-${version}"; name = "lxc-${version}";
@ -23,7 +20,7 @@ stdenv.mkDerivation rec {
autoreconfHook pkgconfig perl docbook2x python3Packages.wrapPython autoreconfHook pkgconfig perl docbook2x python3Packages.wrapPython
]; ];
buildInputs = [ buildInputs = [
libapparmor gnutls libselinux libseccomp cgmanager libnih dbus libcap pam libapparmor gnutls libselinux libseccomp libcap
python3Packages.python python3Packages.setuptools systemd python3Packages.python python3Packages.setuptools systemd
]; ];
@ -37,15 +34,8 @@ stdenv.mkDerivation rec {
XML_CATALOG_FILES = "${docbook_xml_dtd_45}/xml/dtd/docbook/catalog.xml"; XML_CATALOG_FILES = "${docbook_xml_dtd_45}/xml/dtd/docbook/catalog.xml";
# FIXME
# glibc 2.25 moved major()/minor() to <sys/sysmacros.h>.
# this commit should detect this: https://github.com/lxc/lxc/pull/1388/commits/af6824fce9c9536fbcabef8d5547f6c486f55fdf
# However autotools checks if mkdev is still defined in <sys/types.h> runs before
# checking if major()/minor() is defined there. The mkdev check succeeds with
# a warning and the check which should set MAJOR_IN_SYSMACROS is skipped.
NIX_CFLAGS_COMPILE = [ "-DMAJOR_IN_SYSMACROS" ];
configureFlags = [ configureFlags = [
"--enable-pam"
"--localstatedir=/var" "--localstatedir=/var"
"--sysconfdir=/etc" "--sysconfdir=/etc"
"--disable-api-docs" "--disable-api-docs"

4
pkgs/os-specific/linux/lxcfs/default.nix
View file

@ -1,4 +1,4 @@
{ stdenv, fetchFromGitHub, autoreconfHook, pkgconfig, help2man, fuse, pam { stdenv, fetchFromGitHub, autoreconfHook, pkgconfig, help2man, fuse
, enableDebugBuild ? false }: , enableDebugBuild ? false }:
with stdenv.lib; with stdenv.lib;
@ -13,7 +13,7 @@ stdenv.mkDerivation rec {
}; };
nativeBuildInputs = [ pkgconfig help2man autoreconfHook ]; nativeBuildInputs = [ pkgconfig help2man autoreconfHook ];
buildInputs = [ fuse pam ]; buildInputs = [ fuse ];
preConfigure = stdenv.lib.optionalString enableDebugBuild '' preConfigure = stdenv.lib.optionalString enableDebugBuild ''
sed -i 's,#AM_CFLAGS += -DDEBUG,AM_CFLAGS += -DDEBUG,' Makefile.am sed -i 's,#AM_CFLAGS += -DDEBUG,AM_CFLAGS += -DDEBUG,' Makefile.am