unity3d: use chromium-suid-sandbox

2016-08-08 01:56:47 +03:00 · 2016-08-08 01:56:47 +03:00 · 1e8894f085
commit 1e8894f085
parent b2413e48ae
4 changed files with 6 additions and 31 deletions
--- a/nixos/modules/module-list.nix
+++ b/nixos/modules/module-list.nix
@ -80,7 +80,6 @@
  ./programs/ssh.nix
  ./programs/ssmtp.nix
  ./programs/tmux.nix
-  ./programs/unity3d.nix
  ./programs/venus.nix
  ./programs/wvdial.nix
  ./programs/xfs_quota.nix
--- a/nixos/modules/programs/unity3d.nix
+++ b/nixos/modules/programs/unity3d.nix
@ -1,25 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with lib;
-
-let cfg = config.programs.unity3d;
-in {
-
-  options = {
-    programs.unity3d.enable = mkEnableOption "Unity3D, a game development tool";
-  };
-
-  config = mkIf cfg.enable {
-    security.setuidOwners = [{
-      program = "unity-chrome-sandbox";
-      source = "${pkgs.unity3d.sandbox}/bin/unity-chrome-sandbox";
-      owner = "root";
-      #group = "root";
-      setuid = true;
-      #setgid = true;
-    }];
-
-    environment.systemPackages = [ pkgs.unity3d ];
-  };
-
-}
--- a/nixos/modules/rename.nix
+++ b/nixos/modules/rename.nix
@ -134,6 +134,9 @@ with lib;
    (mkRemovedOptionModule [ "security" "grsecurity" "config" "verboseVersion" ])
    (mkRemovedOptionModule [ "security" "grsecurity" "config" "kernelExtraConfig" ])

+    # Unity3D
+    (mkRenamedOptionModule [ "programs" "unity3d" "enable" ] [ "security" "chromiumSuidSandbox" "enable" ])
+
    # Options that are obsolete and have no replacement.
    (mkRemovedOptionModule [ "boot" "initrd" "luks" "enable" ])
    (mkRemovedOptionModule [ "programs" "bash" "enable" ])
--- a/pkgs/development/tools/unity3d/default.nix
+++ b/pkgs/development/tools/unity3d/default.nix
@ -4,7 +4,7 @@
 , cairo, dbus, expat, zlib, libpng12, nodejs, gnutar, gcc, gcc_32bit
 , libX11, libXcursor, libXdamage, libXfixes, libXrender, libXi
 , libXcomposite, libXext, libXrandr, libXtst, libSM, libICE, libxcb
-, mono, libgnomeui, gnome_vfs, gnome-sharp, gtk-sharp
+, mono, libgnomeui, gnome_vfs, gnome-sharp, gtk-sharp, chromium
 }:

 let
@ -44,7 +44,7 @@ in stdenv.mkDerivation rec {

  nativeBuildInputs = [ makeWrapper fakeroot file getopt ];

-  outputs = [ "out" "monodevelop" "sandbox" ];
+  outputs = [ "out" "monodevelop" ];

  unpackPhase = ''
    echo -e 'q\ny' | fakeroot sh $src
@ -91,12 +91,10 @@ in stdenv.mkDerivation rec {
  '';

  installPhase = ''
-    install -Dm755 Editor/chrome-sandbox $sandbox/bin/unity-chrome-sandbox
-
    unitydir="$out/opt/Unity/Editor"
    mkdir -p $unitydir
    mv Editor/* $unitydir
-    ln -sf /var/setuid-wrappers/unity-chrome-sandbox $unitydir/chrome-sandbox
+    ln -sf /var/setuid-wrappers/${chromium.sandboxExecutableName} $unitydir/chrome-sandbox

    mkdir -p $out/share/applications
    sed "/^Exec=/c\Exec=$out/bin/unity-editor" \