ppp-2.4.5, a few patches

svn path=/nixpkgs/trunk/; revision=31279

pkgs/tools/networking/ppp/default.nix

@@ -1,41 +1,32 @@
-a :  
+{ stdenv, fetchurl, substituteAll, libpcap }:
-let 
+
-  fetchurl = a.fetchurl;
+stdenv.mkDerivation rec {
+  name = "ppp-2.4.5";
 
-  version = a.lib.attrByPath ["version"] "2.4.4" a; 
-  buildInputs = with a; [
-    
-  ];
-in
-rec {
   src = fetchurl {
-    url = "http://ppp.samba.org/ftp/ppp/ppp-${version}.tar.gz";
+    url = "${meta.homepage}ftp/ppp/${name}.tar.gz";
-    sha256 = "1sli1s478k85vmjdbrqm39nn5r20x9qgg3a0lbp2dwz50zy4bbsq";
+    sha256 = "019m00q85nrgdpjlhb9021a3iw3pr4a0913gp4h9k7r9r7z7lca3";
   };
 
-  inherit buildInputs;
+  patches =
-  configureFlags = [];
+    [ ( substituteAll {
+        src = ./nix-purity.patch;
+        inherit libpcap;
+        glibc = stdenv.gcc.libc;
+      })
+      ./nonpriv.patch
+    ];
 
-  phaseNames = ["exportVars" "patchPrivileged" "doConfigure" "doMakeInstall"];
+  postPatch = "rm -v include/linux/if_pppol2tp.h";
 
-  exportVars = a.noDepEntry(''
+  buildInputs = [ libpcap ];
-    export NIX_CFLAGS_COMPILE="$NIX_CFLAGS_COMPILE -lcrypt "
-  '');
 
-  /* We want to run it as far as we can with our current permissions
+  postInstall = "chmod -v -R +rw $out";
-     For example, dependent builds would prefer to run --version 
-     without ever using setuid pppd. We are not setuid anyway, so.. */
-  patchPrivileged = a.fullDepEntry(''
-    sed -e '/privileged =/aprivileged = 1;' -i pppd/main.c
-    sed -e '/SH DESCRIPTION/a WARNING: Patched version unsuitable to be setuid root' -i pppd/pppd.8
-  '') ["minInit" "doUnpack"];
 
-  passthru = {
-    inherit version;
-  };
-      
-  name = "ppp-" + version;
   meta = {
+    homepage = http://ppp.samba.org/;
     description = "Point-to-point implementation for Linux and Solaris";
+    platforms = stdenv.lib.platforms.linux;
+    maintainers = [ stdenv.lib.maintainers.urkud ];
   };
 }

pkgs/tools/networking/ppp/nix-purity.patch

@@ -0,0 +1,22 @@
+diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux
+index 060db6a..c151c62 100644
+--- a/pppd/Makefile.linux
++++ b/pppd/Makefile.linux
+@@ -117,7 +117,7 @@ CFLAGS   += -DHAS_SHADOW
+ #LIBS     += -lshadow $(LIBS)
+ endif
+ 
+-ifneq ($(wildcard /usr/include/crypt.h),)
++ifneq ($(wildcard @glibc@/include/crypt.h),)
+ CFLAGS  += -DHAVE_CRYPT_H=1
+ LIBS	+= -lcrypt
+ endif
+@@ -169,7 +169,7 @@ LIBS	+= -ldl
+ endif
+ 
+ ifdef FILTER
+-ifneq ($(wildcard /usr/include/pcap-bpf.h),)
++ifneq ($(wildcard @libpcap@/include/pcap-bpf.h),)
+ LIBS    += -lpcap
+ CFLAGS  += -DPPP_FILTER
+ endif

pkgs/tools/networking/ppp/nonpriv.patch

@@ -0,0 +1,13 @@
+diff --git a/pppd/main.c b/pppd/main.c
+index 014d614..6661d33 100644
+--- a/pppd/main.c
++++ b/pppd/main.c
+@@ -334,7 +334,7 @@ main(argc, argv)
+     umask(umask(0777) | 022);
+ 
+     uid = getuid();
+-    privileged = uid == 0;
++    privileged = (uid == 0) || (geteuid() != 0);
+     slprintf(numbuf, sizeof(numbuf), "%d", uid);
+     script_setenv("ORIG_UID", numbuf, 0);
+ 

pkgs/top-level/all-packages.nix

@@ -1217,9 +1217,7 @@ let
 
   ppl0_11 = callPackage ../development/libraries/ppl/0.11.nix { };
 
-  /* WARNING: this version is unsuitable for using with a setuid wrapper */
+  ppp = callPackage ../tools/networking/ppp { };
-  ppp = builderDefsPackage (import ../tools/networking/ppp) {
-  };
 
   pptp = callPackage ../tools/networking/pptp {};