nixpkgs/pkgs/applications/networking/browsers/chromium/common.nix
aszlig a80437e236
chromium: Remove out-of-tree sandbox derivation.
Since 0aad4b7, we no longer need to have an external sandbox binary,
because the upstream implementation of the user namespace sandbox no
longer needs an external sandbox binary.

In our implementation of the user namespace sandbox, we (ab)used the
setuid sandbox to run non-setuid and set up user namespaces instead.

Because our implementation is no longer needed, we can safely drop the
external binary entirely.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-07-04 02:31:44 +02:00

213 lines
6.6 KiB
Nix

{ stdenv, fetchurl, ninja, which
# default dependencies
, bzip2, flac, speex, libopus
, libevent, expat, libjpeg, snappy
, libpng, libxml2, libxslt, libcap
, xdg_utils, yasm, minizip, libwebp
, libusb1, libexif, pciutils
, python, pythonPackages, perl, pkgconfig
, nspr, udev, kerberos
, utillinux, alsaLib
, bison, gperf
, glib, gtk, dbus_glib
, libXScrnSaver, libXcursor, libXtst, mesa
, protobuf, speechd, libXdamage, cups
# optional dependencies
, libgcrypt ? null # gnomeSupport || cupsSupport
# package customization
, enableSELinux ? false, libselinux ? null
, enableNaCl ? false
, enableHotwording ? false
, useOpenSSL ? false, nss ? null, openssl ? null
, gnomeSupport ? false, gnome ? null
, gnomeKeyringSupport ? false, libgnome_keyring3 ? null
, proprietaryCodecs ? true
, cupsSupport ? true
, pulseSupport ? false, libpulseaudio ? null
, hiDPISupport ? false
, source
, plugins
}:
buildFun:
with stdenv.lib;
let
# The additional attributes for creating derivations based on the chromium
# source tree.
extraAttrs = buildFun base;
mkGypFlags =
let
sanitize = value:
if value == true then "1"
else if value == false then "0"
else "${value}";
toFlag = key: value: "-D${key}=${sanitize value}";
in attrs: concatStringsSep " " (attrValues (mapAttrs toFlag attrs));
gypFlagsUseSystemLibs = {
use_system_bzip2 = true;
use_system_flac = true;
use_system_libevent = true;
use_system_libexpat = true;
use_system_libexif = true;
use_system_libjpeg = true;
use_system_libpng = true;
use_system_libwebp = true;
use_system_libxml = true;
use_system_opus = true;
use_system_snappy = true;
use_system_speex = true;
use_system_ssl = useOpenSSL;
use_system_stlport = true;
use_system_xdg_utils = true;
use_system_yasm = true;
use_system_zlib = false;
use_system_protobuf = false; # needs newer protobuf
use_system_harfbuzz = false;
use_system_icu = false; # Doesn't support ICU 52 yet.
use_system_libusb = false; # http://crbug.com/266149
use_system_skia = false;
use_system_sqlite = false; # http://crbug.com/22208
use_system_v8 = false;
};
opusWithCustomModes = libopus.override {
withCustomModes = true;
};
defaultDependencies = [
bzip2 flac speex opusWithCustomModes
libevent expat libjpeg snappy
libpng libxml2 libxslt libcap
xdg_utils yasm minizip libwebp
libusb1 libexif
];
# build paths and release info
packageName = extraAttrs.packageName or extraAttrs.name;
buildType = "Release";
buildPath = "out/${buildType}";
libExecPath = "$out/libexec/${packageName}";
base = rec {
name = "${packageName}-${version}";
inherit (source) version;
inherit packageName buildType buildPath;
src = source;
buildInputs = defaultDependencies ++ [
which
python perl pkgconfig
nspr udev
(if useOpenSSL then openssl else nss)
utillinux alsaLib
bison gperf kerberos
glib gtk dbus_glib
libXScrnSaver libXcursor libXtst mesa
pciutils protobuf speechd libXdamage
pythonPackages.gyp pythonPackages.ply pythonPackages.jinja2
] ++ optional gnomeKeyringSupport libgnome_keyring3
++ optionals gnomeSupport [ gnome.GConf libgcrypt ]
++ optional enableSELinux libselinux
++ optionals cupsSupport [ libgcrypt cups ]
++ optional pulseSupport libpulseaudio;
# XXX: Wait for https://crbug.com/239107 and https://crbug.com/239181 to
# be fixed, then try again to unbundle everything into separate
# derivations.
prePatch = ''
cp -dr --no-preserve=mode "${source.main}"/* .
cp -dr "${source.bundled}" third_party
chmod -R u+w third_party
'';
postPatch = ''
sed -i -e '/module_path *=.*libexif.so/ {
s|= [^;]*|= base::FilePath().AppendASCII("${libexif}/lib/libexif.so")|
}' chrome/utility/media_galleries/image_metadata_extractor.cc
sed -i -e '/lib_loader.*Load/s!"\(libudev\.so\)!"${udev}/lib/\1!' \
device/udev_linux/udev?_loader.cc
sed -i -e '/libpci_loader.*Load/s!"\(libpci\.so\)!"${pciutils}/lib/\1!' \
gpu/config/gpu_info_collector_linux.cc
'';
gypFlags = mkGypFlags (gypFlagsUseSystemLibs // {
linux_use_bundled_binutils = false;
linux_use_bundled_gold = false;
linux_use_gold_binary = false;
linux_use_gold_flags = false;
proprietary_codecs = false;
use_gnome_keyring = gnomeKeyringSupport;
use_gconf = gnomeSupport;
use_gio = gnomeSupport;
use_pulseaudio = pulseSupport;
linux_link_pulseaudio = pulseSupport;
disable_nacl = !enableNaCl;
enable_hotwording = enableHotwording;
use_openssl = useOpenSSL;
selinux = enableSELinux;
use_cups = cupsSupport;
} // {
werror = "";
clang = false;
enable_hidpi = hiDPISupport;
# Google API keys, see:
# http://www.chromium.org/developers/how-tos/api-keys
# Note: These are for NixOS/nixpkgs use ONLY. For your own distribution,
# please get your own set of keys.
google_api_key = "AIzaSyDGi15Zwl11UNe6Y-5XW_upsfyw31qwZPI";
google_default_client_id = "404761575300.apps.googleusercontent.com";
google_default_client_secret = "9rIFQjfnkykEmqb6FfjJQD1D";
} // optionalAttrs proprietaryCodecs {
# enable support for the H.264 codec
proprietary_codecs = true;
ffmpeg_branding = "Chrome";
} // optionalAttrs (stdenv.system == "x86_64-linux") {
target_arch = "x64";
python_arch = "x86-64";
} // optionalAttrs (stdenv.system == "i686-linux") {
target_arch = "ia32";
python_arch = "ia32";
} // (extraAttrs.gypFlags or {}));
configurePhase = ''
# Precompile .pyc files to prevent race conditions during build
python -m compileall -q -f . || : # ignore errors
# This is to ensure expansion of $out.
libExecPath="${libExecPath}"
python build/linux/unbundle/replace_gyp_files.py ${gypFlags}
python build/gyp_chromium -f ninja --depth . ${gypFlags}
'';
buildPhase = let
buildCommand = target: ''
"${ninja}/bin/ninja" -C "${buildPath}" \
-j$NIX_BUILD_CORES -l$NIX_BUILD_CORES \
"${target}"
'' + optionalString (target == "mksnapshot" || target == "chrome") ''
paxmark m "${buildPath}/${target}"
'';
targets = extraAttrs.buildTargets or [];
commands = map buildCommand targets;
in concatStringsSep "\n" commands;
};
# Remove some extraAttrs we supplied to the base attributes already.
in stdenv.mkDerivation (base // removeAttrs extraAttrs [
"name" "gypFlags" "buildTargets"
])