diff --git a/pkgs/development/libraries/libutempter/default.nix b/pkgs/development/libraries/libutempter/default.nix
index 8481f857b2ce..d54c82ae7f21 100644
--- a/pkgs/development/libraries/libutempter/default.nix
+++ b/pkgs/development/libraries/libutempter/default.nix
@@ -13,6 +13,10 @@ stdenv.mkDerivation rec {
buildInputs = [ glib ];
+ prePatch = ''
+ substituteInPlace Makefile --replace 2711 0711
+ '';
+
installFlags = [
"libdir=\${out}/lib"
"libexecdir=\${out}/lib"
diff --git a/pkgs/development/libraries/wcslib/default.nix b/pkgs/development/libraries/wcslib/default.nix
index 6bbc77056710..64c5293fac7d 100644
--- a/pkgs/development/libraries/wcslib/default.nix
+++ b/pkgs/development/libraries/wcslib/default.nix
@@ -11,6 +11,11 @@ stdenv.mkDerivation rec {
sha256 ="1s2nig327g4bimd9xshlk11ww09a7mrjmsbpdcd8smsmn2kl1glb";
};
+ prePatch = ''
+ substituteInPlace GNUmakefile --replace 2775 0775
+ substituteInPlace C/GNUmakefile --replace 2775 0775
+ '';
+
enableParallelBuilding = true;
meta = {
diff --git a/pkgs/os-specific/linux/firejail/default.nix b/pkgs/os-specific/linux/firejail/default.nix
index cf7fe8fc8418..1bbe8dbb160b 100644
--- a/pkgs/os-specific/linux/firejail/default.nix
+++ b/pkgs/os-specific/linux/firejail/default.nix
@@ -27,7 +27,7 @@ stdenv.mkDerivation {
'';
preBuild = ''
- sed -e "s@/etc/@$out/etc/@g" -i Makefile
+ sed -e "s@/etc/@$out/etc/@g" -e "/chmod u+s/d" -i Makefile
'';
meta = {
diff --git a/pkgs/os-specific/linux/kbdlight/default.nix b/pkgs/os-specific/linux/kbdlight/default.nix
index 1bc07f357a8a..44a63c9f1ece 100644
--- a/pkgs/os-specific/linux/kbdlight/default.nix
+++ b/pkgs/os-specific/linux/kbdlight/default.nix
@@ -13,7 +13,8 @@ stdenv.mkDerivation rec {
preConfigure = ''
substituteInPlace Makefile \
- --replace /usr/local $out
+ --replace /usr/local $out \
+ --replace 4755 0755
'';
meta = with stdenv.lib; {
diff --git a/pkgs/servers/mail/mailman/default.nix b/pkgs/servers/mail/mailman/default.nix
index b18ab016c441..3c028b1ac170 100644
--- a/pkgs/servers/mail/mailman/default.nix
+++ b/pkgs/servers/mail/mailman/default.nix
@@ -16,6 +16,8 @@ stdenv.mkDerivation rec {
installTargets = "doinstall"; # Leave out the 'update' target that's implied by 'install'.
+ makeFlags = [ "DIRSETGID=:" ];
+
meta = {
homepage = "http://www.gnu.org/software/mailman/";
description = "Free software for managing electronic mail discussion and e-newsletter lists";
diff --git a/pkgs/servers/news/leafnode/default.nix b/pkgs/servers/news/leafnode/default.nix
index a3579aa83099..9a8a0a80e522 100644
--- a/pkgs/servers/news/leafnode/default.nix
+++ b/pkgs/servers/news/leafnode/default.nix
@@ -10,6 +10,10 @@ stdenv.mkDerivation rec {
configureFlags = "--enable-runas-user=nobody";
+ prePatch = ''
+ substituteInPlace Makefile.in --replace 02770 0770
+ '';
+
preConfigure = ''
# configure uses id to check environment; we don't want this check
sed -re 's/^ID[=].*/ID="echo whatever"/' -i configure
diff --git a/pkgs/tools/filesystems/irods/default.nix b/pkgs/tools/filesystems/irods/default.nix
index 72118cada9f1..db69fa64c84d 100644
--- a/pkgs/tools/filesystems/irods/default.nix
+++ b/pkgs/tools/filesystems/irods/default.nix
@@ -40,6 +40,8 @@ in rec {
-DCMAKE_MODULE_LINKER_FLAGS=-Wl,-rpath,$out/lib
-DCMAKE_SHARED_LINKER_FLAGS=-Wl,-rpath,$out/lib
"
+
+ substituteInPlace cmake/server.cmake --replace SETUID ""
'';
meta = common.meta // {
diff --git a/pkgs/tools/misc/ddccontrol/default.nix b/pkgs/tools/misc/ddccontrol/default.nix
index ddf9c38ec93a..b3aca778cd9e 100644
--- a/pkgs/tools/misc/ddccontrol/default.nix
+++ b/pkgs/tools/misc/ddccontrol/default.nix
@@ -28,6 +28,8 @@ stdenv.mkDerivation {
oldPath+="{datadir}\/ddccontrol-db"
sed "s/$oldPath/$newPath/" <configure.ac.old >configure.ac
rm configure.ac.old
+
+ sed -e "s/chmod 4711/chmod 0711/" -i src/ddcpci/Makefile*
'';
meta = with stdenv.lib; {
diff --git a/pkgs/tools/networking/mailutils/default.nix b/pkgs/tools/networking/mailutils/default.nix
index 0ae993db332e..f83ea004db63 100644
--- a/pkgs/tools/networking/mailutils/default.nix
+++ b/pkgs/tools/networking/mailutils/default.nix
@@ -14,6 +14,12 @@ stdenv.mkDerivation rec {
patches = [ ./path-to-cat.patch ./no-gets.patch ./scm_c_string.patch ];
+ postPatch = ''
+ sed -i -e '/chown root:mail/d' \
+ -e 's/chmod [24]755/chmod 0755/' \
+ */Makefile{,.in,.am}
+ '';
+
configureFlags = [
"--with-gsasl"
"--with-gssapi=${gss}"
diff --git a/pkgs/tools/networking/netselect/default.nix b/pkgs/tools/networking/netselect/default.nix
index f326059d9d77..6015ff9fbc7c 100644
--- a/pkgs/tools/networking/netselect/default.nix
+++ b/pkgs/tools/networking/netselect/default.nix
@@ -8,10 +8,13 @@ stdenv.mkDerivation {
sha256 = "0y69z59vylj9x9nk5jqn6ihx7dkzg09gpv2w1q1rs8fmi4jr90gy";
};
- preBuild = "
+ preBuild = ''
makeFlagsArray=(PREFIX=$out)
- substituteInPlace Makefile --replace '-o root' '' --replace '-g root' ''
- ";
+ substituteInPlace Makefile \
+ --replace "-o root" "" \
+ --replace "-g root" "" \
+ --replace "4755" "0755"
+ '';
meta = {
homepage = http://alumnit.ca/~apenwarr/netselect/;
diff --git a/pkgs/tools/system/mcron/default.nix b/pkgs/tools/system/mcron/default.nix
index a90d6afdc61f..5863504c7040 100644
--- a/pkgs/tools/system/mcron/default.nix
+++ b/pkgs/tools/system/mcron/default.nix
@@ -10,6 +10,11 @@ stdenv.mkDerivation rec {
patches = [ ./install-vixie-programs.patch ];
+ # don't attempt to chmod +s files in the nix store
+ postPatch = ''
+ substituteInPlace makefile.in --replace "rwxs" "rwx"
+ '';
+
buildInputs = [ guile which ed ];
doCheck = true;