mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-12-25 03:17:13 +00:00
c75860918f
start_kdeinit reads its environment over a pipe from start_kdeinit_wrapper. For security, each environment entry must be smaller than 4kb by default. Qt-based applications in Nixpkgs may have larger environments, and the recent upgrade to Plasma 5.17 pushed start_kdeinit_wrapper over the limit. The limit is now extended to 16kb. This problem was not detected during testing because the failure is silent: start_kdeinit will continue with an empty environment. In other circumstances, this strategy might work, but it does not work on NixOS. This failure is now treated as a fatal error. Fixes: #79707
40 lines
1.3 KiB
Nix
40 lines
1.3 KiB
Nix
{
|
|
mkDerivation, lib, copyPathsToStore, writeScript,
|
|
extra-cmake-modules, kdoctools,
|
|
kconfig, kcrash, ki18n, kio, kparts, kservice, kwindowsystem, plasma-framework
|
|
}:
|
|
|
|
let inherit (lib) getLib; in
|
|
|
|
mkDerivation {
|
|
name = "kinit";
|
|
meta = { maintainers = [ lib.maintainers.ttuegel ]; };
|
|
outputs = [ "out" "dev" ];
|
|
nativeBuildInputs = [ extra-cmake-modules kdoctools ];
|
|
buildInputs = [
|
|
kconfig kcrash ki18n kio kservice kwindowsystem
|
|
];
|
|
patches = [
|
|
./0001-kinit-libpath.patch
|
|
./0002-start_kdeinit-path.patch
|
|
./0003-kdeinit-extra-libs.patch
|
|
./0004-start_kdeinit-environ-hard-limit.patch
|
|
];
|
|
CXXFLAGS = [
|
|
''-DNIXPKGS_KF5_KIOCORE=\"${getLib kio}/lib/libKF5KIOCore.so.5\"''
|
|
''-DNIXPKGS_KF5_PARTS=\"${getLib kparts}/lib/libKF5Parts.so.5\"''
|
|
''-DNIXPKGS_KF5_PLASMA=\"${getLib plasma-framework}/lib/libKF5Plasma.so.5\"''
|
|
];
|
|
setupHook = writeScript "setup-hook.sh" ''
|
|
kinitFixupOutputHook() {
|
|
if [ $prefix != ''${!outputBin} ] && [ -d $prefix/lib ]; then
|
|
mkdir -p ''${!outputBin}/lib
|
|
find $prefix/lib -maxdepth 1 -name 'libkdeinit5_*.so' -exec ln -s \{\} ''${!outputBin}/lib \;
|
|
rmdir --ignore-fail-on-non-empty ''${!outputBin}/lib
|
|
fi
|
|
}
|
|
|
|
fixupOutputHooks+=(kinitFixupOutputHook)
|
|
'';
|
|
}
|