From 53b37c99b41dbcbf9ddedc509f92776b055d08b4 Mon Sep 17 00:00:00 2001 From: Friedrich Altheide <11352905+FriedrichAltheide@users.noreply.github.com> Date: Mon, 14 Oct 2024 06:46:43 +0200 Subject: [PATCH] virtualbox: nixfmt --- .../virtualisation/virtualbox-guest.nix | 91 +++--- .../virtualisation/virtualbox-host.nix | 192 +++++++----- .../virtualization/virtualbox/default.nix | 287 ++++++++++++------ .../virtualization/virtualbox/extpack.nix | 18 +- .../guest-additions-iso/default.nix | 16 +- .../virtualbox/guest-additions/builder.nix | 152 ++++++---- .../virtualbox/guest-additions/default.nix | 209 ++++++++----- 7 files changed, 617 insertions(+), 348 deletions(-) diff --git a/nixos/modules/virtualisation/virtualbox-guest.nix b/nixos/modules/virtualisation/virtualbox-guest.nix index 31222d553a34..48eb4528a232 100644 --- a/nixos/modules/virtualisation/virtualbox-guest.nix +++ b/nixos/modules/virtualisation/virtualbox-guest.nix @@ -1,5 +1,10 @@ # Module for VirtualBox guests. -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.virtualisation.virtualbox.guest; kernel = config.boot.kernelPackages; @@ -28,7 +33,20 @@ let in { imports = [ - (lib.mkRenamedOptionModule [ "virtualisation" "virtualbox" "guest" "draganddrop" ] [ "virtualisation" "virtualbox" "guest" "dragAndDrop" ]) + (lib.mkRenamedOptionModule + [ + "virtualisation" + "virtualbox" + "guest" + "draganddrop" + ] + [ + "virtualisation" + "virtualbox" + "guest" + "dragAndDrop" + ] + ) ]; options.virtualisation.virtualbox.guest = { @@ -59,36 +77,38 @@ in ###### implementation - config = lib.mkIf cfg.enable (lib.mkMerge [ - { - assertions = [{ - assertion = pkgs.stdenv.hostPlatform.isx86; - message = "Virtualbox not currently supported on ${pkgs.stdenv.hostPlatform.system}"; - }]; + config = lib.mkIf cfg.enable ( + lib.mkMerge [ + { + assertions = [ + { + assertion = pkgs.stdenv.hostPlatform.isx86; + message = "Virtualbox not currently supported on ${pkgs.stdenv.hostPlatform.system}"; + } + ]; - environment.systemPackages = [ kernel.virtualboxGuestAdditions ]; + environment.systemPackages = [ kernel.virtualboxGuestAdditions ]; - boot.extraModulePackages = [ kernel.virtualboxGuestAdditions ]; + boot.extraModulePackages = [ kernel.virtualboxGuestAdditions ]; - boot.supportedFilesystems = [ "vboxsf" ]; - boot.initrd.supportedFilesystems = [ "vboxsf" ]; + boot.supportedFilesystems = [ "vboxsf" ]; + boot.initrd.supportedFilesystems = [ "vboxsf" ]; - users.groups.vboxsf.gid = config.ids.gids.vboxsf; + users.groups.vboxsf.gid = config.ids.gids.vboxsf; - systemd.services.virtualbox = { - description = "VirtualBox Guest Services"; + systemd.services.virtualbox = { + description = "VirtualBox Guest Services"; - wantedBy = [ "multi-user.target" ]; - requires = [ "dev-vboxguest.device" ]; - after = [ "dev-vboxguest.device" ]; + wantedBy = [ "multi-user.target" ]; + requires = [ "dev-vboxguest.device" ]; + after = [ "dev-vboxguest.device" ]; - unitConfig.ConditionVirtualization = "oracle"; + unitConfig.ConditionVirtualization = "oracle"; - serviceConfig.ExecStart = "@${kernel.virtualboxGuestAdditions}/bin/VBoxService VBoxService --foreground"; - }; + serviceConfig.ExecStart = "@${kernel.virtualboxGuestAdditions}/bin/VBoxService VBoxService --foreground"; + }; - services.udev.extraRules = - '' + services.udev.extraRules = '' # /dev/vboxuser is necessary for VBoxClient to work. Maybe we # should restrict this to logged-in users. KERNEL=="vboxuser", OWNER="root", GROUP="root", MODE="0666" @@ -97,22 +117,17 @@ in SUBSYSTEM=="misc", KERNEL=="vboxguest", TAG+="systemd" ''; - systemd.user.services.virtualboxClientVmsvga = mkVirtualBoxUserService "--vmsvga-session"; - } - ( - lib.mkIf cfg.clipboard { + systemd.user.services.virtualboxClientVmsvga = mkVirtualBoxUserService "--vmsvga-session"; + } + (lib.mkIf cfg.clipboard { systemd.user.services.virtualboxClientClipboard = mkVirtualBoxUserService "--clipboard"; - } - ) - ( - lib.mkIf cfg.seamless { + }) + (lib.mkIf cfg.seamless { systemd.user.services.virtualboxClientSeamless = mkVirtualBoxUserService "--seamless"; - } - ) - ( - lib.mkIf cfg.dragAndDrop { + }) + (lib.mkIf cfg.dragAndDrop { systemd.user.services.virtualboxClientDragAndDrop = mkVirtualBoxUserService "--draganddrop"; - } - ) - ]); + }) + ] + ); } diff --git a/nixos/modules/virtualisation/virtualbox-host.nix b/nixos/modules/virtualisation/virtualbox-host.nix index 8820b4ff5a83..29e2d4340f3c 100644 --- a/nixos/modules/virtualisation/virtualbox-host.nix +++ b/nixos/modules/virtualisation/virtualbox-host.nix @@ -1,9 +1,19 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.virtualisation.virtualbox.host; virtualbox = cfg.package.override { - inherit (cfg) enableHardening headless enableWebService enableKvm; + inherit (cfg) + enableHardening + headless + enableWebService + enableKvm + ; extensionPack = if cfg.enableExtensionPack then pkgs.virtualboxExtpack else null; }; @@ -93,93 +103,119 @@ in }; }; - config = lib.mkIf cfg.enable (lib.mkMerge [{ - warnings = lib.mkIf (pkgs.config.virtualbox.enableExtensionPack or false) - ["'nixpkgs.virtualbox.enableExtensionPack' has no effect, please use 'virtualisation.virtualbox.host.enableExtensionPack'"]; - environment.systemPackages = [ virtualbox ]; - - security.wrappers = let - mkSuid = program: { - source = "${virtualbox}/libexec/virtualbox/${program}"; - owner = "root"; - group = "vboxusers"; - setuid = true; - }; - executables = [ - "VBoxHeadless" - "VBoxNetAdpCtl" - "VBoxNetDHCP" - "VBoxNetNAT" - "VBoxVolInfo" - ] ++ (lib.optionals (!cfg.headless) [ - "VBoxSDL" - "VirtualBoxVM" - ]); - in lib.mkIf cfg.enableHardening - (builtins.listToAttrs (map (x: { name = x; value = mkSuid x; }) executables)); - - users.groups.vboxusers.gid = config.ids.gids.vboxusers; - - services.udev.extraRules = - '' - SUBSYSTEM=="usb_device", ACTION=="add", RUN+="${virtualbox}/libexec/virtualbox/VBoxCreateUSBNode.sh $major $minor $attr{bDeviceClass}" - SUBSYSTEM=="usb", ACTION=="add", ENV{DEVTYPE}=="usb_device", RUN+="${virtualbox}/libexec/virtualbox/VBoxCreateUSBNode.sh $major $minor $attr{bDeviceClass}" - SUBSYSTEM=="usb_device", ACTION=="remove", RUN+="${virtualbox}/libexec/virtualbox/VBoxCreateUSBNode.sh --remove $major $minor" - SUBSYSTEM=="usb", ACTION=="remove", ENV{DEVTYPE}=="usb_device", RUN+="${virtualbox}/libexec/virtualbox/VBoxCreateUSBNode.sh --remove $major $minor" - ''; - } (lib.mkIf cfg.enableKvm { - assertions = [ + config = lib.mkIf cfg.enable ( + lib.mkMerge [ { - assertion = !cfg.addNetworkInterface; - message = "VirtualBox KVM only supports standard NAT networking for VMs. Please turn off virtualisation.virtualbox.host.addNetworkInterface."; + warnings = lib.mkIf (pkgs.config.virtualbox.enableExtensionPack or false) [ + "'nixpkgs.virtualbox.enableExtensionPack' has no effect, please use 'virtualisation.virtualbox.host.enableExtensionPack'" + ]; + environment.systemPackages = [ virtualbox ]; + + security.wrappers = + let + mkSuid = program: { + source = "${virtualbox}/libexec/virtualbox/${program}"; + owner = "root"; + group = "vboxusers"; + setuid = true; + }; + executables = + [ + "VBoxHeadless" + "VBoxNetAdpCtl" + "VBoxNetDHCP" + "VBoxNetNAT" + "VBoxVolInfo" + ] + ++ (lib.optionals (!cfg.headless) [ + "VBoxSDL" + "VirtualBoxVM" + ]); + in + lib.mkIf cfg.enableHardening ( + builtins.listToAttrs ( + map (x: { + name = x; + value = mkSuid x; + }) executables + ) + ); + + users.groups.vboxusers.gid = config.ids.gids.vboxusers; + + services.udev.extraRules = '' + SUBSYSTEM=="usb_device", ACTION=="add", RUN+="${virtualbox}/libexec/virtualbox/VBoxCreateUSBNode.sh $major $minor $attr{bDeviceClass}" + SUBSYSTEM=="usb", ACTION=="add", ENV{DEVTYPE}=="usb_device", RUN+="${virtualbox}/libexec/virtualbox/VBoxCreateUSBNode.sh $major $minor $attr{bDeviceClass}" + SUBSYSTEM=="usb_device", ACTION=="remove", RUN+="${virtualbox}/libexec/virtualbox/VBoxCreateUSBNode.sh --remove $major $minor" + SUBSYSTEM=="usb", ACTION=="remove", ENV{DEVTYPE}=="usb_device", RUN+="${virtualbox}/libexec/virtualbox/VBoxCreateUSBNode.sh --remove $major $minor" + ''; } - ]; - }) (lib.mkIf (!cfg.enableKvm) { - boot.kernelModules = [ "vboxdrv" "vboxnetadp" "vboxnetflt" ]; - boot.extraModulePackages = [ kernelModules ]; + (lib.mkIf cfg.enableKvm { + assertions = [ + { + assertion = !cfg.addNetworkInterface; + message = "VirtualBox KVM only supports standard NAT networking for VMs. Please turn off virtualisation.virtualbox.host.addNetworkInterface."; + } + ]; + }) + (lib.mkIf (!cfg.enableKvm) { + boot.kernelModules = [ + "vboxdrv" + "vboxnetadp" + "vboxnetflt" + ]; + boot.extraModulePackages = [ kernelModules ]; - services.udev.extraRules = - '' - KERNEL=="vboxdrv", OWNER="root", GROUP="vboxusers", MODE="0660", TAG+="systemd" - KERNEL=="vboxdrvu", OWNER="root", GROUP="root", MODE="0666", TAG+="systemd" - KERNEL=="vboxnetctl", OWNER="root", GROUP="vboxusers", MODE="0660", TAG+="systemd" - ''; + services.udev.extraRules = '' + KERNEL=="vboxdrv", OWNER="root", GROUP="vboxusers", MODE="0660", TAG+="systemd" + KERNEL=="vboxdrvu", OWNER="root", GROUP="root", MODE="0666", TAG+="systemd" + KERNEL=="vboxnetctl", OWNER="root", GROUP="vboxusers", MODE="0660", TAG+="systemd" + ''; - # Since we lack the right setuid/setcap binaries, set up a host-only network by default. - }) (lib.mkIf cfg.addNetworkInterface { - systemd.services.vboxnet0 = - { description = "VirtualBox vboxnet0 Interface"; - requires = [ "dev-vboxnetctl.device" ]; - after = [ "dev-vboxnetctl.device" ]; - wantedBy = [ "network.target" "sys-subsystem-net-devices-vboxnet0.device" ]; - path = [ virtualbox ]; - serviceConfig.RemainAfterExit = true; - serviceConfig.Type = "oneshot"; - serviceConfig.PrivateTmp = true; - environment.VBOX_USER_HOME = "/tmp"; - script = - '' + # Since we lack the right setuid/setcap binaries, set up a host-only network by default. + }) + (lib.mkIf cfg.addNetworkInterface { + systemd.services.vboxnet0 = { + description = "VirtualBox vboxnet0 Interface"; + requires = [ "dev-vboxnetctl.device" ]; + after = [ "dev-vboxnetctl.device" ]; + wantedBy = [ + "network.target" + "sys-subsystem-net-devices-vboxnet0.device" + ]; + path = [ virtualbox ]; + serviceConfig.RemainAfterExit = true; + serviceConfig.Type = "oneshot"; + serviceConfig.PrivateTmp = true; + environment.VBOX_USER_HOME = "/tmp"; + script = '' if ! [ -e /sys/class/net/vboxnet0 ]; then VBoxManage hostonlyif create cat /tmp/VBoxSVC.log >&2 fi ''; - postStop = - '' + postStop = '' VBoxManage hostonlyif remove vboxnet0 ''; - }; + }; - networking.interfaces.vboxnet0.ipv4.addresses = [{ address = "192.168.56.1"; prefixLength = 24; }]; - # Make sure NetworkManager won't assume this interface being up - # means we have internet access. - networking.networkmanager.unmanaged = ["vboxnet0"]; - }) (lib.mkIf config.networking.useNetworkd { - systemd.network.networks."40-vboxnet0".extraConfig = '' - [Link] - RequiredForOnline=no - ''; - }) + networking.interfaces.vboxnet0.ipv4.addresses = [ + { + address = "192.168.56.1"; + prefixLength = 24; + } + ]; + # Make sure NetworkManager won't assume this interface being up + # means we have internet access. + networking.networkmanager.unmanaged = [ "vboxnet0" ]; + }) + (lib.mkIf config.networking.useNetworkd { + systemd.network.networks."40-vboxnet0".extraConfig = '' + [Link] + RequiredForOnline=no + ''; + }) -]); + ] + ); } diff --git a/pkgs/applications/virtualization/virtualbox/default.nix b/pkgs/applications/virtualization/virtualbox/default.nix index 437ceba29ce0..13d254699fef 100644 --- a/pkgs/applications/virtualization/virtualbox/default.nix +++ b/pkgs/applications/virtualization/virtualbox/default.nix @@ -1,25 +1,74 @@ -{ config, stdenv, fetchurl, fetchpatch, callPackage, lib, acpica-tools, dev86, pam, libxslt, libxml2, wrapQtAppsHook -, libX11, xorgproto, libXext, libXcursor, libXmu, libIDL, SDL2, libcap, libGL, libGLU -, libpng, glib, lvm2, libXrandr, libXinerama, libopus, libtpms, qtbase, qtx11extras -, qttools, qtsvg, qtwayland, pkg-config, which, docbook_xsl, docbook_xml_dtd_43 -, alsa-lib, curl, libvpx, nettools, dbus, substituteAll, gsoap, zlib, xz -, yasm, glslang -, nixosTests -# If open-watcom-bin is not passed, VirtualBox will fall back to use -# the shipped alternative sources (assembly). -, open-watcom-bin -, makeself, perl -, vulkan-loader -, javaBindings ? true, jdk # Almost doesn't affect closure size -, pythonBindings ? false, python3 -, extensionPack ? null, fakeroot -, pulseSupport ? config.pulseaudio or stdenv.hostPlatform.isLinux, libpulseaudio -, enableHardening ? false -, headless ? false -, enable32bitGuests ? true -, enableWebService ? false -, enableKvm ? false -, extraConfigureFlags ? "" +{ + config, + stdenv, + fetchurl, + fetchpatch, + callPackage, + lib, + acpica-tools, + dev86, + pam, + libxslt, + libxml2, + wrapQtAppsHook, + libX11, + xorgproto, + libXext, + libXcursor, + libXmu, + libIDL, + SDL2, + libcap, + libGL, + libGLU, + libpng, + glib, + lvm2, + libXrandr, + libXinerama, + libopus, + libtpms, + qtbase, + qtx11extras, + qttools, + qtsvg, + qtwayland, + pkg-config, + which, + docbook_xsl, + docbook_xml_dtd_43, + alsa-lib, + curl, + libvpx, + nettools, + dbus, + substituteAll, + gsoap, + zlib, + xz, + yasm, + glslang, + nixosTests, + # If open-watcom-bin is not passed, VirtualBox will fall back to use + # the shipped alternative sources (assembly). + open-watcom-bin, + makeself, + perl, + vulkan-loader, + javaBindings ? true, + jdk, # Almost doesn't affect closure size + pythonBindings ? false, + python3, + extensionPack ? null, + fakeroot, + pulseSupport ? config.pulseaudio or stdenv.hostPlatform.isLinux, + libpulseaudio, + enableHardening ? false, + headless ? false, + enable32bitGuests ? true, + enableWebService ? false, + enableKvm ? false, + extraConfigureFlags ? "", }: # The web services use Java infrastructure. @@ -41,12 +90,26 @@ let virtualboxGuestAdditionsIso = callPackage guest-additions-iso/default.nix { }; - inherit (lib) optional optionals optionalString getDev getLib; -in stdenv.mkDerivation (finalAttrs: { + inherit (lib) + optional + optionals + optionalString + getDev + getLib + ; +in +stdenv.mkDerivation (finalAttrs: { pname = "virtualbox"; version = finalAttrs.virtualboxVersion; - inherit buildType virtualboxVersion virtualboxSha256 kvmPatchVersion kvmPatchHash virtualboxGuestAdditionsIso; + inherit + buildType + virtualboxVersion + virtualboxSha256 + kvmPatchVersion + kvmPatchHash + virtualboxGuestAdditionsIso + ; src = fetchurl { url = "https://download.virtualbox.org/virtualbox/${finalAttrs.virtualboxVersion}/VirtualBox-${finalAttrs.virtualboxVersion}.tar.bz2"; @@ -55,39 +118,84 @@ in stdenv.mkDerivation (finalAttrs: { outputs = [ "out" ] ++ optional withModsrc "modsrc"; - nativeBuildInputs = [ pkg-config which docbook_xsl docbook_xml_dtd_43 yasm glslang ] - ++ optional (!headless) wrapQtAppsHook; + nativeBuildInputs = [ + pkg-config + which + docbook_xsl + docbook_xml_dtd_43 + yasm + glslang + ] ++ optional (!headless) wrapQtAppsHook; # Wrap manually because we wrap just a small number of executables. dontWrapQtApps = true; - buildInputs = [ - acpica-tools dev86 libxslt libxml2 xorgproto libX11 libXext libXcursor libIDL - libcap glib lvm2 alsa-lib curl libvpx pam makeself perl - libXmu libXrandr libpng libopus libtpms python3 xz ] + buildInputs = + [ + acpica-tools + dev86 + libxslt + libxml2 + xorgproto + libX11 + libXext + libXcursor + libIDL + libcap + glib + lvm2 + alsa-lib + curl + libvpx + pam + makeself + perl + libXmu + libXrandr + libpng + libopus + libtpms + python3 + xz + ] ++ optional javaBindings jdk ++ optional pythonBindings python3 # Python is needed even when not building bindings ++ optional pulseSupport libpulseaudio ++ optionals headless [ libGL ] - ++ optionals (!headless) [ qtbase qtx11extras libXinerama SDL2 libGLU ] - ++ optionals enableWebService [ gsoap zlib ]; + ++ optionals (!headless) [ + qtbase + qtx11extras + libXinerama + SDL2 + libGLU + ] + ++ optionals enableWebService [ + gsoap + zlib + ]; - hardeningDisable = [ "format" "fortify" "pic" "stackprotector" ]; + hardeningDisable = [ + "format" + "fortify" + "pic" + "stackprotector" + ]; prePatch = '' set -x sed -e 's@MKISOFS --version@MKISOFS -version@' \ -e 's@PYTHONDIR=.*@PYTHONDIR=${optionalString pythonBindings python3}@' \ -e 's@CXX_FLAGS="\(.*\)"@CXX_FLAGS="-std=c++11 \1"@' \ - ${optionalString (!headless) '' - -e 's@TOOLQT5BIN=.*@TOOLQT5BIN="${getDev qtbase}/bin"@' \ - ''} -i configure + ${ + optionalString (!headless) '' + -e 's@TOOLQT5BIN=.*@TOOLQT5BIN="${getDev qtbase}/bin"@' \ + '' + } -i configure ls kBuild/bin/linux.x86/k* tools/linux.x86/bin/* | xargs -n 1 patchelf --set-interpreter ${stdenv.cc.libc}/lib/ld-linux.so.2 ls kBuild/bin/linux.amd64/k* tools/linux.amd64/bin/* | xargs -n 1 patchelf --set-interpreter ${stdenv.cc.libc}/lib/ld-linux-x86-64.so.2 grep 'libpulse\.so\.0' src include -rI --files-with-match | xargs sed -i -e ' - ${optionalString pulseSupport - ''s@"libpulse\.so\.0"@"${libpulseaudio.out}/lib/libpulse.so.0"@g''}' + ${optionalString pulseSupport ''s@"libpulse\.so\.0"@"${libpulseaudio.out}/lib/libpulse.so.0"@g''}' grep 'libdbus-1\.so\.3' src include -rI --files-with-match | xargs sed -i -e ' s@"libdbus-1\.so\.3"@"${dbus.lib}/lib/libdbus-1.so.3"@g' @@ -100,39 +208,41 @@ in stdenv.mkDerivation (finalAttrs: { ''; patches = - optional enableHardening ./hardened.patch - # Since VirtualBox 7.0.8, VBoxSDL requires SDL2, but the build framework uses SDL1 - ++ optionals (!headless) [ ./fix-sdl.patch - # No update patch disables check for update function - # https://bugs.launchpad.net/ubuntu/+source/virtualbox-ose/+bug/272212 - (fetchpatch { - url = "https://salsa.debian.org/pkg-virtualbox-team/virtualbox/-/raw/debian/7.0.14-dfsg-1/debian/patches/16-no-update.patch"; - hash = "sha256-UJHpuB6QB/BbxJorlqZXUF12lgq8gbLMRHRMsbyqRpY="; - })] - ++ [ ./extra_symbols.patch ] - # When hardening is enabled, we cannot use wrapQtApp to ensure that VirtualBoxVM sees - # the correct environment variables needed for Qt to work, specifically QT_PLUGIN_PATH. - # This is because VirtualBoxVM would detect that it is wrapped that and refuse to run, - # and also because it would unset QT_PLUGIN_PATH for security reasons. We work around - # these issues by patching the code to set QT_PLUGIN_PATH to the necessary paths, - # after the code that unsets it. Note that qtsvg is included so that SVG icons from - # the user's icon theme can be loaded. - ++ optional (!headless && enableHardening) (substituteAll { + optional enableHardening ./hardened.patch + # Since VirtualBox 7.0.8, VBoxSDL requires SDL2, but the build framework uses SDL1 + ++ optionals (!headless) [ + ./fix-sdl.patch + # No update patch disables check for update function + # https://bugs.launchpad.net/ubuntu/+source/virtualbox-ose/+bug/272212 + (fetchpatch { + url = "https://salsa.debian.org/pkg-virtualbox-team/virtualbox/-/raw/debian/7.0.14-dfsg-1/debian/patches/16-no-update.patch"; + hash = "sha256-UJHpuB6QB/BbxJorlqZXUF12lgq8gbLMRHRMsbyqRpY="; + }) + ] + ++ [ ./extra_symbols.patch ] + # When hardening is enabled, we cannot use wrapQtApp to ensure that VirtualBoxVM sees + # the correct environment variables needed for Qt to work, specifically QT_PLUGIN_PATH. + # This is because VirtualBoxVM would detect that it is wrapped that and refuse to run, + # and also because it would unset QT_PLUGIN_PATH for security reasons. We work around + # these issues by patching the code to set QT_PLUGIN_PATH to the necessary paths, + # after the code that unsets it. Note that qtsvg is included so that SVG icons from + # the user's icon theme can be loaded. + ++ optional (!headless && enableHardening) (substituteAll { src = ./qt-env-vars.patch; qtPluginPath = "${qtbase.bin}/${qtbase.qtPluginPrefix}:${qtsvg.bin}/${qtbase.qtPluginPrefix}:${qtwayland.bin}/${qtbase.qtPluginPrefix}"; - }) - # While the KVM patch should not break any other behavior if --with-kvm is not specified, - # we don't take any chances and only apply it if people actually want to use KVM support. - ++ optional enableKvm (fetchpatch { + }) + # While the KVM patch should not break any other behavior if --with-kvm is not specified, + # we don't take any chances and only apply it if people actually want to use KVM support. + ++ optional enableKvm (fetchpatch { name = "virtualbox-${finalAttrs.virtualboxVersion}-kvm-dev-${finalAttrs.kvmPatchVersion}.patch"; url = "https://github.com/cyberus-technology/virtualbox-kvm/releases/download/dev-${finalAttrs.kvmPatchVersion}/kvm-backend-${finalAttrs.virtualboxVersion}-dev-${finalAttrs.kvmPatchVersion}.patch"; hash = finalAttrs.kvmPatchHash; }) - ++ [ - ./qt-dependency-paths.patch - # https://github.com/NixOS/nixpkgs/issues/123851 - ./fix-audio-driver-loading.patch - ]; + ++ [ + ./qt-dependency-paths.patch + # https://github.com/NixOS/nixpkgs/issues/123851 + ./fix-audio-driver-loading.patch + ]; postPatch = '' sed -i -e 's|/sbin/ifconfig|${nettools}/bin/ifconfig|' \ @@ -161,18 +271,18 @@ in stdenv.mkDerivation (finalAttrs: { VBOX_WITH_UPDATE_AGENT := ${optionalString javaBindings '' - VBOX_JAVA_HOME := ${jdk} + VBOX_JAVA_HOME := ${jdk} ''} ${optionalString (!headless) '' - VBOX_WITH_VBOXSDL := 1 - PATH_QT5_X11_EXTRAS_LIB := ${getLib qtx11extras}/lib - PATH_QT5_X11_EXTRAS_INC := ${getDev qtx11extras}/include - PATH_QT5_TOOLS_LIB := ${getLib qttools}/lib - PATH_QT5_TOOLS_INC := ${getDev qttools}/include + VBOX_WITH_VBOXSDL := 1 + PATH_QT5_X11_EXTRAS_LIB := ${getLib qtx11extras}/lib + PATH_QT5_X11_EXTRAS_INC := ${getDev qtx11extras}/include + PATH_QT5_TOOLS_LIB := ${getLib qttools}/lib + PATH_QT5_TOOLS_INC := ${getDev qttools}/include ''} ${optionalString enableWebService '' - # fix gsoap missing zlib include and produce errors with --as-needed - VBOX_GSOAP_CXX_LIBS := gsoapssl++ z + # fix gsoap missing zlib include and produce errors with --as-needed + VBOX_GSOAP_CXX_LIBS := gsoapssl++ z ''} TOOL_QT5_LRC := ${getDev qttools}/bin/lrelease LOCAL_CONFIG @@ -213,7 +323,9 @@ in stdenv.mkDerivation (finalAttrs: { -name src -o -exec cp -avt "$libexec" {} + mkdir -p $out/bin - for file in ${optionalString (!headless) "VirtualBox VBoxSDL"} ${optionalString enableWebService "vboxwebsrv"} VBoxManage VBoxBalloonCtrl VBoxHeadless; do + for file in ${ + optionalString (!headless) "VirtualBox VBoxSDL" + } ${optionalString enableWebService "vboxwebsrv"} VBoxManage VBoxBalloonCtrl VBoxHeadless; do echo "Linking $file to /bin" test -x "$libexec/$file" ln -s "$libexec/$file" $out/bin/$file @@ -255,15 +367,16 @@ in stdenv.mkDerivation (finalAttrs: { ln -s "${finalAttrs.virtualboxGuestAdditionsIso}" "$out/share/virtualbox/VBoxGuestAdditions.iso" ''; - preFixup = optionalString (!headless) '' - wrapQtApp $out/bin/VirtualBox - '' - # If hardening is disabled, wrap the VirtualBoxVM binary instead of patching - # the source code (see postPatch). - + optionalString (!headless && !enableHardening) '' - wrapQtApp $out/libexec/virtualbox/VirtualBoxVM \ - --prefix LD_LIBRARY_PATH : "${lib.makeLibraryPath [ vulkan-loader ]}" - ''; + preFixup = + optionalString (!headless) '' + wrapQtApp $out/bin/VirtualBox + '' + # If hardening is disabled, wrap the VirtualBoxVM binary instead of patching + # the source code (see postPatch). + + optionalString (!headless && !enableHardening) '' + wrapQtApp $out/libexec/virtualbox/VirtualBoxVM \ + --prefix LD_LIBRARY_PATH : "${lib.makeLibraryPath [ vulkan-loader ]}" + ''; passthru = { inherit extensionPack; # for inclusion in profile to prevent gc @@ -285,7 +398,11 @@ in stdenv.mkDerivation (finalAttrs: { ]; license = lib.licenses.gpl2; homepage = "https://www.virtualbox.org/"; - maintainers = with lib.maintainers; [ sander friedrichaltheide blitz ]; + maintainers = with lib.maintainers; [ + sander + friedrichaltheide + blitz + ]; platforms = [ "x86_64-linux" ]; mainProgram = "VirtualBox"; }; diff --git a/pkgs/applications/virtualization/virtualbox/extpack.nix b/pkgs/applications/virtualization/virtualbox/extpack.nix index 365c635a17ae..524077cd02fd 100644 --- a/pkgs/applications/virtualization/virtualbox/extpack.nix +++ b/pkgs/applications/virtualization/virtualbox/extpack.nix @@ -1,4 +1,8 @@ -{ fetchurl, lib, virtualbox }: +{ + fetchurl, + lib, + virtualbox, +}: let inherit (virtualbox) version; in @@ -9,14 +13,20 @@ fetchurl rec { # Manually sha256sum the extensionPack file, must be hex! # Thus do not use `nix-prefetch-url` but instead plain old `sha256sum`. # Checksums can also be found at https://www.virtualbox.org/download/hashes/${version}/SHA256SUMS - let value = "d750fb17688d70e0cb2d7b06f1ad3a661303793f4d1ac39cfa9a54806b89da25"; - in assert (builtins.stringLength value) == 64; value; + let + value = "d750fb17688d70e0cb2d7b06f1ad3a661303793f4d1ac39cfa9a54806b89da25"; + in + assert (builtins.stringLength value) == 64; + value; meta = with lib; { description = "Oracle Extension pack for VirtualBox"; license = licenses.virtualbox-puel; homepage = "https://www.virtualbox.org/"; - maintainers = with maintainers; [ sander friedrichaltheide ]; + maintainers = with maintainers; [ + sander + friedrichaltheide + ]; platforms = [ "x86_64-linux" ]; }; } diff --git a/pkgs/applications/virtualization/virtualbox/guest-additions-iso/default.nix b/pkgs/applications/virtualization/virtualbox/guest-additions-iso/default.nix index f59dcc25f4c2..9eda8a64da98 100644 --- a/pkgs/applications/virtualization/virtualbox/guest-additions-iso/default.nix +++ b/pkgs/applications/virtualization/virtualbox/guest-additions-iso/default.nix @@ -1,4 +1,8 @@ -{ fetchurl, lib, virtualbox}: +{ + fetchurl, + lib, + virtualbox, +}: let inherit (virtualbox) version; @@ -13,7 +17,13 @@ fetchurl { ''; sourceProvenance = with lib.sourceTypes; [ binaryNativeCode ]; license = lib.licenses.gpl2; - maintainers = [ lib.maintainers.sander lib.maintainers.friedrichaltheide ]; - platforms = [ "i686-linux" "x86_64-linux" ]; + maintainers = [ + lib.maintainers.sander + lib.maintainers.friedrichaltheide + ]; + platforms = [ + "i686-linux" + "x86_64-linux" + ]; }; } diff --git a/pkgs/applications/virtualization/virtualbox/guest-additions/builder.nix b/pkgs/applications/virtualization/virtualbox/guest-additions/builder.nix index 00d0d555c60a..f2571d11fe15 100644 --- a/pkgs/applications/virtualization/virtualbox/guest-additions/builder.nix +++ b/pkgs/applications/virtualization/virtualbox/guest-additions/builder.nix @@ -1,14 +1,32 @@ -{ stdenv, kernel, fetchurl, lib, pam, libxslt -, libXext, libXcursor, libXmu -, glib, libXrandr, dbus, xz -, pkg-config, which, xorg -, yasm, patchelf, makeself -, linuxHeaders, openssl}: +{ + stdenv, + kernel, + fetchurl, + lib, + pam, + libxslt, + libXext, + libXcursor, + libXmu, + glib, + libXrandr, + dbus, + xz, + pkg-config, + which, + xorg, + yasm, + patchelf, + makeself, + linuxHeaders, + openssl, +}: let buildType = "release"; -in stdenv.mkDerivation (finalAttrs: { +in +stdenv.mkDerivation (finalAttrs: { pname = "VirtualBox-GuestAdditions-builder-${kernel.version}"; version = "7.0.20"; @@ -19,8 +37,26 @@ in stdenv.mkDerivation (finalAttrs: { env.NIX_CFLAGS_COMPILE = "-Wno-error=incompatible-pointer-types -Wno-error=implicit-function-declaration"; - nativeBuildInputs = [ patchelf pkg-config which yasm makeself xorg.xorgserver openssl linuxHeaders xz ] ++ kernel.moduleBuildDependencies; - buildInputs = [ dbus libxslt libXext libXcursor pam libXmu libXrandr ]; + nativeBuildInputs = [ + patchelf + pkg-config + which + yasm + makeself + xorg.xorgserver + openssl + linuxHeaders + xz + ] ++ kernel.moduleBuildDependencies; + buildInputs = [ + dbus + libxslt + libXext + libXcursor + pam + libXmu + libXrandr + ]; KERN_DIR = "${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"; KERN_INCL = "${kernel.dev}/lib/modules/${kernel.modDirVersion}/source/include"; @@ -58,61 +94,61 @@ in stdenv.mkDerivation (finalAttrs: { ''; configurePhase = '' - NIX_CFLAGS_COMPILE=$(echo "$NIX_CFLAGS_COMPILE" | sed 's,\-isystem ${lib.getDev stdenv.cc.libc}/include,,g') + NIX_CFLAGS_COMPILE=$(echo "$NIX_CFLAGS_COMPILE" | sed 's,\-isystem ${lib.getDev stdenv.cc.libc}/include,,g') - cat >> LocalConfig.kmk <> LocalConfig.kmk <