Go to file
aszlig 2b58a6ab0d
virtualbox: Fix extension pack installation.
With hardening, we need to go a bit further rather than just allowing
/nix/store being world-writable. We now use fakeroot to make sure the
VBoxExtPackHelperApp won't moan that the files are not owned by root.

They are, but only outside of the chrooted build process.

Another issue with using fakeroot is that it doesn't seem to cope well
with arguments that contain spaces. That's why I've piped the call into
${stdenv.shell}.

Now, the really gory and confusing part is the introduction of
VBOX_PATH_APP_PRIVATE_ARCH_TOP and the change of VBOX_PATH_APP_PRIVATE.

The VBOX_PATH_APP_PRIVATE_ARCH is *only* for modules and is checked by
the hardened implementation against whether things like VMMR0.r0 or
VBoxVMM.so reside in that directory. As a side note: I admit that the
whole libexec directory is quite polluted with stuff that shouldn't be
there, but for now we've broken enough things and will tear apart the
whole structure at some day in the future[TM].

For the confusing part we have VBOX_PATH_APP_PRIVATE_ARCH_TOP, which
_should_ be the same as VBOX_PATH_APP_PRIVATE_ARCH but unfortunately,
the hardened implementation is checking against this directory (in
IsValidBaseDir) for the extension pack(why!?).

Of course, we could put even that into the libexec directory, somewhat
similar as the official package, but after all, let's at least *try* to
separate things.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-12-01 03:32:55 +01:00
doc typos 2014-11-15 20:23:32 +01:00
lib ccl: 1.8 -> 1.10 (reapply after false revert) 2014-11-27 22:48:07 +00:00
maintainers move dockerfile to subdirectory 2014-11-08 23:47:10 +01:00
nixos Merge pull request #5189 from NixOS/almir 2014-11-30 17:23:53 +01:00
pkgs virtualbox: Fix extension pack installation. 2014-12-01 03:32:55 +01:00
.gitignore Add .DS_Store to gitignore so we Mac users don't accidentally pollute nixpkgs with ugliness 2014-08-09 20:53:36 -04:00
.travis.yml Travis: chop build in install and build phases 2014-10-15 11:05:12 +02:00
.version .version shouldn't include newline 2014-10-22 15:59:35 +02:00
COPYING * Applying an MIT-style license to Nixpkgs. 2006-04-25 16:50:34 +00:00
default.nix require Nix 1.7 for nixpkgs, since we're using antiquotation inside quoted attribute sets 2014-09-04 18:44:03 +02:00
README.md Fixed link to installation instructions in README 2014-05-26 22:19:22 +02:00

Nixpkgs is a collection of packages for Nix package manager. Nixpkgs also includes NixOS linux distribution source code.