diff options
author | Matthew Bauer <mjbauer95@gmail.com> | 2019-05-13 15:10:24 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-05-13 15:10:24 -0400 |
commit | a688ee7798f53848652252b370cf6c309ce012cc (patch) | |
tree | c5a90e8c64069e3ee7f588c4ea304a2aeb67cd19 | |
parent | c34ba30888a60065f3de99037625019a5a7d1227 (diff) | |
parent | 6673cc8ee987d5fac19919380b453d163e40b2cb (diff) | |
download | nixlib-a688ee7798f53848652252b370cf6c309ce012cc.tar nixlib-a688ee7798f53848652252b370cf6c309ce012cc.tar.gz nixlib-a688ee7798f53848652252b370cf6c309ce012cc.tar.bz2 nixlib-a688ee7798f53848652252b370cf6c309ce012cc.tar.lz nixlib-a688ee7798f53848652252b370cf6c309ce012cc.tar.xz nixlib-a688ee7798f53848652252b370cf6c309ce012cc.tar.zst nixlib-a688ee7798f53848652252b370cf6c309ce012cc.zip |
Merge pull request #61383 from marsam/fix-darwin-haskell-servant-auth-server
servant-auth-server: fix darwin build
-rw-r--r-- | pkgs/development/haskell-modules/configuration-nix.nix | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/pkgs/development/haskell-modules/configuration-nix.nix b/pkgs/development/haskell-modules/configuration-nix.nix index 1be90f902e68..f4dd805568ea 100644 --- a/pkgs/development/haskell-modules/configuration-nix.nix +++ b/pkgs/development/haskell-modules/configuration-nix.nix @@ -128,6 +128,26 @@ self: super: builtins.intersectAttrs super { # the system-fileio tests use canonicalizePath, which fails in the sandbox system-fileio = if pkgs.stdenv.isDarwin then dontCheck super.system-fileio else super.system-fileio; + # Prevents needing to add `security_tool` as a run-time dependency for + # everything using x509-system to give access to the `security` executable. + x509-system = + if pkgs.stdenv.hostPlatform.isDarwin && !pkgs.stdenv.cc.nativeLibc + then + # darwin.security_tool is broken in Mojave (#45042) + + # We will use the system provided security for now. + # Beware this WILL break in sandboxes! + + # TODO(matthewbauer): If someone really needs this to work in sandboxes, + # I think we can add a propagatedImpureHost dep here, but I’m hoping to + # get a proper fix available soonish. + overrideCabal super.x509-system (drv: { + postPatch = (drv.postPatch or "") + '' + substituteInPlace System/X509/MacOS.hs --replace security /usr/bin/security + ''; + }) + else super.x509-system; + # https://github.com/NixOS/cabal2nix/issues/136 and https://github.com/NixOS/cabal2nix/issues/216 gio = disableHardening (addPkgconfigDepend (addBuildTool super.gio self.buildHaskellPackages.gtk2hs-buildtools) pkgs.glib) ["fortify"]; glib = disableHardening (addPkgconfigDepend (addBuildTool super.glib self.buildHaskellPackages.gtk2hs-buildtools) pkgs.glib) ["fortify"]; |