diff options
author | zowoq <59103226+zowoq@users.noreply.github.com> | 2020-03-06 12:01:39 +1000 |
---|---|---|
committer | zowoq <59103226+zowoq@users.noreply.github.com> | 2020-05-16 09:23:07 +1000 |
commit | 5195aed6171249a830c95401a88687bac4eb7193 (patch) | |
tree | c724b7b56926fb2a18f0b04dc4a7c59a3d91d030 /pkgs/applications | |
parent | 32b8ed738096bafb4cdb7f70347a0f63f9f40151 (diff) | |
download | nixlib-5195aed6171249a830c95401a88687bac4eb7193.tar nixlib-5195aed6171249a830c95401a88687bac4eb7193.tar.gz nixlib-5195aed6171249a830c95401a88687bac4eb7193.tar.bz2 nixlib-5195aed6171249a830c95401a88687bac4eb7193.tar.lz nixlib-5195aed6171249a830c95401a88687bac4eb7193.tar.xz nixlib-5195aed6171249a830c95401a88687bac4eb7193.tar.zst nixlib-5195aed6171249a830c95401a88687bac4eb7193.zip |
rkt: remove
Diffstat (limited to 'pkgs/applications')
-rw-r--r-- | pkgs/applications/virtualization/rkt/default.nix | 78 |
1 files changed, 0 insertions, 78 deletions
diff --git a/pkgs/applications/virtualization/rkt/default.nix b/pkgs/applications/virtualization/rkt/default.nix deleted file mode 100644 index f3b68e5c2276..000000000000 --- a/pkgs/applications/virtualization/rkt/default.nix +++ /dev/null @@ -1,78 +0,0 @@ -{ stdenv, lib, autoreconfHook, acl, go, file, git, wget, gnupg, trousers, squashfsTools, - cpio, fetchurl, fetchFromGitHub, iptables, systemd, makeWrapper, glibc }: - -let - # Always get the information from - # https://github.com/coreos/rkt/blob/v${VERSION}/stage1/usr_from_coreos/coreos-common.mk - coreosImageRelease = "1478.0.0"; - coreosImageSystemdVersion = "233"; - - # TODO: track https://github.com/coreos/rkt/issues/1758 to allow "host" flavor. - stage1Flavours = [ "coreos" "fly" ]; - stage1Dir = "lib/rkt/stage1-images"; - -in stdenv.mkDerivation rec { - version = "1.30.0"; - pname = "rkt"; - BUILDDIR="build-${pname}-${version}"; - - src = fetchFromGitHub { - owner = "coreos"; - repo = "rkt"; - rev = "v${version}"; - sha256 = "0dqf83b7iin1np8k8k1m8i99ybga8vx932q7n2q64yghkw7p6i00"; - }; - - stage1BaseImage = fetchurl { - url = "http://alpha.release.core-os.net/amd64-usr/${coreosImageRelease}/coreos_production_pxe_image.cpio.gz"; - sha256 = "0s4qdkkfp0iirfnm5ds3b3hxq0249kvpygyhflma8z90ivkzk5wq"; - }; - - buildInputs = [ - glibc.out glibc.static - autoreconfHook go file git wget gnupg trousers squashfsTools cpio acl systemd - makeWrapper - ]; - - preConfigure = '' - ./autogen.sh - configureFlagsArray=( - --with-stage1-flavors=${builtins.concatStringsSep "," stage1Flavours} - ${if lib.findFirst (p: p == "coreos") null stage1Flavours != null then " - --with-coreos-local-pxe-image-path=${stage1BaseImage} - --with-coreos-local-pxe-image-systemd-version=v${coreosImageSystemdVersion} - " else "" } - --with-stage1-default-location=$out/${stage1Dir}/stage1-${builtins.elemAt stage1Flavours 0}.aci - ); - ''; - - preBuild = '' - export BUILDDIR - export GOCACHE="$TMPDIR/go-cache" - ''; - - installPhase = '' - mkdir -p $out/bin - cp -Rv $BUILDDIR/target/bin/rkt $out/bin - - mkdir -p $out/lib/rkt/stage1-images/ - cp -Rv $BUILDDIR/target/bin/stage1-*.aci $out/${stage1Dir}/ - - wrapProgram $out/bin/rkt \ - --prefix LD_LIBRARY_PATH : "${systemd.lib}/lib:${acl.out}/lib" \ - --prefix PATH : ${iptables}/bin - ''; - - meta = with lib; { - description = "A fast, composable, and secure App Container runtime for Linux"; - homepage = "https://github.com/coreos/rkt"; - license = licenses.asl20; - maintainers = with maintainers; [ ragge steveej ]; - platforms = [ "x86_64-linux" ]; - knownVulnerabilities = [ - "CVE-2019-10144: processes run with `rkt enter` are given all capabilities during stage 2" - "CVE-2019-10145: processes run with `rkt enter` do not have seccomp filtering during stage 2" - "CVE-2019-10147: processes run with `rkt enter` are not limited by cgroups during stage 2" - ]; - }; -} |