diff options
12 files changed, 267 insertions, 72 deletions
diff --git a/nixos/doc/manual/release-notes/rl-1609.xml b/nixos/doc/manual/release-notes/rl-1609.xml index 70759ee25f86..792b4458caaa 100644 --- a/nixos/doc/manual/release-notes/rl-1609.xml +++ b/nixos/doc/manual/release-notes/rl-1609.xml @@ -90,6 +90,15 @@ following incompatible changes:</para> Use <literal>security.audit.enable = true;</literal> to explicitly enable it.</para> </listitem> + <listitem> + <para> + <literal>pkgs.linuxPackages.virtualbox</literal> now contains only the + kernel modules instead of the VirtualBox user space binaries. + If you want to reference the user space binaries, you have to use the new + <literal>pkgs.virtualbox</literal> instead. + </para> + </listitem> + </itemizedlist> diff --git a/nixos/modules/virtualisation/virtualbox-host.nix b/nixos/modules/virtualisation/virtualbox-host.nix index ce4abecd6762..7214543871d6 100644 --- a/nixos/modules/virtualisation/virtualbox-host.nix +++ b/nixos/modules/virtualisation/virtualbox-host.nix @@ -4,10 +4,15 @@ with lib; let cfg = config.virtualisation.virtualbox.host; - virtualbox = config.boot.kernelPackages.virtualbox.override { + + virtualbox = pkgs.virtualbox.override { inherit (cfg) enableHardening headless; }; + kernelModules = config.boot.kernelPackages.virtualbox.override { + inherit virtualbox; + }; + in { @@ -60,7 +65,7 @@ in config = mkIf cfg.enable (mkMerge [{ boot.kernelModules = [ "vboxdrv" "vboxnetadp" "vboxnetflt" ]; - boot.extraModulePackages = [ virtualbox ]; + boot.extraModulePackages = [ kernelModules ]; environment.systemPackages = [ virtualbox ]; security.setuidOwners = let diff --git a/nixos/modules/virtualisation/virtualbox-image.nix b/nixos/modules/virtualisation/virtualbox-image.nix index b6a5b3e4788d..d68b3bb73904 100644 --- a/nixos/modules/virtualisation/virtualbox-image.nix +++ b/nixos/modules/virtualisation/virtualbox-image.nix @@ -34,7 +34,7 @@ in { postVM = '' export HOME=$PWD - export PATH=${pkgs.linuxPackages.virtualbox}/bin:$PATH + export PATH=${pkgs.virtualbox}/bin:$PATH echo "creating VirtualBox pass-through disk wrapper (no copying invovled)..." VBoxManage internalcommands createrawvmdk -filename disk.vmdk -rawdisk $diskImage diff --git a/nixos/tests/virtualbox.nix b/nixos/tests/virtualbox.nix index ab4d46ab7e15..66f16ed8bcc5 100644 --- a/nixos/tests/virtualbox.nix +++ b/nixos/tests/virtualbox.nix @@ -144,6 +144,7 @@ let "--uart1 0x3F8 4" "--uartmode1 client /run/virtualbox-log-${name}.sock" "--memory 768" + "--audio none" ] ++ (attrs.vmFlags or [])); controllerFlags = mkFlags [ @@ -273,9 +274,12 @@ let sub shutdownVM_${name} { $machine->succeed(ru "touch ${sharePath}/shutdown"); - $machine->waitUntilSucceeds( - "test ! -e ${sharePath}/shutdown ". - " -a ! -e ${sharePath}/boot-done" + $machine->execute( + 'set -e; i=0; '. + 'while test -e ${sharePath}/shutdown '. + ' -o -e ${sharePath}/boot-done; do '. + 'sleep 1; i=$(($i + 1)); [ $i -le 3600 ]; '. + 'done' ); waitForShutdown_${name}; } @@ -386,6 +390,7 @@ in mapAttrs mkVBoxTest { $machine->sendKeys("ctrl-q"); $machine->sleep(5); $machine->screenshot("gui_manager_stopped"); + destroyVM_simple; ''; simple-cli = '' @@ -403,6 +408,7 @@ in mapAttrs mkVBoxTest { }); shutdownVM_simple; + destroyVM_simple; ''; headless = '' @@ -411,6 +417,7 @@ in mapAttrs mkVBoxTest { waitForStartup_headless; waitForVMBoot_headless; shutdownVM_headless; + destroyVM_headless; ''; host-usb-permissions = '' diff --git a/pkgs/applications/virtualization/virtualbox/default.nix b/pkgs/applications/virtualization/virtualbox/default.nix index 8bcf122132e3..baf18c3f66f4 100644 --- a/pkgs/applications/virtualization/virtualbox/default.nix +++ b/pkgs/applications/virtualization/virtualbox/default.nix @@ -1,8 +1,8 @@ { stdenv, fetchurl, lib, iasl, dev86, pam, libxslt, libxml2, libX11, xproto, libXext -, libXcursor, libXmu, qt4, libIDL, SDL, libcap, zlib, libpng, glib, kernel, lvm2 -, libXrandr +, libXcursor, libXmu, qt5, libIDL, SDL, libcap, zlib, libpng, glib, lvm2 +, libXrandr, libXinerama , which, alsaLib, curl, libvpx, gawk, nettools, dbus -, xorriso, makeself, perl, pkgconfig, nukeReferences +, xorriso, makeself, perl, pkgconfig , javaBindings ? false, jdk ? null , pythonBindings ? false, python ? null , enableExtensionPack ? false, requireFile ? null, patchelf ? null, fakeroot ? null @@ -16,37 +16,12 @@ with stdenv.lib; let buildType = "release"; - # When changing this, update ./guest-additions and the extpack - # revision/hash as well. See - # http://download.virtualbox.org/virtualbox/${version}/SHA256SUMS - # for hashes. - version = "5.0.26"; - - forEachModule = action: '' - for mod in \ - out/linux.*/${buildType}/bin/src/vboxdrv \ - out/linux.*/${buildType}/bin/src/vboxpci \ - out/linux.*/${buildType}/bin/src/vboxnetadp \ - out/linux.*/${buildType}/bin/src/vboxnetflt - do - if [ "x$(basename "$mod")" != xvboxdrv -a ! -e "$mod/Module.symvers" ] - then - cp -v out/linux.*/${buildType}/bin/src/vboxdrv/Module.symvers \ - "$mod/Module.symvers" - fi - INSTALL_MOD_PATH="$out" INSTALL_MOD_DIR=misc \ - make -j $NIX_BUILD_CORES -C "$MODULES_BUILD_DIR" DEPMOD=/do_not_use_depmod \ - "M=\$(PWD)/$mod" BUILD_TYPE="${buildType}" ${action} - done - ''; + inherit (importJSON ./upstream-info.json) version extpackRev extpack main; # See https://github.com/NixOS/nixpkgs/issues/672 for details - extpackRevision = "108824"; extensionPack = requireFile rec { - name = "Oracle_VM_VirtualBox_Extension_Pack-${version}-${extpackRevision}.vbox-extpack"; - # IMPORTANT: Hash must be base16 encoded because it's used as an input to - # VBoxExtPackHelperApp! - sha256 = "2f2302c7ba3d00a1258fe8e7767a6eb08dccdc3c31f6e3eeb74063c2c268b104"; + name = "Oracle_VM_VirtualBox_Extension_Pack-${version}-${extpackRev}.vbox-extpack"; + sha256 = extpack; message = '' In order to use the extension pack, you need to comply with the VirtualBox Personal Use and Evaluation License (PUEL) available at: @@ -61,35 +36,36 @@ let }; in stdenv.mkDerivation { - name = "virtualbox-${version}-${kernel.version}"; + name = "virtualbox-${version}"; src = fetchurl { url = "http://download.virtualbox.org/virtualbox/${version}/VirtualBox-${version}.tar.bz2"; - sha256 = "78dec1369d2c8feefea3c682d95e76c0e99414c56626388035cf4061d4dad62e"; + sha256 = main; }; + outputs = [ "out" "modsrc" ]; + buildInputs = [ iasl dev86 libxslt libxml2 xproto libX11 libXext libXcursor libIDL libcap glib lvm2 python alsaLib curl libvpx pam xorriso makeself perl - pkgconfig which libXmu nukeReferences ] + pkgconfig which libXmu libpng ] ++ optional javaBindings jdk ++ optional pythonBindings python ++ optional pulseSupport libpulseaudio - ++ optionals (headless) [ libXrandr libpng ] - ++ optionals (!headless) [ qt4 SDL ]; + ++ optionals (headless) [ libXrandr ] + ++ optionals (!headless) [ qt5.qtbase qt5.qtx11extras libXinerama SDL ]; hardeningDisable = [ "fortify" "pic" "stackprotector" ]; prePatch = '' set -x - MODULES_BUILD_DIR=`echo ${kernel.dev}/lib/modules/*/build` - sed -e 's@/lib/modules/`uname -r`/build@'$MODULES_BUILD_DIR@ \ - -e 's@MKISOFS --version@MKISOFS -version@' \ + sed -e 's@MKISOFS --version@MKISOFS -version@' \ -e 's@PYTHONDIR=.*@PYTHONDIR=${if pythonBindings then python else ""}@' \ - -i configure + ${optionalString (!headless) '' + -e 's@TOOLQT5BIN=.*@TOOLQT5BIN="${getDev qt5.qtbase}/bin"@' \ + ''} -i configure ls kBuild/bin/linux.x86/k* tools/linux.x86/bin/* | xargs -n 1 patchelf --set-interpreter ${stdenv.glibc.out}/lib/ld-linux.so.2 ls kBuild/bin/linux.amd64/k* tools/linux.amd64/bin/* | xargs -n 1 patchelf --set-interpreter ${stdenv.glibc.out}/lib/ld-linux-x86-64.so.2 - find . -type f -iname '*makefile*' -exec sed -i -e 's/depmod -a/:/g' {} + sed -i -e ' s@"libdbus-1\.so\.3"@"${dbus.lib}/lib/libdbus-1.so.3"@g s@"libasound\.so\.2"@"${alsaLib.out}/lib/libasound.so.2"@g @@ -103,11 +79,12 @@ in stdenv.mkDerivation { set +x ''; - patches = optional enableHardening ./hardened.patch; + patches = optional enableHardening ./hardened.patch + ++ [ ./libressl.patch ./qtx11extras.patch ]; postPatch = '' sed -i -e 's|/sbin/ifconfig|${nettools}/bin/ifconfig|' \ - src/apps/adpctl/VBoxNetAdpCtl.cpp + src/VBox/HostDrivers/adpctl/VBoxNetAdpCtl.cpp ''; # first line: ugly hack, and it isn't yet clear why it's a problem @@ -131,11 +108,15 @@ in stdenv.mkDerivation { ${optionalString javaBindings '' VBOX_JAVA_HOME := ${jdk} ''} + ${optionalString (!headless) '' + PATH_QT5_X11_EXTRAS_LIB := ${getLib qt5.qtx11extras}/lib + PATH_QT5_X11_EXTRAS_INC := ${getDev qt5.qtx11extras}/include + TOOL_QT5_LRC := ${getDev qt5.qttools}/bin/lrelease + ''} LOCAL_CONFIG ./configure \ ${optionalString headless "--build-headless"} \ - ${optionalString (!headless) "--with-qt4-dir=${qt4}"} \ ${optionalString (!javaBindings) "--disable-java"} \ ${optionalString (!pythonBindings) "--disable-python"} \ ${optionalString (!pulseSupport) "--disable-pulse"} \ @@ -153,7 +134,6 @@ in stdenv.mkDerivation { buildPhase = '' source env.sh kmk -j $NIX_BUILD_CORES BUILD_TYPE="${buildType}" - ${forEachModule "modules"} ''; installPhase = '' @@ -165,9 +145,6 @@ in stdenv.mkDerivation { find out/linux.*/${buildType}/bin -mindepth 1 -maxdepth 1 \ -name src -o -exec cp -avt "$libexec" {} + - # Install kernel modules - ${forEachModule "modules_install"} - # Create wrapper script mkdir -p $out/bin for file in VirtualBox VBoxManage VBoxSDL VBoxBalloonCtrl VBoxBFE VBoxHeadless; do @@ -199,8 +176,7 @@ in stdenv.mkDerivation { done ''} - # Get rid of a reference to linux.dev. - nuke-refs $out/lib/modules/*/misc/*.ko + cp -rv out/linux.*/${buildType}/bin/src "$modsrc" ''; passthru = { inherit version; /* for guest additions */ }; diff --git a/pkgs/applications/virtualization/virtualbox/guest-additions/default.nix b/pkgs/applications/virtualization/virtualbox/guest-additions/default.nix index 56e025197925..c32a34fbc127 100644 --- a/pkgs/applications/virtualization/virtualbox/guest-additions/default.nix +++ b/pkgs/applications/virtualization/virtualbox/guest-additions/default.nix @@ -12,7 +12,7 @@ stdenv.mkDerivation { src = fetchurl { url = "http://download.virtualbox.org/virtualbox/${version}/VBoxGuestAdditions_${version}.iso"; - sha256 = "7458ee5a7121a7d243fd6a7528ba427945d9120c5efc7cd75b3951fb01f09c59"; + sha256 = (lib.importJSON ../upstream-info.json).guest; }; KERN_DIR = "${kernel.dev}/lib/modules/*/build"; diff --git a/pkgs/applications/virtualization/virtualbox/libressl.patch b/pkgs/applications/virtualization/virtualbox/libressl.patch new file mode 100644 index 000000000000..db9b7e7a59d9 --- /dev/null +++ b/pkgs/applications/virtualization/virtualbox/libressl.patch @@ -0,0 +1,47 @@ +diff --git a/src/VBox/Runtime/common/crypto/digest-builtin.cpp b/src/VBox/Runtime/common/crypto/digest-builtin.cpp +index 66b4304..1aaceff 100644 +--- a/src/VBox/Runtime/common/crypto/digest-builtin.cpp ++++ b/src/VBox/Runtime/common/crypto/digest-builtin.cpp +@@ -561,7 +561,7 @@ static PCRTCRDIGESTDESC const g_apDigestOps[] = + * OpenSSL EVP. + */ + +-# if OPENSSL_VERSION_NUMBER >= 0x10100000 ++# if OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER) + /** @impl_interface_method{RTCRDIGESTDESC::pfnNew} */ + static DECLCALLBACK(void*) rtCrDigestOsslEvp_New(void) + { +@@ -597,7 +597,7 @@ static DECLCALLBACK(int) rtCrDigestOsslEvp_Init(void *pvState, void *pvOpaque, b + if (fReInit) + { + pEvpType = EVP_MD_CTX_md(pThis); +-# if OPENSSL_VERSION_NUMBER >= 0x10100000 ++# if OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER) + EVP_MD_CTX_reset(pThis); + # else + EVP_MD_CTX_cleanup(pThis); +@@ -616,7 +616,7 @@ static DECLCALLBACK(int) rtCrDigestOsslEvp_Init(void *pvState, void *pvOpaque, b + static DECLCALLBACK(void) rtCrDigestOsslEvp_Delete(void *pvState) + { + EVP_MD_CTX *pThis = (EVP_MD_CTX *)pvState; +-# if OPENSSL_VERSION_NUMBER >= 0x10100000 ++# if OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER) + EVP_MD_CTX_reset(pThis); + # else + EVP_MD_CTX_cleanup(pThis); +@@ -661,13 +661,13 @@ static RTCRDIGESTDESC const g_rtCrDigestOpenSslDesc = + NULL, + RTDIGESTTYPE_UNKNOWN, + EVP_MAX_MD_SIZE, +-# if OPENSSL_VERSION_NUMBER >= 0x10100000 ++# if OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER) + 0, + # else + sizeof(EVP_MD_CTX), + # endif + 0, +-# if OPENSSL_VERSION_NUMBER >= 0x10100000 ++# if OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER) + rtCrDigestOsslEvp_New, + rtCrDigestOsslEvp_Free, + # else diff --git a/pkgs/applications/virtualization/virtualbox/qtx11extras.patch b/pkgs/applications/virtualization/virtualbox/qtx11extras.patch new file mode 100644 index 000000000000..f5decc211c75 --- /dev/null +++ b/pkgs/applications/virtualization/virtualbox/qtx11extras.patch @@ -0,0 +1,31 @@ +diff --git a/kBuild/units/qt5.kmk b/kBuild/units/qt5.kmk +index 71b96a3..73391f0 100644 +--- a/kBuild/units/qt5.kmk ++++ b/kBuild/units/qt5.kmk +@@ -994,9 +994,10 @@ else + $(eval $(target)_LIBS += $(PATH_SDK_QT5_LIB)/$(qt_prefix)qtmain$(qt_infix)$(SUFF_LIB) ) + endif + else +- $(eval $(target)_LIBS += $(foreach module,$(qt_modules), $(PATH_SDK_QT5_LIB)/lib$(qt_prefix)Qt5$(module)$(qt_infix)$(SUFF_DLL)) ) ++ $(eval $(target)_LIBS += $(foreach module,$(qt_modules), $(PATH_SDK_QT5_LIB)/lib$(qt_prefix)Qt5$(module)$(qt_infix)$(SUFF_DLL)) \ ++ $(PATH_QT5_X11_EXTRAS_LIB)/lib$(qt_prefix)Qt5X11Extras$(qt_infix)$(SUFF_DLL)) + endif +- $(eval $(target)_INCS += $(addprefix $(PATH_SDK_QT5_INC)/Qt,$(qt_modules)) $(PATH_SDK_QT5_INC) ) ++ $(eval $(target)_INCS += $(addprefix $(PATH_SDK_QT5_INC)/Qt,$(qt_modules)) $(PATH_SDK_QT5_INC) $(PATH_QT5_X11_EXTRAS_INC)/QtX11Extras ) + endif + $(eval $(target)_DEFS += $(foreach module,$(toupper $(qt_modules)), QT_$(module)_LIB) ) + +diff --git a/src/VBox/Frontends/VirtualBox/Makefile.kmk b/src/VBox/Frontends/VirtualBox/Makefile.kmk +index 38db6b0..7dd446b 100644 +--- a/src/VBox/Frontends/VirtualBox/Makefile.kmk ++++ b/src/VBox/Frontends/VirtualBox/Makefile.kmk +@@ -912,9 +912,6 @@ VirtualBox_QT_MODULES = Core Gui + ifdef VBOX_WITH_QTGUI_V5 + # Qt5 requires additional modules: + VirtualBox_QT_MODULES += Widgets PrintSupport +- VirtualBox_QT_MODULES.linux += X11Extras +- VirtualBox_QT_MODULES.solaris += X11Extras +- VirtualBox_QT_MODULES.freebsd += X11Extras + VirtualBox_QT_MODULES.darwin += MacExtras + VirtualBox_QT_MODULES.win += WinExtras + endif # VBOX_WITH_QTGUI_V5 diff --git a/pkgs/applications/virtualization/virtualbox/update.py b/pkgs/applications/virtualization/virtualbox/update.py new file mode 100755 index 000000000000..ff1b2e2fffb7 --- /dev/null +++ b/pkgs/applications/virtualization/virtualbox/update.py @@ -0,0 +1,83 @@ +#!/usr/bin/env python3 +import os +import re +import json +import urllib.request + +from distutils.version import LooseVersion + +UPSTREAM_INFO_FILE = os.path.join( + os.path.dirname(os.path.abspath(__file__)), + "upstream-info.json" +) + + +def fetch_latest_version(): + url = "http://download.virtualbox.org/virtualbox/LATEST.TXT" + return urllib.request.urlopen(url).read().strip().decode() + + +def load_upstream_info(): + try: + with open(UPSTREAM_INFO_FILE, 'r') as fp: + return json.load(fp) + except FileNotFoundError: + return {'version': "0"} + + +def save_upstream_info(contents): + remark = "Generated using update.py from the same directory." + contents['__NOTE'] = remark + data = json.dumps(contents, indent=2, sort_keys=True) + with open(UPSTREAM_INFO_FILE, 'w') as fp: + fp.write(data + "\n") + + +def fetch_file_table(version): + url = "http://download.virtualbox.org/virtualbox/{}/SHA256SUMS" + url = url.format(version) + result = {} + for line in urllib.request.urlopen(url): + sha, name = line.rstrip().split() + result[name.lstrip(b'*').decode()] = sha.decode() + return result + + +def update_to_version(version): + extpack_start = 'Oracle_VM_VirtualBox_Extension_Pack-' + version_re = version.replace('.', '\\.') + attribute_map = { + 'extpack': r'^' + extpack_start + r'[^-]+-[^.]+.vbox-extpack$', + 'extpackRev': r'^' + extpack_start + r'[^-]+-([^.]+).vbox-extpack$', + 'main': r'^VirtualBox-' + version_re + r'.tar.bz2$', + 'guest': r'^VBoxGuestAdditions_' + version_re + r'.iso$', + } + table = fetch_file_table(version) + new_attrs = {'version': version} + for attr, searchexpr in attribute_map.items(): + result = [re.search(searchexpr, key) for key in table.keys()] + filtered = filter(lambda m: m is not None, result) + found = [m.groups()[0] if len(m.groups()) > 0 else table[m.group(0)] + for m in filtered if m is not None] + + if len(found) == 0: + msg = "No package found for attribute {}".format(attr) + raise AssertionError(msg) + elif len(found) != 1: + msg = "More than one package found for attribute {}: ".format(attr) + msg += ', '.join(found) + raise AssertionError(msg) + else: + new_attrs[attr] = found[0] + return new_attrs + + +info = load_upstream_info() +latest = fetch_latest_version() +if LooseVersion(info['version']) < LooseVersion(latest): + print("Updating to version {}...".format(latest), end="", flush=True) + new_attrs = update_to_version(latest) + save_upstream_info(new_attrs) + print(" done.") +else: + print("Version {} is already the latest one.".format(info['version'])) diff --git a/pkgs/applications/virtualization/virtualbox/upstream-info.json b/pkgs/applications/virtualization/virtualbox/upstream-info.json new file mode 100644 index 000000000000..3a386004a3fd --- /dev/null +++ b/pkgs/applications/virtualization/virtualbox/upstream-info.json @@ -0,0 +1,8 @@ +{ + "__NOTE": "Generated using update.py from the same directory.", + "extpack": "607ac3636bd49a738d5c48159b39261369b5487f71fb10afa2ecf869627a12de", + "extpackRev": "110634", + "guest": "cbcf9b9b1000e09911b3d20e1efe529aef8a945cf130f6abffc14a39522cc1ed", + "main": "2e0112b0d85841587b8f212e6ba8f6c35b31e1cce6b6999497dc917cd37e6911", + "version": "5.1.6" +} diff --git a/pkgs/os-specific/linux/virtualbox/default.nix b/pkgs/os-specific/linux/virtualbox/default.nix new file mode 100644 index 000000000000..593c4400b7f4 --- /dev/null +++ b/pkgs/os-specific/linux/virtualbox/default.nix @@ -0,0 +1,23 @@ +{ stdenv, virtualbox, kernel, strace }: + +stdenv.mkDerivation { + name = "virtualbox-modules-${virtualbox.version}-${kernel.version}"; + src = virtualbox.modsrc; + hardeningDisable = [ + "fortify" "pic" "stackprotector" + ]; + + makeFlags = [ + "-C ${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" + "INSTALL_MOD_PATH=$(out)" + ]; + preBuild = "makeFlagsArray+=(\"M=$(pwd)\")"; + buildFlags = [ "modules" ]; + installTargets = [ "modules_install" ]; + + enableParallelBuilding = true; + + meta = virtualbox.meta // { + description = virtualbox.meta.description + " (kernel modules)"; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index c7dd8b76f069..df44ab3e723d 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -11400,23 +11400,13 @@ in vhba = callPackage ../misc/emulators/cdemu/vhba.nix { }; - virtualbox = callPackage ../applications/virtualization/virtualbox { - stdenv = stdenv_32bit; - inherit (gnome2) libIDL; - enableExtensionPack = config.virtualbox.enableExtensionPack or false; - pulseSupport = config.pulseaudio or false; + virtualbox = callPackage ../os-specific/linux/virtualbox { + virtualbox = pkgs.virtualboxHardened; }; - virtualboxHardened = lowPrio (virtualbox.override { - enableHardening = true; - }); - - virtualboxHeadless = lowPrio (virtualbox.override { - enableHardening = true; - headless = true; - }); - - virtualboxGuestAdditions = callPackage ../applications/virtualization/virtualbox/guest-additions { }; + virtualboxGuestAdditions = callPackage ../applications/virtualization/virtualbox/guest-additions { + virtualbox = pkgs.virtualboxHardened; + }; wireguard = callPackage ../os-specific/linux/wireguard { }; @@ -15232,6 +15222,22 @@ in virtinst = callPackage ../applications/virtualization/virtinst {}; + virtualbox = callPackage ../applications/virtualization/virtualbox { + stdenv = stdenv_32bit; + inherit (gnome2) libIDL; + enableExtensionPack = config.virtualbox.enableExtensionPack or false; + pulseSupport = config.pulseaudio or true; + }; + + virtualboxHardened = lowPrio (virtualbox.override { + enableHardening = true; + }); + + virtualboxHeadless = lowPrio (virtualbox.override { + enableHardening = true; + headless = true; + }); + virtualglLib = callPackage ../tools/X11/virtualgl/lib.nix { fltk = fltk13; }; |