diff options
| -rw-r--r-- | nixos/modules/module-list.nix | 1 | ||||
| -rw-r--r-- | nixos/modules/programs/unity3d.nix | 25 | ||||
| -rw-r--r-- | pkgs/development/tools/unity3d/default.nix | 142 | ||||
| -rw-r--r-- | pkgs/development/tools/unity3d/unity-nosuid.c | 32 | ||||
| -rw-r--r-- | pkgs/top-level/all-packages.nix | 6 |
5 files changed, 206 insertions, 0 deletions
diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 487dc8a6d392..3944d7114c0b 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -79,6 +79,7 @@ ./programs/ssh.nix ./programs/ssmtp.nix ./programs/tmux.nix + ./programs/unity3d.nix ./programs/venus.nix ./programs/wvdial.nix ./programs/xfs_quota.nix diff --git a/nixos/modules/programs/unity3d.nix b/nixos/modules/programs/unity3d.nix new file mode 100644 index 000000000000..3c0ea26d9d56 --- /dev/null +++ b/nixos/modules/programs/unity3d.nix @@ -0,0 +1,25 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let cfg = config.programs.unity3d; +in { + + options = { + programs.unity3d.enable = mkEnableOption "Unity3D, a game development tool"; + }; + + config = mkIf cfg.enable { + security.setuidOwners = [{ + program = "unity-chrome-sandbox"; + source = "${pkgs.unity3d.sandbox}/bin/unity-chrome-sandbox"; + owner = "root"; + #group = "root"; + setuid = true; + #setgid = true; + }]; + + environment.systemPackages = [ pkgs.unity3d ]; + }; + +} diff --git a/pkgs/development/tools/unity3d/default.nix b/pkgs/development/tools/unity3d/default.nix new file mode 100644 index 000000000000..8f89770ffc85 --- /dev/null +++ b/pkgs/development/tools/unity3d/default.nix @@ -0,0 +1,142 @@ +{ stdenv, lib, fetchurl, makeWrapper, fakeroot, file, getopt +, gtk2, gdk_pixbuf, glib, mesa_glu, postgresql, nss, nspr +, alsaLib, GConf, cups, libcap, fontconfig, freetype, pango +, cairo, dbus, expat, zlib, libpng12, nodejs, gnutar, gcc, gcc_32bit +, libX11, libXcursor, libXdamage, libXfixes, libXrender, libXi +, libXcomposite, libXext, libXrandr, libXtst, libSM, libICE, libxcb +, mono, libgnomeui, gnome_vfs, gnome-sharp, gtk-sharp +}: + +let + libPath64 = lib.makeLibraryPath [ + gcc.cc gtk2 gdk_pixbuf glib mesa_glu postgresql nss nspr + alsaLib GConf cups libcap fontconfig freetype pango + cairo dbus expat zlib libpng12 + libX11 libXcursor libXdamage libXfixes libXrender libXi + libXcomposite libXext libXrandr libXtst libSM libICE libxcb + ]; + libPath32 = lib.makeLibraryPath [ gcc_32bit.cc ]; + binPath = lib.makeBinPath [ nodejs gnutar ]; + developBinPath = lib.makeBinPath [ mono ]; + developLibPath = lib.makeLibraryPath [ + glib libgnomeui gnome_vfs gnome-sharp gtk-sharp gtk-sharp.gtk + ]; + developDotnetPath = lib.concatStringsSep ":" [ + gnome-sharp gtk-sharp + ]; + + ver = "5.3.5"; + build = "f1"; + date = "20160525"; + pkgVer = "${ver}${build}"; + fullVer = "${pkgVer}+${date}"; + +in stdenv.mkDerivation rec { + name = "unity-editor-${version}"; + version = pkgVer; + + src = fetchurl { + url = "http://download.unity3d.com/download_unity/linux/unity-editor-installer-${fullVer}.sh"; + sha256 = "0lmc65175fdvbyn3565pjlg6cc4l5i58fj7bxzi5cqykkbzv5wdm"; + }; + + nosuidLib = ./unity-nosuid.c; + + nativeBuildInputs = [ makeWrapper fakeroot file getopt ]; + + outputs = [ "out" "monodevelop" "sandbox" ]; + + unpackPhase = '' + echo -e 'q\ny' | fakeroot sh $src + sourceRoot="unity-editor-${pkgVer}" + ''; + + buildPhase = '' + patchFile() { + ftype="$(file -b "$1")" + if [[ "$ftype" =~ LSB\ .*dynamically\ linked ]]; then + if [[ "$ftype" =~ 32-bit ]]; then + rpath="${libPath32}" + intp="$(cat $NIX_CC/nix-support/dynamic-linker-m32)" + else + rpath="${libPath64}" + intp="$(cat $NIX_CC/nix-support/dynamic-linker)" + fi + + rpath="$(patchelf --print-rpath "$1"):$rpath" + if [[ "$ftype" =~ LSB\ shared ]]; then + patchelf \ + --set-rpath "$rpath" \ + "$1" + elif [[ "$ftype" =~ LSB\ executable ]]; then + patchelf \ + --set-rpath "$rpath" \ + --interpreter "$intp" \ + "$1" + fi + fi + } + + cd Editor + + $CC -fPIC -shared -o libunity-nosuid.so $nosuidLib -ldl + strip libunity-nosuid.so + + # Exclude PlaybackEngines to build something that can be run on FHS-compliant Linuxes + find . -name PlaybackEngines -prune -o -executable -type f -print | while read path; do + patchFile "$path" + done + + cd .. + ''; + + installPhase = '' + install -Dm755 Editor/chrome-sandbox $sandbox/bin/unity-chrome-sandbox + + unitydir="$out/opt/Unity/Editor" + mkdir -p $unitydir + mv Editor/* $unitydir + ln -sf /var/setuid-wrappers/unity-chrome-sandbox $unitydir/chrome-sandbox + + mkdir -p $out/share/applications + sed "/^Exec=/c\Exec=$out/bin/unity-editor" \ + < unity-editor.desktop \ + > $out/share/applications/unity-editor.desktop + + install -D unity-editor-icon.png $out/share/icons/hicolor/256x256/apps/unity-editor-icon.png + + mkdir -p $out/bin + makeWrapper $unitydir/Unity $out/bin/unity-editor \ + --prefix LD_PRELOAD : "$unitydir/libunity-nosuid.so" \ + --prefix PATH : "${binPath}" + + developdir="$monodevelop/opt/Unity/MonoDevelop" + mkdir -p $developdir + mv MonoDevelop/* $developdir + + mkdir -p $monodevelop/share/applications + sed "/^Exec=/c\Exec=$monodevelop/bin/unity-monodevelop" \ + < unity-monodevelop.desktop \ + > $monodevelop/share/applications/unity-monodevelop.desktop + + mkdir -p $monodevelop/bin + makeWrapper $developdir/bin/monodevelop $monodevelop/bin/unity-monodevelop \ + --prefix PATH : "${developBinPath}" \ + --prefix LD_LIBRARY_PATH : "${developLibPath}" \ + --prefix MONO_GAC_PREFIX : "${developDotnetPath}" + ''; + + dontStrip = true; + + meta = with stdenv.lib; { + homepage = https://unity3d.com/; + description = "Game development tool"; + longDescription = '' + Popular development platform for creating 2D and 3D multiplatform games + and interactive experiences. + ''; + license = licenses.unfree; + platforms = [ "x86_64-linux" ]; + maintainers = with maintainers; [ jb55 ]; + }; +} diff --git a/pkgs/development/tools/unity3d/unity-nosuid.c b/pkgs/development/tools/unity3d/unity-nosuid.c new file mode 100644 index 000000000000..26a923ab0394 --- /dev/null +++ b/pkgs/development/tools/unity3d/unity-nosuid.c @@ -0,0 +1,32 @@ +#define _GNU_SOURCE + +#include <stdio.h> +#include <string.h> +#include <sys/stat.h> +#include <unistd.h> +#include <dlfcn.h> + +static const char sandbox_path[] = "/chrome-sandbox"; + +int __xstat(int ver, const char* path, struct stat* stat_buf) { + static int (*original_xstat)(int, const char*, struct stat*) = NULL; + if (original_xstat == NULL) { + int (*fun)(int, const char*, struct stat*) = dlsym(RTLD_NEXT, "__xstat"); + if (fun == NULL) { + return -1; + }; + original_xstat = fun; + }; + + int res = (*original_xstat)(ver, path, stat_buf); + if (res == 0) { + char* pos = strstr(path, sandbox_path); + if (pos != NULL && *(pos + sizeof(sandbox_path) - 1) == '\0') { + printf("Lying about chrome-sandbox access rights...\n"); + stat_buf->st_uid = 0; + stat_buf->st_gid = 0; + stat_buf->st_mode = 0104755; + }; + } + return res; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 1377f1b958e1..88bbeca62121 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -16779,6 +16779,12 @@ in ums = callPackage ../servers/ums { }; + unity3d = callPackage ../development/tools/unity3d { + stdenv = stdenv_32bit; + gcc_32bit = pkgsi686Linux.gcc; + inherit (gnome2) GConf libgnomeui gnome_vfs; + }; + urbit = callPackage ../misc/urbit { }; utf8proc = callPackage ../development/libraries/utf8proc { }; |