In 2942815968, the dependencies for Qt 5
were passed using buildEnv with all the development binaries, headers
and libs. Unfortunately, the build output references that environment
which also increases the size of the runtime closure.
The upstream makefile assumes a common Qt 5 library path, but that's not
the case within Nix, because we have separate paths for the Qt 5
modules.
We now patch the makefile to recognize PATH_QT5_X11_EXTRAS_{LIB,INC} so
that we can pass in the relevant paths from Qt5X11Extras.
In summary, the closure size goes down to 525559600 bytes (501 MB)
instead of 863035544 bytes (823 MB) with vbox-qt5-env.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Putting the kernel modules into the same output path as the main
VirtualBox derivation causes all of VirtualBox to be rebuilt on every
single kernel update.
The build process of VirtualBox already outputs the kernel module source
along with the generated files for the configuration of the main
VirtualBox package. We put this into a different output called "modsrc"
which we re-use from linuxPackages.virtualbox, which is now only
containing the resulting kernel modules without the main user space
implementation.
This not only has the advantage of decluttering the Nix expression for
the user space portions but also gets rid of the need to nuke references
and the need to patch out "depmod -a".
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
We now no longer need to update VirtualBox manually, which has a few
advantages. Along with making it just easier to update this also makes
the update procedure way less error-prone, for example if people forget
to bump the extension pack revision or to update the guest additions.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Just a small updater which should fetch the latest sha256sums from the
upstream site and check whether the current version is the latest one.
The output is in a JSON file in the same directory, which then will be
used by the Nix expressions to fetch the upstream files.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
It's my understanding that Emacs runs the "structured-haskell-mode" binary
virtually every time you press a key in an Haskell buffer, and since
dynamically linked Haskell binaries take *much* longer to start up, switching
this particular package to statically linked libraries ought to result in a
performance boost.
These changes are needed to be able to run the system emulator (QEMU)
from Android Studio. In addition to the added dependencies,
$LD_LIBRARY_PATH had to be changed from --set to --prefix, so that libGL
is found (on NixOS).
The opam package manager relies on external solvers to determine package
management decisions it makes related to upgrades, new installations,
etc.
While, strictly speaking, an external solver is optional, aspcud is
highly recommended in documentation. Furthermore, even having a
relatively small number of packages installed quickly causes the limits
of the interal solver to be reached (before it times out).
Aspcud itself depends on two programs from the same suite: gringo, and
clasp.
On Darwin, Boost 1.55 (and thus Gringo) do not build, so we only support
Aspcud on non-Darwin platforms.
It's a long build and generally painful to split into smaller commits,
so I apologize for lumping many changes into one commit but this is far
easier.
There are still several outdated parts of the darwin stdenv but these
changes should bring us closer to the goal.
Fixes#18461
Enables previously manually disabled stackprotector and stackguard
randomization.
From https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=511811:
If glibc is built with the --enable-stackguard-randomization option,
each application gets a random canary value (at runtime) from /dev/urandom.
If --enable-stackguard-randomization is absent, applications get a static
canary value of "0xff0a0000". This is very unfortunate, because the
attacker may be able to bypass the stack protection mechanism, by placing
those 4 bytes in the canary word, before the actual canary check is
performed (for example in memcpy-based buffer overflows).
