chromium: Remove out-of-tree sandbox derivation.

Since 0aad4b7, we no longer need to have an external sandbox binary,
because the upstream implementation of the user namespace sandbox no
longer needs an external sandbox binary.

In our implementation of the user namespace sandbox, we (ab)used the
setuid sandbox to run non-setuid and set up user namespaces instead.

Because our implementation is no longer needed, we can safely drop the
external binary entirely.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This commit is contained in:
aszlig 2015-07-02 10:24:19 +02:00
parent 97ddd04ca9
commit a80437e236
No known key found for this signature in database
GPG Key ID: D0EBD0EC8C2DC961
4 changed files with 1 additions and 26 deletions

View File

@ -126,7 +126,6 @@ let
# derivations.
prePatch = ''
cp -dr --no-preserve=mode "${source.main}"/* .
cp -dr --no-preserve=mode "${source.sandbox}" sandbox
cp -dr "${source.bundled}" third_party
chmod -R u+w third_party
'';

View File

@ -33,7 +33,6 @@ let
};
browser = callPackage ./browser.nix { };
sandbox = callPackage ./sandbox.nix { };
plugins = callPackage ./plugins.nix {
inherit enablePepperFlash enableWideVine;
@ -71,7 +70,6 @@ in stdenv.mkDerivation {
buildCommand = let
browserBinary = "${chromium.browser}/libexec/chromium/chromium";
sandboxBinary = "${chromium.sandbox}/bin/chromium-sandbox";
mkEnvVar = key: val: "--set '${key}' '${val}'";
envVars = chromium.plugins.settings.envVars or {};
flags = chromium.plugins.settings.flags or [];

View File

@ -1,21 +0,0 @@
{ stdenv, source }:
stdenv.mkDerivation {
name = "chromium-sandbox-${source.version}";
src = source.sandbox;
patchPhase = ''
sed -i -e '/#include.*base_export/c \
#define BASE_EXPORT __attribute__((visibility("default")))
/#include/s|sandbox/linux|'"$(pwd)"'/linux|
' linux/suid/*.[hc]
'';
buildPhase = ''
gcc -Wall -std=gnu99 -o sandbox linux/suid/*.c
'';
installPhase = ''
install -svD sandbox "$out/bin/chromium-sandbox"
'';
}

View File

@ -14,7 +14,6 @@ let
"s,^[^/]+(.*)$,$main\\1,"
"s,$main/(build|tools)(/.*)?$,$out/\\1\\2,"
"s,$main/third_party(/.*)?$,$bundled\\1,"
"s,$main/sandbox(/.*)?$,$sandbox\\1,"
"s,^/,,"
]);
@ -29,7 +28,7 @@ in stdenv.mkDerivation {
buildInputs = [ python ]; # cannot patch shebangs otherwise
phases = [ "unpackPhase" "patchPhase" ];
outputs = [ "out" "sandbox" "bundled" "main" ];
outputs = [ "out" "bundled" "main" ];
unpackPhase = ''
tar xf "$src" -C / \