New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ovftool: init at 4.4.1 #107599
ovftool: init at 4.4.1 #107599
Conversation
Result of Shouldn't this build on x86_64? |
@SuperSandro2000 It currently uses requireFile since ovftool is from VMWare's website and requires a (free) account to download... if I can find a mirror that we can actually use I'll replace it |
It also currently requires the (insecure) openssl_1_0_2, because ovftool depends on pre-1.1 OpenSSL |
So, I at least tried forcing ovftool to use OpenSSL 1.1 and testing by signing a .ova file. It seems to specifically want to use 1.0.2 rather than 1.1. I can sign an OVA if it depends on OpenSSL 1.0.2, but bait-and-switch to 1.1 makes ovftool crash. strace shows it looking for 1.0.2 - since our OpenSSL 1.0.2 is named 1.0.0, symlinking that into lib seemed to satisfy it. But lying it to it and symlinking 1.1 as 1.0.2 makes it look elsewhere and eventually give up/abort. This gives us a couple options if we don't want to add new dependencies on insecure libraries:
|
This is because openssl_1_0_2 is insecure. If you allow insecure packages it will build. |
Comments addressed. |
Added ovftoolBundles param to facilitate use of the package with callPackage + VMWare .bundle file. |
Any chance of seeing this merged for 21.05? |
ln -s "${openssl_1_0_2.out}/lib/libcrypto.so" \ | ||
"$out/lib/$pname/libcrypto.so.1.0.2" | ||
ln -s "${openssl_1_0_2.out}/lib/libssl.so" \ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ln -s "${openssl_1_0_2.out}/lib/libcrypto.so" \ | |
"$out/lib/$pname/libcrypto.so.1.0.2" | |
ln -s "${openssl_1_0_2.out}/lib/libssl.so" \ | |
ln -s "${openssl_1_0_2.lib}/lib/libcrypto.so" \ | |
"$out/lib/$pname/libcrypto.so.1.0.2" | |
ln -s "${openssl_1_0_2.lib}/lib/libssl.so" \ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
openssl_1_0_2 does not appear to have .lib on latest master
@ofborg eval |
@ofborg eval |
Changes addressed. |
Motivation for this change
Adding VMWare's proprietary ovftool (c.f. https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=vmware-ovftool), which has a weird self-extracting installer on i686-linux and x86_64-linux that requires a FHS env to run.
Things done
sandbox
innix.conf
on non-NixOS linux)nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
./result/bin/
)nix path-info -S
before and after)