New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fprintd, libfprint : update to 1.90.1 #75435
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The MR was merged, release still not tagged though.
Hello @jtojnar : thank you for your review. Currently upstream does not compile against libfprint version 1.90 (with current derivation), I believe this might be related to the reason they did not tagged it yet. |
We have two MR on upstream for releasing the 1.90.1 on both the library and the binary:
I've updated this PR with the latest versions. |
I've pushed an update with the latest content of the merge requests on GitLab. |
1.90.1 version has been released on both projects 3 hours ago, I'm currently working on integrating it. I will submit this PR asap. Is it too late for the feature freeze of 20.03 @worldofpeace ? |
Finished to port
Current testing :
The |
We can only backport bugfixes releases, I'm not sure this qualifies as one? |
Given that this is still a pre-release, I would move this to 20.09 |
@jtojnar : I don't see any mention that this one is deemed a pre-release ? They seems to have wanted to release a 1.90.1 version to support the devices while iterating towards a 2.0 version (based on comment on this MR on But let's keep it for 20.09 anyway ;) |
Bonus question : should I add myself to the maintainers ? |
Totally |
This pull request has been mentioned on NixOS Discourse. There might be relevant details there: https://discourse.nixos.org/t/working-on-updating-libfprint-to-1-90/4958/3 |
@LEXUGE Is there an upstream bug report/merge request for that? |
Not really but it should be a bug |
Could you open it then please? Applying random patches for unreported bugs rarely leads to upstream fixes. |
I will do it later. |
Issue has been opened |
@LEXUGE : While being an issue on upstream, the way I pass the path to the derivation seems to be broken as is. I'm not sure why it works on my side, probably because I have a state directory that is populated by many tries of many versions while working on the derivation. |
@jtojnar Thank you very much for your time and your extensive review, let me know if there is other parts I can improve. |
I've redone a round of tests (enrolling, login with different managers like GDM etc...) it works correctly on my side. |
I tried the following but diff --git a/pkgs/tools/security/fprintd/default.nix b/pkgs/tools/security/fprintd/default.nix
index f589ffe8c76..0f5b2ac2244 100644
--- a/pkgs/tools/security/fprintd/default.nix
+++ b/pkgs/tools/security/fprintd/default.nix
@@ -20,7 +20,6 @@
, systemd
, libfprint
, python3
-, pypamtest
}:
stdenv.mkDerivation rec {
@@ -43,6 +42,20 @@ stdenv.mkDerivation rec {
url = "https://gitlab.freedesktop.org/libfprint/fprintd/-/merge_requests/50.patch";
sha256 = "1wqkk7bqig0fhjbq1487kxkh7yc9356qjsac1x27pzgakbayxpyy";
})
+ # Fixes issue with ":" when there is multiple paths (might be the case on NixOS)
+ # https://gitlab.freedesktop.org/libfprint/fprintd/-/merge_requests/50
+ (fetchpatch {
+ url = "https://gitlab.freedesktop.org/libfprint/fprintd/-/commit/d7fec03f24d10f88d34581c72f0eef201f5eafac.patch";
+ sha256 = "QNN05WF4YZ0XiTwm5NkfqZDuQpyXlnrh+RJF9SNsCDk=";
+ })
+ (fetchpatch {
+ url = "https://gitlab.freedesktop.org/libfprint/fprintd/-/commit/4f3589c0dc0feb67c45cdae7e692d70fe493f3d8.patch";
+ sha256 = "2kYo8uqMja3r9SroKB5cR777MJ/BGig4PB1qwLUQ01U=";
+ })
+ (fetchpatch {
+ url = "https://gitlab.freedesktop.org/libfprint/fprintd/-/commit/f401f399a85dbeb2de165b9b9162eb552ab6eea7.patch";
+ sha256 = "Pga+/QEkln8DOwGZfKM1r2urJX4Y3X0bozWWxKZ5ia0=";
+ })
];
nativeBuildInputs = [
@@ -91,7 +104,10 @@ stdenv.mkDerivation rec {
# Ideally, we should find a way to execute the test here
# instead of the buildPhase.
doCheck = true;
- checkPhase = ":";
+
+ postPatch = ''
+ patchShebangs po/check-translations.sh
+ '';
meta = with stdenv.lib; {
homepage = "https://fprint.freedesktop.org/";
|
@jtojnar IIRC, GCC checks the
Fixes this issue. |
I think it is okay for tests in |
I'm now fighting with a
I'm not sure how to fix this one. (I'm not familiar enough with meson). |
Missed two commits from https://gitlab.freedesktop.org/libfprint/fprintd/-/merge_requests/40, now picking it completely: diff --git a/pkgs/tools/security/fprintd/default.nix b/pkgs/tools/security/fprintd/default.nix
index 3f25e813279..f5bb97a65a5 100644
--- a/pkgs/tools/security/fprintd/default.nix
+++ b/pkgs/tools/security/fprintd/default.nix
@@ -42,6 +42,20 @@ stdenv.mkDerivation rec {
url = "https://gitlab.freedesktop.org/libfprint/fprintd/-/merge_requests/50.patch";
sha256 = "1wqkk7bqig0fhjbq1487kxkh7yc9356qjsac1x27pzgakbayxpyy";
})
+ # Fixes issue with ":" when there is multiple paths (might be the case on NixOS)
+ # https://gitlab.freedesktop.org/libfprint/fprintd/-/merge_requests/50
+ (fetchpatch {
+ url = "https://gitlab.freedesktop.org/libfprint/fprintd/-/commit/d7fec03f24d10f88d34581c72f0eef201f5eafac.patch";
+ sha256 = "QNN05WF4YZ0XiTwm5NkfqZDuQpyXlnrh+RJF9SNsCDk=";
+ })
+ (fetchpatch {
+ url = "https://gitlab.freedesktop.org/libfprint/fprintd/-/merge_requests/40.patch";
+ sha256 = "43uPihK6HhygHw1Qplwci80Wseq/S77VUp+OdEECHmM=";
+ })
+ (fetchpatch {
+ url = "https://gitlab.freedesktop.org/libfprint/fprintd/-/commit/f401f399a85dbeb2de165b9b9162eb552ab6eea7.patch";
+ sha256 = "Pga+/QEkln8DOwGZfKM1r2urJX4Y3X0bozWWxKZ5ia0=";
+ })
];
nativeBuildInputs = [
@@ -75,10 +89,6 @@ stdenv.mkDerivation rec {
pypamtest
];
- PKG_CONFIG_DBUS_1_INTERFACES_DIR = "${placeholder "out"}/share/dbus-1/interfaces";
- PKG_CONFIG_POLKIT_GOBJECT_1_POLICYDIR = "${placeholder "out"}/share/polkit-1/actions";
- PKG_CONFIG_DBUS_1_DATADIR = "${placeholder "out"}/share";
-
mesonFlags = [
"-Dgtk_doc=true"
"-Dpam_modules_dir=${placeholder "out"}/lib/security"
@@ -87,10 +97,18 @@ stdenv.mkDerivation rec {
"-Dsystemd_system_unit_dir=${placeholder "out"}/lib/systemd/system"
];
- # Ideally, we should find a way to execute the test here
- # instead of the buildPhase.
+ PKG_CONFIG_DBUS_1_INTERFACES_DIR = "${placeholder "out"}/share/dbus-1/interfaces";
+ PKG_CONFIG_POLKIT_GOBJECT_1_POLICYDIR = "${placeholder "out"}/share/polkit-1/actions";
+ PKG_CONFIG_DBUS_1_DATADIR = "${placeholder "out"}/share";
+
+ # FIXME: Ugly hack for tests to find libpam_wrapper.so
+ LIBRARY_PATH = stdenv.lib.makeLibraryPath [ python3.pkgs.pypamtest ];
+
doCheck = true;
- checkPhase = ":";
+
+ postPatch = ''
+ patchShebangs po/check-translations.sh
+ '';
meta = with stdenv.lib; {
homepage = "https://fprint.freedesktop.org/";
But it still fails and the errors are even less helpful:
|
I haven't been able to fix the tests, the reason for the |
Tried running it with
in
only that it must be failing somewhere in Replacing openpam by linux-pam seems to fix it, though. |
I should switch the dependency from |
@jtojnar I've pushed an update with the switch from |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to me, thanks for all your hard work 🦸♀️
Thanks a lot for your help, time and reviews! |
Is anything still preventing this PR from being merged ? :) |
Should be fine, thanks again. |
Thank you! |
This pull request has been mentioned on NixOS Discourse. There might be relevant details there: |
See regression reported in #103739 |
Motivation for this change
Updates
libfprint
andfprintd
. It also addslibpam-wrapper
: a library made to test pam modules. This library is used by upstream to test thefprintd
build.Things done
sandbox
innix.conf
on non-NixOS linux)nix-shell -p nix-review --run "nix-review wip"
./result/bin/
)nix path-info -S
before and after)Notify maintainers
cc @abbradar