Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New package for yubikey-manager-qt #55587

Merged
merged 4 commits into from Feb 15, 2019
Merged

New package for yubikey-manager-qt #55587

merged 4 commits into from Feb 15, 2019

Conversation

avdv
Copy link
Member

@avdv avdv commented Feb 11, 2019

Motivation for this change

I own a few Yubikeys, USB keys for FIDO2 U2F auth. There is a new graphical manager appliation based on Qt5 (similar to yubikey-manager-neo) from Yubico.

This is my first try writing a Nix expression for a new package, a probably made some mistakes. Please advice.

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nox --run "nox-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Assured whether relevant documentation is up to date
  • Fits CONTRIBUTING.md.

delroth
delroth reviewed Feb 11, 2019
View reviewed changes
Copy link
Contributor

@delroth delroth left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Did a quick first review pass -- I don't know anything about Qt or Python packaging in Nix, so mostly addressing the low hanging fruits :-)

pkgs/tools/misc/yubikey-manager-qt/default.nix Outdated Show resolved Hide resolved
pkgs/tools/misc/yubikey-manager-qt/default.nix Outdated
version = "1.1.0";

src = fetchurl {
url = "https://developers.yubico.com/yubikey-manager-qt/Releases/yubikey-manager-qt-${version}.tar.gz";
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just ${name}.tar.gz?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes.

pkgs/tools/misc/yubikey-manager-qt/default.nix Outdated Show resolved Hide resolved
pkgs/tools/misc/yubikey-manager-qt/default.nix Outdated Show resolved Hide resolved
pkgs/tools/misc/yubikey-manager-qt/default.nix Outdated
];

in stdenv.mkDerivation rec {
name = "${pname}-${version}";
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Doesn't seem like pname is used anywhere else, just inline it in here?

Copy link
Member Author

@avdv avdv Feb 12, 2019
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That seems to be a standard attribute, given what @Ma27 said about the name attribute. So, I am removing name assignment.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I obviously didn't explain this well enough: you can either use pname (and version) which is concatenated to ${pname}-${version} or simply use a name attribute. The first option has been implemented for convenience reasons, the latter is more commonly used.

pkgs/tools/misc/yubikey-manager-qt/default.nix Outdated Show resolved Hide resolved
Ma27
Ma27 requested changes Feb 11, 2019
View reviewed changes
Copy link
Member

@Ma27 Ma27 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks a lot for your contribution. Unfortunately I get the following error when starting ./result/bin/ykman-gui (after removing the duplicated homepage entry from meta):

QQmlApplicationEngine failed to load component
qrc:/qml/main.qml:1 module "QtQuick" is not installed
qrc:/qml/main.qml:6 module "QtQuick.Controls.Material" is not installed
qrc:/qml/main.qml:4 module "Qt.labs.settings" is not installed
qrc:/qml/main.qml:2 module "QtQuick.Controls" is not installed
qrc:/qml/main.qml:7 module "QtQuick.Window" is not installed
qrc:/qml/main.qml:3 module "QtQuick.Layouts" is not installed
qrc:/qml/main.qml:5 module "Qt.labs.platform" is not installed
qrc:/qml/main.qml:1 module "QtQuick" is not installed
qrc:/qml/main.qml:6 module "QtQuick.Controls.Material" is not installed
qrc:/qml/main.qml:4 module "Qt.labs.settings" is not installed
qrc:/qml/main.qml:2 module "QtQuick.Controls" is not installed
qrc:/qml/main.qml:7 module "QtQuick.Window" is not installed
qrc:/qml/main.qml:3 module "QtQuick.Layouts" is not installed
qrc:/qml/main.qml:5 module "Qt.labs.platform" is not installed
qrc:/qml/main.qml:1 module "QtQuick" is not installed
qrc:/qml/main.qml:6 module "QtQuick.Controls.Material" is not installed
qrc:/qml/main.qml:4 module "Qt.labs.settings" is not installed
qrc:/qml/main.qml:2 module "QtQuick.Controls" is not installed
qrc:/qml/main.qml:7 module "QtQuick.Window" is not installed
qrc:/qml/main.qml:3 module "QtQuick.Layouts" is not installed
qrc:/qml/main.qml:5 module "Qt.labs.platform" is not installed
qrc:/qml/main.qml:1 module "QtQuick" is not installed
qrc:/qml/main.qml:6 module "QtQuick.Controls.Material" is not installed
qrc:/qml/main.qml:4 module "Qt.labs.settings" is not installed
qrc:/qml/main.qml:2 module "QtQuick.Controls" is not installed
qrc:/qml/main.qml:7 module "QtQuick.Window" is not installed
qrc:/qml/main.qml:3 module "QtQuick.Layouts" is not installed
qrc:/qml/main.qml:5 module "Qt.labs.platform" is not installed
qrc:/qml/main.qml:1 module "QtQuick" is not installed
qrc:/qml/main.qml:6 module "QtQuick.Controls.Material" is not installed
qrc:/qml/main.qml:4 module "Qt.labs.settings" is not installed
qrc:/qml/main.qml:2 module "QtQuick.Controls" is not installed
qrc:/qml/main.qml:7 module "QtQuick.Window" is not installed
qrc:/qml/main.qml:3 module "QtQuick.Layouts" is not installed
qrc:/qml/main.qml:5 module "Qt.labs.platform" is not installed
qrc:/qml/main.qml:1 module "QtQuick" is not installed
qrc:/qml/main.qml:6 module "QtQuick.Controls.Material" is not installed
qrc:/qml/main.qml:4 module "Qt.labs.settings" is not installed
qrc:/qml/main.qml:2 module "QtQuick.Controls" is not installed
qrc:/qml/main.qml:7 module "QtQuick.Window" is not installed
qrc:/qml/main.qml:3 module "QtQuick.Layouts" is not installed
qrc:/qml/main.qml:5 module "Qt.labs.platform" is not installed
qrc:/qml/main.qml:1 module "QtQuick" is not installed
qrc:/qml/main.qml:6 module "QtQuick.Controls.Material" is not installed
qrc:/qml/main.qml:4 module "Qt.labs.settings" is not installed
qrc:/qml/main.qml:2 module "QtQuick.Controls" is not installed
qrc:/qml/main.qml:7 module "QtQuick.Window" is not installed
qrc:/qml/main.qml:3 module "QtQuick.Layouts" is not installed
qrc:/qml/main.qml:5 module "Qt.labs.platform" is not installed

[1]    24343 segmentation fault  ./result/bin/ykman-gui

pkgs/tools/misc/yubikey-manager-qt/default.nix Outdated Show resolved Hide resolved
pkgs/tools/misc/yubikey-manager-qt/default.nix Outdated Show resolved Hide resolved
pkgs/tools/misc/yubikey-manager-qt/default.nix Outdated Show resolved Hide resolved
pkgs/tools/misc/yubikey-manager-qt/default.nix Outdated
wrapProgram $out/bin/ykman-gui \
--prefix PYTHONPATH : "$program_PYTHONPATH" \
--prefix LD_PRELOAD : "${yubikey-personalization}/lib/libykpers-1.so" \
--prefix LD_LIBRARY_PATH : "${stdenv.lib.getLib pcsclite}/lib:${yubikey-personalization}/lib" \
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actually an appropriate ELF header is produced during the build. But I need to recheck this as soon as we got this working properly :)

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Again, isn't pcsclite a dependency (and shouldn't be added using LD_LIBRARY_PATH)? Also I'm not sure if LD_PRELOAD is actually needed.

@Ma27
Copy link
Member

Ma27 commented Feb 11, 2019

...and @delroth was slightly faster than me 😅

@avdv
Copy link
Member Author

avdv commented Feb 12, 2019

@Ma27 and @delroth thank you so much! I (hopefully) fixed all the issues you mentioned and pushed a fixup commit. I'll squash the last two commits on your mark.

@Ma27
Copy link
Member

Ma27 commented Feb 12, 2019

Thanks a lot for stepping through the feedback. Although the program starts for me, it doesn't detect a YubiKey for me (yubikey-personalization-gui is installed in my nixos-config and detects it). Am I missing any additional udev rules? In that case we should document this i.e. in doc/package-notes.xml.

@avdv
Copy link
Member Author

avdv commented Feb 12, 2019
edited

Thanks a lot for stepping through the feedback. Although the program starts for me, it doesn't detect a YubiKey for me (yubikey-personalization-gui is installed in my nixos-config and detects it). Am I missing any additional udev rules? In that case we should document this i.e. in doc/package-notes.xml.

I also had a hard time to figure this out...

You need to have the pcscd service (from pcsclite) configured for the program to work. (services.systemd.pcsclite.enabled = true; if I remember correctly -- I am not at home right now)

And you need the udev rules from libu2f-host enabled for Firefox to recognize the stick for authentication. (services.udev.packages = [ libu2f-hosts ];)

update:

This is the configuration I have in place:

  services.pcscd.enable = true;
  services.pcscd.plugins = [ pkgs.acsccid pkgs.ccid ];

  services.udev.packages = [ pkgs.libu2f-host ];

I think pkgs.acsccid is not really needed for a Yubikey.

@Ma27
Copy link
Member

Ma27 commented Feb 12, 2019

The service you're reffering to is called pcscd. With it enabled the GUI seems to work 👍

@dtzWill
Copy link
Member

dtzWill commented Feb 14, 2019

Works here too, thanks!

@Ma27
yubikey-manager-qt: cleanup
703e876 
* Explicitly specify all QT dependencies rather than import from the
  `qt5` attr set. This makes overrides of a single library easier.

* Drop the superfluous `with stdenv` expression and reference lib or
  stdenv itself where possible.

* Don't manually configure shared libraries to load. This is mostly done
  automatically during the build steps.
@Ma27
Copy link
Member

Ma27 commented Feb 15, 2019

I pushed a second commit onto your branch (that can be easily removed if needed) that does some minor cleanup as explained in the commit message. If the commit is fine for you and with it the package remains functional for you, I'd approve and merge :)

@avdv
Copy link
Member Author

avdv commented Feb 15, 2019

@Ma27 LGTM, and still works for me, thank you!

@Ma27 Ma27 merged commit 2e359d9 into NixOS:master Feb 15, 2019
@Ma27
Copy link
Member

Ma27 commented Feb 15, 2019

@avdv thanks!

@bricewge bricewge mentioned this pull request May 30, 2019
Merged
10 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@delroth delroth delroth left review comments

@Ma27 Ma27 Ma27 approved these changes

Assignees
No one assigned
Labels
8.has: package (new) 10.rebuild-darwin: 0 10.rebuild-linux: 1-10 11.by: package-maintainer
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@avdv @Ma27 @dtzWill @delroth @GrahamcOfBorg