From dad760061eebae26c33415a1b38704ff1b1a88d2 Mon Sep 17 00:00:00 2001 From: volth Date: Thu, 5 Jan 2017 23:14:35 +0000 Subject: [PATCH 1/3] xrdp: init at 0.9.1 --- nixos/modules/module-list.nix | 1 + nixos/modules/services/networking/xrdp.nix | 150 ++++++++++++++++++ nixos/tests/xrdp.nix | 45 ++++++ .../networking/remote/xrdp/default.nix | 111 +++++++++++++ pkgs/top-level/all-packages.nix | 2 + 5 files changed, 309 insertions(+) create mode 100644 nixos/modules/services/networking/xrdp.nix create mode 100644 nixos/tests/xrdp.nix create mode 100644 pkgs/applications/networking/remote/xrdp/default.nix diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 4ff069f48ab4..59fd73250952 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -504,6 +504,7 @@ ./services/networking/wpa_supplicant.nix ./services/networking/xinetd.nix ./services/networking/xl2tpd.nix + ./services/networking/xrdp.nix ./services/networking/zerobin.nix ./services/networking/zerotierone.nix ./services/networking/znc.nix diff --git a/nixos/modules/services/networking/xrdp.nix b/nixos/modules/services/networking/xrdp.nix new file mode 100644 index 000000000000..5923e436d648 --- /dev/null +++ b/nixos/modules/services/networking/xrdp.nix @@ -0,0 +1,150 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.xrdp; + confDir = pkgs.runCommand "xrdp.conf" { } '' + mkdir $out + + cp ${cfg.package}/etc/xrdp/{km-*,xrdp,sesman,xrdp_keyboard}.ini $out + + ${cfg.package}/bin/xrdp-keygen xrdp $out/rsakeys.ini + + cat > $out/startwm.sh <waitForX; + $client->waitForFile("/home/alice/.Xauthority"); + $client->succeed("xauth merge ~alice/.Xauthority"); + + $client->sleep(5); + + $client->execute("xterm &"); + $client->sleep(1); + $client->sendChars("xfreerdp /cert-tofu /w:640 /h:480 /v:127.0.0.1 /u:alice /p:foobar\n"); + $client->sleep(5); + $client->screenshot("localrdp"); + + $client->execute("xterm &"); + $client->sleep(1); + $client->sendChars("xfreerdp /cert-tofu /w:640 /h:480 /v:server /u:alice /p:foobar\n"); + $client->sleep(5); + $client->screenshot("remoterdp"); + ''; +}) diff --git a/pkgs/applications/networking/remote/xrdp/default.nix b/pkgs/applications/networking/remote/xrdp/default.nix new file mode 100644 index 000000000000..647e6b6dcb97 --- /dev/null +++ b/pkgs/applications/networking/remote/xrdp/default.nix @@ -0,0 +1,111 @@ +{ stdenv, fetchFromGitHub, fetchpatch, pkgconfig, which, perl, autoconf, automake, libtool, openssl, systemd, pam, fuse, libjpeg, libopus, nasm, xorg }: + +let + xorgxrdp = stdenv.mkDerivation rec { + name = "xorgxrdp-${version}"; + version = "0.2.0"; + + src = fetchFromGitHub { + owner = "neutrinolabs"; + repo = "xorgxrdp"; + rev = "v${version}"; + sha256 = "125mv7lm2ns1gdgz6zf647d3pay8if8506rclb3312wwa5qfd2hn"; + }; + + nativeBuildInputs = [ pkgconfig autoconf automake which libtool nasm ]; + + buildInputs = [ xorg.xorgserver ]; + + postPatch = '' + # patch from Debian, allows to run xrdp daemon under unprivileged user + substituteInPlace module/rdpClientCon.c \ + --replace 'g_sck_listen(dev->listen_sck);' 'g_sck_listen(dev->listen_sck); g_chmod_hex(dev->uds_data, 0x0660);' + + substituteInPlace configure.ac \ + --replace 'moduledir=`pkg-config xorg-server --variable=moduledir`' "moduledir=$out/lib/xorg/modules" \ + --replace 'sysconfdir="/etc"' "sysconfdir=$out/etc" + ''; + + preConfigure = "./bootstrap"; + + configureFlags = [ "XRDP_CFLAGS=-I${xrdp.src}/common" ]; + + enableParallelBuilding = true; + }; + + xrdp = stdenv.mkDerivation rec { + version = "0.9.1"; + rev = "0920933"; # Fixes https://github.com/neutrinolabs/xrdp/issues/609; not a patch on top of the official repo because "xorgxrdp.configureFlags" above includes "xrdp.src" which must be fixed already + name = "xrdp-${version}.${rev}"; + + src = fetchFromGitHub { + owner = "volth"; + repo = "xrdp"; + rev = rev; + fetchSubmodules = true; + sha256 = "0a000h82728vp0abvjk2m03nqqiw2lky7kqk41b70cyd3bp0vdnz"; + }; + + nativeBuildInputs = [ pkgconfig autoconf automake which libtool nasm ]; + + buildInputs = [ openssl systemd pam fuse libjpeg libopus xorg.libX11 xorg.libXfixes xorg.libXrandr ]; + + postPatch = '' + substituteInPlace sesman/xauth.c --replace "xauth -q" "${xorg.xauth}/bin/xauth -q" + substituteInPlace common/file_loc.h --replace /etc/xrdp $out/etc/xrdp --replace /usr/local $out + substituteInPlace instfiles/xrdp.sh --replace /etc/xrdp $out/etc/xrdp --replace /usr/local $out + ''; + + preConfigure = '' + (cd librfxcodec && ./bootstrap && ./configure --prefix=$out --enable-static --disable-shared) + ./bootstrap + ''; + dontDisableStatic = true; + configureFlags = [ "--with-systemdsystemunitdir=./do-not-install" "--enable-ipv6" "--enable-jpeg" "--enable-fuse" "--enable-rfxcodec" "--enable-opus" ]; + + installFlags = [ "DESTDIR=$(out)" "prefix=" ]; + + postInstall = '' + # remove generated keys as non-determenistic + rm $out/etc/xrdp/{rsakeys.ini,key.pem,cert.pem} + + cp $src/keygen/openssl.conf $out/share/xrdp/openssl.conf + + substituteInPlace $out/etc/xrdp/sesman.ini --replace /etc/xrdp/pulse $out/etc/xrdp/pulse + + # remove all session types except Xorg (they are not supported by this setup) + ${perl}/bin/perl -i -ne 'print unless /\[(X11rdp|Xvnc|console|vnc-any|sesman-any|rdp-any|neutrinordp-any)\]/ .. /^$/' $out/etc/xrdp/xrdp.ini + + # remove all session types and then add Xorg + ${perl}/bin/perl -i -ne 'print unless /\[(X11rdp|Xvnc|Xorg)\]/ .. /^$/' $out/etc/xrdp/sesman.ini + + cat >> $out/etc/xrdp/sesman.ini < Date: Fri, 31 Mar 2017 01:37:06 +0000 Subject: [PATCH 2/3] xrdp: 0.9.1 -> 0.9.2 --- .../networking/remote/xrdp/default.nix | 19 +++++++------------ 1 file changed, 7 insertions(+), 12 deletions(-) diff --git a/pkgs/applications/networking/remote/xrdp/default.nix b/pkgs/applications/networking/remote/xrdp/default.nix index 647e6b6dcb97..8079a0aabe66 100644 --- a/pkgs/applications/networking/remote/xrdp/default.nix +++ b/pkgs/applications/networking/remote/xrdp/default.nix @@ -3,13 +3,13 @@ let xorgxrdp = stdenv.mkDerivation rec { name = "xorgxrdp-${version}"; - version = "0.2.0"; + version = "0.2.1"; src = fetchFromGitHub { owner = "neutrinolabs"; repo = "xorgxrdp"; rev = "v${version}"; - sha256 = "125mv7lm2ns1gdgz6zf647d3pay8if8506rclb3312wwa5qfd2hn"; + sha256 = "13713qs1v79xa02iw6vaj9b2q62ix770a32z56ql05d6yvfdsfhi"; }; nativeBuildInputs = [ pkgconfig autoconf automake which libtool nasm ]; @@ -34,8 +34,8 @@ let }; xrdp = stdenv.mkDerivation rec { - version = "0.9.1"; - rev = "0920933"; # Fixes https://github.com/neutrinolabs/xrdp/issues/609; not a patch on top of the official repo because "xorgxrdp.configureFlags" above includes "xrdp.src" which must be fixed already + version = "0.9.2"; + rev = "48c26a3"; # Fixes https://github.com/neutrinolabs/xrdp/issues/609; not a patch on top of the official repo because "xorgxrdp.configureFlags" above includes "xrdp.src" which must be fixed already name = "xrdp-${version}.${rev}"; src = fetchFromGitHub { @@ -43,7 +43,7 @@ let repo = "xrdp"; rev = rev; fetchSubmodules = true; - sha256 = "0a000h82728vp0abvjk2m03nqqiw2lky7kqk41b70cyd3bp0vdnz"; + sha256 = "0zs03amshmvy65d26vsv31n9jflkjf43vsjhg4crzifka3vz9p16"; }; nativeBuildInputs = [ pkgconfig autoconf automake which libtool nasm ]; @@ -52,8 +52,6 @@ let postPatch = '' substituteInPlace sesman/xauth.c --replace "xauth -q" "${xorg.xauth}/bin/xauth -q" - substituteInPlace common/file_loc.h --replace /etc/xrdp $out/etc/xrdp --replace /usr/local $out - substituteInPlace instfiles/xrdp.sh --replace /etc/xrdp $out/etc/xrdp --replace /usr/local $out ''; preConfigure = '' @@ -66,8 +64,8 @@ let installFlags = [ "DESTDIR=$(out)" "prefix=" ]; postInstall = '' - # remove generated keys as non-determenistic - rm $out/etc/xrdp/{rsakeys.ini,key.pem,cert.pem} + # remove generated keys (as non-determenistic) and upstart script + rm $out/etc/xrdp/{rsakeys.ini,key.pem,cert.pem,xrdp.sh} cp $src/keygen/openssl.conf $out/share/xrdp/openssl.conf @@ -85,9 +83,6 @@ let param=${xorg.xorgserver}/bin/Xorg param=-modulepath param=${xorgxrdp}/lib/xorg/modules,${xorg.xorgserver}/lib/xorg/modules - ; the following two lines are needless after https://github.com/NixOS/nixpkgs/pull/21653 - param=-xkbdir - param=${xorg.xkeyboardconfig}/share/X11/xkb param=-config param=${xorgxrdp}/etc/X11/xrdp/xorg.conf param=-noreset From 5e8ad49de81c023663912a078db88c351771e977 Mon Sep 17 00:00:00 2001 From: Volth Date: Sat, 29 Apr 2017 17:23:21 +0000 Subject: [PATCH 3/3] do not create non-deterministic file (rsakeys.ini) in nixstore --- nixos/modules/services/networking/xrdp.nix | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/nixos/modules/services/networking/xrdp.nix b/nixos/modules/services/networking/xrdp.nix index 5923e436d648..bf59130ce5b9 100644 --- a/nixos/modules/services/networking/xrdp.nix +++ b/nixos/modules/services/networking/xrdp.nix @@ -9,16 +9,15 @@ let cp ${cfg.package}/etc/xrdp/{km-*,xrdp,sesman,xrdp_keyboard}.ini $out - ${cfg.package}/bin/xrdp-keygen xrdp $out/rsakeys.ini - cat > $out/startwm.sh <