Merge pull request #47676 from matthewbauer/security-mojave-fix

haskell: fix x509-system on mojave
2024-09-29 00:27:49 +03:00 · 2018-10-02 15:18:39 -05:00 · 2018-10-02 15:18:39 -05:00 · a88b8da554
commit a88b8da554
parent 1643967b8d 300ff965ae
1 changed files with 9 additions and 1 deletions
--- a/pkgs/development/haskell-modules/configuration-nix.nix
+++ b/pkgs/development/haskell-modules/configuration-nix.nix
@ -131,8 +131,16 @@ self: super: builtins.intersectAttrs super {
  x509-system = if pkgs.stdenv.hostPlatform.isDarwin && !pkgs.stdenv.cc.nativeLibc
    then let inherit (pkgs.darwin) security_tool;
      in pkgs.lib.overrideDerivation (addBuildDepend super.x509-system security_tool) (drv: {
+        # darwin.security_tool is broken in Mojave (#45042)
+
+        # We will use the system provided security for now.
+        # Beware this WILL break in sandboxes!
+
+        # TODO(matthewbauer): If someone really needs this to work in sandboxes,
+        # I think we can add a propagatedImpureHost dep here, but I’m hoping to
+        # get a proper fix available soonish.
        postPatch = (drv.postPatch or "") + ''
-          substituteInPlace System/X509/MacOS.hs --replace security ${security_tool}/bin/security
+          substituteInPlace System/X509/MacOS.hs --replace security /usr/bin/security
        '';
      })
    else super.x509-system;