{ config, stdenv, fetchurl, lib, acpica-tools, dev86, pam, libxslt, libxml2, wrapQtAppsHook , libX11, xorgproto, libXext, libXcursor, libXmu, libIDL, SDL, libcap, libGL , libpng, glib, lvm2, libXrandr, libXinerama, libopus, qtbase, qtx11extras , qttools, qtsvg, qtwayland, pkg-config, which, docbook_xsl, docbook_xml_dtd_43 , alsa-lib, curl, libvpx, nettools, dbus, substituteAll, gsoap, zlib , yasm, glslang # If open-watcom-bin is not passed, VirtualBox will fall back to use # the shipped alternative sources (assembly). , open-watcom-bin , makeself, perl , javaBindings ? true, jdk # Almost doesn't affect closure size , pythonBindings ? false, python3 , extensionPack ? null, fakeroot , pulseSupport ? config.pulseaudio or stdenv.isLinux, libpulseaudio , enableHardening ? false , headless ? false , enable32bitGuests ? true , enableWebService ? false }: with lib; let buildType = "release"; # Use maintainers/scripts/update.nix to update the version and all related hashes or # change the hashes in extpack.nix and guest-additions/default.nix as well manually. version = "7.0.6"; in stdenv.mkDerivation { pname = "virtualbox"; inherit version; src = fetchurl { url = "https://download.virtualbox.org/virtualbox/${version}/VirtualBox-${version}.tar.bz2"; sha256 = "f146d9a86a35af0abb010e628636fd800cb476cc2ce82f95b0c0ca876e1756ff"; }; outputs = [ "out" "modsrc" ]; nativeBuildInputs = [ pkg-config which docbook_xsl docbook_xml_dtd_43 yasm glslang ] ++ optional (!headless) wrapQtAppsHook; # Wrap manually because we wrap just a small number of executables. dontWrapQtApps = true; buildInputs = [ acpica-tools dev86 libxslt libxml2 xorgproto libX11 libXext libXcursor libIDL libcap glib lvm2 alsa-lib curl libvpx pam makeself perl libXmu libpng libopus python3 ] ++ optional javaBindings jdk ++ optional pythonBindings python3 # Python is needed even when not building bindings ++ optional pulseSupport libpulseaudio ++ optionals headless [ libXrandr libGL ] ++ optionals (!headless) [ qtbase qtx11extras libXinerama SDL ] ++ optionals enableWebService [ gsoap zlib ]; hardeningDisable = [ "format" "fortify" "pic" "stackprotector" ]; prePatch = '' set -x sed -e 's@MKISOFS --version@MKISOFS -version@' \ -e 's@PYTHONDIR=.*@PYTHONDIR=${lib.optionalString pythonBindings python3}@' \ -e 's@CXX_FLAGS="\(.*\)"@CXX_FLAGS="-std=c++11 \1"@' \ ${optionalString (!headless) '' -e 's@TOOLQT5BIN=.*@TOOLQT5BIN="${getDev qtbase}/bin"@' \ ''} -i configure ls kBuild/bin/linux.x86/k* tools/linux.x86/bin/* | xargs -n 1 patchelf --set-interpreter ${stdenv.cc.libc}/lib/ld-linux.so.2 ls kBuild/bin/linux.amd64/k* tools/linux.amd64/bin/* | xargs -n 1 patchelf --set-interpreter ${stdenv.cc.libc}/lib/ld-linux-x86-64.so.2 grep 'libpulse\.so\.0' src include -rI --files-with-match | xargs sed -i -e ' ${optionalString pulseSupport ''s@"libpulse\.so\.0"@"${libpulseaudio.out}/lib/libpulse.so.0"@g''}' grep 'libdbus-1\.so\.3' src include -rI --files-with-match | xargs sed -i -e ' s@"libdbus-1\.so\.3"@"${dbus.lib}/lib/libdbus-1.so.3"@g' grep 'libasound\.so\.2' src include -rI --files-with-match | xargs sed -i -e ' s@"libasound\.so\.2"@"${alsa-lib.out}/lib/libasound.so.2"@g' export USER=nix set +x ''; patches = optional enableHardening ./hardened.patch ++ [ ./extra_symbols.patch ] # When hardening is enabled, we cannot use wrapQtApp to ensure that VirtualBoxVM sees # the correct environment variables needed for Qt to work, specifically QT_PLUGIN_PATH. # This is because VirtualBoxVM would detect that it is wrapped that and refuse to run, # and also because it would unset QT_PLUGIN_PATH for security reasons. We work around # these issues by patching the code to set QT_PLUGIN_PATH to the necessary paths, # after the code that unsets it. Note that qtsvg is included so that SVG icons from # the user's icon theme can be loaded. ++ optional (!headless && enableHardening) (substituteAll { src = ./qt-env-vars.patch; qtPluginPath = "${qtbase.bin}/${qtbase.qtPluginPrefix}:${qtsvg.bin}/${qtbase.qtPluginPrefix}:${qtwayland.bin}/${qtbase.qtPluginPrefix}"; }) ++ [ ./qt-dependency-paths.patch # https://github.com/NixOS/nixpkgs/issues/123851 ./fix-audio-driver-loading.patch ]; postPatch = '' sed -i -e 's|/sbin/ifconfig|${nettools}/bin/ifconfig|' \ src/VBox/HostDrivers/adpctl/VBoxNetAdpCtl.cpp '' + optionalString headless '' # Fix compile error in version 6.1.6 substituteInPlace src/VBox/HostServices/SharedClipboard/VBoxSharedClipboardSvc-x11-stubs.cpp \ --replace PSHCLFORMATDATA PSHCLFORMATS ''; # first line: ugly hack, and it isn't yet clear why it's a problem configurePhase = '' NIX_CFLAGS_COMPILE=$(echo "$NIX_CFLAGS_COMPILE" | sed 's,\-isystem ${lib.getDev stdenv.cc.libc}/include,,g') cat >> LocalConfig.kmk <