diff --git a/pkgs/by-name/mu/mullvad-browser/package.nix b/pkgs/by-name/mu/mullvad-browser/package.nix index 4e9fb3c5c866b..4a71136aa3d45 100644 --- a/pkgs/by-name/mu/mullvad-browser/package.nix +++ b/pkgs/by-name/mu/mullvad-browser/package.nix @@ -7,6 +7,7 @@ , writeText , wrapGAppsHook3 , autoPatchelfHook +, patchelfUnstable # have to use patchelfUnstable to support --no-clobber-old-sections , callPackage , atk @@ -125,7 +126,13 @@ stdenv.mkDerivation rec { src = sources.${stdenv.hostPlatform.system} or (throw "unsupported system: ${stdenv.hostPlatform.system}"); - nativeBuildInputs = [ copyDesktopItems makeWrapper wrapGAppsHook3 autoPatchelfHook ]; + nativeBuildInputs = [ + autoPatchelfHook + patchelfUnstable + copyDesktopItems + makeWrapper + wrapGAppsHook3 + ]; buildInputs = [ gtk3 alsa-lib @@ -133,6 +140,9 @@ stdenv.mkDerivation rec { libXtst ]; + # Firefox uses "relrhack" to manually process relocations from a fixed offset + patchelfFlags = [ "--no-clobber-old-sections" ]; + preferLocalBuild = true; allowSubstitutes = false; @@ -165,7 +175,8 @@ stdenv.mkDerivation rec { tar xf "$src" -C "$MB_IN_STORE" --strip-components=2 pushd "$MB_IN_STORE" - patchelf --set-interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" "mullvadbrowser.real" + # Set ELF interpreter + autoPatchelf mullvadbrowser.real # mullvadbrowser is a wrapper that checks for a more recent libstdc++ & appends it to the ld path mv mullvadbrowser.real mullvadbrowser diff --git a/pkgs/by-name/to/tor-browser/package.nix b/pkgs/by-name/to/tor-browser/package.nix index 32b04dba1f348..ced550e211703 100644 --- a/pkgs/by-name/to/tor-browser/package.nix +++ b/pkgs/by-name/to/tor-browser/package.nix @@ -6,6 +6,7 @@ , makeWrapper , writeText , autoPatchelfHook +, patchelfUnstable # have to use patchelfUnstable to support --no-clobber-old-sections , wrapGAppsHook3 , callPackage @@ -144,7 +145,13 @@ stdenv.mkDerivation rec { src = sources.${stdenv.hostPlatform.system} or (throw "unsupported system: ${stdenv.hostPlatform.system}"); - nativeBuildInputs = [ autoPatchelfHook copyDesktopItems makeWrapper wrapGAppsHook3 ]; + nativeBuildInputs = [ + autoPatchelfHook + patchelfUnstable + copyDesktopItems + makeWrapper + wrapGAppsHook3 + ]; buildInputs = [ gtk3 alsa-lib @@ -152,6 +159,9 @@ stdenv.mkDerivation rec { libXtst ]; + # Firefox uses "relrhack" to manually process relocations from a fixed offset + patchelfFlags = [ "--no-clobber-old-sections" ]; + preferLocalBuild = true; allowSubstitutes = false; @@ -178,7 +188,6 @@ stdenv.mkDerivation rec { # For convenience ... TBB_IN_STORE=$out/share/tor-browser - interp=$(< $NIX_CC/nix-support/dynamic-linker) # Unpack & enter mkdir -p "$TBB_IN_STORE" @@ -186,10 +195,7 @@ stdenv.mkDerivation rec { pushd "$TBB_IN_STORE" # Set ELF interpreter - for exe in firefox.real TorBrowser/Tor/tor ; do - echo "Setting ELF interpreter on $exe ..." >&2 - patchelf --set-interpreter "$interp" "$exe" - done + autoPatchelf firefox.real TorBrowser/Tor # firefox is a wrapper that checks for a more recent libstdc++ & appends it to the ld path mv firefox.real firefox @@ -210,16 +216,6 @@ stdenv.mkDerivation rec { substituteInPlace TorBrowser/Data/Tor/torrc-defaults \ --replace-fail './TorBrowser' "$TBB_IN_STORE/TorBrowser" - # Fixup obfs transport. Work around patchelf failing to set - # interpreter for pre-compiled Go binaries by invoking the interpreter - # directly. - sed -i TorBrowser/Data/Tor/torrc-defaults \ - -e "s|\(ClientTransportPlugin meek_lite,obfs2,obfs3,obfs4,scramblesuit\) exec|\1 exec $interp|" - - # Similarly fixup snowflake - sed -i TorBrowser/Data/Tor/torrc-defaults \ - -e "s|\(ClientTransportPlugin snowflake\) exec|\1 exec $interp|" - # Prepare for autoconfig. # # See https://developer.mozilla.org/en-US/Firefox/Enterprise_deployment