diff options
author | Robin Gloster <mail@glob.in> | 2016-03-15 01:44:24 +0000 |
---|---|---|
committer | Robin Gloster <mail@glob.in> | 2016-03-15 01:44:24 +0000 |
commit | 3f45f0948d6fe158bed063adb66850ded0ba4861 (patch) | |
tree | ac717689d391d3f5333132fc34e4b2aed829414c /pkgs/os-specific/linux | |
parent | a9b942c0617b1cd5f0732d05eadad0114a178f37 (diff) | |
parent | d227d9a70e41d65e4e6f4ac75a9d243c5a19fa85 (diff) | |
download | nixpkgs-3f45f0948d6fe158bed063adb66850ded0ba4861.tar nixpkgs-3f45f0948d6fe158bed063adb66850ded0ba4861.tar.gz nixpkgs-3f45f0948d6fe158bed063adb66850ded0ba4861.tar.bz2 nixpkgs-3f45f0948d6fe158bed063adb66850ded0ba4861.tar.lz nixpkgs-3f45f0948d6fe158bed063adb66850ded0ba4861.tar.xz nixpkgs-3f45f0948d6fe158bed063adb66850ded0ba4861.tar.zst nixpkgs-3f45f0948d6fe158bed063adb66850ded0ba4861.zip |
Merge remote-tracking branch 'upstream/master' into hardened-stdenv
Diffstat (limited to 'pkgs/os-specific/linux')
19 files changed, 237 insertions, 72 deletions
diff --git a/pkgs/os-specific/linux/firmware/raspberrypi/default.nix b/pkgs/os-specific/linux/firmware/raspberrypi/default.nix index 4d875d15d48..dc0b061af14 100644 --- a/pkgs/os-specific/linux/firmware/raspberrypi/default.nix +++ b/pkgs/os-specific/linux/firmware/raspberrypi/default.nix @@ -17,6 +17,11 @@ in stdenv.mkDerivation { cp -R boot/* $out/share/raspberrypi/boot cp -R hardfp/opt/vc/* $out cp opt/vc/LICENCE $out/share/raspberrypi + + for f in $out/bin/*; do + patchelf --set-interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" "$f" + patchelf --set-rpath "$out/lib" "$f" + done ''; meta = { diff --git a/pkgs/os-specific/linux/htop/default.nix b/pkgs/os-specific/linux/htop/default.nix index b722815f295..946b44346ab 100644 --- a/pkgs/os-specific/linux/htop/default.nix +++ b/pkgs/os-specific/linux/htop/default.nix @@ -1,26 +1,21 @@ -{ fetchFromGitHub, stdenv, autoreconfHook, ncurses }: +{ fetchurl, stdenv, ncurses }: stdenv.mkDerivation rec { - name = "htop-2.0.0"; + name = "htop-${version}"; + version = "2.0.1"; - src = fetchFromGitHub { - sha256 = "1z8rzf3ndswk3090qypl0bqzq9f32w0ik2k5x4zd7jg4hkx66k7z"; - rev = "2.0.0"; - repo = "htop"; - owner = "hishamhm"; + src = fetchurl { + sha256 = "0rjn9ybqx5sav7z4gn18f1q6k23nmqyb6yydfgghzdznz9nn447l"; + url = "http://hisham.hm/htop/releases/${version}/${name}.tar.gz"; }; buildInputs = [ ncurses ]; - nativeBuildInputs = [ autoreconfHook ]; - postPatch = '' - touch *.h */*.h # unnecessary regeneration requires Python - ''; - - meta = { + meta = with stdenv.lib; { description = "An interactive process viewer for Linux"; - homepage = "http://htop.sourceforge.net"; - platforms = stdenv.lib.platforms.linux; - maintainers = with stdenv.lib.maintainers; [ rob simons relrod ]; + homepage = http://htop.sourceforge.net; + license = licenses.gpl2Plus; + platforms = platforms.linux; + maintainers = with maintainers; [ rob simons relrod nckx ]; }; } diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix index 254910cf842..f3dd32386bc 100644 --- a/pkgs/os-specific/linux/kernel/common-config.nix +++ b/pkgs/os-specific/linux/kernel/common-config.nix @@ -478,7 +478,9 @@ with stdenv.lib; ''} ${optionalString (versionAtLeast version "3.7") '' MEDIA_USB_SUPPORT y - MEDIA_PCI_SUPPORT y + ${optionalString (!(features.chromiumos or false)) '' + MEDIA_PCI_SUPPORT y + ''} ''} # Our initrd init uses shebang scripts, so can't be modular. diff --git a/pkgs/os-specific/linux/kernel/grsec-path.patch b/pkgs/os-specific/linux/kernel/grsecurity-path-3.14.patch index 6f477c22b5e..6f477c22b5e 100644 --- a/pkgs/os-specific/linux/kernel/grsec-path.patch +++ b/pkgs/os-specific/linux/kernel/grsecurity-path-3.14.patch diff --git a/pkgs/os-specific/linux/kernel/grsecurity-path-4.4.patch b/pkgs/os-specific/linux/kernel/grsecurity-path-4.4.patch new file mode 100644 index 00000000000..bef1a75c23d --- /dev/null +++ b/pkgs/os-specific/linux/kernel/grsecurity-path-4.4.patch @@ -0,0 +1,18 @@ +diff --git a/kernel/kmod.c b/kernel/kmod.c +index a689506..30747b4 100644 +--- a/kernel/kmod.c ++++ b/kernel/kmod.c +@@ -294,11 +294,8 @@ static int ____call_usermodehelper(void *data) + out the path to be used prior to this point and are now operating + on that copy + */ +- if ((strncmp(sub_info->path, "/sbin/", 6) && strncmp(sub_info->path, "/usr/lib/", 9) && +- strncmp(sub_info->path, "/lib/", 5) && strncmp(sub_info->path, "/lib64/", 7) && +- strncmp(sub_info->path, "/usr/libexec/", 13) && strncmp(sub_info->path, "/usr/bin/", 9) && +- strncmp(sub_info->path, "/usr/sbin/", 10) && +- strcmp(sub_info->path, "/usr/share/apport/apport")) || strstr(sub_info->path, "..")) { ++ if ((strncmp(sub_info->path, "/sbin/", 6) && strncmp(sub_info->path, "/nix/store/", 11) && ++ strncmp(sub_info->path, "/run/current-system/systemd/lib/", 32)) || strstr(sub_info->path, "..")) { + printk(KERN_ALERT "grsec: denied exec of usermode helper binary %.950s located outside of permitted system paths\n", sub_info->path); + retval = -EPERM; + goto out; diff --git a/pkgs/os-specific/linux/kernel/linux-4.4.nix b/pkgs/os-specific/linux/kernel/linux-4.4.nix index 6819dfedb13..36181308a8b 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.4.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.4.nix @@ -1,12 +1,12 @@ { stdenv, fetchurl, perl, buildLinux, ... } @ args: import ./generic.nix (args // rec { - version = "4.4.4"; + version = "4.4.5"; extraMeta.branch = "4.4"; src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "0b4190mwmxf329n16yl32my7dfi02pi7qf39a8v61sl9b2gxffad"; + sha256 = "1daavrj2msl85aijh1izfm1cwf14c7mi75hldzidr1h2v629l89h"; }; kernelPatches = args.kernelPatches; diff --git a/pkgs/os-specific/linux/kernel/linux-grsecurity-3.14.nix b/pkgs/os-specific/linux/kernel/linux-grsecurity-3.14.nix new file mode 100644 index 00000000000..a67a91b4d0c --- /dev/null +++ b/pkgs/os-specific/linux/kernel/linux-grsecurity-3.14.nix @@ -0,0 +1,19 @@ +{ stdenv, fetchurl, perl, buildLinux, ... } @ args: + +import ./generic.nix (args // rec { + version = "3.14.51"; + extraMeta.branch = "3.14"; + + src = fetchurl { + url = "mirror://kernel/linux/kernel/v3.x/linux-${version}.tar.xz"; + sha256 = "1gqsd69cqijff4c4br4ydmcjl226d0yy6vrmgfvy16xiraavq1mk"; + }; + + kernelPatches = args.kernelPatches; + + features.iwlwifi = true; + features.efiBootStub = true; + features.needsCifsUtils = true; + features.canDisableNetfilterConntrackHelpers = true; + features.netfilterRPFilter = true; +} // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-grsecurity-4.1.nix b/pkgs/os-specific/linux/kernel/linux-grsecurity-4.1.nix new file mode 100644 index 00000000000..4359f4586c5 --- /dev/null +++ b/pkgs/os-specific/linux/kernel/linux-grsecurity-4.1.nix @@ -0,0 +1,19 @@ +{ stdenv, fetchurl, perl, buildLinux, ... } @ args: + +import ./generic.nix (args // rec { + version = "4.1.7"; + extraMeta.branch = "4.1"; + + src = fetchurl { + url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; + sha256 = "0g1dnvak0pd03d4miy1025bw64wq71w29a058dzspdr6jcf9qwbn"; + }; + + kernelPatches = args.kernelPatches; + + features.iwlwifi = true; + features.efiBootStub = true; + features.needsCifsUtils = true; + features.canDisableNetfilterConntrackHelpers = true; + features.netfilterRPFilter = true; +} // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-grsecurity-4.4.nix b/pkgs/os-specific/linux/kernel/linux-grsecurity-4.4.nix new file mode 100644 index 00000000000..36181308a8b --- /dev/null +++ b/pkgs/os-specific/linux/kernel/linux-grsecurity-4.4.nix @@ -0,0 +1,19 @@ +{ stdenv, fetchurl, perl, buildLinux, ... } @ args: + +import ./generic.nix (args // rec { + version = "4.4.5"; + extraMeta.branch = "4.4"; + + src = fetchurl { + url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; + sha256 = "1daavrj2msl85aijh1izfm1cwf14c7mi75hldzidr1h2v629l89h"; + }; + + kernelPatches = args.kernelPatches; + + features.iwlwifi = true; + features.efiBootStub = true; + features.needsCifsUtils = true; + features.canDisableNetfilterConntrackHelpers = true; + features.netfilterRPFilter = true; +} // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/patches.nix b/pkgs/os-specific/linux/kernel/patches.nix index 3f7afd90322..67f6ad9c94a 100644 --- a/pkgs/os-specific/linux/kernel/patches.nix +++ b/pkgs/os-specific/linux/kernel/patches.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl }: +{ stdenv, fetchurl, pkgs }: let @@ -18,11 +18,14 @@ let }; }; - grsecPatch = { grversion ? "3.1", kversion, revision, branch, sha256 }: + grsecPatch = { grversion ? "3.1", kernel, patches, kversion, revision, branch ? "test", sha256 }: + assert kversion == kernel.version; { name = "grsecurity-${grversion}-${kversion}"; - inherit grversion kversion revision; + inherit grversion kernel patches kversion revision; patch = fetchurl { - url = "https://github.com/slashbeast/grsecurity-scrape/blob/master/${branch}/grsecurity-${grversion}-${kversion}-${revision}.patch?raw=true"; + url = if branch == "stable" + then "https://github.com/kdave/grsecurity-patches/blob/master/grsecurity_patches/grsecurity-${grversion}-${kversion}-${revision}.patch?raw=true" + else "https://github.com/slashbeast/grsecurity-scrape/blob/master/${branch}/grsecurity-${grversion}-${kversion}-${revision}.patch?raw=true"; inherit sha256; }; features.grsecurity = true; @@ -79,23 +82,41 @@ rec { sha256 = "00b1rqgd4yr206dxp4mcymr56ymbjcjfa4m82pxw73khj032qw3j"; }; - grsecurity_stable = grsecPatch - { kversion = "3.14.51"; + grsecurity_3_14 = grsecPatch + { kernel = pkgs.grsecurity_base_linux_3_14; + patches = [ grsecurity_fix_path_3_14 ]; + kversion = "3.14.51"; revision = "201508181951"; branch = "stable"; sha256 = "1sp1gwa7ahzflq7ayb51bg52abrn5zx1hb3pff3axpjqq7vfai6f"; }; - grsecurity_unstable = grsecPatch - { kversion = "4.3.4"; - revision = "201601231215"; - branch = "test"; - sha256 = "1dacld4zlp8mk6ykc0f1v5crppvq3znbdw9rwfrf6qi90984x0mr"; + grsecurity_4_1 = grsecPatch + { kernel = pkgs.grsecurity_base_linux_4_1; + patches = [ grsecurity_fix_path_3_14 ]; + kversion = "4.1.7"; + revision = "201509201149"; + sha256 = "1agv8c3c4vmh5algbzmrq2f6vwk72rikrlcbm4h7jbrb9js6fxk4"; }; - grsec_fix_path = - { name = "grsec-fix-path"; - patch = ./grsec-path.patch; + grsecurity_4_4 = grsecPatch + { kernel = pkgs.grsecurity_base_linux_4_4; + patches = [ grsecurity_fix_path_4_4 ]; + kversion = "4.4.5"; + revision = "201603131305"; + sha256 = "04k4nhshl6r5n41ha5620s7cd70dmmmvyf9mnn5359jr1720kxpf"; + }; + + grsecurity_latest = grsecurity_4_4; + + grsecurity_fix_path_3_14 = + { name = "grsecurity-fix-path-3.14"; + patch = ./grsecurity-path-3.14.patch; + }; + + grsecurity_fix_path_4_4 = + { name = "grsecurity-fix-path-4.4"; + patch = ./grsecurity-path-4.4.patch; }; crc_regression = diff --git a/pkgs/os-specific/linux/macchanger/default.nix b/pkgs/os-specific/linux/macchanger/default.nix index b6ae89afbaf..c335031f2e5 100644 --- a/pkgs/os-specific/linux/macchanger/default.nix +++ b/pkgs/os-specific/linux/macchanger/default.nix @@ -1,12 +1,8 @@ { stdenv, fetchFromGitHub, autoreconfHook, texinfo }: -let - pname = "macchanger"; - version = "1.7.0"; -in - stdenv.mkDerivation rec { - name = "${pname}-${version}"; + name = "macchanger-${version}"; + version = "1.7.0"; src = fetchFromGitHub { owner = "alobbs"; @@ -15,13 +11,15 @@ stdenv.mkDerivation rec { sha256 = "1hypx6sxhd2b1nsxj314hpkhj7q4x9p2kfaaf20rjkkkig0nck9r"; }; - buildInputs = [ autoreconfHook texinfo ]; + nativeBuildInputs = [ autoreconfHook texinfo ]; + + outputs = [ "out" "info" ]; - meta = { + meta = with stdenv.lib; { description = "A utility for viewing/manipulating the MAC address of network interfaces"; - maintainers = [ stdenv.lib.maintainers.joachifm ]; - license = stdenv.lib.licenses.gpl2Plus; - homepage = "https://www.gnu.org/software/macchanger"; - platforms = stdenv.lib.platforms.linux; + maintainers = with maintainers; [ joachifm ]; + license = licenses.gpl2Plus; + homepage = https://www.gnu.org/software/macchanger; + platforms = platforms.linux; }; } diff --git a/pkgs/os-specific/linux/mba6x_bl/default.nix b/pkgs/os-specific/linux/mba6x_bl/default.nix new file mode 100644 index 00000000000..010bda4bb15 --- /dev/null +++ b/pkgs/os-specific/linux/mba6x_bl/default.nix @@ -0,0 +1,32 @@ +{ fetchFromGitHub, kernel, stdenv }: + +with stdenv.lib; + +let pkgName = "mba6x_bl"; +in + +stdenv.mkDerivation rec { + name = "${pkgName}-2016-02-12"; + + src = fetchFromGitHub { + owner = "patjak"; + repo = pkgName; + rev = "9c2de8a24e7d4e8506170a19d32d6f11f380a142"; + sha256 = "1zaypai8lznqcaszb6an643amsvr5qjnqj6aq6jkr0qk37x0fjff"; + }; + + enableParallelBuilding = true; + + makeFlags = [ + "KDIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" + "INSTALL_MOD_PATH=$(out)" + ]; + + meta = { + description = "MacBook Air 6,1 and 6,2 (mid 2013) backlight driver"; + homepage = "https://github.com/patjak/mba6x_bl"; + license = licenses.gpl2; + platforms = platforms.linux; + maintainers = [ maintainers.simonvandel ]; + }; +} diff --git a/pkgs/os-specific/linux/nvidia-x11/beta.nix b/pkgs/os-specific/linux/nvidia-x11/beta.nix index d3111a4f75a..d53d5e19d40 100644 --- a/pkgs/os-specific/linux/nvidia-x11/beta.nix +++ b/pkgs/os-specific/linux/nvidia-x11/beta.nix @@ -12,7 +12,7 @@ assert (!libsOnly) -> kernel != null; let - versionNumber = "349.12"; + versionNumber = "361.18"; # Policy: use the highest stable version as the default (on our master). inherit (stdenv.lib) makeLibraryPath; @@ -27,13 +27,13 @@ stdenv.mkDerivation { src = if stdenv.system == "i686-linux" then fetchurl { - url = "http://us.download.nvidia.com/XFree86/Linux-x86/${versionNumber}/NVIDIA-Linux-x86-${versionNumber}.run"; - sha256 = "0x9zfw66nxv98zpkdkymlyqzspksk850bhfmza7g7pba4yba085h"; + url = "http://download.nvidia.com/XFree86/Linux-x86/${versionNumber}/NVIDIA-Linux-x86-${versionNumber}.run"; + sha256 = "1n6nrz59r3dgcpkcpr4yw997fygkpsdbv1x45c30w781w0j1q5s5"; } else if stdenv.system == "x86_64-linux" then fetchurl { - url = "http://us.download.nvidia.com/XFree86/Linux-x86_64/${versionNumber}/NVIDIA-Linux-x86_64-${versionNumber}-no-compat32.run"; - sha256 = "19mfkigzffxsik3h4bsjsl481q410h804fz3rdc7chs86q4bg9h3"; + url = "http://download.nvidia.com/XFree86/Linux-x86_64/${versionNumber}/NVIDIA-Linux-x86_64-${versionNumber}-no-compat32.run"; + sha256 = "12fi7vb697h38qh0f2j40q76yx9fqk6vwx20zfxhac3fvdhw2sj0"; } else throw "nvidia-x11 does not support platform ${stdenv.system}"; diff --git a/pkgs/os-specific/linux/nvidia-x11/builder.sh b/pkgs/os-specific/linux/nvidia-x11/builder.sh index c1f165c45dd..09c104f09e7 100755 --- a/pkgs/os-specific/linux/nvidia-x11/builder.sh +++ b/pkgs/os-specific/linux/nvidia-x11/builder.sh @@ -19,7 +19,7 @@ buildPhase() { sysSrc=$(echo $kernel/lib/modules/$kernelVersion/source) sysOut=$(echo $kernel/lib/modules/$kernelVersion/build) unset src # used by the nv makefile - make SYSSRC=$sysSrc SYSOUT=$sysOut module + make SYSSRC=$sysSrc SYSOUT=$sysOut module "-j${NIX_BUILD_CORES}" "-l${NIX_BUILD_CORES}" cd .. fi @@ -34,6 +34,14 @@ installPhase() { cp -prd *.so.* tls "$out/lib/" rm "$out"/lib/lib{glx,nvidia-wfb}.so.* # handled separately + # According to nvidia, we're supposed to use GLVND. + # But so far I've failed to make any applications run using that stack. + # + # If you want to try it, swap the two lines below. + + #rm "$out"/lib/libGL.so.${versionNumber} # Non-GLVND + rm $out/lib/libGL.so.1.* # GLVND + if test -z "$libsOnly"; then # Install the X drivers. mkdir -p $out/lib/xorg/modules @@ -61,7 +69,7 @@ installPhase() { libname_short=`echo -n "$libname" | sed 's/so\..*/so/'` # nvidia's EGL stack seems to expect libGLESv2.so.2 to be available - if [ $(basename "$libname_short") == "libGLESv2.so" ]; then + if [ $(basename "$libname_short") == "libGLESv2.so" -a "$libname" != "$libname_short.2" ]; then ln -srnf "$libname" "$libname_short.2" fi @@ -119,9 +127,6 @@ installPhase() { # For simplicity and dependency reduction, don't support the gtk3 interface. rm $out/lib/libnvidia-gtk3.* - # We distribute these separately in `libvdpau` - rm "$out"/lib/libvdpau{.*,_trace.*} - # Move VDPAU libraries to their place mkdir "$out"/lib/vdpau mv "$out"/lib/libvdpau* "$out"/lib/vdpau diff --git a/pkgs/os-specific/linux/nvidia-x11/default.nix b/pkgs/os-specific/linux/nvidia-x11/default.nix index fff1135d311..86abeeaa824 100644 --- a/pkgs/os-specific/linux/nvidia-x11/default.nix +++ b/pkgs/os-specific/linux/nvidia-x11/default.nix @@ -12,7 +12,7 @@ assert (!libsOnly) -> kernel != null; let - versionNumber = "358.16"; + versionNumber = "361.28"; # Policy: use the highest stable version as the default (on our master). inherit (stdenv.lib) makeLibraryPath; @@ -28,12 +28,12 @@ stdenv.mkDerivation { if stdenv.system == "i686-linux" then fetchurl { url = "http://download.nvidia.com/XFree86/Linux-x86/${versionNumber}/NVIDIA-Linux-x86-${versionNumber}.run"; - sha256 = "1cc0zsri92nz2mznabfd6pqckm9mlbszmysqqqh3w5mipwn898nk"; + sha256 = "013l9hfjc7gyk5g2v2h71lwjmx4dqlkczsb17cz833fnadcrn4hs"; } else if stdenv.system == "x86_64-linux" then fetchurl { url = "http://download.nvidia.com/XFree86/Linux-x86_64/${versionNumber}/NVIDIA-Linux-x86_64-${versionNumber}-no-compat32.run"; - sha256 = "1xr16faam2zsx8ajwm9g9302m6qjzyjh1zd56g8jhc8jxg8h43sg"; + sha256 = "1kq335mdmwlgp0lp9z8wrwyh48p2xv2nwdlgfj7b83vsh6ib17a4"; } else throw "nvidia-x11 does not support platform ${stdenv.system}"; diff --git a/pkgs/os-specific/linux/nvidia-x11/legacy173.nix b/pkgs/os-specific/linux/nvidia-x11/legacy173.nix index 6bde91d0ffc..91813d67e1c 100644 --- a/pkgs/os-specific/linux/nvidia-x11/legacy173.nix +++ b/pkgs/os-specific/linux/nvidia-x11/legacy173.nix @@ -14,12 +14,12 @@ stdenv.mkDerivation { src = if stdenv.system == "i686-linux" then fetchurl { - url = "http://us.download.nvidia.com/XFree86/Linux-x86/${versionNumber}/NVIDIA-Linux-x86-${versionNumber}-pkg0.run"; + url = "http://download.nvidia.com/XFree86/Linux-x86/${versionNumber}/NVIDIA-Linux-x86-${versionNumber}-pkg0.run"; sha256 = "08xb7s7cxmj4zv4i3645kjhlhhwxiq6km9ixmsw3vv91f7rkb6d0"; } else if stdenv.system == "x86_64-linux" then fetchurl { - url = "http://us.download.nvidia.com/XFree86/Linux-x86_64/${versionNumber}/NVIDIA-Linux-x86_64-${versionNumber}-pkg0.run"; + url = "http://download.nvidia.com/XFree86/Linux-x86_64/${versionNumber}/NVIDIA-Linux-x86_64-${versionNumber}-pkg0.run"; sha256 = "1p2ls0xj81l8v4n6dbjj3p5wlw1iyhgzyvqcv4h5fdxhhs2cb3md"; } else throw "nvidia-x11 does not support platform ${stdenv.system}"; diff --git a/pkgs/os-specific/linux/nvidia-x11/legacy304.nix b/pkgs/os-specific/linux/nvidia-x11/legacy304.nix index 42e65f927b3..5cf3583e873 100644 --- a/pkgs/os-specific/linux/nvidia-x11/legacy304.nix +++ b/pkgs/os-specific/linux/nvidia-x11/legacy304.nix @@ -8,25 +8,23 @@ with stdenv.lib; -let versionNumber = "304.125"; in +let versionNumber = "304.131"; in stdenv.mkDerivation { name = "nvidia-x11-${versionNumber}${optionalString (!libsOnly) "-${kernel.version}"}"; builder = ./builder-legacy304.sh; - patches = [ ./nvidia-340.76-kernel-4.0.patch ]; - src = if stdenv.system == "i686-linux" then fetchurl { - url = "http://us.download.nvidia.com/XFree86/Linux-x86/${versionNumber}/NVIDIA-Linux-x86-${versionNumber}.run"; - sha256 = "1xy4g3yc73mb932cfr25as648k12sxpyymppb8nia3lijakv7idf"; + url = "http://download.nvidia.com/XFree86/Linux-x86/${versionNumber}/NVIDIA-Linux-x86-${versionNumber}.run"; + sha256 = "1a1d0fsahgijcvs2p59vwhs0dpp7pp2wmvgcs1i7fzl6yyv4nmfj"; } else if stdenv.system == "x86_64-linux" then fetchurl { - url = "http://us.download.nvidia.com/XFree86/Linux-x86_64/${versionNumber}/NVIDIA-Linux-x86_64-${versionNumber}-no-compat32.run"; - sha256 = "08p6hikn7pbfg0apnsbaqyyh2s9m5r0ckqzgjvxirn5qcyll0g5a"; + url = "http://download.nvidia.com/XFree86/Linux-x86_64/${versionNumber}/NVIDIA-Linux-x86_64-${versionNumber}-no-compat32.run"; + sha256 = "0gpqzb5gvhrcgrp3kph1p0yjkndx9wfzgh5j88ysrlflkv3q4vig"; } else throw "nvidia-x11 does not support platform ${stdenv.system}"; diff --git a/pkgs/os-specific/linux/pax-utils/default.nix b/pkgs/os-specific/linux/pax-utils/default.nix index a35b8181544..65cbf1c4589 100644 --- a/pkgs/os-specific/linux/pax-utils/default.nix +++ b/pkgs/os-specific/linux/pax-utils/default.nix @@ -2,21 +2,20 @@ stdenv.mkDerivation rec { name = "pax-utils-${version}"; - version = "1.1.1"; + version = "1.1.6"; src = fetchurl { - url = "http://dev.gentoo.org/~vapier/dist/${name}.tar.xz"; - sha256 = "0gldvyr96jgbcahq7rl3k4krzyhvlz95ckiqh3yhink56s5z58cy"; + url = "https://dev.gentoo.org/~vapier/dist/${name}.tar.xz"; + sha256 = "04hvsizzspfzfq6hhfif7ya9nwsc0cs6z6n2bq1zfh7agd8nqhzm"; }; makeFlags = [ - "DESTDIR=$(out)" "PREFIX=$(out)" ]; meta = with stdenv.lib; { description = "A suite of tools for PaX/grsecurity"; - homepage = "http://dev.gentoo.org/~vapier/dist/"; + homepage = "https://dev.gentoo.org/~vapier/dist/"; license = licenses.gpl2; platforms = platforms.linux; maintainers = with maintainers; [ thoughtpolice ]; diff --git a/pkgs/os-specific/linux/rtl8723bs/default.nix b/pkgs/os-specific/linux/rtl8723bs/default.nix new file mode 100644 index 00000000000..1739ac1faa7 --- /dev/null +++ b/pkgs/os-specific/linux/rtl8723bs/default.nix @@ -0,0 +1,35 @@ +{ stdenv, fetchFromGitHub, kernel }: + +let + ver = "c517f2b"; +in +stdenv.mkDerivation rec { + name = "rtl8723bs-${kernel.version}-c517f2b"; + + src = fetchFromGitHub { + owner = "hadess"; + repo = "rtl8723bs"; + rev = "c517f2bf8bcc3d57311252ea7cd49ae81466eead"; + sha256 = "0phzrhq85g52pi2b74a9sr9l2x6dzlz714k3pix486w2x5axw4xb"; + }; + + patchPhase = '' + substituteInPlace ./Makefile --replace /lib/modules/ "${kernel.dev}/lib/modules/" + substituteInPlace ./Makefile --replace '$(shell uname -r)' "${kernel.modDirVersion}" + substituteInPlace ./Makefile --replace /sbin/depmod # + substituteInPlace ./Makefile --replace '$(MODDESTDIR)' "$out/lib/modules/${kernel.modDirVersion}/kernel/net/wireless/" + substituteInPlace ./Makefile --replace '/lib/firmware' "$out/lib/firmware" + ''; + + preInstall = '' + mkdir -p "$out/lib/modules/${kernel.modDirVersion}/kernel/net/wireless/" + mkdir -p "$out/lib/firmware/rtlwifi" + ''; + + meta = { + description = "Realtek SDIO Wi-Fi driver"; + homepage = "https://github.com/hadess/rtl8723bs"; + license = stdenv.lib.licenses.gpl2; + platforms = [ "x86_64-linux" "i686-linux" ]; + }; +} |