summary refs log tree commit diff
path: root/pkgs/os-specific
diff options
context:
space:
mode:
authorVladimír Čunát <vcunat@gmail.com>2014-12-24 16:06:12 +0100
committerVladimír Čunát <vcunat@gmail.com>2014-12-24 16:06:12 +0100
commit3a2478605d66b73f598f3b1b930e87fa87785113 (patch)
treef4d18cbe8a5c394702fe904ef7c3a112e0950f1b /pkgs/os-specific
parenta5aa8f3efab82127dd2ffe2a6fc3dfbadd5d1d66 (diff)
parent3d9bbdb79418ab3b088bdbd7ab4688e3f6a15a36 (diff)
downloadnixpkgs-3a2478605d66b73f598f3b1b930e87fa87785113.tar
nixpkgs-3a2478605d66b73f598f3b1b930e87fa87785113.tar.gz
nixpkgs-3a2478605d66b73f598f3b1b930e87fa87785113.tar.bz2
nixpkgs-3a2478605d66b73f598f3b1b930e87fa87785113.tar.lz
nixpkgs-3a2478605d66b73f598f3b1b930e87fa87785113.tar.xz
nixpkgs-3a2478605d66b73f598f3b1b930e87fa87785113.tar.zst
nixpkgs-3a2478605d66b73f598f3b1b930e87fa87785113.zip
Merge 'master' into staging
Diffstat (limited to 'pkgs/os-specific')
-rw-r--r--pkgs/os-specific/linux/firejail/default.nix8


-rw-r--r--pkgs/os-specific/linux/iw/default.nix2


-rw-r--r--pkgs/os-specific/linux/kernel/linux-3.14.nix4


-rw-r--r--pkgs/os-specific/linux/kernel/linux-3.17.nix4


-rw-r--r--pkgs/os-specific/linux/kernel/patches.nix12


-rw-r--r--pkgs/os-specific/linux/lvm2/default.nix4


-rw-r--r--pkgs/os-specific/linux/macchanger/default.nix2


-rw-r--r--pkgs/os-specific/linux/nftables/default.nix8


-rwxr-xr-xpkgs/os-specific/linux/nvidia-x11/builder.sh107


-rw-r--r--pkgs/os-specific/linux/nvidia-x11/default.nix61


-rw-r--r--pkgs/os-specific/linux/nvidia-x11/legacy304.nix6


-rw-r--r--pkgs/os-specific/linux/nvidia-x11/legacy340.nix6


-rw-r--r--pkgs/os-specific/linux/ocz-toolbox/default.nix37


-rw-r--r--pkgs/os-specific/linux/sysdig/default.nix4


-rw-r--r--pkgs/os-specific/linux/sysstat/default.nix12


-rw-r--r--pkgs/os-specific/linux/sysstat/install.patch13


-rw-r--r--pkgs/os-specific/linux/systemd/default.nix5


-rw-r--r--pkgs/os-specific/linux/systemd/fixes.patch894


-rw-r--r--pkgs/os-specific/linux/systemd/systemd-journald-type-notify.patch35


-rw-r--r--pkgs/os-specific/linux/v86d/default.nix2


20 files changed, 1140 insertions, 86 deletions
diff --git a/pkgs/os-specific/linux/firejail/default.nix b/pkgs/os-specific/linux/firejail/default.nix
index eb8e7cf390a..9f3397fc8ef 100644
--- a/pkgs/os-specific/linux/firejail/default.nix
+++ b/pkgs/os-specific/linux/firejail/default.nix
@@ -3,11 +3,11 @@ let
   s = # Generated upstream information
   rec {
     baseName="firejail";
-    version="0.9.16";
+    version="0.9.18";
     name="${baseName}-${version}";
-    hash="1213ln6rqb1w0ba98zwi5p40f7gzpz4rqn621zz72v0z1q1vfkrp";
-    url="mirror://sourceforge/project/firejail/firejail/firejail-0.9.16-rc1.tar.bz2";
-    sha256="1213ln6rqb1w0ba98zwi5p40f7gzpz4rqn621zz72v0z1q1vfkrp";
+    hash="0qsjbnx9xzvzcbq7wdcf51v5abi4ml9jsai7w6xmns51qx4325a2";
+    url="mirror://sourceforge/project/firejail/firejail/firejail-0.9.18-rc1.tar.bz2";
+    sha256="0qsjbnx9xzvzcbq7wdcf51v5abi4ml9jsai7w6xmns51qx4325a2";
   };
   buildInputs = [
   ];
diff --git a/pkgs/os-specific/linux/iw/default.nix b/pkgs/os-specific/linux/iw/default.nix
index a3b2f23c8c7..262b673822b 100644
--- a/pkgs/os-specific/linux/iw/default.nix
+++ b/pkgs/os-specific/linux/iw/default.nix
@@ -17,7 +17,7 @@ stdenv.mkDerivation rec {
   meta = {
     description = "Tool to use nl80211";
     homepage = http://wireless.kernel.org/en/users/Documentation/iw;
-    license = "BSD";
+    license = stdenv.lib.licenses.isc;
     maintainers = with stdenv.lib.maintainers; [viric];
     platforms = with stdenv.lib.platforms; linux;
   };
diff --git a/pkgs/os-specific/linux/kernel/linux-3.14.nix b/pkgs/os-specific/linux/kernel/linux-3.14.nix
index c0a88c6a495..7d4c741193f 100644
--- a/pkgs/os-specific/linux/kernel/linux-3.14.nix
+++ b/pkgs/os-specific/linux/kernel/linux-3.14.nix
@@ -1,13 +1,13 @@
 { stdenv, fetchurl, ... } @ args:
 
 import ./generic.nix (args // rec {
-  version = "3.14.26";
+  version = "3.14.27";
   # Remember to update grsecurity!
   extraMeta.branch = "3.14";
 
   src = fetchurl {
     url = "mirror://kernel/linux/kernel/v3.x/linux-${version}.tar.xz";
-    sha256 = "16sjrpgyl1h812czx1sj06b3krbkb7cxpjmd7snmdd1cc5b8h25q";
+    sha256 = "09fxykm280zy3jq2zak6qiglsgv4756ryqwmx23hl014rk8bzszn";
   };
 
   features.iwlwifi = true;
diff --git a/pkgs/os-specific/linux/kernel/linux-3.17.nix b/pkgs/os-specific/linux/kernel/linux-3.17.nix
index 8963f006da1..fd21f3c285c 100644
--- a/pkgs/os-specific/linux/kernel/linux-3.17.nix
+++ b/pkgs/os-specific/linux/kernel/linux-3.17.nix
@@ -1,13 +1,13 @@
 { stdenv, fetchurl, ... } @ args:
 
 import ./generic.nix (args // rec {
-  version = "3.17.6";
+  version = "3.17.7";
   # Remember to update grsecurity!
   extraMeta.branch = "3.17";
 
   src = fetchurl {
     url = "mirror://kernel/linux/kernel/v3.x/linux-${version}.tar.xz";
-    sha256 = "0z4xai2m8s6zd4mkxsa8dw2ny378y6p9l835z4xj8xwgl30hjaa1";
+    sha256 = "074f56sz22wqnn21gamwf63llhsqc2hgb7dzkbkd5gqjx6pfdj53";
   };
 
   features.iwlwifi = true;
diff --git a/pkgs/os-specific/linux/kernel/patches.nix b/pkgs/os-specific/linux/kernel/patches.nix
index ba6fb2a8886..561eadf2f21 100644
--- a/pkgs/os-specific/linux/kernel/patches.nix
+++ b/pkgs/os-specific/linux/kernel/patches.nix
@@ -60,17 +60,17 @@ rec {
   };
 
   grsecurity_stable = grsecPatch
-    { kversion  = "3.14.26";
-      revision  = "201412071005";
+    { kversion  = "3.14.27";
+      revision  = "201412211908";
       branch    = "stable";
-      sha256    = "1dy98l1kqc20735385pahwksjqmsk4j5vd6d39l61y6rwc9iqfan";
+      sha256    = "1xs34v1k970sv4i0a9qjcgk7i4cihl2xlgp1q7v320idpxrcym3a";
     };
 
   grsecurity_unstable = grsecPatch
-    { kversion  = "3.17.6";
-      revision  = "201412071639";
+    { kversion  = "3.17.7";
+      revision  = "201412211910";
       branch    = "test";
-      sha256    = "182pr7whmr62bbbpn9dwcmmvvx68dbrkv33cb1dz7d29an7mx67w";
+      sha256    = "1s3ksf44mah398ix4ar49m6d8xwkk991pl1m8m441yhpm8h1ss3w";
     };
 
   grsec_fix_path =
diff --git a/pkgs/os-specific/linux/lvm2/default.nix b/pkgs/os-specific/linux/lvm2/default.nix
index dbce7602301..1d4ecdec98d 100644
--- a/pkgs/os-specific/linux/lvm2/default.nix
+++ b/pkgs/os-specific/linux/lvm2/default.nix
@@ -1,7 +1,7 @@
 { stdenv, fetchurl, pkgconfig, udev, utillinux, coreutils, enable_dmeventd ? false }:
 
 let
-  version = "2.02.111";
+  version = "2.02.114";
 in
 
 stdenv.mkDerivation {
@@ -9,7 +9,7 @@ stdenv.mkDerivation {
 
   src = fetchurl {
     url = "ftp://sources.redhat.com/pub/lvm2/releases/LVM2.${version}.tgz";
-    sha256 = "096xjcay4l2ph2dlyknic11pmz65jfgjs34fblqi9xh7zrr3x3vd";
+    sha256 = "19bl536yylyi873p46prfwv086bg0sg0q5l4c7x6lnlwzfnb176y";
   };
 
   configureFlags =
diff --git a/pkgs/os-specific/linux/macchanger/default.nix b/pkgs/os-specific/linux/macchanger/default.nix
index 1bbad958bfd..1f046de40ed 100644
--- a/pkgs/os-specific/linux/macchanger/default.nix
+++ b/pkgs/os-specific/linux/macchanger/default.nix
@@ -14,7 +14,7 @@ stdenv.mkDerivation rec {
 
   meta = {
     description = "A utility for viewing/manipulating the MAC address of network interfaces";
-    maintainer = with stdenv.lib.maintainers; [ joachifm ];
+    maintainers = with stdenv.lib.maintainers; [ joachifm ];
     license = with stdenv.lib.licenses; gpl2Plus;
     homepage = "https://www.gnu.org/software/macchanger";
     platform = with stdenv.lib.platforms; linux;
diff --git a/pkgs/os-specific/linux/nftables/default.nix b/pkgs/os-specific/linux/nftables/default.nix
index e8dd56ab9e2..9834443a74d 100644
--- a/pkgs/os-specific/linux/nftables/default.nix
+++ b/pkgs/os-specific/linux/nftables/default.nix
@@ -1,12 +1,12 @@
-{ stdenv, fetchurl, docbook2x, docbook_xml_dtd_45
+{ stdenv, fetchurl, pkgconfig, docbook2x, docbook_xml_dtd_45
 , flex, bison, libmnl, libnftnl, gmp, readline }:
 
 stdenv.mkDerivation rec {
-  name = "nftables-0.3";
+  name = "nftables-0.4";
 
   src = fetchurl {
     url = "http://netfilter.org/projects/nftables/files/${name}.tar.bz2";
-    sha256 = "0bww48hc424svxfx3fpqxmbmp0n42ahs1f28f5f6g29d8i2jcdsd";
+    sha256 = "0g0x6mf5580kr1azrff0ryxxym43qr72fwir7agmz4b8bjvnkjpn";
   };
 
   configureFlags = [
@@ -16,7 +16,7 @@ stdenv.mkDerivation rec {
 
   XML_CATALOG_FILES = "${docbook_xml_dtd_45}/xml/dtd/docbook/catalog.xml";
 
-  buildInputs = [ docbook2x flex bison libmnl libnftnl gmp readline ];
+  buildInputs = [ pkgconfig docbook2x flex bison libmnl libnftnl gmp readline ];
 
   meta = with stdenv.lib; {
     description = "the project that aims to replace the existing {ip,ip6,arp,eb}tables framework";
diff --git a/pkgs/os-specific/linux/nvidia-x11/builder.sh b/pkgs/os-specific/linux/nvidia-x11/builder.sh
new file mode 100755
index 00000000000..4291116f4ef
--- /dev/null
+++ b/pkgs/os-specific/linux/nvidia-x11/builder.sh
@@ -0,0 +1,107 @@
+source $stdenv/setup
+
+dontPatchELF=1 # must keep libXv, $out in RPATH
+
+
+unpackFile() {
+    skip=$(sed 's/^skip=//; t; d' $src)
+    tail -n +$skip $src | xz -d | tar xvf -
+    sourceRoot=.
+}
+
+
+buildPhase() {
+    if test -z "$libsOnly"; then
+        # Create the module.
+        echo "Building linux driver against kernel: $kernel";
+        cd kernel
+        kernelVersion=$(cd $kernel/lib/modules && ls)
+        sysSrc=$(echo $kernel/lib/modules/$kernelVersion/source)
+        sysOut=$(echo $kernel/lib/modules/$kernelVersion/build)
+        unset src # used by the nv makefile
+        make SYSSRC=$sysSrc SYSOUT=$sysOut module
+        cd uvm
+        make SYSSRC=$sysSrc SYSOUT=$sysOut module
+        cd ..
+        cd ..
+    fi
+}
+
+
+installPhase() {
+
+    if test -z "$libsOnly"; then
+        # Install the kernel module.
+        mkdir -p $out/lib/modules/$kernelVersion/misc
+        cp kernel/nvidia.ko $out/lib/modules/$kernelVersion/misc
+        cp kernel/uvm/nvidia-uvm.ko $out/lib/modules/$kernelVersion/misc
+
+        # Install the X driver.
+        mkdir -p $out/lib/xorg/modules
+        cp -p libnvidia-wfb.* $out/lib/xorg/modules/
+        mkdir -p $out/lib/xorg/modules/drivers
+        cp -p nvidia_drv.so $out/lib/xorg/modules/drivers
+        mkdir -p $out/lib/xorg/modules/extensions
+        cp -p libglx.so.* $out/lib/xorg/modules/extensions
+
+        #patchelf --set-rpath $out/lib $out/lib/xorg/modules/extensions/libglx.so.*.*
+
+        # Install the programs.
+        mkdir -p $out/bin
+
+        for i in nvidia-settings nvidia-smi; do
+            cp $i $out/bin/$i
+            patchelf --interpreter "$(cat $NIX_GCC/nix-support/dynamic-linker)" \
+                --set-rpath $out/lib:$programPath:$glPath $out/bin/$i
+        done
+
+        # Header files etc.
+        mkdir -p $out/include/nvidia
+        cp -p *.h $out/include/nvidia
+
+        mkdir -p $out/share/man/man1
+        cp -p *.1.gz $out/share/man/man1
+        rm $out/share/man/man1/nvidia-xconfig.1.gz
+
+        mkdir -p $out/share/applications
+        cp -p *.desktop $out/share/applications
+
+        mkdir -p $out/share/pixmaps
+        cp -p nvidia-settings.png $out/share/pixmaps
+
+        # Patch the `nvidia-settings.desktop' file.
+        substituteInPlace $out/share/applications/nvidia-settings.desktop \
+            --replace '__UTILS_PATH__' $out/bin \
+            --replace '__PIXMAP_PATH__' $out/share/pixmaps
+
+        # Test a bit.
+        $out/bin/nvidia-settings --version
+    fi
+
+
+    # Install libGL and friends.
+    mkdir -p "$out/lib/vendors"
+    cp -p nvidia.icd $out/lib/vendors/
+
+    cp -prd *.so.* tls "$out/lib/"
+    rm "$out"/lib/lib{glx,nvidia-wfb}.so.* # handled separately
+
+    for libname in `find "$out/lib/" -name '*.so.*'`
+    do
+      # I'm lazy to differentiate needed libs per-library, as the closure is the same.
+      # Unfortunately --shrink-rpath would strip too much.
+      patchelf --set-rpath "$out/lib:$allLibPath" "$libname"
+
+      libname_short=`echo -n "$libname" | sed 's/so\..*/so/'`
+      ln -srnf "$libname" "$libname_short"
+      ln -srnf "$libname" "$libname_short.1"
+    done
+
+    #patchelf --set-rpath $out/lib:$glPath $out/lib/libGL.so.*.*
+    #patchelf --set-rpath $out/lib:$glPath $out/lib/libvdpau_nvidia.so.*.*
+    #patchelf --set-rpath $cudaPath $out/lib/libcuda.so.*.*
+    #patchelf --set-rpath $openclPath $out/lib/libnvidia-opencl.so.*.*
+}
+
+
+genericBuild
diff --git a/pkgs/os-specific/linux/nvidia-x11/default.nix b/pkgs/os-specific/linux/nvidia-x11/default.nix
new file mode 100644
index 00000000000..e1a82da91f4
--- /dev/null
+++ b/pkgs/os-specific/linux/nvidia-x11/default.nix
@@ -0,0 +1,61 @@
+{ stdenv, fetchurl, kernel ? null, xlibs, zlib, perl
+, gtk, atk, pango, glib, gdk_pixbuf
+, # Whether to build the libraries only (i.e. not the kernel module or
+  # nvidia-settings).  Used to support 32-bit binaries on 64-bit
+  # Linux.
+  libsOnly ? false
+}:
+
+with stdenv.lib;
+
+assert (!libsOnly) -> kernel != null;
+
+let
+
+  versionNumber = "343.36";
+  # Policy: use the highest stable version as the default (on our master).
+  inherit (stdenv.lib) makeLibraryPath;
+in
+
+stdenv.mkDerivation {
+  name = "nvidia-x11-${versionNumber}${optionalString (!libsOnly) "-${kernel.version}"}";
+
+  builder = ./builder.sh;
+
+  src =
+    if stdenv.system == "i686-linux" then
+      fetchurl {
+        url = "http://us.download.nvidia.com/XFree86/Linux-x86/${versionNumber}/NVIDIA-Linux-x86-${versionNumber}.run";
+        sha256 = "17l23dp725883xcyy1n178pcl6lj27psrgbxymc356x2pngwkhcc";
+      }
+    else if stdenv.system == "x86_64-linux" then
+      fetchurl {
+        url = "http://us.download.nvidia.com/XFree86/Linux-x86_64/${versionNumber}/NVIDIA-Linux-x86_64-${versionNumber}-no-compat32.run";
+        sha256 = "0djvh9wmazrfvpgyiqrz81kjk2war20xyjjr2kncxyplzk28mw97";
+      }
+    else throw "nvidia-x11 does not support platform ${stdenv.system}";
+
+  inherit versionNumber libsOnly;
+
+  kernel = if libsOnly then null else kernel.dev;
+
+  dontStrip = true;
+
+  glPath      = makeLibraryPath [xlibs.libXext xlibs.libX11 xlibs.libXrandr];
+  cudaPath    = makeLibraryPath [zlib stdenv.gcc.gcc];
+  openclPath  = makeLibraryPath [zlib];
+  allLibPath  = makeLibraryPath [xlibs.libXext xlibs.libX11 xlibs.libXrandr zlib stdenv.gcc.gcc];
+
+  programPath = optionalString (!libsOnly) (makeLibraryPath
+    [ gtk atk pango glib gdk_pixbuf xlibs.libXv ] );
+
+  buildInputs = [ perl ];
+
+  meta = with stdenv.lib.meta; {
+    homepage = http://www.nvidia.com/object/unix.html;
+    description = "X.org driver and kernel module for NVIDIA graphics cards";
+    license = licenses.unfreeRedistributable;
+    platforms = platforms.linux;
+    maintainers = [ maintainers.vcunat ];
+  };
+}
diff --git a/pkgs/os-specific/linux/nvidia-x11/legacy304.nix b/pkgs/os-specific/linux/nvidia-x11/legacy304.nix
index 9acaee797f0..bec329a1a17 100644
--- a/pkgs/os-specific/linux/nvidia-x11/legacy304.nix
+++ b/pkgs/os-specific/linux/nvidia-x11/legacy304.nix
@@ -8,7 +8,7 @@
 
 with stdenv.lib;
 
-let versionNumber = "304.123"; in
+let versionNumber = "304.125"; in
 
 stdenv.mkDerivation {
   name = "nvidia-x11-${versionNumber}${optionalString (!libsOnly) "-${kernel.version}"}";
@@ -19,12 +19,12 @@ stdenv.mkDerivation {
     if stdenv.system == "i686-linux" then
       fetchurl {
         url = "http://us.download.nvidia.com/XFree86/Linux-x86/${versionNumber}/NVIDIA-Linux-x86-${versionNumber}.run";
-        sha256 = "09gljwxw14img7hw0xdxd24cvpvlymdxssmxa9gikdrw2w04j0ym";
+        sha256 = "1xy4g3yc73mb932cfr25as648k12sxpyymppb8nia3lijakv7idf";
       }
     else if stdenv.system == "x86_64-linux" then
       fetchurl {
         url = "http://us.download.nvidia.com/XFree86/Linux-x86_64/${versionNumber}/NVIDIA-Linux-x86_64-${versionNumber}-no-compat32.run";
-        sha256 = "0vxw4gp78g06h5inwkhl989p9mq0m8rqipz9a67rdc4s364r243s";
+        sha256 = "08p6hikn7pbfg0apnsbaqyyh2s9m5r0ckqzgjvxirn5qcyll0g5a";
       }
     else throw "nvidia-x11 does not support platform ${stdenv.system}";
 
diff --git a/pkgs/os-specific/linux/nvidia-x11/legacy340.nix b/pkgs/os-specific/linux/nvidia-x11/legacy340.nix
index ad0c0c0b367..fd68b9aafde 100644
--- a/pkgs/os-specific/linux/nvidia-x11/legacy340.nix
+++ b/pkgs/os-specific/linux/nvidia-x11/legacy340.nix
@@ -12,7 +12,7 @@ assert (!libsOnly) -> kernel != null;
 
 let
 
-  versionNumber = "340.58";
+  versionNumber = "340.65";
   /* This branch is needed for G8x, G9x, and GT2xx GPUs, and motherboard chipsets based on them.
     Ongoing support for new Linux kernels and X servers, as well as fixes for critical bugs,
     will be included in 340.* legacy releases through the end of 2019.
@@ -29,12 +29,12 @@ stdenv.mkDerivation {
     if stdenv.system == "i686-linux" then
       fetchurl {
         url = "http://us.download.nvidia.com/XFree86/Linux-x86/${versionNumber}/NVIDIA-Linux-x86-${versionNumber}.run";
-        sha256 = "0nzvfqn3cv2n486i38r3badd5jlmfv7x6k9s47calrqnd3q8zi3w";
+        sha256 = "0wyrxhkfyjpa0l5xxpy4g9h3c34dv5bqif8nk70cm53pbm1i31g7";
       }
     else if stdenv.system == "x86_64-linux" then
       fetchurl {
         url = "http://us.download.nvidia.com/XFree86/Linux-x86_64/${versionNumber}/NVIDIA-Linux-x86_64-${versionNumber}-no-compat32.run";
-        sha256 = "0h78wmb1yyr1xah6x22ifk9gzd2jvg3vhhg091nvyhcvpmbjq806";
+        sha256 = "0yabf3d3aq2qmlzxw99y5lasdm5y7dq2n7l3gvak8iqx0k9cihh3";
       }
     else throw "nvidia-x11 does not support platform ${stdenv.system}";
 
diff --git a/pkgs/os-specific/linux/ocz-toolbox/default.nix b/pkgs/os-specific/linux/ocz-toolbox/default.nix
new file mode 100644
index 00000000000..b41fc34be3e
--- /dev/null
+++ b/pkgs/os-specific/linux/ocz-toolbox/default.nix
@@ -0,0 +1,37 @@
+{ stdenv, fetchurl, libXrender, fontconfig, freetype, libXext, libX11 }:
+
+let arch = if stdenv.system == "x86_64-linux" then "64"
+           else if stdenv.system == "i686-linux" then "32"
+           else abort "OCZ Toolbox only support {x86-64,i686}-linux targets";
+in stdenv.mkDerivation rec {
+  version = "4.9.0.634";
+  name = "ocz-toolbox-${version}";
+
+  src = fetchurl {
+    url = "http://ocz.com/consumer/download/firmware/OCZToolbox_v${version}_linux.tar.gz";
+    sha256 = "0h51p5bg9h2smxxy1r4xkzzjjavhgql7yy12qmjk0vbh13flgx3y";
+  };
+
+  prePatch = ''
+    cd linux${arch}
+  '';
+
+  libPath = stdenv.lib.makeLibraryPath [ stdenv.gcc.gcc libXrender fontconfig freetype libXext libX11 ];
+
+  installPhase = ''
+    install -Dm755 OCZToolbox $out/bin/OCZToolbox
+    patchelf \
+      --interpreter "$(cat $NIX_GCC/nix-support/dynamic-linker)" \
+      --set-rpath "$libPath" \
+      $out/bin/OCZToolbox
+  '';
+
+  dontStrip = true;
+
+  meta = with stdenv.lib; {
+    description = "Update firmware and BIOS, secure erase, view SMART attributes, and view drive details of your OCZ SSD";
+    homepage = "http://ocz.com/consumer/download/firmware";
+    license = licenses.unfree;
+    maintainers = with maintainers; [ abbradar ];
+  };
+}
diff --git a/pkgs/os-specific/linux/sysdig/default.nix b/pkgs/os-specific/linux/sysdig/default.nix
index 1398b91303b..6b9526c15b2 100644
--- a/pkgs/os-specific/linux/sysdig/default.nix
+++ b/pkgs/os-specific/linux/sysdig/default.nix
@@ -3,10 +3,10 @@ let
   inherit (stdenv.lib) optional optionalString;
   s = rec {
     baseName="sysdig";
-    version = "0.1.91";
+    version = "0.1.93";
     name="${baseName}-${version}";
     url="https://github.com/draios/sysdig/archive/${version}.tar.gz";
-    sha256 = "0a34zinw54nkxawby847yzc3wzbw4dgi849pvwyd28391pxpxayy";
+    sha256 = "0rcbls1i82z2mwd3kcsidvhbb0xf0f4p7l2z3168wbpsh5nm9clz";
   };
   buildInputs = [
     cmake zlib luajit
diff --git a/pkgs/os-specific/linux/sysstat/default.nix b/pkgs/os-specific/linux/sysstat/default.nix
index 69940ceb132..28d6f0b21a8 100644
--- a/pkgs/os-specific/linux/sysstat/default.nix
+++ b/pkgs/os-specific/linux/sysstat/default.nix
@@ -1,11 +1,10 @@
 { stdenv, fetchurl, gettext, bzip2 }:
-
 stdenv.mkDerivation rec {
-  name = "sysstat-11.0.1";
+  name = "sysstat-11.0.2";
 
   src = fetchurl {
     url = "http://perso.orange.fr/sebastien.godard/${name}.tar.xz";
-    sha256 = "1cwgsxvs7jkr3il6r344mw46502yjnhrsbcp4217vh4b7xv6czaq";
+    sha256 = "15hv3ylr5i6nrrdhyjnp4xld51gpv0cn3hjgy6068ybwpvgpzn5c";
   };
 
   buildInputs = [ gettext ];
@@ -15,10 +14,13 @@ stdenv.mkDerivation rec {
     export PATH_CHKCONFIG=/no-such-program
     export BZIP=${bzip2}/bin/bzip2
     export SYSTEMCTL=systemctl
-    makeFlagsArray=(DESTDIR=$out SYSCONFIG_DIR=$out/etc IGNORE_MAN_GROUP=y CHOWN=true)
-    installTargets="install_base install_nls install_man"
   '';
 
+  makeFlags = "SYSCONFIG_DIR=$(out)/etc IGNORE_MAN_GROUP=y CHOWN=true";
+  installTargets = "install_base install_nls install_man";
+
+  patches = [ ./install.patch ];
+
   meta = {
     homepage = http://sebastien.godard.pagesperso-orange.fr/;
     description = "A collection of performance monitoring tools for Linux (such as sar, iostat and pidstat)";
diff --git a/pkgs/os-specific/linux/sysstat/install.patch b/pkgs/os-specific/linux/sysstat/install.patch
new file mode 100644
index 00000000000..473fa30b98b
--- /dev/null
+++ b/pkgs/os-specific/linux/sysstat/install.patch
@@ -0,0 +1,13 @@
+diff -rc sysstat-11.0.1/Makefile.in sysstat-11.0.1-new/Makefile.in
+*** sysstat-11.0.1/Makefile.in	2014-08-30 15:38:39.000000000 +0200
+--- sysstat-11.0.1-new/Makefile.in	2014-12-18 14:40:45.466349009 +0100
+***************
+*** 331,337 ****
+  install_base: all sa1 sa2 sysstat.sysconfig install_man install_nls \
+  	contrib/isag/isag
+  	mkdir -p $(DESTDIR)$(SA_LIB_DIR)
+- 	mkdir -p $(DESTDIR)$(SA_DIR)
+  ifeq ($(CLEAN_SA_DIR),y)
+  	find $(DESTDIR)$(SA_DIR) \( -name 'sar??' -o -name 'sa??' -o -name 'sar??.gz' -o -name 'sa??.gz' \) \
+  		-exec rm -f {} \;
+--- 331,336 ----
diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix
index 2df23cf0e16..ef8d5891d25 100644
--- a/pkgs/os-specific/linux/systemd/default.nix
+++ b/pkgs/os-specific/linux/systemd/default.nix
@@ -20,11 +20,8 @@ stdenv.mkDerivation rec {
 
   patches =
     [ # These are all changes between upstream and
-      # https://github.com/edolstra/systemd/tree/nixos-v216.
+      # https://github.com/edolstra/systemd/tree/nixos-v217.
       ./fixes.patch
-      # Fixes systemd-journald so that it does not get killed
-      # by systemd-journal-flush starting too quickly
-      ./systemd-journald-type-notify.patch
     ];
 
   buildInputs =
diff --git a/pkgs/os-specific/linux/systemd/fixes.patch b/pkgs/os-specific/linux/systemd/fixes.patch
index ff31b4a75d4..182927486c5 100644
--- a/pkgs/os-specific/linux/systemd/fixes.patch
+++ b/pkgs/os-specific/linux/systemd/fixes.patch
@@ -13,6 +13,186 @@ index e30d9a8..a3d399b 100644
  # Ignore raid devices that are not yet assembled and started
  SUBSYSTEM=="block", ENV{DEVTYPE}=="disk", KERNEL=="md*", TEST!="md/array_state", ENV{SYSTEMD_READY}="0"
  SUBSYSTEM=="block", ENV{DEVTYPE}=="disk", KERNEL=="md*", ATTR{md/array_state}=="|clear|inactive", ENV{SYSTEMD_READY}="0"
+diff --git a/src/core/job.c b/src/core/job.c
+index eaa4bb1..db44fee 100644
+--- a/src/core/job.c
++++ b/src/core/job.c
+@@ -352,6 +352,9 @@ bool job_type_is_redundant(JobType a, UnitActiveState b) {
+                 return
+                         b == UNIT_ACTIVATING;
+ 
++        case JOB_NOP:
++                return true;
++
+         default:
+                 assert_not_reached("Invalid job type");
+         }
+diff --git a/src/core/job.h b/src/core/job.h
+index 1e7c61b..ee8e54a 100644
+--- a/src/core/job.h
++++ b/src/core/job.h
+@@ -49,9 +49,11 @@ enum JobType {
+         _JOB_TYPE_MAX_MERGING,
+ 
+         /* JOB_NOP can enter into a transaction, but as it won't pull in
+-         * any dependencies, it won't have to merge with anything.
+-         * job_install() avoids the problem of merging JOB_NOP too (it's
+-         * special-cased, only merges with other JOB_NOPs). */
++         * any dependencies and it uses the special 'nop_job' slot in Unit,
++         * it won't have to merge with anything (except possibly into another
++         * JOB_NOP, previously installed). JOB_NOP is special-cased in
++         * job_type_is_*() functions so that the transaction can be
++         * activated. */
+         JOB_NOP = _JOB_TYPE_MAX_MERGING, /* do nothing */
+ 
+         _JOB_TYPE_MAX_IN_TRANSACTION,
+@@ -190,11 +192,15 @@ _pure_ static inline bool job_type_is_mergeable(JobType a, JobType b) {
+ }
+ 
+ _pure_ static inline bool job_type_is_conflicting(JobType a, JobType b) {
+-        return !job_type_is_mergeable(a, b);
++        return a != JOB_NOP && b != JOB_NOP && !job_type_is_mergeable(a, b);
+ }
+ 
+ _pure_ static inline bool job_type_is_superset(JobType a, JobType b) {
+         /* Checks whether operation a is a "superset" of b in its actions */
++        if (b == JOB_NOP)
++                return true;
++        if (a == JOB_NOP)
++                return false;
+         return a == job_type_lookup_merge(a, b);
+ }
+ 
+diff --git a/src/core/manager.c b/src/core/manager.c
+index d427d88..256d6f7 100644
+--- a/src/core/manager.c
++++ b/src/core/manager.c
+@@ -662,9 +662,11 @@ static int manager_setup_notify(Manager *m) {
+                         return -errno;
+                 }
+ 
+-                if (m->running_as == SYSTEMD_SYSTEM)
++                if (m->running_as == SYSTEMD_SYSTEM) {
+                         m->notify_socket = strdup("/run/systemd/notify");
+-                else {
++                        if (!m->notify_socket)
++                                return log_oom();
++                } else {
+                         const char *e;
+ 
+                         e = getenv("XDG_RUNTIME_DIR");
+@@ -674,9 +676,11 @@ static int manager_setup_notify(Manager *m) {
+                         }
+ 
+                         m->notify_socket = strappend(e, "/systemd/notify");
++                        if (!m->notify_socket)
++                                return log_oom();
++
++                        mkdir_parents_label(m->notify_socket, 0755);
+                 }
+-                if (!m->notify_socket)
+-                        return log_oom();
+ 
+                 strncpy(sa.un.sun_path, m->notify_socket, sizeof(sa.un.sun_path)-1);
+                 r = bind(fd, &sa.sa, offsetof(struct sockaddr_un, sun_path) + strlen(sa.un.sun_path));
+diff --git a/src/core/shutdown.c b/src/core/shutdown.c
+index 20cf526..03cfddc 100644
+--- a/src/core/shutdown.c
++++ b/src/core/shutdown.c
+@@ -75,7 +75,9 @@ static int parse_argv(int argc, char *argv[]) {
+         assert(argc >= 1);
+         assert(argv);
+ 
+-        while ((c = getopt_long(argc, argv, "", options, NULL)) >= 0)
++        /* "-" prevents getopt from permuting argv[] and moving the verb away
++         * from argv[1]. Our interface to initrd promises it'll be there. */
++        while ((c = getopt_long(argc, argv, "-", options, NULL)) >= 0)
+                 switch (c) {
+ 
+                 case ARG_LOG_LEVEL:
+@@ -113,6 +115,13 @@ static int parse_argv(int argc, char *argv[]) {
+ 
+                         break;
+ 
++                case '\001':
++                        if (!arg_verb)
++                                arg_verb = optarg;
++                        else
++                                log_error("Excess arguments, ignoring");
++                        break;
++
+                 case '?':
+                         return -EINVAL;
+ 
+@@ -120,15 +129,11 @@ static int parse_argv(int argc, char *argv[]) {
+                         assert_not_reached("Unhandled option code.");
+                 }
+ 
+-        if (optind >= argc) {
++        if (!arg_verb) {
+                 log_error("Verb argument missing.");
+                 return -EINVAL;
+         }
+ 
+-        arg_verb = argv[optind];
+-
+-        if (optind + 1 < argc)
+-                log_error("Excess arguments, ignoring");
+         return 0;
+ }
+ 
+diff --git a/src/core/snapshot.c b/src/core/snapshot.c
+index 5eed615..c2678cb 100644
+--- a/src/core/snapshot.c
++++ b/src/core/snapshot.c
+@@ -208,7 +208,7 @@ int snapshot_create(Manager *m, const char *name, bool cleanup, sd_bus_error *e,
+                         return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Unit name %s lacks snapshot suffix.", name);
+ 
+                 if (manager_get_unit(m, name))
+-                        sd_bus_error_setf(e, BUS_ERROR_UNIT_EXISTS, "Snapshot %s exists already.", name);
++                        return sd_bus_error_setf(e, BUS_ERROR_UNIT_EXISTS, "Snapshot %s exists already.", name);
+ 
+         } else {
+ 
+diff --git a/src/core/systemd.pc.in b/src/core/systemd.pc.in
+index d5b86bf..9c66e7b 100644
+--- a/src/core/systemd.pc.in
++++ b/src/core/systemd.pc.in
+@@ -14,8 +14,8 @@ systemduserunitdir=@userunitdir@
+ systemduserpresetdir=@userpresetdir@
+ systemdsystemconfdir=@pkgsysconfdir@/system
+ systemduserconfdir=@pkgsysconfdir@/user
+-systemdsystemunitpath=${systemdsystemconfdir}:/etc/systemd/system:/run/systemd/system:/usr/local/lib/systemd/system:${systemdsystemunitdir}:/usr/lib/systemd/system:/lib/systemd/system
+-systemduserunitpath=${systemduserconfdir}:/etc/systemd/user:/run/systemd/user:/usr/local/lib/systemd/user:/usr/local/share/systemd/user:${systemduserunitdir}:/usr/lib/systemd/user:/usr/share/systemd/user
++systemdsystemunitpath=${systemdsystemconfdir}:/etc/systemd/system:/etc/systemd-mutable/system:/nix/var/nix/profiles/default/lib/systemd/user:/run/systemd/system:${systemdsystemunitdir}
++systemduserunitpath=${systemduserconfdir}:/etc/systemd/user:/etc/systemd-mutable/user:/nix/var/nix/profiles/default/lib/systemd/system:/run/systemd/user:${systemduserunitdir}
+ systemdsystemgeneratordir=@systemgeneratordir@
+ systemdusergeneratordir=@usergeneratordir@
+ systemdsleepdir=@systemsleepdir@
+diff --git a/src/core/timer.c b/src/core/timer.c
+index a3713e2..5c4e9f9 100644
+--- a/src/core/timer.c
++++ b/src/core/timer.c
+@@ -521,6 +521,7 @@ fail:
+ 
+ static int timer_start(Unit *u) {
+         Timer *t = TIMER(u);
++        TimerValue *v;
+ 
+         assert(t);
+         assert(t->state == TIMER_DEAD || t->state == TIMER_FAILED);
+@@ -530,6 +531,11 @@ static int timer_start(Unit *u) {
+ 
+         t->last_trigger = DUAL_TIMESTAMP_NULL;
+ 
++        /* Reenable all timers that depend on unit activation time */
++        LIST_FOREACH(value, v, t->values)
++                if (v->base == TIMER_ACTIVE)
++                        v->disabled = false;
++
+         if (t->stamp_path) {
+                 struct stat st;
+ 
 diff --git a/src/core/umount.c b/src/core/umount.c
 index cffa453..4d1a9ff 100644
 --- a/src/core/umount.c
@@ -26,6 +206,19 @@ index cffa453..4d1a9ff 100644
  #ifndef HAVE_SPLIT_USR
                      || path_equal(m->path, "/usr")
  #endif
+diff --git a/src/delta/delta.c b/src/delta/delta.c
+index 25c4a0b..e1f2d6d 100644
+--- a/src/delta/delta.c
++++ b/src/delta/delta.c
+@@ -487,7 +487,7 @@ static int parse_flags(const char *flag_str, int flags) {
+         const char *word, *state;
+         size_t l;
+ 
+-        FOREACH_WORD(word, l, flag_str, state) {
++        FOREACH_WORD_SEPARATOR(word, l, flag_str, ",", state) {
+                 if (strneq("masked", word, l))
+                         flags |= SHOW_MASKED;
+                 else if (strneq ("equivalent", word, l))
 diff --git a/src/fsck/fsck.c b/src/fsck/fsck.c
 index 70a5918..1926e52 100644
 --- a/src/fsck/fsck.c
@@ -40,19 +233,377 @@ index 70a5918..1926e52 100644
          cmdline[i++] = "-T";
  
          /*
+diff --git a/src/fstab-generator/fstab-generator.c b/src/fstab-generator/fstab-generator.c
+index e257c12..1e04553 100644
+--- a/src/fstab-generator/fstab-generator.c
++++ b/src/fstab-generator/fstab-generator.c
+@@ -485,7 +485,7 @@ static int add_usr_mount(void) {
+                         return log_oom();
+         }
+ 
+-        if (!arg_usr_what || !arg_usr_options)
++        if (!arg_usr_what)
+                 return 0;
+ 
+         what = fstab_node_to_udev_node(arg_usr_what);
+@@ -494,7 +494,13 @@ static int add_usr_mount(void) {
+                 return -1;
+         }
+ 
+-        opts = arg_usr_options;
++        if (!arg_usr_options)
++                opts = arg_root_rw > 0 ? "rw" : "ro";
++        else if (!mount_test_option(arg_usr_options, "ro") &&
++                 !mount_test_option(arg_usr_options, "rw"))
++                opts = strappenda(arg_usr_options, ",", arg_root_rw > 0 ? "rw" : "ro");
++        else
++                opts = arg_usr_options;
+ 
+         log_debug("Found entry what=%s where=/sysroot/usr type=%s", what, strna(arg_usr_fstype));
+         return add_mount(what,
+diff --git a/src/hostname/hostnamectl.c b/src/hostname/hostnamectl.c
+index e487369..ff4e9c9 100644
+--- a/src/hostname/hostnamectl.c
++++ b/src/hostname/hostnamectl.c
+@@ -536,5 +536,5 @@ int main(int argc, char *argv[]) {
+         r = hostnamectl_main(bus, argc, argv);
+ 
+ finish:
+-        return r < 0 ? EXIT_FAILURE : r;
++        return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
+ }
+diff --git a/src/journal/journal-file.c b/src/journal/journal-file.c
+index 8a2c0fc..9de3ddd 100644
+--- a/src/journal/journal-file.c
++++ b/src/journal/journal-file.c
+@@ -1657,7 +1657,7 @@ static int generic_array_bisect(
+                         }
+                 }
+ 
+-                if (k > n) {
++                if (k >= n) {
+                         if (direction == DIRECTION_UP) {
+                                 i = n;
+                                 subtract_one = true;
+diff --git a/src/journal/journalctl.c b/src/journal/journalctl.c
+index f50faf4..03579fd 100644
+--- a/src/journal/journalctl.c
++++ b/src/journal/journalctl.c
+@@ -682,7 +682,7 @@ static int parse_argv(int argc, char *argv[]) {
+                         assert_not_reached("Unhandled option");
+                 }
+ 
+-        if (arg_follow && !arg_no_tail && arg_lines == ARG_LINES_DEFAULT)
++        if (arg_follow && !arg_no_tail && !arg_since && arg_lines == ARG_LINES_DEFAULT)
+                 arg_lines = 10;
+ 
+         if (!!arg_directory + !!arg_file + !!arg_machine > 1) {
+diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c
+index 12735c4..08b143b 100644
+--- a/src/journal/journald-server.c
++++ b/src/journal/journald-server.c
+@@ -1655,6 +1655,7 @@ void server_done(Server *s) {
+         free(s->buffer);
+         free(s->tty_path);
+         free(s->cgroup_root);
++        free(s->hostname_field);
+ 
+         if (s->mmap)
+                 mmap_cache_unref(s->mmap);
+diff --git a/src/libsystemd-network/network-internal.c b/src/libsystemd-network/network-internal.c
+index 372f3ed..d56ee51 100644
+--- a/src/libsystemd-network/network-internal.c
++++ b/src/libsystemd-network/network-internal.c
+@@ -392,10 +392,12 @@ void serialize_dhcp_routes(FILE *f, const char *key, struct sd_dhcp_route *route
+ 
+         fprintf(f, "%s=", key);
+ 
+-        for (i = 0; i < size; i++)
+-                fprintf(f, "%s/%" PRIu8 ",%s%s", inet_ntoa(routes[i].dst_addr),
+-                        routes[i].dst_prefixlen, inet_ntoa(routes[i].gw_addr),
++        for (i = 0; i < size; i++) {
++                fprintf(f, "%s/%" PRIu8, inet_ntoa(routes[i].dst_addr),
++                        routes[i].dst_prefixlen);
++                fprintf(f, ",%s%s", inet_ntoa(routes[i].gw_addr),
+                         (i < (size - 1)) ? " ": "");
++        }
+ 
+         fputs("\n", f);
+ }
+diff --git a/src/libsystemd-network/sd-dhcp-client.c b/src/libsystemd-network/sd-dhcp-client.c
+index 0eba4c3..9986b52 100644
+--- a/src/libsystemd-network/sd-dhcp-client.c
++++ b/src/libsystemd-network/sd-dhcp-client.c
+@@ -68,7 +68,6 @@ struct sd_dhcp_client {
+         uint32_t mtu;
+         uint32_t xid;
+         usec_t start_time;
+-        uint16_t secs;
+         unsigned int attempt;
+         usec_t request_sent;
+         sd_event_source *timeout_t1;
+@@ -321,10 +320,12 @@ static int client_message_init(sd_dhcp_client *client, DHCPPacket **ret,
+         _cleanup_free_ DHCPPacket *packet;
+         size_t optlen, optoffset, size;
+         be16_t max_size;
++        usec_t time_now;
++        uint16_t secs;
+         int r;
+ 
+         assert(client);
+-        assert(client->secs);
++        assert(client->start_time);
+         assert(ret);
+         assert(_optlen);
+         assert(_optoffset);
+@@ -344,7 +345,15 @@ static int client_message_init(sd_dhcp_client *client, DHCPPacket **ret,
+ 
+         /* Although 'secs' field is a SHOULD in RFC 2131, certain DHCP servers
+            refuse to issue an DHCP lease if 'secs' is set to zero */
+-        packet->dhcp.secs = htobe16(client->secs);
++        r = sd_event_now(client->event, clock_boottime_or_monotonic(), &time_now);
++        if (r < 0)
++                return r;
++        assert(time_now >= client->start_time);
++
++        /* seconds between sending first and last DISCOVER
++         * must always be strictly positive to deal with broken servers */
++        secs = ((time_now - client->start_time) / USEC_PER_SEC) ? : 1;
++        packet->dhcp.secs = htobe16(secs);
+ 
+         /* RFC2132 section 4.1
+            A client that cannot receive unicast IP datagrams until its protocol
+@@ -441,24 +450,12 @@ static int dhcp_client_send_raw(sd_dhcp_client *client, DHCPPacket *packet,
+ static int client_send_discover(sd_dhcp_client *client) {
+         _cleanup_free_ DHCPPacket *discover = NULL;
+         size_t optoffset, optlen;
+-        usec_t time_now;
+         int r;
+ 
+         assert(client);
+         assert(client->state == DHCP_STATE_INIT ||
+                client->state == DHCP_STATE_SELECTING);
+ 
+-        /* See RFC2131 section 4.4.1 */
+-
+-        r = sd_event_now(client->event, clock_boottime_or_monotonic(), &time_now);
+-        if (r < 0)
+-                return r;
+-        assert(time_now >= client->start_time);
+-
+-        /* seconds between sending first and last DISCOVER
+-         * must always be strictly positive to deal with broken servers */
+-        client->secs = ((time_now - client->start_time) / USEC_PER_SEC) ? : 1;
+-
+         r = client_message_init(client, &discover, DHCP_DISCOVER,
+                                 &optlen, &optoffset);
+         if (r < 0)
+@@ -875,10 +872,8 @@ static int client_start(sd_dhcp_client *client) {
+         }
+         client->fd = r;
+ 
+-        if (client->state == DHCP_STATE_INIT) {
++        if (client->state == DHCP_STATE_INIT || client->state == DHCP_STATE_INIT_REBOOT)
+                 client->start_time = now(clock_boottime_or_monotonic());
+-                client->secs = 0;
+-        }
+ 
+         return client_initialize_events(client, client_receive_message_raw);
+ }
+@@ -1269,6 +1264,9 @@ static int client_handle_message(sd_dhcp_client *client, DHCPMessage *message,
+                 if (r >= 0) {
+                         client->timeout_resend =
+                                 sd_event_source_unref(client->timeout_resend);
++                        client->receive_message =
++                                sd_event_source_unref(client->receive_message);
++                        client->fd = asynchronous_close(client->fd);
+ 
+                         if (IN_SET(client->state, DHCP_STATE_REQUESTING,
+                                    DHCP_STATE_REBOOTING))
+diff --git a/src/libsystemd-network/sd-dhcp-lease.c b/src/libsystemd-network/sd-dhcp-lease.c
+index 4fb01c0..b7c9a07 100644
+--- a/src/libsystemd-network/sd-dhcp-lease.c
++++ b/src/libsystemd-network/sd-dhcp-lease.c
+@@ -50,7 +50,7 @@ int sd_dhcp_lease_get_address(sd_dhcp_lease *lease, struct in_addr *addr) {
+ 
+ int sd_dhcp_lease_get_lifetime(sd_dhcp_lease *lease, uint32_t *lifetime) {
+         assert_return(lease, -EINVAL);
+-        assert_return(lease, -EINVAL);
++        assert_return(lifetime, -EINVAL);
+ 
+         *lifetime = lease->lifetime;
+ 
+diff --git a/src/libsystemd-network/sd-dhcp6-client.c b/src/libsystemd-network/sd-dhcp6-client.c
+index fa4f9b5..dbec1a2 100644
+--- a/src/libsystemd-network/sd-dhcp6-client.c
++++ b/src/libsystemd-network/sd-dhcp6-client.c
+@@ -200,19 +200,19 @@ int sd_dhcp6_client_set_duid(sd_dhcp6_client *client, uint16_t type, uint8_t *du
+ 
+         switch (type) {
+         case DHCP6_DUID_LLT:
+-                if (duid_len <= sizeof(client->duid.llt))
++                if (duid_len <= sizeof(client->duid.llt) - 2)
+                         return -EINVAL;
+                 break;
+         case DHCP6_DUID_EN:
+-                if (duid_len != sizeof(client->duid.en))
++                if (duid_len != sizeof(client->duid.en) - 2)
+                         return -EINVAL;
+                 break;
+         case DHCP6_DUID_LL:
+-                if (duid_len <= sizeof(client->duid.ll))
++                if (duid_len <= sizeof(client->duid.ll) - 2)
+                         return -EINVAL;
+                 break;
+         case DHCP6_DUID_UUID:
+-                if (duid_len != sizeof(client->duid.uuid))
++                if (duid_len != sizeof(client->duid.uuid) - 2)
+                         return -EINVAL;
+                 break;
+         default:
+@@ -222,7 +222,7 @@ int sd_dhcp6_client_set_duid(sd_dhcp6_client *client, uint16_t type, uint8_t *du
+ 
+         client->duid.raw.type = htobe16(type);
+         memcpy(&client->duid.raw.data, duid, duid_len);
+-        client->duid_len = duid_len;
++        client->duid_len = duid_len + 2;  /* +2 for sizeof(type) */
+ 
+         return 0;
+ }
+diff --git a/src/libsystemd/sd-bus/bus-match.c b/src/libsystemd/sd-bus/bus-match.c
+index 18afe0f..5658c61 100644
+--- a/src/libsystemd/sd-bus/bus-match.c
++++ b/src/libsystemd/sd-bus/bus-match.c
+@@ -537,7 +537,7 @@ static int bus_match_find_compare_value(
+         else if (BUS_MATCH_CAN_HASH(t))
+                 n = hashmap_get(c->compare.children, value_str);
+         else {
+-                for (n = c->child; !value_node_same(n, t, value_u8, value_str); n = n->next)
++                for (n = c->child; n && !value_node_same(n, t, value_u8, value_str); n = n->next)
+                         ;
+         }
+ 
+diff --git a/src/libsystemd/sd-bus/bus-objects.c b/src/libsystemd/sd-bus/bus-objects.c
+index 0ab1119..6c3230a 100644
+--- a/src/libsystemd/sd-bus/bus-objects.c
++++ b/src/libsystemd/sd-bus/bus-objects.c
+@@ -617,6 +617,9 @@ static int property_get_set_callbacks_run(
+                         return r;
+ 
+         } else {
++                const char *signature = NULL;
++                char type = 0;
++
+                 if (c->vtable->type != _SD_BUS_VTABLE_WRITABLE_PROPERTY)
+                         return sd_bus_reply_method_errorf(m, SD_BUS_ERROR_PROPERTY_READ_ONLY, "Property '%s' is not writable.", c->member);
+ 
+@@ -628,6 +631,13 @@ static int property_get_set_callbacks_run(
+ 
+                 c->last_iteration = bus->iteration_counter;
+ 
++                r = sd_bus_message_peek_type(m, &type, &signature);
++                if (r < 0)
++                        return r;
++
++                if (type != 'v' || !streq(strempty(signature), strempty(c->vtable->x.property.signature)))
++                        return sd_bus_reply_method_errorf(m, SD_BUS_ERROR_INVALID_ARGS, "Incorrect parameters for property '%s', expected '%s', got '%s'.", c->member, strempty(c->vtable->x.property.signature), strempty(signature));
++
+                 r = sd_bus_message_enter_container(m, 'v', c->vtable->x.property.signature);
+                 if (r < 0)
+                         return r;
+diff --git a/src/libsystemd/sd-rtnl/rtnl-message.c b/src/libsystemd/sd-rtnl/rtnl-message.c
+index b501a52..740133a 100644
+--- a/src/libsystemd/sd-rtnl/rtnl-message.c
++++ b/src/libsystemd/sd-rtnl/rtnl-message.c
+@@ -36,6 +36,8 @@
+ #define GET_CONTAINER(m, i) ((i) < (m)->n_containers ? (struct rtattr*)((uint8_t*)(m)->hdr + (m)->container_offsets[i]) : NULL)
+ #define PUSH_CONTAINER(m, new) (m)->container_offsets[(m)->n_containers ++] = (uint8_t*)(new) - (uint8_t*)(m)->hdr;
+ 
++#define RTA_TYPE(rta) ((rta)->rta_type & NLA_TYPE_MASK)
++
+ static int message_new_empty(sd_rtnl *rtnl, sd_rtnl_message **ret) {
+         sd_rtnl_message *m;
+ 
+@@ -566,8 +568,8 @@ int sd_rtnl_message_append_string(sd_rtnl_message *m, unsigned short type, const
+                 size = (size_t)r;
+ 
+         if (size) {
+-                length = strnlen(data, size);
+-                if (length >= size)
++                length = strnlen(data, size+1);
++                if (length > size)
+                         return -EINVAL;
+         } else
+                 length = strlen(data);
+@@ -1066,7 +1068,7 @@ int rtnl_message_parse(sd_rtnl_message *m,
+         *rta_tb_size = max + 1;
+ 
+         for (; RTA_OK(rta, rt_len); rta = RTA_NEXT(rta, rt_len)) {
+-                type = rta->rta_type;
++                type = RTA_TYPE(rta);
+ 
+                 /* if the kernel is newer than the headers we used
+                    when building, we ignore out-of-range attributes
+@@ -1222,7 +1224,7 @@ int socket_read_message(sd_rtnl *rtnl) {
+                 }
+         }
+ 
+-        for (new_msg = rtnl->rbuffer; NLMSG_OK(new_msg, len); new_msg = NLMSG_NEXT(new_msg, len)) {
++        for (new_msg = rtnl->rbuffer; NLMSG_OK(new_msg, len) && !done; new_msg = NLMSG_NEXT(new_msg, len)) {
+                 _cleanup_rtnl_message_unref_ sd_rtnl_message *m = NULL;
+                 const NLType *nl_type;
+ 
+@@ -1237,7 +1239,8 @@ int socket_read_message(sd_rtnl *rtnl) {
+                 if (new_msg->nlmsg_type == NLMSG_DONE) {
+                         /* finished reading multi-part message */
+                         done = true;
+-                        break;
++
++                        continue;
+                 }
+ 
+                 /* check that we support this message type */
+diff --git a/src/libudev/libudev-device.c b/src/libudev/libudev-device.c
+index 2699374..e2afcb8 100644
+--- a/src/libudev/libudev-device.c
++++ b/src/libudev/libudev-device.c
+@@ -730,8 +730,13 @@ _public_ struct udev_device *udev_device_new_from_syspath(struct udev *udev, con
+                         return NULL;
+         } else {
+                 /* everything else just needs to be a directory */
+-                if (stat(path, &statbuf) != 0 || !S_ISDIR(statbuf.st_mode))
++                if (stat(path, &statbuf) != 0)
+                         return NULL;
++
++                if (!S_ISDIR(statbuf.st_mode)) {
++                        errno = EISDIR;
++                        return NULL;
++                }
+         }
+ 
+         udev_device = udev_device_new(udev);
 diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
-index b6d9bc6..04fbe57 100644
+index b6d9bc6..759794f 100644
 --- a/src/nspawn/nspawn.c
 +++ b/src/nspawn/nspawn.c
-@@ -758,7 +758,7 @@ static int mount_binds(const char *dest,
+@@ -758,7 +758,7 @@ static int mount_binds(const char *dest, char **l, bool ro) {
                   * and char devices. */
                  if (S_ISDIR(source_st.st_mode)) {
                          r = mkdir_label(where, 0755);
 -                        if (r < 0) {
-+                        if (r < 0 && r != -EEXIST) {
++                        if (r < 0 && errno != EEXIST) {
                                  log_error("Failed to create mount point %s: %s", where, strerror(-r));
-
+ 
                                  return r;
+@@ -818,7 +818,7 @@ static int mount_tmpfs(const char *dest) {
+                         return log_oom();
+ 
+                 r = mkdir_label(where, 0755);
+-                if (r < 0) {
++                if (r < 0 && errno != EEXIST) {
+                         log_error("creating mount point for tmpfs %s failed: %s", where, strerror(-r));
+ 
+                         return r;
 @@ -3073,6 +3073,7 @@ int main(int argc, char *argv[]) {
                                  goto finish;
                          }
@@ -69,8 +620,234 @@ index b6d9bc6..04fbe57 100644
                  }
          } else {
                  char template[] = "/tmp/nspawn-root-XXXXXX";
+diff --git a/src/resolve/resolved-dns-packet.c b/src/resolve/resolved-dns-packet.c
+index 7375f77..ec8efcc 100644
+--- a/src/resolve/resolved-dns-packet.c
++++ b/src/resolve/resolved-dns-packet.c
+@@ -866,7 +866,7 @@ fail:
+ 
+ int dns_packet_read_name(DnsPacket *p, char **_ret,
+                          bool allow_compression, size_t *start) {
+-        size_t saved_rindex, after_rindex = 0;
++        size_t saved_rindex, after_rindex = 0, jump_barrier;
+         _cleanup_free_ char *ret = NULL;
+         size_t n = 0, allocated = 0;
+         bool first = true;
+@@ -876,6 +876,7 @@ int dns_packet_read_name(DnsPacket *p, char **_ret,
+         assert(_ret);
+ 
+         saved_rindex = p->rindex;
++        jump_barrier = p->rindex;
+ 
+         for (;;) {
+                 uint8_t c, d;
+@@ -922,7 +923,7 @@ int dns_packet_read_name(DnsPacket *p, char **_ret,
+                                 goto fail;
+ 
+                         ptr = (uint16_t) (c & ~0xc0) << 8 | (uint16_t) d;
+-                        if (ptr < DNS_PACKET_HEADER_SIZE || ptr >= saved_rindex) {
++                        if (ptr < DNS_PACKET_HEADER_SIZE || ptr >= jump_barrier) {
+                                 r = -EBADMSG;
+                                 goto fail;
+                         }
+@@ -930,9 +931,13 @@ int dns_packet_read_name(DnsPacket *p, char **_ret,
+                         if (after_rindex == 0)
+                                 after_rindex = p->rindex;
+ 
++                        /* Jumps are limited to a "prior occurence" (RFC-1035 4.1.4) */
++                        jump_barrier = ptr;
+                         p->rindex = ptr;
+-                } else
++                } else {
++                        r = -EBADMSG;
+                         goto fail;
++                }
+         }
+ 
+         if (!GREEDY_REALLOC(ret, allocated, n + 1)) {
+diff --git a/src/resolve/resolved.c b/src/resolve/resolved.c
+index 7d258c9..6dd4cad 100644
+--- a/src/resolve/resolved.c
++++ b/src/resolve/resolved.c
+@@ -108,7 +108,7 @@ int main(int argc, char *argv[]) {
+ 
+ finish:
+         sd_notify(false,
+-                  "STOPPIN=1\n"
++                  "STOPPING=1\n"
+                   "STATUS=Shutting down...");
+ 
+         return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
+diff --git a/src/run/run.c b/src/run/run.c
+index e3b6293..dcefb5c 100644
+--- a/src/run/run.c
++++ b/src/run/run.c
+@@ -573,9 +573,12 @@ int main(int argc, char* argv[]) {
+         if (r <= 0)
+                 goto finish;
+ 
+-        r = find_binary(argv[optind], &command);
++        r = find_binary(argv[optind], arg_transport == BUS_TRANSPORT_LOCAL, &command);
+         if (r < 0) {
+-                log_error("Failed to find executable %s: %s", argv[optind], strerror(-r));
++                log_error("Failed to find executable %s%s: %s",
++                          argv[optind],
++                          arg_transport == BUS_TRANSPORT_LOCAL ? "" : " on local system",
++                          strerror(-r));
+                 goto finish;
+         }
+         argv[optind] = command;
+diff --git a/src/shared/install.c b/src/shared/install.c
+index 035b44c..cab93e8 100644
+--- a/src/shared/install.c
++++ b/src/shared/install.c
+@@ -1620,12 +1620,10 @@ int unit_file_enable(
+         STRV_FOREACH(i, files) {
+                 UnitFileState state;
+ 
++                /* We only want to know if this unit is masked, so we ignore
++                 * errors from unit_file_get_state, deferring other checks.
++                 * This allows templated units to be enabled on the fly. */
+                 state = unit_file_get_state(scope, root_dir, *i);
+-                if (state < 0) {
+-                        log_error("Failed to get unit file state for %s: %s", *i, strerror(-state));
+-                        return state;
+-                }
+-
+                 if (state == UNIT_FILE_MASKED || state == UNIT_FILE_MASKED_RUNTIME) {
+                         log_error("Failed to enable unit: Unit %s is masked", *i);
+                         return -ENOTSUP;
+diff --git a/src/shared/path-lookup.c b/src/shared/path-lookup.c
+index 8f75a8e..c800e01 100644
+--- a/src/shared/path-lookup.c
++++ b/src/shared/path-lookup.c
+@@ -86,17 +86,14 @@ static char** user_dirs(
+         const char * const config_unit_paths[] = {
+                 USER_CONFIG_UNIT_PATH,
+                 "/etc/systemd/user",
++                "/etc/systemd-mutable/user",
+                 NULL
+         };
+ 
+         const char * const runtime_unit_path = "/run/systemd/user";
+ 
+         const char * const data_unit_paths[] = {
+-                "/usr/local/lib/systemd/user",
+-                "/usr/local/share/systemd/user",
+                 USER_DATA_UNIT_PATH,
+-                "/usr/lib/systemd/user",
+-                "/usr/share/systemd/user",
+                 NULL
+         };
+ 
+@@ -260,13 +257,11 @@ int lookup_paths_init(
+                                         STRV_IFNOTNULL(generator_early),
+                                         USER_CONFIG_UNIT_PATH,
+                                         "/etc/systemd/user",
++                                        "/etc/systemd-mutable/user",
++                                        "/nix/var/nix/profiles/default/lib/systemd/user",
+                                         "/run/systemd/user",
+                                         STRV_IFNOTNULL(generator),
+-                                        "/usr/local/lib/systemd/user",
+-                                        "/usr/local/share/systemd/user",
+                                         USER_DATA_UNIT_PATH,
+-                                        "/usr/lib/systemd/user",
+-                                        "/usr/share/systemd/user",
+                                         STRV_IFNOTNULL(generator_late),
+                                         NULL);
+                 } else
+@@ -276,14 +271,11 @@ int lookup_paths_init(
+                                 STRV_IFNOTNULL(generator_early),
+                                 SYSTEM_CONFIG_UNIT_PATH,
+                                 "/etc/systemd/system",
++                                "/etc/systemd-mutable/system",
++                                "/nix/var/nix/profiles/default/lib/systemd/system",
+                                 "/run/systemd/system",
+                                 STRV_IFNOTNULL(generator),
+-                                "/usr/local/lib/systemd/system",
+                                 SYSTEM_DATA_UNIT_PATH,
+-                                "/usr/lib/systemd/system",
+-#ifdef HAVE_SPLIT_USR
+-                                "/lib/systemd/system",
+-#endif
+                                 STRV_IFNOTNULL(generator_late),
+                                 NULL);
+ 
+diff --git a/src/shared/path-util.c b/src/shared/path-util.c
+index 67566bc..be03695 100644
+--- a/src/shared/path-util.c
++++ b/src/shared/path-util.c
+@@ -563,11 +563,11 @@ int path_is_os_tree(const char *path) {
+         return r >= 0;
+ }
+ 
+-int find_binary(const char *name, char **filename) {
++int find_binary(const char *name, bool local, char **filename) {
+         assert(name);
+ 
+         if (is_path(name)) {
+-                if (access(name, X_OK) < 0)
++                if (local && access(name, X_OK) < 0)
+                         return -errno;
+ 
+                 if (filename) {
+@@ -657,7 +657,7 @@ int fsck_exists(const char *fstype) {
+ 
+         checker = strappenda("fsck.", fstype);
+ 
+-        r = find_binary(checker, &p);
++        r = find_binary(checker, true, &p);
+         if (r < 0)
+                 return r;
+ 
+diff --git a/src/shared/path-util.h b/src/shared/path-util.h
+index 8d171a5..bd0d324 100644
+--- a/src/shared/path-util.h
++++ b/src/shared/path-util.h
+@@ -55,7 +55,7 @@ int path_is_mount_point(const char *path, bool allow_symlink);
+ int path_is_read_only_fs(const char *path);
+ int path_is_os_tree(const char *path);
+ 
+-int find_binary(const char *name, char **filename);
++int find_binary(const char *name, bool local, char **filename);
+ 
+ bool paths_check_timestamp(const char* const* paths, usec_t *paths_ts_usec, bool update);
+ 
+diff --git a/src/shared/virt.c b/src/shared/virt.c
+index f9c4e67..f10baab 100644
+--- a/src/shared/virt.c
++++ b/src/shared/virt.c
+@@ -293,8 +293,26 @@ int detect_container(const char **id) {
+ 
+                 r = read_one_line_file("/run/systemd/container", &m);
+                 if (r == -ENOENT) {
+-                        r = 0;
+-                        goto finish;
++
++                        /* Fallback for cases where PID 1 was not
++                         * systemd (for example, cases where
++                         * init=/bin/sh is used. */
++
++                        r = getenv_for_pid(1, "container", &m);
++                        if (r <= 0) {
++
++                                /* If that didn't work, give up,
++                                 * assume no container manager.
++                                 *
++                                 * Note: This means we still cannot
++                                 * detect containers if init=/bin/sh
++                                 * is passed but privileges dropped,
++                                 * as /proc/1/environ is only readable
++                                 * with privileges. */
++
++                                r = 0;
++                                goto finish;
++                        }
+                 }
+                 if (r < 0)
+                         return r;
 diff --git a/src/systemctl/systemctl.c b/src/systemctl/systemctl.c
-index 28eaa6a..6292c09 100644
+index 28eaa6a..3866308 100644
 --- a/src/systemctl/systemctl.c
 +++ b/src/systemctl/systemctl.c
 @@ -2651,7 +2651,7 @@ static int start_unit_one(
@@ -82,6 +859,89 @@ index 28eaa6a..6292c09 100644
                          return log_oom();
          }
  
+@@ -6917,8 +6917,13 @@ done:
+ 
+ static int halt_now(enum action a) {
+ 
+-/* Make sure C-A-D is handled by the kernel from this
+-         * point on... */
++        /* The kernel will automaticall flush ATA disks and suchlike
++         * on reboot(), but the file systems need to be synce'd
++         * explicitly in advance. */
++        sync();
++
++        /* Make sure C-A-D is handled by the kernel from this point
++         * on... */
+         reboot(RB_ENABLE_CAD);
+ 
+         switch (a) {
+diff --git a/src/test/test-path-util.c b/src/test/test-path-util.c
+index 63d64b2..57264de 100644
+--- a/src/test/test-path-util.c
++++ b/src/test/test-path-util.c
+@@ -85,29 +85,30 @@ static void test_path(void) {
+         }
+ }
+ 
+-static void test_find_binary(const char *self) {
++static void test_find_binary(const char *self, bool local) {
+         char *p;
+ 
+-        assert_se(find_binary("/bin/sh", &p) == 0);
++        assert_se(find_binary("/bin/sh", local, &p) == 0);
+         puts(p);
+         assert_se(streq(p, "/bin/sh"));
+         free(p);
+ 
+-        assert_se(find_binary(self, &p) == 0);
++        assert_se(find_binary(self, local, &p) == 0);
+         puts(p);
+         assert_se(endswith(p, "/test-path-util"));
+         assert_se(path_is_absolute(p));
+         free(p);
+ 
+-        assert_se(find_binary("sh", &p) == 0);
++        assert_se(find_binary("sh", local, &p) == 0);
+         puts(p);
+         assert_se(endswith(p, "/sh"));
+         assert_se(path_is_absolute(p));
+         free(p);
+ 
+-        assert_se(find_binary("xxxx-xxxx", &p) == -ENOENT);
++        assert_se(find_binary("xxxx-xxxx", local, &p) == -ENOENT);
+ 
+-        assert_se(find_binary("/some/dir/xxxx-xxxx", &p) == -ENOENT);
++        assert_se(find_binary("/some/dir/xxxx-xxxx", local, &p) ==
++                  (local ? -ENOENT : 0));
+ }
+ 
+ static void test_prefixes(void) {
+@@ -244,7 +245,8 @@ static void test_strv_resolve(void) {
+ 
+ int main(int argc, char **argv) {
+         test_path();
+-        test_find_binary(argv[0]);
++        test_find_binary(argv[0], true);
++        test_find_binary(argv[0], false);
+         test_prefixes();
+         test_path_join();
+         test_fsck_exists();
+diff --git a/src/udev/udevd.c b/src/udev/udevd.c
+index 2e6c713..193702c 100644
+--- a/src/udev/udevd.c
++++ b/src/udev/udevd.c
+@@ -994,9 +994,9 @@ static void kernel_cmdline_options(struct udev *udev) {
+                         if (r < 0)
+                                 log_warning("Invalid udev.exec-delay ignored: %s", opt + 16);
+                 } else if (startswith(opt, "udev.event-timeout=")) {
+-                        r = safe_atou64(opt + 16, &arg_event_timeout_usec);
++                        r = safe_atou64(opt + 19, &arg_event_timeout_usec);
+                         if (r < 0) {
+-                                log_warning("Invalid udev.event-timeout ignored: %s", opt + 16);
++                                log_warning("Invalid udev.event-timeout ignored: %s", opt + 19);
+                                 break;
+                         }
+                         arg_event_timeout_usec *= USEC_PER_SEC;
 diff --git a/units/console-getty.service.m4.in b/units/console-getty.service.m4.in
 index 8ac51a4..cae9fb5 100644
 --- a/units/console-getty.service.m4.in
@@ -95,11 +955,14 @@ index 8ac51a4..cae9fb5 100644
  Restart=always
  RestartSec=0
 diff --git a/units/container-getty@.service.m4.in b/units/container-getty@.service.m4.in
-index 4f7794b..bad2a9a 100644
+index 4f7794b..6dfc2e9 100644
 --- a/units/container-getty@.service.m4.in
 +++ b/units/container-getty@.service.m4.in
-@@ -16,7 +16,6 @@ Before=getty.target
+@@ -14,9 +14,9 @@ After=rc-local.service
+ )m4_dnl
+ Before=getty.target
  IgnoreOnIsolate=yes
++ConditionPathExists=/dev/pts/%I
  
  [Service]
 -ExecStart=-/sbin/agetty --noclear --keep-baud pts/%I 115200,38400,9600 $TERM
@@ -216,25 +1079,34 @@ index ecf3de4..7e83446 100644
  ExecStop=@rootlibexecdir@/systemd-backlight save %i
 +X-RestartIfChanged=false
 diff --git a/units/systemd-journal-flush.service.in b/units/systemd-journal-flush.service.in
-index 699670b..2612220 100644
+index 699670b..ba22c6d 100644
 --- a/units/systemd-journal-flush.service.in
 +++ b/units/systemd-journal-flush.service.in
-@@ -10,8 +10,9 @@ Description=Trigger Flushing of Journal to Persistent Storage
+@@ -10,8 +10,10 @@ Description=Trigger Flushing of Journal to Persistent Storage
  Documentation=man:systemd-journald.service(8) man:journald.conf(5)
  DefaultDependencies=no
  Requires=systemd-journald.service
 -After=systemd-journald.service local-fs.target remote-fs.target
 +After=systemd-journald.service
++After=systemd-remount-fs.service
  Before=systemd-user-sessions.service systemd-tmpfiles-setup.service
 +RequiresMountsFor=/var/log/journal
  
  [Service]
  ExecStart=@rootbindir@/journalctl --flush
 diff --git a/units/systemd-journald.service.in b/units/systemd-journald.service.in
-index 4de38fa..4b6daea 100644
+index 4de38fa..2f23c13 100644
 --- a/units/systemd-journald.service.in
 +++ b/units/systemd-journald.service.in
-@@ -26,3 +26,8 @@ WatchdogSec=1min
+@@ -14,6 +14,7 @@ After=systemd-journald.socket systemd-journald-dev-log.socket syslog.socket
+ Before=sysinit.target
+ 
+ [Service]
++Type=notify
+ Sockets=systemd-journald.socket systemd-journald-dev-log.socket
+ ExecStart=@rootlibexecdir@/systemd-journald
+ Restart=always
+@@ -26,3 +27,8 @@ WatchdogSec=1min
  # Increase the default a bit in order to allow many simultaneous
  # services being run since we keep one fd open per service.
  LimitNOFILE=16384
diff --git a/pkgs/os-specific/linux/systemd/systemd-journald-type-notify.patch b/pkgs/os-specific/linux/systemd/systemd-journald-type-notify.patch
deleted file mode 100644
index 820b23fbfa2..00000000000
--- a/pkgs/os-specific/linux/systemd/systemd-journald-type-notify.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-From a87a38c20196a4aeb56b6ba71d688eefd0b21c30 Mon Sep 17 00:00:00 2001
-From: Michal Schmidt <mschmidt@redhat.com>
-Date: Tue, 4 Nov 2014 20:28:08 +0100
-Subject: [PATCH] units: make systemd-journald.service Type=notify
-
-It already calls sd_notify(), so it looks like an oversight.
-
-Without it, its ordering to systemd-journal-flush.service is
-non-deterministic and the SIGUSR1 from flushing may kill journald before
-it has its signal handlers set up.
-
-https://bugs.freedesktop.org/show_bug.cgi?id=85871
-https://bugzilla.redhat.com/show_bug.cgi?id=1159641
----
-(foutrelis: dropped systemd-journald-audit.socket from Sockets= in order to
-            apply to systemd 217)
-
- units/systemd-journald.service.in | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/units/systemd-journald.service.in b/units/systemd-journald.service.in
-index 7ee67fd..8d380c8 100644
---- a/units/systemd-journald.service.in
-+++ b/units/systemd-journald.service.in
-@@ -14,6 +14,7 @@ After=systemd-journald.socket systemd-journald-dev-log.socket systemd-journald-a
- Before=sysinit.target
- 
- [Service]
-+Type=notify
- Sockets=systemd-journald.socket systemd-journald-dev-log.socket
- ExecStart=@rootlibexecdir@/systemd-journald
- Restart=always
--- 
-2.1.3
-
diff --git a/pkgs/os-specific/linux/v86d/default.nix b/pkgs/os-specific/linux/v86d/default.nix
index 2ad3087d6a1..f7e0c5ca5e2 100644
--- a/pkgs/os-specific/linux/v86d/default.nix
+++ b/pkgs/os-specific/linux/v86d/default.nix
@@ -25,7 +25,7 @@ stdenv.mkDerivation rec {
   meta = {
     description = "A userspace helper that runs x86 code in an emulated environment";
     homepage = http://dev.gentoo.org/~spock/projects/uvesafb/;
-    license = "BSD";
+    license = stdenv.lib.licenses.gpl2;
     platforms = [ "i686-linux" "x86_64-linux" ];
   };
 }

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-08 12:11:07 +0000