diff options
author | Vladimír Čunát <vcunat@gmail.com> | 2015-10-03 13:33:13 +0200 |
---|---|---|
committer | Vladimír Čunát <vcunat@gmail.com> | 2015-10-03 13:33:37 +0200 |
commit | 5227fb1dd53fcb5918b9342dff4868f4ad68427e (patch) | |
tree | d6cd521e3f67944031216a27f740f28f22b73b41 /pkgs/os-specific | |
parent | d6dd3b8bd1eaeeb21dfdb5051cd4732c748ce5d7 (diff) | |
parent | 33373d939a19f465228ddede6d38ce9032b5916b (diff) | |
download | nixpkgs-5227fb1dd53fcb5918b9342dff4868f4ad68427e.tar nixpkgs-5227fb1dd53fcb5918b9342dff4868f4ad68427e.tar.gz nixpkgs-5227fb1dd53fcb5918b9342dff4868f4ad68427e.tar.bz2 nixpkgs-5227fb1dd53fcb5918b9342dff4868f4ad68427e.tar.lz nixpkgs-5227fb1dd53fcb5918b9342dff4868f4ad68427e.tar.xz nixpkgs-5227fb1dd53fcb5918b9342dff4868f4ad68427e.tar.zst nixpkgs-5227fb1dd53fcb5918b9342dff4868f4ad68427e.zip |
Merge commit staging+systemd into closure-size
Many non-conflict problems weren't (fully) resolved in this commit yet.
Diffstat (limited to 'pkgs/os-specific')
245 files changed, 5746 insertions, 2834 deletions
diff --git a/pkgs/os-specific/darwin/adv_cmds/ps.nix b/pkgs/os-specific/darwin/adv_cmds/ps.nix deleted file mode 100644 index c3d3d158862..00000000000 --- a/pkgs/os-specific/darwin/adv_cmds/ps.nix +++ /dev/null @@ -1,35 +0,0 @@ -{ stdenv, fetchurl }: - -stdenv.mkDerivation rec { - name = "ps-${version}"; - version = "153"; - - src = fetchurl { - url = "http://opensource.apple.com/tarballs/adv_cmds/adv_cmds-${version}.tar.gz"; - sha256 = "174v6a4zkcm2pafzgdm6kvs48z5f911zl7k49hv7kjq6gm58w99v"; - }; - - buildPhase = '' - cd ps - cc -Os -Wall -I. -c -o fmt.o fmt.c - cc -Os -Wall -I. -c -o keyword.o keyword.c - cc -Os -Wall -I. -c -o nlist.o nlist.c - cc -Os -Wall -I. -c -o print.o print.c - cc -Os -Wall -I. -c -o ps.o ps.c - cc -Os -Wall -I. -c -o tasks.o tasks.c - cc -o ps fmt.o keyword.o nlist.o print.o ps.o tasks.o - ''; - - installPhase = '' - mkdir -p $out/bin $out/share/man/man1 - - cp ps $out/bin/ps - cp ps.1 $out/share/man/man1 - ''; - - - meta = { - platforms = stdenv.lib.platforms.darwin; - maintainers = with stdenv.lib.maintainers; [ gridaphobe ]; - }; -} diff --git a/pkgs/os-specific/darwin/apple-sdk/default.nix b/pkgs/os-specific/darwin/apple-sdk/default.nix new file mode 100644 index 00000000000..7bdff59c5ae --- /dev/null +++ b/pkgs/os-specific/darwin/apple-sdk/default.nix @@ -0,0 +1,162 @@ +{ stdenv, fetchurl, xar, gzip, cpio, CF }: + +let + # sadly needs to be exported because security_tool needs it + sdk = stdenv.mkDerivation rec { + version = "10.9"; + name = "MacOS_SDK-${version}"; + + src = fetchurl { + url = "http://swcdn.apple.com/content/downloads/27/02/031-06182/xxog8vxu8i6af781ivf4uhy6yt1lslex34/DevSDK_OSX109.pkg"; + sha256 = "16b7aplha5573yl1d44nl2yxzp0w2hafihbyh7930wrcvba69iy4"; + }; + + buildInputs = [ xar gzip cpio ]; + + phases = [ "unpackPhase" "installPhase" "fixupPhase" ]; + + unpackPhase = '' + xar -x -f $src + ''; + + installPhase = '' + start="$(pwd)" + mkdir -p $out + cd $out + cat $start/Payload | gzip -d | cpio -idm + + mv usr/* . + rmdir usr + + mv System/* . + rmdir System + + cd Library/Frameworks/QuartzCore.framework/Versions/A/Headers + for file in CI*.h; do + rm $file + ln -s ../Frameworks/CoreImage.framework/Versions/A/Headers/$file + done + ''; + + meta = with stdenv.lib; { + description = "Apple SDK ${version}"; + maintainers = with maintainers; [ copumpkin ]; + platforms = platforms.darwin; + }; + }; + + framework = name: deps: stdenv.mkDerivation { + name = "apple-framework-${name}"; + + phases = [ "installPhase" "fixupPhase" ]; + + installPhase = '' + linkFramework() { + local path="$1" + local dest="$out/Library/Frameworks/$path" + local name="$(basename "$path" .framework)" + local current="$(readlink "/System/Library/Frameworks/$path/Versions/Current")" + + mkdir -p "$dest" + pushd "$dest" >/dev/null + + ln -s "${sdk}/Library/Frameworks/$path/Versions/$current/Headers" + ln -s -L "/System/Library/Frameworks/$path/Versions/$current/$name" + ln -s -L "/System/Library/Frameworks/$path/Versions/$current/Resources" + + if [ -f "/System/Library/Frameworks/$path/module.map" ]; then + ln -s "/System/Library/Frameworks/$path/module.map" + fi + + pushd "${sdk}/Library/Frameworks/$path/Versions/$current" >/dev/null + local children=$(echo Frameworks/*.framework) + popd >/dev/null + + for child in $children; do + childpath="$path/Versions/$current/$child" + linkFramework "$childpath" + done + + if [ -d "$dest/Versions/$current" ]; then + mv $dest/Versions/$current/* . + fi + + popd >/dev/null + } + + linkFramework "${name}.framework" + ''; + + propagatedBuildInputs = deps; + + # Not going to bother being more precise than this... + __propagatedImpureHostDeps = (import ./impure-deps.nix).${name}; + + meta = with stdenv.lib; { + description = "Apple SDK framework ${name}"; + maintainers = with maintainers; [ copumpkin ]; + platforms = platforms.darwin; + }; + }; +in rec { + libs = { + xpc = stdenv.mkDerivation { + name = "apple-lib-xpc"; + phases = [ "installPhase" "fixupPhase" ]; + + installPhase = '' + mkdir -p $out/include + pushd $out/include >/dev/null + ln -s "${sdk}/include/xpc" + popd >/dev/null + ''; + }; + + Xplugin = stdenv.mkDerivation { + name = "apple-lib-Xplugin"; + phases = [ "installPhase" "fixupPhase" ]; + + # Not enough + __propagatedImpureHostDeps = [ "/usr/lib/libXplugin.1.dylib" ]; + + propagatedBuildInputs = with frameworks; [ + OpenGL ApplicationServices Carbon IOKit CF CoreGraphics CoreServices CoreText + ]; + + installPhase = '' + mkdir -p $out/include $out/lib + ln -s "${sdk}/include/Xplugin.h" $out/include/Xplugin.h + ln -s "/usr/lib/libXplugin.1.dylib" $out/lib/libXplugin.dylib + ''; + }; + + utmp = stdenv.mkDerivation { + name = "apple-lib-utmp"; + phases = [ "installPhase" "fixupPhase" ]; + + installPhase = '' + mkdir -p $out/include + pushd $out/include >/dev/null + ln -s "${sdk}/include/utmp.h" + ln -s "${sdk}/include/utmpx.h" + popd >/dev/null + ''; + }; + }; + + overrides = super: { + QuartzCore = stdenv.lib.overrideDerivation super.QuartzCore (drv: { + installPhase = drv.installPhase + '' + f="$out/Library/Frameworks/QuartzCore.framework/Headers/CoreImage.h" + substituteInPlace "$f" \ + --replace "QuartzCore/../Frameworks/CoreImage.framework/Headers" "CoreImage" + ''; + }); + }; + + bareFrameworks = stdenv.lib.mapAttrs framework (import ./frameworks.nix { inherit frameworks libs CF; }); + + frameworks = bareFrameworks // overrides bareFrameworks; + + inherit sdk; +} diff --git a/pkgs/os-specific/darwin/apple-sdk/frameworks.nix b/pkgs/os-specific/darwin/apple-sdk/frameworks.nix new file mode 100644 index 00000000000..3889ba211a4 --- /dev/null +++ b/pkgs/os-specific/darwin/apple-sdk/frameworks.nix @@ -0,0 +1,119 @@ +# Current as of 10.9 +# Epic weird knot-tying happening here. +# TODO: clean up the process for generating this and include it + +{ frameworks, libs, CF }: + +with frameworks; with libs; { + AGL = [ Carbon OpenGL ]; + AVFoundation = [ ApplicationServices CoreGraphics ]; + AVKit = []; + Accounts = []; + AddressBook = [ Carbon CF ]; + AppKit = [ AudioToolbox QuartzCore ]; + AppKitScripting = []; + AppleScriptKit = []; + AppleScriptObjC = []; + AppleShareClientCore = [ CoreServices ]; + AudioToolbox = [ AudioUnit CoreAudio CF CoreMIDI ]; + AudioUnit = [ Carbon CoreAudio CF ]; + AudioVideoBridging = [ Foundation ]; + Automator = []; + CFNetwork = [ CF ]; + CalendarStore = []; + Cocoa = []; + Collaboration = []; + CoreAudio = [ CF IOKit ]; + CoreAudioKit = [ AudioUnit ]; + CoreData = []; + CoreGraphics = [ Accelerate CF IOKit IOSurface SystemConfiguration ]; + CoreLocation = []; + CoreMIDI = [ CF ]; + CoreMIDIServer = []; + CoreMedia = [ ApplicationServices AudioToolbox CoreAudio CF CoreGraphics CoreVideo ]; + CoreMediaIO = [ CF CoreMedia ]; + CoreText = [ CF CoreGraphics ]; + CoreVideo = [ ApplicationServices CF CoreGraphics IOSurface OpenGL ]; + CoreWLAN = [ SecurityFoundation ]; + DVComponentGlue = [ CoreServices QuickTime ]; + DVDPlayback = []; + DirectoryService = [ CF ]; + DiscRecording = [ CF CoreServices IOKit ]; + DiscRecordingUI = []; + DiskArbitration = [ CF IOKit ]; + DrawSprocket = [ Carbon ]; + EventKit = []; + ExceptionHandling = []; + FWAUserLib = []; + ForceFeedback = [ CF IOKit ]; + Foundation = [ CF Security ApplicationServices AppKit SystemConfiguration ]; + GLKit = [ CF ]; + GLUT = [ GL OpenGL ]; + GSS = []; + GameController = []; + GameKit = [ Foundation ]; + ICADevices = [ Carbon CF IOBluetooth ]; + IMServicePlugIn = []; + IOBluetoothUI = [ IOBluetooth ]; + IOKit = [ CF ]; + IOSurface = [ CF IOKit xpc ]; + ImageCaptureCore = []; + ImageIO = [ CF CoreGraphics ]; + InputMethodKit = [ Carbon ]; + InstallerPlugins = []; + InstantMessage = []; + JavaFrameEmbedding = []; + JavaScriptCore = [ CF ]; + Kerberos = []; + Kernel = [ CF IOKit ]; + LDAP = []; + LatentSemanticMapping = [ Carbon CF ]; + MapKit = []; + MediaAccessibility = [ CF CoreGraphics CoreText QuartzCore ]; + MediaToolbox = [ AudioToolbox CF CoreMedia ]; + NetFS = [ CF ]; + OSAKit = [ Carbon ]; + OpenAL = []; + OpenCL = [ IOSurface OpenGL ]; + OpenGL = []; + PCSC = [ CoreData ]; + PreferencePanes = []; + PubSub = []; + Python = [ ApplicationServices ]; + QTKit = [ CoreMediaIO CoreMedia MediaToolbox QuickTime VideoToolbox ]; + QuickLook = [ ApplicationServices CF ]; + QuickTime = [ ApplicationServices AudioUnit Carbon CoreAudio CoreServices OpenGL QuartzCore ]; + Ruby = []; + RubyCocoa = []; + SceneKit = []; + ScreenSaver = []; + Scripting = []; + ScriptingBridge = []; + Security = [ CF IOKit ]; + SecurityFoundation = []; + SecurityInterface = [ Security ]; + ServiceManagement = [ CF Security ]; + Social = []; + SpriteKit = []; + StoreKit = []; + SyncServices = []; + SystemConfiguration = [ CF Security ]; + TWAIN = [ Carbon ]; + Tcl = []; + Tk = [ ApplicationServices Carbon X11 ]; + VideoDecodeAcceleration = [ CF CoreVideo ]; + VideoToolbox = [ CF CoreMedia CoreVideo ]; + WebKit = [ ApplicationServices Carbon JavaScriptCore OpenGL ]; + + # Umbrellas + Accelerate = [ CoreWLAN IOBluetooth ]; + ApplicationServices = [ CF CoreServices CoreText ImageIO ]; + Carbon = [ ApplicationServices CF CoreServices IOKit Security QuartzCore ]; + CoreBluetooth = []; + CoreServices = [ CFNetwork CoreAudio CoreData CF DiskArbitration Security NetFS OpenDirectory ServiceManagement ]; + IOBluetooth = [ IOKit ]; + JavaVM = []; + OpenDirectory = []; + Quartz = [ QuickLook QTKit ]; + QuartzCore = [ ApplicationServices CF CoreVideo OpenCL ]; +} diff --git a/pkgs/os-specific/darwin/apple-sdk/impure-deps.nix b/pkgs/os-specific/darwin/apple-sdk/impure-deps.nix new file mode 100644 index 00000000000..13bc3fbb690 --- /dev/null +++ b/pkgs/os-specific/darwin/apple-sdk/impure-deps.nix @@ -0,0 +1,249 @@ +rec { + CFNetwork = [ + "/System/Library/Frameworks/CFNetwork.framework" + "/usr/lib/libsqlite3.dylib" + "/usr/lib/libxml2.2.dylib" + ]; + IOKit = [ + "/System/Library/Frameworks/IOKit.framework" + ]; + JavaScriptCore = [ + "/System/Library/Frameworks/JavaScriptCore.framework" + ]; + QuickLook = [ + "/System/Library/Frameworks/QuickLook.framework" + ]; + Quartz = [ + "/System/Library/Frameworks/Quartz.framework" + "/System/Library/PrivateFrameworks/AppleSystemInfo.framework/Versions/A/AppleSystemInfo" + "/System/Library/PrivateFrameworks/CorePDF.framework/Versions/A/CorePDF" + "/usr/lib/libspindump.dylib" + ]; + ImageCaptureCore = [ + "/System/Library/Frameworks/ImageCaptureCore.framework" + ]; + VideoToolbox = [ + "/System/Library/Frameworks/VideoToolbox.framework" + "/System/Library/PrivateFrameworks/AppleVA.framework/Versions/A/AppleVA" + ]; + QuickTime = [ + "/System/Library/Frameworks/QuickTime.framework" + ]; + CoreMedia = [ + "/System/Library/Frameworks/CoreMedia.framework" + ]; + CoreMediaIO = [ + "/System/Library/Frameworks/CoreMediaIO.framework" + "/System/Library/PrivateFrameworks/AppSandbox.framework/Versions/A/AppSandbox" + "/System/Library/PrivateFrameworks/AppContainer.framework/Versions/A/AppContainer" + "/System/Library/PrivateFrameworks/SecCodeWrapper.framework/Versions/A/SecCodeWrapper" + "/System/Library/PrivateFrameworks/XPCService.framework/Versions/A/XPCService" + "/usr/lib/libsandbox.1.dylib" + "/usr/lib/libMatch.1.dylib" + ]; + MediaToolbox = [ + "/System/Library/Frameworks/MediaToolbox.framework" + "/System/Library/PrivateFrameworks/CoreAUC.framework/Versions/A/CoreAUC" + "/System/Library/PrivateFrameworks/NetworkStatistics.framework/Versions/A/NetworkStatistics" + ]; + QTKit = [ + "/System/Library/Frameworks/QTKit.framework" + "/System/Library/PrivateFrameworks/CoreMediaAuthoring.framework/Versions/A/CoreMediaAuthoring" + ]; + OSAKit = [ + "/System/Library/Frameworks/OSAKit.framework" + "/usr/lib/libexslt.0.dylib" + ]; + WebKit = [ + "/System/Library/Frameworks/WebKit.framework" + ]; + DiskArbitration = [ + "/System/Library/Frameworks/DiskArbitration.framework" + ]; + Security = [ + "/System/Library/Frameworks/Security.framework" + "/usr/lib/libbsm.0.dylib" + "/usr/lib/libbz2.1.0.dylib" + "/usr/lib/libpam.2.dylib" + "/usr/lib/libxar.1.dylib" + "/usr/lib/libxml2.2.dylib" + "/usr/lib/libsqlite3.dylib" + ]; + GSS = [ + "/System/Library/Frameworks/GSS.framework" + ]; + Kerberos = [ + "/System/Library/Frameworks/Kerberos.framework" + ]; + CoreServices = [ + "/System/Library/Frameworks/CoreServices.framework" + "/System/Library/PrivateFrameworks/DataDetectorsCore.framework/Versions/A/DataDetectorsCore" + "/System/Library/PrivateFrameworks/TCC.framework/Versions/A/TCC" + "/System/Library/PrivateFrameworks/LanguageModeling.framework/Versions/A/LanguageModeling" + "/usr/lib/libmecabra.dylib" + "/usr/lib/libcmph.dylib" + "/usr/lib/libiconv.2.dylib" + "/usr/lib/libxslt.1.dylib" + ] ++ Foundation; + IOSurface = [ + "/System/Library/Frameworks/IOSurface.framework" + ]; + CoreGraphics = [ + "/System/Library/Frameworks/CoreGraphics.framework" + "/System/Library/PrivateFrameworks/MultitouchSupport.framework/Versions/A/MultitouchSupport" + "/usr/lib/libbsm.0.dylib" + "/usr/lib/libz.1.dylib" + ]; + CoreText = [ + "/System/Library/Frameworks/CoreText.framework" + ]; + ImageIO = [ + "/System/Library/Frameworks/ImageIO.framework" + ]; + ApplicationServices = [ + "/System/Library/Frameworks/ApplicationServices.framework" + "/usr/lib/libcups.2.dylib" + "/usr/lib/libresolv.9.dylib" + ] ++ AudioToolbox; + OpenGL = [ + "/System/Library/Frameworks/OpenGL.framework" + ]; + CoreVideo = [ + "/System/Library/Frameworks/CoreVideo.framework" + ]; + QuartzCore = [ + "/System/Library/Frameworks/QuartzCore.framework" + "/System/Library/PrivateFrameworks/CrashReporterSupport.framework/Versions/A/CrashReporterSupport" + ]; + PCSC = [ + "/System/Library/Frameworks/PCSC.framework" + ]; + AppKit = [ + "/System/Library/Frameworks/AppKit.framework" + "/System/Library/PrivateFrameworks/Apple80211.framework/Versions/A/Apple80211" + "/System/Library/PrivateFrameworks/AppleJPEG.framework/Versions/A/AppleJPEG" + "/System/Library/PrivateFrameworks/AppleVPA.framework/Versions/A/AppleVPA" + "/System/Library/PrivateFrameworks/Backup.framework/Versions/A/Backup" + "/System/Library/PrivateFrameworks/ChunkingLibrary.framework/Versions/A/ChunkingLibrary" + "/System/Library/PrivateFrameworks/CommonAuth.framework/Versions/A/CommonAuth" + "/System/Library/PrivateFrameworks/CoreSymbolication.framework/Versions/A/CoreSymbolication" + "/System/Library/PrivateFrameworks/CoreUI.framework/Versions/A/CoreUI" + "/System/Library/PrivateFrameworks/CoreWiFi.framework/Versions/A/CoreWiFi" + "/System/Library/PrivateFrameworks/CrashReporterSupport.framework/Versions/A/CrashReporterSupport" + "/System/Library/PrivateFrameworks/DataDetectorsCore.framework/Versions/A/DataDetectorsCore" + "/System/Library/PrivateFrameworks/DebugSymbols.framework/Versions/A/DebugSymbols" + "/System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Versions/A/DesktopServicesPriv" + "/System/Library/PrivateFrameworks/FaceCore.framework/Versions/A/FaceCore" + "/System/Library/PrivateFrameworks/GenerationalStorage.framework/Versions/A/GenerationalStorage" + "/System/Library/PrivateFrameworks/Heimdal.framework/Heimdal" + "/System/Library/PrivateFrameworks/Heimdal.framework/Versions/Current" + "/System/Library/PrivateFrameworks/Heimdal.framework/Versions/A/Heimdal" + "/System/Library/PrivateFrameworks/IconServices.framework/Versions/A/IconServices" + "/System/Library/PrivateFrameworks/LanguageModeling.framework/Versions/A/LanguageModeling" + "/System/Library/PrivateFrameworks/MultitouchSupport.framework/Versions/A/MultitouchSupport" + "/System/Library/PrivateFrameworks/NetAuth.framework/Versions/A/NetAuth" + "/System/Library/PrivateFrameworks/PerformanceAnalysis.framework/Versions/A/PerformanceAnalysis" + "/System/Library/PrivateFrameworks/RemoteViewServices.framework/Versions/A/RemoteViewServices" + "/System/Library/PrivateFrameworks/Sharing.framework/Versions/A/Sharing" + "/System/Library/PrivateFrameworks/SpeechRecognitionCore.framework/Versions/A/SpeechRecognitionCore" + "/System/Library/PrivateFrameworks/Symbolication.framework/Versions/A/Symbolication" + "/System/Library/PrivateFrameworks/TCC.framework/Versions/A/TCC" + "/System/Library/PrivateFrameworks/UIFoundation.framework/Versions/A/UIFoundation" + "/System/Library/PrivateFrameworks/Ubiquity.framework/Versions/A/Ubiquity" + "/System/Library/PrivateFrameworks/login.framework/Versions/A/Frameworks/loginsupport.framework/Versions/A/loginsupport" + "/usr/lib/libCRFSuite.dylib" + "/usr/lib/libOpenScriptingUtil.dylib" + "/usr/lib/libarchive.2.dylib" + "/usr/lib/libbsm.0.dylib" + "/usr/lib/libbz2.1.0.dylib" + "/usr/lib/libc++.1.dylib" + "/usr/lib/libc++abi.dylib" + "/usr/lib/libcmph.dylib" + "/usr/lib/libcups.2.dylib" + "/usr/lib/libextension.dylib" + "/usr/lib/libheimdal-asn1.dylib" + "/usr/lib/libiconv.2.dylib" + "/usr/lib/libicucore.A.dylib" + "/usr/lib/liblangid.dylib" + "/usr/lib/liblzma.5.dylib" + "/usr/lib/libmecabra.dylib" + "/usr/lib/libpam.2.dylib" + "/usr/lib/libresolv.9.dylib" + "/usr/lib/libsqlite3.dylib" + "/usr/lib/libxar.1.dylib" + "/usr/lib/libxml2.2.dylib" + "/usr/lib/libxslt.1.dylib" + "/usr/lib/libz.1.dylib" + ]; + Foundation = [ + "/System/Library/Frameworks/Foundation.framework" + "/usr/lib/libextension.dylib" + "/usr/lib/libarchive.2.dylib" + "/usr/lib/liblzma.5.dylib" + "/usr/lib/liblangid.dylib" + "/usr/lib/libCRFSuite.dylib" + ]; + CoreData = [ + "/System/Library/Frameworks/CoreData.framework" + ]; + Cocoa = [ + "/System/Library/Frameworks/Cocoa.framework" + "/System/Library/PrivateFrameworks/UIFoundation.framework/Versions/A/UIFoundation" + "/System/Library/PrivateFrameworks/UIFoundation.framework/Versions/A" + ]; + Carbon = [ + "/System/Library/Frameworks/Carbon.framework" + "/System/Library/PrivateFrameworks/CoreUI.framework/Versions/A/CoreUI" + "/System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Versions/A/DesktopServicesPriv" + "/System/Library/PrivateFrameworks/IconServices.framework/Versions/A/IconServices" + "/System/Library/PrivateFrameworks/ChunkingLibrary.framework/Versions/A/ChunkingLibrary" + "/System/Library/PrivateFrameworks/Ubiquity.framework/Versions/A/Ubiquity" + "/System/Library/PrivateFrameworks/Sharing.framework/Versions/A/Sharing" + "/System/Library/PrivateFrameworks/Apple80211.framework/Versions/A/Apple80211" + "/System/Library/PrivateFrameworks/GenerationalStorage.framework/Versions/A/GenerationalStorage" + ]; + CoreAudio = [ + "/System/Library/Frameworks/CoreAudio.framework" + ]; + AudioUnit = [ + "/System/Library/Frameworks/AudioUnit.framework" + ]; + CoreMIDI = [ + "/System/Library/Frameworks/CoreMIDI.framework" + ]; + AudioToolbox = [ + "/System/Library/Frameworks/AudioToolbox.framework" + ]; + SystemConfiguration = [ + "/System/Library/Frameworks/SystemConfiguration.framework" + ]; + NetFS = [ + "/System/Library/Frameworks/NetFS.framework" + "/System/Library/PrivateFrameworks/NetAuth.framework/Versions/A/NetAuth" + "/System/Library/PrivateFrameworks/login.framework/Versions/A/Frameworks/loginsupport.framework/Versions/A/loginsupport" + ]; + Accelerate = [ + "/System/Library/Frameworks/Accelerate.framework" + ]; + OpenDirectory = [ + "/System/Library/Frameworks/OpenDirectory.framework" + ]; + ServiceManagement = [ + "/System/Library/Frameworks/ServiceManagement.framework" + ]; + OpenCL = [ + "/System/Library/Frameworks/OpenCL.framework" + ]; + CoreWLAN = [ + "/System/Library/Frameworks/CoreWLAN.framework" + ]; + IOBluetooth = [ + "/System/Library/Frameworks/IOBluetooth.framework" + ] ++ AudioUnit ++ CoreBluetooth; + CoreBluetooth = [ + "/System/Library/Frameworks/CoreBluetooth.framework" + ]; + SecurityFoundation = [ + "/System/Library/Frameworks/SecurityFoundation.framework" + ]; +} diff --git a/pkgs/os-specific/darwin/apple-source-releases/CF/cf-bridging.patch b/pkgs/os-specific/darwin/apple-source-releases/CF/cf-bridging.patch new file mode 100644 index 00000000000..068a6311a9c --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/CF/cf-bridging.patch @@ -0,0 +1,39 @@ +diff --git a/CFBase.h b/CFBase.h +index ffddd2b..e5a926b 100644 +--- a/CFBase.h ++++ b/CFBase.h +@@ -249,6 +249,33 @@ CF_EXTERN_C_BEGIN + #endif + #endif + ++#if __has_attribute(objc_bridge) && __has_feature(objc_bridge_id) && __has_feature(objc_bridge_id_on_typedefs) ++ ++#ifdef __OBJC__ ++@class NSArray; ++@class NSAttributedString; ++@class NSString; ++@class NSNull; ++@class NSCharacterSet; ++@class NSData; ++@class NSDate; ++@class NSTimeZone; ++@class NSDictionary; ++@class NSError; ++@class NSLocale; ++@class NSNumber; ++@class NSSet; ++@class NSURL; ++#endif ++ ++#define CF_BRIDGED_TYPE(T) __attribute__((objc_bridge(T))) ++#define CF_BRIDGED_MUTABLE_TYPE(T) __attribute__((objc_bridge_mutable(T))) ++#define CF_RELATED_TYPE(T,C,I) __attribute__((objc_bridge_related(T,C,I))) ++#else ++#define CF_BRIDGED_TYPE(T) ++#define CF_BRIDGED_MUTABLE_TYPE(T) ++#define CF_RELATED_TYPE(T,C,I) ++#endif + + CF_EXPORT double kCFCoreFoundationVersionNumber; + + diff --git a/pkgs/os-specific/darwin/apple-source-releases/CF/default.nix b/pkgs/os-specific/darwin/apple-source-releases/CF/default.nix index 3d4ac89e0a7..ba97aa4a1fc 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/CF/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/CF/default.nix @@ -1,9 +1,21 @@ { stdenv, appleDerivation, icu, dyld, libdispatch, launchd, libclosure }: +# this project uses blocks, a clang-only extension +assert stdenv.cc.isClang; + appleDerivation { buildInputs = [ dyld icu libdispatch launchd libclosure ]; - patches = [ ./add-cf-initialize.patch ./add-cfmachport.patch ]; + patches = [ ./add-cf-initialize.patch ./add-cfmachport.patch ./cf-bridging.patch ]; + + # CFAttributedString.h is in the SDK only, not on opensource.apple.com or github + __propagatedImpureHostDeps = [ + "/System/Library/Frameworks/CoreFoundation.framework" + "/usr/lib/libc++.1.dylib" + "/usr/lib/libc++abi.dylib" + "/usr/lib/libicucore.A.dylib" + "/usr/lib/libz.1.dylib" + ]; preBuild = '' substituteInPlace Makefile \ @@ -35,6 +47,16 @@ appleDerivation { ''; postInstall = '' + # gross! convince apple to release these as part of CF + cp /System/Library/Frameworks/CoreFoundation.framework/Headers/{CFAttributedString,CFNotificationCenter}.h \ + "$out/System/Library/Frameworks/CoreFoundation.framework/Headers" + + cat >> $out/System/Library/Frameworks/CoreFoundation.framework/Headers/CoreFoundation.h <<EOF + /* extra private system files [IMPURE] */ + #include <CoreFoundation/CFAttributedString.h> + #include <CoreFoundation/CFNotificationCenter.h> + EOF + mv $out/System/* $out rmdir $out/System ''; diff --git a/pkgs/os-specific/darwin/apple-source-releases/Libsystem/default.nix b/pkgs/os-specific/darwin/apple-source-releases/Libsystem/default.nix index ecab0941332..108b430d783 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/Libsystem/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/Libsystem/default.nix @@ -34,7 +34,9 @@ appleDerivation rec { "system_platform" "system_pthread" "system_sandbox" - "system_stats" + # does not exist in El Capitan beta + # FIXME: does anything on yosemite actually need this? + # "system_stats" "unc" "unwind" "xpc" diff --git a/pkgs/os-specific/darwin/apple-source-releases/adv_cmds/default.nix b/pkgs/os-specific/darwin/apple-source-releases/adv_cmds/default.nix index db467254f17..4bc3a7a7fa4 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/adv_cmds/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/adv_cmds/default.nix @@ -2,10 +2,8 @@ appleDerivation { # Will override the name until we provide all of adv_cmds - name = "ps-${version}"; - buildPhase = '' - cd ps + pushd ps cc -Os -Wall -I. -c -o fmt.o fmt.c cc -Os -Wall -I. -c -o keyword.o keyword.c cc -Os -Wall -I. -c -o nlist.o nlist.c @@ -13,13 +11,20 @@ appleDerivation { cc -Os -Wall -I. -c -o ps.o ps.c cc -Os -Wall -I. -c -o tasks.o tasks.c cc -o ps fmt.o keyword.o nlist.o print.o ps.o tasks.o + popd + + pushd locale + c++ -o locale locale.cc + popd ''; installPhase = '' mkdir -p $out/bin $out/share/man/man1 - cp ps $out/bin/ps - cp ps.1 $out/share/man/man1 + cp ps/ps $out/bin/ps + cp ps/ps.1 $out/share/man/man1 + cp locale/locale $out/bin/locale + cp locale/locale.1 $out/share/man/man1 ''; diff --git a/pkgs/os-specific/darwin/apple-source-releases/configd/default.nix b/pkgs/os-specific/darwin/apple-source-releases/configd/default.nix index 3427081bfaa..8687f3fe532 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/configd/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/configd/default.nix @@ -1,6 +1,8 @@ { stdenv, appleDerivation, launchd, bootstrap_cmds, xnu, ppp, IOKit, eap8021x, Security }: appleDerivation { + meta.broken = stdenv.cc.nativeLibc; + buildInputs = [ launchd bootstrap_cmds xnu ppp IOKit eap8021x ]; propagatedBuildInputs = [ Security ]; diff --git a/pkgs/os-specific/darwin/apple-source-releases/default.nix b/pkgs/os-specific/darwin/apple-source-releases/default.nix index 92ee9e52726..43698629a46 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/default.nix @@ -6,19 +6,24 @@ let inherit sha256; }; + appleDerivation_ = name: version: sha256: attrs: stdenv.mkDerivation ({ + inherit version; + name = "${name}-${version}"; + } // (if attrs ? srcs then {} else { + src = fetchApple version sha256 name; + }) // attrs); + applePackage = namePath: version: sha256: let name = builtins.elemAt (stdenv.lib.splitString "/" namePath) 0; - - appleDerivation = attrs: stdenv.mkDerivation ({ - inherit version; - name = "${name}-${version}"; - } // (if attrs ? srcs then {} else { - src = fetchApple version sha256 name; - }) // attrs); + appleDerivation = appleDerivation_ name version sha256; callPackage = pkgs.newScope (packages // pkgs.darwin // { inherit appleDerivation name version; }); in callPackage (./. + builtins.toPath "/${namePath}"); + libsecPackage = pkgs.callPackage ./libsecurity_generic { + inherit applePackage appleDerivation_; + }; + IOKitSpecs = { IOAudioFamily = fetchApple "197.4.2" "1dmrczdmbdkvnhjbv233wx4xczgpf5wjrhr83aizrwpks5avkxbr"; IOFireWireFamily = fetchApple "455.4.0" "034n2v6z7lf1cx3sp3309z4sn8mkchjcrsf177iag46yzlzcjgfl"; @@ -64,20 +69,43 @@ let Libc_old = applePackage "Libc/825_40_1.nix" "825.40.1" "0xsx1im52gwlmcrv4lnhhhn9dyk5ci6g27k6yvibn9vj8fzjxwcf" {}; libclosure = applePackage "libclosure" "63" "083v5xhihkkajj2yvz0dwgbi0jl2qvzk22p7pqq1zp3ry85xagrx" {}; libdispatch = applePackage "libdispatch" "339.92.1" "1lc5033cmkwxy3r26gh9plimxshxfcbgw6i0j7mgjlnpk86iy5bk" {}; - libiconv = applePackage "libiconv" "41" "10q7yd35flr893nysn9i04njgks4m3gis7jivb9ra9dcb77gqdcn" {}; + libiconv = applePackage "libiconv" "41" "0sni1gx6i2h7r4r4hhwbxdir45cp039m4wi74izh4l0pfw7gywad" {}; Libinfo = applePackage "Libinfo" "449.1.3" "1ix6f7xwjnq9bqgv8w27k4j64bqn1mfhh91nc7ciiv55axpdb9hq" {}; - Libm = applePackage "Libm" "2026" "02sd82ig2jvvyyfschmb4gpz6psnizri8sh6i982v341x6y4ysl7" {}; + Libm = applePackage "Libm" "2026" "02sd82ig2jvvyyfschmb4gpz6psnizri8sh6i982v341x6y4ysl7" {}; # This is from 10.7 !! :( Libnotify = applePackage "Libnotify" "121.20.1" "164rx4za5z74s0mk9x0m1815r1m9kfal8dz3bfaw7figyjd6nqad" {}; libpthread = applePackage "libpthread" "105.1.4" "09vwwahcvmxvx2xl0890gkp91n61dld29j73y2pa597bqkag2qpg" {}; libresolv = applePackage "libresolv" "54" "028mp2smd744ryxwl8cqz4njv8h540sdw3an1yl7yxqcs04r0p4b" {}; Libsystem = applePackage "Libsystem" "1197.1.1" "1yfj2qdrf9vrzs7p9m4wlb7zzxcrim1gw43x4lvz4qydpp5kg2rh" {}; + #libutil = applePackage "libutil" "38" "12gsvmj342n5d81kqwba68bmz3zf2757442g1sz2y5xmcapa3g5f" {}; libunwind = applePackage "libunwind" "35.3" "0miffaa41cv0lzf8az5k1j1ng8jvqvxcr4qrlkf3xyj479arbk1b" {}; mDNSResponder = applePackage "mDNSResponder" "522.92.1" "1cp87qda1s7brriv413i71yggm8yqfwv64vknrnqv24fcb8hzbmy" {}; objc4 = applePackage "objc4" "551.1" "1jrdb6yyb5jwwj27c1r0nr2y2ihqjln8ynj61mpkvp144c1cm5bg" {}; - objc4_pure = applePackage "objc4/pure.nix" "551.1" "1jrdb6yyb5jwwj27c1r0nr2y2ihqjln8ynj61mpkvp144c1cm5bg" {}; + #objc4_pure = applePackage "objc4/pure.nix" "551.1" "1jrdb6yyb5jwwj27c1r0nr2y2ihqjln8ynj61mpkvp144c1cm5bg" {}; ppp = applePackage "ppp" "727.90.1" "166xz1q7al12hm3q3drlp2r6fgdrsq3pmazjp3nsqg3vnglyh4gk" {}; removefile = applePackage "removefile" "33" "0ycvp7cnv40952a1jyhm258p6gg5xzh30x86z5gb204x80knw30y" {}; Security = applePackage "Security" "55471.14.18" "1nv0dczf67dhk17hscx52izgdcyacgyy12ag0jh6nl5hmfzsn8yy" {}; xnu = applePackage "xnu" "2422.115.4" "1ssw5fzvgix20bw6y13c39ib0zs7ykpig3irlwbaccpjpci5jl0s" {}; + + libsecurity_apple_csp = libsecPackage "libsecurity_apple_csp" "55003" "1ngyn1ik27n4x981px3kfd1z1n8zx7r5w812b6qfjpy5nw4h746w" {}; + libsecurity_apple_cspdl = libsecPackage "libsecurity_apple_cspdl" "55000" "1svqa5fhw7p7njzf8bzg7zgc5776aqjhdbnlhpwmr5hmz5i0x8r7" {}; + libsecurity_apple_file_dl = libsecPackage "libsecurity_apple_file_dl" "55000" "1dfqani3n135i3iqmafc1k9awmz6s0a78zifhk15rx5a8ps870bl" {}; + libsecurity_apple_x509_cl = libsecPackage "libsecurity_apple_x509_cl" "55004" "1gji2i080560s08k1nigsla1zdmi6slyv97xaj5vqxjpxb0g1xf5" {}; + libsecurity_apple_x509_tp = libsecPackage "libsecurity_apple_x509_tp" "55009.3" "1bsms3nvi62wbvjviwjhjhzhylad8g6vmvlj3ngd0wyd0ywxrs46" {}; + libsecurity_asn1 = libsecPackage "libsecurity_asn1" "55000.2" "0i8aakjxdfj0lqcgqmbip32g7r4h57xhs8w0sxfvfl45q22s782w" {}; + libsecurity_cdsa_client = libsecPackage "libsecurity_cdsa_client" "55000" "127jxnypkycy8zqwicfv333h11318m00gd37jnswbrpg44xd1wdy" {}; + libsecurity_cdsa_plugin = libsecPackage "libsecurity_cdsa_plugin" "55001" "0ifmx85rs51i7zjm015s8kc2dqyrlvbr39lw9xzxgd2ds33i4lfj" {}; + libsecurity_cdsa_utilities = libsecPackage "libsecurity_cdsa_utilities" "55006" "1kzsl0prvfa8a0m3j3pcxq06aix1csgayd3lzx27iqg84c8mhzan" {}; + libsecurity_cdsa_utils = libsecPackage "libsecurity_cdsa_utils" "55000" "0q55jizav6n0lkj7lcmcr2mjdhnbnnn525fa9ipwgvzbspihw0g6" {}; + libsecurity_codesigning = libsecPackage "libsecurity_codesigning" "55037.15" "0vf5nj2g383b4hknlp51qll5pm8z4qbf56dnc16n3wm8gj82iasy" {}; + libsecurity_cssm = libsecPackage "libsecurity_cssm" "55005.5" "0l6ia533bhr8kqp2wa712bnzzzisif3kbn7h3bzzf4nps4wmwzn4" {}; + libsecurity_filedb = libsecPackage "libsecurity_filedb" "55016.1" "1r0ik95xapdl6l2lhd079vpq41jjgshz2hqb8490gpy5wyc49cxb" {}; + libsecurity_keychain = libsecPackage "libsecurity_keychain" "55050.9" "15wf2slcgyns61kk7jndgm9h22vidyphh9x15x8viyprra9bkhja" {}; + libsecurity_mds = libsecPackage "libsecurity_mds" "55000" "0vin5hnzvkx2rdzaaj2gxmx38amxlyh6j24a8gc22y09d74p5lzs" {}; + libsecurity_ocspd = libsecPackage "libsecurity_ocspd" "55010" "1bxzpihc6w0ji4x8810a4lfkq83787yhjl60xm24bv1prhqcm73b" {}; + libsecurity_pkcs12 = libsecPackage "libsecurity_pkcs12" "55000" "1yq8p2sp39q40fxshb256b7jn9lvmpymgpm8yz9kqrf980xddgsg" {}; + libsecurity_sd_cspdl = libsecPackage "libsecurity_sd_cspdl" "55003" "10v76xycfnvz1n0zqfbwn3yh4w880lbssqhkn23iim3ihxgm5pbd" {}; + libsecurity_utilities = libsecPackage "libsecurity_utilities" "55030.3" "0ayycfy9jm0n0c7ih9f3m69ynh8hs80v8yicq47aa1h9wclbxg8r" {}; + libsecurityd = libsecPackage "libsecurityd" "55004" "1ywm2qj8l7rhaxy5biwxsyavd0d09d4bzchm03nlvwl313p2747x" {}; + security_dotmac_tp = libsecPackage "security_dotmac_tp" "55107.1" "1l4fi9qhrghj0pkvywi8da22bh06c5bv3l40a621b5g258na50pl" {}; }; in packages diff --git a/pkgs/os-specific/darwin/apple-source-releases/libauto/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libauto/default.nix index 1c61297c7d5..2003bb6e55e 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/libauto/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/libauto/default.nix @@ -1,9 +1,14 @@ -{ stdenv, appleDerivation }: +{ stdenv, appleDerivation, libdispatch, Libsystem }: appleDerivation { + # these are included in the pure libc + buildInputs = stdenv.lib.optionals stdenv.cc.nativeLibc [ libdispatch Libsystem ]; + buildPhase = '' cp ${./auto_dtrace.h} ./auto_dtrace.h + substituteInPlace ThreadLocalCollector.h --replace SubZone.h Subzone.h + substituteInPlace auto_zone.cpp \ --replace "#include <msgtracer_client.h>" ''$'#include <asl.h>\nstatic void msgtracer_log_with_keys(...) { };' diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_csp/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_csp/GNUmakefile new file mode 100644 index 00000000000..ca263228fde --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_csp/GNUmakefile @@ -0,0 +1,11 @@ +include $(GNUSTEP_MAKEFILES)/common.make + +LIBRARY_NAME = security_apple_csp + +security_apple_csp_HEADER_FILES = $(notdir $(wildcard lib/*.h)) +security_apple_csp_HEADER_FILES_DIR = lib + +security_apple_csp_CC_FILES = $(wildcard lib/*.cpp) +security_apple_csp_C_FILES = $(wildcard lib/*.c) + +include $(GNUSTEP_MAKEFILES)/library.make diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_csp/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_csp/default.nix new file mode 100644 index 00000000000..add46454cbe --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_csp/default.nix @@ -0,0 +1,31 @@ +{ appleDerivation, apple_sdk, libsecurity_asn1, libsecurity_cdsa_plugin, libsecurity_cdsa_utilities, libsecurity_cdsa_utils, libsecurity_utilities, osx_private_sdk, stdenv }: +appleDerivation { + buildInputs = [ + libsecurity_cdsa_utilities + libsecurity_utilities + libsecurity_cdsa_plugin + libsecurity_asn1 + libsecurity_cdsa_utils + ]; + NIX_CFLAGS_COMPILE = "-Iopen_ssl"; + patchPhase = '' + for file in lib/BlockCryptor.h lib/RSA_DSA_signature.h lib/castContext.h \ + lib/RawSigner.h lib/MD2Object.h lib/HMACSHA1.h lib/bfContext.h lib/rc4Context.h; do + substituteInPlace ''$file --replace \ + '"CoreServices/../Frameworks/CarbonCore.framework/Headers/MacTypes.h"' \ + '"${apple_sdk.sdk}/include/MacTypes.h"' + done + + for file in lib/castContext.h lib/gladmanContext.h lib/desContext.h lib/rc4Context.h; do + substituteInPlace ''$file --replace \ + '/usr/local/include/CommonCrypto/CommonCryptorSPI.h' \ + '${osx_private_sdk}/usr/include/CommonCrypto/CommonCryptorSPI.h' + done + + substituteInPlace lib/opensshWrap.cpp --replace RSA_DSA_Keys.h RSA_DSA_keys.h + '' + stdenv.lib.optionalString (!stdenv.cc.nativeLibc) '' + substituteInPlace lib/pbkdf2.c --replace \ + '<CoreServices/../Frameworks/CarbonCore.framework/Headers/ConditionalMacros.h>' \ + '"${stdenv.libc}/include/ConditionalMacros.h"' + ''; +} diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_cspdl/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_cspdl/GNUmakefile new file mode 100644 index 00000000000..a0d48cf4965 --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_cspdl/GNUmakefile @@ -0,0 +1,10 @@ +include $(GNUSTEP_MAKEFILES)/common.make + +LIBRARY_NAME = security_apple_cspdl + +security_apple_cspdl_HEADER_FILES = $(notdir $(wildcard lib/*.h)) +security_apple_cspdl_HEADER_FILES_DIR = lib + +security_apple_cspdl_CC_FILES = $(wildcard lib/*.cpp) + +include $(GNUSTEP_MAKEFILES)/library.make diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_cspdl/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_cspdl/default.nix new file mode 100644 index 00000000000..b80d4c8aad2 --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_cspdl/default.nix @@ -0,0 +1,16 @@ +{ appleDerivation, libsecurity_cdsa_client, libsecurity_cdsa_plugin, libsecurity_cdsa_utilities, libsecurity_keychain, libsecurity_utilities, libsecurityd }: +appleDerivation { + buildInputs = [ + libsecurity_cdsa_plugin + libsecurity_cdsa_utilities + libsecurity_utilities + libsecurityd + libsecurity_cdsa_client + libsecurity_keychain + ]; + patchPhase = '' + for file in lib/*; do + sed -i 's/#include <\(.*\)>/#include "\1"/' ''$file + done + ''; +} diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_file_dl/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_file_dl/GNUmakefile new file mode 100644 index 00000000000..f52829c644d --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_file_dl/GNUmakefile @@ -0,0 +1,10 @@ +include $(GNUSTEP_MAKEFILES)/common.make + +LIBRARY_NAME = security_apple_file_dl + +security_apple_file_dl_HEADER_FILES = $(notdir $(wildcard lib/*.h)) +security_apple_file_dl_HEADER_FILES_DIR = lib + +security_apple_file_dl_CC_FILES = $(wildcard lib/*.cpp) + +include $(GNUSTEP_MAKEFILES)/library.make diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_file_dl/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_file_dl/default.nix new file mode 100644 index 00000000000..0eb2ee10fd8 --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_file_dl/default.nix @@ -0,0 +1,17 @@ +{ appleDerivation, libsecurity_cdsa_client, libsecurity_cdsa_plugin, libsecurity_cdsa_utilities, libsecurity_filedb, libsecurity_keychain, libsecurity_utilities, libsecurityd }: +appleDerivation { + buildInputs = [ + libsecurity_cdsa_plugin + libsecurity_cdsa_utilities + libsecurity_utilities + libsecurityd + libsecurity_cdsa_client + libsecurity_keychain + libsecurity_filedb + ]; + patchPhase = '' + for file in lib/*; do + sed -i 's/#include <\(.*\)>/#include "\1"/' ''$file + done + ''; +} \ No newline at end of file diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_x509_cl/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_x509_cl/GNUmakefile new file mode 100644 index 00000000000..c7c9c3d4e79 --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_x509_cl/GNUmakefile @@ -0,0 +1,10 @@ +include $(GNUSTEP_MAKEFILES)/common.make + +LIBRARY_NAME = security_apple_x509_cl + +security_apple_x509_cl_HEADER_FILES = $(notdir $(wildcard lib/*.h)) +security_apple_x509_cl_HEADER_FILES_DIR = lib + +security_apple_x509_cl_CC_FILES = $(wildcard lib/*.cpp) + +include $(GNUSTEP_MAKEFILES)/library.make diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_x509_cl/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_x509_cl/default.nix new file mode 100644 index 00000000000..d2f15e19ccf --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_x509_cl/default.nix @@ -0,0 +1,18 @@ +{ appleDerivation, libsecurity_asn1, libsecurity_cdsa_client, libsecurity_cdsa_plugin, libsecurity_cdsa_utilities, libsecurity_filedb, libsecurity_keychain, libsecurity_utilities, libsecurityd, osx_private_sdk }: +appleDerivation { + buildInputs = [ + libsecurity_cdsa_plugin + libsecurity_cdsa_utilities + libsecurity_utilities + libsecurityd + libsecurity_cdsa_client + libsecurity_keychain + libsecurity_filedb + libsecurity_asn1 + ]; + patchPhase = '' + for file in lib/*; do + sed -i 's/#include <\(.*\)>/#include "\1"/' ''$file + done + ''; +} diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_x509_tp/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_x509_tp/GNUmakefile new file mode 100644 index 00000000000..083a8a85d17 --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_x509_tp/GNUmakefile @@ -0,0 +1,10 @@ +include $(GNUSTEP_MAKEFILES)/common.make + +LIBRARY_NAME = security_apple_x509_tp + +security_apple_x509_tp_HEADER_FILES = $(notdir $(wildcard lib/*.h)) +security_apple_x509_tp_HEADER_FILES_DIR = lib + +security_apple_x509_tp_CC_FILES = $(wildcard lib/*.cpp) + +include $(GNUSTEP_MAKEFILES)/library.make diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_x509_tp/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_x509_tp/default.nix new file mode 100644 index 00000000000..6410c134f89 --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_apple_x509_tp/default.nix @@ -0,0 +1,19 @@ +{ appleDerivation, libsecurity_asn1, libsecurity_cdsa_client, libsecurity_cdsa_plugin, libsecurity_cdsa_utilities, libsecurity_filedb, libsecurity_keychain, libsecurity_ocspd, libsecurity_utilities, libsecurityd }: +appleDerivation { + buildInputs = [ + libsecurity_cdsa_plugin + libsecurity_cdsa_utilities + libsecurity_utilities + libsecurityd + libsecurity_cdsa_client + libsecurity_keychain + libsecurity_filedb + libsecurity_asn1 + libsecurity_ocspd + ]; + patchPhase = '' + for file in lib/*; do + sed -i 's/#include <\(.*\)>/#include "\1"/' ''$file + done + ''; +} \ No newline at end of file diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_asn1/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_asn1/GNUmakefile new file mode 100644 index 00000000000..1c3c4f0b25b --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_asn1/GNUmakefile @@ -0,0 +1,11 @@ +include $(GNUSTEP_MAKEFILES)/common.make + +LIBRARY_NAME = security_asn1 + +security_asn1_C_FILES = $(wildcard lib/*.c) +security_asn1_CC_FILES = $(wildcard lib/*.cpp) + +security_asn1_HEADER_FILES = $(notdir $(wildcard lib/*.h)) +security_asn1_HEADER_FILES_DIR = lib + +include $(GNUSTEP_MAKEFILES)/library.make diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_asn1/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_asn1/default.nix new file mode 100644 index 00000000000..ab11d893d19 --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_asn1/default.nix @@ -0,0 +1,14 @@ +{ appleDerivation, libsecurity_cdsa_utilities, libsecurity_utilities, osx_private_sdk }: +appleDerivation { + __propagatedImpureHostDeps = [ + "/System/Library/Frameworks/Security.framework/Security" + "/System/Library/Frameworks/Security.framework/Resources" + "/System/Library/Frameworks/Security.framework/PlugIns" + "/System/Library/Frameworks/Security.framework/XPCServices" + "/System/Library/Frameworks/Security.framework/Versions" + ]; + propagatedBuildInputs = [ + libsecurity_utilities + libsecurity_cdsa_utilities + ]; +} diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_client/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_client/GNUmakefile new file mode 100644 index 00000000000..91fb6bb679e --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_client/GNUmakefile @@ -0,0 +1,10 @@ +include $(GNUSTEP_MAKEFILES)/common.make + +LIBRARY_NAME = security_cdsa_client + +security_cdsa_client_HEADER_FILES = $(notdir $(wildcard lib/*.h)) +security_cdsa_client_HEADER_FILES_DIR = lib + +security_cdsa_client_CC_FILES = $(wildcard lib/*.cpp) + +include $(GNUSTEP_MAKEFILES)/library.make diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_client/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_client/default.nix new file mode 100644 index 00000000000..2ecad568bf7 --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_client/default.nix @@ -0,0 +1,8 @@ +{ appleDerivation, libsecurity_cdsa_utilities, libsecurity_utilities, libsecurityd }: +appleDerivation { + buildInputs = [ + libsecurity_utilities + libsecurity_cdsa_utilities + libsecurityd + ]; +} diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_plugin/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_plugin/GNUmakefile new file mode 100644 index 00000000000..9e1260f9b9c --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_plugin/GNUmakefile @@ -0,0 +1,10 @@ +include $(GNUSTEP_MAKEFILES)/common.make + +LIBRARY_NAME = security_cdsa_plugin + +security_cdsa_plugin_HEADER_FILES = $(notdir $(wildcard lib/*.h)) +security_cdsa_plugin_HEADER_FILES_DIR = lib + +security_cdsa_plugin_CC_FILES = $(wildcard lib/*.cpp) + +include $(GNUSTEP_MAKEFILES)/library.make diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_plugin/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_plugin/default.nix new file mode 100644 index 00000000000..b0c35f0e30c --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_plugin/default.nix @@ -0,0 +1,15 @@ +{ appleDerivation, libsecurity_cdsa_utilities, libsecurity_cssm, libsecurity_utilities, osx_private_sdk, perl }: +appleDerivation { + buildInputs = [ + libsecurity_cdsa_utilities + libsecurity_utilities + perl + ]; + patchPhase = '' + unpackFile ${libsecurity_cssm.src} + cp libsecurity_cssm*/lib/cssm{dli,aci,cli,cspi,tpi}.h lib + ''; + preBuild = '' + perl lib/generator.pl lib lib/generator.cfg lib lib || exit 1 + ''; +} \ No newline at end of file diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_utilities/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_utilities/GNUmakefile new file mode 100644 index 00000000000..24bc1fe7e3a --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_utilities/GNUmakefile @@ -0,0 +1,13 @@ +include $(GNUSTEP_MAKEFILES)/common.make + +LIBRARY_NAME = security_cdsa_utilities + +security_cdsa_utilities_HEADER_FILES = $(notdir $(wildcard lib/*.h)) +security_cdsa_utilities_HEADER_FILES_DIR = lib + +security_cdsa_utilities_CC_FILES = $(wildcard lib/*.cpp) lib/Schema.cpp lib/KeySchema.cpp + +lib/%.cpp: lib/%.m4 + m4 $< > $@ + +include $(GNUSTEP_MAKEFILES)/library.make diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_utilities/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_utilities/default.nix new file mode 100644 index 00000000000..6f2436f2149 --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_utilities/default.nix @@ -0,0 +1,13 @@ +{ CommonCrypto, appleDerivation, libsecurity_codesigning, libsecurity_utilities, m4, osx_private_sdk }: +appleDerivation { + buildInputs = [ + libsecurity_utilities + m4 + ]; + patchPhase = '' + patch -p1 < ${./handletemplates.patch} + unpackFile ${libsecurity_codesigning.src} + mv libsecurity_codesigning*/lib security_codesigning + ''; + NIX_CFLAGS_COMPILE = "-I${CommonCrypto}/include/CommonCrypto"; +} diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_utilities/handletemplates.patch b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_utilities/handletemplates.patch new file mode 100644 index 00000000000..e5a703b2a08 --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_utilities/handletemplates.patch @@ -0,0 +1,19 @@ +--- a/lib/handletemplates.h 1969-12-31 16:00:01.000000000 -0800 ++++ b/lib/handletemplates.h 1969-12-31 16:00:01.000000000 -0800 +@@ -32,6 +32,7 @@ + #include <security_utilities/threading.h> + #include <security_utilities/globalizer.h> + #include <security_cdsa_utilities/cssmerrors.h> ++#include <vector> + + #if __GNUC__ > 2 + #include <ext/hash_map> +@@ -129,7 +130,7 @@ + // @@@ Remove when 4003540 is fixed + template <class Subtype> + static void findAllRefs(std::vector<_Handle> &refs) { +- state().findAllRefs<Subtype>(refs); ++ state().template findAllRefs<Subtype>(refs); + } + + protected: diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_utils/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_utils/GNUmakefile new file mode 100644 index 00000000000..7b5b7dc186a --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_utils/GNUmakefile @@ -0,0 +1,13 @@ +include $(GNUSTEP_MAKEFILES)/common.make + +LIBRARY_NAME = security_cdsa_utils + +security_cdsa_utils_HEADER_FILES = $(notdir $(wildcard lib/*.h)) +security_cdsa_utils_HEADER_FILES_DIR = lib + +security_cdsa_utils_CC_FILES = $(wildcard lib/*.cpp) + +lib/%.cpp: lib/%.m4 + m4 $< > $@ + +include $(GNUSTEP_MAKEFILES)/library.make diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_utils/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_utils/default.nix new file mode 100644 index 00000000000..d9b594bc47c --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cdsa_utils/default.nix @@ -0,0 +1,8 @@ +{ Security, appleDerivation, apple_sdk, cppcheck, libsecurity_cdsa_utilities, libsecurity_utilities, m4, osx_private_sdk }: +appleDerivation { + buildInputs = [ + libsecurity_utilities + libsecurity_cdsa_utilities + m4 + ]; +} diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_codesigning/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_codesigning/GNUmakefile new file mode 100644 index 00000000000..e923b962c26 --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_codesigning/GNUmakefile @@ -0,0 +1,10 @@ +include $(GNUSTEP_MAKEFILES)/common.make + +LIBRARY_NAME = security_codesigning + +security_codesigning_HEADER_FILES = $(notdir $(wildcard lib/*.h)) +security_codesigning_HEADER_FILES_DIR = lib + +security_codesigning_CC_FILES = $(wildcard lib/*.cpp) + +include $(GNUSTEP_MAKEFILES)/library.make diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_codesigning/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_codesigning/default.nix new file mode 100644 index 00000000000..c5ba9cc8d7e --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_codesigning/default.nix @@ -0,0 +1,7 @@ +{ appleDerivation, libsecurity_cdsa_utilities, libsecurity_utilities }: +appleDerivation { + buildInputs = [ + libsecurity_utilities + libsecurity_cdsa_utilities + ]; +} \ No newline at end of file diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cssm/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cssm/GNUmakefile new file mode 100644 index 00000000000..c7835aaa9b0 --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cssm/GNUmakefile @@ -0,0 +1,11 @@ +include $(GNUSTEP_MAKEFILES)/common.make + +LIBRARY_NAME = security_cssm + +security_cssm_HEADER_FILES = $(notdir $(wildcard lib/*.h)) +security_cssm_HEADER_FILES_DIR = lib + +security_cssm_CC_FILES = $(wildcard lib/*.cpp) +security_cssm_C_FILES = $(wildcard lib/*.c) + +include $(GNUSTEP_MAKEFILES)/library.make diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cssm/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cssm/default.nix new file mode 100644 index 00000000000..053dea134c7 --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_cssm/default.nix @@ -0,0 +1,14 @@ +{ appleDerivation, libsecurity_cdsa_client, libsecurity_cdsa_plugin, libsecurity_cdsa_utilities, libsecurity_codesigning, libsecurity_utilities, perl }: +appleDerivation { + buildInputs = [ + libsecurity_utilities + libsecurity_cdsa_utilities + libsecurity_cdsa_client + perl + libsecurity_cdsa_plugin + ]; + preBuild = '' + mkdir derived_src + perl lib/generator.pl lib lib/generator.cfg derived_src + ''; +} \ No newline at end of file diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_filedb/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_filedb/GNUmakefile new file mode 100644 index 00000000000..4359810c56b --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_filedb/GNUmakefile @@ -0,0 +1,10 @@ +include $(GNUSTEP_MAKEFILES)/common.make + +LIBRARY_NAME = security_filedb + +security_filedb_HEADER_FILES = $(notdir $(wildcard lib/*.h)) +security_filedb_HEADER_FILES_DIR = lib + +security_filedb_CC_FILES = $(wildcard lib/*.cpp) + +include $(GNUSTEP_MAKEFILES)/library.make diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_filedb/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_filedb/default.nix new file mode 100644 index 00000000000..86cc2a390db --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_filedb/default.nix @@ -0,0 +1,13 @@ +{ appleDerivation, apple_sdk, libsecurity_cdsa_plugin, libsecurity_cdsa_utilities, libsecurity_utilities, osx_private_sdk }: +appleDerivation { + buildInputs = [ + libsecurity_utilities + libsecurity_cdsa_utilities + libsecurity_cdsa_plugin + ]; + patchPhase = '' + cp ${osx_private_sdk}/usr/local/include/sandbox_private.h . + substituteInPlace sandbox_private.h --replace '<sandbox.h>' '"${apple_sdk.sdk}/include/sandbox.h"' + substituteInPlace lib/AtomicFile.cpp --replace '<sandbox.h>' '"sandbox_private.h"' + ''; +} diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_generic/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_generic/default.nix new file mode 100644 index 00000000000..a94b9b455ef --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_generic/default.nix @@ -0,0 +1,58 @@ +{ appleDerivation_, applePackage, pkgs, stdenv }: +name: version: sha256: args: let + n = stdenv.lib.removePrefix "lib" name; + makeFile = ../. + builtins.toPath "/${name}/GNUmakefile"; + appleDerivation = appleDerivation_ name version sha256; + in applePackage name version sha256 (args // { + appleDerivation = a: + appleDerivation (stdenv.lib.mergeAttrsConcatenateValues { + __impureHostDeps = import ./impure_deps.nix; + + patchPhase = '' + # allows including <Security/some-private-header.h> + ln -s ${pkgs.darwin.osx_private_sdk}/System/Library/Frameworks/Security.framework/Versions/A/PrivateHeaders Security + + grep -Rl MacErrors.h . | while read file; do + substituteInPlace "''$file" --replace \ + '<CoreServices/../Frameworks/CarbonCore.framework/Headers/MacErrors.h>' \ + '"${pkgs.darwin.apple_sdk.sdk}/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonCore.framework/Versions/A/Headers/MacErrors.h"' + done || true # grep returns 1 if it can't find the string + + grep -Rl MacTypes.h . | while read file; do + substituteInPlace "''$file" --replace \ + '<CoreServices/../Frameworks/CarbonCore.framework/Headers/MacTypes.h>' \ + '"${pkgs.darwin.apple_sdk.sdk}/include/MacTypes.h"' + done || true # grep returns 1 if it can't find the string + ''; + preBuild = '' + ln -s lib ${n} + makeFlagsArray=(-j''$NIX_BUILD_CORES) + ''; + buildInputs = [ + pkgs.gnustep-make + ]; + makeFlags = [ + "-f${makeFile}" + "MAKEFILE_NAME=${makeFile}" + "GNUSTEP_ABSOLUTE_INSTALL_PATHS=yes" + "LIB_LINK_INSTALL_DIR=\$(out)/lib" + ]; + installFlags = [ + "${n}_INSTALL_DIR=\$(out)/lib" + "${n}_HEADER_FILES_INSTALL_DIR=\$(out)/include/${n}" + "GNUSTEP_HEADERS=" + ]; + NIX_CFLAGS_COMPILE = [ + "-isystem lib" + "-iframework ${pkgs.darwin.Security}/Library/Frameworks" + "-I." + "-Wno-deprecated-declarations" + ]; + NIX_LDFLAGS = with pkgs.darwin; with apple_sdk.frameworks; [ + "-L${libobjc}/lib" + "-F${Foundation}/Library/Frameworks" + "-F${AppKit}/Library/Frameworks" + "-no_dtrace_dof" + ]; + } a); + }) diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_generic/impure_deps.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_generic/impure_deps.nix new file mode 100644 index 00000000000..7725b9f3d1a --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_generic/impure_deps.nix @@ -0,0 +1,129 @@ +# generated using a ruby script +[ + "/System/Library/Frameworks/Accelerate.framework/Versions/A/Accelerate" + "/System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vImage.framework/Versions/A/vImage" + "/System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libBLAS.dylib" + "/System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libLAPACK.dylib" + "/System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libLinearAlgebra.dylib" + "/System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libvDSP.dylib" + "/System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libvMisc.dylib" + "/System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/vecLib" + "/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit" + "/System/Library/Frameworks/ApplicationServices.framework/Versions/A/ApplicationServices" + "/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ATS.framework/Versions/A/ATS" + "/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ATS.framework/Versions/A/Resources/libFontParser.dylib" + "/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ATS.framework/Versions/A/Resources/libFontRegistry.dylib" + "/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ColorSync.framework/Versions/A/ColorSync" + "/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/HIServices.framework/Versions/A/HIServices" + "/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/LangAnalysis.framework/Versions/A/LangAnalysis" + "/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/PrintCore.framework/Versions/A/PrintCore" + "/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/QD.framework/Versions/A/QD" + "/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/SpeechSynthesis.framework/Versions/A/SpeechSynthesis" + "/System/Library/Frameworks/AudioToolbox.framework/Versions/A/AudioToolbox" + "/System/Library/Frameworks/AudioUnit.framework/Versions/A/AudioUnit" + "/System/Library/Frameworks/CFNetwork.framework/Versions/A/CFNetwork" + "/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/CarbonSound.framework/Versions/A/CarbonSound" + "/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox" + "/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Ink.framework/Versions/A/Ink" + "/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/SpeechRecognition.framework/Versions/A/SpeechRecognition" + "/System/Library/Frameworks/CoreAudio.framework/Versions/A/CoreAudio" + "/System/Library/Frameworks/CoreBluetooth.framework/Versions/A/CoreBluetooth" + "/System/Library/Frameworks/CoreData.framework/Versions/A/CoreData" + "/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation" + "/System/Library/Frameworks/CoreGraphics.framework/Versions/A/CoreGraphics" + "/System/Library/Frameworks/CoreServices.framework/Versions/A/CoreServices" + "/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/AE.framework/Versions/A/AE" + "/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonCore.framework/Versions/A/CarbonCore" + "/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/DictionaryServices.framework/Versions/A/DictionaryServices" + "/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/FSEvents.framework/Versions/A/FSEvents" + "/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/LaunchServices.framework/Versions/A/LaunchServices" + "/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/Metadata.framework/Versions/A/Metadata" + "/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/OSServices.framework/Versions/A/OSServices" + "/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/SearchKit.framework/Versions/A/SearchKit" + "/System/Library/Frameworks/CoreText.framework/Versions/A/CoreText" + "/System/Library/Frameworks/CoreVideo.framework/Versions/A/CoreVideo" + "/System/Library/Frameworks/CoreWLAN.framework/Versions/A/CoreWLAN" + "/System/Library/Frameworks/DiskArbitration.framework/Versions/A/DiskArbitration" + "/System/Library/Frameworks/Foundation.framework/Versions/C/Foundation" + "/System/Library/Frameworks/GSS.framework/Versions/A/GSS" + "/System/Library/Frameworks/IOBluetooth.framework/Versions/A/IOBluetooth" + "/System/Library/Frameworks/IOKit.framework/Versions/A/IOKit" + "/System/Library/Frameworks/IOSurface.framework/Versions/A/IOSurface" + "/System/Library/Frameworks/ImageIO.framework/Versions/A/ImageIO" + "/System/Library/Frameworks/ImageIO.framework/Versions/A/Resources/libGIF.dylib" + "/System/Library/Frameworks/ImageIO.framework/Versions/A/Resources/libJP2.dylib" + "/System/Library/Frameworks/ImageIO.framework/Versions/A/Resources/libJPEG.dylib" + "/System/Library/Frameworks/ImageIO.framework/Versions/A/Resources/libPng.dylib" + "/System/Library/Frameworks/ImageIO.framework/Versions/A/Resources/libRadiance.dylib" + "/System/Library/Frameworks/ImageIO.framework/Versions/A/Resources/libTIFF.dylib" + "/System/Library/Frameworks/Kerberos.framework/Versions/A/Kerberos" + "/System/Library/Frameworks/NetFS.framework/Versions/A/NetFS" + "/System/Library/Frameworks/OpenCL.framework/Versions/A/OpenCL" + "/System/Library/Frameworks/OpenDirectory.framework/Versions/A/Frameworks/CFOpenDirectory.framework/Versions/A/CFOpenDirectory" + "/System/Library/Frameworks/OpenDirectory.framework/Versions/A/OpenDirectory" + "/System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libCVMSPluginSupport.dylib" + "/System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libCoreVMClient.dylib" + "/System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGFXShared.dylib" + "/System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGL.dylib" + "/System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLImage.dylib" + "/System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLU.dylib" + "/System/Library/Frameworks/OpenGL.framework/Versions/A/OpenGL" + "/System/Library/Frameworks/QuartzCore.framework/Versions/A/Frameworks/CoreImage.framework/Versions/A/CoreImage" + "/System/Library/Frameworks/QuartzCore.framework/Versions/A/QuartzCore" + "/System/Library/Frameworks/Security.framework/Versions/A/Security" + "/System/Library/Frameworks/SecurityFoundation.framework/Versions/A/SecurityFoundation" + "/System/Library/Frameworks/ServiceManagement.framework/Versions/A/ServiceManagement" + "/System/Library/Frameworks/SystemConfiguration.framework/Versions/A/SystemConfiguration" + "/System/Library/PrivateFrameworks/Apple80211.framework/Versions/A/Apple80211" + "/System/Library/PrivateFrameworks/AppleJPEG.framework/Versions/A/AppleJPEG" + "/System/Library/PrivateFrameworks/AppleVPA.framework/Versions/A/AppleVPA" + "/System/Library/PrivateFrameworks/Backup.framework/Versions/A/Backup" + "/System/Library/PrivateFrameworks/ChunkingLibrary.framework/Versions/A/ChunkingLibrary" + "/System/Library/PrivateFrameworks/CommonAuth.framework/Versions/A/CommonAuth" + "/System/Library/PrivateFrameworks/CoreSymbolication.framework/Versions/A/CoreSymbolication" + "/System/Library/PrivateFrameworks/CoreUI.framework/Versions/A/CoreUI" + "/System/Library/PrivateFrameworks/CoreWiFi.framework/Versions/A/CoreWiFi" + "/System/Library/PrivateFrameworks/CrashReporterSupport.framework/Versions/A/CrashReporterSupport" + "/System/Library/PrivateFrameworks/DataDetectorsCore.framework/Versions/A/DataDetectorsCore" + "/System/Library/PrivateFrameworks/DebugSymbols.framework/Versions/A/DebugSymbols" + "/System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Versions/A/DesktopServicesPriv" + "/System/Library/PrivateFrameworks/FaceCore.framework/Versions/A/FaceCore" + "/System/Library/PrivateFrameworks/GenerationalStorage.framework/Versions/A/GenerationalStorage" + "/System/Library/PrivateFrameworks/Heimdal.framework/Versions/A/Heimdal" + "/System/Library/PrivateFrameworks/IconServices.framework/Versions/A/IconServices" + "/System/Library/PrivateFrameworks/LanguageModeling.framework/Versions/A/LanguageModeling" + "/System/Library/PrivateFrameworks/MultitouchSupport.framework/Versions/A/MultitouchSupport" + "/System/Library/PrivateFrameworks/NetAuth.framework/Versions/A/NetAuth" + "/System/Library/PrivateFrameworks/PerformanceAnalysis.framework/Versions/A/PerformanceAnalysis" + "/System/Library/PrivateFrameworks/RemoteViewServices.framework/Versions/A/RemoteViewServices" + "/System/Library/PrivateFrameworks/Sharing.framework/Versions/A/Sharing" + "/System/Library/PrivateFrameworks/SpeechRecognitionCore.framework/Versions/A/SpeechRecognitionCore" + "/System/Library/PrivateFrameworks/Symbolication.framework/Versions/A/Symbolication" + "/System/Library/PrivateFrameworks/TCC.framework/Versions/A/TCC" + "/System/Library/PrivateFrameworks/UIFoundation.framework/Versions/A/UIFoundation" + "/System/Library/PrivateFrameworks/Ubiquity.framework/Versions/A/Ubiquity" + "/System/Library/PrivateFrameworks/login.framework/Versions/A/Frameworks/loginsupport.framework/Versions/A/loginsupport" + "/usr/lib/libCRFSuite.dylib" + "/usr/lib/libOpenScriptingUtil.dylib" + "/usr/lib/libarchive.2.dylib" + "/usr/lib/libbsm.0.dylib" + "/usr/lib/libbz2.1.0.dylib" + "/usr/lib/libc++.1.dylib" + "/usr/lib/libc++abi.dylib" + "/usr/lib/libcmph.dylib" + "/usr/lib/libcups.2.dylib" + "/usr/lib/libextension.dylib" + "/usr/lib/libheimdal-asn1.dylib" + "/usr/lib/libiconv.2.dylib" + "/usr/lib/libicucore.A.dylib" + "/usr/lib/liblangid.dylib" + "/usr/lib/liblzma.5.dylib" + "/usr/lib/libmecabra.dylib" + "/usr/lib/libpam.2.dylib" + "/usr/lib/libresolv.9.dylib" + "/usr/lib/libsqlite3.dylib" + "/usr/lib/libxar.1.dylib" + "/usr/lib/libxml2.2.dylib" + "/usr/lib/libxslt.1.dylib" + "/usr/lib/libz.1.dylib" +] diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_keychain/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_keychain/GNUmakefile new file mode 100644 index 00000000000..8830006f00e --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_keychain/GNUmakefile @@ -0,0 +1,10 @@ +include $(GNUSTEP_MAKEFILES)/common.make + +LIBRARY_NAME = security_keychain + +security_keychain_HEADER_FILES = $(notdir $(wildcard lib/*.h)) +security_keychain_HEADER_FILES_DIR = lib + +security_keychain_CC_FILES = $(wildcard lib/*.cpp) + +include $(GNUSTEP_MAKEFILES)/library.make diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_keychain/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_keychain/default.nix new file mode 100644 index 00000000000..de97950b765 --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_keychain/default.nix @@ -0,0 +1,47 @@ +{ CF, Security, appleDerivation, apple_sdk, libsecurity_asn1, libsecurity_cdsa_client, libsecurity_cdsa_utilities, libsecurity_cdsa_utils, libsecurity_ocspd, libsecurity_pkcs12, libsecurity_utilities, libsecurityd, openssl, osx_private_sdk, security_dotmac_tp }: +appleDerivation { + buildInputs = [ + libsecurity_utilities + libsecurity_cdsa_client + libsecurity_cdsa_utilities + libsecurityd + CF + libsecurity_asn1 + libsecurity_pkcs12 + libsecurity_cdsa_utils + openssl + libsecurity_ocspd + security_dotmac_tp + ]; + patchPhase = '' + substituteInPlace lib/Keychains.cpp --replace DLDbListCFPref.h DLDBListCFPref.h + + substituteInPlace lib/SecCertificate.cpp --replace '#include <Security/SecCertificatePriv.h>' "" + + cp ${osx_private_sdk}/usr/include/xpc/private.h xpc + cp ${apple_sdk.sdk}/include/xpc/*.h xpc + cp ${osx_private_sdk}/usr/local/include/sandbox_private.h lib/sandbox.h + + substituteInPlace lib/SecItemPriv.h \ + --replace "extern CFTypeRef kSecAttrAccessGroup" "extern const CFTypeRef kSecAttrAccessGroup" \ + --replace "extern CFTypeRef kSecAttrIsSensitive" "extern const CFTypeRef kSecAttrIsSensitive" \ + --replace "extern CFTypeRef kSecAttrIsExtractable" "extern const CFTypeRef kSecAttrIsExtractable" + + substituteInPlace lib/Keychains.cpp --replace \ + '<CoreServices/../Frameworks/CarbonCore.framework/Headers/MacErrors.h>' \ + '"${apple_sdk.sdk}/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonCore.framework/Versions/A/Headers/MacErrors.h"' + + substituteInPlace lib/CertificateValues.cpp --replace \ + '#include <Security/SecCertificatePriv.h>' "" + + substituteInPlace lib/DLDBListCFPref.cpp --replace \ + 'dispatch_once_t AppSandboxChecked;' ''$'namespace Security {\ndispatch_once_t AppSandboxChecked;' \ + --replace 'return mLoginDLDbIdentifier;' 'return mLoginDLDbIdentifier; }' \ + --replace '_xpc_runtime_is_app_sandboxed()' 'false' + # hope that doesn't hurt anything + + substituteInPlace lib/KCEventNotifier.h --replace \ + 'CoreFoundation/CFNotificationCenter.h' \ + '${apple_sdk.sdk}/Library/Frameworks/CoreFoundation.framework/Versions/A/Headers/CFNotificationCenter.h' + ''; +} diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_mds/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_mds/GNUmakefile new file mode 100644 index 00000000000..119a43621fb --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_mds/GNUmakefile @@ -0,0 +1,10 @@ +include $(GNUSTEP_MAKEFILES)/common.make + +LIBRARY_NAME = security_mds + +security_mds_HEADER_FILES = $(notdir $(wildcard lib/*.h)) +security_mds_HEADER_FILES_DIR = lib + +security_mds_CC_FILES = $(wildcard lib/*.cpp) + +include $(GNUSTEP_MAKEFILES)/library.make diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_mds/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_mds/default.nix new file mode 100644 index 00000000000..cd691f71e95 --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_mds/default.nix @@ -0,0 +1,11 @@ +{ appleDerivation, libsecurity_cdsa_client, libsecurity_cdsa_plugin, libsecurity_cdsa_utilities, libsecurity_filedb, libsecurity_utilities, libsecurityd }: +appleDerivation { + buildInputs = [ + libsecurity_cdsa_plugin + libsecurity_cdsa_utilities + libsecurity_filedb + libsecurity_utilities + libsecurity_cdsa_client + libsecurityd + ]; +} diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_ocspd/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_ocspd/GNUmakefile new file mode 100644 index 00000000000..140c5a909a6 --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_ocspd/GNUmakefile @@ -0,0 +1,10 @@ +include $(GNUSTEP_MAKEFILES)/common.make + +LIBRARY_NAME = security_ocspd + +security_ocspd_HEADER_FILES = $(notdir $(wildcard lib/*.h)) +security_ocspd_HEADER_FILES_DIR = lib + +security_ocspd_CC_FILES = $(wildcard lib/*.cpp) + +include $(GNUSTEP_MAKEFILES)/library.make diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_ocspd/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_ocspd/default.nix new file mode 100644 index 00000000000..25701442d2b --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_ocspd/default.nix @@ -0,0 +1,20 @@ +{ appleDerivation, bootstrap_cmds, libsecurity_cdsa_utilities, libsecurity_utilities, osx_private_sdk }: +appleDerivation { + buildInputs = [ + libsecurity_utilities + libsecurity_cdsa_utilities + bootstrap_cmds + ]; + postUnpack = '' + pushd libsecurity* + ls -lah + mkdir -p lib + cp common/* lib + cp client/* lib + popd + ''; + preBuild = '' + make -f mig/mig.mk SRCROOT=. BUILT_PRODUCTS_DIR=. || exit 1 + cp derived_src/* lib + ''; +} diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_pkcs12/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_pkcs12/GNUmakefile new file mode 100644 index 00000000000..b2af7e72c41 --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_pkcs12/GNUmakefile @@ -0,0 +1,11 @@ +include $(GNUSTEP_MAKEFILES)/common.make + +LIBRARY_NAME = security_pkcs12 + +security_pkcs12_HEADER_FILES = $(notdir $(wildcard lib/*.h)) +security_pkcs12_HEADER_FILES_DIR = lib + +security_pkcs12_CC_FILES = $(wildcard lib/*.cpp) +security_pkcs12_C_FILES = $(wildcard lib/*.c) + +include $(GNUSTEP_MAKEFILES)/library.make diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_pkcs12/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_pkcs12/default.nix new file mode 100644 index 00000000000..f84c2d8963f --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_pkcs12/default.nix @@ -0,0 +1,15 @@ +{ appleDerivation, libsecurity_asn1, libsecurity_cdsa_client, libsecurity_cdsa_utils, libsecurity_keychain, osx_private_sdk }: +appleDerivation { + patchPhase = '' + substituteInPlace lib/pkcsoids.h --replace '#error' '#warning' + ''; + preBuild = '' + unpackFile ${libsecurity_keychain.src} + mv libsecurity_keychain*/lib security_keychain + ''; + buildInputs = [ + libsecurity_asn1 + libsecurity_cdsa_utils + libsecurity_cdsa_client + ]; +} diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_sd_cspdl/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_sd_cspdl/GNUmakefile new file mode 100644 index 00000000000..47a1c609d06 --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_sd_cspdl/GNUmakefile @@ -0,0 +1,10 @@ +include $(GNUSTEP_MAKEFILES)/common.make + +LIBRARY_NAME = security_sd_cspdl + +security_sd_cspdl_HEADER_FILES = $(notdir $(wildcard lib/*.h)) +security_sd_cspdl_HEADER_FILES_DIR = lib + +security_sd_cspdl_CC_FILES = $(wildcard lib/*.cpp) + +include $(GNUSTEP_MAKEFILES)/library.make diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_sd_cspdl/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_sd_cspdl/default.nix new file mode 100644 index 00000000000..22491091661 --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_sd_cspdl/default.nix @@ -0,0 +1,10 @@ +{ appleDerivation, libsecurity_cdsa_client, libsecurity_cdsa_plugin, libsecurity_cdsa_utilities, libsecurity_utilities, libsecurityd }: +appleDerivation { + buildInputs = [ + libsecurity_cdsa_plugin + libsecurity_utilities + libsecurity_cdsa_utilities + libsecurityd + libsecurity_cdsa_client + ]; +} diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_utilities/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_utilities/GNUmakefile new file mode 100644 index 00000000000..d3ba09142c9 --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_utilities/GNUmakefile @@ -0,0 +1,11 @@ +include $(GNUSTEP_MAKEFILES)/common.make + +LIBRARY_NAME = security_utilities + +security_utilities_HEADER_FILES = $(notdir $(wildcard lib/*.h)) +security_utilities_HEADER_FILES_DIR = lib + +security_utilities_C_FILES = $(wildcard lib/*.c) +security_utilities_CC_FILES = $(wildcard lib/*.cpp) + +include $(GNUSTEP_MAKEFILES)/library.make diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_utilities/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_utilities/default.nix new file mode 100644 index 00000000000..8cc74e2210f --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_utilities/default.nix @@ -0,0 +1,23 @@ +{ IOKit, appleDerivation, apple_sdk, libauto, libobjc, libsecurity_codesigning, osx_private_sdk, sqlite, stdenv }: +appleDerivation { + buildInputs = [ + libauto + libobjc + IOKit + sqlite + apple_sdk.frameworks.PCSC + ]; + patchPhase = '' + substituteInPlace lib/errors.h --replace \ + '<CoreServices/../Frameworks/CarbonCore.framework/Headers/MacTypes.h>' \ + '"MacTypes.h"' + substituteInPlace lib/debugging.cpp --replace PATH_MAX 1024 + substituteInPlace lib/superblob.h --replace 'result->at' 'result->template at' + substituteInPlace lib/ccaudit.cpp --replace '<bsm/libbsm.h>' '"bsm/libbsm.h"' + + cp ${osx_private_sdk}/usr/include/security_utilities/utilities_dtrace.h lib + cp -R ${osx_private_sdk}/usr/local/include/bsm lib + '' + stdenv.lib.optionalString (!stdenv.cc.nativeLibc) '' + substituteInPlace lib/vproc++.cpp --replace /usr/local/include/vproc_priv.h ${stdenv.libc}/include/vproc_priv.h + ''; +} diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurityd/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/libsecurityd/GNUmakefile new file mode 100644 index 00000000000..6058043e79f --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurityd/GNUmakefile @@ -0,0 +1,11 @@ +include $(GNUSTEP_MAKEFILES)/common.make + +LIBRARY_NAME = securityd + +securityd_HEADER_FILES = $(notdir $(wildcard lib/*.h)) +securityd_HEADER_FILES_DIR = lib + +securityd_CC_FILES = $(wildcard lib/*.cpp) +securityd_C_FILES = $(wildcard lib/*.c) + +include $(GNUSTEP_MAKEFILES)/library.make diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurityd/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurityd/default.nix new file mode 100644 index 00000000000..d311f678337 --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurityd/default.nix @@ -0,0 +1,23 @@ +{ appleDerivation, bootstrap_cmds, libsecurity_cdsa_client, libsecurity_cdsa_utilities, libsecurity_utilities, osx_private_sdk }: +appleDerivation { + buildInputs = [ + libsecurity_cdsa_utilities + libsecurity_utilities + bootstrap_cmds + ]; + patchPhase = '' + unpackFile ${libsecurity_cdsa_client.src} + mv libsecurity_cdsa_client*/lib security_cdsa_client + ln -s lib securityd_client + + patch -p1 < ${./xdr-arity.patch} + ''; + preBuild = '' + make -f mig/mig.mk SRCROOT=. BUILT_PRODUCTS_DIR=. + cp derived_src/* lib + rm lib/ucspClientC.c + ''; + postInstall = '' + ln -s ''$out/include/securityd ''$out/include/securityd_client + ''; +} \ No newline at end of file diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurityd/xdr-arity.patch b/pkgs/os-specific/darwin/apple-source-releases/libsecurityd/xdr-arity.patch new file mode 100644 index 00000000000..5d0328629f1 --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurityd/xdr-arity.patch @@ -0,0 +1,79 @@ +diff --git a/lib/sec_xdr.c b/lib/sec_xdr.c +index fe5f038..6239b6c 100644 +--- a/lib/sec_xdr.c ++++ b/lib/sec_xdr.c +@@ -223,7 +223,7 @@ bool_t copyin(void *data, xdrproc_t proc, void** copy, u_int *size) + sec_xdrmem_create(&xdr, (char *)xdr_data, length, XDR_ENCODE); + + // cast to void* - function can go both ways (xdr->x_op) +- if (proc(&xdr, data)) { ++ if (proc(&xdr, data, 0)) { + *copy = xdr_data; + if (size) *size = length; + return (TRUE); +@@ -261,7 +261,7 @@ bool_t copyout(const void *copy, u_int size, xdrproc_t proc, void **data, u_int + if (!sec_xdr_arena_init(&arena, &xdr, length_out ? length_out : length_required, length_out ? *data : NULL)) + return (FALSE); + +- if (proc(&xdr, data)) ++ if (proc(&xdr, data, 0)) + { + *length = length_required; + return (TRUE); +@@ -284,7 +284,7 @@ bool_t copyout_chunked(const void *copy, u_int size, xdrproc_t proc, void **data + + void *data_out = NULL; + +- if (proc(&xdr, &data_out)) ++ if (proc(&xdr, &data_out, 0)) + { + *data = data_out; + return (TRUE); +diff --git a/lib/sec_xdr_array.c b/lib/sec_xdr_array.c +index 152a71b..e5ec1ad 100644 +--- a/lib/sec_xdr_array.c ++++ b/lib/sec_xdr_array.c +@@ -147,7 +147,7 @@ sec_xdr_array(XDR *xdrs, uint8_t **addrp, u_int *sizep, u_int maxsize, u_int els + for (i = 0; (i < c) && stat; i++) { + if ((xdrs->x_op == XDR_DECODE) && sizeof_alloc) + memset(obj, 0, elsize); +- stat = (*elproc)(xdrs, target); ++ stat = (*elproc)(xdrs, target, 0); + if ((xdrs->x_op == XDR_ENCODE) || !sizeof_alloc) + target += elsize; + } +diff --git a/lib/sec_xdr_reference.c b/lib/sec_xdr_reference.c +index a66fb37..ab5b4c4 100644 +--- a/lib/sec_xdr_reference.c ++++ b/lib/sec_xdr_reference.c +@@ -121,7 +121,7 @@ sec_xdr_reference(XDR *xdrs, uint8_t **pp, u_int size, xdrproc_t proc) + break; + } + +- stat = (*proc)(xdrs, loc); ++ stat = (*proc)(xdrs, loc, 0); + + if (xdrs->x_op == XDR_FREE) { + sec_mem_free(xdrs, loc, size); +diff --git a/lib/sec_xdr_sizeof.c b/lib/sec_xdr_sizeof.c +index a18bcd0..8c33dbc 100644 +--- a/lib/sec_xdr_sizeof.c ++++ b/lib/sec_xdr_sizeof.c +@@ -190,7 +190,7 @@ sec_xdr_sizeof_in(func, data) + + sec_xdr_arena_allocator_t size_alloc; + sec_xdr_arena_init_size_alloc(&size_alloc, &x); +- stat = func(&x, data); ++ stat = func(&x, data, 0); + if (x.x_private) + free(x.x_private); + return (stat == TRUE ? (unsigned) x.x_handy: 0); +@@ -210,7 +210,7 @@ sec_xdr_sizeof_out(copy, size, func, data) + + sec_xdr_arena_allocator_t size_alloc; + sec_xdr_arena_init_size_alloc(&size_alloc, &x); +- stat = func(&x, data); ++ stat = func(&x, data, 0); + if (size_alloc.data) + free(size_alloc.data); + return (stat == TRUE ? (unsigned long)size_alloc.offset : 0); diff --git a/pkgs/os-specific/darwin/apple-source-releases/security_dotmac_tp/GNUmakefile b/pkgs/os-specific/darwin/apple-source-releases/security_dotmac_tp/GNUmakefile new file mode 100644 index 00000000000..6f6a50bd57a --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/security_dotmac_tp/GNUmakefile @@ -0,0 +1,8 @@ +include $(GNUSTEP_MAKEFILES)/common.make + +LIBRARY_NAME = security_dotmac_tp + +security_dotmac_tp_HEADER_FILES = $(notdir $(wildcard lib/*.h)) +security_dotmac_tp_HEADER_FILES_DIR = lib + +include $(GNUSTEP_MAKEFILES)/library.make diff --git a/pkgs/os-specific/darwin/apple-source-releases/security_dotmac_tp/default.nix b/pkgs/os-specific/darwin/apple-source-releases/security_dotmac_tp/default.nix new file mode 100644 index 00000000000..bfbfb945957 --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/security_dotmac_tp/default.nix @@ -0,0 +1,4 @@ +{ appleDerivation }: + +appleDerivation { +} diff --git a/pkgs/os-specific/darwin/binutils/default.nix b/pkgs/os-specific/darwin/binutils/default.nix new file mode 100644 index 00000000000..abe4aa67b14 --- /dev/null +++ b/pkgs/os-specific/darwin/binutils/default.nix @@ -0,0 +1,39 @@ +{ stdenv, binutils-raw, cctools }: + +stdenv.mkDerivation { + name = "cctools-binutils-darwin"; + buildCommand = '' + mkdir -p $out/bin $out/include + + ln -s ${binutils-raw}/bin/c++filt $out/bin/c++filt + + # We specifically need: + # - ld: binutils doesn't provide it on darwin + # - as: as above + # - ar: the binutils one prodices .a files that the cctools ld doesn't like + # - ranlib: for compatibility with ar + # - dsymutil: soon going away once it goes into LLVM (this one is fake anyway) + # - otool: we use it for some of our name mangling + # - install_name_tool: we use it to rewrite stuff in our bootstrap tools + # - strip: the binutils one seems to break mach-o files + # - lipo: gcc build assumes it exists + # - nm: the gnu one doesn't understand many new load commands + for i in ar ranlib as dsymutil install_name_tool ld strip otool lipo nm strings size; do + ln -sf "${cctools}/bin/$i" "$out/bin/$i" + done + + for i in ${binutils-raw}/include/*.h; do + ln -s "$i" "$out/include/$(basename $i)" + done + + for i in ${cctools}/include/*; do + ln -s "$i" "$out/include/$(basename $i)" + done + + # FIXME: this will give us incorrect man pages for bits of cctools + ln -s ${binutils-raw}/share $out/share + ln -s ${binutils-raw}/lib $out/lib + + ln -s ${cctools}/libexec $out/libexec + ''; +} diff --git a/pkgs/os-specific/darwin/cctools/port.nix b/pkgs/os-specific/darwin/cctools/port.nix index bfb389ef37c..e7165875aa4 100644 --- a/pkgs/os-specific/darwin/cctools/port.nix +++ b/pkgs/os-specific/darwin/cctools/port.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, autoconf, automake, libtool +{ stdenv, fetchurl, autoconf, automake, libtool_2 , llvm, libcxx, libcxxabi, clang, openssl, libuuid , libobjc ? null }: @@ -18,7 +18,7 @@ let sha256 = "01f31ijpnplbiyp7ldwzy8vbkn3j3m56n5blsvsav5nlp4lp2g71"; }; - buildInputs = [ autoconf automake libtool openssl libuuid ] ++ + buildInputs = [ autoconf automake libtool_2 openssl libuuid ] ++ # Only need llvm and clang if the stdenv isn't already clang-based (TODO: just make a stdenv.cc.isClang) stdenv.lib.optionals (!stdenv.isDarwin) [ llvm clang ] ++ stdenv.lib.optionals stdenv.isDarwin [ libcxxabi libobjc ]; diff --git a/pkgs/os-specific/darwin/command-line-tools/default.nix b/pkgs/os-specific/darwin/command-line-tools/default.nix index 9bbf5882e5d..2d1eb7b6b3c 100644 --- a/pkgs/os-specific/darwin/command-line-tools/default.nix +++ b/pkgs/os-specific/darwin/command-line-tools/default.nix @@ -7,7 +7,7 @@ let src = fetchurl { # Magic url found in: # https://swscan.apple.com/content/catalogs/others/index-10.9-1.sucatalog - url = "http://swcdn.apple.com/content/downloads/27/02/031-06182/yiervn212jfs091cp9hwmb7gjq7ky91crs/${name}.pkg"; + url = "http://swcdn.apple.com/content/downloads/27/02/031-06182/xxog8vxu8i6af781ivf4uhy6yt1lslex34/${name}.pkg"; inherit sha256; }; diff --git a/pkgs/os-specific/darwin/derez/default.nix b/pkgs/os-specific/darwin/derez/default.nix new file mode 100644 index 00000000000..f64f05aadf0 --- /dev/null +++ b/pkgs/os-specific/darwin/derez/default.nix @@ -0,0 +1,34 @@ +{ stdenv }: + +# this tool only exists on darwin +assert stdenv.isDarwin; + +stdenv.mkDerivation { + name = "derez"; + + src = "/usr/bin/DeRez"; + + unpackPhase = "true"; + configurePhase = "true"; + buildPhase = "true"; + + installPhase = '' + mkdir -p "$out/bin" + ln -s $src "$out/bin" + ''; + + meta = with stdenv.lib; { + description = "Decompiles resources"; + homepage = "https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man1/DeRez.1.html"; + maintainers = [ maintainers.lnl7 ]; + platforms = platforms.darwin; + + longDescription = '' + The DeRez tool decompiles the resource fork of resourceFile according to the type declarations + supplied by the type declaration files. The resource description produced by this decompilation + contains the resource definitions (resource and data statements) associated with these type + declarations. If for some reason it cannot reproduce the appropriate resource statements, DeRez + generates hexadecimal data statements instead. + ''; + }; +} diff --git a/pkgs/os-specific/darwin/osx-private-sdk/default.nix b/pkgs/os-specific/darwin/osx-private-sdk/default.nix index 85e1dc50f35..febcb6b5d0c 100644 --- a/pkgs/os-specific/darwin/osx-private-sdk/default.nix +++ b/pkgs/os-specific/darwin/osx-private-sdk/default.nix @@ -1,34 +1,16 @@ -{ stdenv, fetchFromGitHub, python, osx_sdk }: +{ stdenv, fetchzip }: -let - sdkVersion = "10.9"; -in stdenv.mkDerivation { - name = "PrivateMacOSX${sdkVersion}.sdk"; - - src = fetchFromGitHub { - owner = "copumpkin"; - repo = "OSXPrivateSDK"; - rev = "bde9cba13e6ae62a8e4e0f405008ea719526e7ad"; - sha256 = "1vj3fxwp32irxjk987p7a223sm5bl5rrlajcvgy69k0wb0fp0krc"; - }; - - buildInputs = [ python ]; - - configurePhase = "true"; - - buildPhase = '' - python PrivateSDK.py -i ${osx_sdk}/Developer/SDKs/MacOSX${sdkVersion}.sdk -o PrivateMacOSX${sdkVersion}.sdk - ''; - - installPhase = '' - mkdir -p $out/Developer/SDKs/ - mv PrivateMacOSX${sdkVersion}.sdk $out/Developer/SDKs - ''; - - meta = with stdenv.lib; { - description = "A private Mac OS ${sdkVersion} SDK, suitable for building many of Apple's open source releases"; - maintainers = with maintainers; [ copumpkin ]; - platforms = platforms.darwin; - license = licenses.unfree; - }; +let full = stdenv.lib.overrideDerivation (fetchzip { + url = "https://github.com/samdmarshall/OSXPrivateSDK/tarball/69bf3c7f7140ed6ab2b6684b427bd457209858fe"; + name = "osx-private-sdk-10.9"; + sha256 = "1agl4kyry6m7yz3sql5mrbvmd1xkmb4nbq976phcpk19inans1zm"; +}) (drv: { + postFetch = '' + unpackFile() { + tar xzf "$1" + } + '' + drv.postFetch; +}); in { + outPath = "${full}/PrivateSDK10.9"; + passthru.sdk10 = "${full}/PrivateSDK10.10"; } diff --git a/pkgs/os-specific/darwin/osx-sdk/default.nix b/pkgs/os-specific/darwin/osx-sdk/default.nix index 612bf003743..875479b4f29 100644 --- a/pkgs/os-specific/darwin/osx-sdk/default.nix +++ b/pkgs/os-specific/darwin/osx-sdk/default.nix @@ -2,7 +2,7 @@ let version = "10.9"; -in stdenv.mkDerivation { +in stdenv.mkDerivation rec { name = "MacOSX10.9.sdk"; src = "/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.9.sdk"; @@ -23,4 +23,4 @@ in stdenv.mkDerivation { platforms = platforms.darwin; license = licenses.unfree; }; -} \ No newline at end of file +} diff --git a/pkgs/os-specific/darwin/reattach-to-user-namespace/default.nix b/pkgs/os-specific/darwin/reattach-to-user-namespace/default.nix new file mode 100644 index 00000000000..0460c516d29 --- /dev/null +++ b/pkgs/os-specific/darwin/reattach-to-user-namespace/default.nix @@ -0,0 +1,16 @@ +{ stdenv, fetchgit }: + +stdenv.mkDerivation { + name = "reattach-to-user-namespace-2.4"; + src = fetchgit { + url = "https://github.com/ChrisJohnsen/tmux-MacOSX-pasteboard.git"; + sha256 = "1f9q1wxq764zidnx5hbdkbbyxxzfih0l0cjpgr0pxzwbmd2q6cvv"; + rev = "2765aeab8f337c29e260a912bf4267a2732d8640"; + }; + buildFlags = "ARCHES=x86_64"; + installPhase = '' + mkdir -p $out/bin + cp reattach-to-user-namespace $out/bin/ + ''; +} + diff --git a/pkgs/os-specific/darwin/rez/default.nix b/pkgs/os-specific/darwin/rez/default.nix new file mode 100644 index 00000000000..847dfc6e6f3 --- /dev/null +++ b/pkgs/os-specific/darwin/rez/default.nix @@ -0,0 +1,33 @@ +{ stdenv }: + +# this tool only exists on darwin +assert stdenv.isDarwin; + +stdenv.mkDerivation { + name = "rez"; + + src = "/usr/bin/Rez"; + + unpackPhase = "true"; + configurePhase = "true"; + buildPhase = "true"; + + installPhase = '' + mkdir -p "$out/bin" + ln -s $src "$out/bin" + ''; + + meta = with stdenv.lib; { + description = "Compiles resources"; + homepage = "https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man1/Rez.1.html"; + maintainers = [ maintainers.lnl7 ]; + platforms = platforms.darwin; + + longDescription = '' + The Rez tool compiles the resource fork of a file according to the textual description contained in + the resource description files. These resource description files must contain both the type + declarations and the resource definitions needed to compile the resources. This data can come + directly from the resource description files. + ''; + }; +} diff --git a/pkgs/os-specific/darwin/security-tool/GNUmakefile b/pkgs/os-specific/darwin/security-tool/GNUmakefile new file mode 100644 index 00000000000..ae25f6a67c0 --- /dev/null +++ b/pkgs/os-specific/darwin/security-tool/GNUmakefile @@ -0,0 +1,14 @@ +include $(GNUSTEP_MAKEFILES)/common.make + +TOOL_NAME = security +security_C_FILES = $(wildcard *.c) +security_CC_FILES = $(wildcard *.cpp) + +security_LDFLAGS = \ + -lsecurity_cdsa_utilities -lsecurity_cdsa_utils -lsecurity_keychain -lsecurity_cssm \ + -lsecurity_cdsa_client -lsecurity_utilities -lsecurity_asn1 -lsecurity_mds \ + -lsecurity_cdsa_plugin -lsecurity_pkcs12 -lsecurity_apple_csp -lsecurity_apple_cspdl \ + -lsecurity_apple_file_dl -lsecurity_apple_x509_cl -lsecurity_apple_x509_tp \ + -lsecurity_sd_cspdl -lsecurity_filedb -lsecurityd -framework Security -framework PCSC + +include $(GNUSTEP_MAKEFILES)/tool.make diff --git a/pkgs/os-specific/darwin/security-tool/default.nix b/pkgs/os-specific/darwin/security-tool/default.nix index 49d61f392c5..7cff4fc3eef 100644 --- a/pkgs/os-specific/darwin/security-tool/default.nix +++ b/pkgs/os-specific/darwin/security-tool/default.nix @@ -1,30 +1,90 @@ -{ stdenv, fetchurl, osx_private_sdk }: +{ CoreServices, Foundation, PCSC, Security, GSS, Kerberos, makeWrapper, apple_sdk, fetchurl, gnustep-make, libobjc, libsecurity_apple_csp, libsecurity_apple_cspdl, libsecurity_apple_file_dl, libsecurity_apple_x509_cl, libsecurity_apple_x509_tp, libsecurity_asn1, libsecurity_cdsa_client, libsecurity_cdsa_plugin, libsecurity_cdsa_utilities, libsecurity_cdsa_utils, libsecurity_cssm, libsecurity_filedb, libsecurity_keychain, libsecurity_mds, libsecurity_pkcs12, libsecurity_sd_cspdl, libsecurity_utilities, libsecurityd, osx_private_sdk, stdenv }: stdenv.mkDerivation rec { - version = "55115"; - name = "SecurityTool-${version}"; + version = "55115"; + name = "SecurityTool-${version}"; src = fetchurl { url = "http://opensource.apple.com/tarballs/SecurityTool/SecurityTool-${version}.tar.gz"; sha256 = "0apcz4vy2z5645jhrs60wj3w27mncjjqv42h5lln36g6qs2n9113"; }; - configurePhase = ""; + patchPhase = '' + # copied from libsecurity_generic + ln -s ${osx_private_sdk}/System/Library/Frameworks/Security.framework/Versions/A/PrivateHeaders Security - # Someday we shall purge this impurity! - buildPhase = '' - /usr/bin/xcodebuild SDKROOT=${osx_private_sdk}/Developer/SDKs/PrivateMacOSX10.9.sdk/ + substituteInPlace cmsutil.c --replace \ + '<CoreServices/../Frameworks/CarbonCore.framework/Headers/MacErrors.h>' \ + '"${apple_sdk.sdk}/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonCore.framework/Versions/A/Headers/MacErrors.h"' + substituteInPlace createFVMaster.c --replace \ + '<CoreServices/../Frameworks/CarbonCore.framework/Headers/MacErrors.h>' \ + '"${apple_sdk.sdk}/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonCore.framework/Versions/A/Headers/MacErrors.h"' ''; - installPhase = '' - mkdir -p $out/bin/ - cp build/Release/security $out/bin + postUnpack = '' + unpackFile ${Security.src} + cp Security-*/utilities/src/fileIo.c SecurityTool* + cp Security-*/utilities/src/fileIo.h SecurityTool* + ''; + + preBuild = '' + makeFlagsArray=(-j''$NIX_BUILD_CORES) + ''; + + NIX_LDFLAGS = "-no_dtrace_dof"; + + makeFlags = "-f ${./GNUmakefile} MAKEFILE_NAME=${./GNUmakefile}"; + + installFlags = [ + "security_INSTALL_DIR=\$(out)/bin" + ]; + + propagatedBuildInputs = [ GSS Kerberos Security PCSC Foundation ]; + + __propagatedImpureHostDeps = [ "/System/Library/Keychains" ]; + + buildInputs = [ + gnustep-make + libsecurity_asn1 + libsecurity_utilities + libsecurity_cdsa_utilities + libobjc + libsecurity_cdsa_client + libsecurity_keychain + libsecurity_cssm + libsecurity_cdsa_utils + libsecurity_mds + libsecurity_cdsa_plugin + libsecurity_apple_csp + libsecurity_apple_cspdl + libsecurity_apple_file_dl + libsecurity_apple_x509_cl + libsecurity_apple_x509_tp + libsecurity_pkcs12 + libsecurity_sd_cspdl + libsecurity_filedb + libsecurityd + makeWrapper + ]; + + NIX_CFLAGS_COMPILE = [ + "-F${Security}/Library/Frameworks" + "-F${PCSC}/Library/Frameworks" + "-Wno-deprecated-declarations" + ]; + + postInstall = '' + wrapProgram $out/bin/security --set DYLD_INSERT_LIBRARIES /usr/lib/libsqlite3.dylib ''; meta = with stdenv.lib; { description = "Command line interface to Mac OS X keychains and Security framework"; - maintainers = with maintainers; [ copumpkin ]; - platforms = platforms.darwin; - license = licenses.apsl20; + maintainers = with maintainers; [ + copumpkin + joelteon + ]; + platforms = platforms.darwin; + license = licenses.apsl20; }; -} \ No newline at end of file +} + diff --git a/pkgs/os-specific/gnu/default.nix b/pkgs/os-specific/gnu/default.nix index 94bfec0a18e..457b670319e 100644 --- a/pkgs/os-specific/gnu/default.nix +++ b/pkgs/os-specific/gnu/default.nix @@ -1,7 +1,7 @@ # Packages that make up the GNU/Hurd operating system (aka. GNU). args@{ fetchgit, stdenv, autoconf, automake, automake111x, libtool -, texinfo, glibcCross, hurdPartedCross, libuuid, samba_light +, texinfo, glibcCross, hurdPartedCross, libuuid, samba , gccCrossStageStatic, gccCrossStageFinal , forceNativeDrv, forceSystem, newScope, platform, config, crossSystem , overrides ? {} }: @@ -91,7 +91,6 @@ let mig_raw = callPackage ./mig {}; smbfs = callPackage ./smbfs { - samba = samba_light; hurd = gnu.hurdCross; }; diff --git a/pkgs/os-specific/linux/acpid/default.nix b/pkgs/os-specific/linux/acpid/default.nix index 39b5565ffbd..1746c938444 100644 --- a/pkgs/os-specific/linux/acpid/default.nix +++ b/pkgs/os-specific/linux/acpid/default.nix @@ -1,11 +1,11 @@ -{stdenv, fetchurl}: +{ stdenv, fetchurl }: stdenv.mkDerivation rec { - name = "acpid-2.0.23"; + name = "acpid-2.0.25"; src = fetchurl { url = "mirror://sourceforge/acpid2/${name}.tar.xz"; - sha256 = "1vl7c6vc724v4jwki17czgj6lnrknnj1a6llm8gkl32i2gnam5j3"; + sha256 = "0s2wg84x6pnrkf7i7lpzw2rilq4mj50vwb7p2b2n5hdyfa00lw0b"; }; preBuild = '' diff --git a/pkgs/os-specific/linux/android-udev-rules/default.nix b/pkgs/os-specific/linux/android-udev-rules/default.nix index b30e0f61b1b..3f763e917e3 100644 --- a/pkgs/os-specific/linux/android-udev-rules/default.nix +++ b/pkgs/os-specific/linux/android-udev-rules/default.nix @@ -1,12 +1,12 @@ { stdenv, fetchgit }: stdenv.mkDerivation { - name = "android-udev-rules"; + name = "android-udev-rules-20150821"; src = fetchgit { - url = "git://github.com/M0Rf30/android-udev-rules"; - rev = "2cc51a456ccfbca338c4e6b76211645aaac631e9"; - sha256 = "dbf1614cebb466d1adbcc5f17cefc0c37f148f9e3b46443b3e82f6cd19a1514f"; + url = "https://github.com/M0Rf30/android-udev-rules"; + rev = "07ccded2a89c2bb6da984e596c015c5e9546e497"; + sha256 = "953fc10bd0de46afef999dc1c1b20801b3d6e289af48d18fa96b1cac3ac54518"; }; installPhase = '' diff --git a/pkgs/os-specific/linux/apparmor/capability.patch b/pkgs/os-specific/linux/apparmor/capability.patch deleted file mode 100644 index c8f2b511d95..00000000000 --- a/pkgs/os-specific/linux/apparmor/capability.patch +++ /dev/null @@ -1,16 +0,0 @@ -Description: allow parser to build even when not on Linux. -Author: Kees Cook <kees@debian.org> - -Index: apparmor-debian/common/Make.rules -=================================================================== ---- apparmor-debian.orig/common/Make.rules 2012-05-05 14:41:25.967259523 -0700 -+++ apparmor-debian/common/Make.rules 2012-05-05 14:41:28.451291053 -0700 -@@ -160,7 +160,7 @@ - CAPABILITIES=$(shell echo "\#include <linux/capability.h>" | cpp -dM | LC_ALL=C sed -n -e '/CAP_EMPTY_SET/d' -e 's/^\#define[ \t]\+CAP_\([A-Z0-9_]\+\)[ \t]\+\([0-9xa-f]\+\)\(.*\)$$/CAP_\1/p' | sort) - - .PHONY: list_capabilities --list_capabilities: /usr/include/linux/capability.h -+list_capabilities: - @echo "$(CAPABILITIES)" - - # ===================== diff --git a/pkgs/os-specific/linux/apparmor/default.nix b/pkgs/os-specific/linux/apparmor/default.nix index bfd6b533bb2..64c6f66575b 100644 --- a/pkgs/os-specific/linux/apparmor/default.nix +++ b/pkgs/os-specific/linux/apparmor/default.nix @@ -1,98 +1,167 @@ -{ stdenv, fetchurl -, autoconf, automake, libtool, makeWrapper -, perl, bison, flex, glibc, gettext, which, rpm, tetex, LocaleGettext -, bash, pam, TermReadKey, RpcXML, swig, python}: -stdenv.mkDerivation rec { - - name = "apparmor-${version}"; - version = "2.8.4"; - - src = fetchurl { - url = "http://launchpad.net/apparmor/2.8/${version}/+download/${name}.tar.gz"; - sha256 = "1mki4c44ljmr7dpn55grzn33929kdjx149jx00s80yp1war83jwq"; +{ stdenv, fetchurl, makeWrapper, autoconf, autoreconfHook, automake, libtool, pkgconfig, perl, which +, glibc, flex, bison, python27Packages, swig, pam +}: + +let + apparmor-series = "2.10"; + apparmor-version = apparmor-series; + + apparmor-meta = component: with stdenv.lib; { + homepage = http://apparmor.net/; + description = "Linux application security system - ${component}"; + license = licenses.gpl2; + maintainers = with maintainers; [ phreedom thoughtpolice joachifm ]; + platforms = platforms.linux; }; - buildInputs = [ - autoconf automake libtool perl bison flex gettext which rpm tetex - LocaleGettext pam TermReadKey RpcXML swig makeWrapper python ]; - - prePatch = '' - substituteInPlace libraries/libapparmor/src/Makefile.in --replace "/usr/include" "${glibc.dev}/include" - substituteInPlace libraries/libapparmor/src/Makefile.am --replace "/usr/include" "${glibc.dev}/include" - substituteInPlace common/Make.rules --replace "/usr/bin/pod2man" "${perl}/bin/pod2man" - substituteInPlace common/Make.rules --replace "/usr/bin/pod2html" "${perl}/bin/pod2html" - substituteInPlace common/Make.rules --replace "cpp -dM" "cpp -dM -I${glibc.dev}/include" - - substituteInPlace parser/Makefile --replace "/usr/bin/bison" "${bison}/bin/bison" - substituteInPlace parser/Makefile --replace "/usr/bin/flex" "${flex}/bin/flex" - substituteInPlace parser/Makefile --replace "/usr/include/bits/socket.h" "${glibc.dev}/include/bits/socket.h" - substituteInPlace parser/Makefile --replace "/usr/include/linux/capability.h" "${glibc.dev}/include/linux/capability.h" - #substituteInPlace parser/utils/vim/Makefile --replace "/usr/include/linux/capability.h" "${glibc.dev}/include/linux/capability.h" - - # for some reason pdf documentation doesn't build - substituteInPlace parser/Makefile --replace "manpages htmlmanpages pdf" "manpages htmlmanpages" - - substituteInPlace parser/tst/gen-xtrans.pl --replace "/usr/bin/perl" "${perl}/bin/perl" - substituteInPlace parser/tst/Makefile --replace "/usr/bin/prove" "${perl}/bin/prove" - substituteInPlace parser/tst/Makefile --replace "./caching.sh" "${bash}/bin/bash ./caching.sh" - ''; + apparmor-sources = fetchurl { + url = "https://launchpad.net/apparmor/${apparmor-series}/${apparmor-version}/+download/apparmor-${apparmor-version}.tar.gz"; + sha256 = "1x06qmmbha9krx7880pxj2k3l8fxy3nm945xjjv735m2ax1243jd"; + }; - patches = ./capability.patch; - - buildPhase ='' - PERL5LIB=$PERL5LIB:$out/lib/perl5/site_perl:$out/lib - - cd libraries/libapparmor - ./autogen.sh - ./configure --prefix=$out --with-perl # see below - make - make check - make install - mkdir -p $out/lib/perl5/site_perl/ - cp swig/perl/LibAppArmor.pm $out/lib/perl5/site_perl/ - cp swig/perl/LibAppArmor.bs $out/lib/perl5/site_perl/ - # this is automatically copied elsewhere.... - - cd ../../utils - make - make install DESTDIR=$out BINDIR=$out/bin VENDOR_PERL=/lib/perl5/site_perl - - cd ../parser - make - make install DESTDIR=$out DISTRO=unknown - -# cd ../changehat/mod_apparmor -# make # depends on libapparmor having been built first -# make install - - cd ../changehat/pam_apparmor - make # depends on libapparmor having been built first - make install DESTDIR=$out - - cd ../../profiles - LD_LIBRARY_PATH=$out/lib make - #LD_LIBRARY_PATH=$out/lib make check # depends on the parser having been built first - make install DESTDIR=$out - - cd .. - cp -r kernel-patches $out + prePatchCommon = '' + substituteInPlace ./common/Make.rules --replace "/usr/bin/pod2man" "${perl}/bin/pod2man" + substituteInPlace ./common/Make.rules --replace "/usr/bin/pod2html" "${perl}/bin/pod2html" + substituteInPlace ./common/Make.rules --replace "/usr/include/linux/capability.h" "${glibc}/include/linux/capability.h" + substituteInPlace ./common/Make.rules --replace "/usr/share/man" "share/man" ''; - installPhase = let - perlVersion = (builtins.parseDrvName perl.name).version; - in '' - for i in $out/bin/*; do - wrapProgram $i --prefix PERL5LIB : \ - "$PERL5LIB:$out/lib/perl5/${perlVersion}/${stdenv.system}-thread-multi/" - done - ''; + libapparmor = stdenv.mkDerivation { + name = "libapparmor-${apparmor-version}"; + src = apparmor-sources; + + buildInputs = [ + autoconf + automake + autoreconfHook + bison + flex + glibc + libtool + perl + pkgconfig + python27Packages.python + swig + which + ]; + + # required to build apparmor-parser + dontDisableStatic = true; + + prePatch = prePatchCommon + '' + substituteInPlace ./libraries/libapparmor/src/Makefile.am --replace "/usr/include/netinet/in.h" "${glibc}/include/netinet/in.h" + substituteInPlace ./libraries/libapparmor/src/Makefile.in --replace "/usr/include/netinet/in.h" "${glibc}/include/netinet/in.h" + ''; + + postPatch = "cd ./libraries/libapparmor"; + configureFlags = "--with-python --with-perl"; + + meta = apparmor-meta "library"; + }; - meta = with stdenv.lib; { - homepage = http://apparmor.net/; - description = "Linux application security system"; - license = licenses.gpl2; - maintainers = [ maintainers.phreedom maintainers.thoughtpolice ]; - platforms = platforms.linux; + apparmor-utils = stdenv.mkDerivation { + name = "apparmor-utils-${apparmor-version}"; + src = apparmor-sources; + + buildInputs = [ + perl + python27Packages.python + python27Packages.readline + libapparmor + makeWrapper + which + ]; + + prePatch = prePatchCommon; + postPatch = "cd ./utils"; + makeFlags = ''LANGS=''; + installFlags = ''DESTDIR=$(out) BINDIR=$(out)/bin VIM_INSTALL_PATH=$(out)/share PYPREFIX=''; + + postInstall = '' + for prog in aa-audit aa-autodep aa-cleanprof aa-complain aa-disable aa-enforce aa-genprof aa-logprof aa-mergeprof aa-status aa-unconfined ; do + wrapProgram $out/bin/$prog --prefix PYTHONPATH : "$out/lib/${python27Packages.python.libPrefix}/site-packages:$PYTHONPATH" + done + + for prog in aa-exec aa-notify ; do + wrapProgram $out/bin/$prog --prefix PERL5LIB : "${libapparmor}/lib/perl5:$PERL5LIB" + done + ''; + + meta = apparmor-meta "user-land utilities"; }; -} + apparmor-parser = stdenv.mkDerivation { + name = "apparmor-parser-${apparmor-version}"; + src = apparmor-sources; + + buildInputs = [ + libapparmor + bison + flex + which + ]; + + prePatch = prePatchCommon + '' + substituteInPlace ./parser/Makefile --replace "/usr/bin/bison" "${bison}/bin/bison" + substituteInPlace ./parser/Makefile --replace "/usr/bin/flex" "${flex}/bin/flex" + substituteInPlace ./parser/Makefile --replace "/usr/include/linux/capability.h" "${glibc}/include/linux/capability.h" + ## techdoc.pdf still doesn't build ... + substituteInPlace ./parser/Makefile --replace "manpages htmlmanpages pdf" "manpages htmlmanpages" + ''; + postPatch = "cd ./parser"; + makeFlags = ''LANGS= USE_SYSTEM=1 INCLUDEDIR=${libapparmor}/include''; + installFlags = ''DESTDIR=$(out) DISTRO=unknown''; + + meta = apparmor-meta "rule parser"; + }; + + apparmor-pam = stdenv.mkDerivation { + name = "apparmor-pam-${apparmor-version}"; + src = apparmor-sources; + + buildInputs = [ + libapparmor + pam + pkgconfig + which + ]; + + postPatch = "cd ./changehat/pam_apparmor"; + makeFlags = ''USE_SYSTEM=1''; + installFlags = ''DESTDIR=$(out)''; + + meta = apparmor-meta "PAM service"; + }; + + apparmor-profiles = stdenv.mkDerivation { + name = "apparmor-profiles-${apparmor-version}"; + src = apparmor-sources; + + buildInputs = [ which ]; + + postPatch = "cd ./profiles"; + installFlags = ''DESTDIR=$(out) EXTRAS_DEST=$(out)/share/apparmor/extra-profiles''; + + meta = apparmor-meta "profiles"; + }; + + apparmor-kernel-patches = stdenv.mkDerivation { + name = "apparmor-kernel-patches-${apparmor-version}"; + src = apparmor-sources; + + phases = ''unpackPhase installPhase''; + + installPhase = '' + mkdir "$out" + cp -R ./kernel-patches "$out" + ''; + + meta = apparmor-meta "kernel patches"; + }; + +in + +{ + inherit libapparmor apparmor-utils apparmor-parser apparmor-pam + apparmor-profiles apparmor-kernel-patches; +} diff --git a/pkgs/os-specific/linux/ati-drivers/builder.sh b/pkgs/os-specific/linux/ati-drivers/builder.sh index 8df03910146..520f20e2ed6 100644 --- a/pkgs/os-specific/linux/ati-drivers/builder.sh +++ b/pkgs/os-specific/linux/ati-drivers/builder.sh @@ -7,8 +7,11 @@ set -x die(){ echo $@; exit 1; } # custom unpack: +mkdir fglrx +cd fglrx unzip $src -run_file=$(echo fglrx-*/amd-driver-installer-*) +cd .. +run_file=$(echo fglrx/amd-driver-installer-*) sh $run_file --extract . eval "$patchPhase" diff --git a/pkgs/os-specific/linux/ati-drivers/default.nix b/pkgs/os-specific/linux/ati-drivers/default.nix index 179166bbc79..bb088885509 100644 --- a/pkgs/os-specific/linux/ati-drivers/default.nix +++ b/pkgs/os-specific/linux/ati-drivers/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, kernel ? null, xlibs, which, imake +{ stdenv, fetchurl, kernel ? null, which, imake , mesa # for fgl_glxgears , libXxf86vm, xf86vidmodeproto # for fglrx_gamma , xorg, makeWrapper, glibc, patchelf @@ -31,7 +31,7 @@ assert (!libsOnly) -> kernel != null; with stdenv.lib; stdenv.mkDerivation { - name = "ati-drivers-14.12" + (optionalString (!libsOnly) "-${kernel.version}"); + name = "ati-drivers-15.7" + (optionalString (!libsOnly) "-${kernel.version}"); builder = ./builder.sh; @@ -39,17 +39,17 @@ stdenv.mkDerivation { gcc = stdenv.cc.cc; src = fetchurl { - url = http://www2.ati.com/drivers/linux/amd-catalyst-omega-14.12-linux-run-installers.zip; - sha256 = "0jd2scrdlyapynxfjdrarnwcdzxjqrk5fg5i10g3bm0ay8v9hrk8"; + url = "http://www2.ati.com/drivers/linux/amd-driver-installer-15.20.1046-x86.x86_64.zip"; + sha256 = "ffde64203f49d9288eaa25f4d744187b6f4f14a87a444bab6a001d822b327a9d"; curlOpts = "--referer http://support.amd.com/en-us/download/desktop?os=Linux%20x86_64"; }; - patchPhase = "patch -p1 < ${./fglrx_3.17rc6-no_hotplug.patch}"; + patchPhase = "patch -p1 < ${./kernel-api-fixes.patch}"; patchPhaseSamples = "patch -p2 < ${./patch-samples.patch}"; buildInputs = - [ xlibs.libXext xlibs.libX11 xlibs.libXinerama - xlibs.libXrandr which imake makeWrapper + [ xorg.libXext xorg.libX11 xorg.libXinerama + xorg.libXrandr which imake makeWrapper patchelf unzip mesa diff --git a/pkgs/os-specific/linux/ati-drivers/fglrx_3.17rc6-no_hotplug.patch b/pkgs/os-specific/linux/ati-drivers/fglrx_3.17rc6-no_hotplug.patch deleted file mode 100644 index 7afd54a59c5..00000000000 --- a/pkgs/os-specific/linux/ati-drivers/fglrx_3.17rc6-no_hotplug.patch +++ /dev/null @@ -1,31 +0,0 @@ -source: https://aur.archlinux.org/packages/catalyst/ - -diff -uNr 14.9/common/lib/modules/fglrx/build_mod/firegl_public.c 14.9/common/lib/modules/fglrx/build_mod/firegl_public.c ---- 14.9/common/lib/modules/fglrx/build_mod/firegl_public.c 2014-09-09 16:10:17.000000000 +0200 -+++ 14.9/common/lib/modules/fglrx/build_mod/firegl_public.c 2014-09-26 19:01:44.000000000 +0200 -@@ -1093,6 +1093,9 @@ - // directly here to allow suspend/resume without X server start. - firegl_pci_save_state((KCL_PCI_DevHandle)pdev, privdev); - pci_disable_device(pdev); -+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3,17,0) -+ pci_ignore_hotplug(pdev); -+#endif - PMSG_EVENT(pdev->dev.power.power_state) = state; - } - else -diff -uNr 14.9/common/lib/modules/fglrx/build_mod/kcl_acpi.c 14.9/common/lib/modules/fglrx/build_mod/kcl_acpi.c ---- 14.9/common/lib/modules/fglrx/build_mod/kcl_acpi.c 2014-09-09 16:10:17.000000000 +0200 -+++ 14.9/common/lib/modules/fglrx/build_mod/kcl_acpi.c 2014-09-26 18:57:27.000000000 +0200 -@@ -840,10 +840,12 @@ - if(tdev != NULL) - { - device = (acpi_device_adr(tdev) >> 16) & 0xffff; -+#if LINUX_VERSION_CODE < KERNEL_VERSION(3,17,0) - if(PCI_SLOT(pdev->devfn) == device) - { - tdev->flags.no_hotplug = true; - } -+#endif - } - #endif - return 0; diff --git a/pkgs/os-specific/linux/ati-drivers/kernel-api-fixes.patch b/pkgs/os-specific/linux/ati-drivers/kernel-api-fixes.patch new file mode 100644 index 00000000000..f763518b249 --- /dev/null +++ b/pkgs/os-specific/linux/ati-drivers/kernel-api-fixes.patch @@ -0,0 +1,99 @@ +diff -Nru 15.7/common/lib/modules/fglrx/build_mod/firegl_public.c 15.7.new/common/lib/modules/fglrx/build_mod/firegl_public.c +--- 15.7/common/lib/modules/fglrx/build_mod/firegl_public.c 2015-07-04 10:31:23.000000000 -0400 ++++ 15.7.new/common/lib/modules/fglrx/build_mod/firegl_public.c 2015-08-03 21:21:13.893211082 -0400 +@@ -242,6 +242,14 @@ + #endif + + // ============================================================ ++ ++#if LINUX_VERSION_CODE < KERNEL_VERSION(3,18,0) ++#define __read_cr4 read_cr4 ++#define __write_cr4 write_cr4 ++#endif ++ ++// ============================================================ ++ + /* globals */ + + char* firegl = NULL; +@@ -3495,10 +3503,12 @@ + KCL_PUB_InterruptHandlerWrap, + #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,22) + ((useMSI) ? (SA_INTERRUPT) : (SA_SHIRQ)), +-#else ++#elif LINUX_VERSION_CODE < KERNEL_VERSION(4,1,0) + //when MSI enabled. keep irq disabled when calling the action handler, + //exclude this IRQ from irq balancing (only on one CPU) + ((useMSI) ? (IRQF_DISABLED) : (IRQF_SHARED)), ++#else ++ ((useMSI) ? 0 : IRQF_SHARED), + #endif + dev_name, + context); +@@ -4498,8 +4508,8 @@ + + if (cpu_has_pge) + { +- cr4 = read_cr4(); +- write_cr4(cr4 & ~X86_CR4_PGE); ++ cr4 = __read_cr4(); ++ __write_cr4(cr4 & ~X86_CR4_PGE); + } + __flush_tlb(); + +@@ -4512,7 +4522,7 @@ + write_cr0(cr0 & 0xbfffffff); + if (cpu_has_pge) + { +- write_cr4(cr4); ++ __write_cr4(cr4); + } + local_irq_restore(flags); + +@@ -4539,8 +4549,8 @@ + + if (cpu_has_pge) + { +- cr4 = read_cr4(); +- write_cr4(cr4 & ~X86_CR4_PGE); ++ cr4 = __read_cr4(); ++ __write_cr4(cr4 & ~X86_CR4_PGE); + } + __flush_tlb(); + +@@ -4552,7 +4562,7 @@ + write_cr0(cr0 & 0xbfffffff); + if (cpu_has_pge) + { +- write_cr4(cr4); ++ __write_cr4(cr4); + } + local_irq_restore(flags); + +diff -Nru 15.7/common/lib/modules/fglrx/build_mod/kcl_acpi.c 15.7.new/common/lib/modules/fglrx/build_mod/kcl_acpi.c +--- 15.7/common/lib/modules/fglrx/build_mod/kcl_acpi.c 2015-07-04 10:31:23.000000000 -0400 ++++ 15.7.new/common/lib/modules/fglrx/build_mod/kcl_acpi.c 2015-08-02 19:59:54.797911610 -0400 +@@ -861,7 +861,10 @@ + #elif LINUX_VERSION_CODE >= KERNEL_VERSION(3,17,0) + if(pdev) + { +- pci_ignore_hotplug(pdev); ++ struct pci_dev *bridge = pdev->bus->self; ++ ++ pdev->ignore_hotplug = 1; ++ if(bridge) bridge->ignore_hotplug = 1; + } + #endif + } +diff -Nru 15.7/common/lib/modules/fglrx/build_mod/kcl_str.c 15.7.new/common/lib/modules/fglrx/build_mod/kcl_str.c +--- 15.7/common/lib/modules/fglrx/build_mod/kcl_str.c 2015-07-04 10:31:23.000000000 -0400 ++++ 15.7.new/common/lib/modules/fglrx/build_mod/kcl_str.c 2015-08-03 00:35:25.938410435 -0400 +@@ -169,7 +169,7 @@ + const char* s2, + KCL_TYPE_SizeSigned count) + { +- return strnicmp(s1, s2, count); ++ return strncasecmp(s1, s2, count); + } + + /** \brief Locate character in string diff --git a/pkgs/os-specific/linux/atop/default.nix b/pkgs/os-specific/linux/atop/default.nix index 17adcabf223..c9a51ae569a 100644 --- a/pkgs/os-specific/linux/atop/default.nix +++ b/pkgs/os-specific/linux/atop/default.nix @@ -1,12 +1,12 @@ {stdenv, fetchurl, zlib, ncurses}: stdenv.mkDerivation rec { - version = "2.1-1"; + version = "2.2-3"; name = "atop-${version}"; src = fetchurl { url = "http://www.atoptool.nl/download/atop-${version}.tar.gz"; - sha256 = "17wqqyym4d02cqmn1l1asah3sld939nlkc84g4ad939kpkzd98ir"; + sha256 = "0p85isn6zih3xfprjym5xanqzazwqjj8x2mmwqyqpqjv6nibi1f7"; }; buildInputs = [zlib ncurses]; @@ -29,6 +29,7 @@ stdenv.mkDerivation rec { preInstall = '' mkdir -p "$out"/{bin,sbin} + make systemdinstall $makeFlags ''; meta = { diff --git a/pkgs/os-specific/linux/audit/default.nix b/pkgs/os-specific/linux/audit/default.nix index 05b9eb9e56f..da27d3ed9d4 100644 --- a/pkgs/os-specific/linux/audit/default.nix +++ b/pkgs/os-specific/linux/audit/default.nix @@ -5,11 +5,11 @@ assert enablePython -> python != null; stdenv.mkDerivation rec { - name = "audit-2.4.1"; + name = "audit-2.4.4"; src = fetchurl { url = "http://people.redhat.com/sgrubb/audit/${name}.tar.gz"; - sha256 = "09ihn392pmac1pyjrs22966csia83yr84hq5ri6sybwj1vx4d4q5"; + sha256 = "08sfcx8ykcn5jsryil15q8yqm0a8czymyqbb2sqxfc1jbx37zx95"; }; buildInputs = [ openldap ] diff --git a/pkgs/os-specific/linux/autofs/create-patches-v5.sh b/pkgs/os-specific/linux/autofs/create-patches-v5.sh deleted file mode 100644 index 1fe6b503288..00000000000 --- a/pkgs/os-specific/linux/autofs/create-patches-v5.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/sh -# -# Use this script with the upstream sorted list of patches -# curl ftp://ftp.kernel.org/pub/linux/daemons/autofs/v5/patches-5.0.{x+1}/patch_order-5.0.x | -# grep -v '^#' | sh create-patches-v5.sh - -BASEURL=mirror://kernel/linux/daemons/autofs/v5/patches-5.0.9; - -echo '# File created automatically' > patches-v5.nix -echo 'fetchurl :' >> patches-v5.nix -echo '[' >> patches-v5.nix - -while read a; do - URL=$BASEURL/$a - HASH=`nix-prefetch-url $URL` - echo "(fetchurl { url = $URL; sha256 = \"$HASH\"; })" >> patches-v5.nix -done - -echo ']' >> patches-v5.nix diff --git a/pkgs/os-specific/linux/autofs/autofs-v5.nix b/pkgs/os-specific/linux/autofs/default.nix index 787cd34180e..3a8aa08d8a3 100644 --- a/pkgs/os-specific/linux/autofs/autofs-v5.nix +++ b/pkgs/os-specific/linux/autofs/default.nix @@ -1,18 +1,16 @@ -{stdenv, fetchurl, flex, bison, linuxHeaders}: +{ stdenv, fetchurl, flex, bison, linuxHeaders }: let - baseURL = mirror://kernel/linux/daemons/autofs/v5; -in -stdenv.mkDerivation { - name = "autofs-5.0.8"; + version = "5.1.1"; + name = "autofs-${version}"; +in stdenv.mkDerivation { + inherit name; src = fetchurl { - url = "${baseURL}/autofs-5.0.8.tar.bz2"; - sha256 = "0zczihrqdamj43401v2pczf7zi94f8qk20gc6l92nxmpak3443if"; + url = "mirror://kernel/linux/daemons/autofs/v5/${name}.tar.xz"; + sha256 = "1hr1f11wp538h7r298wpa5khfkhfs8va3p1kdixxhrgkkzpz13z0"; }; - patches = import ./patches-v5.nix fetchurl; - preConfigure = '' configureFlags="--disable-move-mount --with-path=$PATH" export MOUNT=/var/run/current-system/sw/bin/mount @@ -31,11 +29,12 @@ stdenv.mkDerivation { #make install SUBDIRS="samples" # impure! ''; - buildInputs = [flex bison linuxHeaders]; + buildInputs = [ flex bison linuxHeaders ]; - meta = { - description="Kernel based automounter"; - homepage="http://www.linux-consulting.com/Amd_AutoFS/autofs.html"; + meta = { + inherit version; + description = "Kernel-based automounter"; + homepage = http://www.linux-consulting.com/Amd_AutoFS/autofs.html; license = stdenv.lib.licenses.gpl2; executables = [ "automount" ]; }; diff --git a/pkgs/os-specific/linux/autofs/patches-v5.nix b/pkgs/os-specific/linux/autofs/patches-v5.nix deleted file mode 100644 index a577beefbe7..00000000000 --- a/pkgs/os-specific/linux/autofs/patches-v5.nix +++ /dev/null @@ -1,7 +0,0 @@ -# File created automatically -fetchurl : -[ -(fetchurl { url = mirror://kernel/linux/daemons/autofs/v5/patches-5.0.9/autofs-5.0.8-fix-undefined-authtype_requires_creds-err-if-ldap-en.patch; sha256 = "11v1a32rx57ylp8scswpk41jl9n4kfx55nvdlzhvfs4rhws18rpx"; }) -(fetchurl { url = mirror://kernel/linux/daemons/autofs/v5/patches-5.0.9/autofs-5.0.8-fix-master-map-type-check.patch; sha256 = "1nkq0y6j7dc6214af3q9bxvy7pv9kak0q9chijxcj6zkhfzwrjy3"; }) -(fetchurl { url = mirror://kernel/linux/daemons/autofs/v5/patches-5.0.9/autofs-5.0.8-fix-task-manager-not-getting-signaled.patch; sha256 = "17h06wk4x0rqiky6pm9dglbc5ycxxrd3438a9snnlysl4zzgrqhx"; }) -] diff --git a/pkgs/os-specific/linux/blcr/default.nix b/pkgs/os-specific/linux/blcr/default.nix index 7681e8e3c31..bc7523858fe 100644 --- a/pkgs/os-specific/linux/blcr/default.nix +++ b/pkgs/os-specific/linux/blcr/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, kernel, perl, makeWrapper }: +{ stdenv, lib, fetchurl, kernel, perl, makeWrapper }: # BLCR 0.8.5 should works for kernel version up to 3.7.1 # BLCR 0.8.6 should works for kernel version up to 3.17.x @@ -6,6 +6,9 @@ assert stdenv.isLinux; assert builtins.compareVersions "3.18" kernel.version == 1; +# it doesn't compile anymore on 3.12 +assert lib.versionAtLeast kernel.version "3.14"; + stdenv.mkDerivation { name = "blcr_${kernel.version}-0.8.6pre4"; diff --git a/pkgs/os-specific/linux/bluez/bluez5.nix b/pkgs/os-specific/linux/bluez/bluez5.nix index 6e8fbdacf84..b309b59f48c 100644 --- a/pkgs/os-specific/linux/bluez/bluez5.nix +++ b/pkgs/os-specific/linux/bluez/bluez5.nix @@ -5,11 +5,11 @@ assert stdenv.isLinux; stdenv.mkDerivation rec { - name = "bluez-5.30"; + name = "bluez-5.35"; src = fetchurl { url = "mirror://kernel/linux/bluetooth/${name}.tar.xz"; - sha256 = "0b1qbnq1xzcdw5rajg9yyg31bf21jnff0n6gnf1snz89bbdllfhy"; + sha256 = "1qphz25hganfnd5ipfscbj7s70anv5favmwqmi9ig2saciaf1zhs"; }; pythonPath = with pythonPackages; diff --git a/pkgs/os-specific/linux/broadcom-sta/cfg80211_ibss_joined-channel-parameter.patch b/pkgs/os-specific/linux/broadcom-sta/cfg80211_ibss_joined-channel-parameter.patch deleted file mode 100644 index 5596c0ebcf2..00000000000 --- a/pkgs/os-specific/linux/broadcom-sta/cfg80211_ibss_joined-channel-parameter.patch +++ /dev/null @@ -1,17 +0,0 @@ -Add channel parameter to cfg80211_ibss_joined call - ---- a/src/wl/sys/wl_cfg80211_hybrid.c -+++ b/src/wl/sys/wl_cfg80211_hybrid.c -@@ -1841,7 +1841,12 @@ wl_notify_connect_status(struct wl_cfg80211_priv *wl, struct net_device *ndev, - wl_get_assoc_ies(wl); - memcpy(&wl->bssid, &e->addr, ETHER_ADDR_LEN); - wl_update_bss_info(wl); -+#if LINUX_VERSION_CODE < KERNEL_VERSION(3, 15, 0) - cfg80211_ibss_joined(ndev, (u8 *)&wl->bssid, GFP_KERNEL); -+#else -+ cfg80211_ibss_joined(ndev, (u8 *)&wl->bssid, -+ &wl->conf->channel, GFP_KERNEL); -+#endif - set_bit(WL_STATUS_CONNECTED, &wl->status); - wl->profile->active = true; - } diff --git a/pkgs/os-specific/linux/broadcom-sta/cfg80211_inform_bss-3.18.patch b/pkgs/os-specific/linux/broadcom-sta/cfg80211_inform_bss-3.18.patch deleted file mode 100644 index 100ac9161a6..00000000000 --- a/pkgs/os-specific/linux/broadcom-sta/cfg80211_inform_bss-3.18.patch +++ /dev/null @@ -1,21 +0,0 @@ -Found on a random place http://web.archiveorange.com/archive/v/CcRuxYExfvTxfKcBFLah -Nicolas Viéville, Oct 27 2014 -diff -Naur hybrid-v35_64-nodebug-pcoem-6_30_223_248.orig/src/wl/sys/wl_cfg80211_hybrid.c hybrid-v35_64-nodebug-pcoem-6_30_223_248/src/wl/sys/wl_cfg80211_hybrid.c ---- hybrid-v35_64-nodebug-pcoem-6_30_223_248.orig/src/wl/sys/wl_cfg80211_hybrid.c 2014-09-10 19:27:13.301316000 +0200 -+++ hybrid-v35_64-nodebug-pcoem-6_30_223_248/src/wl/sys/wl_cfg80211_hybrid.c 2014-10-27 11:21:58.213536239 +0100 -@@ -2025,7 +2025,15 @@ - notify_ie = (u8 *)bi + le16_to_cpu(bi->ie_offset); - notify_ielen = le32_to_cpu(bi->ie_length); -+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 18, 0) -+ cbss = cfg80211_inform_bss(wiphy, channel, -+ (mgmt_type == IEEE80211_STYPE_PROBE_RESP) ? CFG80211_BSS_FTYPE_PRESP : CFG80211_BSS_FTYPE_BEACON, -+ (const u8 *)(bi->BSSID.octet), -+ 0, beacon_proberesp->capab_info, beacon_proberesp->beacon_int, -+ (const u8 *)notify_ie, notify_ielen, signal, GFP_KERNEL); -+#else - cbss = cfg80211_inform_bss(wiphy, channel, (const u8 *)(bi->BSSID.octet), - 0, beacon_proberesp->capab_info, beacon_proberesp->beacon_int, - (const u8 *)notify_ie, notify_ielen, signal, GFP_KERNEL); -+#endif - if (unlikely(!cbss)) - return -ENOMEM; diff --git a/pkgs/os-specific/linux/broadcom-sta/default.nix b/pkgs/os-specific/linux/broadcom-sta/default.nix index 94f51911295..64a0c3138c9 100644 --- a/pkgs/os-specific/linux/broadcom-sta/default.nix +++ b/pkgs/os-specific/linux/broadcom-sta/default.nix @@ -18,9 +18,8 @@ stdenv.mkDerivation { patches = [ ./license.patch - ./cfg80211_ibss_joined-channel-parameter.patch - ./netdev-3.17.patch - ./cfg80211_inform_bss-3.18.patch + ./linux-recent.patch + ./gcc.patch ]; makeFlags = "KBASE=${kernel.dev}/lib/modules/${kernel.modDirVersion}"; diff --git a/pkgs/os-specific/linux/broadcom-sta/gcc.patch b/pkgs/os-specific/linux/broadcom-sta/gcc.patch new file mode 100644 index 00000000000..f93e3f1d3a3 --- /dev/null +++ b/pkgs/os-specific/linux/broadcom-sta/gcc.patch @@ -0,0 +1,11 @@ +--- a/Makefile 2014-06-26 10:42:08.000000000 +0000 ++++ b/Makefile 2014-07-17 22:44:01.662297228 +0000 +@@ -126,6 +126,8 @@ + EXTRA_CFLAGS += -I$(src)/src/shared/bcmwifi/include + #EXTRA_CFLAGS += -DBCMDBG_ASSERT -DBCMDBG_ERR + ++EXTRA_CFLAGS += -Wno-date-time ++ + EXTRA_LDFLAGS := $(src)/lib/wlc_hybrid.o_shipped + + KBASE ?= /lib/modules/`uname -r` diff --git a/pkgs/os-specific/linux/broadcom-sta/linux-recent.patch b/pkgs/os-specific/linux/broadcom-sta/linux-recent.patch new file mode 100644 index 00000000000..a690558eb5b --- /dev/null +++ b/pkgs/os-specific/linux/broadcom-sta/linux-recent.patch @@ -0,0 +1,386 @@ +--- a/src/wl/sys/wl_cfg80211_hybrid.c 2014-06-26 12:42:08.000000000 +0200 ++++ b/src/wl/sys/wl_cfg80211_hybrid.c 2015-04-13 13:20:08.140013177 +0200 +@@ -63,8 +63,13 @@ + static s32 wl_cfg80211_join_ibss(struct wiphy *wiphy, struct net_device *dev, + struct cfg80211_ibss_params *params); + static s32 wl_cfg80211_leave_ibss(struct wiphy *wiphy, struct net_device *dev); ++#if LINUX_VERSION_CODE < KERNEL_VERSION(3, 16, 0) + static s32 wl_cfg80211_get_station(struct wiphy *wiphy, + struct net_device *dev, u8 *mac, struct station_info *sinfo); ++#else ++static s32 wl_cfg80211_get_station(struct wiphy *wiphy, ++ struct net_device *dev, const u8 *mac, struct station_info *sinfo); ++#endif + static s32 wl_cfg80211_set_power_mgmt(struct wiphy *wiphy, + struct net_device *dev, bool enabled, s32 timeout); + static int wl_cfg80211_connect(struct wiphy *wiphy, struct net_device *dev, +@@ -1387,7 +1392,7 @@ + key_endian_to_host(&key); + + params.key_len = (u8) min_t(u8, DOT11_MAX_KEY_SIZE, key.len); +- memcpy(params.key, key.data, params.key_len); ++ memcpy((char *)params.key, key.data, params.key_len); + + if ((err = wl_dev_ioctl(dev, WLC_GET_WSEC, &wsec, sizeof(wsec)))) { + return err; +@@ -1421,9 +1426,15 @@ + return err; + } + ++#if LINUX_VERSION_CODE < KERNEL_VERSION(3, 16, 0) + static s32 + wl_cfg80211_get_station(struct wiphy *wiphy, struct net_device *dev, + u8 *mac, struct station_info *sinfo) ++#else ++static s32 ++wl_cfg80211_get_station(struct wiphy *wiphy, struct net_device *dev, ++ const u8 *mac, struct station_info *sinfo) ++#endif + { + struct wl_cfg80211_priv *wl = wiphy_to_wl(wiphy); + scb_val_t scb_val; +@@ -1441,7 +1452,11 @@ + WL_DBG(("Could not get rate (%d)\n", err)); + } else { + rate = dtoh32(rate); ++#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0) + sinfo->filled |= STATION_INFO_TX_BITRATE; ++#else ++ sinfo->filled |= BIT(NL80211_STA_INFO_TX_BITRATE); ++#endif + sinfo->txrate.legacy = rate * 5; + WL_DBG(("Rate %d Mbps\n", (rate / 2))); + } +@@ -1454,7 +1469,11 @@ + return err; + } + rssi = dtoh32(scb_val.val); ++#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0) + sinfo->filled |= STATION_INFO_SIGNAL; ++#else ++ sinfo->filled |= BIT(NL80211_STA_INFO_SIGNAL); ++#endif + sinfo->signal = rssi; + WL_DBG(("RSSI %d dBm\n", rssi)); + } +@@ -2010,9 +2029,15 @@ + + notify_ie = (u8 *)bi + le16_to_cpu(bi->ie_offset); + notify_ielen = le32_to_cpu(bi->ie_length); ++#if LINUX_VERSION_CODE < KERNEL_VERSION(3, 18, 0) + cbss = cfg80211_inform_bss(wiphy, channel, (const u8 *)(bi->BSSID.octet), + 0, beacon_proberesp->capab_info, beacon_proberesp->beacon_int, + (const u8 *)notify_ie, notify_ielen, signal, GFP_KERNEL); ++#else ++ cbss = cfg80211_inform_bss(wiphy, channel, CFG80211_BSS_FTYPE_UNKNOWN, (const u8 *)(bi->BSSID.octet), ++ 0, beacon_proberesp->capab_info, beacon_proberesp->beacon_int, ++ (const u8 *)notify_ie, notify_ielen, signal, GFP_KERNEL); ++#endif + + if (unlikely(!cbss)) + return -ENOMEM; +@@ -2047,7 +2072,11 @@ + } + else if ((event == WLC_E_LINK && ~(flags & WLC_EVENT_MSG_LINK)) || + event == WLC_E_DEAUTH_IND || event == WLC_E_DISASSOC_IND) { ++#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 2, 0) ++ cfg80211_disconnected(ndev, 0, NULL, 0, false, GFP_KERNEL); ++#else + cfg80211_disconnected(ndev, 0, NULL, 0, GFP_KERNEL); ++#endif + clear_bit(WL_STATUS_CONNECTED, &wl->status); + wl_link_down(wl); + wl_init_prof(wl->profile); +@@ -2071,7 +2100,26 @@ + wl_get_assoc_ies(wl); + memcpy(&wl->bssid, &e->addr, ETHER_ADDR_LEN); + wl_update_bss_info(wl); ++#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 15, 0) ++ { ++ struct wl_bss_info *bi; ++ u16 bss_info_channel; ++ struct ieee80211_channel *channel; ++ u32 freq; ++ ++ bi = (struct wl_bss_info *)(wl->extra_buf + 4); ++ bss_info_channel = bi->ctl_ch ? bi->ctl_ch : CHSPEC_CHANNEL(bi->chanspec); ++ ++ freq = ieee80211_channel_to_frequency(bss_info_channel, ++ (bss_info_channel <= CH_MAX_2G_CHANNEL) ? ++ IEEE80211_BAND_2GHZ : IEEE80211_BAND_5GHZ); ++ ++ channel = ieee80211_get_channel(wl_to_wiphy(wl), freq); ++ cfg80211_ibss_joined(ndev, (u8 *)&wl->bssid, channel, GFP_KERNEL); ++ } ++#else + cfg80211_ibss_joined(ndev, (u8 *)&wl->bssid, GFP_KERNEL); ++#endif + set_bit(WL_STATUS_CONNECTED, &wl->status); + wl->profile->active = true; + } +@@ -2629,7 +2677,15 @@ + + void wl_cfg80211_detach(struct net_device *ndev) + { +- struct wl_cfg80211_priv *wl = ndev_to_wl(ndev); ++ struct wl_cfg80211_priv *wl; ++ struct wireless_dev *wdev; ++ ++ wdev = ndev->ieee80211_ptr; ++ if (wdev == NULL) { ++ printk(KERN_ERR "[%s()] in ndev=%p: IEEE80211ptr=%p\n", __FUNCTION__, ndev, wdev); ++ return; ++ } ++ wl = ndev_to_wl(ndev); + + wl_deinit_cfg80211_priv(wl); + wl_free_wdev(wl); +--- a/src/wl/sys/wl_dbg.h 2014-06-26 12:42:08.000000000 +0200 ++++ b/src/wl/sys/wl_dbg.h 2015-04-13 13:19:52.443345832 +0200 +@@ -55,10 +55,12 @@ + + #define WL_NONE(args) + ++#define FORCE_TRACE_LEVEL(fmt, ...) do { printk(KERN_ERR fmt, ## __VA_ARGS__); } while (0) /* ## is GCC specific syntax to remove comma when single arg */ ++ + #ifdef BCMDBG_ERR + #define WL_ERROR(args) WL_PRINT(args) + #else +-#define WL_ERROR(args) ++#define WL_ERROR(args) FORCE_TRACE_LEVEL args + #endif + #define WL_TRACE(args) + #define WL_APSTA_UPDN(args) +--- a/src/wl/sys/wl_linux.c 2014-06-26 12:42:08.000000000 +0200 ++++ b/src/wl/sys/wl_linux.c 2015-04-13 13:19:52.443345832 +0200 +@@ -878,7 +878,7 @@ + static SIMPLE_DEV_PM_OPS(wl_pm_ops, wl_suspend, wl_resume); + #endif + +-static struct pci_driver wl_pci_driver = { ++static struct pci_driver wl_pci_driver __refdata = { + .name = "wl", + .probe = wl_pci_probe, + .remove = __devexit_p(wl_remove), +@@ -1270,6 +1270,7 @@ + MFREE(wl->osh, wlif->dev, sizeof(struct net_device)); + #else + free_netdev(wlif->dev); ++ wlif->dev = NULL; + #endif + } + +@@ -1307,7 +1308,12 @@ + dev->priv = priv_link; + #else + ++#if (LINUX_VERSION_CODE < KERNEL_VERSION(3, 17, 0)) + dev = alloc_netdev(sizeof(priv_link_t), intf_name, ether_setup); ++#else ++ dev = alloc_netdev(sizeof(priv_link_t), intf_name, NET_NAME_UNKNOWN, ++ ether_setup); ++#endif + if (!dev) { + WL_ERROR(("wl%d: %s: alloc_netdev failed\n", + (wl->pub)?wl->pub->unit:wlif->subunit, __FUNCTION__)); +@@ -1651,11 +1657,7 @@ + } + + WL_LOCK(wl); +- if (!capable(CAP_NET_ADMIN)) { +- bcmerror = BCME_EPERM; +- } else { +- bcmerror = wlc_ioctl(wl->wlc, ioc.cmd, buf, ioc.len, wlif->wlcif); +- } ++ bcmerror = wlc_ioctl(wl->wlc, ioc.cmd, buf, ioc.len, wlif->wlcif); + WL_UNLOCK(wl); + + done1: +@@ -2157,8 +2159,8 @@ + wlif = WL_DEV_IF(dev); + wl = WL_INFO(dev); + ++ skb->prev = NULL; + if (WL_ALL_PASSIVE_ENAB(wl) || (WL_RTR() && WL_CONFIG_SMP())) { +- skb->prev = NULL; + + TXQ_LOCK(wl); + +@@ -2455,8 +2457,10 @@ + p80211msg_t *phdr; + + len = sizeof(p80211msg_t) + oskb->len - D11_PHY_HDR_LEN; +- if ((skb = dev_alloc_skb(len)) == NULL) ++ if ((skb = dev_alloc_skb(len)) == NULL) { ++ WL_ERROR(("in %s:%d [%s()] dev_alloc_skb() failure!", __FILE__, __LINE__, __FUNCTION__)); + return; ++ } + + skb_put(skb, len); + phdr = (p80211msg_t*)skb->data; +@@ -2535,8 +2539,10 @@ + rtap_len = sizeof(wl_radiotap_ht_brcm_2_t); + + len = rtap_len + (oskb->len - D11_PHY_HDR_LEN); +- if ((skb = dev_alloc_skb(len)) == NULL) ++ if ((skb = dev_alloc_skb(len)) == NULL) { ++ WL_ERROR(("in %s:%d [%s()] dev_alloc_skb() failure!", __FILE__, __LINE__, __FUNCTION__)); + return; ++ } + + skb_put(skb, len); + +@@ -2664,8 +2670,10 @@ + len += amsdu_len; + } + +- if ((skb = dev_alloc_skb(len)) == NULL) ++ if ((skb = dev_alloc_skb(len)) == NULL) { ++ WL_ERROR(("in %s:%d [%s()] dev_alloc_skb() failure!", __FILE__, __LINE__, __FUNCTION__)); + return; ++ } + + skb_put(skb, len); + +@@ -2990,7 +2998,7 @@ + } + + void +-wl_set_monitor(wl_info_t *wl, int val) ++wl_set_monitor(wl_info_t *wl, int val) /* public => is called by wlc_hybrid.o_shipped */ + { + const char *devname; + wl_if_t *wlif; +@@ -3224,42 +3232,75 @@ + #if LINUX_VERSION_CODE < KERNEL_VERSION(3, 10, 0) + static int + wl_proc_read(char *buffer, char **start, off_t offset, int length, int *eof, void *data) ++{ ++ wl_info_t * wl = (wl_info_t *)data; + #else + static ssize_t +-wl_proc_read(struct file *filp, char __user *buffer, size_t length, loff_t *data) +-#endif ++wl_proc_read(struct file *filp, char __user *buffer, size_t length, loff_t *offp) + { +- wl_info_t * wl = (wl_info_t *)data; +- int to_user; +- int len; ++ wl_info_t * wl = PDE_DATA(file_inode(filp)); ++#endif ++ int bcmerror, len; ++ int to_user = 0; ++ char tmp[8]; + + #if LINUX_VERSION_CODE < KERNEL_VERSION(3, 10, 0) + if (offset > 0) { + *eof = 1; + return 0; + } ++#else ++ if (*offp > 0) { /* for example, stop: cat /proc/brcm_monitor0 */ ++ return 0; /* 0 <=> EOF */ ++ } + #endif + +- if (!length) { +- WL_ERROR(("%s: Not enough return buf space\n", __FUNCTION__)); +- return 0; +- } + WL_LOCK(wl); +- wlc_ioctl(wl->wlc, WLC_GET_MONITOR, &to_user, sizeof(int), NULL); +- len = sprintf(buffer, "%d\n", to_user); +- WL_UNLOCK(wl); +- return len; ++ bcmerror = wlc_ioctl(wl->wlc, WLC_GET_MONITOR, &to_user, sizeof(int), NULL); ++ WL_UNLOCK(wl); ++ ++ if (bcmerror != BCME_OK) { ++ WL_ERROR(("%s: GET_MONITOR failed with %d\n", __FUNCTION__, bcmerror)); ++ return -EIO; ++ } ++ ++ len = snprintf(tmp, ARRAY_SIZE(tmp), "%d\n", to_user); ++ tmp[ARRAY_SIZE(tmp) - 1] = '\0'; ++ if (len >= ARRAY_SIZE(tmp)) { ++ printk(KERN_ERR "%s:%d [%s()] output would be truncated (ret=%d)!", __FILE__, __LINE__, __FUNCTION__, len); ++ return -ERANGE; ++ } ++ else if (len < 0) { ++ printk(KERN_ERR "%s:%d [%s()] unable to convert value (ret=%d)!", __FILE__, __LINE__, __FUNCTION__, len); ++ return len; ++ } ++ if (length < len) { ++ printk(KERN_ERR "%s:%d [%s()] user buffer is too small (at least=%d ; user=%d)!", __FILE__, __LINE__, __FUNCTION__, len, (int)length); ++ return -EMSGSIZE; ++ } ++ if (copy_to_user(buffer, tmp, len) != 0) { ++ printk(KERN_ERR "%s:%d [%s()] unable to copy data!", __FILE__, __LINE__, __FUNCTION__); ++ return -EFAULT; ++ } ++ ++#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 10, 0) ++ *offp += len; ++#endif ++ ++ return len; + } + + #if LINUX_VERSION_CODE < KERNEL_VERSION(3, 10, 0) + static int + wl_proc_write(struct file *filp, const char *buff, unsigned long length, void *data) ++{ ++ wl_info_t * wl = (wl_info_t *)data; + #else + static ssize_t +-wl_proc_write(struct file *filp, const char __user *buff, size_t length, loff_t *data) +-#endif ++wl_proc_write(struct file *filp, const char __user *buff, size_t length, loff_t *offp) + { +- wl_info_t * wl = (wl_info_t *)data; ++ wl_info_t * wl = PDE_DATA(file_inode(filp)); ++#endif + int from_user = 0; + int bcmerror; + +@@ -3270,7 +3311,11 @@ + } + if (copy_from_user(&from_user, buff, 1)) { + WL_ERROR(("%s: copy from user failed\n", __FUNCTION__)); +- return -EIO; ++#if LINUX_VERSION_CODE < KERNEL_VERSION(3, 10, 0) ++ return -EIO; ++#else ++ return -EFAULT; ++#endif + } + + if (from_user >= 0x30) +@@ -3280,10 +3325,15 @@ + bcmerror = wlc_ioctl(wl->wlc, WLC_SET_MONITOR, &from_user, sizeof(int), NULL); + WL_UNLOCK(wl); + +- if (bcmerror < 0) { ++ if (bcmerror != BCME_OK) { + WL_ERROR(("%s: SET_MONITOR failed with %d\n", __FUNCTION__, bcmerror)); + return -EIO; + } ++ ++#if (LINUX_VERSION_CODE >= KERNEL_VERSION(3, 10, 0)) && 0 /* no need to update offset because this file should only trigger action... */ ++ *offp += length; ++#endif ++ + return length; + } + +@@ -3304,8 +3354,8 @@ + if ((wl->proc_entry = create_proc_entry(tmp, 0644, NULL)) == NULL) { + WL_ERROR(("%s: create_proc_entry %s failed\n", __FUNCTION__, tmp)); + #else +- if ((wl->proc_entry = proc_create(tmp, 0644, NULL, &wl_fops)) == NULL) { +- WL_ERROR(("%s: proc_create %s failed\n", __FUNCTION__, tmp)); ++ if ((wl->proc_entry = proc_create_data(tmp, 0644, NULL, &wl_fops, wl)) == NULL) { ++ WL_ERROR(("%s: proc_create_data %s failed\n", __FUNCTION__, tmp)); + #endif + ASSERT(0); + return -1; diff --git a/pkgs/os-specific/linux/broadcom-sta/netdev-3.17.patch b/pkgs/os-specific/linux/broadcom-sta/netdev-3.17.patch deleted file mode 100644 index 5a33cef7370..00000000000 --- a/pkgs/os-specific/linux/broadcom-sta/netdev-3.17.patch +++ /dev/null @@ -1,15 +0,0 @@ -diff -Naur a/src/wl/sys/wl_linux.c b/src/wl/sys/wl_linux.c ---- a/src/wl/sys/wl_linux.c 2014-06-26 06:42:08.000000000 -0400 -+++ b/src/wl/sys/wl_linux.c 2014-10-13 12:00:04.446122588 -0400 -@@ -1307,7 +1307,11 @@ - dev->priv = priv_link; - #else - -+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 17, 0) -+ dev = alloc_netdev(sizeof(priv_link_t), intf_name, NET_NAME_UNKNOWN, ether_setup); -+#else - dev = alloc_netdev(sizeof(priv_link_t), intf_name, ether_setup); -+#endif - if (!dev) { - WL_ERROR(("wl%d: %s: alloc_netdev failed\n", - (wl->pub)?wl->pub->unit:wlif->subunit, __FUNCTION__)); diff --git a/pkgs/os-specific/linux/busybox/default.nix b/pkgs/os-specific/linux/busybox/default.nix index c8e7ffda917..2a96f4b46b3 100644 --- a/pkgs/os-specific/linux/busybox/default.nix +++ b/pkgs/os-specific/linux/busybox/default.nix @@ -1,4 +1,9 @@ -{ lib, stdenv, uclibc, fetchurl, enableStatic ? false, enableMinimal ? false, useUclibc ? false, extraConfig ? "" }: +{ stdenv, fetchurl, musl +, enableStatic ? false +, enableMinimal ? false +, useMusl ? false +, extraConfig ? "" +}: let configParser = '' @@ -21,11 +26,11 @@ let in stdenv.mkDerivation rec { - name = "busybox-1.22.1"; + name = "busybox-1.23.2"; src = fetchurl { url = "http://busybox.net/downloads/${name}.tar.bz2"; - sha256 = "12v7nri79v8gns3inmz4k24q7pcnwi00hybs0wddfkcy1afh42xf"; + sha256 = "16ii9sqracvh2r1gfzhmlypl269nnbkpvrwa7270k35d3bigk9h5"; }; patches = [ ./busybox-in-store.patch ]; @@ -41,7 +46,7 @@ stdenv.mkDerivation rec { CONFIG_PREFIX "$out" CONFIG_INSTALL_NO_USR y - ${lib.optionalString enableStatic '' + ${stdenv.lib.optionalString enableStatic '' CONFIG_STATIC y ''} @@ -54,8 +59,8 @@ stdenv.mkDerivation rec { EOF make oldconfig - '' + lib.optionalString useUclibc '' - makeFlagsArray+=("CC=gcc -isystem ${uclibc}/include -B${uclibc.out}/lib -L${uclibc.out}/lib") + '' + stdenv.lib.optionalString useMusl '' + makeFlagsArray+=("CC=gcc -isystem ${musl}/include -B${musl}/lib -L${musl}/lib") ''; crossAttrs = { @@ -69,11 +74,11 @@ stdenv.mkDerivation rec { enableParallelBuilding = true; - meta = { + meta = with stdenv.lib; { description = "Tiny versions of common UNIX utilities in a single small executable"; homepage = http://busybox.net/; - license = lib.licenses.gpl2; - maintainers = [ lib.maintainers.viric ]; - platforms = lib.platforms.linux; + license = licenses.gpl2; + maintainers = with maintainers; [ viric ]; + platforms = platforms.linux; }; } diff --git a/pkgs/os-specific/linux/can-utils/default.nix b/pkgs/os-specific/linux/can-utils/default.nix index 6a3fbd33d68..9da2b755fd5 100644 --- a/pkgs/os-specific/linux/can-utils/default.nix +++ b/pkgs/os-specific/linux/can-utils/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchgit }: +{ stdenv, fetchFromGitHub }: stdenv.mkDerivation rec { name = "can-utils-${version}"; @@ -6,17 +6,18 @@ stdenv.mkDerivation rec { # latest commit in git master as version number. version = "20140227"; - src = fetchgit { - url = "https://git.gitorious.org/linux-can/can-utils.git"; + src = fetchFromGitHub { + owner = "linux-can"; + repo = "can-utils"; rev = "67a2bdcd336e6becfa5784742e18c88dbeddc973"; - sha256 = "0pnnjl141wf3kbf256m6qz9mxz0144z36qqb43skialzcnlhga38"; + sha256 = "1v73b0nk1kb3kp5nbxp4xiygny6nfjgjnm7zgzrjgryvdrnws32z"; }; preConfigure = ''makeFlagsArray+=(PREFIX="$out")''; meta = with stdenv.lib; { description = "CAN userspace utilities and tools (for use with Linux SocketCAN)"; - homepage = "https://gitorious.org/linux-can/can-utils"; + homepage = "https://github.com/linux-can/can-utils"; license = licenses.gpl2Plus; platforms = platforms.linux; maintainers = [ maintainers.bjornfor ]; diff --git a/pkgs/os-specific/linux/cgmanager/default.nix b/pkgs/os-specific/linux/cgmanager/default.nix index 79be500a13d..1c79fddeca9 100644 --- a/pkgs/os-specific/linux/cgmanager/default.nix +++ b/pkgs/os-specific/linux/cgmanager/default.nix @@ -1,31 +1,22 @@ -{ stdenv, fetchurl, pkgconfig, libnih, dbus }: +{ stdenv, fetchurl, pkgconfig, libnih, dbus, pam }: stdenv.mkDerivation rec { - name = "cgmanager-0.36"; + name = "cgmanager-0.39"; src = fetchurl { url = "https://linuxcontainers.org/downloads/cgmanager/${name}.tar.gz"; - sha256 = "039azd4ghpmiccd95ki8fna321kccapff00rib6hrdgg600pyw7l"; + sha256 = "0ysv8klnybp727aad2k0aa67s05q027pzfl7rmm0map4nizlhrcy"; }; - buildInputs = [ pkgconfig libnih dbus ]; + nativeBuildInputs = [ pkgconfig ]; + buildInputs = [ libnih dbus pam ]; configureFlags = [ "--with-init-script=systemd" - "--sysconfdir=/etc/" + "--sysconfdir=/etc" "--localstatedir=/var" ]; - installFlags = [ "DESTDIR=\${out}" ]; - - postInstall = '' - mv $out/$out/* $out - DIR=$out/$out - while rmdir $DIR 2>/dev/null; do - DIR="$(dirname "$DIR")" - done - ''; - meta = with stdenv.lib; { homepage = https://linuxcontainers.org/cgmanager/introduction/; description = "a central privileged daemon that manages all your cgroups"; diff --git a/pkgs/os-specific/linux/checkpolicy/default.nix b/pkgs/os-specific/linux/checkpolicy/default.nix index 1f06fb66218..9fbed50f3b9 100644 --- a/pkgs/os-specific/linux/checkpolicy/default.nix +++ b/pkgs/os-specific/linux/checkpolicy/default.nix @@ -1,25 +1,32 @@ -{ stdenv, fetchurl, libsepol, libselinux, bison, flex }: -stdenv.mkDerivation rec { +{ stdenv, fetchurl, bison, flex, libsepol }: +stdenv.mkDerivation rec { name = "checkpolicy-${version}"; - version = "2.3"; + version = "2.4"; inherit (libsepol) se_release se_url; src = fetchurl { url = "${se_url}/${se_release}/checkpolicy-${version}.tar.gz"; - sha256 = "0yr0r2cxz9lbj7i0wqgcd4wjvc6zf1fmqk0xjybnkdpcmw8jsqwh"; + sha256 = "1m5wjm43lzp6bld8higsvdm2dkddydihhwv9qw2w9r4dm0largcv"; }; - buildInputs = [ libsepol libselinux bison flex ]; + nativeBuildInputs = [ bison flex ]; + buildInputs = [ libsepol ]; + + NIX_CFLAGS_COMPILE = "-fstack-protector-all"; + + # Don't build tests + postPatch = '' + sed -i '/-C test/d' Makefile + ''; preBuild = '' - makeFlags="$makeFlags LEX=flex LIBDIR=${libsepol}/lib PREFIX=$out" - sed -e 's@[.]o$@& ../lex.yy.o@' -i test/Makefile + makeFlagsArray+=("LEX=flex") + makeFlagsArray+=("LIBDIR=${libsepol}/lib") + makeFlagsArray+=("PREFIX=$out") ''; - meta = with stdenv.lib; { + meta = libsepol.meta // { description = "SELinux policy compiler"; - license = licenses.gpl2; - inherit (libsepol.meta) homepage platforms maintainers; }; } diff --git a/pkgs/os-specific/linux/conky/default.nix b/pkgs/os-specific/linux/conky/default.nix index c54d4aa6319..b857d5ece45 100644 --- a/pkgs/os-specific/linux/conky/default.nix +++ b/pkgs/os-specific/linux/conky/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, pkgconfig +{ stdenv, fetchFromGitHub, pkgconfig, cmake # dependencies , glib @@ -7,23 +7,17 @@ , mpdSupport ? true , ibmSupport ? true # IBM/Lenovo notebooks -# This should be optional, but it is not due to a bug in conky -# Please, try to make it optional again on update -, ncurses -#, ncursesSupport ? true , ncurses ? null - # optional features with extra dependencies -, x11Support ? true , x11 ? null +, ncursesSupport ? true , ncurses ? null +, x11Support ? true , xlibsWrapper ? null , xdamageSupport ? x11Support, libXdamage ? null , imlib2Support ? x11Support, imlib2 ? null -, luaSupport ? true , lua ? null +, luaSupport ? true , lua ? null , luaImlib2Support ? luaSupport && imlib2Support , luaCairoSupport ? luaSupport && x11Support, cairo ? null , toluapp ? null -, alsaSupport ? true , alsaLib ? null - , wirelessSupport ? true , wirelesstools ? null , curlSupport ? true , curl ? null @@ -33,9 +27,9 @@ , libxml2 ? null }: -#assert ncursesSupport -> ncurses != null; +assert ncursesSupport -> ncurses != null; -assert x11Support -> x11 != null; +assert x11Support -> xlibsWrapper != null; assert xdamageSupport -> x11Support && libXdamage != null; assert imlib2Support -> x11Support && imlib2 != null; assert luaSupport -> lua != null; @@ -46,8 +40,6 @@ assert luaCairoSupport -> luaSupport && toluapp != null assert luaCairoSupport || luaImlib2Support -> lua.luaversion == "5.1"; -assert alsaSupport -> alsaLib != null; - assert wirelessSupport -> wirelesstools != null; assert curlSupport -> curl != null; @@ -58,62 +50,52 @@ assert weatherXoapSupport -> curlSupport && libxml2 != null; with stdenv.lib; stdenv.mkDerivation rec { - name = "conky-1.9.0"; - - src = fetchurl { - url = "mirror://sourceforge/conky/${name}.tar.bz2"; - sha256 = "0vxvjmi3cdvnp994sv5zcdyncfn0mlxa71p2wm9zpyrmy58bbwds"; + name = "conky-${version}"; + version = "1.10.0"; + + src = fetchFromGitHub { + owner = "brndnmtthws"; + repo = "conky"; + rev = "v${version}"; + sha256 = "00vyrf72l54j3majqmn6vykqvvb15vygsaby644nsb5vpma6b1cn"; }; NIX_LDFLAGS = "-lgcc_s"; - buildInputs = [ pkgconfig glib ] - ++ [ ncurses ] - #++ optional ncursesSupport ncurses - ++ optional x11Support x11 + buildInputs = [ pkgconfig glib cmake ] + ++ optional ncursesSupport ncurses + ++ optional x11Support xlibsWrapper ++ optional xdamageSupport libXdamage ++ optional imlib2Support imlib2 ++ optional luaSupport lua ++ optionals luaImlib2Support [ toluapp imlib2 ] ++ optionals luaCairoSupport [ toluapp cairo ] - - ++ optional alsaSupport alsaLib - ++ optional wirelessSupport wirelesstools - ++ optional curlSupport curl ++ optional rssSupport libxml2 ++ optional weatherXoapSupport libxml2 ; - configureFlags = - let flag = state: flags: if state then map (x: "--enable-${x}") flags - else map (x: "--disable-${x}") flags; - in flag mpdSupport [ "mpd" ] - ++ flag ibmSupport [ "ibm" ] - - #++ flag ncursesSupport [ "ncurses" ] - ++ flag x11Support [ "x11" "xft" "argb" "double-buffer" "own-window" ] # conky won't compile without --enable-own-window - ++ flag xdamageSupport [ "xdamage" ] - ++ flag imlib2Support [ "imlib2" ] - ++ flag luaSupport [ "lua" ] - ++ flag luaImlib2Support [ "lua-imlib2" ] - ++ flag luaCairoSupport [ "lua-cairo" ] - - ++ flag alsaSupport [ "alsa" ] - - ++ flag wirelessSupport [ "wlan" ] - - ++ flag curlSupport [ "curl" ] - ++ flag rssSupport [ "rss" ] - ++ flag weatherMetarSupport [ "weather-metar" ] - ++ flag weatherXoapSupport [ "weather-xoap" ] - ; + cmakeFlags = [ "-DCMAKE_BUILD_TYPE=Release" ] + ++ optional curlSupport "-DBUILD_CURL=ON" + ++ optional (!ibmSupport) "-DBUILD_IBM=OFF" + ++ optional imlib2Support "-DBUILD_IMLIB2=ON" + ++ optional luaCairoSupport "-DBUILD_LUA_CAIRO=ON" + ++ optional luaImlib2Support "-DBUILD_LUA_IMLIB2=ON" + ++ optional (!mpdSupport) "-DBUILD_MPD=OFF" + ++ optional (!ncursesSupport) "-DBUILD_NCURSES=OFF" + ++ optional rssSupport "-DBUILD_RSS=ON" + ++ optional (!x11Support) "-DBUILD_X11=OFF" + ++ optional xdamageSupport "-DBUILD_XDAMAGE=ON" + ++ optional weatherMetarSupport "-DBUILD_WEATHER_METAR=ON" + ++ optional weatherXoapSupport "-DBUILD_WEATHER_XOAP=ON" + ++ optional wirelessSupport "-DBUILD_WLAN=ON" + ; - meta = { + meta = with stdenv.lib; { homepage = http://conky.sourceforge.net/; description = "Advanced, highly configurable system monitor based on torsmo"; - maintainers = [ stdenv.lib.maintainers.guibert ]; - license = stdenv.lib.licenses.gpl3Plus; + maintainers = [ maintainers.guibert ]; + license = licenses.gpl3Plus; }; } diff --git a/pkgs/os-specific/linux/conntrack-tools/default.nix b/pkgs/os-specific/linux/conntrack-tools/default.nix index 51358628ff1..f0988759bc4 100644 --- a/pkgs/os-specific/linux/conntrack-tools/default.nix +++ b/pkgs/os-specific/linux/conntrack-tools/default.nix @@ -4,11 +4,11 @@ stdenv.mkDerivation rec { name = "conntrack-tools-${version}"; - version = "1.4.2"; + version = "1.4.3"; src = fetchurl { url = "http://www.netfilter.org/projects/conntrack-tools/files/${name}.tar.bz2"; - sha256 = "e5c423dc077f9ca8767eaa6cf40446943905711c6a8fe27f9cc1977d4d6aa11e"; + sha256 = "0mrzrzp6y41pmxc6ixc4fkgz6layrpwsmzb522adzzkc6mhcqg5g"; }; buildInputs = [ libmnl libnfnetlink libnetfilter_conntrack libnetfilter_queue @@ -20,5 +20,6 @@ stdenv.mkDerivation rec { description = "Connection tracking userspace tools"; platforms = platforms.linux; license = licenses.gpl2Plus; + maintainers = with maintainers; [ nckx ]; }; } diff --git a/pkgs/os-specific/linux/cramfsswap/default.nix b/pkgs/os-specific/linux/cramfsswap/default.nix index 6a309197dd7..440f99b0ad6 100644 --- a/pkgs/os-specific/linux/cramfsswap/default.nix +++ b/pkgs/os-specific/linux/cramfsswap/default.nix @@ -4,7 +4,7 @@ stdenv.mkDerivation { name = "cramfsswap-1.4.1"; builder = ./builder.sh; src = fetchurl { - url = http://ftp.debian.org/debian/pool/main/c/cramfsswap/cramfsswap_1.4.1.tar.gz; + url = mirror://debian/pool/main/c/cramfsswap/cramfsswap_1.4.1.tar.gz; sha256 = "0c6lbx1inkbcvvhh3y6fvfaq3w7d1zv7psgpjs5f3zjk1jysi9qd"; }; diff --git a/pkgs/os-specific/linux/cryptsetup/default.nix b/pkgs/os-specific/linux/cryptsetup/default.nix index 50ea3f6a067..4e3ede284b4 100644 --- a/pkgs/os-specific/linux/cryptsetup/default.nix +++ b/pkgs/os-specific/linux/cryptsetup/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, devicemapper, libgcrypt, libuuid, pkgconfig, popt +{ stdenv, fetchurl, devicemapper, openssl, libuuid, pkgconfig, popt , enablePython ? false, python ? null }: @@ -12,10 +12,10 @@ stdenv.mkDerivation rec { sha256 = "0878vwblazms1dac2ds7vyz8pgi1aac8870ccnl2s0v2sv428g62"; }; - configureFlags = [ "--enable-cryptsetup-reencrypt" ] + configureFlags = [ "--enable-cryptsetup-reencrypt" "--with-crypto_backend=openssl" ] ++ stdenv.lib.optional enablePython "--enable-python"; - buildInputs = [ devicemapper libgcrypt libuuid pkgconfig popt ] + buildInputs = [ devicemapper openssl libuuid pkgconfig popt ] ++ stdenv.lib.optional enablePython python; meta = { diff --git a/pkgs/os-specific/linux/directvnc/default.nix b/pkgs/os-specific/linux/directvnc/default.nix index 33ebd28d55e..b6f221b8ea4 100644 --- a/pkgs/os-specific/linux/directvnc/default.nix +++ b/pkgs/os-specific/linux/directvnc/default.nix @@ -1,5 +1,5 @@ -a : -let +a @ { libjpeg, pkgconfig, zlib, directfb, xproto, ... } : +let s = import ./src-for-default.nix; buildInputs = with a; [ directfb zlib libjpeg pkgconfig xproto @@ -14,13 +14,13 @@ rec { /* doConfigure should be removed if not needed */ phaseNames = ["doConfigure" "doMakeInstall"]; - + meta = { description = "DirectFB VNC client"; maintainers = [ a.lib.maintainers.raskin ]; - platforms = with a.lib.platforms; + platforms = with a.lib.platforms; linux; }; } diff --git a/pkgs/os-specific/linux/disk-indicator/default.nix b/pkgs/os-specific/linux/disk-indicator/default.nix index 11c1e7ee8a2..406492db236 100644 --- a/pkgs/os-specific/linux/disk-indicator/default.nix +++ b/pkgs/os-specific/linux/disk-indicator/default.nix @@ -1,7 +1,7 @@ { stdenv, fetchgit, libX11 }: stdenv.mkDerivation { - name = "disk-indicator"; + name = "disk-indicator-2014-05-19"; src = fetchgit { url = git://github.com/MeanEYE/Disk-Indicator.git; diff --git a/pkgs/os-specific/linux/dmidecode/default.nix b/pkgs/os-specific/linux/dmidecode/default.nix index 19d4092ba78..7ba8dffcc31 100644 --- a/pkgs/os-specific/linux/dmidecode/default.nix +++ b/pkgs/os-specific/linux/dmidecode/default.nix @@ -1,11 +1,11 @@ { stdenv, fetchurl }: stdenv.mkDerivation rec { - name = "dmidecode-2.12"; + name = "dmidecode-3.0"; src = fetchurl { - url = "mirror://savannah/dmidecode/${name}.tar.bz2"; - sha256 = "122hgaw8mpqdfra159lfl6pyk3837giqx6vq42j64fjnbl2z6gwi"; + url = "mirror://savannah/dmidecode/${name}.tar.xz"; + sha256 = "0iby0xfk5x3cdr0x0gxj5888jjyjhafvaq0l79civ73jjfqmphvy"; }; makeFlags = "prefix=$(out)"; diff --git a/pkgs/os-specific/linux/dstat/default.nix b/pkgs/os-specific/linux/dstat/default.nix index c95532f1360..6b3b7fac8f3 100644 --- a/pkgs/os-specific/linux/dstat/default.nix +++ b/pkgs/os-specific/linux/dstat/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, python }: +{ stdenv, fetchurl, python, pythonPackages }: stdenv.mkDerivation rec { name = "dstat-0.7.2"; @@ -8,7 +8,9 @@ stdenv.mkDerivation rec { sha256 = "1bivnciwlamnl9q6i5ygr7jhs8pp833z2bkbrffvsa60szcqda9l"; }; - buildInputs = [ ]; + buildInputs = with pythonPackages; [ python-wifi wrapPython ]; + + pythonPath = with pythonPackages; [ python-wifi ]; patchPhase = '' sed -i -e 's|/usr/bin/env python|${python}/bin/python|' \ @@ -17,11 +19,15 @@ stdenv.mkDerivation rec { makeFlags = "prefix=$(out)"; - meta = { + postInstall = '' + wrapPythonProgramsIn $out/bin "$out $pythonPath" + ''; + + meta = with stdenv.lib; { homepage = http://dag.wieers.com/home-made/dstat/; description = "Versatile resource statistics tool"; - license = stdenv.lib.licenses.gpl2; - platforms = stdenv.lib.platforms.linux; - maintainers = [ ]; + license = licenses.gpl2; + platforms = platforms.linux; + maintainers = with maintainers; [ jgeerds nckx ]; }; } diff --git a/pkgs/os-specific/linux/edac-utils/default.nix b/pkgs/os-specific/linux/edac-utils/default.nix new file mode 100644 index 00000000000..b24099f9599 --- /dev/null +++ b/pkgs/os-specific/linux/edac-utils/default.nix @@ -0,0 +1,40 @@ +{ stdenv, fetchFromGitHub, perl, makeWrapper +, sysfsutils, dmidecode, kmod }: + +stdenv.mkDerivation { + name = "edac-utils-2015-01-07"; + + src = fetchFromGitHub { + owner = "grondo"; + repo = "edac-utils"; + rev = "f9aa96205f610de39a79ff43c7478b7ef02e3138"; + sha256 = "1dmfqb15ffldl5zirbmwiqzpxbcc2ny9rpfvxcfvpmh5b69knvdg"; + }; + + nativeBuildInputs = [ perl makeWrapper ]; + buildInputs = [ sysfsutils ]; + + configureFlags = [ + "--sysconfdir=/etc" + "--localstatedir=/var" + ]; + + installFlags = [ + "sysconfdir=\${out}/etc" + ]; + + postInstall = '' + wrapProgram "$out/sbin/edac-ctl" \ + --set PATH : "" \ + --prefix PATH : "${dmidecode}/bin" \ + --prefix PATH : "${kmod}/bin" + ''; + + meta = with stdenv.lib; { + homepage = http://github.com/grondo/edac-utils; + description = "Handles the reporting of hardware-related memory errors"; + license = licenses.gpl2; + platforms = platforms.linux; + maintainers = with maintainers; [ wkennington ]; + }; +} diff --git a/pkgs/os-specific/linux/eudev/default.nix b/pkgs/os-specific/linux/eudev/default.nix index e2bcf9837e7..1db5967aab5 100644 --- a/pkgs/os-specific/linux/eudev/default.nix +++ b/pkgs/os-specific/linux/eudev/default.nix @@ -3,10 +3,10 @@ let s = # Generated upstream information rec { baseName="eudev"; - version = "3.0"; + version = "3.1.2"; name="${baseName}-${version}"; url="http://dev.gentoo.org/~blueness/eudev/eudev-${version}.tar.gz"; - sha256 = "0afva1vh3lwhw9bryh41dxg82kfnxj1ifa91p3gjwffc2fpqmnvl"; + sha256 = "0wq2w67ip957l5bi21jj3w2rv7s7klcrnlg6zpg1g0fxjfgbd4s3"; }; buildInputs = [ glib pkgconfig gperf utillinux @@ -26,6 +26,12 @@ stdenv.mkDerivation { "hwdb_bin=/var/lib/udev/hwdb.bin" "udevrulesdir=/etc/udev/rules.d" ]; + + preInstall = '' + # Disable install-exec-hook target as it conflicts with our move-sbin setup-hook + sed -i 's;$(MAKE) $(AM_MAKEFLAGS) install-exec-hook;$(MAKE) $(AM_MAKEFLAGS);g' src/udev/Makefile + ''; + installFlags = [ "localstatedir=$(TMPDIR)/var" diff --git a/pkgs/os-specific/linux/eventstat/default.nix b/pkgs/os-specific/linux/eventstat/default.nix new file mode 100644 index 00000000000..d6122202b82 --- /dev/null +++ b/pkgs/os-specific/linux/eventstat/default.nix @@ -0,0 +1,21 @@ +{ stdenv, lib, fetchzip }: + +stdenv.mkDerivation rec { + name = "eventstat-${version}"; + version = "0.02.02"; + src = fetchzip { + url = "http://kernel.ubuntu.com/~cking/tarballs/eventstat/eventstat-${version}.tar.gz"; + sha256 = "1l1shcj3c0pxv1g6sqc10ka1crbx0cm2gldxbyrzqv2lmlfnmm44"; + }; + installFlags = [ "DESTDIR=$(out)" ]; + postInstall = '' + mv $out/usr/* $out + rm -r $out/usr + ''; + meta = with lib; { + description = "Simple monitoring of system events"; + license = licenses.gpl2; + platforms = platforms.linux; + maintainers = with maintainers; [ cstrahan ]; + }; +} diff --git a/pkgs/os-specific/linux/fanctl/default.nix b/pkgs/os-specific/linux/fanctl/default.nix new file mode 100644 index 00000000000..61e100f4c9b --- /dev/null +++ b/pkgs/os-specific/linux/fanctl/default.nix @@ -0,0 +1,48 @@ +{ stdenv, lib, fetchbzr, makeWrapper, bridge-utils, iproute, dnsmasq, iptables, kmod, utillinux }: + +let stateDir = "/var/lib/fan-networking"; +in stdenv.mkDerivation rec { + name = "fanctl-${version}"; + + version = "0.3.0"; + + src = fetchbzr { + url = "https://code.launchpad.net/~ubuntu-branches/ubuntu/vivid/ubuntu-fan/vivid-updates"; + rev = 2; + sha256 = "1vcr2rg99g7sx1zynhiggjzc9y9z591i4535hbm21dysy3cisp7i"; + }; + + buildInputs = [ makeWrapper ]; + + # When given --conf-file="", dnsmasq still attempts to read /etc/dnsmasq.conf; + # if that files does not exist, dnsmasq subsequently fails, + # so we'll use /dev/null. + # + # Also, make sure the state directory before starting dnsmasq. + buildPhase = '' + substituteInPlace fanctl \ + --replace '--conf-file= ' \ + '--conf-file=/dev/null ' \ + --replace '/var/lib/misc' \ + '${stateDir}' + + sed -i '/dnsmasq -u/i \ + mkdir -p ${stateDir}' fanctl + ''; + + installPhase = '' + mkdir -p $out/bin $out/man/man8 + cp fanctl.8 $out/man/man8 + cp fanctl $out/bin + wrapProgram $out/bin/fanctl --prefix PATH : \ + ${lib.makeSearchPath "bin" [ bridge-utils iproute dnsmasq iptables kmod utillinux ]}; + ''; + + meta = with lib; { + description = "Ubuntu FAN network support enablement"; + homepage = "https://launchpad.net/ubuntu/+source/ubuntu-fan"; + license = licenses.gpl2; + platforms = platforms.linux; + maintainers = with maintainers; [ cstrahan ]; + }; +} diff --git a/pkgs/os-specific/linux/fatrace/default.nix b/pkgs/os-specific/linux/fatrace/default.nix index c6e52934a77..b8fc6e5f6ce 100644 --- a/pkgs/os-specific/linux/fatrace/default.nix +++ b/pkgs/os-specific/linux/fatrace/default.nix @@ -1,22 +1,28 @@ -{stdenv, fetchurl, python3}: +{ stdenv, fetchurl, python3, which }: +let version = "0.10"; in stdenv.mkDerivation rec { - version = "0.9"; name = "fatrace-${version}"; src = fetchurl { - url = "https://launchpad.net/fatrace/trunk/${version}/+download/${name}.tar.bz2"; - sha256 = "c028d822ffde68805e5d1f62c4e2d0f4b3d4ae565802cc9468c82b25b92e68cd"; + url = "http://launchpad.net/fatrace/trunk/${version}/+download/${name}.tar.bz2"; + sha256 = "0q0cv2bsgf76wypz18v2acgj1crcdqhrhlsij3r53glsyv86xyra"; }; - buildInputs = [ python3 ]; + buildInputs = [ python3 which ]; + + postPatch = '' + substituteInPlace power-usage-report \ + --replace "'which'" "'${which}/bin/which'" + ''; makeFlagsArray = "PREFIX=$(out)"; meta = with stdenv.lib; { + inherit version; description = "Report system-wide file access events"; homepage = https://launchpad.net/fatrace/; - license = with licenses; gpl3Plus; + license = licenses.gpl3Plus; longDescription = '' fatrace reports file access events from all running processes. Its main purpose is to find processes which keep waking up the disk diff --git a/pkgs/os-specific/linux/ffado/default.nix b/pkgs/os-specific/linux/ffado/default.nix index dcbf0e567ad..b0f545b2171 100644 --- a/pkgs/os-specific/linux/ffado/default.nix +++ b/pkgs/os-specific/linux/ffado/default.nix @@ -3,10 +3,7 @@ # Optional dependencies , libjack2 ? null, dbus ? null, dbus_cplusplus ? null, alsaLib ? null -, pyqt4 ? null, xdg_utils ? null - -, glibmm -, pythonDBus, qt4 +, pyqt4 ? null, pythonDBus ? null, xdg_utils ? null # Other Flags , prefix ? "" @@ -23,6 +20,7 @@ let optDbus_cplusplus = shouldUsePkg dbus_cplusplus; optAlsaLib = shouldUsePkg alsaLib; optPyqt4 = shouldUsePkg pyqt4; + optPythonDBus = shouldUsePkg pythonDBus; optXdg_utils = shouldUsePkg xdg_utils; in stdenv.mkDerivation rec { @@ -41,9 +39,6 @@ stdenv.mkDerivation rec { ] ++ stdenv.lib.optionals (!libOnly) [ optLibjack2 optDbus optDbus_cplusplus optAlsaLib optPyqt4 optXdg_utils - # dbus dbus_cplusplus glibmm - # pyqt4 - # python pythonDBus qt4 ]; patches = [ ./build-fix.patch ]; @@ -76,11 +71,12 @@ stdenv.mkDerivation rec { LIBDIR=$out/lib INCLUDEDIR=$out/include install '' else '' scons PREFIX=$out PYPKGDIR=$PYDIR UDEVDIR=$out/lib/udev/rules.d install - + '' + stdenv.lib.optionalString (optPyqt4 != null && optPythonDBus != null) '' wrapProgram $out/bin/ffado-mixer --prefix PYTHONPATH : \ - $PYTHONPATH:$PYDIR:${pyqt4}/$LIBSUFFIX:${pythonDBus}/$LIBSUFFIX: + $PYTHONPATH:$PYDIR:${optPyqt4}/$LIBSUFFIX:${optPythonDBus}/$LIBSUFFIX: + wrapProgram $out/bin/ffado-diag --prefix PYTHONPATH : \ - $PYTHONPATH:$PYDIR:$out/share/libffado/python:${pyqt4}/$LIBSUFFIX:${pythonDBus}/$LIBSUFFIX: + $PYTHONPATH:$PYDIR:$out/share/libffado/python:${optPyqt4}/$LIBSUFFIX:${optPythonDBus}/$LIBSUFFIX: ''; meta = with stdenv.lib; { diff --git a/pkgs/os-specific/linux/firejail/default.nix b/pkgs/os-specific/linux/firejail/default.nix index 91c039c875b..af08d404b82 100644 --- a/pkgs/os-specific/linux/firejail/default.nix +++ b/pkgs/os-specific/linux/firejail/default.nix @@ -3,11 +3,11 @@ let s = # Generated upstream information rec { baseName="firejail"; - version="0.9.24"; + version="0.9.26"; name="${baseName}-${version}"; - hash="15fz6hjxakjnsn505w3wlc6bqvf5pjwn8zfhp5aw9zq6vxr7f317"; - url="mirror://sourceforge/project/firejail/firejail/firejail-0.9.24-rc1.tar.bz2"; - sha256="15fz6hjxakjnsn505w3wlc6bqvf5pjwn8zfhp5aw9zq6vxr7f317"; + hash="12n0kj95hfkzv4jir7j9x0mdpg20bq0fgifjsz1dbsmqi2cspdlq"; + url="mirror://sourceforge/firejail/firejail/firejail-0.9.26-rc2.tar.bz2"; + sha256="12n0kj95hfkzv4jir7j9x0mdpg20bq0fgifjsz1dbsmqi2cspdlq"; }; buildInputs = [ ]; diff --git a/pkgs/os-specific/linux/firmware/b43-firmware/5.1.138.nix b/pkgs/os-specific/linux/firmware/b43-firmware/5.1.138.nix index 436f40712fc..1cc0e7ae4ca 100644 --- a/pkgs/os-specific/linux/firmware/b43-firmware/5.1.138.nix +++ b/pkgs/os-specific/linux/firmware/b43-firmware/5.1.138.nix @@ -15,8 +15,8 @@ stdenv.mkDerivation { phases = [ "unpackPhase" "installPhase" ]; installPhase = '' - mkdir $out - b43-fwcutter -w $out linux/wl_apsta.o + mkdir -p $out/lib/firmware + b43-fwcutter -w $out/lib/firmware linux/wl_apsta.o ''; meta = { diff --git a/pkgs/os-specific/linux/firmware/firmware-linux-nonfree/default.nix b/pkgs/os-specific/linux/firmware/firmware-linux-nonfree/default.nix index 6ac468774ad..9c4e0f3990c 100644 --- a/pkgs/os-specific/linux/firmware/firmware-linux-nonfree/default.nix +++ b/pkgs/os-specific/linux/firmware/firmware-linux-nonfree/default.nix @@ -1,13 +1,21 @@ -{ stdenv, fetchgit }: +{ stdenv, fetchFromGitHub }: stdenv.mkDerivation rec { name = "firmware-linux-nonfree-${version}"; - version = "2015-03-20"; + version = "2015-09-07"; - src = fetchgit { - url = "git://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git"; - rev = "f404336ba808cbd57547196e13367079a23b822c"; - sha256 = "0avz5vxax2b3s4gafib47vih1lbq78agdmpjcjnnnykw2kschkwa"; + # This repo is built by merging the latest versions of + # http://git.kernel.org/cgit/linux/kernel/git/firmware/linux-firmware.git/ + # and + # http://git.kernel.org/cgit/linux/kernel/git/iwlwifi/linux-firmware.git/ + # for any given date. This gives us up to date iwlwifi firmware as well as + # the usual set of firmware. firmware/linux-firmware usually lags kernel releases + # so iwlwifi cards will fail to load on newly released kernels. + src = fetchFromGitHub { + owner = "wkennington"; + repo = "linux-firmware"; + rev = "0c3ac7434235f57967df4046ceafc0e4a08bb139"; + sha256 = "1jhcgf0anjfi2998nzplr9l1q0b1yi306a2w1k2r4civsmfgm08r"; }; preInstall = '' @@ -22,6 +30,7 @@ stdenv.mkDerivation rec { license = licenses.unfreeRedistributableFirmware; platforms = platforms.linux; maintainers = with maintainers; [ wkennington ]; + priority = 6; # give precedence to kernel firmware }; passthru = { inherit version; }; diff --git a/pkgs/os-specific/linux/firmware/raspberrypi/default.nix b/pkgs/os-specific/linux/firmware/raspberrypi/default.nix index 690b7dcc40f..4d875d15d48 100644 --- a/pkgs/os-specific/linux/firmware/raspberrypi/default.nix +++ b/pkgs/os-specific/linux/firmware/raspberrypi/default.nix @@ -2,14 +2,14 @@ let - rev = "3ab17ac25e"; + rev = "b7bbd3d1683e9f3bb11ef86b952adee71e83862f"; in stdenv.mkDerivation { name = "raspberrypi-firmware-${rev}"; src = fetchurl { url = "https://github.com/raspberrypi/firmware/archive/${rev}.tar.gz"; - sha256 = "080va4zz858bwwgxam8zy58gpwjpxfg7v5h1q5b4cpbzjihsxcx9"; + sha256 = "16wpwa1y3imd3la477b3rfbfypssvlh0zjdag3hgkm33aysizijp"; }; installPhase = '' diff --git a/pkgs/os-specific/linux/firmware/zd1211/default.nix b/pkgs/os-specific/linux/firmware/zd1211/default.nix index 96e534e3b80..19cbdecca0c 100644 --- a/pkgs/os-specific/linux/firmware/zd1211/default.nix +++ b/pkgs/os-specific/linux/firmware/zd1211/default.nix @@ -5,16 +5,16 @@ stdenv.mkDerivation rec { version = "1.5"; name = "${pname}-${version}"; - + src = fetchurl { url = "mirror://sourceforge/zd1211/${name}.tar.bz2"; sha256 = "04ibs0qw8bh6h6zmm5iz6lddgknwhsjq8ib3gyck6a7psw83h7gi"; }; - + buildPhase = "true"; - installPhase = "mkdir -p $out/zd1211; cp * $out/zd1211"; - + installPhase = "mkdir -p $out/lib/firmware/zd1211; cp * $out/lib/firmware/zd1211"; + meta = { description = "Firmware for the ZyDAS ZD1211(b) 802.11a/b/g USB WLAN chip"; homepage = http://sourceforge.net/projects/zd1211/; diff --git a/pkgs/os-specific/linux/freefall/default.nix b/pkgs/os-specific/linux/freefall/default.nix index 7d5ed0cd3ee..683ec9f6155 100644 --- a/pkgs/os-specific/linux/freefall/default.nix +++ b/pkgs/os-specific/linux/freefall/default.nix @@ -1,41 +1,35 @@ { stdenv, fetchurl }: -let version = "3.19"; in -stdenv.mkDerivation rec { +let version = "4.2"; in +stdenv.mkDerivation { name = "freefall-${version}"; src = fetchurl { - sha256 = "0v40b5l6dcviqgl47bxlcbimz7kawmy1c2909axi441jwlgm2hmy"; - url = "mirror://kernel/linux/kernel/v3.x/linux-${version}.tar.xz"; + sha256 = "1syv8n5hwzdbx69rsj4vayyzskfq1w5laalg5jjd523my52f086g"; + url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; }; - buildPhase = '' - cd Documentation/laptops + postPatch = '' + cd tools/laptop/freefall # Default time-out is a little low, probably because the AC/lid status # functions were never implemented. Because no-one still uses HDDs, right? - substituteInPlace freefall.c --replace "alarm(2)" "alarm(5)" - - cc -o freefall freefall.c + substituteInPlace freefall.c --replace "alarm(2)" "alarm(7)" ''; - installPhase = '' - mkdir -p $out/bin - install freefall $out/bin - ''; + makeFlags = "PREFIX=$(out)"; meta = with stdenv.lib; { description = "Free-fall protection for spinning HP/Dell laptop hard drives"; longDescription = '' - ATA/ATAPI-7 specifies the IDLE IMMEDIATE command with unload feature. - Issuing this command should cause the drive to switch to idle mode and - unload disk heads. This feature is being used in modern laptops in - conjunction with accelerometers and appropriate software to implement - a shock protection facility. The idea is to stop all I/O operations on - the internal hard drive and park its heads on the ramp when critical - situations are anticipated. This has no effect on SSD devices! + Provides a shock protection facility in modern laptops with spinning hard + drives, by stopping all input/output operations on the internal hard drive + and parking its heads on the ramp when critical situations are anticipated. + Requires support for the ATA/ATAPI-7 IDLE IMMEDIATE command with unload + feature, which should cause the drive to switch to idle mode and unload the + disk heads, and an accelerometer device. It has no effect on SSD devices! ''; - license = with licenses; gpl2; + license = licenses.gpl2; platforms = with platforms; linux; maintainers = with maintainers; [ nckx ]; }; diff --git a/pkgs/os-specific/linux/ftop/default.nix b/pkgs/os-specific/linux/ftop/default.nix index 4733ce95bb2..e4165b08d7d 100644 --- a/pkgs/os-specific/linux/ftop/default.nix +++ b/pkgs/os-specific/linux/ftop/default.nix @@ -23,7 +23,7 @@ stdenv.mkDerivation rec { meta = with stdenv.lib; { description = "Show progress of open files and file systems"; homepage = https://code.google.com/p/ftop/; - license = with licenses; gpl3Plus; + license = licenses.gpl3Plus; longDescription = '' Ftop is to files what top is to processes. The progress of all open files and file systems can be monitored. If run as a regular user, the set of diff --git a/pkgs/os-specific/linux/fusionio/util.nix b/pkgs/os-specific/linux/fusionio/util.nix index 16f1ef73dba..e2f8d423a61 100644 --- a/pkgs/os-specific/linux/fusionio/util.nix +++ b/pkgs/os-specific/linux/fusionio/util.nix @@ -36,7 +36,7 @@ stdenv.mkDerivation { meta = with stdenv.lib; { homepage = http://fusionio.com; - description = "Fusionio command line utilities."; + description = "Fusionio command line utilities"; license = licenses.unfree; platforms = [ "x86_64-linux" ]; broken = stdenv.system != "x86_64-linux"; diff --git a/pkgs/os-specific/linux/gradm/default.nix b/pkgs/os-specific/linux/gradm/default.nix index d34a028220c..97f4c1e93fa 100644 --- a/pkgs/os-specific/linux/gradm/default.nix +++ b/pkgs/os-specific/linux/gradm/default.nix @@ -3,11 +3,11 @@ stdenv.mkDerivation rec { name = "gradm-${version}"; - version = "3.1-201503211320"; + version = "3.1-201507191652"; src = fetchurl { url = "http://grsecurity.net/stable/${name}.tar.gz"; - sha256 = "17yd307jqva8jqib2xr3i9kmp58f2cb4jd7an5rbk5zr1k48ap9j"; + sha256 = "0l3s56wvk5kpd2qppl328x4alh327xnbf271lh1fan84pxbw651g"; }; buildInputs = [ gcc coreutils findutils binutils pam flex bison bash ]; diff --git a/pkgs/os-specific/linux/hal-flash/default.nix b/pkgs/os-specific/linux/hal-flash/default.nix index 1ac67f19917..c385971104d 100644 --- a/pkgs/os-specific/linux/hal-flash/default.nix +++ b/pkgs/os-specific/linux/hal-flash/default.nix @@ -14,14 +14,14 @@ stdenv.mkDerivation { meta = with stdenv.lib; { homepage = https://github.com/cshorler/hal-flash; - description = "libhal stub library to satisfy the Flash Player DRM requirements."; + description = "libhal stub library to satisfy the Flash Player DRM requirements"; longDescription = '' Stub library based loosely upon libhal.[ch] from the hal-0.5.14 package. Provides the minimum necessary functionality to enable libflashplayer.so/libadobecp.so to play back DRM content. ''; - license = "afl21 gpl2"; + license = with licenses; [ afl21 gpl2 ]; maintainers = with maintainers; [ malyn ]; platforms = platforms.linux; }; diff --git a/pkgs/os-specific/linux/hdparm/default.nix b/pkgs/os-specific/linux/hdparm/default.nix index a0cd09fbf35..538d8d4ab83 100644 --- a/pkgs/os-specific/linux/hdparm/default.nix +++ b/pkgs/os-specific/linux/hdparm/default.nix @@ -1,11 +1,11 @@ { stdenv, fetchurl }: stdenv.mkDerivation rec { - name = "hdparm-9.45"; + name = "hdparm-9.48"; src = fetchurl { url = "mirror://sourceforge/hdparm/${name}.tar.gz"; - sha256 = "0sc6yf3k6sd7n6a2ig2my9fjlqpak3znlyw7jw4cz5d9asm1rc13"; + sha256 = "1vpvlkrksfwx8lxq1p1nk3ddyzgrwy3rgxpn9kslchdh3jkv95yf"; }; preBuild = '' diff --git a/pkgs/os-specific/linux/htop/default.nix b/pkgs/os-specific/linux/htop/default.nix index d35b5340e9d..da41c95dda2 100644 --- a/pkgs/os-specific/linux/htop/default.nix +++ b/pkgs/os-specific/linux/htop/default.nix @@ -1,14 +1,21 @@ -{ fetchurl, stdenv, ncurses }: +{ fetchFromGitHub, stdenv, autoreconfHook, ncurses }: stdenv.mkDerivation rec { - name = "htop-1.0.3"; + name = "htop-1.0.3-239-229d0058"; - src = fetchurl { - url = "http://hisham.hm/htop/releases/1.0.3/htop-1.0.3.tar.gz"; - sha256 = "0a8qbpsifzjwc4f45xfwm48jhm59g6q5hlib4bf7z13mgy95fp05"; + src = fetchFromGitHub { + sha256 = "1bym6ligd8db4iyv2m1y7aylh7f9fmk71v67rkhird05hx1xb80r"; + rev = "229d005851af8dca595b3df8e385375fb9c382b4"; + repo = "htop"; + owner = "hishamhm"; }; buildInputs = [ ncurses ]; + nativeBuildInputs = [ autoreconfHook ]; + + postPatch = '' + touch *.h */*.h # unnecessary regeneration requires Python + ''; meta = { description = "An interactive process viewer for Linux"; diff --git a/pkgs/os-specific/linux/i2c-tools/default.nix b/pkgs/os-specific/linux/i2c-tools/default.nix new file mode 100644 index 00000000000..5cac6069e72 --- /dev/null +++ b/pkgs/os-specific/linux/i2c-tools/default.nix @@ -0,0 +1,31 @@ +{ stdenv, fetchurl, perl, read-edid }: + +stdenv.mkDerivation rec { + name = "i2c-tools-${version}"; + version = "3.1.1"; + + src = fetchurl { + url = "http://dl.lm-sensors.org/i2c-tools/releases/${name}.tar.bz2"; + sha256 = "000pvg995qy1b15ks59gd0klri55hb33kqpg5czy84hw1pbdgm0l"; + }; + + buildInputs = [ perl ]; + + patchPhase = '' + substituteInPlace eeprom/decode-edid --replace "/usr/sbin/parse-edid" "${read-edid}/bin/parse-edid" + substituteInPlace stub/i2c-stub-from-dump --replace "/sbin/" "" + ''; + + installPhase = '' + make install prefix=$out + rm -rf $out/include # Installs include/linux/i2c-dev.h that conflics with kernel headers + ''; + + meta = with stdenv.lib; { + description = "Set of I2C tools for Linux"; + homepage = http://www.lm-sensors.org/wiki/I2CTools; + license = licenses.gpl2; + maintainers = [ maintainers.dezgeg ]; + platforms = platforms.linux; + }; +} diff --git a/pkgs/os-specific/linux/ima-evm-utils/default.nix b/pkgs/os-specific/linux/ima-evm-utils/default.nix new file mode 100644 index 00000000000..ad3df25df58 --- /dev/null +++ b/pkgs/os-specific/linux/ima-evm-utils/default.nix @@ -0,0 +1,24 @@ +{ stdenv, fetchgit, autoreconfHook, pkgconfig, openssl, attr, keyutils, asciidoc, libxslt, docbook_xsl }: + +stdenv.mkDerivation rec { + name = "ima-evm-utils-${version}"; + version = "1.0.0"; + + src = fetchgit { + url = "git://git.code.sf.net/p/linux-ima/ima-evm-utils"; + rev = "4b56112c095cb5cc34dc35abac37ebfc6eadba65"; + sha256 = "6f1ef4e84b9214448ea4a530a562a20ad1ba5a7cfefd7ddda90a56e2404f3a87"; + }; + + buildInputs = [ autoreconfHook pkgconfig openssl attr keyutils asciidoc libxslt ]; + + buildPhase = "make prefix=$out MANPAGE_DOCBOOK_XSL=${docbook_xsl}/xml/xsl/docbook/manpages/docbook.xsl"; + + meta = { + description = "evmctl utility to manage digital signatures of the Linux kernel integrity subsystem (IMA/EVM)"; + homepage = "http://sourceforge.net/projects/linux-ima/"; + license = stdenv.lib.licenses.gpl2; + platforms = stdenv.lib.platforms.linux; + maintainers = with stdenv.lib.maintainers; [ tstrobel ]; + }; +} diff --git a/pkgs/os-specific/linux/iproute/default.nix b/pkgs/os-specific/linux/iproute/default.nix index a5bf8ccc162..287b83b637f 100644 --- a/pkgs/os-specific/linux/iproute/default.nix +++ b/pkgs/os-specific/linux/iproute/default.nix @@ -1,14 +1,16 @@ -{ fetchurl, stdenv, flex, bison, db, iptables, pkgconfig }: +{ fetchurl, stdenv, lib, flex, bison, db, iptables, pkgconfig +, enableFan ? false +}: stdenv.mkDerivation rec { - name = "iproute2-3.19.0"; + name = "iproute2-4.2.0"; src = fetchurl { url = "mirror://kernel/linux/utils/net/iproute2/${name}.tar.xz"; - sha256 = "1c6pgysxfqs5qkd4kpwkbdhw3xydhjnskrz1q2k2nvqndv1ziyg2"; + sha256 = "0c0gyf46ad3jlalm9a7c9iiwvpcrjr4gylrkyranp8qd7rs1w454"; }; - patch = [ ./vpnc.patch ]; + patches = lib.optionals enableFan [ ./ubuntu-fan.patch ]; preConfigure = '' patchShebangs ./configure @@ -19,9 +21,16 @@ stdenv.mkDerivation rec { "DESTDIR=" "LIBDIR=$(out)/lib" "SBINDIR=$(out)/sbin" - "CONFDIR=$(out)/etc" - "DOCDIR=$(out)/share/doc/${name}" "MANDIR=$(out)/share/man" + "DOCDIR=$(TMPDIR)/share/doc/${name}" # Don't install docs + ]; + + buildFlags = [ + "CONFDIR=/etc/iproute2" + ]; + + installFlags = [ + "CONFDIR=$(out)/etc/iproute2" ]; buildInputs = [ db iptables ]; @@ -29,9 +38,6 @@ stdenv.mkDerivation rec { enableParallelBuilding = true; - # Get rid of useless TeX/SGML docs. - postInstall = "rm -rf $out/share/doc"; - meta = with stdenv.lib; { homepage = http://www.linuxfoundation.org/collaborate/workgroups/networking/iproute2; description = "A collection of utilities for controlling TCP/IP networking and traffic control in Linux"; diff --git a/pkgs/os-specific/linux/iproute/ubuntu-fan.patch b/pkgs/os-specific/linux/iproute/ubuntu-fan.patch new file mode 100644 index 00000000000..e55425c2ce6 --- /dev/null +++ b/pkgs/os-specific/linux/iproute/ubuntu-fan.patch @@ -0,0 +1,164 @@ +This provides support for Ubuntu's Fan Networking [1]. + +These patches were pulled from: +https://code.launchpad.net/~ubuntu-branches/ubuntu/vivid/iproute2/vivid-proposed + +See revisions 18 and 19. + +[1] https://wiki.ubuntu.com/FanNetworking + +diff --git a/include/linux/if_tunnel.h b/include/linux/if_tunnel.h +index 102ce7a..7b8f0e5 100644 +--- a/include/linux/if_tunnel.h ++++ b/include/linux/if_tunnel.h +@@ -57,6 +57,9 @@ enum { + IFLA_IPTUN_ENCAP_FLAGS, + IFLA_IPTUN_ENCAP_SPORT, + IFLA_IPTUN_ENCAP_DPORT, ++ ++ IFLA_IPTUN_FAN_UNDERLAY = 32, ++ IFLA_IPTUN_FAN_MAP = 33, + __IFLA_IPTUN_MAX, + }; + #define IFLA_IPTUN_MAX (__IFLA_IPTUN_MAX - 1) +@@ -131,4 +134,20 @@ enum { + }; + + #define IFLA_VTI_MAX (__IFLA_VTI_MAX - 1) ++ ++enum { ++ IFLA_FAN_UNSPEC, ++ IFLA_FAN_MAPPING, ++ __IFLA_FAN_MAX, ++}; ++ ++#define IFLA_FAN_MAX (__IFLA_FAN_MAX - 1) ++ ++struct ip_tunnel_fan_map { ++ __be32 underlay; ++ __be32 overlay; ++ __u16 underlay_prefix; ++ __u16 overlay_prefix; ++}; ++ + #endif /* _IF_TUNNEL_H_ */ +diff --git a/ip/link_iptnl.c b/ip/link_iptnl.c +index 9d6bc98..ec3f05d 100644 +--- a/ip/link_iptnl.c ++++ b/ip/link_iptnl.c +@@ -49,6 +49,42 @@ static void usage(int sit) + print_usage(stderr, sit); + exit(-1); + } ++static int fan_parse_map(int *argcp, char ***argvp, struct nlmsghdr *n) ++{ ++ inet_prefix underlay, overlay; ++ struct ip_tunnel_fan_map map; ++ struct rtattr *nest; ++ char **argv = *argvp; ++ int argc = *argcp; ++ ++ nest = addattr_nest(n, 1024, IFLA_IPTUN_FAN_MAP); ++ while (argc > 0) { ++ char *colon = strchr(*argv, ':'); ++ ++ if (!colon) ++ break; ++ *colon = '\0'; ++ ++ if (get_prefix(&overlay, *argv, AF_INET)) ++ invarg("invalid fan-map overlay", *argv); ++ if (get_prefix(&underlay, colon + 1, AF_INET)) ++ invarg("invalid fan-map underlay", colon + 1); ++ ++ memcpy(&map.underlay, underlay.data, 4); ++ map.underlay_prefix = underlay.bitlen; ++ memcpy(&map.overlay, overlay.data, 4); ++ map.overlay_prefix = overlay.bitlen; ++ ++ argc--, argv++; ++ ++ addattr_l(n, 1024, IFLA_FAN_MAPPING, &map, sizeof(map)); ++ } ++ addattr_nest_end(n, nest); ++ ++ *argcp = argc; ++ *argvp = argv; ++ return 0; ++} + + static int iptunnel_parse_opt(struct link_util *lu, int argc, char **argv, + struct nlmsghdr *n) +@@ -66,6 +102,7 @@ static int iptunnel_parse_opt(struct link_util *lu, int argc, char **argv, + __u32 link = 0; + __u32 laddr = 0; + __u32 raddr = 0; ++ __u32 underlay = 0; + __u8 ttl = 0; + __u8 tos = 0; + __u8 pmtudisc = 1; +@@ -174,6 +211,13 @@ get_failed: + raddr = get_addr32(*argv); + else + raddr = 0; ++ } else if (strcmp(*argv, "underlay") == 0) { ++ NEXT_ARG(); ++ underlay = get_addr32(*argv); ++ } else if (strcmp(*argv, "fan-map") == 0) { ++ NEXT_ARG(); ++ if (fan_parse_map(&argc, &argv, n)) ++ invarg("invalid fan-map", *argv); + } else if (strcmp(*argv, "local") == 0) { + NEXT_ARG(); + if (strcmp(*argv, "any")) +@@ -318,9 +362,32 @@ get_failed: + } + } + ++ if (underlay) ++ addattr32(n, 1024, IFLA_IPTUN_FAN_UNDERLAY, underlay); ++ + return 0; + } + ++static void fan_print_map(FILE *f, struct rtattr *attr) ++{ ++ char b1[INET_ADDRSTRLEN], b2[INET_ADDRSTRLEN]; ++ struct ip_tunnel_fan_map *m; ++ struct rtattr *i; ++ int rem; ++ ++ fprintf(f, "fan-map "); ++ ++ rem = RTA_PAYLOAD(attr); ++ for (i = RTA_DATA(attr); RTA_OK(i, rem); i = RTA_NEXT(i, rem)) { ++ m = RTA_DATA(i); ++ fprintf(f, "%s/%d:%s/%d ", ++ rt_addr_n2a(AF_INET, sizeof(m->overlay), &m->overlay, b1, INET_ADDRSTRLEN), ++ m->overlay_prefix, ++ rt_addr_n2a(AF_INET, sizeof(m->overlay), &m->underlay, b2, INET_ADDRSTRLEN), ++ m->underlay_prefix); ++ } ++} ++ + static void iptunnel_print_opt(struct link_util *lu, FILE *f, struct rtattr *tb[]) + { + char s1[1024]; +@@ -349,6 +416,17 @@ static void iptunnel_print_opt(struct link_util *lu, FILE *f, struct rtattr *tb[ + + fprintf(f, "local %s ", local); + ++ if (tb[IFLA_IPTUN_FAN_UNDERLAY]) { ++ unsigned addr = rta_getattr_u32(tb[IFLA_IPTUN_FAN_UNDERLAY]); ++ ++ if (addr) ++ fprintf(f, "underlay %s ", ++ format_host(AF_INET, 4, &addr, s1, sizeof(s1))); ++ } ++ ++ if (tb[IFLA_IPTUN_FAN_MAP]) ++ fan_print_map(f, tb[IFLA_IPTUN_FAN_MAP]); ++ + if (tb[IFLA_IPTUN_LINK] && rta_getattr_u32(tb[IFLA_IPTUN_LINK])) { + unsigned link = rta_getattr_u32(tb[IFLA_IPTUN_LINK]); + const char *n = if_indextoname(link, s2); diff --git a/pkgs/os-specific/linux/iproute/vpnc.patch b/pkgs/os-specific/linux/iproute/vpnc.patch deleted file mode 100644 index 0a65f3e5df5..00000000000 --- a/pkgs/os-specific/linux/iproute/vpnc.patch +++ /dev/null @@ -1,15 +0,0 @@ -vpnc fails with "RTNETLINK answers: No such device" -Patch from: https://bugs.gentoo.org/attachment.cgi?id=245736 -In reference to: https://bugs.gentoo.org/show_bug.cgi?id=331447 - ---- iproute2-2.6.35.old/ip/iproute.c 2010-09-02 16:00:21.805000124 +0200 -+++ iproute2-2.6.35/ip/iproute.c 2010-09-02 16:00:40.782000125 +0200 -@@ -160,7 +160,7 @@ - if (r->rtm_family == AF_INET6 && table != RT_TABLE_MAIN) - ip6_multiple_tables = 1; - -- if (filter.cloned == !(r->rtm_flags&RTM_F_CLONED)) -+ if (filter.cloned && !(r->rtm_flags&RTM_F_CLONED)) - return 0; - - if (r->rtm_family == AF_INET6 && !ip6_multiple_tables) { diff --git a/pkgs/os-specific/linux/ipsec-tools/CVE-2015-4047.patch b/pkgs/os-specific/linux/ipsec-tools/CVE-2015-4047.patch new file mode 100644 index 00000000000..00c23c6cac1 --- /dev/null +++ b/pkgs/os-specific/linux/ipsec-tools/CVE-2015-4047.patch @@ -0,0 +1,16 @@ +Index: pkg-ipsec-tools/src/racoon/gssapi.c +=================================================================== +--- pkg-ipsec-tools.orig/src/racoon/gssapi.c ++++ pkg-ipsec-tools/src/racoon/gssapi.c +@@ -192,6 +192,11 @@ gssapi_init(struct ph1handle *iph1) + gss_name_t princ, canon_princ; + OM_uint32 maj_stat, min_stat; + ++ if (iph1->rmconf == NULL) { ++ plog(LLV_ERROR, LOCATION, NULL, "no remote config\n"); ++ return -1; ++ } ++ + gps = racoon_calloc(1, sizeof (struct gssapi_ph1_state)); + if (gps == NULL) { + plog(LLV_ERROR, LOCATION, NULL, "racoon_calloc failed\n"); diff --git a/pkgs/os-specific/linux/ipsec-tools/default.nix b/pkgs/os-specific/linux/ipsec-tools/default.nix index a6042b1e33b..fc3b0500fed 100644 --- a/pkgs/os-specific/linux/ipsec-tools/default.nix +++ b/pkgs/os-specific/linux/ipsec-tools/default.nix @@ -16,7 +16,8 @@ stdenv.mkDerivation rec { buildInputs = [ readline openssl flex kerberos pam ]; - patches = [ ./dont-create-localstatedir-during-install.patch ]; + patches = [ ./dont-create-localstatedir-during-install.patch + ./CVE-2015-4047.patch ]; # fix build with newer gcc versions preConfigure = ''substituteInPlace configure --replace "-Werror" "" ''; diff --git a/pkgs/os-specific/linux/ipset/default.nix b/pkgs/os-specific/linux/ipset/default.nix index b76ce583b23..2db57ecef92 100644 --- a/pkgs/os-specific/linux/ipset/default.nix +++ b/pkgs/os-specific/linux/ipset/default.nix @@ -1,14 +1,15 @@ { stdenv, fetchurl, pkgconfig, libmnl }: stdenv.mkDerivation rec { - name = "ipset-6.24"; + name = "ipset-6.26"; src = fetchurl { url = "http://ipset.netfilter.org/${name}.tar.bz2"; - sha256 = "1l4mx78473azf7cb19fxf37gmj95k1zzabimbcmlg9h07wlgqw9h"; + sha256 = "0lbsg1fbiw9m959lgqziyivmx32z3vbnp3jhgnprkq31ia7a29kn"; }; - buildInputs = [ pkgconfig libmnl ]; + nativeBuildInputs = [ pkgconfig ]; + buildInputs = [ libmnl ]; configureFlags = [ "--with-kmod=no" ]; diff --git a/pkgs/os-specific/linux/iw/default.nix b/pkgs/os-specific/linux/iw/default.nix index 262b673822b..3cd2567d96f 100644 --- a/pkgs/os-specific/linux/iw/default.nix +++ b/pkgs/os-specific/linux/iw/default.nix @@ -1,18 +1,16 @@ {stdenv, fetchurl, libnl, pkgconfig}: stdenv.mkDerivation rec { - name = "iw-3.15"; + name = "iw-4.1"; src = fetchurl { url = "https://www.kernel.org/pub/software/network/iw/${name}.tar.xz"; - sha256 = "12jby9nv5nypadgdksbqw0y2kfm3j47zw7a3rwmy56d7rs90lp5x"; + sha256 = "0jx3s5wdvm2qxd3h883fnyjsb1c29qcsz1r19bc029g8v2nalr2i"; }; buildInputs = [ libnl pkgconfig ]; - preBuild = " - makeFlagsArray=(PREFIX=$out) - "; + makeFlags = [ "PREFIX=\${out}" ]; meta = { description = "Tool to use nl80211"; diff --git a/pkgs/os-specific/linux/jfbview/default.nix b/pkgs/os-specific/linux/jfbview/default.nix index 7672318392f..c89f6e81410 100644 --- a/pkgs/os-specific/linux/jfbview/default.nix +++ b/pkgs/os-specific/linux/jfbview/default.nix @@ -1,12 +1,11 @@ -# FIXME: remove gcc49 when the default gcc supports C++1y -{ stdenv, fetchFromGitHub, freetype, gcc49, imlib2, jbig2dec, libjpeg, libX11 +{ stdenv, fetchFromGitHub, freetype, imlib2, jbig2dec, libjpeg, libX11 , mujs, mupdf, ncurses, openjpeg, openssl }: let version = "0.5.1"; binaries = [ "jfbpdf" "jfbview" "jpdfcat" "jpdfgrep" ]; in -stdenv.mkDerivation rec { +stdenv.mkDerivation { name = "jfbview-${version}"; src = fetchFromGitHub { @@ -16,7 +15,7 @@ stdenv.mkDerivation rec { owner = "jichu4n"; }; - buildInputs = [ freetype gcc49 imlib2 jbig2dec libjpeg libX11 mujs mupdf + buildInputs = [ freetype imlib2 jbig2dec libjpeg libX11 mujs mupdf ncurses openjpeg openssl ]; buildFlags = binaries; @@ -41,7 +40,7 @@ stdenv.mkDerivation rec { - Customizable multi-threaded caching ''; homepage = http://seasonofcode.com/pages/jfbview.html; - license = with licenses; asl20; + license = licenses.asl20; platforms = with platforms; linux; maintainers = with maintainers; [ nckx ]; }; diff --git a/pkgs/os-specific/linux/jool/cli.nix b/pkgs/os-specific/linux/jool/cli.nix new file mode 100644 index 00000000000..8fb37ed1c5b --- /dev/null +++ b/pkgs/os-specific/linux/jool/cli.nix @@ -0,0 +1,22 @@ +{ stdenv, fetchzip, autoreconfHook, pkgconfig, libnl }: + +let + sourceAttrs = (import ./source.nix) { inherit fetchzip; }; +in + +stdenv.mkDerivation { + name = "jool-cli-${sourceAttrs.version}"; + + src = sourceAttrs.src; + + sourceRoot = "Jool-${sourceAttrs.version}.zip/usr"; + + buildInputs = [ autoreconfHook pkgconfig libnl ]; + + meta = with stdenv.lib; { + homepage = https://www.jool.mx/; + description = "Fairly compliant SIIT and Stateful NAT64 for Linux - CLI tools"; + platforms = platforms.linux; + maintainers = with maintainers; [ fpletz ]; + }; +} diff --git a/pkgs/os-specific/linux/jool/default.nix b/pkgs/os-specific/linux/jool/default.nix new file mode 100644 index 00000000000..fdb2f041a65 --- /dev/null +++ b/pkgs/os-specific/linux/jool/default.nix @@ -0,0 +1,30 @@ +{ stdenv, fetchzip, kernel }: + +let + sourceAttrs = (import ./source.nix) { inherit fetchzip; }; +in + +stdenv.mkDerivation { + name = "jool-${sourceAttrs.version}-${kernel.version}"; + + src = sourceAttrs.src; + + prePatch = '' + sed -e 's@/lib/modules/\$(.*)@${kernel.dev}/lib/modules/${kernel.modDirVersion}@' -i mod/*/Makefile + ''; + + buildPhase = '' + make -C mod + ''; + + installPhase = '' + make -C mod modules_install INSTALL_MOD_PATH=$out + ''; + + meta = with stdenv.lib; { + homepage = https://www.jool.mx/; + description = "Fairly compliant SIIT and Stateful NAT64 for Linux - kernel modules"; + platforms = platforms.linux; + maintainers = with maintainers; [ fpletz ]; + }; +} diff --git a/pkgs/os-specific/linux/jool/source.nix b/pkgs/os-specific/linux/jool/source.nix new file mode 100644 index 00000000000..196167667e0 --- /dev/null +++ b/pkgs/os-specific/linux/jool/source.nix @@ -0,0 +1,9 @@ +{ fetchzip }: + +rec { + version = "3.3.2"; + src = fetchzip { + url = "https://www.jool.mx/download/Jool-${version}.zip"; + sha256 = "0hc6vlxzmjrgf7vjcwprdqcbx3biq8kphks5k725mrd9rb84drgw"; + }; +} diff --git a/pkgs/os-specific/linux/kbd/default.nix b/pkgs/os-specific/linux/kbd/default.nix index fba63daf8e5..bb2915958f7 100644 --- a/pkgs/os-specific/linux/kbd/default.nix +++ b/pkgs/os-specific/linux/kbd/default.nix @@ -1,11 +1,11 @@ { stdenv, fetchurl, autoreconfHook, gzip, bzip2, pkgconfig, check, pam }: stdenv.mkDerivation rec { - name = "kbd-2.0.2"; + name = "kbd-2.0.3"; src = fetchurl { url = "mirror://kernel/linux/utils/kbd/${name}.tar.xz"; - sha256 = "04mrms12nm5sas0nxs94yrr3hz7gmqhnmfgb9ff34bh1jszxmzcx"; + sha256 = "0ppv953gn2zylcagr4z6zg5y2x93dxrml29plypg6xgbq3hrv2bs"; }; /* Get the dvorak programmer keymap (present in X but not in kbd) */ @@ -32,7 +32,7 @@ stdenv.mkDerivation rec { '' mkdir -p data/keymaps/i386/neo cat "$neoSrc" > data/keymaps/i386/neo/neo.map - sed -i -e 's,^KEYMAPSUBDIRS *= *,&i386/neo ,' data/Makefile.in + sed -i -e 's,^KEYMAPSUBDIRS *= *,&i386/neo ,' data/Makefile.am # Add the dvp keyboard in the dvorak folder ${gzip}/bin/gzip -c -d ${dvpSrc} > data/keymaps/i386/dvorak/dvp.map diff --git a/pkgs/os-specific/linux/kbdlight/default.nix b/pkgs/os-specific/linux/kbdlight/default.nix new file mode 100644 index 00000000000..1bc07f357a8 --- /dev/null +++ b/pkgs/os-specific/linux/kbdlight/default.nix @@ -0,0 +1,26 @@ +{ stdenv, fetchFromGitHub }: + +stdenv.mkDerivation rec { + name = "kbdlight-${version}"; + version = "1.3"; + + src = fetchFromGitHub { + owner = "hobarrera"; + repo = "kbdlight"; + rev = "v${version}"; + sha256 = "1f08aid1xrbl4sb5447gkip9lnvkia1c4ap0v8zih5s9w8v72bny"; + }; + + preConfigure = '' + substituteInPlace Makefile \ + --replace /usr/local $out + ''; + + meta = with stdenv.lib; { + homepage = https://github.com/hobarrera/kbdlight; + description = "A very simple application that changes MacBooks' keyboard backlight level"; + license = licenses.isc; + maintainers = [ maintainers.womfoo ]; + platforms = platforms.linux; + }; +} diff --git a/pkgs/os-specific/linux/kernel-headers/2.6.32.nix b/pkgs/os-specific/linux/kernel-headers/2.6.32.nix deleted file mode 100644 index 100dd0c611b..00000000000 --- a/pkgs/os-specific/linux/kernel-headers/2.6.32.nix +++ /dev/null @@ -1,62 +0,0 @@ -{stdenv, fetchurl, perl, cross ? null}: - -assert cross == null -> stdenv.isLinux; - -let - version = "2.6.32.16"; - kernelHeadersBaseConfig = if cross == null then - stdenv.platform.kernelHeadersBaseConfig - else - cross.platform.kernelHeadersBaseConfig; -in - -stdenv.mkDerivation { - name = "linux-headers-${version}"; - - src = fetchurl { - url = "mirror://kernel/linux/kernel/v2.6/linux-${version}.tar.bz2"; - sha256 = "1ndvqvfaxachsklzzr5db1bzvfhnzz8diddrm1zlv7171fzmn13j"; - }; - - targetConfig = if cross != null then cross.config else null; - - platform = - if cross != null then cross.platform.kernelArch else - if stdenv.system == "i686-linux" then "i386" else - if stdenv.system == "x86_64-linux" then "x86_64" else - if stdenv.system == "powerpc-linux" then "powerpc" else - if stdenv.isArm then "arm" else - if stdenv.platform ? kernelArch then stdenv.platform.kernelArch else - abort "don't know what the kernel include directory is called for this platform"; - - buildInputs = [perl]; - - extraIncludeDirs = - if cross != null then - (if cross.arch == "powerpc" then ["ppc"] else []) - else if stdenv.system == "powerpc-linux" then ["ppc"] else []; - - buildPhase = '' - if test -n "$targetConfig"; then - export ARCH=$platform - fi - make ${kernelHeadersBaseConfig} - make mrproper headers_check - ''; - - installPhase = '' - make INSTALL_HDR_PATH=$out headers_install - - # Some builds (e.g. KVM) want a kernel.release. - mkdir -p $out/include/config - echo "${version}-default" > $out/include/config/kernel.release - ''; - - # !!! hacky - fixupPhase = '' - ln -s asm $out/include/asm-$platform - if test "$platform" = "i386" -o "$platform" = "x86_64"; then - ln -s asm $out/include/asm-x86 - fi - ''; -} diff --git a/pkgs/os-specific/linux/kernel-headers/3.14.nix b/pkgs/os-specific/linux/kernel-headers/3.14.nix deleted file mode 100644 index d9d0ce7e3b3..00000000000 --- a/pkgs/os-specific/linux/kernel-headers/3.14.nix +++ /dev/null @@ -1,71 +0,0 @@ -{ stdenv, fetchurl, perl, cross ? null }: - -assert cross == null -> stdenv.isLinux; - -let - - version = "3.14.1"; - - kernelHeadersBaseConfig = - if cross == null - then stdenv.platform.kernelHeadersBaseConfig - else cross.platform.kernelHeadersBaseConfig; - -in - -stdenv.mkDerivation { - name = "linux-headers-${version}"; - - src = fetchurl { - url = "mirror://kernel/linux/kernel/v3.x/linux-${version}.tar.xz"; - sha256 = "1njm8gvlj7cq0m1051yxszl4f63383a7sv1na13hkqkv36kipgqx"; - }; - - targetConfig = if cross != null then cross.config else null; - - platform = - if cross != null then cross.platform.kernelArch else - if stdenv.system == "i686-linux" then "i386" else - if stdenv.system == "x86_64-linux" then "x86_64" else - if stdenv.system == "powerpc-linux" then "powerpc" else - if stdenv.isArm then "arm" else - if stdenv.platform ? kernelArch then stdenv.platform.kernelArch else - abort "don't know what the kernel include directory is called for this platform"; - - buildInputs = [perl]; - - extraIncludeDirs = - if cross != null then - (if cross.arch == "powerpc" then ["ppc"] else []) - else if stdenv.system == "powerpc-linux" then ["ppc"] else []; - - buildPhase = '' - if test -n "$targetConfig"; then - export ARCH=$platform - fi - make ${kernelHeadersBaseConfig} SHELL=bash - make mrproper headers_check SHELL=bash - ''; - - installPhase = '' - make INSTALL_HDR_PATH=$out headers_install - - # Some builds (e.g. KVM) want a kernel.release. - mkdir -p $out/include/config - echo "${version}-default" > $out/include/config/kernel.release - ''; - - # !!! hacky - fixupPhase = '' - ln -s asm $out/include/asm-$platform - if test "$platform" = "i386" -o "$platform" = "x86_64"; then - ln -s asm $out/include/asm-x86 - fi - ''; - - meta = with stdenv.lib; { - description = "Header files and scripts for Linux kernel"; - license = licenses.gpl2; - platforms = platforms.linux; - }; -} diff --git a/pkgs/os-specific/linux/kernel-headers/3.12.nix b/pkgs/os-specific/linux/kernel-headers/3.18.nix index 2fd34c68edc..0cc38a0548c 100644 --- a/pkgs/os-specific/linux/kernel-headers/3.12.nix +++ b/pkgs/os-specific/linux/kernel-headers/3.18.nix @@ -4,7 +4,7 @@ assert cross == null -> stdenv.isLinux; let - version = "3.12.32"; + version = "3.18.14"; kernelHeadersBaseConfig = if cross == null @@ -18,7 +18,7 @@ stdenv.mkDerivation { src = fetchurl { url = "mirror://kernel/linux/kernel/v3.x/linux-${version}.tar.xz"; - sha256 = "1hzws2bf267hfk81ywqcxspkyi1lg56x63izdc0pv1338xcfas53"; + sha256 = "1xh0vvn1l2g1kkg54f0mg0inbpsiqs24ybgsakksmcpcadjgqk1i"; }; targetConfig = if cross != null then cross.config else null; diff --git a/pkgs/os-specific/linux/kernel/btrfs-fix-deadlock.patch b/pkgs/os-specific/linux/kernel/btrfs-fix-deadlock.patch deleted file mode 100644 index 9430d583387..00000000000 --- a/pkgs/os-specific/linux/kernel/btrfs-fix-deadlock.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 9c4f61f01d269815bb7c37be3ede59c5587747c6 Mon Sep 17 00:00:00 2001 -From: David Sterba <dsterba@suse.cz> -Date: Fri, 2 Jan 2015 19:12:57 +0100 -Subject: btrfs: simplify insert_orphan_item - -We can search and add the orphan item in one go, -btrfs_insert_orphan_item will find out if the item already exists. - -Signed-off-by: David Sterba <dsterba@suse.cz> - -diff --git a/fs/btrfs/tree-log.c b/fs/btrfs/tree-log.c -index 5be45c1..25a1c36 100644 ---- a/fs/btrfs/tree-log.c -+++ b/fs/btrfs/tree-log.c -@@ -1254,21 +1254,13 @@ out: - } - - static int insert_orphan_item(struct btrfs_trans_handle *trans, -- struct btrfs_root *root, u64 offset) -+ struct btrfs_root *root, u64 ino) - { - int ret; -- struct btrfs_path *path; -- -- path = btrfs_alloc_path(); -- if (!path) -- return -ENOMEM; - -- ret = btrfs_find_item(root, path, BTRFS_ORPHAN_OBJECTID, -- offset, BTRFS_ORPHAN_ITEM_KEY, NULL); -- if (ret > 0) -- ret = btrfs_insert_orphan_item(trans, root, offset); -- -- btrfs_free_path(path); -+ ret = btrfs_insert_orphan_item(trans, root, ino); -+ if (ret == -EEXIST) -+ ret = 0; - - return ret; - } --- -cgit v0.10.2 - diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix index 5fdfdb3b6a1..218532a695e 100644 --- a/pkgs/os-specific/linux/kernel/common-config.nix +++ b/pkgs/os-specific/linux/kernel/common-config.nix @@ -54,6 +54,7 @@ with stdenv.lib; STANDALONE n # Make /proc/config.gz available. + IKCONFIG y IKCONFIG_PROC y # Optimize with -O2, not -Os. @@ -131,13 +132,19 @@ with stdenv.lib; FB_SIS_300 y FB_SIS_315 y FB_3DFX_ACCEL y + FB_VESA y + FRAMEBUFFER_CONSOLE y ${optionalString (versionOlder version "3.9" || stdenv.system == "i686-linux") '' FB_GEODE y ''} # Video configuration. # Enable KMS for devices whose X.org driver supports it. - DRM_I915_KMS y + ${optionalString (versionOlder version "4.3") '' + DRM_I915_KMS y + ''} + # Allow specifying custom EDID on the kernel command line + DRM_LOAD_EDID_FIRMWARE y ${optionalString (versionOlder version "3.9") '' DRM_RADEON_KMS? y ''} @@ -190,18 +197,26 @@ with stdenv.lib; OCFS2_DEBUG_MASKLOG? n BTRFS_FS_POSIX_ACL y UBIFS_FS_ADVANCED_COMPR? y + ${optionalString (versionAtLeast version "4.0") '' + NFSD_PNFS y + ''} + NFSD_V2_ACL y + NFSD_V3 y + NFSD_V3_ACL y + NFSD_V4 y + ${optionalString (versionAtLeast version "3.11") '' + NFSD_V4_SECURITY_LABEL y + ''} + NFS_FSCACHE y ${optionalString (versionAtLeast version "3.6") '' NFS_SWAP y ''} + NFS_V3_ACL y ${optionalString (versionAtLeast version "3.11") '' NFS_V4_1 y # NFSv4.1 client support NFS_V4_2 y + NFS_V4_SECURITY_LABEL y ''} - NFSD_V2_ACL y - NFSD_V3 y - NFSD_V3_ACL y - NFSD_V4 y - NFS_FSCACHE y CIFS_XATTR y CIFS_POSIX y CIFS_FSCACHE y @@ -226,7 +241,9 @@ with stdenv.lib; # Security related features. STRICT_DEVMEM y # Filter access to /dev/mem SECURITY_SELINUX_BOOTPARAM_VALUE 0 # Disable SELinux by default - DEVKMEM? n # Disable /dev/kmem + ${optionalString (!(features.grsecurity or false)) '' + DEVKMEM n # Disable /dev/kmem + ''} ${if versionOlder version "3.14" then '' CC_STACKPROTECTOR? y # Detect buffer overflows on the stack '' else '' @@ -292,6 +309,9 @@ with stdenv.lib; LOGO n # not needed MEDIA_ATTACH y MEGARAID_NEWGEN y + ${optionalString (versionAtLeast version "3.15") '' + MLX4_EN_VXLAN y + ''} MODVERSIONS y MOUSE_PS2_ELANTECH y # Elantech PS/2 protocol extension MTRR_SANITIZER y @@ -309,6 +329,7 @@ with stdenv.lib; SERIAL_8250 y # 8250/16550 and compatible serial support SLIP_COMPRESSED y # CSLIP compressed headers SLIP_SMART y + HWMON y THERMAL_HWMON y # Hardware monitoring support ${optionalString (versionAtLeast version "3.15") '' UEVENT_HELPER n @@ -322,6 +343,7 @@ with stdenv.lib; X86_MCE y # Linux containers. + NAMESPACES? y # Required by 'unshare' used by 'nixos-install' RT_GROUP_SCHED? y CGROUP_DEVICE? y ${if versionAtLeast version "3.6" then '' @@ -367,15 +389,34 @@ with stdenv.lib; # Virtualisation. PARAVIRT? y - ${if versionAtLeast version "3.10" then '' - HYPERVISOR_GUEST? y - '' else '' - PARAVIRT_GUEST? y - ''} - KVM_GUEST? y + ${optionalString (!(features.grsecurity or false)) + (if versionAtLeast version "3.10" then '' + HYPERVISOR_GUEST y + '' else '' + PARAVIRT_GUEST? y + '') + } + KVM_APIC_ARCHITECTURE y + KVM_ASYNC_PF y ${optionalString (versionOlder version "3.7") '' KVM_CLOCK? y ''} + ${optionalString (versionAtLeast version "4.0") '' + KVM_COMPAT? y + ''} + ${optionalString (versionAtLeast version "3.10") '' + KVM_DEVICE_ASSIGNMENT? y + ''} + ${optionalString (versionAtLeast version "4.0") '' + KVM_GENERIC_DIRTYLOG_READ_PROTECT y + ''} + ${optionalString (!features.grsecurity or true) '' + KVM_GUEST y + ''} + KVM_MMIO y + ${optionalString (versionAtLeast version "3.13") '' + KVM_VFIO y + ''} XEN? y XEN_DOM0? y ${optionalString ((versionAtLeast version "3.18") && (features.xen_dom0 or false)) '' @@ -437,10 +478,7 @@ with stdenv.lib; ''} ZRAM m - ${optionalString (versionAtLeast version "3.17") "NFC? n"} - - # Enable firmware loading via udev. Only needed for non-declarative - # firmware in /root/test-firmware. + # Enable firmware loading via udev (legacy). ${optionalString (versionAtLeast version "3.17") '' FW_LOADER_USER_HELPER_FALLBACK y ''} diff --git a/pkgs/os-specific/linux/kernel/linux-3.10.nix b/pkgs/os-specific/linux/kernel/linux-3.10.nix index ff9f2f38243..a66397f689b 100644 --- a/pkgs/os-specific/linux/kernel/linux-3.10.nix +++ b/pkgs/os-specific/linux/kernel/linux-3.10.nix @@ -1,12 +1,12 @@ -{ stdenv, fetchurl, ... } @ args: +{ stdenv, fetchurl, perl, buildLinux, ... } @ args: import ./generic.nix (args // rec { - version = "3.10.75"; + version = "3.10.89"; extraMeta.branch = "3.10"; src = fetchurl { url = "mirror://kernel/linux/kernel/v3.x/linux-${version}.tar.xz"; - sha256 = "00wqcmya2ky9f1djlq99mcq8fyvpabnjnp5cn61japlgk8p7r60q"; + sha256 = "13697akpdkv7xyyprysb4017q7j1ccynppb6wwllmhz1g2ichpii"; }; features.iwlwifi = true; diff --git a/pkgs/os-specific/linux/kernel/linux-3.12.nix b/pkgs/os-specific/linux/kernel/linux-3.12.nix index bd8c7d99daa..da520d13a02 100644 --- a/pkgs/os-specific/linux/kernel/linux-3.12.nix +++ b/pkgs/os-specific/linux/kernel/linux-3.12.nix @@ -1,12 +1,12 @@ -{ stdenv, fetchurl, ... } @ args: +{ stdenv, fetchurl, perl, buildLinux, ... } @ args: import ./generic.nix (args // rec { - version = "3.12.40"; + version = "3.12.48"; extraMeta.branch = "3.12"; src = fetchurl { url = "mirror://kernel/linux/kernel/v3.x/linux-${version}.tar.xz"; - sha256 = "1cdivv1n0r057y2wq38ci00im8z24jrnvyz5vwhmnzv0l4qzbhw5"; + sha256 = "1mvvpi2s8avg629y72miak8mdbv0mwb5dz0m7b48aah6dg866hiz"; }; features.iwlwifi = true; diff --git a/pkgs/os-specific/linux/kernel/linux-3.14.nix b/pkgs/os-specific/linux/kernel/linux-3.14.nix index 188eb6f699c..5ea214c9eb3 100644 --- a/pkgs/os-specific/linux/kernel/linux-3.14.nix +++ b/pkgs/os-specific/linux/kernel/linux-3.14.nix @@ -1,13 +1,13 @@ -{ stdenv, fetchurl, ... } @ args: +{ stdenv, fetchurl, perl, buildLinux, ... } @ args: import ./generic.nix (args // rec { - version = "3.14.39"; + version = "3.14.53"; # Remember to update grsecurity! extraMeta.branch = "3.14"; src = fetchurl { url = "mirror://kernel/linux/kernel/v3.x/linux-${version}.tar.xz"; - sha256 = "0zgfiqlvmprbn55k9ijf6db027mxlcww76y47g4g7vcj5qrpq6rd"; + sha256 = "0zqaqa7gs895p521c82jggak9zlmiwmkfarh2ykvh423sxjbvs5i"; }; features.iwlwifi = true; diff --git a/pkgs/os-specific/linux/kernel/linux-3.18.nix b/pkgs/os-specific/linux/kernel/linux-3.18.nix index aabeee6302f..c1171cecab5 100644 --- a/pkgs/os-specific/linux/kernel/linux-3.18.nix +++ b/pkgs/os-specific/linux/kernel/linux-3.18.nix @@ -1,21 +1,14 @@ -{ stdenv, fetchurl, ... } @ args: +{ stdenv, fetchurl, perl, buildLinux, ... } @ args: import ./generic.nix (args // rec { - version = "3.18.12"; + version = "3.18.21"; extraMeta.branch = "3.18"; src = fetchurl { url = "mirror://kernel/linux/kernel/v3.x/linux-${version}.tar.xz"; - sha256 = "06wfgg00vc5a2vvmg158ipbmigx803hdp3lhf4kv25p4sdmvbsl2"; + sha256 = "0y54kh55grgbyw4k8fa9vx8b426bq9lz12bpvwvzfjs7vimachyw"; }; - # FIXME: remove with the next point release. - kernelPatches = args.kernelPatches ++ - [ { name = "btrfs-fix-deadlock"; - patch = ./btrfs-fix-deadlock.patch; - } - ]; - features.iwlwifi = true; features.efiBootStub = true; features.needsCifsUtils = true; diff --git a/pkgs/os-specific/linux/kernel/linux-3.2.nix b/pkgs/os-specific/linux/kernel/linux-3.2.nix deleted file mode 100644 index 54cf9bc9324..00000000000 --- a/pkgs/os-specific/linux/kernel/linux-3.2.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ stdenv, fetchurl, ... } @ args: - -import ./generic.nix (args // rec { - version = "3.2.68"; - extraMeta.branch = "3.2"; - - src = fetchurl { - url = "mirror://kernel/linux/kernel/v3.x/linux-${version}.tar.xz"; - sha256 = "0yz3k3qqr13r6fa2f8i83rryiawy4rrd7qk2zx6jxq6byfd31ba2"; - }; - - # We don't provide these patches if grsecurity is enabled, because - # the grsec 3.2 -stable patchset already includes them. - kernelPatches = args.kernelPatches ++ ( - stdenv.lib.optionals (!(args.features.grsecurity or false)) - [ { name = "0001-AppArmor-compatibility-patch-for-v5-network-controll"; - patch = ./apparmor-patches/3.2/0001-AppArmor-compatibility-patch-for-v5-network-controll.patch; - } - { name = "0002-AppArmor-compatibility-patch-for-v5-interface"; - patch = ./apparmor-patches/3.2/0002-AppArmor-compatibility-patch-for-v5-interface.patch; - } - { name = "0003-AppArmor-Allow-dfa-backward-compatibility-with-broke"; - patch = ./apparmor-patches/3.2/0003-AppArmor-Allow-dfa-backward-compatibility-with-broke.patch; - }]); - - features.iwlwifi = true; -} // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-3.4.nix b/pkgs/os-specific/linux/kernel/linux-3.4.nix deleted file mode 100644 index eaf5bfad6d8..00000000000 --- a/pkgs/os-specific/linux/kernel/linux-3.4.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ stdenv, fetchurl, ... } @ args: - -import ./generic.nix (args // rec { - version = "3.4.107"; - extraMeta.branch = "3.4"; - - src = fetchurl { - url = "mirror://kernel/linux/kernel/v3.x/linux-${version}.tar.xz"; - sha256 = "1y3mxisdcnz3kj416bpnnn9cn3wqqjqvcjadhylc1wypqkpcvphq"; - }; - - kernelPatches = args.kernelPatches ++ - [ { name = "0001-UBUNTU-SAUCE-AppArmor-Add-profile-introspection-file"; - patch = ./apparmor-patches/3.4/0001-UBUNTU-SAUCE-AppArmor-Add-profile-introspection-file.patch; - } - { name = "0002-UBUNTU-SAUCE-AppArmor-basic-networking-rules"; - patch = ./apparmor-patches/3.4/0002-UBUNTU-SAUCE-AppArmor-basic-networking-rules.patch; - } - { name = "0003-UBUNTU-SAUCE-apparmor-Add-the-ability-to-mediate-mou"; - patch = ./apparmor-patches/3.4/0003-UBUNTU-SAUCE-apparmor-Add-the-ability-to-mediate-mou.patch; - }]; - - features.iwlwifi = true; - features.efiBootStub = true; - features.needsCifsUtils = true; - features.netfilterRPFilter = true; -}) diff --git a/pkgs/os-specific/linux/kernel/linux-3.19.nix b/pkgs/os-specific/linux/kernel/linux-4.1.nix index 79302819d7c..51844f1e068 100644 --- a/pkgs/os-specific/linux/kernel/linux-3.19.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.1.nix @@ -1,13 +1,13 @@ -{ stdenv, fetchurl, ... } @ args: +{ stdenv, fetchurl, perl, buildLinux, ... } @ args: import ./generic.nix (args // rec { - version = "3.19.5"; + version = "4.1.9"; # Remember to update grsecurity! - extraMeta.branch = "3.19"; + extraMeta.branch = "4.1"; src = fetchurl { - url = "mirror://kernel/linux/kernel/v3.x/linux-${version}.tar.xz"; - sha256 = "0s2yiyk1ks0z2fj8a8g56hkp6mfyvh9c34m1jpixhg9zck9xjdix"; + url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; + sha256 = "141s028bpci5fwn190rgcivhk0066nkc2h6y49yqdjdanx47i1sr"; }; features.iwlwifi = true; diff --git a/pkgs/os-specific/linux/kernel/linux-4.0.nix b/pkgs/os-specific/linux/kernel/linux-4.2.nix index b63aa7e9932..56914ae9cde 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.0.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.2.nix @@ -1,13 +1,12 @@ -{ stdenv, fetchurl, ... } @ args: +{ stdenv, fetchurl, perl, buildLinux, ... } @ args: import ./generic.nix (args // rec { - version = "4.0"; - modDirVersion = "4.0.0"; - extraMeta.branch = "4.0"; + version = "4.2.2"; + extraMeta.branch = "4.2"; src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "14argl6ywkggdvgiycfx4jl2d7290f631ly59wfggj4vjx27sbqg"; + sha256 = "0k5nda60jla02n7ghhma7klkfklh008d1cpf684fp82cywbp5g1f"; }; features.iwlwifi = true; diff --git a/pkgs/os-specific/linux/kernel/linux-rpi.nix b/pkgs/os-specific/linux/kernel/linux-rpi.nix index 67a51dc767d..320d4994cf2 100644 --- a/pkgs/os-specific/linux/kernel/linux-rpi.nix +++ b/pkgs/os-specific/linux/kernel/linux-rpi.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, ... } @ args: +{ stdenv, fetchurl, perl, buildLinux, ... } @ args: let @@ -7,7 +7,7 @@ let in import ./generic.nix (args // rec { version = "3.18.y-${rev}"; - modDirVersion = "3.18.7-v7"; + modDirVersion = "3.18.7"; src = fetchurl { url = "https://api.github.com/repos/raspberrypi/linux/tarball/${rev}"; diff --git a/pkgs/os-specific/linux/kernel/linux-testing.nix b/pkgs/os-specific/linux/kernel/linux-testing.nix index 769381355d4..d13357825a5 100644 --- a/pkgs/os-specific/linux/kernel/linux-testing.nix +++ b/pkgs/os-specific/linux/kernel/linux-testing.nix @@ -1,13 +1,13 @@ -{ stdenv, fetchurl, ... } @ args: +{ stdenv, fetchurl, perl, buildLinux, ... } @ args: import ./generic.nix (args // rec { - version = "4.0-rc7"; - modDirVersion = "4.0.0-rc7"; - extraMeta.branch = "4.0"; + version = "4.3-rc2"; + modDirVersion = "4.3.0-rc2"; + extraMeta.branch = "4.3"; src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/testing/linux-${version}.tar.xz"; - sha256 = "1261p44zmsaq7gf08b8sd9xng2y46d4v7jyfipjlgrrmlkyfgqki"; + sha256 = "1mgm3r0vz0jbfbqxcjfw0wv5ix6qhwymjz1chh543lvb0729ayb4"; }; features.iwlwifi = true; diff --git a/pkgs/os-specific/linux/kernel/manual-config.nix b/pkgs/os-specific/linux/kernel/manual-config.nix index 620df6dd6cf..49880e0ecdd 100644 --- a/pkgs/os-specific/linux/kernel/manual-config.nix +++ b/pkgs/os-specific/linux/kernel/manual-config.nix @@ -1,4 +1,4 @@ -{ stdenv, runCommand, nettools, bc, perl, kmod, writeTextFile, ubootChooser }: +{ stdenv, runCommand, nettools, bc, perl, kmod, openssl, writeTextFile, ubootChooser }: let readConfig = configfile: import (runCommand "config.nix" {} '' @@ -49,7 +49,8 @@ let commonMakeFlags = [ "O=$(buildRoot)" - ]; + ] ++ stdenv.lib.optionals (stdenv.platform ? kernelMakeFlags) + stdenv.platform.kernelMakeFlags; drvAttrs = config_: platform: kernelPatches: configfile: let @@ -124,7 +125,8 @@ let mkdir -p $out/lib/firmware '') + (if (platform ? kernelDTB && platform.kernelDTB) then '' make $makeFlags "''${makeFlagsArray[@]}" dtbs - cp $buildRoot/arch/$karch/boot/dts/*dtb $out + mkdir -p $out/dtbs + cp $buildRoot/arch/$karch/boot/dts/*.dtb $out/dtbs '' else "") + (if isModular then '' make modules_install $makeFlags "''${makeFlagsArray[@]}" \ $installFlags "''${installFlagsArray[@]}" @@ -207,7 +209,6 @@ let homepage = http://www.kernel.org/; repositories.git = https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git; maintainers = [ - maintainers.shlevy maintainers.thoughtpolice ]; platforms = platforms.linux; @@ -220,7 +221,7 @@ stdenv.mkDerivation ((drvAttrs config stdenv.platform (kernelPatches ++ nativeKe enableParallelBuilding = true; - nativeBuildInputs = [ perl bc nettools ] ++ optional (stdenv.platform.uboot != null) + nativeBuildInputs = [ perl bc nettools openssl ] ++ optional (stdenv.platform.uboot != null) (ubootChooser stdenv.platform.uboot); makeFlags = commonMakeFlags ++ [ diff --git a/pkgs/os-specific/linux/kernel/patches.nix b/pkgs/os-specific/linux/kernel/patches.nix index 998717b1f5d..de1b16347e1 100644 --- a/pkgs/os-specific/linux/kernel/patches.nix +++ b/pkgs/os-specific/linux/kernel/patches.nix @@ -58,6 +58,21 @@ rec { patch = ./mips-ext3-n32.patch; }; + ubuntu_fan = + { name = "ubuntu-fan"; + patch = ./ubuntu-fan-3.patch; + }; + + ubuntu_fan_4 = + { name = "ubuntu-fan"; + patch = ./ubuntu-fan-4.patch; + }; + + ubuntu_unprivileged_overlayfs = + { name = "ubuntu-unprivileged-overlayfs"; + patch = ./ubuntu-unprivileged-overlayfs.patch; + }; + tuxonice_3_10 = makeTuxonicePatch { version = "2013-11-07"; kernelVersion = "3.10.18"; @@ -65,17 +80,17 @@ rec { }; grsecurity_stable = grsecPatch - { kversion = "3.14.39"; - revision = "201504190814"; + { kversion = "3.14.51"; + revision = "201508181951"; branch = "stable"; - sha256 = "0pjq0ggifh6hp5y62dl0ydskpmsmzj1cxxjaaqs6fpwn5ndsdji7"; + sha256 = "1sp1gwa7ahzflq7ayb51bg52abrn5zx1hb3pff3axpjqq7vfai6f"; }; grsecurity_unstable = grsecPatch - { kversion = "3.19.5"; - revision = "201504190814"; + { kversion = "4.1.7"; + revision = "201509131604"; branch = "test"; - sha256 = "0wj9bximhs41b11hh113mishmc1ya8bncc0v91cbrivx5y5hjpz0"; + sha256 = "1frfyi1pkiqc3awri3sr7xv41qxc8m2kb1yhfvj6xkrwb9li2bki"; }; grsec_fix_path = diff --git a/pkgs/os-specific/linux/kernel/perf.nix b/pkgs/os-specific/linux/kernel/perf.nix index efd3515ff24..2dcdcdc4a91 100644 --- a/pkgs/os-specific/linux/kernel/perf.nix +++ b/pkgs/os-specific/linux/kernel/perf.nix @@ -23,10 +23,13 @@ stdenv.mkDerivation { # perf refers both to newt and slang # binutils is required for libbfd. nativeBuildInputs = [ asciidoc xmlto docbook_xsl docbook_xml_dtd_45 libxslt flex bison ]; - buildInputs = [ elfutils python perl newt slang pkgconfig libunwind binutils ] ++ + buildInputs = [ python perl newt slang pkgconfig libunwind binutils ] ++ stdenv.lib.optional withGtk gtk; - NIX_CFLAGS_COMPILE = "-Wno-error=cpp"; + # Note: we don't add elfutils to buildInputs, since it provides a + # bad `ld' and other stuff. + NIX_CFLAGS_COMPILE = "-I${elfutils}/include -Wno-error=cpp"; + NIX_CFLAGS_LINK = "-L${elfutils}/lib"; installFlags = "install install-man ASCIIDOC8=1"; diff --git a/pkgs/os-specific/linux/kernel/ubuntu-fan-3.patch b/pkgs/os-specific/linux/kernel/ubuntu-fan-3.patch new file mode 100644 index 00000000000..c80950d0614 --- /dev/null +++ b/pkgs/os-specific/linux/kernel/ubuntu-fan-3.patch @@ -0,0 +1,616 @@ +From f3c956096902669c3529cb01d40deb0c759ed94f Mon Sep 17 00:00:00 2001 +From: Jay Vosburgh <jay.vosburgh@canonical.com> +Date: Wed, 1 Apr 2015 16:11:09 -0700 +Subject: [PATCH] UBUNTU: SAUCE: fan: Proof of concept implementation (v2) + +Modification to ipip tunnel driver to accept a new netlink option, +IFLA_IPTUN_FAN_UNDERLAY, which provides a /16 network prefix and enables +TX side destination address remapping for traffic entering the tunnel +(to be encapsulated). + +For an overlay (inner) address Y.A.B.C, the transformation is F.G.A.B, +where "F" and "G" are the first two octets of the underlay network (the +network portion of a /16), "A" and "B" are the low order two octets of the +underlay network host (the host portion of a /16), and "Y" is a configured +first octet of the overlay network. + +E.g., underlay host 10.88.3.4 with an overlay of 99 would host overlay +subnet 99.3.4.0/24. An overlay network datagram from 99.3.4.5 to 99.6.7.8 +would be directed to underlay host 10.88.6.7, which hosts overlay network +99.6.7.0/24. + +Includes net.fan.version sysctl as a sentinel for availability of the +fan functionality. + +NOTE: this requires an updated iproute2 to facilitate configuration of +the fan. + +BugLink: http://bugs.launchpad.net/bugs/1439706 +Signed-off-by: Jay Vosburgh <jay.vosburgh@canonical.com> +[apw@canonical.com: move IFLA_IPTUN_FAN_UNDERLAY up to avoid clashing + with future feature additions.] +Signed-off-by: Andy Whitcroft <apw@canonical.com> +--- + include/net/ip_tunnels.h | 6 +++ + include/uapi/linux/if_tunnel.h | 4 ++ + net/ipv4/ipip.c | 112 +++++++++++++++++++++++++++++++++++++++-- + 3 files changed, 117 insertions(+), 5 deletions(-) + +diff --git a/include/net/ip_tunnels.h b/include/net/ip_tunnels.h +index 25a59eb..d7eada2 100644 +--- a/include/net/ip_tunnels.h ++++ b/include/net/ip_tunnels.h +@@ -51,6 +51,11 @@ struct ip_tunnel_dst { + __be32 saddr; + }; + ++/* Underlay address prefix for ipip fan mode */ ++struct ip_tunnel_fan { ++ u32 underlay; ++}; ++ + struct ip_tunnel { + struct ip_tunnel __rcu *next; + struct hlist_node hash_node; +@@ -82,6 +87,7 @@ struct ip_tunnel { + #endif + struct ip_tunnel_prl_entry __rcu *prl; /* potential router list */ + unsigned int prl_count; /* # of entries in PRL */ ++ struct ip_tunnel_fan fan; + int ip_tnl_net_id; + struct gro_cells gro_cells; + }; +diff --git a/include/uapi/linux/if_tunnel.h b/include/uapi/linux/if_tunnel.h +index bd3cc11..8f7d269 100644 +--- a/include/uapi/linux/if_tunnel.h ++++ b/include/uapi/linux/if_tunnel.h +@@ -57,6 +57,10 @@ enum { + IFLA_IPTUN_ENCAP_FLAGS, + IFLA_IPTUN_ENCAP_SPORT, + IFLA_IPTUN_ENCAP_DPORT, ++ ++ __IFLA_IPTUN_VENDOR_BREAK, /* Ensure new entries do not hit the below. */ ++ IFLA_IPTUN_FAN_UNDERLAY=32, ++ + __IFLA_IPTUN_MAX, + }; + #define IFLA_IPTUN_MAX (__IFLA_IPTUN_MAX - 1) +diff --git a/net/ipv4/ipip.c b/net/ipv4/ipip.c +index 40403114..e3c27cd 100644 +--- a/net/ipv4/ipip.c ++++ b/net/ipv4/ipip.c +@@ -209,13 +209,38 @@ drop: + } + + /* ++ * Determine fan tunnel endpoint to send packet to, based on the inner IP ++ * address. For an overlay (inner) address Y.A.B.C, the transformation is ++ * F.G.A.B, where "F" and "G" are the first two octets of the underlay ++ * network (the network portion of a /16), "A" and "B" are the low order ++ * two octets of the underlay network host (the host portion of a /16), ++ * and "Y" is a configured first octet of the overlay network. ++ * ++ * E.g., underlay host 10.88.3.4 with an overlay of 99 would host overlay ++ * subnet 99.3.4.0/24. An overlay network datagram from 99.3.4.5 to ++ * 99.6.7.8, would be directed to underlay host 10.88.6.7, which hosts ++ * overlay network 99.6.7.0/24. ++ */ ++static void ipip_build_fan_iphdr(struct ip_tunnel *tunnel, struct sk_buff *skb, struct iphdr *iph) ++{ ++ u32 daddr; ++ ++ *iph = tunnel->parms.iph; ++ ++ daddr = ntohl(ip_hdr(skb)->daddr); ++ iph->daddr = htonl((tunnel->fan.underlay & 0xffff0000) | ++ ((daddr >> 8) & 0x0000ffff)); ++} ++ ++/* + * This function assumes it is being called from dev_queue_xmit() + * and that skb is filled properly by that function. + */ + static netdev_tx_t ipip_tunnel_xmit(struct sk_buff *skb, struct net_device *dev) + { + struct ip_tunnel *tunnel = netdev_priv(dev); +- const struct iphdr *tiph = &tunnel->parms.iph; ++ const struct iphdr *tiph; ++ struct iphdr fiph; + + if (unlikely(skb->protocol != htons(ETH_P_IP))) + goto tx_error; +@@ -224,6 +249,13 @@ static netdev_tx_t ipip_tunnel_xmit(struct sk_buff *skb, struct net_device *dev) + if (IS_ERR(skb)) + goto out; + ++ if (tunnel->fan.underlay) { ++ ipip_build_fan_iphdr(tunnel, skb, &fiph); ++ tiph = &fiph; ++ } else { ++ tiph = &tunnel->parms.iph; ++ } ++ + skb_set_inner_ipproto(skb, IPPROTO_IPIP); + + ip_tunnel_xmit(skb, dev, tiph, tiph->protocol); +@@ -377,21 +409,44 @@ static bool ipip_netlink_encap_parms(struct nlattr *data[], + return ret; + } + ++static int ipip_netlink_fan(struct nlattr *data[], struct ip_tunnel *t, ++ struct ip_tunnel_parm *parms) ++{ ++ u32 net = t->fan.underlay; ++ ++ if (!data[IFLA_IPTUN_FAN_UNDERLAY]) ++ goto err_check; ++ ++ net = ntohl(nla_get_be32(data[IFLA_IPTUN_FAN_UNDERLAY])) & 0xffff0000; ++ ++err_check: ++ if (parms->iph.daddr && net) ++ return -EINVAL; ++ ++ t->fan.underlay = net; ++ ++ return 0; ++} ++ + static int ipip_newlink(struct net *src_net, struct net_device *dev, + struct nlattr *tb[], struct nlattr *data[]) + { + struct ip_tunnel_parm p; + struct ip_tunnel_encap ipencap; ++ struct ip_tunnel *t = netdev_priv(dev); ++ int err; + + if (ipip_netlink_encap_parms(data, &ipencap)) { +- struct ip_tunnel *t = netdev_priv(dev); +- int err = ip_tunnel_encap_setup(t, &ipencap); ++ err = ip_tunnel_encap_setup(t, &ipencap); + + if (err < 0) + return err; + } + + ipip_netlink_parms(data, &p); ++ err = ipip_netlink_fan(data, t, &p); ++ if (err < 0) ++ return err; + return ip_tunnel_newlink(dev, tb, &p); + } + +@@ -400,16 +455,20 @@ static int ipip_changelink(struct net_device *dev, struct nlattr *tb[], + { + struct ip_tunnel_parm p; + struct ip_tunnel_encap ipencap; ++ struct ip_tunnel *t = netdev_priv(dev); ++ int err; + + if (ipip_netlink_encap_parms(data, &ipencap)) { +- struct ip_tunnel *t = netdev_priv(dev); +- int err = ip_tunnel_encap_setup(t, &ipencap); ++ err = ip_tunnel_encap_setup(t, &ipencap); + + if (err < 0) + return err; + } + + ipip_netlink_parms(data, &p); ++ err = ipip_netlink_fan(data, t, &p); ++ if (err < 0) ++ return err; + + if (((dev->flags & IFF_POINTOPOINT) && !p.iph.daddr) || + (!(dev->flags & IFF_POINTOPOINT) && p.iph.daddr)) +@@ -441,6 +500,8 @@ static size_t ipip_get_size(const struct net_device *dev) + nla_total_size(2) + + /* IFLA_IPTUN_ENCAP_DPORT */ + nla_total_size(2) + ++ /* IFLA_IPTUN_FAN_UNDERLAY */ ++ nla_total_size(4) + + 0; + } + +@@ -468,6 +529,11 @@ static int ipip_fill_info(struct sk_buff *skb, const struct net_device *dev) + tunnel->encap.flags)) + goto nla_put_failure; + ++ if (tunnel->fan.underlay) ++ if (nla_put_be32(skb, IFLA_IPTUN_FAN_UNDERLAY, ++ htonl(tunnel->fan.underlay))) ++ goto nla_put_failure; ++ + return 0; + + nla_put_failure: +@@ -485,6 +551,9 @@ static const struct nla_policy ipip_policy[IFLA_IPTUN_MAX + 1] = { + [IFLA_IPTUN_ENCAP_FLAGS] = { .type = NLA_U16 }, + [IFLA_IPTUN_ENCAP_SPORT] = { .type = NLA_U16 }, + [IFLA_IPTUN_ENCAP_DPORT] = { .type = NLA_U16 }, ++ ++ [__IFLA_IPTUN_VENDOR_BREAK ... IFLA_IPTUN_MAX] = { .type = NLA_BINARY }, ++ [IFLA_IPTUN_FAN_UNDERLAY] = { .type = NLA_U32 }, + }; + + static struct rtnl_link_ops ipip_link_ops __read_mostly = { +@@ -524,6 +593,23 @@ static struct pernet_operations ipip_net_ops = { + .size = sizeof(struct ip_tunnel_net), + }; + ++#ifdef CONFIG_SYSCTL ++static struct ctl_table_header *ipip_fan_header; ++static unsigned int ipip_fan_version = 1; ++ ++static struct ctl_table ipip_fan_sysctls[] = { ++ { ++ .procname = "version", ++ .data = &ipip_fan_version, ++ .maxlen = sizeof(ipip_fan_version), ++ .mode = 0444, ++ .proc_handler = proc_dointvec, ++ }, ++ {}, ++}; ++ ++#endif /* CONFIG_SYSCTL */ ++ + static int __init ipip_init(void) + { + int err; +@@ -542,9 +628,22 @@ static int __init ipip_init(void) + if (err < 0) + goto rtnl_link_failed; + ++#ifdef CONFIG_SYSCTL ++ ipip_fan_header = register_net_sysctl(&init_net, "net/fan", ++ ipip_fan_sysctls); ++ if (!ipip_fan_header) { ++ err = -ENOMEM; ++ goto sysctl_failed; ++ } ++#endif /* CONFIG_SYSCTL */ ++ + out: + return err; + ++#ifdef CONFIG_SYSCTL ++sysctl_failed: ++ rtnl_link_unregister(&ipip_link_ops); ++#endif /* CONFIG_SYSCTL */ + rtnl_link_failed: + xfrm4_tunnel_deregister(&ipip_handler, AF_INET); + xfrm_tunnel_failed: +@@ -554,6 +653,9 @@ xfrm_tunnel_failed: + + static void __exit ipip_fini(void) + { ++#ifdef CONFIG_SYSCTL ++ unregister_net_sysctl_table(ipip_fan_header); ++#endif /* CONFIG_SYSCTL */ + rtnl_link_unregister(&ipip_link_ops); + if (xfrm4_tunnel_deregister(&ipip_handler, AF_INET)) + pr_info("%s: can't deregister tunnel\n", __func__); +-- +2.4.1 + +From 4ea8011656dfdd76e7a2391bdad47c06f85a9d02 Mon Sep 17 00:00:00 2001 +From: Andy Whitcroft <apw@canonical.com> +Date: Tue, 21 Jul 2015 16:52:10 +0100 +Subject: [PATCH] UBUNTU: SAUCE: fan: tunnel multiple mapping mode (v3) + +Switch to a single tunnel for all mappings, this removes the limitations +on how many mappings each tunnel can handle, and therefore how many Fan +slices each local address may hold. + +NOTE: This introduces a new kernel netlink interface which needs updated +iproute2 support. + +BugLink: http://bugs.launchpad.net/bugs/1470091 +Signed-off-by: Jay Vosburgh <jay.vosburgh@canonical.com> +Signed-off-by: Andy Whitcroft <apw@canonical.com> +Acked-by: Tim Gardner <tim.gardner@canonical.com> +Acked-by: Brad Figg <brad.figg@canonical.com> +Signed-off-by: Brad Figg <brad.figg@canonical.com> +--- + include/net/ip_tunnels.h | 14 ++++- + include/uapi/linux/if_tunnel.h | 20 ++++++- + net/ipv4/ip_tunnel.c | 7 ++- + net/ipv4/ipip.c | 120 +++++++++++++++++++++++++++++++++-------- + 4 files changed, 133 insertions(+), 28 deletions(-) + +diff --git a/include/net/ip_tunnels.h b/include/net/ip_tunnels.h +index d7eada2..2f7bc8c 100644 +--- a/include/net/ip_tunnels.h ++++ b/include/net/ip_tunnels.h +@@ -51,9 +51,18 @@ struct ip_tunnel_dst { + __be32 saddr; + }; + +-/* Underlay address prefix for ipip fan mode */ ++/* A fan overlay /8 (250.0.0.0/8, for example) maps to exactly one /16 ++ * underlay (10.88.0.0/16, for example). Multiple local addresses within ++ * the /16 may be used, but a particular overlay may not span ++ * multiple underlay subnets. ++ * ++ * We store one underlay, indexed by the overlay's high order octet. ++ */ ++#define FAN_OVERLAY_CNT 256 ++ + struct ip_tunnel_fan { +- u32 underlay; ++/* u32 __rcu *map;*/ ++ u32 map[FAN_OVERLAY_CNT]; + }; + + struct ip_tunnel { +@@ -104,6 +113,7 @@ struct ip_tunnel { + #define TUNNEL_OAM __cpu_to_be16(0x0200) + #define TUNNEL_CRIT_OPT __cpu_to_be16(0x0400) + #define TUNNEL_OPTIONS_PRESENT __cpu_to_be16(0x0800) ++#define TUNNEL_FAN __cpu_to_be16(0x4000) + + struct tnl_ptk_info { + __be16 flags; +diff --git a/include/uapi/linux/if_tunnel.h b/include/uapi/linux/if_tunnel.h +index 8f7d269..9625934 100644 +--- a/include/uapi/linux/if_tunnel.h ++++ b/include/uapi/linux/if_tunnel.h +@@ -58,8 +58,8 @@ enum { + IFLA_IPTUN_ENCAP_SPORT, + IFLA_IPTUN_ENCAP_DPORT, + +- __IFLA_IPTUN_VENDOR_BREAK, /* Ensure new entries do not hit the below. */ +- IFLA_IPTUN_FAN_UNDERLAY=32, ++ __IFLA_IPTUN_VENDOR_BREAK, /* Ensure new entries do not hit the below. */ ++ IFLA_IPTUN_FAN_MAP = 33, + + __IFLA_IPTUN_MAX, + }; +@@ -135,4 +135,20 @@ enum { + }; + + #define IFLA_VTI_MAX (__IFLA_VTI_MAX - 1) ++ ++enum { ++ IFLA_FAN_UNSPEC, ++ IFLA_FAN_MAPPING, ++ __IFLA_FAN_MAX, ++}; ++ ++#define IFLA_FAN_MAX (__IFLA_FAN_MAX - 1) ++ ++struct ip_tunnel_fan_map { ++ __be32 underlay; ++ __be32 overlay; ++ __u16 underlay_prefix; ++ __u16 overlay_prefix; ++}; ++ + #endif /* _UAPI_IF_TUNNEL_H_ */ +diff --git a/net/ipv4/ip_tunnel.c b/net/ipv4/ip_tunnel.c +index d3e4479..60bd10f 100644 +--- a/net/ipv4/ip_tunnel.c ++++ b/net/ipv4/ip_tunnel.c +@@ -1078,6 +1078,11 @@ out: + } + EXPORT_SYMBOL_GPL(ip_tunnel_newlink); + ++static int ip_tunnel_is_fan(struct ip_tunnel *tunnel) ++{ ++ return tunnel->parms.i_flags & TUNNEL_FAN; ++} ++ + int ip_tunnel_changelink(struct net_device *dev, struct nlattr *tb[], + struct ip_tunnel_parm *p) + { +@@ -1087,7 +1092,7 @@ int ip_tunnel_changelink(struct net_device *dev, struct nlattr *tb[], + struct ip_tunnel_net *itn = net_generic(net, tunnel->ip_tnl_net_id); + + if (dev == itn->fb_tunnel_dev) +- return -EINVAL; ++ return ip_tunnel_is_fan(tunnel) ? 0 : -EINVAL; + + t = ip_tunnel_find(itn, p, dev->type); + +diff --git a/net/ipv4/ipip.c b/net/ipv4/ipip.c +index e3c27cd..d6ebc66 100644 +--- a/net/ipv4/ipip.c ++++ b/net/ipv4/ipip.c +@@ -107,6 +107,7 @@ + #include <linux/init.h> + #include <linux/netfilter_ipv4.h> + #include <linux/if_ether.h> ++#include <linux/inetdevice.h> + + #include <net/sock.h> + #include <net/ip.h> +@@ -208,6 +209,11 @@ drop: + return 0; + } + ++static int ipip_tunnel_is_fan(struct ip_tunnel *tunnel) ++{ ++ return tunnel->parms.i_flags & TUNNEL_FAN; ++} ++ + /* + * Determine fan tunnel endpoint to send packet to, based on the inner IP + * address. For an overlay (inner) address Y.A.B.C, the transformation is +@@ -221,15 +227,20 @@ drop: + * 99.6.7.8, would be directed to underlay host 10.88.6.7, which hosts + * overlay network 99.6.7.0/24. + */ +-static void ipip_build_fan_iphdr(struct ip_tunnel *tunnel, struct sk_buff *skb, struct iphdr *iph) ++static int ipip_build_fan_iphdr(struct ip_tunnel *tunnel, struct sk_buff *skb, struct iphdr *iph) + { +- u32 daddr; +- +- *iph = tunnel->parms.iph; ++ unsigned int overlay; ++ u32 daddr, underlay; + + daddr = ntohl(ip_hdr(skb)->daddr); +- iph->daddr = htonl((tunnel->fan.underlay & 0xffff0000) | +- ((daddr >> 8) & 0x0000ffff)); ++ overlay = daddr >> 24; ++ underlay = tunnel->fan.map[overlay]; ++ if (!underlay) ++ return -EINVAL; ++ ++ *iph = tunnel->parms.iph; ++ iph->daddr = htonl(underlay | ((daddr >> 8) & 0x0000ffff)); ++ return 0; + } + + /* +@@ -249,8 +260,9 @@ static netdev_tx_t ipip_tunnel_xmit(struct sk_buff *skb, struct net_device *dev) + if (IS_ERR(skb)) + goto out; + +- if (tunnel->fan.underlay) { +- ipip_build_fan_iphdr(tunnel, skb, &fiph); ++ if (ipip_tunnel_is_fan(tunnel)) { ++ if (ipip_build_fan_iphdr(tunnel, skb, &fiph)) ++ goto tx_error; + tiph = &fiph; + } else { + tiph = &tunnel->parms.iph; +@@ -409,21 +421,65 @@ static bool ipip_netlink_encap_parms(struct nlattr *data[], + return ret; + } + ++static void ipip_fan_free_map(struct ip_tunnel *t) ++{ ++ memset(&t->fan.map, 0, sizeof(t->fan.map)); ++} ++ ++static int ipip_fan_set_map(struct ip_tunnel *t, struct ip_tunnel_fan_map *map) ++{ ++ u32 overlay, overlay_mask, underlay, underlay_mask; ++ ++ if ((map->underlay_prefix && map->underlay_prefix != 16) || ++ (map->overlay_prefix && map->overlay_prefix != 8)) ++ return -EINVAL; ++ ++ overlay = ntohl(map->overlay); ++ overlay_mask = ntohl(inet_make_mask(map->overlay_prefix)); ++ ++ underlay = ntohl(map->underlay); ++ underlay_mask = ntohl(inet_make_mask(map->underlay_prefix)); ++ ++ if ((overlay & ~overlay_mask) || (underlay & ~underlay_mask)) ++ return -EINVAL; ++ ++ if (!(overlay & overlay_mask) && (underlay & underlay_mask)) ++ return -EINVAL; ++ ++ t->parms.i_flags |= TUNNEL_FAN; ++ ++ /* Special case: overlay 0 and underlay 0 clears all mappings */ ++ if (!overlay && !underlay) { ++ ipip_fan_free_map(t); ++ return 0; ++ } ++ ++ overlay >>= (32 - map->overlay_prefix); ++ t->fan.map[overlay] = underlay; ++ ++ return 0; ++} ++ ++ + static int ipip_netlink_fan(struct nlattr *data[], struct ip_tunnel *t, + struct ip_tunnel_parm *parms) + { +- u32 net = t->fan.underlay; +- +- if (!data[IFLA_IPTUN_FAN_UNDERLAY]) +- goto err_check; ++ struct ip_tunnel_fan_map *map; ++ struct nlattr *attr; ++ int rem, rv; + +- net = ntohl(nla_get_be32(data[IFLA_IPTUN_FAN_UNDERLAY])) & 0xffff0000; ++ if (!data[IFLA_IPTUN_FAN_MAP]) ++ return 0; + +-err_check: +- if (parms->iph.daddr && net) ++ if (parms->iph.daddr) + return -EINVAL; + +- t->fan.underlay = net; ++ nla_for_each_nested(attr, data[IFLA_IPTUN_FAN_MAP], rem) { ++ map = nla_data(attr); ++ rv = ipip_fan_set_map(t, map); ++ if (rv) ++ return rv; ++ } + + return 0; + } +@@ -500,8 +556,8 @@ static size_t ipip_get_size(const struct net_device *dev) + nla_total_size(2) + + /* IFLA_IPTUN_ENCAP_DPORT */ + nla_total_size(2) + +- /* IFLA_IPTUN_FAN_UNDERLAY */ +- nla_total_size(4) + ++ /* IFLA_IPTUN_FAN_MAP */ ++ nla_total_size(sizeof(struct ip_tunnel_fan_map)) * 256 + + 0; + } + +@@ -529,10 +585,28 @@ static int ipip_fill_info(struct sk_buff *skb, const struct net_device *dev) + tunnel->encap.flags)) + goto nla_put_failure; + +- if (tunnel->fan.underlay) +- if (nla_put_be32(skb, IFLA_IPTUN_FAN_UNDERLAY, +- htonl(tunnel->fan.underlay))) ++ if (tunnel->parms.i_flags & TUNNEL_FAN) { ++ struct nlattr *fan_nest; ++ int i; ++ ++ fan_nest = nla_nest_start(skb, IFLA_IPTUN_FAN_MAP); ++ if (!fan_nest) + goto nla_put_failure; ++ for (i = 0; i < 256; i++) { ++ if (tunnel->fan.map[i]) { ++ struct ip_tunnel_fan_map map; ++ ++ map.underlay = htonl(tunnel->fan.map[i]); ++ map.underlay_prefix = 16; ++ map.overlay = htonl(i << 24); ++ map.overlay_prefix = 8; ++ if (nla_put(skb, IFLA_FAN_MAPPING, ++ sizeof(map), &map)) ++ goto nla_put_failure; ++ } ++ } ++ nla_nest_end(skb, fan_nest); ++ } + + return 0; + +@@ -553,7 +627,7 @@ static const struct nla_policy ipip_policy[IFLA_IPTUN_MAX + 1] = { + [IFLA_IPTUN_ENCAP_DPORT] = { .type = NLA_U16 }, + + [__IFLA_IPTUN_VENDOR_BREAK ... IFLA_IPTUN_MAX] = { .type = NLA_BINARY }, +- [IFLA_IPTUN_FAN_UNDERLAY] = { .type = NLA_U32 }, ++ [IFLA_IPTUN_FAN_MAP] = { .type = NLA_NESTED }, + }; + + static struct rtnl_link_ops ipip_link_ops __read_mostly = { +@@ -595,7 +669,7 @@ static struct pernet_operations ipip_net_ops = { + + #ifdef CONFIG_SYSCTL + static struct ctl_table_header *ipip_fan_header; +-static unsigned int ipip_fan_version = 1; ++static unsigned int ipip_fan_version = 3; + + static struct ctl_table ipip_fan_sysctls[] = { + { +-- +2.4.1 + diff --git a/pkgs/os-specific/linux/kernel/ubuntu-fan-4.patch b/pkgs/os-specific/linux/kernel/ubuntu-fan-4.patch new file mode 100644 index 00000000000..0050af6c252 --- /dev/null +++ b/pkgs/os-specific/linux/kernel/ubuntu-fan-4.patch @@ -0,0 +1,616 @@ +From f3c956096902669c3529cb01d40deb0c759ed94f Mon Sep 17 00:00:00 2001 +From: Jay Vosburgh <jay.vosburgh@canonical.com> +Date: Wed, 1 Apr 2015 16:11:09 -0700 +Subject: [PATCH] UBUNTU: SAUCE: fan: Proof of concept implementation (v2) + +Modification to ipip tunnel driver to accept a new netlink option, +IFLA_IPTUN_FAN_UNDERLAY, which provides a /16 network prefix and enables +TX side destination address remapping for traffic entering the tunnel +(to be encapsulated). + +For an overlay (inner) address Y.A.B.C, the transformation is F.G.A.B, +where "F" and "G" are the first two octets of the underlay network (the +network portion of a /16), "A" and "B" are the low order two octets of the +underlay network host (the host portion of a /16), and "Y" is a configured +first octet of the overlay network. + +E.g., underlay host 10.88.3.4 with an overlay of 99 would host overlay +subnet 99.3.4.0/24. An overlay network datagram from 99.3.4.5 to 99.6.7.8 +would be directed to underlay host 10.88.6.7, which hosts overlay network +99.6.7.0/24. + +Includes net.fan.version sysctl as a sentinel for availability of the +fan functionality. + +NOTE: this requires an updated iproute2 to facilitate configuration of +the fan. + +BugLink: http://bugs.launchpad.net/bugs/1439706 +Signed-off-by: Jay Vosburgh <jay.vosburgh@canonical.com> +[apw@canonical.com: move IFLA_IPTUN_FAN_UNDERLAY up to avoid clashing + with future feature additions.] +Signed-off-by: Andy Whitcroft <apw@canonical.com> +--- + include/net/ip_tunnels.h | 6 +++ + include/uapi/linux/if_tunnel.h | 4 ++ + net/ipv4/ipip.c | 112 +++++++++++++++++++++++++++++++++++++++-- + 3 files changed, 117 insertions(+), 5 deletions(-) + +diff --git a/include/net/ip_tunnels.h b/include/net/ip_tunnels.h +index 25a59eb..d7eada2 100644 +--- a/include/net/ip_tunnels.h ++++ b/include/net/ip_tunnels.h +@@ -51,6 +51,11 @@ struct ip_tunnel_dst { + __be32 saddr; + }; + ++/* Underlay address prefix for ipip fan mode */ ++struct ip_tunnel_fan { ++ u32 underlay; ++}; ++ + struct ip_tunnel { + struct ip_tunnel __rcu *next; + struct hlist_node hash_node; +@@ -82,6 +87,7 @@ struct ip_tunnel { + #endif + struct ip_tunnel_prl_entry __rcu *prl; /* potential router list */ + unsigned int prl_count; /* # of entries in PRL */ ++ struct ip_tunnel_fan fan; + int ip_tnl_net_id; + struct gro_cells gro_cells; + }; +diff --git a/include/uapi/linux/if_tunnel.h b/include/uapi/linux/if_tunnel.h +index bd3cc11..8f7d269 100644 +--- a/include/uapi/linux/if_tunnel.h ++++ b/include/uapi/linux/if_tunnel.h +@@ -57,6 +57,10 @@ enum { + IFLA_IPTUN_ENCAP_FLAGS, + IFLA_IPTUN_ENCAP_SPORT, + IFLA_IPTUN_ENCAP_DPORT, ++ ++ __IFLA_IPTUN_VENDOR_BREAK, /* Ensure new entries do not hit the below. */ ++ IFLA_IPTUN_FAN_UNDERLAY=32, ++ + __IFLA_IPTUN_MAX, + }; + #define IFLA_IPTUN_MAX (__IFLA_IPTUN_MAX - 1) +diff --git a/net/ipv4/ipip.c b/net/ipv4/ipip.c +index 40403114..e3c27cd 100644 +--- a/net/ipv4/ipip.c ++++ b/net/ipv4/ipip.c +@@ -209,13 +209,38 @@ drop: + } + + /* ++ * Determine fan tunnel endpoint to send packet to, based on the inner IP ++ * address. For an overlay (inner) address Y.A.B.C, the transformation is ++ * F.G.A.B, where "F" and "G" are the first two octets of the underlay ++ * network (the network portion of a /16), "A" and "B" are the low order ++ * two octets of the underlay network host (the host portion of a /16), ++ * and "Y" is a configured first octet of the overlay network. ++ * ++ * E.g., underlay host 10.88.3.4 with an overlay of 99 would host overlay ++ * subnet 99.3.4.0/24. An overlay network datagram from 99.3.4.5 to ++ * 99.6.7.8, would be directed to underlay host 10.88.6.7, which hosts ++ * overlay network 99.6.7.0/24. ++ */ ++static void ipip_build_fan_iphdr(struct ip_tunnel *tunnel, struct sk_buff *skb, struct iphdr *iph) ++{ ++ u32 daddr; ++ ++ *iph = tunnel->parms.iph; ++ ++ daddr = ntohl(ip_hdr(skb)->daddr); ++ iph->daddr = htonl((tunnel->fan.underlay & 0xffff0000) | ++ ((daddr >> 8) & 0x0000ffff)); ++} ++ ++/* + * This function assumes it is being called from dev_queue_xmit() + * and that skb is filled properly by that function. + */ + static netdev_tx_t ipip_tunnel_xmit(struct sk_buff *skb, struct net_device *dev) + { + struct ip_tunnel *tunnel = netdev_priv(dev); +- const struct iphdr *tiph = &tunnel->parms.iph; ++ const struct iphdr *tiph; ++ struct iphdr fiph; + + if (unlikely(skb->protocol != htons(ETH_P_IP))) + goto tx_error; +@@ -224,6 +249,13 @@ static netdev_tx_t ipip_tunnel_xmit(struct sk_buff *skb, struct net_device *dev) + if (IS_ERR(skb)) + goto out; + ++ if (tunnel->fan.underlay) { ++ ipip_build_fan_iphdr(tunnel, skb, &fiph); ++ tiph = &fiph; ++ } else { ++ tiph = &tunnel->parms.iph; ++ } ++ + skb_set_inner_ipproto(skb, IPPROTO_IPIP); + + ip_tunnel_xmit(skb, dev, tiph, tiph->protocol); +@@ -377,21 +409,44 @@ static bool ipip_netlink_encap_parms(struct nlattr *data[], + return ret; + } + ++static int ipip_netlink_fan(struct nlattr *data[], struct ip_tunnel *t, ++ struct ip_tunnel_parm *parms) ++{ ++ u32 net = t->fan.underlay; ++ ++ if (!data[IFLA_IPTUN_FAN_UNDERLAY]) ++ goto err_check; ++ ++ net = ntohl(nla_get_be32(data[IFLA_IPTUN_FAN_UNDERLAY])) & 0xffff0000; ++ ++err_check: ++ if (parms->iph.daddr && net) ++ return -EINVAL; ++ ++ t->fan.underlay = net; ++ ++ return 0; ++} ++ + static int ipip_newlink(struct net *src_net, struct net_device *dev, + struct nlattr *tb[], struct nlattr *data[]) + { + struct ip_tunnel_parm p; + struct ip_tunnel_encap ipencap; ++ struct ip_tunnel *t = netdev_priv(dev); ++ int err; + + if (ipip_netlink_encap_parms(data, &ipencap)) { +- struct ip_tunnel *t = netdev_priv(dev); +- int err = ip_tunnel_encap_setup(t, &ipencap); ++ err = ip_tunnel_encap_setup(t, &ipencap); + + if (err < 0) + return err; + } + + ipip_netlink_parms(data, &p); ++ err = ipip_netlink_fan(data, t, &p); ++ if (err < 0) ++ return err; + return ip_tunnel_newlink(dev, tb, &p); + } + +@@ -400,16 +455,20 @@ static int ipip_changelink(struct net_device *dev, struct nlattr *tb[], + { + struct ip_tunnel_parm p; + struct ip_tunnel_encap ipencap; ++ struct ip_tunnel *t = netdev_priv(dev); ++ int err; + + if (ipip_netlink_encap_parms(data, &ipencap)) { +- struct ip_tunnel *t = netdev_priv(dev); +- int err = ip_tunnel_encap_setup(t, &ipencap); ++ err = ip_tunnel_encap_setup(t, &ipencap); + + if (err < 0) + return err; + } + + ipip_netlink_parms(data, &p); ++ err = ipip_netlink_fan(data, t, &p); ++ if (err < 0) ++ return err; + + if (((dev->flags & IFF_POINTOPOINT) && !p.iph.daddr) || + (!(dev->flags & IFF_POINTOPOINT) && p.iph.daddr)) +@@ -441,6 +500,8 @@ static size_t ipip_get_size(const struct net_device *dev) + nla_total_size(2) + + /* IFLA_IPTUN_ENCAP_DPORT */ + nla_total_size(2) + ++ /* IFLA_IPTUN_FAN_UNDERLAY */ ++ nla_total_size(4) + + 0; + } + +@@ -468,6 +529,11 @@ static int ipip_fill_info(struct sk_buff *skb, const struct net_device *dev) + tunnel->encap.flags)) + goto nla_put_failure; + ++ if (tunnel->fan.underlay) ++ if (nla_put_be32(skb, IFLA_IPTUN_FAN_UNDERLAY, ++ htonl(tunnel->fan.underlay))) ++ goto nla_put_failure; ++ + return 0; + + nla_put_failure: +@@ -485,6 +551,9 @@ static const struct nla_policy ipip_policy[IFLA_IPTUN_MAX + 1] = { + [IFLA_IPTUN_ENCAP_FLAGS] = { .type = NLA_U16 }, + [IFLA_IPTUN_ENCAP_SPORT] = { .type = NLA_U16 }, + [IFLA_IPTUN_ENCAP_DPORT] = { .type = NLA_U16 }, ++ ++ [__IFLA_IPTUN_VENDOR_BREAK ... IFLA_IPTUN_MAX] = { .type = NLA_BINARY }, ++ [IFLA_IPTUN_FAN_UNDERLAY] = { .type = NLA_U32 }, + }; + + static struct rtnl_link_ops ipip_link_ops __read_mostly = { +@@ -524,6 +593,23 @@ static struct pernet_operations ipip_net_ops = { + .size = sizeof(struct ip_tunnel_net), + }; + ++#ifdef CONFIG_SYSCTL ++static struct ctl_table_header *ipip_fan_header; ++static unsigned int ipip_fan_version = 1; ++ ++static struct ctl_table ipip_fan_sysctls[] = { ++ { ++ .procname = "version", ++ .data = &ipip_fan_version, ++ .maxlen = sizeof(ipip_fan_version), ++ .mode = 0444, ++ .proc_handler = proc_dointvec, ++ }, ++ {}, ++}; ++ ++#endif /* CONFIG_SYSCTL */ ++ + static int __init ipip_init(void) + { + int err; +@@ -542,9 +628,22 @@ static int __init ipip_init(void) + if (err < 0) + goto rtnl_link_failed; + ++#ifdef CONFIG_SYSCTL ++ ipip_fan_header = register_net_sysctl(&init_net, "net/fan", ++ ipip_fan_sysctls); ++ if (!ipip_fan_header) { ++ err = -ENOMEM; ++ goto sysctl_failed; ++ } ++#endif /* CONFIG_SYSCTL */ ++ + out: + return err; + ++#ifdef CONFIG_SYSCTL ++sysctl_failed: ++ rtnl_link_unregister(&ipip_link_ops); ++#endif /* CONFIG_SYSCTL */ + rtnl_link_failed: + xfrm4_tunnel_deregister(&ipip_handler, AF_INET); + xfrm_tunnel_failed: +@@ -554,6 +653,9 @@ xfrm_tunnel_failed: + + static void __exit ipip_fini(void) + { ++#ifdef CONFIG_SYSCTL ++ unregister_net_sysctl_table(ipip_fan_header); ++#endif /* CONFIG_SYSCTL */ + rtnl_link_unregister(&ipip_link_ops); + if (xfrm4_tunnel_deregister(&ipip_handler, AF_INET)) + pr_info("%s: can't deregister tunnel\n", __func__); +-- +2.4.1 + +From 4ea8011656dfdd76e7a2391bdad47c06f85a9d02 Mon Sep 17 00:00:00 2001 +From: Andy Whitcroft <apw@canonical.com> +Date: Tue, 21 Jul 2015 16:52:10 +0100 +Subject: [PATCH] UBUNTU: SAUCE: fan: tunnel multiple mapping mode (v3) + +Switch to a single tunnel for all mappings, this removes the limitations +on how many mappings each tunnel can handle, and therefore how many Fan +slices each local address may hold. + +NOTE: This introduces a new kernel netlink interface which needs updated +iproute2 support. + +BugLink: http://bugs.launchpad.net/bugs/1470091 +Signed-off-by: Jay Vosburgh <jay.vosburgh@canonical.com> +Signed-off-by: Andy Whitcroft <apw@canonical.com> +Acked-by: Tim Gardner <tim.gardner@canonical.com> +Acked-by: Brad Figg <brad.figg@canonical.com> +Signed-off-by: Brad Figg <brad.figg@canonical.com> +--- + include/net/ip_tunnels.h | 14 ++++- + include/uapi/linux/if_tunnel.h | 20 ++++++- + net/ipv4/ip_tunnel.c | 7 ++- + net/ipv4/ipip.c | 120 +++++++++++++++++++++++++++++++++-------- + 4 files changed, 133 insertions(+), 28 deletions(-) + +diff --git a/include/net/ip_tunnels.h b/include/net/ip_tunnels.h +index d7eada2..2f7bc8c 100644 +--- a/include/net/ip_tunnels.h ++++ b/include/net/ip_tunnels.h +@@ -51,9 +51,18 @@ struct ip_tunnel_dst { + __be32 saddr; + }; + +-/* Underlay address prefix for ipip fan mode */ ++/* A fan overlay /8 (250.0.0.0/8, for example) maps to exactly one /16 ++ * underlay (10.88.0.0/16, for example). Multiple local addresses within ++ * the /16 may be used, but a particular overlay may not span ++ * multiple underlay subnets. ++ * ++ * We store one underlay, indexed by the overlay's high order octet. ++ */ ++#define FAN_OVERLAY_CNT 256 ++ + struct ip_tunnel_fan { +- u32 underlay; ++/* u32 __rcu *map;*/ ++ u32 map[FAN_OVERLAY_CNT]; + }; + + struct ip_tunnel { +@@ -104,6 +113,7 @@ struct ip_tunnel { + #define TUNNEL_OAM __cpu_to_be16(0x0200) + #define TUNNEL_CRIT_OPT __cpu_to_be16(0x0400) + #define TUNNEL_GENEVE_OPT __cpu_to_be16(0x0800) + #define TUNNEL_VXLAN_OPT __cpu_to_be16(0x1000) ++#define TUNNEL_FAN __cpu_to_be16(0x4000) + + #define TUNNEL_OPTIONS_PRESENT (TUNNEL_GENEVE_OPT | TUNNEL_VXLAN_OPT) +diff --git a/include/uapi/linux/if_tunnel.h b/include/uapi/linux/if_tunnel.h +index 8f7d269..9625934 100644 +--- a/include/uapi/linux/if_tunnel.h ++++ b/include/uapi/linux/if_tunnel.h +@@ -58,8 +58,8 @@ enum { + IFLA_IPTUN_ENCAP_SPORT, + IFLA_IPTUN_ENCAP_DPORT, + +- __IFLA_IPTUN_VENDOR_BREAK, /* Ensure new entries do not hit the below. */ +- IFLA_IPTUN_FAN_UNDERLAY=32, ++ __IFLA_IPTUN_VENDOR_BREAK, /* Ensure new entries do not hit the below. */ ++ IFLA_IPTUN_FAN_MAP = 33, + + __IFLA_IPTUN_MAX, + }; +@@ -135,4 +135,20 @@ enum { + }; + + #define IFLA_VTI_MAX (__IFLA_VTI_MAX - 1) ++ ++enum { ++ IFLA_FAN_UNSPEC, ++ IFLA_FAN_MAPPING, ++ __IFLA_FAN_MAX, ++}; ++ ++#define IFLA_FAN_MAX (__IFLA_FAN_MAX - 1) ++ ++struct ip_tunnel_fan_map { ++ __be32 underlay; ++ __be32 overlay; ++ __u16 underlay_prefix; ++ __u16 overlay_prefix; ++}; ++ + #endif /* _UAPI_IF_TUNNEL_H_ */ +diff --git a/net/ipv4/ip_tunnel.c b/net/ipv4/ip_tunnel.c +index d3e4479..60bd10f 100644 +--- a/net/ipv4/ip_tunnel.c ++++ b/net/ipv4/ip_tunnel.c +@@ -1078,6 +1078,11 @@ out: + } + EXPORT_SYMBOL_GPL(ip_tunnel_newlink); + ++static int ip_tunnel_is_fan(struct ip_tunnel *tunnel) ++{ ++ return tunnel->parms.i_flags & TUNNEL_FAN; ++} ++ + int ip_tunnel_changelink(struct net_device *dev, struct nlattr *tb[], + struct ip_tunnel_parm *p) + { +@@ -1087,7 +1092,7 @@ int ip_tunnel_changelink(struct net_device *dev, struct nlattr *tb[], + struct ip_tunnel_net *itn = net_generic(net, tunnel->ip_tnl_net_id); + + if (dev == itn->fb_tunnel_dev) +- return -EINVAL; ++ return ip_tunnel_is_fan(tunnel) ? 0 : -EINVAL; + + t = ip_tunnel_find(itn, p, dev->type); + +diff --git a/net/ipv4/ipip.c b/net/ipv4/ipip.c +index e3c27cd..d6ebc66 100644 +--- a/net/ipv4/ipip.c ++++ b/net/ipv4/ipip.c +@@ -107,6 +107,7 @@ + #include <linux/init.h> + #include <linux/netfilter_ipv4.h> + #include <linux/if_ether.h> ++#include <linux/inetdevice.h> + + #include <net/sock.h> + #include <net/ip.h> +@@ -208,6 +209,11 @@ drop: + return 0; + } + ++static int ipip_tunnel_is_fan(struct ip_tunnel *tunnel) ++{ ++ return tunnel->parms.i_flags & TUNNEL_FAN; ++} ++ + /* + * Determine fan tunnel endpoint to send packet to, based on the inner IP + * address. For an overlay (inner) address Y.A.B.C, the transformation is +@@ -221,15 +227,20 @@ drop: + * 99.6.7.8, would be directed to underlay host 10.88.6.7, which hosts + * overlay network 99.6.7.0/24. + */ +-static void ipip_build_fan_iphdr(struct ip_tunnel *tunnel, struct sk_buff *skb, struct iphdr *iph) ++static int ipip_build_fan_iphdr(struct ip_tunnel *tunnel, struct sk_buff *skb, struct iphdr *iph) + { +- u32 daddr; +- +- *iph = tunnel->parms.iph; ++ unsigned int overlay; ++ u32 daddr, underlay; + + daddr = ntohl(ip_hdr(skb)->daddr); +- iph->daddr = htonl((tunnel->fan.underlay & 0xffff0000) | +- ((daddr >> 8) & 0x0000ffff)); ++ overlay = daddr >> 24; ++ underlay = tunnel->fan.map[overlay]; ++ if (!underlay) ++ return -EINVAL; ++ ++ *iph = tunnel->parms.iph; ++ iph->daddr = htonl(underlay | ((daddr >> 8) & 0x0000ffff)); ++ return 0; + } + + /* +@@ -249,8 +260,9 @@ static netdev_tx_t ipip_tunnel_xmit(struct sk_buff *skb, struct net_device *dev) + if (IS_ERR(skb)) + goto out; + +- if (tunnel->fan.underlay) { +- ipip_build_fan_iphdr(tunnel, skb, &fiph); ++ if (ipip_tunnel_is_fan(tunnel)) { ++ if (ipip_build_fan_iphdr(tunnel, skb, &fiph)) ++ goto tx_error; + tiph = &fiph; + } else { + tiph = &tunnel->parms.iph; +@@ -409,21 +421,65 @@ static bool ipip_netlink_encap_parms(struct nlattr *data[], + return ret; + } + ++static void ipip_fan_free_map(struct ip_tunnel *t) ++{ ++ memset(&t->fan.map, 0, sizeof(t->fan.map)); ++} ++ ++static int ipip_fan_set_map(struct ip_tunnel *t, struct ip_tunnel_fan_map *map) ++{ ++ u32 overlay, overlay_mask, underlay, underlay_mask; ++ ++ if ((map->underlay_prefix && map->underlay_prefix != 16) || ++ (map->overlay_prefix && map->overlay_prefix != 8)) ++ return -EINVAL; ++ ++ overlay = ntohl(map->overlay); ++ overlay_mask = ntohl(inet_make_mask(map->overlay_prefix)); ++ ++ underlay = ntohl(map->underlay); ++ underlay_mask = ntohl(inet_make_mask(map->underlay_prefix)); ++ ++ if ((overlay & ~overlay_mask) || (underlay & ~underlay_mask)) ++ return -EINVAL; ++ ++ if (!(overlay & overlay_mask) && (underlay & underlay_mask)) ++ return -EINVAL; ++ ++ t->parms.i_flags |= TUNNEL_FAN; ++ ++ /* Special case: overlay 0 and underlay 0 clears all mappings */ ++ if (!overlay && !underlay) { ++ ipip_fan_free_map(t); ++ return 0; ++ } ++ ++ overlay >>= (32 - map->overlay_prefix); ++ t->fan.map[overlay] = underlay; ++ ++ return 0; ++} ++ ++ + static int ipip_netlink_fan(struct nlattr *data[], struct ip_tunnel *t, + struct ip_tunnel_parm *parms) + { +- u32 net = t->fan.underlay; +- +- if (!data[IFLA_IPTUN_FAN_UNDERLAY]) +- goto err_check; ++ struct ip_tunnel_fan_map *map; ++ struct nlattr *attr; ++ int rem, rv; + +- net = ntohl(nla_get_be32(data[IFLA_IPTUN_FAN_UNDERLAY])) & 0xffff0000; ++ if (!data[IFLA_IPTUN_FAN_MAP]) ++ return 0; + +-err_check: +- if (parms->iph.daddr && net) ++ if (parms->iph.daddr) + return -EINVAL; + +- t->fan.underlay = net; ++ nla_for_each_nested(attr, data[IFLA_IPTUN_FAN_MAP], rem) { ++ map = nla_data(attr); ++ rv = ipip_fan_set_map(t, map); ++ if (rv) ++ return rv; ++ } + + return 0; + } +@@ -500,8 +556,8 @@ static size_t ipip_get_size(const struct net_device *dev) + nla_total_size(2) + + /* IFLA_IPTUN_ENCAP_DPORT */ + nla_total_size(2) + +- /* IFLA_IPTUN_FAN_UNDERLAY */ +- nla_total_size(4) + ++ /* IFLA_IPTUN_FAN_MAP */ ++ nla_total_size(sizeof(struct ip_tunnel_fan_map)) * 256 + + 0; + } + +@@ -529,10 +585,28 @@ static int ipip_fill_info(struct sk_buff *skb, const struct net_device *dev) + tunnel->encap.flags)) + goto nla_put_failure; + +- if (tunnel->fan.underlay) +- if (nla_put_be32(skb, IFLA_IPTUN_FAN_UNDERLAY, +- htonl(tunnel->fan.underlay))) ++ if (tunnel->parms.i_flags & TUNNEL_FAN) { ++ struct nlattr *fan_nest; ++ int i; ++ ++ fan_nest = nla_nest_start(skb, IFLA_IPTUN_FAN_MAP); ++ if (!fan_nest) + goto nla_put_failure; ++ for (i = 0; i < 256; i++) { ++ if (tunnel->fan.map[i]) { ++ struct ip_tunnel_fan_map map; ++ ++ map.underlay = htonl(tunnel->fan.map[i]); ++ map.underlay_prefix = 16; ++ map.overlay = htonl(i << 24); ++ map.overlay_prefix = 8; ++ if (nla_put(skb, IFLA_FAN_MAPPING, ++ sizeof(map), &map)) ++ goto nla_put_failure; ++ } ++ } ++ nla_nest_end(skb, fan_nest); ++ } + + return 0; + +@@ -553,7 +627,7 @@ static const struct nla_policy ipip_policy[IFLA_IPTUN_MAX + 1] = { + [IFLA_IPTUN_ENCAP_DPORT] = { .type = NLA_U16 }, + + [__IFLA_IPTUN_VENDOR_BREAK ... IFLA_IPTUN_MAX] = { .type = NLA_BINARY }, +- [IFLA_IPTUN_FAN_UNDERLAY] = { .type = NLA_U32 }, ++ [IFLA_IPTUN_FAN_MAP] = { .type = NLA_NESTED }, + }; + + static struct rtnl_link_ops ipip_link_ops __read_mostly = { +@@ -595,7 +669,7 @@ static struct pernet_operations ipip_net_ops = { + + #ifdef CONFIG_SYSCTL + static struct ctl_table_header *ipip_fan_header; +-static unsigned int ipip_fan_version = 1; ++static unsigned int ipip_fan_version = 3; + + static struct ctl_table ipip_fan_sysctls[] = { + { +-- +2.4.1 + diff --git a/pkgs/os-specific/linux/kernel/ubuntu-unprivileged-overlayfs.patch b/pkgs/os-specific/linux/kernel/ubuntu-unprivileged-overlayfs.patch new file mode 100644 index 00000000000..cfa8009e71e --- /dev/null +++ b/pkgs/os-specific/linux/kernel/ubuntu-unprivileged-overlayfs.patch @@ -0,0 +1,69 @@ +From 7415cb7b31569e9266229d4ebc79ccec4841ab04 Mon Sep 17 00:00:00 2001 +From: Serge Hallyn <serge.hallyn@ubuntu.com> +Date: Fri, 7 Feb 2014 09:32:46 -0600 +Subject: [PATCH] UBUNTU: SAUCE: Overlayfs: allow unprivileged mounts + +Unprivileged mounting, here, refers to root in a non-initial user +namespace performing the mount. In particular, it requires +CAP_SYS_ADMIN toward the task's mounts namespace, alleviating +the concerns of manipulating mount environment for setuid-root +binaries on the host. + +We refuse unprivileged mounting of most filesystem types because +we do not trust the in-kernel superblock parsers to correctly +handle malicious input. + +However, overlayfs does not parse any user-provided data other +than the pathnames passed in. Therefore unprivileged mounting +of overlayfs should be safe. + +Allowing unprivileged mounting of overlayfs filesystems would +allow Ubuntu Trusty users to create overlayfs-based container +snapshots, which would be a huge usability improvement. + +This patch enables unprivileged mounting of overlayfs. + +I tested a few simple combinations, and found that, when +doing (the equivalent of) + +mount -t overlayfs -oupperdir=u,lowerdir=l l t + +(u for upper, l for lower, t for target), + +1. overlayfs mount is always allowed, regardless of ownership +of u, l, or t. However + +2. Creation of new files is allowed so long as u is owned by + T. Otherwise, regardless of ownerships of l and t it is + denied. (This is expected; t was the mountpoint and + 'disapears', so its ownership is irrelevant) + +3. modification of a file 'hithere' which is in l but not yet + in u, and which is not owned by T, is not allowed, even if + writes to u are allowed. This may be a bug in overlayfs, + but it is safe behavior. It also will not cause a problem + for lxc since lxc will ensure that files are mapped into T's + namespace. + +Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com> +Signed-off-by: Tim Gardner <tim.gardner@canonical.com> +Signed-off-by: Andy Whitcroft <apw@canonical.com> +--- + fs/overlayfs/super.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/fs/overlayfs/super.c b/fs/overlayfs/super.c +index 9473e79..50890c2 100644 +--- a/fs/overlayfs/super.c ++++ b/fs/overlayfs/super.c +@@ -668,6 +668,7 @@ static struct file_system_type ovl_fs_type = { + .name = "overlayfs", + .mount = ovl_mount, + .kill_sb = kill_anon_super, ++ .fs_flags = FS_USERNS_MOUNT, + }; + MODULE_ALIAS_FS("overlayfs"); + +-- +2.1.0.rc1 + diff --git a/pkgs/os-specific/linux/kexectools/default.nix b/pkgs/os-specific/linux/kexectools/default.nix index f26c72bd6e5..483cdef079d 100644 --- a/pkgs/os-specific/linux/kexectools/default.nix +++ b/pkgs/os-specific/linux/kexectools/default.nix @@ -1,16 +1,18 @@ { stdenv, fetchurl, zlib }: +let version = "2.0.10"; in stdenv.mkDerivation rec { - name = "kexec-tools-2.0.9"; + name = "kexec-tools-${version}"; src = fetchurl { url = "http://horms.net/projects/kexec/kexec-tools/${name}.tar.xz"; - sha256 = "0wag8pxn13i0j91x2bszpmi5i88xnndcmqz1w5a0jdbnxff4mqwa"; + sha256 = "18x134nj37j1rshn5hxbyhdcv9kk5sfshs72alkip1icf54l2gp2"; }; buildInputs = [ zlib ]; meta = with stdenv.lib; { + inherit version; homepage = http://horms.net/projects/kexec/kexec-tools; description = "Tools related to the kexec Linux feature"; platforms = with platforms; linux; diff --git a/pkgs/os-specific/linux/kmod-debian-aliases/default.nix b/pkgs/os-specific/linux/kmod-debian-aliases/default.nix new file mode 100644 index 00000000000..13fe500286d --- /dev/null +++ b/pkgs/os-specific/linux/kmod-debian-aliases/default.nix @@ -0,0 +1,23 @@ +{ stdenv, fetchurl, lib }: +let + version = "21-1"; +in +stdenv.mkDerivation { + name = "kmod-debian-aliases-${version}.conf"; + + src = fetchurl { + url = "mirror://debian/pool/main/k/kmod/kmod_${version}.debian.tar.xz"; + sha256 = "1abpf8g3yx972by2xpmz6dwwyc1pgh6gjbvrivmrsws69vs0xjsy"; + }; + + installPhase = '' + patch -i patches/aliases_conf + cp aliases.conf $out + ''; + + meta = { + homepage = https://packages.debian.org/source/sid/kmod; + description = "Linux configuration file for modprobe"; + maintainers = with lib.maintainers; [ mathnerd314 ]; + }; +} diff --git a/pkgs/os-specific/linux/kmod/default.nix b/pkgs/os-specific/linux/kmod/default.nix index 1d190be71b8..45ca5d0d21d 100644 --- a/pkgs/os-specific/linux/kmod/default.nix +++ b/pkgs/os-specific/linux/kmod/default.nix @@ -1,11 +1,11 @@ { stdenv, fetchurl, xz, zlib, pkgconfig, libxslt }: stdenv.mkDerivation rec { - name = "kmod-20"; + name = "kmod-21"; src = fetchurl { url = "mirror://kernel/linux/utils/kernel/kmod/${name}.tar.xz"; - sha256 = "186sz8b82n02yykza6a1q8fk80fl5gx0nr42wpmzjc9w36ia3hc9"; + sha256 = "1h4m1mkknxcshsz1qbg9riszmynix2ikg7q8inq7bkvlmx4982hn"; }; # Disable xz/zlib support to prevent needing them in the initrd. @@ -27,7 +27,6 @@ stdenv.mkDerivation rec { meta = { homepage = http://www.kernel.org/pub/linux/utils/kernel/kmod/; description = "Tools for loading and managing Linux kernel modules"; - maintainers = [ stdenv.lib.maintainers.shlevy ]; platforms = stdenv.lib.platforms.linux; }; } diff --git a/pkgs/os-specific/linux/kmscon/default.nix b/pkgs/os-specific/linux/kmscon/default.nix index 4f9b872ce1c..ed2cb76e820 100644 --- a/pkgs/os-specific/linux/kmscon/default.nix +++ b/pkgs/os-specific/linux/kmscon/default.nix @@ -44,7 +44,6 @@ stdenv.mkDerivation rec { description = "KMS/DRM based System Console"; homepage = "http://www.freedesktop.org/wiki/Software/kmscon/"; license = stdenv.lib.licenses.mit; - maintainers = [ stdenv.lib.maintainers.shlevy ]; platforms = stdenv.lib.platforms.linux; }; } diff --git a/pkgs/os-specific/linux/ktap/default.nix b/pkgs/os-specific/linux/ktap/default.nix deleted file mode 100644 index 2cb4f60f75b..00000000000 --- a/pkgs/os-specific/linux/ktap/default.nix +++ /dev/null @@ -1,34 +0,0 @@ -{ stdenv, fetchgit, kernel, useFFI ? false }: - -assert builtins.substring 0 4 kernel.version != "3.18"; - -let - ffiArgs = stdenv.lib.optionalString useFFI "FFI=1"; -in -stdenv.mkDerivation rec { - name = "ktap-${version}"; - version = "0.5-e7a38ef0"; - src = fetchgit { - url = "https://github.com/ktap/ktap.git"; - rev = "e7a38ef06bec9a651c9e8bdb3ad66a104210d475"; - sha256 = "07acf20e1926d3afd89b13855154b8cc792c57261e7d3cae2da70cb08844f9c8"; - }; - - buildPhase = '' - make ${ffiArgs} KERNEL_SRC=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build - ''; - - installPhase = '' - mkdir -p $out/sbin - cp ktap $out/sbin - make modules_install KERNEL_SRC=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build INSTALL_MOD_PATH=$out - ''; - - meta = { - description = "A lightweight script-based dynamic tracing tool for Linux"; - homepage = "http://www.ktap.org"; - license = stdenv.lib.licenses.gpl2; - platforms = stdenv.lib.platforms.linux; - maintainers = [ stdenv.lib.maintainers.thoughtpolice ]; - }; -} diff --git a/pkgs/os-specific/linux/libcap-ng/default.nix b/pkgs/os-specific/linux/libcap-ng/default.nix index 3670f06e543..ea54f1a39fd 100644 --- a/pkgs/os-specific/linux/libcap-ng/default.nix +++ b/pkgs/os-specific/linux/libcap-ng/default.nix @@ -1,22 +1,40 @@ -{ stdenv, fetchurl, python }: +{ stdenv, fetchurl, swig ? null, python2 ? null, python3 ? null }: -assert stdenv.isLinux; +assert python2 != null || python3 != null -> swig != null; stdenv.mkDerivation rec { name = "libcap-ng-${version}"; - version = "0.7.3"; + # When updating make sure to test that the version with + # all of the python bindings still works + version = "0.7.7"; src = fetchurl { url = "${meta.homepage}/${name}.tar.gz"; - sha256 = "1cavlcrpqi4imkmagjhw65br8rv2fsbhf68mm3lczr51sg44392w"; + sha256 = "0syhyrixk7fqvwis3k7iddn75g0qxysc1q5fifvzccxk7774jmb1"; }; - buildInputs = [ python ]; # ToDo? optional swig for python bindings + nativeBuildInputs = [ swig ]; + buildInputs = [ python2 python3 ]; - meta = { + postPatch = '' + function get_header() { + echo -e "#include <$1>" | gcc -M -xc - | tr ' ' '\n' | grep "$1" | head -n 1 + } + + # Fix some hardcoding of header paths + sed -i "s,/usr/include/linux/capability.h,$(get_header linux/capability.h),g" bindings/python{,3}/Makefile.in + ''; + + configureFlags = [ + (if python2 != null then "--with-python" else "--without-python") + (if python3 != null then "--with-python3" else "--without-python3") + ]; + + meta = let inherit (stdenv.lib) platforms licenses maintainers; in { description = "Library for working with POSIX capabilities"; homepage = http://people.redhat.com/sgrubb/libcap-ng/; - platforms = stdenv.lib.platforms.linux; - license = stdenv.lib.licenses.lgpl21; + platforms = platforms.linux; + license = licenses.lgpl21; + maintainers = with maintainers; [ wkennington ]; }; } diff --git a/pkgs/os-specific/linux/libcap/default.nix b/pkgs/os-specific/linux/libcap/default.nix index dfcbe61611c..84e363b6824 100644 --- a/pkgs/os-specific/linux/libcap/default.nix +++ b/pkgs/os-specific/linux/libcap/default.nix @@ -1,7 +1,5 @@ { stdenv, fetchurl, attr, perl }: -assert stdenv.isLinux; - stdenv.mkDerivation rec { name = "libcap-${version}"; version = "2.24"; diff --git a/pkgs/os-specific/linux/libnl/default.nix b/pkgs/os-specific/linux/libnl/default.nix index fe844226a64..afd9695420e 100644 --- a/pkgs/os-specific/linux/libnl/default.nix +++ b/pkgs/os-specific/linux/libnl/default.nix @@ -1,16 +1,20 @@ -{stdenv, fetchurl, bison, flex}: +{ stdenv, fetchFromGitHub, autoreconfHook, bison, flex, pkgconfig }: -stdenv.mkDerivation rec { - name = "libnl-3.2.25"; +let version = "3.2.26"; in +stdenv.mkDerivation { + name = "libnl-${version}"; - src = fetchurl { - url = "${meta.homepage}files/${name}.tar.gz"; - sha256 = "1icfrv8yihcb74as1gcgmp0wfpdq632q2zvbvqqvjms9cy87bswb"; + src = fetchFromGitHub { + sha256 = "1cbqdhirn6hxmv8xkm8xp3n6ayyxw7sbi15fym167rdz0h9rkhmm"; + rev = "libnl3_2_26"; + repo = "libnl"; + owner = "thom311"; }; - buildInputs = [ bison flex ]; + nativeBuildInputs = [ autoreconfHook bison flex pkgconfig ]; meta = { + inherit version; homepage = "http://www.infradead.org/~tgr/libnl/"; description = "Linux NetLink interface library"; maintainers = [ stdenv.lib.maintainers.urkud ]; diff --git a/pkgs/os-specific/linux/libselinux/default.nix b/pkgs/os-specific/linux/libselinux/default.nix index 746f49b519d..22ff351e45a 100644 --- a/pkgs/os-specific/linux/libselinux/default.nix +++ b/pkgs/os-specific/linux/libselinux/default.nix @@ -1,5 +1,5 @@ { stdenv, fetchurl, pkgconfig, libsepol, pcre -, enablePython ? false, swig ? null, python ? null +, enablePython ? true, swig ? null, python ? null }: assert enablePython -> swig != null && python != null; @@ -8,31 +8,34 @@ with stdenv.lib; stdenv.mkDerivation rec { name = "libselinux-${version}"; - version = "2.3"; + version = "2.4"; inherit (libsepol) se_release se_url; src = fetchurl { url = "${se_url}/${se_release}/libselinux-${version}.tar.gz"; - sha256 = "1ckpiv6m5c07rp5vawlhv02w5rq8kc0n95fh2ckq2jnqxi1hn7hb"; + sha256 = "0yqg73ns97jwjh1iyv0jr5qxb8k5sqq5ywfkx11lzfn5yj8k0126"; }; buildInputs = [ pkgconfig libsepol pcre ] ++ optionals enablePython [ swig python ]; + NIX_CFLAGS_COMPILE = "-fstack-protector-all -std=gnu89"; + postPatch = optionalString enablePython '' sed -i -e 's|\$(LIBDIR)/libsepol.a|${libsepol}/lib/libsepol.a|' src/Makefile ''; - installFlags = [ "PREFIX=$(out)" "DESTDIR=$(out)" ]; - installTargets = [ "install" ] ++ optional enablePython "install-pywrap"; + preBuild = '' + # Build fails without this precreated + mkdir -p $out/include - # TODO: Figure out why the build incorrectly links libselinux.so - postInstall = '' - rm $out/lib/libselinux.so - ln -s libselinux.so.1 $out/lib/libselinux.so + makeFlagsArray+=("PREFIX=$out") + makeFlagsArray+=("DESTDIR=$out") ''; - meta = { - inherit (libsepol.meta) homepage platforms maintainers; + installTargets = [ "install" ] ++ optional enablePython "install-pywrap"; + + meta = libsepol.meta // { + description = "SELinux core library"; }; } diff --git a/pkgs/os-specific/linux/libsemanage/default.nix b/pkgs/os-specific/linux/libsemanage/default.nix index 599da9e4b3c..c60d96bba78 100644 --- a/pkgs/os-specific/linux/libsemanage/default.nix +++ b/pkgs/os-specific/linux/libsemanage/default.nix @@ -1,25 +1,27 @@ -{ stdenv, fetchurl, libsepol, libselinux, ustr, bzip2, bison, flex, audit }: -stdenv.mkDerivation rec { +{ stdenv, fetchurl, bison, flex, libsepol, libselinux, ustr, bzip2, libaudit }: +stdenv.mkDerivation rec { name = "libsemanage-${version}"; - version = "2.3"; + version = "2.4"; inherit (libsepol) se_release se_url; src = fetchurl { url = "${se_url}/${se_release}/libsemanage-${version}.tar.gz"; - sha256 = "0jrf66df80mvjhrsbxcnb60j69pg4dh2pydy8vj8dhhiwqsrxq03"; + sha256 = "1134ka4mi4387ac5yv68bpp2y7ln5xxhwp07xhqnay0nxzjaqk0s"; }; - makeFlags = "PREFIX=$(out) DESTDIR=$(out)"; + nativeBuildInputs = [ bison flex ]; + buildInputs = [ libsepol libselinux ustr bzip2 libaudit ]; - NIX_CFLAGS_COMPILE = "-fstack-protector-all"; - NIX_CFLAGS_LINK = "-lsepol"; + NIX_CFLAGS_COMPILE = "-fstack-protector-all -std=gnu89"; - buildInputs = [ libsepol libselinux ustr bzip2 bison flex audit ]; + preBuild = '' + makeFlagsArray+=("PREFIX=$out") + makeFlagsArray+=("DESTDIR=$out") + ''; - meta = with stdenv.lib; { - inherit (libsepol.meta) homepage platforms maintainers; + meta = libsepol.meta // { description = "Policy management tools for SELinux"; - license = licenses.lgpl21; + license = stdenv.lib.licenses.lgpl21; }; } diff --git a/pkgs/os-specific/linux/libsepol/default.nix b/pkgs/os-specific/linux/libsepol/default.nix index 29b6d80445a..ecbb2a0ec46 100644 --- a/pkgs/os-specific/linux/libsepol/default.nix +++ b/pkgs/os-specific/linux/libsepol/default.nix @@ -1,22 +1,23 @@ -{ stdenv, fetchurl }: +{ stdenv, fetchurl, flex }: stdenv.mkDerivation rec { name = "libsepol-${version}"; - version = "2.3"; - se_release = "20140506"; + version = "2.4"; + se_release = "20150202"; se_url = "https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases"; src = fetchurl { url = "${se_url}/${se_release}/libsepol-${version}.tar.gz"; - sha256 = "13z6xakc2qqyhlvnc5h53jy7lqmh5b5cnpfn51lmvfdpqd18d3fc"; + sha256 = "0ncnwhpc1gx4hrrb822fqkwy5h75zzngsrfkd5mlqh1jk7aib419"; }; - preBuild = '' makeFlags="$makeFlags PREFIX=$out DESTDIR=$out" ''; + nativeBuildInputs = [ flex ]; - # TODO: Figure out why the build incorrectly links libsepol.so - postInstall = '' - rm $out/lib/libsepol.so - ln -s libsepol.so.1 $out/lib/libsepol.so + NIX_CFLAGS_COMPILE = "-fstack-protector-all"; + + preBuild = '' + makeFlagsArray+=("PREFIX=$out") + makeFlagsArray+=("DESTDIR=$out") ''; passthru = { inherit se_release se_url; }; diff --git a/pkgs/os-specific/linux/lightum/default.nix b/pkgs/os-specific/linux/lightum/default.nix index fea188f8949..62fbecf27d1 100644 --- a/pkgs/os-specific/linux/lightum/default.nix +++ b/pkgs/os-specific/linux/lightum/default.nix @@ -1,7 +1,7 @@ { stdenv, fetchgit, libX11, libXScrnSaver, libXext, glib, dbus, pkgconfig, systemd }: stdenv.mkDerivation { - name = "lightum"; + name = "lightum-2014-06-07"; src = fetchgit { url = https://github.com/poliva/lightum; rev = "123e6babe0669b23d4c1dfa5511088608ff2baa8"; diff --git a/pkgs/os-specific/linux/lockdep/default.nix b/pkgs/os-specific/linux/lockdep/default.nix index 612291e62e4..7765f5f8b9c 100644 --- a/pkgs/os-specific/linux/lockdep/default.nix +++ b/pkgs/os-specific/linux/lockdep/default.nix @@ -2,12 +2,12 @@ stdenv.mkDerivation rec { name = "lockdep-${version}"; - version = "3.19.1"; - fullver = "3.19.1"; + version = "4.1.2"; + fullver = "4.1.2"; src = fetchurl { - url = "mirror://kernel/linux/kernel/v3.x/linux-${version}.tar.xz"; - sha256 = "0qx7vxmlcwr4nvzf4wq0da7xwzqw4b67h9a5rfpxgg9mayk3czvi"; + url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; + sha256 = "1mdyjhnzhh254cblahqmpsk226z006z6sm9dmwvg6jlhpsw4cjhy"; }; preConfigure = "cd tools/lib/lockdep"; diff --git a/pkgs/os-specific/linux/lttng-modules/default.nix b/pkgs/os-specific/linux/lttng-modules/default.nix index 5fe065d3cc6..dc21176fa3c 100644 --- a/pkgs/os-specific/linux/lttng-modules/default.nix +++ b/pkgs/os-specific/linux/lttng-modules/default.nix @@ -1,16 +1,13 @@ -{ stdenv, fetchgit, kernel }: - -assert stdenv.lib.versionAtLeast kernel.version "3.4"; # fails on 3.2 +{ stdenv, fetchurl, kernel }: stdenv.mkDerivation rec { pname = "lttng-modules-${version}"; name = "${pname}-${kernel.version}"; - version = "2.6.0-5-g1b2a542"; + version = "2.6.3"; - src = fetchgit { - url = "https://github.com/lttng/lttng-modules.git"; - rev = "1b2a5429de815c95643df2eadf91253909708728"; - sha256 = "0zccaiadnk0xl6xrqaqlg9rpkwjgbq2fiyc3psylzqimnx0ydxc2"; + src = fetchurl { + url = "http://lttng.org/files/lttng-modules/lttng-modules-${version}.tar.bz2"; + sha256 = "0sk7cyjf5ylmxqrrrz5zmmw4c0dmxh1f98aj870gmcnxfa76y4mx"; }; preConfigure = '' diff --git a/pkgs/os-specific/linux/lvm2/default.nix b/pkgs/os-specific/linux/lvm2/default.nix index 8ebe2b5ed7f..2ec7ff5189d 100644 --- a/pkgs/os-specific/linux/lvm2/default.nix +++ b/pkgs/os-specific/linux/lvm2/default.nix @@ -1,7 +1,7 @@ { stdenv, fetchurl, pkgconfig, udev, utillinux, coreutils, enable_dmeventd ? false }: let - version = "2.02.118"; + version = "2.02.132"; in stdenv.mkDerivation { @@ -9,15 +9,20 @@ stdenv.mkDerivation { src = fetchurl { url = "ftp://sources.redhat.com/pub/lvm2/releases/LVM2.${version}.tgz"; - sha256 = "1ishsibxn1l5fymrrc5fd3z05x1z2zh0y8939wpvwz0qp9rwxazn"; + sha256 = "0ac8izssflj371zzar16965zlia6a6zd97i0n00jxfxssnfa0fj1"; }; - configureFlags = - "--disable-readline --enable-udev_rules --enable-udev_sync --enable-pkgconfig --enable-applib --enable-cmdlib" - + (stdenv.lib.optionalString enable_dmeventd " --enable-dmeventd") - ; + configureFlags = [ + "--disable-readline" + "--enable-udev_rules" + "--enable-udev_sync" + "--enable-pkgconfig" + "--enable-applib" + "--enable-cmdlib" + ] ++ stdenv.lib.optional enable_dmeventd " --enable-dmeventd"; - buildInputs = [ pkgconfig udev ]; + nativeBuildInputs = [ pkgconfig ]; + buildInputs = [ udev ]; preConfigure = '' diff --git a/pkgs/os-specific/linux/lxc/default.nix b/pkgs/os-specific/linux/lxc/default.nix index 9939a552574..72707bb7a8a 100644 --- a/pkgs/os-specific/linux/lxc/default.nix +++ b/pkgs/os-specific/linux/lxc/default.nix @@ -1,7 +1,9 @@ { stdenv, fetchFromGitHub, autoreconfHook, pkgconfig, perl, docbook2x -, docbook_xml_dtd_45, systemd -, libapparmor ? null, gnutls ? null, libseccomp ? null, cgmanager ? null -, libnih ? null, dbus ? null, libcap ? null +, docbook_xml_dtd_45, python3Packages + +# Optional Dependencies +, libapparmor ? null, gnutls ? null, libselinux ? null, libseccomp ? null +, cgmanager ? null, libnih ? null, dbus ? null, libcap ? null, systemd ? null }: let @@ -9,18 +11,21 @@ let in with stdenv.lib; stdenv.mkDerivation rec { - name = "lxc-1.1.1"; + name = "lxc-1.1.3"; src = fetchFromGitHub { owner = "lxc"; repo = "lxc"; rev = name; - sha256 = "04zpznd364862y3dwn97klvwfw9i2b6n1lh4fkci0z74c6z9svql"; + sha256 = "109vpkxzkhixfvwfs6qphfbxb7pbk2qx22qc4zbk52d6gl78ygsb"; }; + nativeBuildInputs = [ + autoreconfHook pkgconfig perl docbook2x python3Packages.wrapPython + ]; buildInputs = [ - autoreconfHook pkgconfig perl docbook2x systemd - libapparmor gnutls libseccomp cgmanager libnih dbus libcap + libapparmor gnutls libselinux libseccomp cgmanager libnih dbus libcap + python3Packages.python systemd ]; patches = [ ./support-db2x.patch ]; @@ -30,28 +35,33 @@ stdenv.mkDerivation rec { configureFlags = [ "--localstatedir=/var" "--sysconfdir=/etc" - "--with-rootfs-path=/var/lib/lxc/rootfs" + "--enable-doc" + "--disable-api-docs" ] ++ optional (libapparmor != null) "--enable-apparmor" - ++ optional (gnutls != null) "--enable-gnutls" + ++ optional (libselinux != null) "--enable-selinux" ++ optional (libseccomp != null) "--enable-seccomp" - ++ optional (enableCgmanager) "--enable-cgmanager" ++ optional (libcap != null) "--enable-capabilities" ++ [ - "--enable-doc" - "--enable-tests" + "--disable-examples" + "--enable-python" + "--disable-lua" + "--enable-bash" + (if doCheck then "--enable-tests" else "--disable-tests") + "--with-rootfs-path=/var/lib/lxc/rootfs" ]; - installFlags = [ "DESTDIR=\${out}" ]; + doCheck = false; - postInstall = '' - mv $out/$out/* $out - DIR=$out/$out - while rmdir $DIR 2>/dev/null; do - DIR="$(dirname "$DIR")" - done + installFlags = [ + "localstatedir=\${TMPDIR}" + "sysconfdir=\${out}/etc" + "sysconfigdir=\${out}/etc/default" + "READMEdir=\${TMPDIR}/var/lib/lxc/rootfs" + "LXCPATH=\${TMPDIR}/var/lib/lxc" + ]; - # Remove the unneeded var/lib directories - rm -rf $out/var + postInstall = '' + wrapPythonPrograms ''; meta = { @@ -68,6 +78,6 @@ stdenv.mkDerivation rec { ''; platforms = platforms.linux; - maintainers = with maintainers; [ simons wkennington ]; + maintainers = with maintainers; [ simons wkennington globin ]; }; } diff --git a/pkgs/os-specific/linux/mbpfan/default.nix b/pkgs/os-specific/linux/mbpfan/default.nix new file mode 100644 index 00000000000..75099e95f90 --- /dev/null +++ b/pkgs/os-specific/linux/mbpfan/default.nix @@ -0,0 +1,30 @@ +{ stdenv, lib, fetchFromGitHub, gnugrep, kmod }: + +stdenv.mkDerivation rec { + name = "mbpfan-${version}"; + version = "1.9.0"; + src = fetchFromGitHub { + owner = "dgraziotin"; + repo = "mbpfan"; + rev = "v${version}"; + sha256 = "15nm1d0a0c0lzxqngrpn2qpsydsmglnn6d20djl7brpsq26j24h9"; + }; + patches = [ ./fixes.patch ]; + postPatch = '' + substituteInPlace src/main.c \ + --replace '@GREP@' '${gnugrep}/bin/grep' \ + --replace '@LSMOD@' '${kmod}/bin/lsmod' + ''; + installPhase = '' + mkdir -p $out/bin $out/etc + cp bin/mbpfan $out/bin + cp mbpfan.conf $out/etc + ''; + meta = with lib; { + description = "Daemon that uses input from coretemp module and sets the fan speed using the applesmc module"; + homepage = "https://github.com/dgraziotin/mbpfan"; + license = licenses.gpl3; + platforms = platforms.linux; + maintainers = with maintainers; [ cstrahan ]; + }; +} diff --git a/pkgs/os-specific/linux/mbpfan/fixes.patch b/pkgs/os-specific/linux/mbpfan/fixes.patch new file mode 100644 index 00000000000..548cce05c35 --- /dev/null +++ b/pkgs/os-specific/linux/mbpfan/fixes.patch @@ -0,0 +1,29 @@ +diff --git a/src/main.c b/src/main.c +index e8af708..6cfee17 100644 +--- a/src/main.c ++++ b/src/main.c +@@ -71,7 +71,7 @@ void check_requirements() + * Check for coretemp and applesmc modules + * Credits: -http://stackoverflow.com/questions/12978794 + */ +- FILE *fd = popen("lsmod | grep coretemp", "r"); ++ FILE *fd = popen("@LSMOD@ | @GREP@ coretemp", "r"); + char buf[16]; + + if (!(fread (buf, 1, sizeof (buf), fd) > 0)) { +@@ -87,7 +87,7 @@ void check_requirements() + + pclose(fd); + +- fd = popen("lsmod | grep applesmc", "r"); ++ fd = popen("@LSMOD@ | @GREP@ applesmc", "r"); + + if (!(fread (buf, 1, sizeof (buf), fd) > 0)) { + DIR* dir = opendir(APPLESMC_PATH); +@@ -145,4 +145,4 @@ int main(int argc, char *argv[]) + void (*fan_control)() = mbpfan; + go_daemon(fan_control); + exit(EXIT_SUCCESS); +-} +\ No newline at end of file ++} diff --git a/pkgs/os-specific/linux/mcelog/default.nix b/pkgs/os-specific/linux/mcelog/default.nix index 342e29a6d2e..f88e4b2fb75 100644 --- a/pkgs/os-specific/linux/mcelog/default.nix +++ b/pkgs/os-specific/linux/mcelog/default.nix @@ -1,11 +1,11 @@ { stdenv, fetchFromGitHub }: -let version = "116"; in +let version = "128"; in stdenv.mkDerivation { name = "mcelog-${version}"; src = fetchFromGitHub { - sha256 = "0nr3b924ardz9c1skna8finrjq22ac2vihp3zck9jixc9d5mvrmf"; + sha256 = "0hm1dmqyh36dig158iyb9fckmvqnd5sgpy1qzj59nsg40pb1vbjs"; rev = "v${version}"; repo = "mcelog"; owner = "andikleen"; @@ -16,15 +16,28 @@ stdenv.mkDerivation { substituteInPlace $i --replace /etc $out/etc done touch mcelog.conf.5 # avoid regeneration requiring Python + + substituteInPlace Makefile --replace '"unknown"' '"${version}"' ''; + enableParallelBuilding = true; + installFlags = "DESTDIR=$(out) prefix= DOCDIR=/share/doc"; meta = with stdenv.lib; { inherit version; - description = "Log machine checks (memory, IO, and CPU hardware errors)"; + description = "Log x86 machine checks: memory, IO, and CPU hardware errors"; + longDescription = '' + The mcelog daemon accounts memory and some other errors in various ways + on modern x86 Linux systems. The daemon can be queried and/or execute + triggers when configurable error thresholds are exceeded. This is used to + implement a range of automatic predictive failure analysis algorithms, + including bad page offlining and automatic cache error handling. All + errors are logged to /var/log/mcelog or syslog or the journal. + ''; homepage = http://mcelog.org/; - license = with licenses; gpl2; + license = licenses.gpl2; + platforms = platforms.linux; maintainers = with maintainers; [ nckx ]; }; } diff --git a/pkgs/os-specific/linux/mdadm/default.nix b/pkgs/os-specific/linux/mdadm/default.nix index a7965a70b1c..042c2225ff3 100644 --- a/pkgs/os-specific/linux/mdadm/default.nix +++ b/pkgs/os-specific/linux/mdadm/default.nix @@ -19,6 +19,9 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ groff ]; + # Attempt removing if building with gcc5 when updating + NIX_CFLAGS_COMPILE = "-std=gnu89"; + preConfigure = "sed -e 's@/lib/udev@\${out}/lib/udev@' -e 's@ -Werror @ @' -i Makefile"; # Force mdadm to use /var/run/mdadm.map for its map file (or diff --git a/pkgs/os-specific/linux/musl/default.nix b/pkgs/os-specific/linux/musl/default.nix index 1dae1d215ec..abe96e9b9ae 100644 --- a/pkgs/os-specific/linux/musl/default.nix +++ b/pkgs/os-specific/linux/musl/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { name = "musl-${version}"; - version = "1.1.8"; + version = "1.1.11"; src = fetchurl { url = "http://www.musl-libc.org/releases/${name}.tar.gz"; - sha256 = "04vq4a1hm81kbxfcqa30s6xpzbqf3568gbysfxcmb72v8438b4ps"; + sha256 = "0grmmah3d9wajii26010plpinv3cbiq3kfqsblgn84kv3fjnv7mv"; }; enableParallelBuilding = true; diff --git a/pkgs/os-specific/linux/nfs-utils/default.nix b/pkgs/os-specific/linux/nfs-utils/default.nix index 2d8aaaeb7ee..34cf0196079 100644 --- a/pkgs/os-specific/linux/nfs-utils/default.nix +++ b/pkgs/os-specific/linux/nfs-utils/default.nix @@ -1,18 +1,18 @@ { fetchurl, stdenv, tcp_wrappers, utillinux, libcap, libtirpc, libevent, libnfsidmap -, lvm2, e2fsprogs, python +, lvm2, e2fsprogs, python, sqlite }: stdenv.mkDerivation rec { - name = "nfs-utils-1.2.5"; + name = "nfs-utils-1.3.2"; # NOTE: when updating, remove the HACK BUG FIX below src = fetchurl { url = "mirror://sourceforge/nfs/${name}.tar.bz2"; - sha256 = "16ssfkj36ljifyaskgwpd3ys8ylhi5gasq88aha3bhg5dr7yv59m"; + sha256 = "1xwilpdr1vizq2yhpzxpwqqr9f8kn0dy2wcpc626mf30ybp7572v"; }; buildInputs = [ tcp_wrappers utillinux libcap libtirpc libevent libnfsidmap - lvm2 e2fsprogs python + lvm2 e2fsprogs python sqlite ]; # FIXME: Add the dependencies needed for NFSv4 and TI-RPC. @@ -32,14 +32,15 @@ stdenv.mkDerivation rec { done sed -i s,/usr/sbin,$out/sbin, utils/statd/statd.c - # https://bugzilla.redhat.com/show_bug.cgi?id=749195 - sed -i s,PAGE_SIZE,getpagesize\(\), utils/blkmapd/device-process.c + # HACK BUG FIX: needed for 1.3.2 + # http://git.linux-nfs.org/?p=steved/nfs-utils.git;a=commit;h=17a3e5bffb7110d46de1bf42b64b90713ff5ea50 + sed -e 's,daemon_init(!,daemon_init(,' -i utils/statd/statd.c ''; preBuild = '' makeFlags="sbindir=$out/sbin" - installFlags="statedir=$TMPDIR" # hack to make `make install' work + installFlags="statedir=$TMPDIR statdpath=$TMPDIR" # hack to make `make install' work ''; # One test fails on mips. diff --git a/pkgs/os-specific/linux/nftables/default.nix b/pkgs/os-specific/linux/nftables/default.nix index 9834443a74d..e0b16eb24f5 100644 --- a/pkgs/os-specific/linux/nftables/default.nix +++ b/pkgs/os-specific/linux/nftables/default.nix @@ -2,11 +2,11 @@ , flex, bison, libmnl, libnftnl, gmp, readline }: stdenv.mkDerivation rec { - name = "nftables-0.4"; + name = "nftables-0.5"; src = fetchurl { url = "http://netfilter.org/projects/nftables/files/${name}.tar.bz2"; - sha256 = "0g0x6mf5580kr1azrff0ryxxym43qr72fwir7agmz4b8bjvnkjpn"; + sha256 = "1mhaw7ys7ma5786xyfccgar389jsj2zp7qmvghsgr96q6grxzdhz"; }; configureFlags = [ diff --git a/pkgs/os-specific/linux/nvidia-x11/beta.nix b/pkgs/os-specific/linux/nvidia-x11/beta.nix index fb57e194c80..d3111a4f75a 100644 --- a/pkgs/os-specific/linux/nvidia-x11/beta.nix +++ b/pkgs/os-specific/linux/nvidia-x11/beta.nix @@ -1,5 +1,5 @@ -{ stdenv, fetchurl, kernel ? null, xlibs, zlib, perl -, gtk, atk, pango, glib, gdk_pixbuf, cairo +{ stdenv, fetchurl, kernel ? null, xorg, zlib, perl +, gtk, atk, pango, glib, gdk_pixbuf, cairo, nukeReferences , # Whether to build the libraries only (i.e. not the kernel module or # nvidia-settings). Used to support 32-bit binaries on 64-bit # Linux. @@ -43,16 +43,18 @@ stdenv.mkDerivation { dontStrip = true; - glPath = makeLibraryPath [xlibs.libXext xlibs.libX11 xlibs.libXrandr]; + glPath = makeLibraryPath [xorg.libXext xorg.libX11 xorg.libXrandr]; cudaPath = makeLibraryPath [zlib stdenv.cc.cc]; openclPath = makeLibraryPath [zlib]; - allLibPath = makeLibraryPath [xlibs.libXext xlibs.libX11 xlibs.libXrandr zlib stdenv.cc.cc]; + allLibPath = makeLibraryPath [xorg.libXext xorg.libX11 xorg.libXrandr zlib stdenv.cc.cc]; gtkPath = optionalString (!libsOnly) (makeLibraryPath [ gtk atk pango glib gdk_pixbuf cairo ] ); - programPath = makeLibraryPath [ xlibs.libXv ]; + programPath = makeLibraryPath [ xorg.libXv ]; - buildInputs = [ perl ]; + buildInputs = [ perl nukeReferences ]; + + disallowedReferences = if libsOnly then [] else [ kernel.dev ]; meta = with stdenv.lib.meta; { homepage = http://www.nvidia.com/object/unix.html; diff --git a/pkgs/os-specific/linux/nvidia-x11/builder-legacy340.sh b/pkgs/os-specific/linux/nvidia-x11/builder-legacy340.sh index 5d6647d1ee0..d0eec0f7403 100755 --- a/pkgs/os-specific/linux/nvidia-x11/builder-legacy340.sh +++ b/pkgs/os-specific/linux/nvidia-x11/builder-legacy340.sh @@ -93,6 +93,12 @@ installPhase() { patchelf --set-rpath "$out/lib:$allLibPath" "$libname" libname_short=`echo -n "$libname" | sed 's/so\..*/so/'` + + # nvidia's EGL stack seems to expect libGLESv2.so.2 to be available + if [ $(basename "$libname_short") == "libGLESv2.so" ]; then + ln -srnf "$libname" "$libname_short.2" + fi + ln -srnf "$libname" "$libname_short" ln -srnf "$libname" "$libname_short.1" done @@ -101,6 +107,9 @@ installPhase() { #patchelf --set-rpath $out/lib:$glPath $out/lib/libvdpau_nvidia.so.*.* #patchelf --set-rpath $cudaPath $out/lib/libcuda.so.*.* #patchelf --set-rpath $openclPath $out/lib/libnvidia-opencl.so.*.* + + # we distribute these separately in `libvdpau` + rm "$out"/lib/libvdpau{.*,_trace.*} } diff --git a/pkgs/os-specific/linux/nvidia-x11/builder.sh b/pkgs/os-specific/linux/nvidia-x11/builder.sh index 5edadeda81b..ba65089a4f7 100755 --- a/pkgs/os-specific/linux/nvidia-x11/builder.sh +++ b/pkgs/os-specific/linux/nvidia-x11/builder.sh @@ -20,9 +20,15 @@ buildPhase() { sysOut=$(echo $kernel/lib/modules/$kernelVersion/build) unset src # used by the nv makefile make SYSSRC=$sysSrc SYSOUT=$sysOut module - cd uvm - make SYSSRC=$sysSrc SYSOUT=$sysOut module - cd .. + + # nvidia no longer provides uvm kernel module for 32-bit archs + # http://www.nvidia.com/download/driverResults.aspx/79722/en-us + if [[ "$system" = "x86_64-linux" ]]; then + cd uvm + make SYSSRC=$sysSrc SYSOUT=$sysOut module + cd .. + fi + cd .. fi } @@ -47,8 +53,10 @@ installPhase() { # Install the kernel module. mkdir -p $out/lib/modules/$kernelVersion/misc - cp kernel/nvidia.ko $out/lib/modules/$kernelVersion/misc - cp kernel/uvm/nvidia-uvm.ko $out/lib/modules/$kernelVersion/misc + for i in $(find ./kernel -name '*.ko'); do + nuke-refs $i + cp $i $out/lib/modules/$kernelVersion/misc/ + done fi # All libs except GUI-only are in $out now, so fixup them. @@ -59,6 +67,12 @@ installPhase() { patchelf --set-rpath "$out/lib:$allLibPath" "$libname" libname_short=`echo -n "$libname" | sed 's/so\..*/so/'` + + # nvidia's EGL stack seems to expect libGLESv2.so.2 to be available + if [ $(basename "$libname_short") == "libGLESv2.so" ]; then + ln -srnf "$libname" "$libname_short.2" + fi + ln -srnf "$libname" "$libname_short" ln -srnf "$libname" "$libname_short.1" done @@ -108,6 +122,9 @@ installPhase() { # For simplicity and dependency reduction, don't support the gtk3 interface. rm $out/lib/libnvidia-gtk3.* + + # we distribute these separately in `libvdpau` + rm "$out"/lib/libvdpau{.*,_trace.*} } diff --git a/pkgs/os-specific/linux/nvidia-x11/default.nix b/pkgs/os-specific/linux/nvidia-x11/default.nix index e660004d172..4390d5bdf3c 100644 --- a/pkgs/os-specific/linux/nvidia-x11/default.nix +++ b/pkgs/os-specific/linux/nvidia-x11/default.nix @@ -1,5 +1,5 @@ -{ stdenv, fetchurl, kernel ? null, xlibs, zlib, perl -, gtk, atk, pango, glib, gdk_pixbuf, cairo +{ stdenv, fetchurl, kernel ? null, xorg, zlib, perl +, gtk, atk, pango, glib, gdk_pixbuf, cairo, nukeReferences , # Whether to build the libraries only (i.e. not the kernel module or # nvidia-settings). Used to support 32-bit binaries on 64-bit # Linux. @@ -12,7 +12,7 @@ assert (!libsOnly) -> kernel != null; let - versionNumber = "346.59"; + versionNumber = "352.41"; # Policy: use the highest stable version as the default (on our master). inherit (stdenv.lib) makeLibraryPath; @@ -28,31 +28,36 @@ stdenv.mkDerivation { if stdenv.system == "i686-linux" then fetchurl { url = "http://us.download.nvidia.com/XFree86/Linux-x86/${versionNumber}/NVIDIA-Linux-x86-${versionNumber}.run"; - sha256 = "0a91mmv9846chyx6rbf3hx39gr344cffmgic45a9sf82rky87kv5"; + sha256 = "1qzn6dhkrpkx015f7y9adafn7fmz7zbxbczzf9930li8pgvmmz5k"; } else if stdenv.system == "x86_64-linux" then fetchurl { url = "http://us.download.nvidia.com/XFree86/Linux-x86_64/${versionNumber}/NVIDIA-Linux-x86_64-${versionNumber}-no-compat32.run"; - sha256 = "0rz7pdzdviz1086w8ks6qiv83ah84y13h3051xr1p4wa4kll2yac"; + sha256 = "1k9hmmn5x9snzyggx23km64kjdqjh2kva090ha6mlayyyxrclz56"; } else throw "nvidia-x11 does not support platform ${stdenv.system}"; + patches = [ ./nvidia-4.2.patch ]; + inherit versionNumber libsOnly; + inherit (stdenv) system; kernel = if libsOnly then null else kernel.dev; dontStrip = true; - glPath = makeLibraryPath [xlibs.libXext xlibs.libX11 xlibs.libXrandr]; + glPath = makeLibraryPath [xorg.libXext xorg.libX11 xorg.libXrandr]; cudaPath = makeLibraryPath [zlib stdenv.cc.cc]; openclPath = makeLibraryPath [zlib]; - allLibPath = makeLibraryPath [xlibs.libXext xlibs.libX11 xlibs.libXrandr zlib stdenv.cc.cc]; + allLibPath = makeLibraryPath [xorg.libXext xorg.libX11 xorg.libXrandr zlib stdenv.cc.cc]; gtkPath = optionalString (!libsOnly) (makeLibraryPath [ gtk atk pango glib gdk_pixbuf cairo ] ); - programPath = makeLibraryPath [ xlibs.libXv ]; + programPath = makeLibraryPath [ xorg.libXv ]; + + buildInputs = [ perl nukeReferences ]; - buildInputs = [ perl ]; + disallowedReferences = if libsOnly then [] else [ kernel.dev ]; meta = with stdenv.lib.meta; { homepage = http://www.nvidia.com/object/unix.html; @@ -60,5 +65,6 @@ stdenv.mkDerivation { license = licenses.unfreeRedistributable; platforms = platforms.linux; maintainers = [ maintainers.vcunat ]; + priority = 4; # resolves collision with xorg-server's "lib/xorg/modules/extensions/libglx.so" }; } diff --git a/pkgs/os-specific/linux/nvidia-x11/legacy173.nix b/pkgs/os-specific/linux/nvidia-x11/legacy173.nix index 432a756b6f6..6bde91d0ffc 100644 --- a/pkgs/os-specific/linux/nvidia-x11/legacy173.nix +++ b/pkgs/os-specific/linux/nvidia-x11/legacy173.nix @@ -1,4 +1,4 @@ -{stdenv, fetchurl, kernel, xlibs, zlib, gtk, atk, pango, glib, gdk_pixbuf}: +{stdenv, fetchurl, kernel, xorg, zlib, gtk, atk, pango, glib, gdk_pixbuf}: let @@ -30,11 +30,11 @@ stdenv.mkDerivation { dontStrip = true; - glPath = stdenv.lib.makeLibraryPath [xlibs.libXext xlibs.libX11 xlibs.libXrandr]; + glPath = stdenv.lib.makeLibraryPath [xorg.libXext xorg.libX11 xorg.libXrandr]; cudaPath = stdenv.lib.makeLibraryPath [zlib stdenv.cc.cc]; - programPath = stdenv.lib.makeLibraryPath [ gtk atk pango glib gdk_pixbuf xlibs.libXv ]; + programPath = stdenv.lib.makeLibraryPath [ gtk atk pango glib gdk_pixbuf xorg.libXv ]; meta = { homepage = http://www.nvidia.com/object/unix.html; diff --git a/pkgs/os-specific/linux/nvidia-x11/legacy304.nix b/pkgs/os-specific/linux/nvidia-x11/legacy304.nix index d5e350a0302..42e65f927b3 100644 --- a/pkgs/os-specific/linux/nvidia-x11/legacy304.nix +++ b/pkgs/os-specific/linux/nvidia-x11/legacy304.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, kernel ? null, xlibs, zlib, perl +{ stdenv, fetchurl, kernel ? null, xorg, zlib, perl , gtk, atk, pango, glib, gdk_pixbuf , # Whether to build the libraries only (i.e. not the kernel module or # nvidia-settings). Used to support 32-bit binaries on 64-bit @@ -15,6 +15,8 @@ stdenv.mkDerivation { builder = ./builder-legacy304.sh; + patches = [ ./nvidia-340.76-kernel-4.0.patch ]; + src = if stdenv.system == "i686-linux" then fetchurl { @@ -34,12 +36,12 @@ stdenv.mkDerivation { dontStrip = true; - glPath = stdenv.lib.makeLibraryPath [xlibs.libXext xlibs.libX11 xlibs.libXrandr]; + glPath = stdenv.lib.makeLibraryPath [xorg.libXext xorg.libX11 xorg.libXrandr]; cudaPath = stdenv.lib.makeLibraryPath [zlib stdenv.cc.cc]; programPath = optionalString (!libsOnly) (stdenv.lib.makeLibraryPath - [ gtk atk pango glib gdk_pixbuf xlibs.libXv ] ); + [ gtk atk pango glib gdk_pixbuf xorg.libXv ] ); buildInputs = [ perl ]; diff --git a/pkgs/os-specific/linux/nvidia-x11/legacy340.nix b/pkgs/os-specific/linux/nvidia-x11/legacy340.nix index 7fcdb40de03..bb974410e37 100644 --- a/pkgs/os-specific/linux/nvidia-x11/legacy340.nix +++ b/pkgs/os-specific/linux/nvidia-x11/legacy340.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, kernel ? null, xlibs, zlib, perl +{ stdenv, fetchurl, kernel ? null, xorg, zlib, perl , gtk, atk, pango, glib, gdk_pixbuf , # Whether to build the libraries only (i.e. not the kernel module or # nvidia-settings). Used to support 32-bit binaries on 64-bit @@ -25,6 +25,8 @@ stdenv.mkDerivation { builder = ./builder-legacy340.sh; + patches = [ ./nvidia-340.76-kernel-4.0.patch ]; + src = if stdenv.system == "i686-linux" then fetchurl { @@ -44,13 +46,13 @@ stdenv.mkDerivation { dontStrip = true; - glPath = makeLibraryPath [xlibs.libXext xlibs.libX11 xlibs.libXrandr]; + glPath = makeLibraryPath [xorg.libXext xorg.libX11 xorg.libXrandr]; cudaPath = makeLibraryPath [zlib stdenv.cc.cc]; openclPath = makeLibraryPath [zlib]; - allLibPath = makeLibraryPath [xlibs.libXext xlibs.libX11 xlibs.libXrandr zlib stdenv.cc.cc]; + allLibPath = makeLibraryPath [xorg.libXext xorg.libX11 xorg.libXrandr zlib stdenv.cc.cc]; programPath = optionalString (!libsOnly) (makeLibraryPath - [ gtk atk pango glib gdk_pixbuf xlibs.libXv ] ); + [ gtk atk pango glib gdk_pixbuf xorg.libXv ] ); buildInputs = [ perl ]; diff --git a/pkgs/os-specific/linux/nvidia-x11/nvidia-340.76-kernel-4.0.patch b/pkgs/os-specific/linux/nvidia-x11/nvidia-340.76-kernel-4.0.patch new file mode 100644 index 00000000000..5fdc1fed727 --- /dev/null +++ b/pkgs/os-specific/linux/nvidia-x11/nvidia-340.76-kernel-4.0.patch @@ -0,0 +1,28 @@ +--- a/kernel/nv-pat.c 2015-07-03 08:39:35.417031728 +0200 ++++ b/kernel/nv-pat.c 2015-07-03 08:42:15.631838988 +0200 +@@ -35,8 +35,13 @@ + unsigned long cr0 = read_cr0(); + write_cr0(((cr0 & (0xdfffffff)) | 0x40000000)); + wbinvd(); ++#if LINUX_VERSION_CODE < KERNEL_VERSION(3, 18, 0) + *cr4 = read_cr4(); + if (*cr4 & 0x80) write_cr4(*cr4 & ~0x80); ++#else ++ *cr4 = __read_cr4(); ++ if (*cr4 & 0x80) __write_cr4(*cr4 & ~0x80); ++#endif + __flush_tlb(); + } + +@@ -46,7 +51,11 @@ + wbinvd(); + __flush_tlb(); + write_cr0((cr0 & 0x9fffffff)); ++#if LINUX_VERSION_CODE < KERNEL_VERSION(3, 18, 0) + if (cr4 & 0x80) write_cr4(cr4); ++#else ++ if (cr4 & 0x80) __write_cr4(cr4); ++#endif + } + + static int nv_determine_pat_mode(void) diff --git a/pkgs/os-specific/linux/nvidia-x11/nvidia-4.2.patch b/pkgs/os-specific/linux/nvidia-x11/nvidia-4.2.patch new file mode 100644 index 00000000000..412b786179a --- /dev/null +++ b/pkgs/os-specific/linux/nvidia-x11/nvidia-4.2.patch @@ -0,0 +1,26 @@ +diff --git a/kernel/nv-frontend.c b/kernel/nv-frontend.c +index 65bbb1b..be39c8d 100644 +--- a/kernel/nv-frontend.c ++++ b/kernel/nv-frontend.c +@@ -15,7 +15,7 @@ + #include "nv-frontend.h" + + #if defined(MODULE_LICENSE) +-MODULE_LICENSE("NVIDIA"); ++MODULE_LICENSE("GPL\0NVIDIA"); + #endif + #if defined(MODULE_INFO) + MODULE_INFO(supported, "external"); +diff --git a/kernel/nv.c b/kernel/nv.c +index abe81ed..05945b5 100644 +--- a/kernel/nv.c ++++ b/kernel/nv.c +@@ -31,7 +31,7 @@ + + #if defined(NV_VMWARE) || (NV_BUILD_MODULE_INSTANCES != 0) + #if defined(MODULE_LICENSE) +-MODULE_LICENSE("NVIDIA"); ++MODULE_LICENSE("GPL\0NVIDIA"); + #endif + #if defined(MODULE_INFO) + MODULE_INFO(supported, "external"); diff --git a/pkgs/os-specific/linux/open-iscsi/default.nix b/pkgs/os-specific/linux/open-iscsi/default.nix index 88ab08e6c3d..c4e39e45cad 100644 --- a/pkgs/os-specific/linux/open-iscsi/default.nix +++ b/pkgs/os-specific/linux/open-iscsi/default.nix @@ -1,27 +1,23 @@ -{ stdenv, fetchurl, kernel}: +{ stdenv, fetchurl }: let - pname = "open-iscsi-2.0-871"; + pname = "open-iscsi-2.0-873"; in stdenv.mkDerivation { - name = "${pname}-${kernel.version}"; + name = "${pname}"; src = fetchurl { url = "http://www.open-iscsi.org/bits/${pname}.tar.gz"; - sha256 = "1jvx1agybaj4czhz41bz37as076spicsmlh5pjksvwl2mr38gsmw"; + sha256 = "1nbwmj48xzy45h52917jbvyqpsfg9zm49nm8941mc5x4gpwz5nbx"; }; - KSRC = "${kernel.dev}/lib/modules/*/build"; DESTDIR = "$(out)"; preConfigure = '' sed -i 's|/usr/|/|' Makefile ''; - patches = [./kernel.patch]; - meta = { description = "A high performance, transport independent, multi-platform implementation of RFC3720"; license = stdenv.lib.licenses.gpl2Plus; homepage = http://www.open-iscsi.org; - broken = true; }; } diff --git a/pkgs/os-specific/linux/open-iscsi/kernel.patch b/pkgs/os-specific/linux/open-iscsi/kernel.patch deleted file mode 100644 index 48dfa195400..00000000000 --- a/pkgs/os-specific/linux/open-iscsi/kernel.patch +++ /dev/null @@ -1,12 +0,0 @@ -*** open-iscsi-2.0-871/kernel/Makefile 2009-07-11 05:55:58.000000000 +0200 ---- open-iscsi-2.0-871-new/kernel/Makefile 2010-08-30 11:37:56.000000000 +0200 -*************** -*** 101,106 **** ---- 101,107 ---- - linux_2_6_29: $(unpatch_code) - - linux_2_6_30: $(unpatch_code) -+ linux_2_6_32: $(unpatch_code) - - - do_unpatch_code: diff --git a/pkgs/os-specific/linux/opengl/xorg-sys/default.nix b/pkgs/os-specific/linux/opengl/xorg-sys/default.nix index 2cebb8d9dcc..5bb757a73a0 100644 --- a/pkgs/os-specific/linux/opengl/xorg-sys/default.nix +++ b/pkgs/os-specific/linux/opengl/xorg-sys/default.nix @@ -6,11 +6,11 @@ # Of course, use of the driver in /usr/lib is highly impure. But it # might actually work ;-) -{stdenv, xlibs, expat, libdrm}: +{stdenv, xorg, expat, libdrm}: stdenv.mkDerivation { name = "xorg-sys-opengl-3"; builder = ./builder.sh; - neededLibs = [xlibs.libXxf86vm xlibs.libXext expat libdrm stdenv.cc.cc]; + neededLibs = [xorg.libXxf86vm xorg.libXext expat libdrm stdenv.cc.cc]; } diff --git a/pkgs/os-specific/linux/openvswitch/default.nix b/pkgs/os-specific/linux/openvswitch/default.nix index 2e25c0383b7..0e5dbeebf92 100644 --- a/pkgs/os-specific/linux/openvswitch/default.nix +++ b/pkgs/os-specific/linux/openvswitch/default.nix @@ -1,50 +1,65 @@ -{ stdenv, fetchurl, openssl, python27, iproute, perl, kernel ? null}: -let - - version = "2.1.2"; +{ stdenv, fetchurl, makeWrapper +, openssl, python27, iproute, perl, kernel ? null }: - skipKernelMod = kernel == null; +with stdenv.lib; -in -stdenv.mkDerivation { - version = "2.1.2"; +let + _kernel = kernel; +in stdenv.mkDerivation rec { + version = "2.3.1"; name = "openvswitch-${version}"; + src = fetchurl { - url = "http://openvswitch.org/releases/openvswitch-2.1.2.tar.gz"; - sha256 = "16q7faqrj2pfchhn0x5s9ggi5ckcg9n62f6bnqaih064aaq2jm47"; + url = "http://openvswitch.org/releases/${name}.tar.gz"; + sha256 = "1lmwyhm5wmdv1l4v1v5xd36d5ra21jz9ix57nh1lgm8iqc0lj5r1"; }; - kernel = if skipKernelMod then null else kernel.dev; - buildInputs = [ - openssl - python27 - perl - ]; + + kernel = optional (_kernel != null) _kernel.dev; + + buildInputs = [ makeWrapper openssl python27 perl ]; + configureFlags = [ "--localstatedir=/var" "--sharedstatedir=/var" "--sbindir=$(out)/bin" - ] ++ (if skipKernelMod then [] else ["--with-linux"]); + ] ++ (optionals (_kernel != null) ["--with-linux"]); + # Leave /var out of this! installFlags = [ "LOGDIR=$(TMPDIR)/dummy" "RUNDIR=$(TMPDIR)/dummy" "PKIDIR=$(TMPDIR)/dummy" ]; - meta = { - platforms = stdenv.lib.platforms.linux; + + postInstall = '' + cp debian/ovs-monitor-ipsec $out/share/openvswitch/scripts + makeWrapper \ + $out/share/openvswitch/scripts/ovs-monitor-ipsec \ + $out/bin/ovs-monitor-ipsec \ + --prefix PYTHONPATH : "$out/share/openvswitch/python" + substituteInPlace $out/share/openvswitch/scripts/ovs-monitor-ipsec \ + --replace "UnixctlServer.create(None)" "UnixctlServer.create(os.environ['UNIXCTLPATH'])" + substituteInPlace $out/share/openvswitch/scripts/ovs-monitor-ipsec \ + --replace "self.psk_file" "root_prefix + self.psk_file" + substituteInPlace $out/share/openvswitch/scripts/ovs-monitor-ipsec \ + --replace "self.cert_dir" "root_prefix + self.cert_dir" + ''; + + meta = with stdenv.lib; { + platforms = platforms.linux; description = "A multilayer virtual switch"; - longDescription = + longDescription = '' - Open vSwitch is a production quality, multilayer virtual switch - licensed under the open source Apache 2.0 license. It is - designed to enable massive network automation through - programmatic extension, while still supporting standard - management interfaces and protocols (e.g. NetFlow, sFlow, SPAN, - RSPAN, CLI, LACP, 802.1ag). In addition, it is designed to - support distribution across multiple physical servers similar + Open vSwitch is a production quality, multilayer virtual switch + licensed under the open source Apache 2.0 license. It is + designed to enable massive network automation through + programmatic extension, while still supporting standard + management interfaces and protocols (e.g. NetFlow, sFlow, SPAN, + RSPAN, CLI, LACP, 802.1ag). In addition, it is designed to + support distribution across multiple physical servers similar to VMware's vNetwork distributed vswitch or Cisco's Nexus 1000V. ''; homepage = "http://openvswitch.org/"; - licence = "Apache 2.0"; + license = licenses.asl20; }; } diff --git a/pkgs/os-specific/linux/pam/CVE-2014-2583.patch b/pkgs/os-specific/linux/pam/CVE-2014-2583.patch deleted file mode 100644 index 25b1f7549fa..00000000000 --- a/pkgs/os-specific/linux/pam/CVE-2014-2583.patch +++ /dev/null @@ -1,49 +0,0 @@ -From 9dcead87e6d7f66d34e7a56d11a30daca367dffb Mon Sep 17 00:00:00 2001 -From: "Dmitry V. Levin" <ldv@altlinux.org> -Date: Wed, 26 Mar 2014 22:17:23 +0000 -Subject: pam_timestamp: fix potential directory traversal issue (ticket #27) - -pam_timestamp uses values of PAM_RUSER and PAM_TTY as components of -the timestamp pathname it creates, so extra care should be taken to -avoid potential directory traversal issues. - -* modules/pam_timestamp/pam_timestamp.c (check_tty): Treat -"." and ".." tty values as invalid. -(get_ruser): Treat "." and ".." ruser values, as well as any ruser -value containing '/', as invalid. - -Fixes CVE-2014-2583. - -Reported-by: Sebastian Krahmer <krahmer@suse.de> - -diff --git a/modules/pam_timestamp/pam_timestamp.c b/modules/pam_timestamp/pam_timestamp.c -index 5193733..b3f08b1 100644 ---- a/modules/pam_timestamp/pam_timestamp.c -+++ b/modules/pam_timestamp/pam_timestamp.c -@@ -158,7 +158,7 @@ check_tty(const char *tty) - tty = strrchr(tty, '/') + 1; - } - /* Make sure the tty wasn't actually a directory (no basename). */ -- if (strlen(tty) == 0) { -+ if (!strlen(tty) || !strcmp(tty, ".") || !strcmp(tty, "..")) { - return NULL; - } - return tty; -@@ -243,6 +243,17 @@ get_ruser(pam_handle_t *pamh, char *ruserbuf, size_t ruserbuflen) - if (pwd != NULL) { - ruser = pwd->pw_name; - } -+ } else { -+ /* -+ * This ruser is used by format_timestamp_name as a component -+ * of constructed timestamp pathname, so ".", "..", and '/' -+ * are disallowed to avoid potential path traversal issues. -+ */ -+ if (!strcmp(ruser, ".") || -+ !strcmp(ruser, "..") || -+ strchr(ruser, '/')) { -+ ruser = NULL; -+ } - } - if (ruser == NULL || strlen(ruser) >= ruserbuflen) { - *ruserbuf = '\0'; diff --git a/pkgs/os-specific/linux/pam/default.nix b/pkgs/os-specific/linux/pam/default.nix index 8aaba0d3d5d..d84c6224eeb 100644 --- a/pkgs/os-specific/linux/pam/default.nix +++ b/pkgs/os-specific/linux/pam/default.nix @@ -1,15 +1,14 @@ { stdenv, fetchurl, flex, cracklib }: stdenv.mkDerivation rec { - name = "linux-pam-1.1.8"; + name = "linux-pam-${version}"; + version = "1.2.1"; src = fetchurl { - url = http://www.linux-pam.org/library/Linux-PAM-1.1.8.tar.bz2; - sha256 = "0m8ygb40l1c13nsd4hkj1yh4p1ldawhhg8pyjqj9w5kd4cxg5cf4"; + url = "http://www.linux-pam.org/library/Linux-PAM-${version}.tar.bz2"; + sha256 = "1n9lnf9gjs72kbj1g354v1xhi2j27aqaah15vykh7cnkq08i4arl"; }; - patches = [ ./CVE-2014-2583.patch ]; - outputs = [ "out" "doc" "man" /* "modules" */ ]; nativeBuildInputs = [ flex ]; diff --git a/pkgs/os-specific/linux/pam_mount/default.nix b/pkgs/os-specific/linux/pam_mount/default.nix index 05438c6945c..a4f52517df4 100644 --- a/pkgs/os-specific/linux/pam_mount/default.nix +++ b/pkgs/os-specific/linux/pam_mount/default.nix @@ -1,21 +1,27 @@ -{ stdenv, fetchurl, autoconf, automake, pkgconfig, libtool, pam, libHX, utillinux, libxml2, pcre, perl, openssl, cryptsetup }: +{ stdenv, fetchurl, autoconf, automake, pkgconfig, libtool, pam, libHX, libxml2, pcre, perl, openssl, cryptsetup, utillinux }: stdenv.mkDerivation rec { - name = "pam_mount-2.14"; + name = "pam_mount-2.15"; src = fetchurl { - url = "mirror://sourceforge/pam-mount/pam_mount/2.14/${name}.tar.xz"; - sha256 = "1yfwg8i4n7af8yi3w3pkqzqz75wgjjlg5lslv1r5g1v88nrwnrkg"; + url = "mirror://sourceforge/pam-mount/pam_mount/2.15/${name}.tar.xz"; + sha256 = "091aq5zyc60wh21m1ryanjwknwxlaj9nvlswn5vjrmcdir5gnkm5"; }; buildInputs = [ autoconf automake pkgconfig libtool pam libHX utillinux libxml2 pcre perl openssl cryptsetup ]; - preConfigure = "sh autogen.sh --prefix=$out"; + patches = [ ./insert_utillinux_path_hooks.patch ]; + + preConfigure = '' + substituteInPlace src/mtcrypt.c --replace @@NIX_UTILLINUX@@ ${utillinux}/bin + sh autogen.sh --prefix=$out + ''; makeFlags = "DESTDIR=$(out)"; # Probably a hack, but using DESTDIR and PREFIX makes everything work! postInstall = '' + mkdir -p $out cp -r $out/$out/* $out rm -r $out/nix ''; diff --git a/pkgs/os-specific/linux/pam_mount/insert_utillinux_path_hooks.patch b/pkgs/os-specific/linux/pam_mount/insert_utillinux_path_hooks.patch new file mode 100644 index 00000000000..6d9da05da29 --- /dev/null +++ b/pkgs/os-specific/linux/pam_mount/insert_utillinux_path_hooks.patch @@ -0,0 +1,30 @@ +diff -uNr pam_mount-2.15_old/src/mtcrypt.c pam_mount-2.15/src/mtcrypt.c +--- pam_mount-2.15_old/src/mtcrypt.c 2015-07-04 16:00:12.917943336 +0200 ++++ pam_mount-2.15/src/mtcrypt.c 2015-07-04 16:03:45.685302493 +0200 +@@ -534,7 +534,7 @@ + + /* candidate for replacement by some libmount calls, I guess. */ + argk = 0; +- mount_args[argk++] = "mount"; ++ mount_args[argk++] = "@@NIX_UTILLINUX@@/mount"; + if (opt->fstype != NULL) { + mount_args[argk++] = "-t"; + mount_args[argk++] = opt->fstype; +@@ -668,7 +668,7 @@ + + if (!opt->no_update) + pmt_smtab_remove(mntpt, SMTABF_MOUNTPOINT); +- rmt_args[argk++] = "mount"; ++ rmt_args[argk++] = "@@NIX_UTILLINUX@@/mount"; + rmt_args[argk++] = "-o"; + rmt_args[argk++] = opt->extra_opts; + rmt_args[argk++] = mntpt; +@@ -749,7 +749,7 @@ + pmt_smtab_remove(mountpoint, SMTABF_MOUNTPOINT); + pmt_cmtab_remove(mountpoint); + +- umount_args[argk++] = "umount"; ++ umount_args[argk++] = "@@NIX_UTILLINUX@@/umount"; + umount_args[argk++] = "-i"; + umount_args[argk++] = mountpoint; + umount_args[argk] = NULL; diff --git a/pkgs/os-specific/linux/pam_u2f/default.nix b/pkgs/os-specific/linux/pam_u2f/default.nix new file mode 100644 index 00000000000..ecffa7bec59 --- /dev/null +++ b/pkgs/os-specific/linux/pam_u2f/default.nix @@ -0,0 +1,29 @@ +{ stdenv, fetchurl, pkgconfig, libu2f-host, libu2f-server, pam }: + +stdenv.mkDerivation rec { + name = "pam_u2f-${version}"; + version = "1.0.1"; + + src = fetchurl { + url = "https://developers.yubico.com/pam-u2f/Releases/${name}.tar.gz"; + sha256 = "08lmc2il877k7djkjmza3k0n6ij8b4hx4x9dl6wwfdjqsr8d2zfp"; + }; + + nativeBuildInputs = [ pkgconfig ]; + buildInputs = [ libu2f-host libu2f-server pam ]; + + # Fix the broken include in 1.0.1 + CFLAGS = "-I${libu2f-host}/include/u2f-host"; + + preConfigure = '' + configureFlagsArray+=("--with-pam-dir=$out/lib/security") + ''; + + meta = with stdenv.lib; { + homepage = https://developers.yubico.com/pam-u2f/; + description = "A PAM module for allowing authentication with a U2F device"; + license = licenses.bsd2; + platforms = platforms.unix; + maintainers = with maintainers; [ philandstuff ]; + }; +} diff --git a/pkgs/os-specific/linux/pax-utils/default.nix b/pkgs/os-specific/linux/pax-utils/default.nix index 266fee9e493..fe517a71021 100644 --- a/pkgs/os-specific/linux/pax-utils/default.nix +++ b/pkgs/os-specific/linux/pax-utils/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { name = "pax-utils-${version}"; - version = "1.0.3"; + version = "1.1.1"; src = fetchurl { url = "http://dev.gentoo.org/~vapier/dist/${name}.tar.xz"; - sha256 = "0w2nddgany3s0znyj6zizlvn8y5vba9x49jm5nliv13p3x7ajdc5"; + sha256 = "0gldvyr96jgbcahq7rl3k4krzyhvlz95ckiqh3yhink56s5z58cy"; }; makeFlags = [ diff --git a/pkgs/os-specific/linux/perf-tools/default.nix b/pkgs/os-specific/linux/perf-tools/default.nix index 0273fed3ec4..d0776ce546a 100644 --- a/pkgs/os-specific/linux/perf-tools/default.nix +++ b/pkgs/os-specific/linux/perf-tools/default.nix @@ -1,13 +1,13 @@ { lib, stdenv, fetchFromGitHub, perl }: stdenv.mkDerivation { - name = "perf-tools-20150130"; + name = "perf-tools-20150723"; src = fetchFromGitHub { owner = "brendangregg"; repo = "perf-tools"; - rev = "85414b01247666c9fefad25a1406c8078011c936"; - sha256 = "1g15nnndcmxd1k9radcvfpn223pp627vs9wh90yiy73v03g7b8cs"; + rev = "80e25785e16acfbc0f048cae86a69006fa45148d"; + sha256 = "13g98vqwy50yf2h0w6iav80kzwfz29mvnjw8akbjv4v36r9hcb69"; }; buildInputs = [ perl ]; diff --git a/pkgs/os-specific/linux/phc-intel/default.nix b/pkgs/os-specific/linux/phc-intel/default.nix new file mode 100644 index 00000000000..dd5a2741267 --- /dev/null +++ b/pkgs/os-specific/linux/phc-intel/default.nix @@ -0,0 +1,55 @@ +{ stdenv, fetchurl, kernel, which }: + +assert stdenv.isLinux; +# Don't bother with older versions, though some would probably work: +assert stdenv.lib.versionAtLeast kernel.version "4.2"; +# Disable on grsecurity kernels, which break module building: +assert !kernel.features ? grsecurity; + +let + release = "0.4.0"; + revbump = "rev18"; # don't forget to change forum download id... + version = "${release}-${revbump}"; +in stdenv.mkDerivation { + name = "linux-phc-intel-${version}-${kernel.version}"; + + src = fetchurl { + sha256 = "1480y75yid4nw7dhzm97yb10dykinzjz34abvavsrqpq7qclhv27"; + url = "http://www.linux-phc.org/forum/download/file.php?id=167"; + name = "phc-intel-pack-${revbump}.tar.bz2"; + }; + + buildInputs = [ which ]; + + makeFlags = with kernel; [ + "DESTDIR=$(out)" + "KERNELSRC=${dev}/lib/modules/${modDirVersion}/build" + ]; + + configurePhase = '' + make $makeFlags brave + ''; + + enableParallelBuilding = false; + + installPhase = '' + install -m 755 -d $out/lib/modules/${kernel.version}/extra/ + install -m 644 *.ko $out/lib/modules/${kernel.version}/extra/ + ''; + + meta = with stdenv.lib; { + inherit version; + description = "Undervolting kernel driver for Intel processors"; + longDescription = '' + PHC is a Linux kernel patch to undervolt processors. This can divide the + power consumption of the CPU by two or more, increasing battery life + while noticably reducing fan noise. This driver works only on supported + Intel architectures. + ''; + homepage = http://www.linux-phc.org/; + downloadPage = "http://www.linux-phc.org/forum/viewtopic.php?f=7&t=267"; + license = licenses.gpl2; + platforms = platforms.linux; + maintainers = with maintainers; [ nckx ]; + }; +} diff --git a/pkgs/os-specific/linux/pipework/default.nix b/pkgs/os-specific/linux/pipework/default.nix new file mode 100644 index 00000000000..225515cb70a --- /dev/null +++ b/pkgs/os-specific/linux/pipework/default.nix @@ -0,0 +1,28 @@ +{ stdenv, lib, fetchFromGitHub, makeWrapper +, bridge-utils, iproute, lxc, openvswitch, docker, busybox, dhcpcd, dhcp +}: + +stdenv.mkDerivation rec { + name = "pipework-${version}"; + version = "2015-07-30"; + src = fetchFromGitHub { + owner = "jpetazzo"; + repo = "pipework"; + rev = "5a46ecb5f8f933fd268ef315f58a1eb1c46bd93d"; + sha256 = "02znyg5ir37s8xqjcqqz6xnwyqxapn7c4scyqkcapxr932hf1frh"; + }; + buildInputs = [ makeWrapper ]; + installPhase = '' + mkdir -p $out/bin + cp pipework $out/bin + wrapProgram $out/bin/pipework --prefix PATH : \ + ${lib.makeSearchPath "bin" [ bridge-utils iproute lxc openvswitch docker busybox dhcpcd dhcp ]}; + ''; + meta = with lib; { + description = "Software-Defined Networking tools for LXC"; + homepage = "https://github.com/jpetazzo/pipework"; + license = licenses.asl20; + platforms = platforms.linux; + maintainers = with maintainers; [ cstrahan ]; + }; +} diff --git a/pkgs/os-specific/linux/policycoreutils/default.nix b/pkgs/os-specific/linux/policycoreutils/default.nix index ef7e76824db..1933523d9c2 100644 --- a/pkgs/os-specific/linux/policycoreutils/default.nix +++ b/pkgs/os-specific/linux/policycoreutils/default.nix @@ -1,29 +1,40 @@ -{ stdenv, fetchurl, intltool, pcre, libcap_ng, libcgroup -, libsepol, libselinux, libsemanage, setools -, python, sepolgen }: -stdenv.mkDerivation rec { +{ stdenv, fetchurl, pythonPackages, gettext +, setools, libsepol, libselinux, libcap_ng, libsemanage, sepolgen +}: +stdenv.mkDerivation rec { name = "policycoreutils-${version}"; - version = "2.3"; + version = "2.4"; inherit (libsepol) se_release se_url; src = fetchurl { url = "${se_url}/${se_release}/policycoreutils-${version}.tar.gz"; - sha256 = "1lpwxr5hw3dwhlp2p7y8jcr18mvfcrclwd8c2idz3lmmb3pglk46"; + sha256 = "0y9l9k60iy21hj0lcvfdfxs1fxydg6d3pxp9rhy7hwr4y5vgh6dq"; }; - preConfigure = '' + patches = [ ./fix-printf-type.patch ]; + + postPatch = '' + # Fix references to libsepol.a + find . -name Makefile -exec sed -i 's,[^ ]*/libsepol.a,${libsepol}/lib/libsepol.a,g' {} \; + + # Fix install references substituteInPlace po/Makefile --replace /usr/bin/install install - find . -type f -exec sed -i 's,/usr/bin/python,${python}/bin/python,' {} \; + + # Fix references to /usr/share + grep -r '/usr/share' | awk -F: '{print $1}' | xargs sed -i "s,\(\$(DESTDIR)\)*/usr/share,$out/share,g" + + # Fix sepolicy install + sed -i "s,\(setup.py install\).*,\1 --prefix=$out,g" sepolicy/Makefile ''; - buildInputs = [ intltool pcre libcap_ng libcgroup - libsepol libselinux libsemanage setools - python sepolgen # ToDo? these are optional - ]; + nativeBuildInputs = [ pythonPackages.python gettext ]; + buildInputs = [ setools libsepol libselinux libcap_ng libsemanage ]; + pythonPath = [ libselinux sepolgen ]; preBuild = '' - mkdir -p "$out/lib" && cp -s "${libsepol}/lib/libsepol.a" "$out/lib" + makeFlagsArray+=("PREFIX=$out") + makeFlagsArray+=("DESTDIR=$out") ''; # Creation of the system-config-selinux directory is broken @@ -31,14 +42,19 @@ stdenv.mkDerivation rec { mkdir -p $out/share/system-config-selinux ''; - NIX_CFLAGS_COMPILE = "-fstack-protector-all"; - NIX_LDFLAGS = "-lsepol -lpcre"; - - makeFlags = "PREFIX=$(out) DESTDIR=$(out) LOCALEDIR=$(out)/share/locale"; - - patches = [ ./size_format.patch ]; + # Fix the python scripts to include paths to libraries + # NOTE: We are not using wrapPythonPrograms or makeWrapper as these scripts + # purge the environment as a security measure + postInstall = '' + grep -r '#!.*python' $out/bin | awk -F: '{print $1}' | xargs sed -i "1a \ + import sys; \ + sys.path.append('$(toPythonPath "$out")'); \ + ${stdenv.lib.flip stdenv.lib.concatMapStrings pythonPath (lib: '' + sys.path.append('$(toPythonPath "${lib}")'); \ + '')}" + ''; - patchFlags = [ "-p0" ]; + NIX_CFLAGS_COMPILE = "-fstack-protector-all"; meta = with stdenv.lib; { description = "SELinux policy core utilities"; diff --git a/pkgs/os-specific/linux/policycoreutils/size_format.patch b/pkgs/os-specific/linux/policycoreutils/fix-printf-type.patch index 04432098547..6ab2d6dccc7 100644 --- a/pkgs/os-specific/linux/policycoreutils/size_format.patch +++ b/pkgs/os-specific/linux/policycoreutils/fix-printf-type.patch @@ -1,5 +1,6 @@ ---- setfiles/restore.c.orig 2014-08-21 17:26:00.200788259 +0200 -+++ setfiles/restore.c 2014-08-21 17:26:04.728888118 +0200 +diff -Nru policycoreutils-2.4/setfiles/restore.c policycoreutils-2.4.new/setfiles/restore.c +--- policycoreutils-2.4/setfiles/restore.c 2015-02-02 09:38:10.000000000 -0500 ++++ policycoreutils-2.4.new/setfiles/restore.c 2015-08-29 20:44:13.693023222 -0400 @@ -118,7 +118,7 @@ r_opts->count++; if (r_opts->count % STAR_COUNT == 0) { diff --git a/pkgs/os-specific/linux/powertop/default.nix b/pkgs/os-specific/linux/powertop/default.nix index befe16f72f2..9e32cd70cfb 100644 --- a/pkgs/os-specific/linux/powertop/default.nix +++ b/pkgs/os-specific/linux/powertop/default.nix @@ -10,6 +10,10 @@ stdenv.mkDerivation rec { buildInputs = [ gettext libnl ncurses pciutils pkgconfig zlib ]; + patchPhase = '' + substituteInPlace src/main.cpp --replace "/sbin/modprobe" "modprobe" + ''; + meta = { description = "Analyze power consumption on Intel-based laptops"; license = stdenv.lib.licenses.gpl2; diff --git a/pkgs/os-specific/linux/prl-tools/default.nix b/pkgs/os-specific/linux/prl-tools/default.nix index 0dac7c4358d..da5d7d5f607 100644 --- a/pkgs/os-specific/linux/prl-tools/default.nix +++ b/pkgs/os-specific/linux/prl-tools/default.nix @@ -39,7 +39,7 @@ stdenv.mkDerivation rec { name = "prl-tools-lin.iso"; sha256 = "07960jvyv7gihjlg922znjm6db6l6bd23x9mg6ympwibzf2mylmx"; message = '' - Please, place Parallel Tools for Linux image into Nix store + Please, place Parallels Tools for Linux image into Nix store using either nix-store --add-fixed sha256 ${name} or diff --git a/pkgs/os-specific/linux/procps-ng/default.nix b/pkgs/os-specific/linux/procps-ng/default.nix index 9ecc0c5bcb5..afe1a438860 100644 --- a/pkgs/os-specific/linux/procps-ng/default.nix +++ b/pkgs/os-specific/linux/procps-ng/default.nix @@ -1,14 +1,14 @@ -{ stdenv, fetchurl, pkgconfig, ncurses, systemd }: +{ lib, stdenv, fetchurl, ncurses }: -stdenv.mkDerivation rec { - name = "procps-ng-3.3.10"; +stdenv.mkDerivation { + name = "procps-3.3.11"; src = fetchurl { - url = "mirror://sourceforge/procps-ng/${name}.tar.xz"; - sha256 = "013z4rzy3p5m1zp6mmynpblv0c6zlcn91pw4k2vymz2djyc6ybm0"; + url = mirror://sourceforge/procps-ng/procps-ng-3.3.11.tar.xz; + sha256 = "1va4n0mpsq327ca9dqp4hnrpgs6821rp0f2m0jyc1bfjl9lk2jg9"; }; - buildInputs = [ pkgconfig ncurses systemd ]; + buildInputs = [ ncurses ]; makeFlags = "usrbin_execdir=$(out)/bin"; @@ -19,21 +19,13 @@ stdenv.mkDerivation rec { }; # Too red - configureFlags = [ - "--disable-modern-top" - "--enable-watch8bit" - "--with-systemd" - "--enable-skill" - "--enable-oomem" - "--enable-sigwinch" - ]; - - meta = with stdenv.lib; { + configureFlags = [ "--disable-modern-top" ]; + + meta = { homepage = http://sourceforge.net/projects/procps-ng/; description = "Utilities that give information about processes using the /proc filesystem"; priority = 10; # less than coreutils, which also provides "kill" and "uptime" - maintainers = with maintainers; [ wkennington ]; - license = licenses.gpl2; - platforms = platforms.linux; + license = lib.licenses.gpl2; + platforms = lib.platforms.linux; }; } diff --git a/pkgs/os-specific/linux/radeontop/default.nix b/pkgs/os-specific/linux/radeontop/default.nix index 7ec74c895c6..fa529fe71fe 100644 --- a/pkgs/os-specific/linux/radeontop/default.nix +++ b/pkgs/os-specific/linux/radeontop/default.nix @@ -1,17 +1,18 @@ { stdenv, fetchFromGitHub, pkgconfig, gettext, ncurses, libdrm, libpciaccess }: -let version = "v0.8-8-g2499679"; in +let version = "2015-08-06"; in stdenv.mkDerivation { name = "radeontop-${version}"; src = fetchFromGitHub { - sha256 = "112zf6ms0qpmr9h3l4lg5wik5j206mgij0nypba5lnqzksxh2f88"; - rev = "2499679fda60c3f6239886296fd2a74155f45f77"; + sha256 = "01s0j28lk66wb46qymkk1nyk91iv22y3m56z4lqd16yaxmhl0v2f"; + rev = "93c8ff2f07da8d4c204ee4872aed7eec834ff57d"; repo = "radeontop"; owner = "clbr"; }; - buildInputs = [ pkgconfig gettext ncurses libdrm libpciaccess ]; + buildInputs = [ ncurses libdrm libpciaccess ]; + nativeBuildInputs = [ pkgconfig gettext ]; enableParallelBuilding = true; diff --git a/pkgs/os-specific/linux/read-edid/default.nix b/pkgs/os-specific/linux/read-edid/default.nix new file mode 100644 index 00000000000..fdf2c4c9f12 --- /dev/null +++ b/pkgs/os-specific/linux/read-edid/default.nix @@ -0,0 +1,25 @@ +{ stdenv, fetchurl, cmake, libx86 }: + +stdenv.mkDerivation rec { + name = "read-edid-${version}"; + version = "3.0.2"; + + src = fetchurl { + url = "http://www.polypux.org/projects/read-edid/${name}.tar.gz"; + sha256 = "0vqqmwsgh2gchw7qmpqk6idgzcm5rqf2fab84y7gk42v1x2diin7"; + }; + + buildInputs = [ cmake libx86 ]; + + patchPhase = '' + substituteInPlace CMakeLists.txt --replace 'COPYING' 'LICENSE' + ''; + + meta = with stdenv.lib; { + description = "Tool for reading and parsing EDID data from monitors"; + homepage = http://www.polypux.org/projects/read-edid/; + license = licenses.bsd2; # Quoted: "This is an unofficial license. Let's call it BSD-like." + maintainers = [ maintainers.dezgeg ]; + platforms = platforms.linux; + }; +} diff --git a/pkgs/os-specific/linux/reptyr/default.nix b/pkgs/os-specific/linux/reptyr/default.nix index e5e579081f6..99f52dc5aed 100644 --- a/pkgs/os-specific/linux/reptyr/default.nix +++ b/pkgs/os-specific/linux/reptyr/default.nix @@ -1,11 +1,11 @@ { stdenv, fetchurl }: stdenv.mkDerivation rec { - version = "0.5"; + version = "0.6.2"; name = "reptyr-${version}"; src = fetchurl { url = "https://github.com/nelhage/reptyr/archive/reptyr-${version}.tar.gz"; - sha256 = "077cvjjf534nxh7qqisw27a0wa61mdgyik43k50f8v090rggz2xm"; + sha256 = "07pfl0rkgm8m3f3jy8r9l2yvnhf8lgllpsk3mh57mhzdxq8fagf7"; }; makeFlags = ["PREFIX=$(out)"]; meta = { diff --git a/pkgs/os-specific/linux/rtl8812au/default.nix b/pkgs/os-specific/linux/rtl8812au/default.nix new file mode 100644 index 00000000000..a16e102bc08 --- /dev/null +++ b/pkgs/os-specific/linux/rtl8812au/default.nix @@ -0,0 +1,31 @@ +{ stdenv, fetchFromGitHub, kernel }: + +stdenv.mkDerivation rec { + name = "rtl8812au-${kernel.version}-${version}"; + version = "4.2.2-1"; + + src = fetchFromGitHub { + owner = "csssuf"; + repo = "rtl8812au"; + rev = "874906aec694c800bfc29b146737b88dae767832"; + sha256 = "14ifhplawipfd6971mxw76dv3ygwc0n8sbz2l3f0vvkin6x88bsj"; + }; + + patchPhase = '' + substituteInPlace ./Makefile --replace /lib/modules/ "${kernel.dev}/lib/modules/" + substituteInPlace ./Makefile --replace '$(shell uname -r)' "${kernel.modDirVersion}" + substituteInPlace ./Makefile --replace /sbin/depmod # + substituteInPlace ./Makefile --replace '$(MODDESTDIR)' "$out/lib/modules/${kernel.modDirVersion}/kernel/net/wireless/" + ''; + + preInstall = '' + mkdir -p "$out/lib/modules/${kernel.modDirVersion}/kernel/net/wireless/" + ''; + + meta = { + description = "Driver for Realtek 802.11ac, rtl8812au, provides the 8812au mod."; + homepage = "https://github.com/csssuf/rtl8812au"; + license = stdenv.lib.licenses.gpl2; + platforms = [ "x86_64-linux" "i686-linux" ]; + }; +} \ No newline at end of file diff --git a/pkgs/os-specific/linux/s6-linux-utils/default.nix b/pkgs/os-specific/linux/s6-linux-utils/default.nix index 9bccedb0120..faf5106c67e 100644 --- a/pkgs/os-specific/linux/s6-linux-utils/default.nix +++ b/pkgs/os-specific/linux/s6-linux-utils/default.nix @@ -28,6 +28,7 @@ in stdenv.mkDerivation rec { description = "A set of minimalistic Linux-specific system utilities"; platforms = stdenv.lib.platforms.linux; license = stdenv.lib.licenses.isc; + maintainers = with stdenv.lib.maintainers; [ pmahoney ]; }; } diff --git a/pkgs/os-specific/linux/sdparm/default.nix b/pkgs/os-specific/linux/sdparm/default.nix index 3b0f7c694ac..fab13a125c4 100644 --- a/pkgs/os-specific/linux/sdparm/default.nix +++ b/pkgs/os-specific/linux/sdparm/default.nix @@ -11,7 +11,7 @@ stdenv.mkDerivation { meta = with stdenv.lib; { homepage = http://sg.danny.cz/sg/sdparm.html; description = "A utility to access SCSI device parameters"; - license = with licenses; bsd3; + license = licenses.bsd3; maintainers = with maintainers; [ nckx ]; }; } diff --git a/pkgs/os-specific/linux/sepolgen/default.nix b/pkgs/os-specific/linux/sepolgen/default.nix index 812b100699f..4067e5f70e2 100644 --- a/pkgs/os-specific/linux/sepolgen/default.nix +++ b/pkgs/os-specific/linux/sepolgen/default.nix @@ -2,17 +2,19 @@ stdenv.mkDerivation rec { name = "sepolgen-${version}"; - version = "1.2.1"; + version = "1.2.2"; inherit (libsepol) se_release se_url; src = fetchurl { url = "${se_url}/${se_release}/sepolgen-${version}.tar.gz"; - sha256 = "1c41hz4a64mjvbfhgc7c7plydahsc161z0qn46qz2g3bvimj9323"; + sha256 = "09139kspr41zgksayi4dh982p8080lrfl96p4dld51nknbpaigdy"; }; - makeFlags = "PREFIX=$(out) DESTDIR=$(out) PYTHONLIBDIR=lib/${python.libPrefix}/site-packages"; - - buildInputs = [ python ]; + preBuild = '' + makeFlagsArray+=("PREFIX=$out") + makeFlagsArray+=("DESTDIR=$out") + makeFlagsArray+=("PYTHONLIBDIR=lib/${python.libPrefix}/site-packages") + ''; meta = with stdenv.lib; { inherit (libsepol.meta) homepage platforms maintainers; diff --git a/pkgs/os-specific/linux/setools/default.nix b/pkgs/os-specific/linux/setools/default.nix index 63a43b2b5e9..bb17683800f 100644 --- a/pkgs/os-specific/linux/setools/default.nix +++ b/pkgs/os-specific/linux/setools/default.nix @@ -1,28 +1,28 @@ -{ stdenv, fetchurl, fetchpatch, autoreconfHook, pkgconfig, bison, flex +{ stdenv, fetchFromGitHub, autoreconfHook, pkgconfig, bison, flex , python, swig2, tcl, libsepol, libselinux, libxml2, sqlite, bzip2 }: stdenv.mkDerivation rec { - name = "setools-3.3.8"; + name = "setools-2015-02-12"; - src = fetchurl { - url = "http://oss.tresys.com/projects/setools/chrome/site/dists/${name}/${name}.tar.bz2"; - sha256 = "16g987ijaxabc30zyjzia4nafq49rm038y1pm4vca7i3kb67wf24"; + src = fetchFromGitHub { + owner = "TresysTechnology"; + repo = "setools3"; + rev = "f1e5b208d507171968ca4d2eeefd7980f1004a3c"; + sha256 = "02gzy2kpszhr13f0d9qfiwh2hj4201g2x366j53v5n5qz481aykd"; }; - patches = [ ./ftbfs-invalid-operands-of-types.patch ]; + configureFlags = [ + "--disable-gui" + "--with-sepol-devel=${libsepol}" + "--with-selinux-devel=${libselinux}" + "--with-tcl=${tcl}/lib" + ]; - # SWIG-TCL is broken in 3.3.8 - configureFlags = '' - --with-tcl=${tcl}/lib - --with-sepol-devel=${libsepol} - --with-selinux-devel=${libselinux} - --disable-gui - --disable-swig-tcl - ''; + NIX_CFLAGS_COMPILE = "-fstack-protector-all"; + NIX_LDFLAGS = "-L${libsepol}/lib -L${libselinux}/lib"; - buildInputs = [ autoreconfHook pkgconfig bison flex python swig2 ]; - - nativeBuildInputs = [ tcl libsepol libselinux libxml2 sqlite bzip2 ]; + nativeBuildInputs = [ autoreconfHook pkgconfig python swig2 bison flex ]; + buildInputs = [ tcl libxml2 sqlite bzip2 ]; meta = { description = "SELinux Tools"; diff --git a/pkgs/os-specific/linux/setools/ftbfs-invalid-operands-of-types.patch b/pkgs/os-specific/linux/setools/ftbfs-invalid-operands-of-types.patch deleted file mode 100644 index 97a5727f05b..00000000000 --- a/pkgs/os-specific/linux/setools/ftbfs-invalid-operands-of-types.patch +++ /dev/null @@ -1,15 +0,0 @@ -https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=750331 - -Index: setools-git/secmds/replcon.cc -=================================================================== ---- setools-git.orig/secmds/replcon.cc -+++ setools-git/secmds/replcon.cc -@@ -60,7 +60,7 @@ static struct option const longopts[] = - {NULL, 0, NULL, 0} - }; - --extern int lsetfilecon_raw(const char *, security_context_t) __attribute__ ((weak)); -+extern int lsetfilecon_raw(const char *, const char *) __attribute__ ((weak)); - - /** - * As that setools must work with older libselinux versions that may diff --git a/pkgs/os-specific/linux/seturgent/default.nix b/pkgs/os-specific/linux/seturgent/default.nix index ad77a7a1031..4491bb7bf93 100644 --- a/pkgs/os-specific/linux/seturgent/default.nix +++ b/pkgs/os-specific/linux/seturgent/default.nix @@ -1,7 +1,7 @@ { stdenv, fetchurl, libX11, xproto, xdotool, unzip }: stdenv.mkDerivation { - name = "seturgent"; + name = "seturgent-2012-08-17"; src = fetchurl { url = "https://github.com/hiltjo/seturgent/archive/ada70dcb15865391e5cdcab27a0739a304a17e03.zip"; @@ -24,4 +24,4 @@ stdenv.mkDerivation { homepage = https://github.com/hiltjo/seturgent; license = stdenv.lib.licenses.mit; }; -} \ No newline at end of file +} diff --git a/pkgs/os-specific/linux/spl/default.nix b/pkgs/os-specific/linux/spl/default.nix index 1367be74c63..57eaa55b235 100644 --- a/pkgs/os-specific/linux/spl/default.nix +++ b/pkgs/os-specific/linux/spl/default.nix @@ -1,14 +1,66 @@ -{ callPackage, fetchFromGitHub, ... } @ args: +{ fetchFromGitHub, stdenv, autoconf, automake, libtool, coreutils, gawk +, configFile ? "all" -callPackage ./generic.nix (args // rec { - version = "0.6.4"; +# Kernel dependencies +, kernel ? null +}: + +with stdenv.lib; +let + buildKernel = any (n: n == configFile) [ "kernel" "all" ]; + buildUser = any (n: n == configFile) [ "user" "all" ]; +in + +assert any (n: n == configFile) [ "kernel" "user" "all" ]; +assert buildKernel -> kernel != null; + +stdenv.mkDerivation rec { + name = "spl-${configFile}-${version}${optionalString buildKernel "-${kernel.version}"}"; + + version = "0.6.5"; src = fetchFromGitHub { owner = "zfsonlinux"; repo = "spl"; rev = "spl-${version}"; - sha256 = "1jja3aqkm2whb4rcw5k5dr9c4gx6hax1w3f82fb9ks2sy731as6r"; + sha256 = "0ryw2vh3px0q38skm53g83p46011ndrdxi3y2kqvd1pjqgfbjdmj"; }; patches = [ ./const.patch ./install_prefix.patch ]; -}) + + buildInputs = [ autoconf automake libtool ]; + + preConfigure = '' + ./autogen.sh + + substituteInPlace ./module/spl/spl-generic.c --replace /usr/bin/hostid hostid + substituteInPlace ./module/spl/spl-module.c --replace /bin/mknod mknod + + substituteInPlace ./module/spl/spl-generic.c --replace "PATH=/sbin:/usr/sbin:/bin:/usr/bin" "PATH=${coreutils}:${gawk}:/bin" + substituteInPlace ./module/splat/splat-vnode.c --replace "PATH=/sbin:/usr/sbin:/bin:/usr/bin" "PATH=${coreutils}:/bin" + substituteInPlace ./module/splat/splat-linux.c --replace "PATH=/sbin:/usr/sbin:/bin:/usr/bin" "PATH=${coreutils}:/bin" + ''; + + configureFlags = [ + "--with-config=${configFile}" + ] ++ optionals buildKernel [ + "--with-linux=${kernel.dev}/lib/modules/${kernel.modDirVersion}/source" + "--with-linux-obj=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" + ]; + + enableParallelBuilding = true; + + meta = { + description = "Kernel module driver for solaris porting layer (needed by in-kernel zfs)"; + + longDescription = '' + This kernel module is a porting layer for ZFS to work inside the linux + kernel. + ''; + + homepage = http://zfsonlinux.org/; + platforms = platforms.linux; + license = licenses.gpl2Plus; + maintainers = with maintainers; [ jcumming wizeman wkennington ]; + }; +} diff --git a/pkgs/os-specific/linux/spl/generic.nix b/pkgs/os-specific/linux/spl/generic.nix deleted file mode 100644 index c25ff6608e2..00000000000 --- a/pkgs/os-specific/linux/spl/generic.nix +++ /dev/null @@ -1,61 +0,0 @@ -{ stdenv, autoconf, automake, libtool, coreutils, gawk -, configFile ? "all" - -# Kernel dependencies -, kernel ? null - -# Version specific parameters -, version, src, patches -, ... -}: - -with stdenv.lib; -let - buildKernel = any (n: n == configFile) [ "kernel" "all" ]; - buildUser = any (n: n == configFile) [ "user" "all" ]; -in - -assert any (n: n == configFile) [ "kernel" "user" "all" ]; -assert buildKernel -> kernel != null; - -stdenv.mkDerivation rec { - name = "spl-${configFile}-${version}${optionalString buildKernel "-${kernel.version}"}"; - - inherit version src patches; - - buildInputs = [ autoconf automake libtool ]; - - preConfigure = '' - ./autogen.sh - - substituteInPlace ./module/spl/spl-generic.c --replace /usr/bin/hostid hostid - substituteInPlace ./module/spl/spl-module.c --replace /bin/mknod mknod - - substituteInPlace ./module/spl/spl-generic.c --replace "PATH=/sbin:/usr/sbin:/bin:/usr/bin" "PATH=${coreutils}:${gawk}:/bin" - substituteInPlace ./module/splat/splat-vnode.c --replace "PATH=/sbin:/usr/sbin:/bin:/usr/bin" "PATH=${coreutils}:/bin" - substituteInPlace ./module/splat/splat-linux.c --replace "PATH=/sbin:/usr/sbin:/bin:/usr/bin" "PATH=${coreutils}:/bin" - ''; - - configureFlags = [ - "--with-config=${configFile}" - ] ++ optionals buildKernel [ - "--with-linux=${kernel.dev}/lib/modules/${kernel.modDirVersion}/source" - "--with-linux-obj=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" - ]; - - enableParallelBuilding = true; - - meta = { - description = "Kernel module driver for solaris porting layer (needed by in-kernel zfs)"; - - longDescription = '' - This kernel module is a porting layer for ZFS to work inside the linux - kernel. - ''; - - homepage = http://zfsonlinux.org/; - platforms = platforms.linux; - license = licenses.gpl2Plus; - maintainers = with maintainers; [ jcumming wizeman wkennington ]; - }; -} diff --git a/pkgs/os-specific/linux/spl/git.nix b/pkgs/os-specific/linux/spl/git.nix deleted file mode 100644 index 7559562965d..00000000000 --- a/pkgs/os-specific/linux/spl/git.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ callPackage, fetchgit, ... } @ args: - -callPackage ./generic.nix (args // rec { - version = "2015-04-08"; - - src = fetchgit { - url = git://github.com/zfsonlinux/spl.git; - rev = "cd69f020e4b0f9c416dd07a264e48c9488a7633f"; - sha256 = "1fy5zlh8cs65s52vixkp00ihrlrhs2frd6vwxwjqmpzyb7fnh3m8"; - }; - - patches = [ ./const.patch ./install_prefix.patch ]; -}) diff --git a/pkgs/os-specific/linux/statifier/default.nix b/pkgs/os-specific/linux/statifier/default.nix index b4e37a36ff5..dd62d6d9d07 100644 --- a/pkgs/os-specific/linux/statifier/default.nix +++ b/pkgs/os-specific/linux/statifier/default.nix @@ -1,31 +1,25 @@ -a : -let - fetchurl = a.fetchurl; +{ stdenv, fetchurl, gcc_multi, glibc_multi }: + +let version = "1.7.3"; in +stdenv.mkDerivation { + name = "statifier-${version}"; - version = a.lib.attrByPath ["version"] "1.6.15" a; - buildInputs = with a; [ - - ]; -in -rec { src = fetchurl { url = "mirror://sourceforge/statifier/statifier-${version}.tar.gz"; - sha256 = "0lhdbp7hc15nn6r31yxx7i993a5k8926n5r6j2gi2vvkmf1hciqf"; + sha256 = "0jc67kq3clkdwvahpr2bjp2zix4j7z7z8b7bcn1b3g3sybh1cbd6"; }; - inherit buildInputs; - configureFlags = []; + buildInputs = [ gcc_multi glibc_multi ]; - /* doConfigure should be removed if not needed */ - phaseNames = ["fixPaths" "doMakeInstall"]; + phaseNames = [ "patchPhase" "installPhase" ]; - fixPaths = a.fullDepEntry ('' + postPatch = '' sed -e s@/usr/@"$out/"@g -i */Makefile src/statifier - sed -e s@/bin/bash@"$shell"@g -i src/*.sh - '') ["minInit" "doUnpack"]; - - name = "statifier-" + version; - meta = { + sed -e s@/bin/bash@"${stdenv.shell}"@g -i src/*.sh + ''; + + meta = with stdenv.lib; { description = "Tool for creating static Linux binaries"; + platforms = with platforms; linux; }; } diff --git a/pkgs/os-specific/linux/sysdig/default.nix b/pkgs/os-specific/linux/sysdig/default.nix index 5a7d0700004..e2758e7c2b6 100644 --- a/pkgs/os-specific/linux/sysdig/default.nix +++ b/pkgs/os-specific/linux/sysdig/default.nix @@ -1,15 +1,15 @@ -{stdenv, fetchurl, cmake, luajit, kernel, zlib}: +{stdenv, fetchurl, cmake, luajit, kernel, zlib, ncurses}: let inherit (stdenv.lib) optional optionalString; s = rec { baseName="sysdig"; - version = "0.1.99"; + version = "0.1.102"; name="${baseName}-${version}"; url="https://github.com/draios/sysdig/archive/${version}.tar.gz"; - sha256 = "02faw8s07i7jjydqzqfs0r9lc2qmny3sn26741bz0hmazs9h9w76"; + sha256 = "0mrz14wvcb8m8idr4iqbr3jmxfs7dlmh06n0q9fcfph75wkc5fp0"; }; buildInputs = [ - cmake zlib luajit + cmake zlib luajit ncurses ]; in stdenv.mkDerivation { @@ -22,6 +22,7 @@ stdenv.mkDerivation { cmakeFlags = [ "-DUSE_BUNDLED_LUAJIT=OFF" "-DUSE_BUNDLED_ZLIB=OFF" + "-DUSE_BUNDLED_NCURSES=OFF" ] ++ optional (kernel == null) "-DBUILD_DRIVER=OFF"; preConfigure = '' export INSTALL_MOD_PATH="$out" diff --git a/pkgs/os-specific/linux/syslinux/default.nix b/pkgs/os-specific/linux/syslinux/default.nix index 93e5d591a9d..3c01516b081 100644 --- a/pkgs/os-specific/linux/syslinux/default.nix +++ b/pkgs/os-specific/linux/syslinux/default.nix @@ -8,7 +8,8 @@ stdenv.mkDerivation rec { sha256 = "03l5iifwlg1wyb4yh98i0b7pd4j55a1c9y74q1frs47a5dnrilr6"; }; - patches = [ ./perl-deps.patch ]; + # gcc5-fix should be in 6.04+, so remove if it fails to apply. + patches = [ ./perl-deps.patch ./gcc5-fix.patch ]; buildInputs = [ nasm perl libuuid ]; diff --git a/pkgs/os-specific/linux/syslinux/gcc5-fix.patch b/pkgs/os-specific/linux/syslinux/gcc5-fix.patch new file mode 100644 index 00000000000..dc44b188058 --- /dev/null +++ b/pkgs/os-specific/linux/syslinux/gcc5-fix.patch @@ -0,0 +1,26 @@ +diff --git a/com32/include/menu.h b/com32/include/menu.h +index bc0182f..b0251e4 100644 +--- a/com32/include/menu.h ++++ b/com32/include/menu.h +@@ -195,7 +195,7 @@ void local_cursor_enable(bool); + + static inline int my_isspace(char c) + { +- return (unsigned char)c <= ' '; ++ return (unsigned char)c <= ' ' || (unsigned char)c == '\x7f'; + } + + int my_isxdigit(char c); +diff --git a/com32/menu/readconfig.c b/com32/menu/readconfig.c +index b7814be..a433fad 100644 +--- a/com32/menu/readconfig.c ++++ b/com32/menu/readconfig.c +@@ -299,7 +299,7 @@ static char *copy_sysappend_string(char *dst, const char *src) + char c; + + while ((c = *src++)) { +- if (c <= ' ' && c == '\x7f') { ++ if (my_isspace(c)) { + if (!was_space) + *dst++ = '_'; + was_space = true; diff --git a/pkgs/os-specific/linux/sysstat/default.nix b/pkgs/os-specific/linux/sysstat/default.nix index 28d6f0b21a8..6544210b206 100644 --- a/pkgs/os-specific/linux/sysstat/default.nix +++ b/pkgs/os-specific/linux/sysstat/default.nix @@ -1,10 +1,11 @@ { stdenv, fetchurl, gettext, bzip2 }: + stdenv.mkDerivation rec { - name = "sysstat-11.0.2"; + name = "sysstat-11.0.7"; src = fetchurl { url = "http://perso.orange.fr/sebastien.godard/${name}.tar.xz"; - sha256 = "15hv3ylr5i6nrrdhyjnp4xld51gpv0cn3hjgy6068ybwpvgpzn5c"; + sha256 = "12j55rdx1hyhsc5qm0anx9h9siaa58lhh9dchp40q4ag2wxamp1r"; }; buildInputs = [ gettext ]; diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index d61a242ed4d..92630fbd9c6 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -1,7 +1,8 @@ -{ stdenv, fetchurl, pkgconfig, intltool, gperf, libcap, dbus, kmod +{ stdenv, fetchFromGitHub, pkgconfig, intltool, gperf, libcap, dbus, kmod , zlib, xz, pam, acl, cryptsetup, libuuid, m4, utillinux, libffi , glib, kbd, libxslt, coreutils, libgcrypt -, kexectools, libmicrohttpd, linuxHeaders +, kexectools, libmicrohttpd, linuxHeaders, libseccomp +, autoreconfHook, gettext, docbook_xsl, docbook_xml_dtd_42, docbook_xml_dtd_45 , pythonPackages ? null, pythonSupport ? false }: @@ -10,12 +11,14 @@ assert stdenv.isLinux; assert pythonSupport -> pythonPackages != null; stdenv.mkDerivation rec { - version = "217"; + version = "226"; name = "systemd-${version}"; - src = fetchurl { - url = "http://www.freedesktop.org/software/systemd/${name}.tar.xz"; - sha256 = "163l1y4p2a564d4ynfq3k3xf53j2v5s81blb6cvpn1y7rpxyccd0"; + src = fetchFromGitHub { + owner = "NixOS"; + repo = "systemd"; + rev = "16d61e9657b643cc25ff0538688eb870ce2dd4a5"; + sha256 = "07sc1x43j60d5jnps0d7bfka10fihnpgkdrfrh9iskgmc9qangjb"; }; outputs = [ "out" "libudev" "doc" ]; # TODO: "dev" @@ -23,16 +26,14 @@ stdenv.mkDerivation rec { outputDev = "out"; propagatedOutputs = "libudev"; - patches = - [ # These are all changes between upstream and - # https://github.com/edolstra/systemd/tree/nixos-v217. - ./fixes.patch - ]; - buildInputs = - [ pkgconfig intltool gperf libcap kmod xz pam acl + [ linuxHeaders pkgconfig intltool gperf libcap kmod xz pam acl /* cryptsetup */ libuuid m4 glib libxslt libgcrypt - libmicrohttpd linuxHeaders libffi + libmicrohttpd kexectools libseccomp libffi + /* FIXME: we may be able to prevent the following dependencies + by generating an autoconf'd tarball, but that's probably not + worth it. */ + autoreconfHook gettext docbook_xsl docbook_xml_dtd_42 docbook_xml_dtd_45 ] ++ stdenv.lib.optionals pythonSupport [pythonPackages.python pythonPackages.lxml]; @@ -43,11 +44,9 @@ stdenv.mkDerivation rec { "--with-kbd-loadkeys=${kbd}/bin/loadkeys" "--with-kbd-setfont=${kbd}/bin/setfont" "--with-rootprefix=$(out)" - "--with-dbusinterfacedir=$(out)/share/dbus-1/interfaces" "--with-dbuspolicydir=$(out)/etc/dbus-1/system.d" "--with-dbussystemservicedir=$(out)/share/dbus-1/system-services" "--with-dbussessionservicedir=$(out)/share/dbus-1/services" - "--with-firmware-path=/root/test-firmware:/run/current-system/firmware" "--with-tty-gid=3" # tty in NixOS has gid 3 "--enable-compat-libs" # get rid of this eventually "--disable-tests" @@ -57,11 +56,15 @@ stdenv.mkDerivation rec { "--disable-sysusers" "--disable-timedated" "--enable-timesyncd" - "--disable-readahead" "--disable-firstboot" "--disable-localed" "--enable-resolved" "--disable-split-usr" + "--disable-libcurl" + "--disable-libidn" + "--disable-quotacheck" + "--disable-ldconfig" + "--disable-smack" "--with-sysvinit-path=" "--with-sysvrcnd-path=" @@ -70,9 +73,10 @@ stdenv.mkDerivation rec { preConfigure = '' + ./autogen.sh + # FIXME: patch this in systemd properly (and send upstream). - # FIXME: use sulogin from util-linux once updated. - for i in src/remount-fs/remount-fs.c src/core/mount.c src/core/swap.c src/fsck/fsck.c units/emergency.service.in units/rescue.service.m4.in src/journal/cat.c src/core/shutdown.c src/nspawn/nspawn.c; do + for i in src/remount-fs/remount-fs.c src/core/mount.c src/core/swap.c src/fsck/fsck.c units/emergency.service.in units/rescue.service.in src/journal/cat.c src/core/shutdown.c src/nspawn/nspawn.c src/shared/generator.c; do test -e $i substituteInPlace $i \ --replace /usr/bin/getent ${stdenv.glibc.bin}/bin/getent \ @@ -84,13 +88,15 @@ stdenv.mkDerivation rec { --replace /bin/echo ${coreutils}/bin/echo \ --replace /bin/cat ${coreutils}/bin/cat \ --replace /sbin/sulogin ${utillinux}/sbin/sulogin \ - --replace /sbin/kexec ${kexectools}/sbin/kexec + --replace /usr/lib/systemd/systemd-fsck $out/lib/systemd/systemd-fsck done substituteInPlace src/journal/catalog.c \ --replace /usr/lib/systemd/catalog/ $out/lib/systemd/catalog/ export NIX_CFLAGS_LINK+=" -Wl,-rpath,$libudev/lib" + + configureFlagsArray+=("--with-ntp-servers=0.nixos.pool.ntp.org 1.nixos.pool.ntp.org 2.nixos.pool.ntp.org 3.nixos.pool.ntp.org") ''; makeFlags = [ @@ -100,9 +106,6 @@ stdenv.mkDerivation rec { "udevhwdbdir=$(out)/lib/udev/hwdb.d" ]; - # This is needed because systemd uses the gold linker, which doesn't - # yet have the wrapper script to add rpath flags automatically. - NIX_LDFLAGS = "-rpath ${pam.out}/lib -rpath ${libcap.out}/lib -rpath ${acl.out}/lib -rpath ${stdenv.cc.cc.lib}/lib"; PYTHON_BINARY = "${coreutils}/bin/env python"; # don't want a build time dependency on Python @@ -157,6 +160,13 @@ stdenv.mkDerivation rec { rm -rf $out/etc/rpm + rm $out/lib/*.la + + rm -rf $out/share/doc + + # "kernel-install" shouldn't be used on NixOS. + find $out -name "*kernel-install*" -exec rm {} \; + # Move lib(g)udev to a separate output. TODO: maybe split them up # to avoid libudev pulling glib mkdir -p "$libudev/lib" diff --git a/pkgs/os-specific/linux/systemd/fixes.patch b/pkgs/os-specific/linux/systemd/fixes.patch deleted file mode 100644 index c1c768dbacb..00000000000 --- a/pkgs/os-specific/linux/systemd/fixes.patch +++ /dev/null @@ -1,1177 +0,0 @@ -diff --git a/rules/99-systemd.rules.in b/rules/99-systemd.rules.in -index e30d9a8..a3d399b 100644 ---- a/rules/99-systemd.rules.in -+++ b/rules/99-systemd.rules.in -@@ -14,10 +14,6 @@ KERNEL=="vport*", TAG+="systemd" - SUBSYSTEM=="block", KERNEL!="ram*", TAG+="systemd" - SUBSYSTEM=="block", KERNEL!="ram*", ENV{DM_UDEV_DISABLE_OTHER_RULES_FLAG}=="1", ENV{SYSTEMD_READY}="0" - --# Ignore encrypted devices with no identified superblock on it, since --# we are probably still calling mke2fs or mkswap on it. --SUBSYSTEM=="block", KERNEL!="ram*", ENV{DM_UUID}=="CRYPT-*", ENV{ID_PART_TABLE_TYPE}=="", ENV{ID_FS_USAGE}=="", ENV{SYSTEMD_READY}="0" -- - # Ignore raid devices that are not yet assembled and started - SUBSYSTEM=="block", ENV{DEVTYPE}=="disk", KERNEL=="md*", TEST!="md/array_state", ENV{SYSTEMD_READY}="0" - SUBSYSTEM=="block", ENV{DEVTYPE}=="disk", KERNEL=="md*", ATTR{md/array_state}=="|clear|inactive", ENV{SYSTEMD_READY}="0" -diff --git a/src/core/job.c b/src/core/job.c -index eaa4bb1..db44fee 100644 ---- a/src/core/job.c -+++ b/src/core/job.c -@@ -352,6 +352,9 @@ bool job_type_is_redundant(JobType a, UnitActiveState b) { - return - b == UNIT_ACTIVATING; - -+ case JOB_NOP: -+ return true; -+ - default: - assert_not_reached("Invalid job type"); - } -diff --git a/src/core/job.h b/src/core/job.h -index 1e7c61b..ee8e54a 100644 ---- a/src/core/job.h -+++ b/src/core/job.h -@@ -49,9 +49,11 @@ enum JobType { - _JOB_TYPE_MAX_MERGING, - - /* JOB_NOP can enter into a transaction, but as it won't pull in -- * any dependencies, it won't have to merge with anything. -- * job_install() avoids the problem of merging JOB_NOP too (it's -- * special-cased, only merges with other JOB_NOPs). */ -+ * any dependencies and it uses the special 'nop_job' slot in Unit, -+ * it won't have to merge with anything (except possibly into another -+ * JOB_NOP, previously installed). JOB_NOP is special-cased in -+ * job_type_is_*() functions so that the transaction can be -+ * activated. */ - JOB_NOP = _JOB_TYPE_MAX_MERGING, /* do nothing */ - - _JOB_TYPE_MAX_IN_TRANSACTION, -@@ -190,11 +192,15 @@ _pure_ static inline bool job_type_is_mergeable(JobType a, JobType b) { - } - - _pure_ static inline bool job_type_is_conflicting(JobType a, JobType b) { -- return !job_type_is_mergeable(a, b); -+ return a != JOB_NOP && b != JOB_NOP && !job_type_is_mergeable(a, b); - } - - _pure_ static inline bool job_type_is_superset(JobType a, JobType b) { - /* Checks whether operation a is a "superset" of b in its actions */ -+ if (b == JOB_NOP) -+ return true; -+ if (a == JOB_NOP) -+ return false; - return a == job_type_lookup_merge(a, b); - } - -diff --git a/src/core/manager.c b/src/core/manager.c -index d427d88..256d6f7 100644 ---- a/src/core/manager.c -+++ b/src/core/manager.c -@@ -662,9 +662,11 @@ static int manager_setup_notify(Manager *m) { - return -errno; - } - -- if (m->running_as == SYSTEMD_SYSTEM) -+ if (m->running_as == SYSTEMD_SYSTEM) { - m->notify_socket = strdup("/run/systemd/notify"); -- else { -+ if (!m->notify_socket) -+ return log_oom(); -+ } else { - const char *e; - - e = getenv("XDG_RUNTIME_DIR"); -@@ -674,9 +676,11 @@ static int manager_setup_notify(Manager *m) { - } - - m->notify_socket = strappend(e, "/systemd/notify"); -+ if (!m->notify_socket) -+ return log_oom(); -+ -+ mkdir_parents_label(m->notify_socket, 0755); - } -- if (!m->notify_socket) -- return log_oom(); - - strncpy(sa.un.sun_path, m->notify_socket, sizeof(sa.un.sun_path)-1); - r = bind(fd, &sa.sa, offsetof(struct sockaddr_un, sun_path) + strlen(sa.un.sun_path)); -diff --git a/src/core/shutdown.c b/src/core/shutdown.c -index 20cf526..03cfddc 100644 ---- a/src/core/shutdown.c -+++ b/src/core/shutdown.c -@@ -75,7 +75,9 @@ static int parse_argv(int argc, char *argv[]) { - assert(argc >= 1); - assert(argv); - -- while ((c = getopt_long(argc, argv, "", options, NULL)) >= 0) -+ /* "-" prevents getopt from permuting argv[] and moving the verb away -+ * from argv[1]. Our interface to initrd promises it'll be there. */ -+ while ((c = getopt_long(argc, argv, "-", options, NULL)) >= 0) - switch (c) { - - case ARG_LOG_LEVEL: -@@ -113,6 +115,13 @@ static int parse_argv(int argc, char *argv[]) { - - break; - -+ case '\001': -+ if (!arg_verb) -+ arg_verb = optarg; -+ else -+ log_error("Excess arguments, ignoring"); -+ break; -+ - case '?': - return -EINVAL; - -@@ -120,15 +129,11 @@ static int parse_argv(int argc, char *argv[]) { - assert_not_reached("Unhandled option code."); - } - -- if (optind >= argc) { -+ if (!arg_verb) { - log_error("Verb argument missing."); - return -EINVAL; - } - -- arg_verb = argv[optind]; -- -- if (optind + 1 < argc) -- log_error("Excess arguments, ignoring"); - return 0; - } - -diff --git a/src/core/snapshot.c b/src/core/snapshot.c -index 5eed615..c2678cb 100644 ---- a/src/core/snapshot.c -+++ b/src/core/snapshot.c -@@ -208,7 +208,7 @@ int snapshot_create(Manager *m, const char *name, bool cleanup, sd_bus_error *e, - return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Unit name %s lacks snapshot suffix.", name); - - if (manager_get_unit(m, name)) -- sd_bus_error_setf(e, BUS_ERROR_UNIT_EXISTS, "Snapshot %s exists already.", name); -+ return sd_bus_error_setf(e, BUS_ERROR_UNIT_EXISTS, "Snapshot %s exists already.", name); - - } else { - -diff --git a/src/core/systemd.pc.in b/src/core/systemd.pc.in -index d5b86bf..9c66e7b 100644 ---- a/src/core/systemd.pc.in -+++ b/src/core/systemd.pc.in -@@ -14,8 +14,8 @@ systemduserunitdir=@userunitdir@ - systemduserpresetdir=@userpresetdir@ - systemdsystemconfdir=@pkgsysconfdir@/system - systemduserconfdir=@pkgsysconfdir@/user --systemdsystemunitpath=${systemdsystemconfdir}:/etc/systemd/system:/run/systemd/system:/usr/local/lib/systemd/system:${systemdsystemunitdir}:/usr/lib/systemd/system:/lib/systemd/system --systemduserunitpath=${systemduserconfdir}:/etc/systemd/user:/run/systemd/user:/usr/local/lib/systemd/user:/usr/local/share/systemd/user:${systemduserunitdir}:/usr/lib/systemd/user:/usr/share/systemd/user -+systemdsystemunitpath=${systemdsystemconfdir}:/etc/systemd/system:/etc/systemd-mutable/system:/nix/var/nix/profiles/default/lib/systemd/user:/run/systemd/system:${systemdsystemunitdir} -+systemduserunitpath=${systemduserconfdir}:/etc/systemd/user:/etc/systemd-mutable/user:/nix/var/nix/profiles/default/lib/systemd/system:/run/systemd/user:${systemduserunitdir} - systemdsystemgeneratordir=@systemgeneratordir@ - systemdusergeneratordir=@usergeneratordir@ - systemdsleepdir=@systemsleepdir@ -diff --git a/src/core/timer.c b/src/core/timer.c -index a3713e2..5c4e9f9 100644 ---- a/src/core/timer.c -+++ b/src/core/timer.c -@@ -521,6 +521,7 @@ fail: - - static int timer_start(Unit *u) { - Timer *t = TIMER(u); -+ TimerValue *v; - - assert(t); - assert(t->state == TIMER_DEAD || t->state == TIMER_FAILED); -@@ -530,6 +531,11 @@ static int timer_start(Unit *u) { - - t->last_trigger = DUAL_TIMESTAMP_NULL; - -+ /* Reenable all timers that depend on unit activation time */ -+ LIST_FOREACH(value, v, t->values) -+ if (v->base == TIMER_ACTIVE) -+ v->disabled = false; -+ - if (t->stamp_path) { - struct stat st; - -diff --git a/src/core/umount.c b/src/core/umount.c -index cffa453..4d1a9ff 100644 ---- a/src/core/umount.c -+++ b/src/core/umount.c -@@ -385,6 +385,8 @@ static int mount_points_list_umount(MountPoint **head, bool *changed, bool log_e - * anyway, since we are running from it. They have - * already been remounted ro. */ - if (path_equal(m->path, "/") -+ || path_equal(m->path, "/nix") -+ || path_equal(m->path, "/nix/store") - #ifndef HAVE_SPLIT_USR - || path_equal(m->path, "/usr") - #endif -diff --git a/src/delta/delta.c b/src/delta/delta.c -index 25c4a0b..e1f2d6d 100644 ---- a/src/delta/delta.c -+++ b/src/delta/delta.c -@@ -487,7 +487,7 @@ static int parse_flags(const char *flag_str, int flags) { - const char *word, *state; - size_t l; - -- FOREACH_WORD(word, l, flag_str, state) { -+ FOREACH_WORD_SEPARATOR(word, l, flag_str, ",", state) { - if (strneq("masked", word, l)) - flags |= SHOW_MASKED; - else if (strneq ("equivalent", word, l)) -diff --git a/src/fsck/fsck.c b/src/fsck/fsck.c -index 70a5918..1926e52 100644 ---- a/src/fsck/fsck.c -+++ b/src/fsck/fsck.c -@@ -315,8 +315,7 @@ int main(int argc, char *argv[]) { - return EXIT_FAILURE; - } - -- cmdline[i++] = "/sbin/fsck"; -- cmdline[i++] = arg_repair; -+ cmdline[i++] = "/run/current-system/sw/bin/fsck"; - cmdline[i++] = "-T"; - - /* -diff --git a/src/fstab-generator/fstab-generator.c b/src/fstab-generator/fstab-generator.c -index e257c12..1e04553 100644 ---- a/src/fstab-generator/fstab-generator.c -+++ b/src/fstab-generator/fstab-generator.c -@@ -485,7 +485,7 @@ static int add_usr_mount(void) { - return log_oom(); - } - -- if (!arg_usr_what || !arg_usr_options) -+ if (!arg_usr_what) - return 0; - - what = fstab_node_to_udev_node(arg_usr_what); -@@ -494,7 +494,13 @@ static int add_usr_mount(void) { - return -1; - } - -- opts = arg_usr_options; -+ if (!arg_usr_options) -+ opts = arg_root_rw > 0 ? "rw" : "ro"; -+ else if (!mount_test_option(arg_usr_options, "ro") && -+ !mount_test_option(arg_usr_options, "rw")) -+ opts = strappenda(arg_usr_options, ",", arg_root_rw > 0 ? "rw" : "ro"); -+ else -+ opts = arg_usr_options; - - log_debug("Found entry what=%s where=/sysroot/usr type=%s", what, strna(arg_usr_fstype)); - return add_mount(what, -diff --git a/src/hostname/hostnamectl.c b/src/hostname/hostnamectl.c -index e487369..ff4e9c9 100644 ---- a/src/hostname/hostnamectl.c -+++ b/src/hostname/hostnamectl.c -@@ -536,5 +536,5 @@ int main(int argc, char *argv[]) { - r = hostnamectl_main(bus, argc, argv); - - finish: -- return r < 0 ? EXIT_FAILURE : r; -+ return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS; - } -diff --git a/src/journal/journal-file.c b/src/journal/journal-file.c -index 8a2c0fc..9de3ddd 100644 ---- a/src/journal/journal-file.c -+++ b/src/journal/journal-file.c -@@ -1657,7 +1657,7 @@ static int generic_array_bisect( - } - } - -- if (k > n) { -+ if (k >= n) { - if (direction == DIRECTION_UP) { - i = n; - subtract_one = true; -diff --git a/src/journal/journalctl.c b/src/journal/journalctl.c -index f50faf4..03579fd 100644 ---- a/src/journal/journalctl.c -+++ b/src/journal/journalctl.c -@@ -682,7 +682,7 @@ static int parse_argv(int argc, char *argv[]) { - assert_not_reached("Unhandled option"); - } - -- if (arg_follow && !arg_no_tail && arg_lines == ARG_LINES_DEFAULT) -+ if (arg_follow && !arg_no_tail && !arg_since && arg_lines == ARG_LINES_DEFAULT) - arg_lines = 10; - - if (!!arg_directory + !!arg_file + !!arg_machine > 1) { -diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c -index 12735c4..08b143b 100644 ---- a/src/journal/journald-server.c -+++ b/src/journal/journald-server.c -@@ -1655,6 +1655,7 @@ void server_done(Server *s) { - free(s->buffer); - free(s->tty_path); - free(s->cgroup_root); -+ free(s->hostname_field); - - if (s->mmap) - mmap_cache_unref(s->mmap); -diff --git a/src/libsystemd-network/network-internal.c b/src/libsystemd-network/network-internal.c -index 372f3ed..d56ee51 100644 ---- a/src/libsystemd-network/network-internal.c -+++ b/src/libsystemd-network/network-internal.c -@@ -392,10 +392,12 @@ void serialize_dhcp_routes(FILE *f, const char *key, struct sd_dhcp_route *route - - fprintf(f, "%s=", key); - -- for (i = 0; i < size; i++) -- fprintf(f, "%s/%" PRIu8 ",%s%s", inet_ntoa(routes[i].dst_addr), -- routes[i].dst_prefixlen, inet_ntoa(routes[i].gw_addr), -+ for (i = 0; i < size; i++) { -+ fprintf(f, "%s/%" PRIu8, inet_ntoa(routes[i].dst_addr), -+ routes[i].dst_prefixlen); -+ fprintf(f, ",%s%s", inet_ntoa(routes[i].gw_addr), - (i < (size - 1)) ? " ": ""); -+ } - - fputs("\n", f); - } -diff --git a/src/libsystemd-network/sd-dhcp-client.c b/src/libsystemd-network/sd-dhcp-client.c -index 0eba4c3..9986b52 100644 ---- a/src/libsystemd-network/sd-dhcp-client.c -+++ b/src/libsystemd-network/sd-dhcp-client.c -@@ -68,7 +68,6 @@ struct sd_dhcp_client { - uint32_t mtu; - uint32_t xid; - usec_t start_time; -- uint16_t secs; - unsigned int attempt; - usec_t request_sent; - sd_event_source *timeout_t1; -@@ -321,10 +320,12 @@ static int client_message_init(sd_dhcp_client *client, DHCPPacket **ret, - _cleanup_free_ DHCPPacket *packet; - size_t optlen, optoffset, size; - be16_t max_size; -+ usec_t time_now; -+ uint16_t secs; - int r; - - assert(client); -- assert(client->secs); -+ assert(client->start_time); - assert(ret); - assert(_optlen); - assert(_optoffset); -@@ -344,7 +345,15 @@ static int client_message_init(sd_dhcp_client *client, DHCPPacket **ret, - - /* Although 'secs' field is a SHOULD in RFC 2131, certain DHCP servers - refuse to issue an DHCP lease if 'secs' is set to zero */ -- packet->dhcp.secs = htobe16(client->secs); -+ r = sd_event_now(client->event, clock_boottime_or_monotonic(), &time_now); -+ if (r < 0) -+ return r; -+ assert(time_now >= client->start_time); -+ -+ /* seconds between sending first and last DISCOVER -+ * must always be strictly positive to deal with broken servers */ -+ secs = ((time_now - client->start_time) / USEC_PER_SEC) ? : 1; -+ packet->dhcp.secs = htobe16(secs); - - /* RFC2132 section 4.1 - A client that cannot receive unicast IP datagrams until its protocol -@@ -441,24 +450,12 @@ static int dhcp_client_send_raw(sd_dhcp_client *client, DHCPPacket *packet, - static int client_send_discover(sd_dhcp_client *client) { - _cleanup_free_ DHCPPacket *discover = NULL; - size_t optoffset, optlen; -- usec_t time_now; - int r; - - assert(client); - assert(client->state == DHCP_STATE_INIT || - client->state == DHCP_STATE_SELECTING); - -- /* See RFC2131 section 4.4.1 */ -- -- r = sd_event_now(client->event, clock_boottime_or_monotonic(), &time_now); -- if (r < 0) -- return r; -- assert(time_now >= client->start_time); -- -- /* seconds between sending first and last DISCOVER -- * must always be strictly positive to deal with broken servers */ -- client->secs = ((time_now - client->start_time) / USEC_PER_SEC) ? : 1; -- - r = client_message_init(client, &discover, DHCP_DISCOVER, - &optlen, &optoffset); - if (r < 0) -@@ -875,10 +872,8 @@ static int client_start(sd_dhcp_client *client) { - } - client->fd = r; - -- if (client->state == DHCP_STATE_INIT) { -+ if (client->state == DHCP_STATE_INIT || client->state == DHCP_STATE_INIT_REBOOT) - client->start_time = now(clock_boottime_or_monotonic()); -- client->secs = 0; -- } - - return client_initialize_events(client, client_receive_message_raw); - } -@@ -1269,6 +1264,9 @@ static int client_handle_message(sd_dhcp_client *client, DHCPMessage *message, - if (r >= 0) { - client->timeout_resend = - sd_event_source_unref(client->timeout_resend); -+ client->receive_message = -+ sd_event_source_unref(client->receive_message); -+ client->fd = asynchronous_close(client->fd); - - if (IN_SET(client->state, DHCP_STATE_REQUESTING, - DHCP_STATE_REBOOTING)) -diff --git a/src/libsystemd-network/sd-dhcp-lease.c b/src/libsystemd-network/sd-dhcp-lease.c -index 4fb01c0..b7c9a07 100644 ---- a/src/libsystemd-network/sd-dhcp-lease.c -+++ b/src/libsystemd-network/sd-dhcp-lease.c -@@ -50,7 +50,7 @@ int sd_dhcp_lease_get_address(sd_dhcp_lease *lease, struct in_addr *addr) { - - int sd_dhcp_lease_get_lifetime(sd_dhcp_lease *lease, uint32_t *lifetime) { - assert_return(lease, -EINVAL); -- assert_return(lease, -EINVAL); -+ assert_return(lifetime, -EINVAL); - - *lifetime = lease->lifetime; - -diff --git a/src/libsystemd-network/sd-dhcp6-client.c b/src/libsystemd-network/sd-dhcp6-client.c -index fa4f9b5..dbec1a2 100644 ---- a/src/libsystemd-network/sd-dhcp6-client.c -+++ b/src/libsystemd-network/sd-dhcp6-client.c -@@ -200,19 +200,19 @@ int sd_dhcp6_client_set_duid(sd_dhcp6_client *client, uint16_t type, uint8_t *du - - switch (type) { - case DHCP6_DUID_LLT: -- if (duid_len <= sizeof(client->duid.llt)) -+ if (duid_len <= sizeof(client->duid.llt) - 2) - return -EINVAL; - break; - case DHCP6_DUID_EN: -- if (duid_len != sizeof(client->duid.en)) -+ if (duid_len != sizeof(client->duid.en) - 2) - return -EINVAL; - break; - case DHCP6_DUID_LL: -- if (duid_len <= sizeof(client->duid.ll)) -+ if (duid_len <= sizeof(client->duid.ll) - 2) - return -EINVAL; - break; - case DHCP6_DUID_UUID: -- if (duid_len != sizeof(client->duid.uuid)) -+ if (duid_len != sizeof(client->duid.uuid) - 2) - return -EINVAL; - break; - default: -@@ -222,7 +222,7 @@ int sd_dhcp6_client_set_duid(sd_dhcp6_client *client, uint16_t type, uint8_t *du - - client->duid.raw.type = htobe16(type); - memcpy(&client->duid.raw.data, duid, duid_len); -- client->duid_len = duid_len; -+ client->duid_len = duid_len + 2; /* +2 for sizeof(type) */ - - return 0; - } -diff --git a/src/libsystemd/sd-bus/bus-match.c b/src/libsystemd/sd-bus/bus-match.c -index 18afe0f..5658c61 100644 ---- a/src/libsystemd/sd-bus/bus-match.c -+++ b/src/libsystemd/sd-bus/bus-match.c -@@ -537,7 +537,7 @@ static int bus_match_find_compare_value( - else if (BUS_MATCH_CAN_HASH(t)) - n = hashmap_get(c->compare.children, value_str); - else { -- for (n = c->child; !value_node_same(n, t, value_u8, value_str); n = n->next) -+ for (n = c->child; n && !value_node_same(n, t, value_u8, value_str); n = n->next) - ; - } - -diff --git a/src/libsystemd/sd-bus/bus-objects.c b/src/libsystemd/sd-bus/bus-objects.c -index 0ab1119..6c3230a 100644 ---- a/src/libsystemd/sd-bus/bus-objects.c -+++ b/src/libsystemd/sd-bus/bus-objects.c -@@ -617,6 +617,9 @@ static int property_get_set_callbacks_run( - return r; - - } else { -+ const char *signature = NULL; -+ char type = 0; -+ - if (c->vtable->type != _SD_BUS_VTABLE_WRITABLE_PROPERTY) - return sd_bus_reply_method_errorf(m, SD_BUS_ERROR_PROPERTY_READ_ONLY, "Property '%s' is not writable.", c->member); - -@@ -628,6 +631,13 @@ static int property_get_set_callbacks_run( - - c->last_iteration = bus->iteration_counter; - -+ r = sd_bus_message_peek_type(m, &type, &signature); -+ if (r < 0) -+ return r; -+ -+ if (type != 'v' || !streq(strempty(signature), strempty(c->vtable->x.property.signature))) -+ return sd_bus_reply_method_errorf(m, SD_BUS_ERROR_INVALID_ARGS, "Incorrect parameters for property '%s', expected '%s', got '%s'.", c->member, strempty(c->vtable->x.property.signature), strempty(signature)); -+ - r = sd_bus_message_enter_container(m, 'v', c->vtable->x.property.signature); - if (r < 0) - return r; -diff --git a/src/libsystemd/sd-rtnl/rtnl-message.c b/src/libsystemd/sd-rtnl/rtnl-message.c -index b501a52..740133a 100644 ---- a/src/libsystemd/sd-rtnl/rtnl-message.c -+++ b/src/libsystemd/sd-rtnl/rtnl-message.c -@@ -36,6 +36,8 @@ - #define GET_CONTAINER(m, i) ((i) < (m)->n_containers ? (struct rtattr*)((uint8_t*)(m)->hdr + (m)->container_offsets[i]) : NULL) - #define PUSH_CONTAINER(m, new) (m)->container_offsets[(m)->n_containers ++] = (uint8_t*)(new) - (uint8_t*)(m)->hdr; - -+#define RTA_TYPE(rta) ((rta)->rta_type & NLA_TYPE_MASK) -+ - static int message_new_empty(sd_rtnl *rtnl, sd_rtnl_message **ret) { - sd_rtnl_message *m; - -@@ -566,8 +568,8 @@ int sd_rtnl_message_append_string(sd_rtnl_message *m, unsigned short type, const - size = (size_t)r; - - if (size) { -- length = strnlen(data, size); -- if (length >= size) -+ length = strnlen(data, size+1); -+ if (length > size) - return -EINVAL; - } else - length = strlen(data); -@@ -1066,7 +1068,7 @@ int rtnl_message_parse(sd_rtnl_message *m, - *rta_tb_size = max + 1; - - for (; RTA_OK(rta, rt_len); rta = RTA_NEXT(rta, rt_len)) { -- type = rta->rta_type; -+ type = RTA_TYPE(rta); - - /* if the kernel is newer than the headers we used - when building, we ignore out-of-range attributes -@@ -1222,7 +1224,7 @@ int socket_read_message(sd_rtnl *rtnl) { - } - } - -- for (new_msg = rtnl->rbuffer; NLMSG_OK(new_msg, len); new_msg = NLMSG_NEXT(new_msg, len)) { -+ for (new_msg = rtnl->rbuffer; NLMSG_OK(new_msg, len) && !done; new_msg = NLMSG_NEXT(new_msg, len)) { - _cleanup_rtnl_message_unref_ sd_rtnl_message *m = NULL; - const NLType *nl_type; - -@@ -1237,7 +1239,8 @@ int socket_read_message(sd_rtnl *rtnl) { - if (new_msg->nlmsg_type == NLMSG_DONE) { - /* finished reading multi-part message */ - done = true; -- break; -+ -+ continue; - } - - /* check that we support this message type */ -diff --git a/src/libudev/libudev-device.c b/src/libudev/libudev-device.c -index 2699374..e2afcb8 100644 ---- a/src/libudev/libudev-device.c -+++ b/src/libudev/libudev-device.c -@@ -730,8 +730,13 @@ _public_ struct udev_device *udev_device_new_from_syspath(struct udev *udev, con - return NULL; - } else { - /* everything else just needs to be a directory */ -- if (stat(path, &statbuf) != 0 || !S_ISDIR(statbuf.st_mode)) -+ if (stat(path, &statbuf) != 0) - return NULL; -+ -+ if (!S_ISDIR(statbuf.st_mode)) { -+ errno = EISDIR; -+ return NULL; -+ } - } - - udev_device = udev_device_new(udev); -diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c -index b6d9bc6..759794f 100644 ---- a/src/nspawn/nspawn.c -+++ b/src/nspawn/nspawn.c -@@ -758,7 +758,7 @@ static int mount_binds(const char *dest, char **l, bool ro) { - * and char devices. */ - if (S_ISDIR(source_st.st_mode)) { - r = mkdir_label(where, 0755); -- if (r < 0) { -+ if (r < 0 && errno != EEXIST) { - log_error("Failed to create mount point %s: %s", where, strerror(-r)); - - return r; -@@ -818,7 +818,7 @@ static int mount_tmpfs(const char *dest) { - return log_oom(); - - r = mkdir_label(where, 0755); -- if (r < 0) { -+ if (r < 0 && errno != EEXIST) { - log_error("creating mount point for tmpfs %s failed: %s", where, strerror(-r)); - - return r; -@@ -3073,6 +3073,7 @@ int main(int argc, char *argv[]) { - goto finish; - } - } else { -+#if 0 - const char *p; - - p = strappenda(arg_directory, -@@ -3082,6 +3083,7 @@ int main(int argc, char *argv[]) { - goto finish; - - } -+#endif - } - } else { - char template[] = "/tmp/nspawn-root-XXXXXX"; -diff --git a/src/resolve/resolved-dns-packet.c b/src/resolve/resolved-dns-packet.c -index 7375f77..ec8efcc 100644 ---- a/src/resolve/resolved-dns-packet.c -+++ b/src/resolve/resolved-dns-packet.c -@@ -866,7 +866,7 @@ fail: - - int dns_packet_read_name(DnsPacket *p, char **_ret, - bool allow_compression, size_t *start) { -- size_t saved_rindex, after_rindex = 0; -+ size_t saved_rindex, after_rindex = 0, jump_barrier; - _cleanup_free_ char *ret = NULL; - size_t n = 0, allocated = 0; - bool first = true; -@@ -876,6 +876,7 @@ int dns_packet_read_name(DnsPacket *p, char **_ret, - assert(_ret); - - saved_rindex = p->rindex; -+ jump_barrier = p->rindex; - - for (;;) { - uint8_t c, d; -@@ -922,7 +923,7 @@ int dns_packet_read_name(DnsPacket *p, char **_ret, - goto fail; - - ptr = (uint16_t) (c & ~0xc0) << 8 | (uint16_t) d; -- if (ptr < DNS_PACKET_HEADER_SIZE || ptr >= saved_rindex) { -+ if (ptr < DNS_PACKET_HEADER_SIZE || ptr >= jump_barrier) { - r = -EBADMSG; - goto fail; - } -@@ -930,9 +931,13 @@ int dns_packet_read_name(DnsPacket *p, char **_ret, - if (after_rindex == 0) - after_rindex = p->rindex; - -+ /* Jumps are limited to a "prior occurence" (RFC-1035 4.1.4) */ -+ jump_barrier = ptr; - p->rindex = ptr; -- } else -+ } else { -+ r = -EBADMSG; - goto fail; -+ } - } - - if (!GREEDY_REALLOC(ret, allocated, n + 1)) { -diff --git a/src/resolve/resolved.c b/src/resolve/resolved.c -index 7d258c9..6dd4cad 100644 ---- a/src/resolve/resolved.c -+++ b/src/resolve/resolved.c -@@ -108,7 +108,7 @@ int main(int argc, char *argv[]) { - - finish: - sd_notify(false, -- "STOPPIN=1\n" -+ "STOPPING=1\n" - "STATUS=Shutting down..."); - - return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS; -diff --git a/src/run/run.c b/src/run/run.c -index e3b6293..dcefb5c 100644 ---- a/src/run/run.c -+++ b/src/run/run.c -@@ -573,9 +573,12 @@ int main(int argc, char* argv[]) { - if (r <= 0) - goto finish; - -- r = find_binary(argv[optind], &command); -+ r = find_binary(argv[optind], arg_transport == BUS_TRANSPORT_LOCAL, &command); - if (r < 0) { -- log_error("Failed to find executable %s: %s", argv[optind], strerror(-r)); -+ log_error("Failed to find executable %s%s: %s", -+ argv[optind], -+ arg_transport == BUS_TRANSPORT_LOCAL ? "" : " on local system", -+ strerror(-r)); - goto finish; - } - argv[optind] = command; -diff --git a/src/shared/install.c b/src/shared/install.c -index 035b44c..cab93e8 100644 ---- a/src/shared/install.c -+++ b/src/shared/install.c -@@ -1620,12 +1620,10 @@ int unit_file_enable( - STRV_FOREACH(i, files) { - UnitFileState state; - -+ /* We only want to know if this unit is masked, so we ignore -+ * errors from unit_file_get_state, deferring other checks. -+ * This allows templated units to be enabled on the fly. */ - state = unit_file_get_state(scope, root_dir, *i); -- if (state < 0) { -- log_error("Failed to get unit file state for %s: %s", *i, strerror(-state)); -- return state; -- } -- - if (state == UNIT_FILE_MASKED || state == UNIT_FILE_MASKED_RUNTIME) { - log_error("Failed to enable unit: Unit %s is masked", *i); - return -ENOTSUP; -diff --git a/src/shared/path-lookup.c b/src/shared/path-lookup.c -index 8f75a8e..c800e01 100644 ---- a/src/shared/path-lookup.c -+++ b/src/shared/path-lookup.c -@@ -86,17 +86,14 @@ static char** user_dirs( - const char * const config_unit_paths[] = { - USER_CONFIG_UNIT_PATH, - "/etc/systemd/user", -+ "/etc/systemd-mutable/user", - NULL - }; - - const char * const runtime_unit_path = "/run/systemd/user"; - - const char * const data_unit_paths[] = { -- "/usr/local/lib/systemd/user", -- "/usr/local/share/systemd/user", - USER_DATA_UNIT_PATH, -- "/usr/lib/systemd/user", -- "/usr/share/systemd/user", - NULL - }; - -@@ -260,13 +257,11 @@ int lookup_paths_init( - STRV_IFNOTNULL(generator_early), - USER_CONFIG_UNIT_PATH, - "/etc/systemd/user", -+ "/etc/systemd-mutable/user", -+ "/nix/var/nix/profiles/default/lib/systemd/user", - "/run/systemd/user", - STRV_IFNOTNULL(generator), -- "/usr/local/lib/systemd/user", -- "/usr/local/share/systemd/user", - USER_DATA_UNIT_PATH, -- "/usr/lib/systemd/user", -- "/usr/share/systemd/user", - STRV_IFNOTNULL(generator_late), - NULL); - } else -@@ -276,14 +271,11 @@ int lookup_paths_init( - STRV_IFNOTNULL(generator_early), - SYSTEM_CONFIG_UNIT_PATH, - "/etc/systemd/system", -+ "/etc/systemd-mutable/system", -+ "/nix/var/nix/profiles/default/lib/systemd/system", - "/run/systemd/system", - STRV_IFNOTNULL(generator), -- "/usr/local/lib/systemd/system", - SYSTEM_DATA_UNIT_PATH, -- "/usr/lib/systemd/system", --#ifdef HAVE_SPLIT_USR -- "/lib/systemd/system", --#endif - STRV_IFNOTNULL(generator_late), - NULL); - -diff --git a/src/shared/path-util.c b/src/shared/path-util.c -index 67566bc..be03695 100644 ---- a/src/shared/path-util.c -+++ b/src/shared/path-util.c -@@ -563,11 +563,11 @@ int path_is_os_tree(const char *path) { - return r >= 0; - } - --int find_binary(const char *name, char **filename) { -+int find_binary(const char *name, bool local, char **filename) { - assert(name); - - if (is_path(name)) { -- if (access(name, X_OK) < 0) -+ if (local && access(name, X_OK) < 0) - return -errno; - - if (filename) { -@@ -657,7 +657,7 @@ int fsck_exists(const char *fstype) { - - checker = strappenda("fsck.", fstype); - -- r = find_binary(checker, &p); -+ r = find_binary(checker, true, &p); - if (r < 0) - return r; - -diff --git a/src/shared/path-util.h b/src/shared/path-util.h -index 8d171a5..bd0d324 100644 ---- a/src/shared/path-util.h -+++ b/src/shared/path-util.h -@@ -55,7 +55,7 @@ int path_is_mount_point(const char *path, bool allow_symlink); - int path_is_read_only_fs(const char *path); - int path_is_os_tree(const char *path); - --int find_binary(const char *name, char **filename); -+int find_binary(const char *name, bool local, char **filename); - - bool paths_check_timestamp(const char* const* paths, usec_t *paths_ts_usec, bool update); - -diff --git a/src/shared/virt.c b/src/shared/virt.c -index f9c4e67..f10baab 100644 ---- a/src/shared/virt.c -+++ b/src/shared/virt.c -@@ -293,8 +293,26 @@ int detect_container(const char **id) { - - r = read_one_line_file("/run/systemd/container", &m); - if (r == -ENOENT) { -- r = 0; -- goto finish; -+ -+ /* Fallback for cases where PID 1 was not -+ * systemd (for example, cases where -+ * init=/bin/sh is used. */ -+ -+ r = getenv_for_pid(1, "container", &m); -+ if (r <= 0) { -+ -+ /* If that didn't work, give up, -+ * assume no container manager. -+ * -+ * Note: This means we still cannot -+ * detect containers if init=/bin/sh -+ * is passed but privileges dropped, -+ * as /proc/1/environ is only readable -+ * with privileges. */ -+ -+ r = 0; -+ goto finish; -+ } - } - if (r < 0) - return r; -diff --git a/src/systemctl/systemctl.c b/src/systemctl/systemctl.c -index 28eaa6a..3866308 100644 ---- a/src/systemctl/systemctl.c -+++ b/src/systemctl/systemctl.c -@@ -2651,7 +2651,7 @@ static int start_unit_one( - - log_debug("Adding %s to the set", p); - r = set_consume(s, p); -- if (r < 0) -+ if (r < 0 && r != -EEXIST) - return log_oom(); - } - -@@ -6917,8 +6917,13 @@ done: - - static int halt_now(enum action a) { - --/* Make sure C-A-D is handled by the kernel from this -- * point on... */ -+ /* The kernel will automaticall flush ATA disks and suchlike -+ * on reboot(), but the file systems need to be synce'd -+ * explicitly in advance. */ -+ sync(); -+ -+ /* Make sure C-A-D is handled by the kernel from this point -+ * on... */ - reboot(RB_ENABLE_CAD); - - switch (a) { -diff --git a/src/test/test-path-util.c b/src/test/test-path-util.c -index 63d64b2..57264de 100644 ---- a/src/test/test-path-util.c -+++ b/src/test/test-path-util.c -@@ -85,29 +85,30 @@ static void test_path(void) { - } - } - --static void test_find_binary(const char *self) { -+static void test_find_binary(const char *self, bool local) { - char *p; - -- assert_se(find_binary("/bin/sh", &p) == 0); -+ assert_se(find_binary("/bin/sh", local, &p) == 0); - puts(p); - assert_se(streq(p, "/bin/sh")); - free(p); - -- assert_se(find_binary(self, &p) == 0); -+ assert_se(find_binary(self, local, &p) == 0); - puts(p); - assert_se(endswith(p, "/test-path-util")); - assert_se(path_is_absolute(p)); - free(p); - -- assert_se(find_binary("sh", &p) == 0); -+ assert_se(find_binary("sh", local, &p) == 0); - puts(p); - assert_se(endswith(p, "/sh")); - assert_se(path_is_absolute(p)); - free(p); - -- assert_se(find_binary("xxxx-xxxx", &p) == -ENOENT); -+ assert_se(find_binary("xxxx-xxxx", local, &p) == -ENOENT); - -- assert_se(find_binary("/some/dir/xxxx-xxxx", &p) == -ENOENT); -+ assert_se(find_binary("/some/dir/xxxx-xxxx", local, &p) == -+ (local ? -ENOENT : 0)); - } - - static void test_prefixes(void) { -@@ -244,7 +245,8 @@ static void test_strv_resolve(void) { - - int main(int argc, char **argv) { - test_path(); -- test_find_binary(argv[0]); -+ test_find_binary(argv[0], true); -+ test_find_binary(argv[0], false); - test_prefixes(); - test_path_join(); - test_fsck_exists(); -diff --git a/src/udev/udevd.c b/src/udev/udevd.c -index 2e6c713..193702c 100644 ---- a/src/udev/udevd.c -+++ b/src/udev/udevd.c -@@ -994,9 +994,9 @@ static void kernel_cmdline_options(struct udev *udev) { - if (r < 0) - log_warning("Invalid udev.exec-delay ignored: %s", opt + 16); - } else if (startswith(opt, "udev.event-timeout=")) { -- r = safe_atou64(opt + 16, &arg_event_timeout_usec); -+ r = safe_atou64(opt + 19, &arg_event_timeout_usec); - if (r < 0) { -- log_warning("Invalid udev.event-timeout ignored: %s", opt + 16); -+ log_warning("Invalid udev.event-timeout ignored: %s", opt + 19); - break; - } - arg_event_timeout_usec *= USEC_PER_SEC; -diff --git a/units/console-getty.service.m4.in b/units/console-getty.service.m4.in -index 8ac51a4..cae9fb5 100644 ---- a/units/console-getty.service.m4.in -+++ b/units/console-getty.service.m4.in -@@ -15,7 +15,6 @@ After=rc-local.service - Before=getty.target - - [Service] --ExecStart=-/sbin/agetty --noclear --keep-baud console 115200,38400,9600 $TERM - Type=idle - Restart=always - RestartSec=0 -diff --git a/units/container-getty@.service.m4.in b/units/container-getty@.service.m4.in -index 4f7794b..6dfc2e9 100644 ---- a/units/container-getty@.service.m4.in -+++ b/units/container-getty@.service.m4.in -@@ -14,9 +14,9 @@ After=rc-local.service - )m4_dnl - Before=getty.target - IgnoreOnIsolate=yes -+ConditionPathExists=/dev/pts/%I - - [Service] --ExecStart=-/sbin/agetty --noclear --keep-baud pts/%I 115200,38400,9600 $TERM - Type=idle - Restart=always - RestartSec=0 -diff --git a/units/emergency.service.in b/units/emergency.service.in -index 18973e7..3a99660 100644 ---- a/units/emergency.service.in -+++ b/units/emergency.service.in -@@ -16,7 +16,6 @@ Before=shutdown.target - [Service] - Environment=HOME=/root - WorkingDirectory=/root --ExecStartPre=-/bin/plymouth quit - ExecStartPre=-/bin/echo -e 'Welcome to emergency mode! After logging in, type "journalctl -xb" to view\\nsystem logs, "systemctl reboot" to reboot, "systemctl default" or ^D to\\ntry again to boot into default mode.' - ExecStart=-/bin/sh -c "/sbin/sulogin; @SYSTEMCTL@ --fail --no-block default" - Type=idle -diff --git a/units/getty@.service.m4 b/units/getty@.service.m4 -index 46164ab..f194a31 100644 ---- a/units/getty@.service.m4 -+++ b/units/getty@.service.m4 -@@ -23,11 +23,12 @@ IgnoreOnIsolate=yes - # On systems without virtual consoles, don't start any getty. Note - # that serial gettys are covered by serial-getty@.service, not this - # unit. --ConditionPathExists=/dev/tty0 -+ConditionPathExists=|/dev/tty0 -+ConditionVirtualization=|lxc -+ConditionVirtualization=|lxc-libvirt - - [Service] - # the VT is cleared by TTYVTDisallocate --ExecStart=-/sbin/agetty --noclear %I $TERM - Type=idle - Restart=always - RestartSec=0 -diff --git a/units/kmod-static-nodes.service.in b/units/kmod-static-nodes.service.in -index 0934a87..7e30c9e 100644 ---- a/units/kmod-static-nodes.service.in -+++ b/units/kmod-static-nodes.service.in -@@ -10,7 +10,6 @@ Description=Create list of required static device nodes for the current kernel - DefaultDependencies=no - Before=sysinit.target systemd-tmpfiles-setup-dev.service - ConditionCapability=CAP_SYS_MODULE --ConditionPathExists=/lib/modules/%v/modules.devname - - [Service] - Type=oneshot -diff --git a/units/local-fs.target b/units/local-fs.target -index d2e5429..d26984b 100644 ---- a/units/local-fs.target -+++ b/units/local-fs.target -@@ -13,3 +13,5 @@ Conflicts=shutdown.target - After=local-fs-pre.target - OnFailure=emergency.target - OnFailureJobMode=replace-irreversibly -+ -+X-StopOnReconfiguration=yes -diff --git a/units/remote-fs.target b/units/remote-fs.target -index 43ffa5c..156a681 100644 ---- a/units/remote-fs.target -+++ b/units/remote-fs.target -@@ -12,5 +12,7 @@ After=remote-fs-pre.target - DefaultDependencies=no - Conflicts=shutdown.target - -+X-StopOnReconfiguration=yes -+ - [Install] - WantedBy=multi-user.target -diff --git a/units/rescue.service.in b/units/rescue.service.in -index fc93f1e..3c87cf8 100644 ---- a/units/rescue.service.in -+++ b/units/rescue.service.in -@@ -16,7 +16,6 @@ Before=shutdown.target - [Service] - Environment=HOME=/root - WorkingDirectory=/root --ExecStartPre=-/bin/plymouth quit - ExecStartPre=-/bin/echo -e 'Welcome to emergency mode! After logging in, type "journalctl -xb" to view\\nsystem logs, "systemctl reboot" to reboot, "systemctl default" or ^D to\\nboot into default mode.' - ExecStart=-/bin/sh -c "/sbin/sulogin; @SYSTEMCTL@ --fail --no-block default" - Type=idle -diff --git a/units/serial-getty@.service.m4 b/units/serial-getty@.service.m4 -index 4522d0d..96daa5c 100644 ---- a/units/serial-getty@.service.m4 -+++ b/units/serial-getty@.service.m4 -@@ -22,7 +22,6 @@ Before=getty.target - IgnoreOnIsolate=yes - - [Service] --ExecStart=-/sbin/agetty --keep-baud 115200,38400,9600 %I $TERM - Type=idle - Restart=always - UtmpIdentifier=%I -diff --git a/units/sysinit.target b/units/sysinit.target -index ec33503..4ac47b9 100644 ---- a/units/sysinit.target -+++ b/units/sysinit.target -@@ -9,5 +9,4 @@ - Description=System Initialization - Documentation=man:systemd.special(7) - Conflicts=emergency.service emergency.target --Wants=local-fs.target swap.target --After=local-fs.target swap.target emergency.service emergency.target -+After=emergency.service emergency.target -diff --git a/units/systemd-backlight@.service.in b/units/systemd-backlight@.service.in -index ecf3de4..7e83446 100644 ---- a/units/systemd-backlight@.service.in -+++ b/units/systemd-backlight@.service.in -@@ -19,3 +19,4 @@ Type=oneshot - RemainAfterExit=yes - ExecStart=@rootlibexecdir@/systemd-backlight load %i - ExecStop=@rootlibexecdir@/systemd-backlight save %i -+X-RestartIfChanged=false -diff --git a/units/systemd-journal-flush.service.in b/units/systemd-journal-flush.service.in -index 699670b..ba22c6d 100644 ---- a/units/systemd-journal-flush.service.in -+++ b/units/systemd-journal-flush.service.in -@@ -10,8 +10,10 @@ Description=Trigger Flushing of Journal to Persistent Storage - Documentation=man:systemd-journald.service(8) man:journald.conf(5) - DefaultDependencies=no - Requires=systemd-journald.service --After=systemd-journald.service local-fs.target remote-fs.target -+After=systemd-journald.service -+After=systemd-remount-fs.service - Before=systemd-user-sessions.service systemd-tmpfiles-setup.service -+RequiresMountsFor=/var/log/journal - - [Service] - ExecStart=@rootbindir@/journalctl --flush -diff --git a/units/systemd-journald.service.in b/units/systemd-journald.service.in -index 4de38fa..2f23c13 100644 ---- a/units/systemd-journald.service.in -+++ b/units/systemd-journald.service.in -@@ -14,6 +14,7 @@ After=systemd-journald.socket systemd-journald-dev-log.socket syslog.socket - Before=sysinit.target - - [Service] -+Type=notify - Sockets=systemd-journald.socket systemd-journald-dev-log.socket - ExecStart=@rootlibexecdir@/systemd-journald - Restart=always -@@ -26,3 +27,8 @@ WatchdogSec=1min - # Increase the default a bit in order to allow many simultaneous - # services being run since we keep one fd open per service. - LimitNOFILE=16384 -+ -+# Don't restart journald, since that causes services connected to -+# journald to stop logging (see -+# https://bugs.freedesktop.org/show_bug.cgi?id=56043). -+X-RestartIfChanged=no -diff --git a/units/systemd-random-seed.service.in b/units/systemd-random-seed.service.in -index b55844b..3ef9fc6 100644 ---- a/units/systemd-random-seed.service.in -+++ b/units/systemd-random-seed.service.in -@@ -19,3 +19,4 @@ Type=oneshot - RemainAfterExit=yes - ExecStart=@rootlibexecdir@/systemd-random-seed load - ExecStop=@rootlibexecdir@/systemd-random-seed save -+X-RestartIfChanged=false -diff --git a/units/systemd-rfkill@.service.in b/units/systemd-rfkill@.service.in -index 0e9851b..9f8fa0d 100644 ---- a/units/systemd-rfkill@.service.in -+++ b/units/systemd-rfkill@.service.in -@@ -19,3 +19,4 @@ Type=oneshot - RemainAfterExit=yes - ExecStart=@rootlibexecdir@/systemd-rfkill load %I - ExecStop=@rootlibexecdir@/systemd-rfkill save %I -+X-RestartIfChanged=false -diff --git a/units/systemd-tmpfiles-setup.service.in b/units/systemd-tmpfiles-setup.service.in -index e895cda..194146f 100644 ---- a/units/systemd-tmpfiles-setup.service.in -+++ b/units/systemd-tmpfiles-setup.service.in -@@ -11,7 +11,7 @@ Documentation=man:tmpfiles.d(5) man:systemd-tmpfiles(8) - DefaultDependencies=no - Conflicts=shutdown.target - After=local-fs.target systemd-sysusers.service --Before=sysinit.target shutdown.target -+Before=shutdown.target - RefuseManualStop=yes - - [Service] -diff --git a/units/systemd-update-utmp.service.in b/units/systemd-update-utmp.service.in -index 163eccd..7357c12 100644 ---- a/units/systemd-update-utmp.service.in -+++ b/units/systemd-update-utmp.service.in -@@ -11,7 +11,7 @@ Documentation=man:systemd-update-utmp.service(8) man:utmp(5) - DefaultDependencies=no - RequiresMountsFor=/var/log/wtmp - Conflicts=shutdown.target --After=systemd-remount-fs.service systemd-tmpfiles-setup.service auditd.service -+After=systemd-remount-fs.service auditd.service - Before=sysinit.target shutdown.target - - [Service] -@@ -19,3 +19,4 @@ Type=oneshot - RemainAfterExit=yes - ExecStart=@rootlibexecdir@/systemd-update-utmp reboot - ExecStop=@rootlibexecdir@/systemd-update-utmp shutdown -+X-RestartIfChanged=false -diff --git a/units/systemd-user-sessions.service.in b/units/systemd-user-sessions.service.in -index 0869e73..b6ed958 100644 ---- a/units/systemd-user-sessions.service.in -+++ b/units/systemd-user-sessions.service.in -@@ -15,3 +15,6 @@ Type=oneshot - RemainAfterExit=yes - ExecStart=@rootlibexecdir@/systemd-user-sessions start - ExecStop=@rootlibexecdir@/systemd-user-sessions stop -+ -+# Restart kills all active sessions. -+X-RestartIfChanged=no diff --git a/pkgs/os-specific/linux/trace-cmd/default.nix b/pkgs/os-specific/linux/trace-cmd/default.nix index 1a22d094867..aeb2c371c2a 100644 --- a/pkgs/os-specific/linux/trace-cmd/default.nix +++ b/pkgs/os-specific/linux/trace-cmd/default.nix @@ -2,12 +2,12 @@ stdenv.mkDerivation rec { name = "trace-cmd-${version}"; - version = "2.5.3"; + version = "2.6"; src = fetchgit { url = "git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/trace-cmd.git"; rev = "refs/tags/trace-cmd-v${version}"; - sha256 = "32db3df07d0371c2b072029c6c86c4204be8cbbcb53840fa8c42dbf2e35c047b"; + sha256 = "42286440a45d1b24552a1d3cdb656dc648ad346fc426b5798bacdbffd3c4b226"; }; buildInputs = [ asciidoc libxslt ]; diff --git a/pkgs/os-specific/linux/uclibc/default.nix b/pkgs/os-specific/linux/uclibc/default.nix index 88cf59cf8b7..472d432bc63 100644 --- a/pkgs/os-specific/linux/uclibc/default.nix +++ b/pkgs/os-specific/linux/uclibc/default.nix @@ -1,4 +1,4 @@ -{stdenv, fetchurl, linuxHeaders, libiconvReal, cross ? null, gccCross ? null, +{stdenv, fetchzip, linuxHeaders, libiconvReal, cross ? null, gccCross ? null, extraConfig ? ""}: assert stdenv.isLinux; @@ -52,15 +52,18 @@ let UCLIBC_HAS_FPU n ''; + name = "uclibc-0.9.34-pre-20150131"; + rev = "343f6b8f1f754e397632b0552e4afe586c8b392b"; + in stdenv.mkDerivation { - name = "uclibc-0.9.34-pre-20150131" + stdenv.lib.optionalString (cross != null) - ("-" + cross.config); + name = name + stdenv.lib.optionalString (cross != null) ("-" + cross.config); - src = fetchurl { - url = http://www.uclibc.org/downloads/snapshots/uClibc-20150131.tar.bz2; - sha256 = "14svyxw4nizdcz4vqk9nizlgy32d8ngpvcca34jjbdjjg77xdvkc"; + src = fetchzip { + name = name + "-source"; + url = "http://git.uclibc.org/uClibc/snapshot/uClibc-${rev}.tar.bz2"; + sha256 = "1kgylzpid7da5i7wz7slh5q9rnq1m8bv5h9ilm76g0xwc2iwlhbw"; }; # 'ftw' needed to build acl, a coreutils dependency diff --git a/pkgs/os-specific/linux/udisks/2-default.nix b/pkgs/os-specific/linux/udisks/2-default.nix index 2dc99504c58..060d9ad1dd3 100644 --- a/pkgs/os-specific/linux/udisks/2-default.nix +++ b/pkgs/os-specific/linux/udisks/2-default.nix @@ -1,16 +1,18 @@ { stdenv, fetchurl, pkgconfig, intltool , expat, acl, systemd, glib, libatasmart, polkit -, libxslt, docbook_xsl, utillinux, mdadm +, libxslt, docbook_xsl, utillinux, mdadm, libgudev }: stdenv.mkDerivation rec { - name = "udisks-2.1.4"; + name = "udisks-2.1.6"; src = fetchurl { url = "http://udisks.freedesktop.org/releases/${name}.tar.bz2"; - sha256 = "1fqrwmdyn5vc5r7wixh2f013ca1qf3kwy4ia8mh9282a7bfliqd4"; + sha256 = "0spl155k0g2l2hvqf8xyjv08i68gfyhzpjva6cwlzxx0bz4gbify"; }; + outputs = [ "out" "doc" ]; + patches = [ ./force-path.patch ]; # FIXME remove /var/run/current-system/sw/* references @@ -24,9 +26,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ pkgconfig intltool ]; - propagatedBuildInputs = [ expat acl systemd glib libatasmart polkit ]; # in closure anyway - - buildInputs = [ libxslt docbook_xsl ]; + buildInputs = [ libxslt docbook_xsl libgudev expat acl systemd glib libatasmart polkit ]; configureFlags = [ "--localstatedir=/var" diff --git a/pkgs/os-specific/linux/upower/0.99.nix b/pkgs/os-specific/linux/upower/0.99.nix deleted file mode 100644 index 58133db9023..00000000000 --- a/pkgs/os-specific/linux/upower/0.99.nix +++ /dev/null @@ -1,51 +0,0 @@ -{ stdenv, fetchurl, pkgconfig, glib, dbus, dbus_glib, dbus_tools -, intltool, libxslt, docbook_xsl, udev, libusb1, pmutils -, useSystemd ? true, systemd, gobjectIntrospection -}: - -assert stdenv.isLinux; - -stdenv.mkDerivation rec { - name = "upower-0.99.2"; - - src = fetchurl { - url = "http://upower.freedesktop.org/releases/${name}.tar.xz"; - sha256 = "0vwlh20jmaf01m38kfn8yx2869a3clmkzlycrj99rf4nvwx4bp79"; - }; - - buildInputs = - [ dbus_glib intltool libxslt docbook_xsl udev libusb1 gobjectIntrospection ] - ++ stdenv.lib.optional useSystemd systemd; - - nativeBuildInputs = [ pkgconfig ]; - - preConfigure = - '' - substituteInPlace src/linux/up-backend.c \ - --replace /usr/bin/pm- ${pmutils}/bin/pm- \ - --replace /usr/sbin/pm- ${pmutils}/sbin/pm- - substituteInPlace src/notify-upower.sh \ - --replace /usr/bin/dbus-send ${dbus_tools}/bin/dbus-send - ''; - - configureFlags = - [ "--with-backend=linux" "--localstatedir=/var" - "--enable-deprecated" # needed for Xfce (Nov 2013) - ] - ++ stdenv.lib.optional useSystemd - [ "--enable-systemd" - "--with-systemdsystemunitdir=$(out)/etc/systemd/system" - "--with-systemdutildir=$(out)/lib/systemd" - "--with-udevrulesdir=$(out)/lib/udev/rules.d" - ]; - - NIX_CFLAGS_LINK = "-lgcc_s"; - - installFlags = "historydir=$(TMPDIR)/foo"; - - meta = { - homepage = http://upower.freedesktop.org/; - description = "A D-Bus service for power management"; - platforms = stdenv.lib.platforms.linux; - }; -} diff --git a/pkgs/os-specific/linux/upower/default.nix b/pkgs/os-specific/linux/upower/default.nix index 90914284773..0f7f93a5741 100644 --- a/pkgs/os-specific/linux/upower/default.nix +++ b/pkgs/os-specific/linux/upower/default.nix @@ -1,54 +1,29 @@ -{ stdenv, fetchurl, fetchpatch, pkgconfig, glib, dbus, dbus_glib, dbus_tools, polkit -, intltool, libxslt, docbook_xsl, udev, libusb1, pmutils +{ stdenv, fetchurl, pkgconfig, glib, dbus_glib +, intltool, libxslt, docbook_xsl, udev, libgudev, libusb1 , useSystemd ? true, systemd, gobjectIntrospection }: assert stdenv.isLinux; stdenv.mkDerivation rec { - name = "upower-0.9.23"; + name = "upower-0.99.3"; src = fetchurl { url = "http://upower.freedesktop.org/releases/${name}.tar.xz"; - sha256 = "06wqhab2mn0j4biiwh7mn4kxbxnfnzjkxvhpgvnlpaz9m2q54cj3"; + sha256 = "0f6x9mi1jzgqdpycaikyhjljnw3aacsl3gxndyg0dfqkq6y9jwb9"; }; - patches = [ - (fetchpatch rec { - url = "http://anonscm.debian.org/gitweb/?p=pkg-utopia/upower.git;" - + "a=blob_plain;f=debian/patches/${name};hb=b424b2763fbbba95df8c6ab3feeb57d072a9ddf7"; - sha256 = "0iq991abrn745icyz6x0wyixrjli01vbmbd9lnwwgyil58h3z8sp"; - name = "no_deprecation_define.patch"; - }) - (fetchpatch { - url = "http://cgit.freedesktop.org/upower/patch/?id=22da1a0bc5943b683189418d8b0f766e91b2bdbe"; - sha256 = "0yfgg6pw4bwskannvdwjxr75lgdrjpxhsskwlzm0frp8v5jy4k4z"; - name = "clamp-battery-percentages.patch"; - }) - ]; - buildInputs = - [ dbus_glib polkit intltool libxslt docbook_xsl udev libusb1 gobjectIntrospection ] + [ dbus_glib intltool libxslt docbook_xsl udev libgudev libusb1 gobjectIntrospection ] ++ stdenv.lib.optional useSystemd systemd; nativeBuildInputs = [ pkgconfig ]; - preConfigure = - '' - substituteInPlace src/linux/up-backend.c \ - --replace /usr/bin/pm- ${pmutils}/bin/pm- \ - --replace /usr/sbin/pm- ${pmutils}/sbin/pm- - substituteInPlace src/notify-upower.sh \ - --replace /usr/bin/dbus-send ${dbus_tools}/bin/dbus-send - ''; - configureFlags = [ "--with-backend=linux" "--localstatedir=/var" - "--enable-deprecated" # needed for Xfce (Nov 2013) ] ++ stdenv.lib.optional useSystemd - [ "--enable-systemd" - "--with-systemdsystemunitdir=$(out)/etc/systemd/system" + [ "--with-systemdsystemunitdir=$(out)/etc/systemd/system" "--with-systemdutildir=$(out)/lib/systemd" "--with-udevrulesdir=$(out)/lib/udev/rules.d" ]; diff --git a/pkgs/os-specific/linux/usbutils/default.nix b/pkgs/os-specific/linux/usbutils/default.nix index 710a01ed03d..158ff2299b1 100644 --- a/pkgs/os-specific/linux/usbutils/default.nix +++ b/pkgs/os-specific/linux/usbutils/default.nix @@ -12,7 +12,6 @@ stdenv.mkDerivation rec { postInstall = '' - rm $out/sbin/update-usbids.sh substituteInPlace $out/bin/lsusb.py \ --replace /usr/share/usb.ids ${hwdata}/data/hwdata/usb.ids ''; diff --git a/pkgs/os-specific/linux/util-linux/default.nix b/pkgs/os-specific/linux/util-linux/default.nix index 82c1ec120bd..66f67dbed61 100644 --- a/pkgs/os-specific/linux/util-linux/default.nix +++ b/pkgs/os-specific/linux/util-linux/default.nix @@ -1,15 +1,16 @@ { stdenv, fetchurl, pkgconfig, zlib, ncurses ? null, perl ? null, pam }: stdenv.mkDerivation rec { - name = "util-linux-2.26.1"; + name = "util-linux-2.26.2"; src = fetchurl { url = "mirror://kernel/linux/utils/util-linux/v2.26/${name}.tar.xz"; - sha256 = "0vmvk5khfwf71xbsnplvmk9ikwnlbhysc96mnkgwpqk2faairp12"; + sha256 = "0rlnzmiqdannzf81fbh41541lrck63v9zhskm6h4i2jj8ahvsa8f"; }; - patches = [ ./rtcwake-search-PATH-for-shutdown.patch - ]; + patches = [ + ./rtcwake-search-PATH-for-shutdown.patch + ]; outputs = [ "bin" "out" "man" ]; # TODO: $bin is kept the first for now # due to lots of ${utillinux}/bin occurences and headers being rather small @@ -61,5 +62,6 @@ stdenv.mkDerivation rec { description = "A set of system utilities for Linux"; license = licenses.gpl2; # also contains parts under more permissive licenses platforms = platforms.linux; + priority = 6; # lower priority than coreutils ("kill") and shadow ("login" etc.) packages }; } diff --git a/pkgs/os-specific/linux/v4l-utils/default.nix b/pkgs/os-specific/linux/v4l-utils/default.nix index 1a27ae8f571..17b21f92c17 100644 --- a/pkgs/os-specific/linux/v4l-utils/default.nix +++ b/pkgs/os-specific/linux/v4l-utils/default.nix @@ -16,11 +16,11 @@ let in stdenv.mkDerivation rec { - name = "v4l-utils-1.6.2"; + name = "v4l-utils-1.6.3"; src = fetchurl { url = "http://linuxtv.org/downloads/v4l-utils/${name}.tar.bz2"; - sha256 = "0zdyjrja2mkqlijpdb4gz1vw0g7pslswmgqqsgri3yq408gypmnk"; + sha256 = "0k46z5gqjzg702m2vs4sv6sxynq1sj14m0pgwvl2gkgg3dfbyjhn"; }; configureFlags = [ diff --git a/pkgs/os-specific/linux/v4l2loopback/default.nix b/pkgs/os-specific/linux/v4l2loopback/default.nix index 127341412ab..13617360d2d 100644 --- a/pkgs/os-specific/linux/v4l2loopback/default.nix +++ b/pkgs/os-specific/linux/v4l2loopback/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { name = "v4l2loopback-${version}-${kernel.version}"; - version = "0.8.0"; + version = "0.9.1"; src = fetchurl { url = "https://github.com/umlaeute/v4l2loopback/archive/v${version}.tar.gz"; - sha256 = "1rhsgc4prrj8s6njixic7fs5m3gs94v9hhf3am6lnfh5yv6yab9h"; + sha256 = "1crkhxlnskqrfj3f7jmiiyi5m75zmj7n0s26xz07wcwdzdf2p568"; }; preBuild = '' @@ -15,8 +15,6 @@ stdenv.mkDerivation rec { export PATH=${kmod}/sbin:$PATH ''; - patches = [ ./kernel-3.18-fix.patch ]; - buildInputs = [ kmod ]; makeFlags = [ diff --git a/pkgs/os-specific/linux/v4l2loopback/kernel-3.18-fix.patch b/pkgs/os-specific/linux/v4l2loopback/kernel-3.18-fix.patch deleted file mode 100644 index 9f6dc57f322..00000000000 --- a/pkgs/os-specific/linux/v4l2loopback/kernel-3.18-fix.patch +++ /dev/null @@ -1,31 +0,0 @@ -From 21195cd6d1ff767a271359dfa7d201078f766611 Mon Sep 17 00:00:00 2001 -From: tatokis <tasos@tasossah.com> -Date: Mon, 24 Nov 2014 16:28:33 +0200 -Subject: [PATCH] Updated v4l2loopback.c to compile on >= 3.18 kernel - ---- - v4l2loopback.c | 9 +++++++-- - 1 file changed, 7 insertions(+), 2 deletions(-) - -diff --git a/v4l2loopback.c b/v4l2loopback.c -index bb228bb..67f6ed4 100644 ---- a/v4l2loopback.c -+++ b/v4l2loopback.c -@@ -498,10 +498,15 @@ static ssize_t attr_store_maxopeners(struct device *cd, - { - struct v4l2_loopback_device *dev = NULL; - unsigned long curr = 0; -- -+ -+ #if LINUX_VERSION_CODE >= KERNEL_VERSION(3,18,0) -+ if (kstrtoul(buf, 0, &curr)) -+ return -EINVAL; -+ #else - if (strict_strtoul(buf, 0, &curr)) - return -EINVAL; -- -+ #endif -+ - dev = v4l2loopback_cd2dev(cd); - - if (dev->max_openers == curr) diff --git a/pkgs/os-specific/linux/wis-go7007/default.nix b/pkgs/os-specific/linux/wis-go7007/default.nix index 53868672025..4dae68d4871 100644 --- a/pkgs/os-specific/linux/wis-go7007/default.nix +++ b/pkgs/os-specific/linux/wis-go7007/default.nix @@ -56,7 +56,7 @@ stdenv.mkDerivation { mkdir -p $out/etc/udev/rules.d makeFlagsArray=(KERNELSRC=${kernel.dev}/lib/modules/${kernel.modDirVersion}/source \ - FIRMWARE_DIR=$out/firmware FXLOAD=${fxload}/sbin/fxload \ + FIRMWARE_DIR=$out/lib/firmware FXLOAD=${fxload}/sbin/fxload \ DESTDIR=$out SKIP_DEPMOD=1 \ USE_UDEV=y) ''; # */ diff --git a/pkgs/os-specific/linux/wpa_supplicant/default.nix b/pkgs/os-specific/linux/wpa_supplicant/default.nix index f6142bd630f..88e100c7a4d 100644 --- a/pkgs/os-specific/linux/wpa_supplicant/default.nix +++ b/pkgs/os-specific/linux/wpa_supplicant/default.nix @@ -1,16 +1,16 @@ -{ stdenv, fetchurl, lib, openssl, pkgconfig, libnl +{ stdenv, fetchpatch, fetchurl, lib, openssl, pkgconfig, libnl , dbus_libs ? null, readline ? null, pcsclite ? null }: with stdenv.lib; stdenv.mkDerivation rec { - version = "2.4"; + version = "2.5"; name = "wpa_supplicant-${version}"; src = fetchurl { url = "http://hostap.epitest.fi/releases/${name}.tar.gz"; - sha256 = "08li21q1wjn5chrv289w666il9ah1w419y3dkq2rl4wnq0rci385"; + sha256 = "05mkp5bx1c3z7h5biddsv0p49gkrq9ksany3anp4wdiv92p5prfc"; }; # TODO: Patch epoll so that the dbus actually responds @@ -36,7 +36,7 @@ stdenv.mkDerivation rec { CONFIG_IEEE80211W=y CONFIG_TLS=openssl CONFIG_TLSV11=y - CONFIG_TLSV12=y + #CONFIG_TLSV12=y see #8332 CONFIG_IEEE80211R=y CONFIG_DEBUG_SYSLOG=y #CONFIG_PRIVSEP=y @@ -77,15 +77,10 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ pkgconfig ]; patches = [ - ./0001-P2P-Validate-SSID-element-length-before-copying-it-C.patch ./build-fix.patch ]; postInstall = '' - # Copy the wpa_priv binary which is not installed - mkdir -p $out/bin - cp -v wpa_priv $out/bin - mkdir -p $out/share/man/man5 $out/share/man/man8 cp -v "doc/docbook/"*.5 $out/share/man/man5/ cp -v "doc/docbook/"*.8 $out/share/man/man8/ @@ -94,6 +89,7 @@ stdenv.mkDerivation rec { sed -e "s@/sbin/wpa_supplicant@$out&@" -i "$out/share/dbus-1/system-services/"* cp -v dbus/dbus-wpa_supplicant.conf $out/etc/dbus-1/system.d cp -v "systemd/"*.service $out/etc/systemd/system + rm $out/share/man/man8/wpa_priv.8 ''; meta = with stdenv.lib; { diff --git a/pkgs/os-specific/linux/xf86-input-wacom/default.nix b/pkgs/os-specific/linux/xf86-input-wacom/default.nix index a3d5aeeb40f..fca9dab2261 100644 --- a/pkgs/os-specific/linux/xf86-input-wacom/default.nix +++ b/pkgs/os-specific/linux/xf86-input-wacom/default.nix @@ -3,11 +3,11 @@ , ncurses, pkgconfig, randrproto, xorgserver, xproto, udev, libXinerama, pixman }: stdenv.mkDerivation rec { - name = "xf86-input-wacom-0.29.0"; + name = "xf86-input-wacom-0.31.0"; src = fetchurl { url = "mirror://sourceforge/linuxwacom/${name}.tar.bz2"; - sha256 = "15lbzjkaf690i69qy0n0ibwczbclqq1nx0418c6a567by5v7wl48"; + sha256 = "0xiz5vpkp8zm5m2k909sbvm9v8rf6hwn3gvqr2msswc00hzp5sg7"; }; buildInputs = [ inputproto libX11 libXext libXi libXrandr libXrender diff --git a/pkgs/os-specific/linux/xsensors/default.nix b/pkgs/os-specific/linux/xsensors/default.nix new file mode 100644 index 00000000000..a392d065e41 --- /dev/null +++ b/pkgs/os-specific/linux/xsensors/default.nix @@ -0,0 +1,22 @@ +{ stdenv, lib, fetchurl, gtk2, pkgconfig, lm_sensors }: + +stdenv.mkDerivation rec { + name = "xsensors-${version}"; + version = "0.70"; + src = fetchurl { + url = "http://www.linuxhardware.org/xsensors/xsensors-${version}.tar.gz"; + sha256 = "1siplsfgvcxamyqf44h71jx6jdfmvhfm7mh0y1q8ps4zs6pj2zwh"; + }; + buildInputs = [ + gtk2 pkgconfig lm_sensors + ]; + patches = [ + ./remove-unused-variables.patch + ./replace-deprecated-gtk.patch + ]; + meta = with lib; { + license = licenses.gpl2; + platforms = platforms.linux; + maintainers = with maintainers; [ cstrahan ]; + }; +} diff --git a/pkgs/os-specific/linux/xsensors/remove-unused-variables.patch b/pkgs/os-specific/linux/xsensors/remove-unused-variables.patch new file mode 100644 index 00000000000..7da97a0e56e --- /dev/null +++ b/pkgs/os-specific/linux/xsensors/remove-unused-variables.patch @@ -0,0 +1,39 @@ +Author: Nanley Chery <nanleychery@gmail.com> +From: Jean Delvare <khali@linux-fr.org> +Subject: Remove declared, but unused variables +Bug-Debian: http://bugs.debian.org/625435 +--- +--- a/src/gui.c ++++ b/src/gui.c +@@ -257,10 +257,9 @@ + + /* Start the sensor info update timer. */ + gint start_timer( GtkWidget *widget, gpointer data ) { +- gint timer; + + /* Setup timer for updates. */ +- timer = g_timeout_add( update_time * 1000, ++ g_timeout_add( update_time * 1000, + (GtkFunction) update_sensor_data, + (gpointer) data ); + +@@ -287,7 +286,7 @@ + + /* feature data */ + updates *head = NULL; +- updates *current = NULL, *prev = NULL; ++ updates *current = NULL; + + const sensors_feature *feature; + +@@ -347,10 +346,8 @@ + new_node->pbar = featpbar; + + if ( head == NULL ) { +- prev = head; + head = current = new_node; + } else { +- prev = current; + current = current->next = new_node; + } + diff --git a/pkgs/os-specific/linux/xsensors/replace-deprecated-gtk.patch b/pkgs/os-specific/linux/xsensors/replace-deprecated-gtk.patch new file mode 100644 index 00000000000..fed4c7dc4c9 --- /dev/null +++ b/pkgs/os-specific/linux/xsensors/replace-deprecated-gtk.patch @@ -0,0 +1,168 @@ +Author: Nanley Chery <nanleychery@gmail.com> +Subject: Update deprecated gtk casts and replace deprecated function calls with their analogous cairo counterparts. +Bug-Debian: http://bugs.debian.org/622005 +Bug-Debian: http://bugs.debian.org/610321 +--- +--- a/src/gui.c ++++ b/src/gui.c +@@ -27,10 +27,10 @@ + GtkWidget *mainwindow = NULL; + + GdkColor colorWhite = { 0, 0xFFFF, 0xFFFF, 0xFFFF }; +- +-GdkColormap *cmap = NULL; + +-GdkPixmap *theme = NULL; ++GdkPixbuf *theme = NULL; ++ ++cairo_surface_t *surface = NULL; + + /* Destroy the main window. */ + gint destroy_gui( GtkWidget *widget, gpointer data ) { +@@ -76,17 +76,16 @@ + } + } + +-static void draw_digits( GtkWidget *widget, const gchar *digits, int highLow ) ++static void draw_digits( GtkWidget *widget, cairo_t *cr, const gchar *digits, int highLow ) + { + const gchar *digit = digits; + int pos = 0, x = 0, y = 0, w = 0; + + while ( *digit ) { + get_pm_location( *digit, &x, &y, &w ); +- gdk_draw_drawable( widget->window, +- widget->style->fg_gc[ GTK_WIDGET_STATE +- (widget) ], theme, x, y + highLow, +- pos, 0, w, 30 ); ++ cairo_set_source_surface (cr, surface, pos-x, 0-(y + highLow)); ++ cairo_rectangle(cr, pos, 0, w, 30); ++ cairo_fill(cr); + pos += w; + digit++; + } +@@ -102,6 +101,8 @@ + + gchar result[7]; + ++ cairo_t *cr = gdk_cairo_create(widget->window); ++ + #ifdef DEBUG_XSENSORS + printf( "area.width = %d, area.height = %d\n", event->area.width, + event->area.height ); +@@ -117,13 +118,11 @@ + + /* Display the digits */ + if ( g_snprintf( result, 6, "%5.0f", current->curvalue ) >= 0 ) +- draw_digits( widget, result, highLow ); ++ draw_digits( widget, cr, result, highLow ); + + /* Display RPM */ +- gdk_draw_drawable( widget->window, +- widget->style->fg_gc[ GTK_WIDGET_STATE +- (widget) ], theme, 0, 120 + highLow, +- 90, 0, 57, 30 ); ++ cairo_set_source_surface (cr, surface, 90-0, 0-(120 + highLow)); ++ cairo_rectangle(cr, 90, 0, 57, 30); + break; + case TEMP: + if ( current->curvalue > current->curmax ) +@@ -134,17 +133,15 @@ + + /* Display the digits */ + if ( g_snprintf( result, 7, "%6.1f", current->curvalue ) >= 0 ) +- draw_digits( widget, result, highLow ); ++ draw_digits( widget, cr, result, highLow ); + + /* Display degree symbol */ + if ( tf == FALSE ) + x = 0; + else + x = 57; +- gdk_draw_drawable( widget->window, +- widget->style->fg_gc[ GTK_WIDGET_STATE +- (widget) ], theme, x, 60 + highLow, +- 96, 0, 57, 30 ); ++ cairo_set_source_surface (cr, surface, 96-x, 0-(60 + highLow)); ++ cairo_rectangle(cr, 96, 0, 57, 30); + + break; + case VOLT: +@@ -154,20 +151,17 @@ + + /* Display the digits */ + if ( g_snprintf( result, 7, "%6.2f", current->curvalue ) >= 0 ) +- draw_digits( widget, result, highLow ); ++ draw_digits( widget, cr, result, highLow ); + + /* Display V */ +- gdk_draw_drawable( widget->window, +- widget->style->fg_gc[ GTK_WIDGET_STATE +- (widget) ], theme, 114, 60 + highLow, +- 96, 0, 57, 30 ); +- +- ++ cairo_set_source_surface (cr, surface, 96-114, 0-(60 + highLow)); ++ cairo_rectangle(cr, 96, 0, 57, 30); + break; + default: + break; + } +- ++ cairo_fill(cr); ++ cairo_destroy(cr); + return TRUE; + } + +@@ -260,7 +254,7 @@ + + /* Setup timer for updates. */ + g_timeout_add( update_time * 1000, +- (GtkFunction) update_sensor_data, ++ (GSourceFunc) update_sensor_data, + (gpointer) data ); + + return SUCCESS; +@@ -460,8 +454,6 @@ + g_signal_connect( G_OBJECT (mainwindow), "delete_event", + G_CALLBACK (destroy_gui), NULL ); + +- /* Graphics needed for drawing info. */ +- cmap = gtk_widget_get_colormap( mainwindow ); + + /* Set up the image file used for displaying characters. */ + if ( imagefile == NULL ) { +@@ -481,12 +473,10 @@ + "Image file not found in either location! Exiting!\n" ); + exit( 1 ); + } else { +- theme = gdk_pixmap_colormap_create_from_xpm( NULL, cmap, +- NULL, NULL, "./images/default.xpm" ); ++ theme = gdk_pixbuf_new_from_file("./images/default.xpm", NULL ); + } + } else { +- theme = gdk_pixmap_colormap_create_from_xpm( NULL, cmap, +- NULL, NULL, imagefile ); ++ theme = gdk_pixbuf_new_from_file(imagefile, NULL ); + } + } else { + if ( stat( imagefile, &sbuf ) != 0 ) { +@@ -495,11 +485,15 @@ + "Image file not found in specified location! Exiting!\n" ); + exit( 1 ); + } else { +- theme = gdk_pixmap_colormap_create_from_xpm( NULL, cmap, +- NULL, NULL, imagefile ); ++ theme = gdk_pixbuf_new_from_file(imagefile, NULL ); + } + } +- ++ surface = cairo_image_surface_create_for_data(gdk_pixbuf_get_pixels(theme), ++ CAIRO_FORMAT_RGB24, ++ gdk_pixbuf_get_width(theme), ++ gdk_pixbuf_get_height(theme), ++ gdk_pixbuf_get_rowstride(theme)); ++ + /* Create notebook for sensors. */ + notebook = gtk_notebook_new( ); + gtk_widget_modify_bg( notebook, GTK_STATE_NORMAL, &colorWhite ); diff --git a/pkgs/os-specific/linux/zfs/default.nix b/pkgs/os-specific/linux/zfs/default.nix index 06aca23369e..d068a4e910d 100644 --- a/pkgs/os-specific/linux/zfs/default.nix +++ b/pkgs/os-specific/linux/zfs/default.nix @@ -1,14 +1,112 @@ -{ callPackage, fetchFromGitHub, ... } @ args: +{ stdenv, fetchFromGitHub, autoreconfHook, utillinux, nukeReferences, coreutils +, configFile ? "all" -callPackage ./generic.nix (args // rec { - version = "0.6.4"; +# Userspace dependencies +, zlib, libuuid, python + +# Kernel dependencies +, kernel ? null, spl ? null +}: + +with stdenv.lib; +let + buildKernel = any (n: n == configFile) [ "kernel" "all" ]; + buildUser = any (n: n == configFile) [ "user" "all" ]; +in + +assert any (n: n == configFile) [ "kernel" "user" "all" ]; +assert buildKernel -> kernel != null && spl != null; + +stdenv.mkDerivation rec { + name = "zfs-${configFile}-${version}${optionalString buildKernel "-${kernel.version}"}"; + + version = "0.6.5.1"; src = fetchFromGitHub { owner = "zfsonlinux"; repo = "zfs"; rev = "zfs-${version}"; - sha256 = "0xlj2w6gadip3rr3f1lri1n93lkjpzyksnk01sbl5wsrbkry3xjq"; + sha256 = "0lbii5kc3b68zj8mvvznl05czwdkr0ld3a2javbkngfvrcn09rz2"; }; patches = [ ./nix-build.patch ]; -}) + + buildInputs = [ autoreconfHook nukeReferences ] + ++ optionals buildKernel [ spl ] + ++ optionals buildUser [ zlib libuuid python ]; + + # for zdb to get the rpath to libgcc_s, needed for pthread_cancel to work + NIX_CFLAGS_LINK = "-lgcc_s"; + + preConfigure = '' + substituteInPlace ./module/zfs/zfs_ctldir.c --replace "umount -t zfs" "${utillinux}/bin/umount -t zfs" + substituteInPlace ./module/zfs/zfs_ctldir.c --replace "mount -t zfs" "${utillinux}/bin/mount -t zfs" + substituteInPlace ./lib/libzfs/libzfs_mount.c --replace "/bin/umount" "${utillinux}/bin/umount" + substituteInPlace ./lib/libzfs/libzfs_mount.c --replace "/bin/mount" "${utillinux}/bin/mount" + substituteInPlace ./udev/rules.d/* --replace "/lib/udev/vdev_id" "$out/lib/udev/vdev_id" + substituteInPlace ./cmd/ztest/ztest.c --replace "/usr/sbin/ztest" "$out/sbin/ztest" + substituteInPlace ./cmd/ztest/ztest.c --replace "/usr/sbin/zdb" "$out/sbin/zdb" + substituteInPlace ./config/user-systemd.m4 --replace "/usr/lib/modules-load.d" "$out/etc/modules-load.d" + substituteInPlace ./config/zfs-build.m4 --replace "\$sysconfdir/init.d" "$out/etc/init.d" + substituteInPlace ./etc/zfs/Makefile.am --replace "\$(sysconfdir)" "$out/etc" + substituteInPlace ./cmd/zed/Makefile.am --replace "\$(sysconfdir)" "$out/etc" + substituteInPlace ./module/Makefile.in --replace "/bin/cp" "cp" + substituteInPlace ./etc/systemd/system/zfs-share.service.in \ + --replace "@bindir@/rm " "${coreutils}/bin/rm " + ./autogen.sh + ''; + + configureFlags = [ + "--with-config=${configFile}" + ] ++ optionals buildUser [ + "--with-dracutdir=$(out)/lib/dracut" + "--with-udevdir=$(out)/lib/udev" + "--with-systemdunitdir=$(out)/etc/systemd/system" + "--with-systemdpresetdir=$(out)/etc/systemd/system-preset" + "--with-mounthelperdir=$(out)/bin" + "--sysconfdir=/etc" + "--localstatedir=/var" + "--enable-systemd" + ] ++ optionals buildKernel [ + "--with-spl=${spl}/libexec/spl" + "--with-linux=${kernel.dev}/lib/modules/${kernel.modDirVersion}/source" + "--with-linux-obj=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" + ]; + + enableParallelBuilding = true; + + installFlags = [ + "sysconfdir=\${out}/etc" + "DEFAULT_INITCONF_DIR=\${out}/default" + ]; + + postInstall = '' + # Prevent kernel modules from depending on the Linux -dev output. + nuke-refs $(find $out -name "*.ko") + '' + optionalString buildUser '' + # Remove provided services as they are buggy + rm $out/etc/systemd/system/zfs-import-*.service + + sed -i '/zfs-import-scan.service/d' $out/etc/systemd/system/* + + for i in $out/etc/systemd/system/*; do + substituteInPlace $i --replace "zfs-import-cache.service" "zfs-import.target" + done + + # Fix pkgconfig. + ln -s ../share/pkgconfig $out/lib/pkgconfig + ''; + + meta = { + description = "ZFS Filesystem Linux Kernel module"; + longDescription = '' + ZFS is a filesystem that combines a logical volume manager with a + Copy-On-Write filesystem with data integrity detection and repair, + snapshotting, cloning, block devices, deduplication, and more. + ''; + homepage = http://zfsonlinux.org/; + license = licenses.cddl; + platforms = platforms.linux; + maintainers = with maintainers; [ jcumming wizeman wkennington ]; + }; +} diff --git a/pkgs/os-specific/linux/zfs/generic.nix b/pkgs/os-specific/linux/zfs/generic.nix deleted file mode 100644 index 9a97bef22bb..00000000000 --- a/pkgs/os-specific/linux/zfs/generic.nix +++ /dev/null @@ -1,97 +0,0 @@ -{ stdenv, fetchFromGitHub, autoconf, automake, libtool, utillinux -, configFile ? "all" - -# Userspace dependencies -, zlib, libuuid, python - -# Kernel dependencies -, kernel ? null, spl ? null - -# Version specific settings -, version, src, patches -, ... -}: - -with stdenv.lib; -let - buildKernel = any (n: n == configFile) [ "kernel" "all" ]; - buildUser = any (n: n == configFile) [ "user" "all" ]; -in - -assert any (n: n == configFile) [ "kernel" "user" "all" ]; -assert buildKernel -> kernel != null && spl != null; - -stdenv.mkDerivation rec { - name = "zfs-${configFile}-${version}${optionalString buildKernel "-${kernel.version}"}"; - - inherit version src patches; - - buildInputs = [ autoconf automake libtool ] - ++ optionals buildKernel [ spl ] - ++ optionals buildUser [ zlib libuuid python ]; - - # for zdb to get the rpath to libgcc_s, needed for pthread_cancel to work - NIX_CFLAGS_LINK = "-lgcc_s"; - - preConfigure = '' - substituteInPlace ./module/zfs/zfs_ctldir.c --replace "umount -t zfs" "${utillinux}/bin/umount -t zfs" - substituteInPlace ./module/zfs/zfs_ctldir.c --replace "mount -t zfs" "${utillinux}/bin/mount -t zfs" - substituteInPlace ./lib/libzfs/libzfs_mount.c --replace "/bin/umount" "${utillinux}/bin/umount" - substituteInPlace ./lib/libzfs/libzfs_mount.c --replace "/bin/mount" "${utillinux}/bin/mount" - substituteInPlace ./udev/rules.d/* --replace "/lib/udev/vdev_id" "$out/lib/udev/vdev_id" - substituteInPlace ./cmd/ztest/ztest.c --replace "/usr/sbin/ztest" "$out/sbin/ztest" - substituteInPlace ./cmd/ztest/ztest.c --replace "/usr/sbin/zdb" "$out/sbin/zdb" - substituteInPlace ./config/user-systemd.m4 --replace "/usr/lib/modules-load.d" "$out/etc/modules-load.d" - substituteInPlace ./config/zfs-build.m4 --replace "\$sysconfdir/init.d" "$out/etc/init.d" - substituteInPlace ./etc/zfs/Makefile.am --replace "\$(sysconfdir)" "$out/etc" - substituteInPlace ./cmd/zed/Makefile.am --replace "\$(sysconfdir)" "$out/etc" - substituteInPlace ./module/Makefile.in --replace "/bin/cp" "cp" - - ./autogen.sh - ''; - - configureFlags = [ - "--with-config=${configFile}" - ] ++ optionals buildUser [ - "--with-dracutdir=$(out)/lib/dracut" - "--with-udevdir=$(out)/lib/udev" - "--with-systemdunitdir=$(out)/etc/systemd/system" - "--with-systemdpresetdir=$(out)/etc/systemd/system-preset" - "--sysconfdir=/etc" - "--localstatedir=/var" - "--enable-systemd" - ] ++ optionals buildKernel [ - "--with-spl=${spl}/libexec/spl" - "--with-linux=${kernel.dev}/lib/modules/${kernel.modDirVersion}/source" - "--with-linux-obj=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" - ]; - - enableParallelBuilding = true; - - # Remove provided services as they are buggy - postInstall = optionalString buildUser '' - rm $out/etc/systemd/system/zfs-import-*.service - - sed -i '/zfs-import-scan.service/d' $out/etc/systemd/system/* - - for i in $out/etc/systemd/system/*; do - substituteInPlace $i --replace "zfs-import-cache.service" "zfs-import.target" - done - - # Fix pkgconfig - ln -s ../share/pkgconfig $out/lib/pkgconfig - ''; - - meta = { - description = "ZFS Filesystem Linux Kernel module"; - longDescription = '' - ZFS is a filesystem that combines a logical volume manager with a - Copy-On-Write filesystem with data integrity detection and repair, - snapshotting, cloning, block devices, deduplication, and more. - ''; - homepage = http://zfsonlinux.org/; - license = licenses.cddl; - platforms = platforms.linux; - maintainers = with maintainers; [ jcumming wizeman wkennington ]; - }; -} diff --git a/pkgs/os-specific/linux/zfs/git.nix b/pkgs/os-specific/linux/zfs/git.nix deleted file mode 100644 index a7d312c4041..00000000000 --- a/pkgs/os-specific/linux/zfs/git.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ callPackage, stdenv, fetchgit, spl_git, ... } @ args: - -callPackage ./generic.nix (args // rec { - version = "2015-04-08"; - - src = fetchgit { - url = git://github.com/zfsonlinux/zfs.git; - rev = "d07a16360c1ee219b8820f80d035e56a18c58b84"; - sha256 = "0yyc0n960bzd4fmrg1mwp0xy1db7yn90g33ds44chh4g74mrfgdz"; - }; - - patches = [ ./nix-build.patch ]; - - spl = spl_git; -}) diff --git a/pkgs/os-specific/windows/cygwin-setup/default.nix b/pkgs/os-specific/windows/cygwin-setup/default.nix index d0995ffc662..71b47c5a50f 100644 --- a/pkgs/os-specific/windows/cygwin-setup/default.nix +++ b/pkgs/os-specific/windows/cygwin-setup/default.nix @@ -1,5 +1,5 @@ { stdenv, fetchcvs, autoconf, automake, libtool, flex, bison, pkgconfig -, zlib, bzip2, lzma, libgcrypt_1_6 +, zlib, bzip2, lzma, libgcrypt }: with stdenv.lib; @@ -24,7 +24,7 @@ stdenv.mkDerivation rec { buildInputs = map mkStatic (o.buildInputs or []); propagatedBuildInputs = map mkStatic (o.propagatedBuildInputs or []); }); - in map mkStatic [ zlib bzip2 lzma libgcrypt_1_6 ]; + in map mkStatic [ zlib bzip2 lzma libgcrypt ]; configureFlags = "--disable-shared"; |