diff options
author | Tuomas Tynkkynen <tuomas@tuxera.com> | 2018-01-14 21:18:27 +0200 |
---|---|---|
committer | Tuomas Tynkkynen <tuomas@tuxera.com> | 2018-01-14 21:18:27 +0200 |
commit | 6ed0fe7e450def967685ec11b789bfe32002d1c1 (patch) | |
tree | 409bf318be731969061398dc5a11c5d3c360484f /pkgs/os-specific | |
parent | c08042ba4b507cc0d494b1b9ca0895cc25db83d4 (diff) | |
parent | b986078593af4108371c210ce0106b6b3e82ee20 (diff) | |
download | nixpkgs-6ed0fe7e450def967685ec11b789bfe32002d1c1.tar nixpkgs-6ed0fe7e450def967685ec11b789bfe32002d1c1.tar.gz nixpkgs-6ed0fe7e450def967685ec11b789bfe32002d1c1.tar.bz2 nixpkgs-6ed0fe7e450def967685ec11b789bfe32002d1c1.tar.lz nixpkgs-6ed0fe7e450def967685ec11b789bfe32002d1c1.tar.xz nixpkgs-6ed0fe7e450def967685ec11b789bfe32002d1c1.tar.zst nixpkgs-6ed0fe7e450def967685ec11b789bfe32002d1c1.zip |
Merge remote-tracking branch 'upstream/master' into staging
Conflicts: pkgs/build-support/fetchbower/default.nix pkgs/build-support/fetchdarcs/default.nix pkgs/build-support/fetchgx/default.nix pkgs/development/python-modules/botocore/default.nix pkgs/os-specific/linux/firmware/firmware-linux-nonfree/default.nix pkgs/tools/admin/awscli/default.nix
Diffstat (limited to 'pkgs/os-specific')
18 files changed, 88 insertions, 50 deletions
diff --git a/pkgs/os-specific/darwin/trash/default.nix b/pkgs/os-specific/darwin/trash/default.nix new file mode 100644 index 00000000000..4104d0d455a --- /dev/null +++ b/pkgs/os-specific/darwin/trash/default.nix @@ -0,0 +1,38 @@ +{ stdenv, fetchFromGitHub, frameworks, perl } : +stdenv.mkDerivation rec { + version = "0.9.0"; + name = "trash-${version}"; + + src = fetchFromGitHub { + owner = "ali-rantakari"; + repo = "trash"; + rev = "f68ad25a02e24cc58eb8ef9a493d6dc0122bcd8f"; + sha256 = "0ylkf7jxfy1pj7i1s48w28kzqjdfd57m2pw0jycsgcj5bkzwll41"; + }; + + buildInputs = with frameworks; [ + Cocoa + AppKit + ScriptingBridge + perl + ]; + + patches = [ ./trash.diff ]; + + buildPhase = ''make all docs''; + + installPhase = '' + mkdir -p $out/bin + mkdir -p $out/share/man/man1 + install -m 0755 trash $out/bin + install -m 0444 trash.1 $out/share/man/man1 + ''; + + meta = { + homepage = https://github.com/ali-rantakari/trash; + description = "Small command-line program for OS X that moves files or + folders to the trash."; + platforms = stdenv.lib.platforms.darwin; + license = stdenv.lib.licenses.mit; + }; +} diff --git a/pkgs/os-specific/darwin/trash/trash.diff b/pkgs/os-specific/darwin/trash/trash.diff new file mode 100644 index 00000000000..546c760b10e --- /dev/null +++ b/pkgs/os-specific/darwin/trash/trash.diff @@ -0,0 +1,13 @@ +diff --git a/Makefile b/Makefile +index 5e4306f..9c975fc 100644 +--- a/Makefile ++++ b/Makefile +@@ -10,7 +10,7 @@ trash: $(SOURCE_FILES) + @echo + @echo ---- Compiling: + @echo ====================================== +- $(CC) -O2 -Wall -Wextra -Wpartial-availability -force_cpusubtype_ALL -mmacosx-version-min=10.7 -arch i386 -arch x86_64 -framework AppKit -framework ScriptingBridge -o $@ $(SOURCE_FILES) ++ $(CC) -O2 -Wall -Wextra -Wpartial-availability -force_cpusubtype_ALL -mmacosx-version-min=10.7 -arch x86_64 -framework AppKit -framework ScriptingBridge -o $@ $(SOURCE_FILES) + + analyze: + @echo diff --git a/pkgs/os-specific/linux/btfs/default.nix b/pkgs/os-specific/linux/btfs/default.nix index 6cc4dc6f6d5..83c442618b8 100644 --- a/pkgs/os-specific/linux/btfs/default.nix +++ b/pkgs/os-specific/linux/btfs/default.nix @@ -3,13 +3,13 @@ stdenv.mkDerivation rec { name = "btfs-${version}"; - version = "2.17"; + version = "2.18"; src = fetchFromGitHub { owner = "johang"; repo = "btfs"; rev = "v${version}"; - sha256 = "0v0mypwnx832f7vg52wmiw0lyz7rrkhqsgi7zc261ak1gfaw4nwd"; + sha256 = "1cn21bxx43iqvac6scmwhkw0bql092sl48r6qfidbmhbw30xl5yf"; }; nativeBuildInputs = [ pkgconfig ]; @@ -25,7 +25,7 @@ stdenv.mkDerivation rec { meta = with stdenv.lib; { description = "A bittorrent filesystem based on FUSE"; - homepage = "https://github.com/johang/btfs"; + homepage = https://github.com/johang/btfs; license = licenses.gpl3; maintainers = with maintainers; [ rnhmjoj ]; platforms = platforms.linux; diff --git a/pkgs/os-specific/linux/busybox/busybox-in-store.patch b/pkgs/os-specific/linux/busybox/busybox-in-store.patch index 0de7348c44f..2d356b66b3a 100644 --- a/pkgs/os-specific/linux/busybox/busybox-in-store.patch +++ b/pkgs/os-specific/linux/busybox/busybox-in-store.patch @@ -1,19 +1,19 @@ Allow BusyBox to be invoked as "<something>-busybox". This is necessary when it's run from the Nix store as <hash>-busybox during stdenv bootstrap. ---- busybox-1.26.1-orig/libbb/appletlib.orig 2016-10-26 19:54:20.510957575 -0400 -+++ busybox-1.26.1/libbb/appletlib.c 2016-10-26 19:48:31.590862853 -0400 -@@ -887,7 +887,7 @@ +--- a/libbb/appletlib.c ++++ b/libbb/appletlib.c +@@ -947,7 +947,7 @@ void FAST_FUNC run_applet_no_and_exit(int applet_no, const char *name, char **ar static NORETURN void run_applet_and_exit(const char *name, char **argv) { # if ENABLE_BUSYBOX - if (is_prefixed_with(name, "busybox")) + if (strstr(name, "busybox") != 0) - exit(busybox_main(argv)); + exit(busybox_main(/*unused:*/ 0, argv)); # endif # if NUM_APPLETS > 0 -@@ -981,7 +981,7 @@ int main(int argc UNUSED_PARAM, char **argv) - +@@ -1045,7 +1045,7 @@ int main(int argc UNUSED_PARAM, char **argv) + lbb_prepare("busybox" IF_FEATURE_INDIVIDUAL(, argv)); # if !ENABLE_BUSYBOX - if (argv[1] && is_prefixed_with(bb_basename(argv[0]), "busybox")) diff --git a/pkgs/os-specific/linux/busybox/default.nix b/pkgs/os-specific/linux/busybox/default.nix index 73c945fa0ba..a8d5ab48ac2 100644 --- a/pkgs/os-specific/linux/busybox/default.nix +++ b/pkgs/os-specific/linux/busybox/default.nix @@ -27,35 +27,20 @@ let in stdenv.mkDerivation rec { - name = "busybox-1.27.2"; + name = "busybox-1.28.0"; # Note to whoever is updating busybox: please verify that: # nix-build pkgs/stdenv/linux/make-bootstrap-tools.nix -A test # still builds after the update. src = fetchurl { url = "http://busybox.net/downloads/${name}.tar.bz2"; - sha256 = "1pv3vs2w4l2wnw5qb0rkbpvjjdd1fwjv87miavqq0r0ynqbfajwx"; + sha256 = "1701carjf02y7r3djm1yvyd5kzrcxm4szinp7agfv7fmvfvm6ib0"; }; hardeningDisable = [ "format" ] ++ lib.optionals enableStatic [ "fortify" ]; patches = [ - ./busybox-in-store.patch - (fetchpatch { - name = "CVE-2017-15873.patch"; - url = "https://git.busybox.net/busybox/patch/?id=0402cb32df015d9372578e3db27db47b33d5c7b0"; - sha256 = "1s3xqifd0dww19mbnzrks0i1az0qwd884sxjzrx33d6a9jxv4dzn"; - }) - (fetchpatch { - name = "CVE-2017-15874.patch"; - url = "https://git.busybox.net/busybox/patch/?id=9ac42c500586fa5f10a1f6d22c3f797df11b1f6b"; - sha256 = "0169p4ylz9zd14ghhb39yfjvbdca2kb21pphylfh9ny7i484ahql"; - }) - (fetchpatch { - name = "CVE-2017-16544.patch"; - url = "https://git.busybox.net/busybox/patch/?id=c3797d40a1c57352192c6106cc0f435e7d9c11e8"; - sha256 = "1q3lkc4xczxrzhz73x2r0w7kmd6y33zhcnz3478nk5xi0qr66mcy"; - }) + ./busybox-in-store.patch ]; configurePhase = '' diff --git a/pkgs/os-specific/linux/exfat/default.nix b/pkgs/os-specific/linux/exfat/default.nix index ee6249ce040..56da5b0f16f 100644 --- a/pkgs/os-specific/linux/exfat/default.nix +++ b/pkgs/os-specific/linux/exfat/default.nix @@ -17,6 +17,8 @@ stdenv.mkDerivation rec { hardeningDisable = [ "pic" ]; + nativeBuildInputs = kernel.moduleBuildDependencies; + makeFlags = [ "KDIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" ]; diff --git a/pkgs/os-specific/linux/firmware/firmware-linux-nonfree/default.nix b/pkgs/os-specific/linux/firmware/firmware-linux-nonfree/default.nix index 8e85bfda3f2..acdba5987bb 100644 --- a/pkgs/os-specific/linux/firmware/firmware-linux-nonfree/default.nix +++ b/pkgs/os-specific/linux/firmware/firmware-linux-nonfree/default.nix @@ -32,7 +32,7 @@ stdenv.mkDerivation rec { # traffic, so don't do that. preferLocalBuild = true; - buildInputs = [ cacert git gnupg ]; + nativeBuildInputs = [ cacert git gnupg ]; } '' git init src && ( cd src diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix index 5fc22736d7f..24ae1967570 100644 --- a/pkgs/os-specific/linux/kernel/common-config.nix +++ b/pkgs/os-specific/linux/kernel/common-config.nix @@ -343,7 +343,7 @@ with stdenv.lib; # Security related features. RANDOMIZE_BASE? y - STRICT_DEVMEM y # Filter access to /dev/mem + STRICT_DEVMEM? y # Filter access to /dev/mem SECURITY_SELINUX_BOOTPARAM_VALUE 0 # Disable SELinux by default SECURITY_YAMA? y # Prevent processes from ptracing non-children processes DEVKMEM n # Disable /dev/kmem diff --git a/pkgs/os-specific/linux/kernel/hardened-config.nix b/pkgs/os-specific/linux/kernel/hardened-config.nix index b7959f9d359..3a82c00c501 100644 --- a/pkgs/os-specific/linux/kernel/hardened-config.nix +++ b/pkgs/os-specific/linux/kernel/hardened-config.nix @@ -61,8 +61,8 @@ ${optionalString (versionAtLeast version "4.12") '' DEBUG_WX y # boot-time warning on RWX mappings # Stricter /dev/mem -STRICT_DEVMEM y -IO_STRICT_DEVMEM y +STRICT_DEVMEM? y +IO_STRICT_DEVMEM? y # Perform additional validation of commonly targeted structures. DEBUG_CREDENTIALS y diff --git a/pkgs/os-specific/linux/kernel/linux-4.14.nix b/pkgs/os-specific/linux/kernel/linux-4.14.nix index 550890b3557..bd1f03c76a7 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.14.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.14.nix @@ -3,7 +3,7 @@ with stdenv.lib; import ./generic.nix (args // rec { - version = "4.14.12"; + version = "4.14.13"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = concatStrings (intersperse "." (take 3 (splitString "." "${version}.0"))); @@ -13,6 +13,6 @@ import ./generic.nix (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "1bsn73h3ilf7msyiqm5ny2zdj30b9r7k9sc8i03w3iggh3agf236"; + sha256 = "0wjpwhrnnvf6l3zpkkxk34dl722w9yp8j3vnh0xzi3hgb8dnvd2a"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-4.4.nix b/pkgs/os-specific/linux/kernel/linux-4.4.nix index e2887b70d51..7ed69558fb0 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.4.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.4.nix @@ -1,11 +1,11 @@ { stdenv, hostPlatform, fetchurl, perl, buildLinux, ... } @ args: import ./generic.nix (args // rec { - version = "4.4.110"; + version = "4.4.111"; extraMeta.branch = "4.4"; src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "0n6v872ahny9j29lh60c7ha5fa1as9pdag7jsb5fcy2nmid1g6fh"; + sha256 = "0260gvby59n550ijm9q43cnzw1gqizll28nv3vsv8qmgiqp2h0d2"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-4.9.nix b/pkgs/os-specific/linux/kernel/linux-4.9.nix index 3b8fe6d7619..9fc7e51cbef 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.9.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.9.nix @@ -1,11 +1,11 @@ { stdenv, hostPlatform, fetchurl, perl, buildLinux, ... } @ args: import ./generic.nix (args // rec { - version = "4.9.75"; + version = "4.9.76"; extraMeta.branch = "4.9"; src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "1pyan45647wnliwhhp3dlmyvz7ibl1i56qplf3ilfh4dcsvk2v6y"; + sha256 = "1pl7x1fnyhvwbdxgh0w5fka9dyysi74n8lj9fkgfmapz5hrr8axq"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-hardened-copperhead.nix b/pkgs/os-specific/linux/kernel/linux-hardened-copperhead.nix index 5f4a5d5adb5..1ccc152bb28 100644 --- a/pkgs/os-specific/linux/kernel/linux-hardened-copperhead.nix +++ b/pkgs/os-specific/linux/kernel/linux-hardened-copperhead.nix @@ -3,9 +3,9 @@ with stdenv.lib; let - version = "4.14.12"; + version = "4.14.13"; revision = "a"; - sha256 = "002a3c177fix472wqc89zrpfzwk60l7dn76l869ivgnd60n6wqb2"; + sha256 = "08fvb1lllb0xkckw2y66g0j5z88kp877r51jj3kksfkvjfibjr0j"; # modVersion needs to be x.y.z, will automatically add .0 if needed modVersion = concatStrings (intersperse "." (take 3 (splitString "." "${version}.0"))); diff --git a/pkgs/os-specific/linux/kernel/linux-testing.nix b/pkgs/os-specific/linux/kernel/linux-testing.nix index e4dac2932bc..6143f03dc8c 100644 --- a/pkgs/os-specific/linux/kernel/linux-testing.nix +++ b/pkgs/os-specific/linux/kernel/linux-testing.nix @@ -1,13 +1,13 @@ { stdenv, hostPlatform, fetchurl, perl, buildLinux, libelf, utillinux, ... } @ args: import ./generic.nix (args // rec { - version = "4.15-rc4"; - modDirVersion = "4.15.0-rc4"; + version = "4.15-rc7"; + modDirVersion = "4.15.0-rc7"; extraMeta.branch = "4.15"; src = fetchurl { url = "https://git.kernel.org/torvalds/t/linux-${version}.tar.gz"; - sha256 = "13mz21pdqk17hrwga9246cj9bkcz3xmmg0cb4mrbsrb1nv4niv0k"; + sha256 = "1ph3asz5cc82mj7vb5cd5n80wnf66cm9jrlpa66da8kz8za0cdkh"; }; # Should the testing kernels ever be built on Hydra? diff --git a/pkgs/os-specific/linux/mdadm/default.nix b/pkgs/os-specific/linux/mdadm/default.nix index 1e2c1dafb2d..31dd0cbf18d 100644 --- a/pkgs/os-specific/linux/mdadm/default.nix +++ b/pkgs/os-specific/linux/mdadm/default.nix @@ -15,7 +15,7 @@ stdenv.mkDerivation rec { # This is to avoid self-references, which causes the initrd to explode # in size and in turn prevents mdraid systems from booting. - allowedReferences = [ stdenv.glibc.out ]; + allowedReferences = [ stdenv.cc.libc.out ]; patches = [ ./no-self-references.patch ]; diff --git a/pkgs/os-specific/linux/microcode/intel.nix b/pkgs/os-specific/linux/microcode/intel.nix index 97843b2253f..f7393d79cc2 100644 --- a/pkgs/os-specific/linux/microcode/intel.nix +++ b/pkgs/os-specific/linux/microcode/intel.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { name = "microcode-intel-${version}"; - version = "20171117"; + version = "20180108"; src = fetchurl { - url = "https://downloadmirror.intel.com/27337/eng/microcode-${version}.tgz"; - sha256 = "1p14ypbg28bdkbza6dx6dpjrdr5p13vmgrh2cw0y1v2qzalivgck"; + url = "https://downloadmirror.intel.com/27431/eng/microcode-${version}.tgz"; + sha256 = "0c214238mjks07zwif07f4041c74jil522sy78r4kjs6lniilgq6"; }; buildInputs = [ libarchive ]; diff --git a/pkgs/os-specific/linux/rewritefs/default.nix b/pkgs/os-specific/linux/rewritefs/default.nix index 5b16799a89c..8c7b75a881f 100644 --- a/pkgs/os-specific/linux/rewritefs/default.nix +++ b/pkgs/os-specific/linux/rewritefs/default.nix @@ -24,7 +24,7 @@ stdenv.mkDerivation rec { meta = with stdenv.lib; { description = ''A FUSE filesystem intended to be used like Apache mod_rewrite''; - homepage = "https://github.com/sloonz/rewritefs"; + homepage = https://github.com/sloonz/rewritefs; license = licenses.gpl2; maintainers = with maintainers; [ rnhmjoj ]; platforms = platforms.linux; diff --git a/pkgs/os-specific/linux/zfs/default.nix b/pkgs/os-specific/linux/zfs/default.nix index 75e281281d3..5489bc5abbe 100644 --- a/pkgs/os-specific/linux/zfs/default.nix +++ b/pkgs/os-specific/linux/zfs/default.nix @@ -160,10 +160,10 @@ in { incompatibleKernelVersion = null; # this package should point to a version / git revision compatible with the latest kernel release - version = "2017-12-28"; + version = "2018-01-10"; - rev = "390d679acdfa6a2498280a4dcd33b7600ace27ce"; - sha256 = "09lh1cpsf87yl1sr6inam5av60cy5wv89x6a952vfxrs64ph2m6n"; + rev = "1d53657bf561564162e2ad6449f80fa0140f1dd6"; + sha256 = "0ibkhfz06cypgl2c869dzdbdx2i3m8ywwdmnzscv0cin5gm31vhx"; isUnstable = true; extraPatches = [ |