diff options
Diffstat (limited to 'pkgs/os-specific/linux')
192 files changed, 2098 insertions, 932 deletions
diff --git a/pkgs/os-specific/linux/akvcam/default.nix b/pkgs/os-specific/linux/akvcam/default.nix index 700389a4a18..0724118431c 100644 --- a/pkgs/os-specific/linux/akvcam/default.nix +++ b/pkgs/os-specific/linux/akvcam/default.nix @@ -12,7 +12,8 @@ stdenv.mkDerivation rec { }; sourceRoot = "source/src"; - makeFlags = [ + nativeBuildInputs = kernel.moduleBuildDependencies; + makeFlags = kernel.makeFlags ++ [ "KERNEL_DIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" ]; diff --git a/pkgs/os-specific/linux/anbox/kmod.nix b/pkgs/os-specific/linux/anbox/kmod.nix index 9ce65cd8726..553712d21a7 100644 --- a/pkgs/os-specific/linux/anbox/kmod.nix +++ b/pkgs/os-specific/linux/anbox/kmod.nix @@ -36,7 +36,7 @@ stdenv.mkDerivation { homepage = "https://github.com/anbox/anbox-modules"; license = licenses.gpl2Only; platforms = platforms.linux; - broken = kernel.kernelOlder "4.4" || kernel.kernelAtLeast "5.5"; + broken = kernel.kernelAtLeast "5.5"; maintainers = with maintainers; [ edwtjo ]; }; } diff --git a/pkgs/os-specific/linux/apfs/default.nix b/pkgs/os-specific/linux/apfs/default.nix index 62437d662b9..eedaa9ef968 100644 --- a/pkgs/os-specific/linux/apfs/default.nix +++ b/pkgs/os-specific/linux/apfs/default.nix @@ -6,19 +6,19 @@ stdenv.mkDerivation { pname = "apfs"; - version = "unstable-2021-09-21-${kernel.version}"; + version = "unstable-2022-02-03-${kernel.version}"; src = fetchFromGitHub { owner = "linux-apfs"; repo = "linux-apfs-rw"; - rev = "362c4e32ab585b9234a26aa3e49f29b605612a31"; - sha256 = "sha256-Y8/PGPLirNrICF+Bum60v/DBPa1xpox5VBvt64myZzs="; + rev = "a0d6a4dca69b6eab3cabaaee4d4284807828a266"; + sha256 = "sha256-3T1BNc6g3SDTxb0VrronLUIp/CWbwnzXTsc8Qk5c4jY="; }; hardeningDisable = [ "pic" ]; nativeBuildInputs = kernel.moduleBuildDependencies; - makeFlags = [ + makeFlags = kernel.makeFlags ++ [ "KERNELRELEASE=${kernel.modDirVersion}" "KERNEL_DIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" "INSTALL_MOD_PATH=$(out)" diff --git a/pkgs/os-specific/linux/apparmor/default.nix b/pkgs/os-specific/linux/apparmor/default.nix index 5c1cf272e0e..f7a2c0c52a9 100644 --- a/pkgs/os-specific/linux/apparmor/default.nix +++ b/pkgs/os-specific/linux/apparmor/default.nix @@ -1,4 +1,4 @@ -{ stdenv, lib, fetchurl, fetchpatch, makeWrapper, autoreconfHook +{ stdenv, lib, fetchFromGitLab, fetchpatch, makeWrapper, autoreconfHook , pkg-config, which , flex, bison , linuxHeaders ? stdenv.cc.libc.linuxHeaders @@ -21,7 +21,7 @@ }: let - apparmor-version = "3.0.3"; + apparmor-version = "3.0.4"; apparmor-meta = component: with lib; { homepage = "https://apparmor.net/"; @@ -31,9 +31,11 @@ let platforms = platforms.linux; }; - apparmor-sources = fetchurl { - url = "https://launchpad.net/apparmor/${lib.versions.majorMinor apparmor-version}/${apparmor-version}/+download/apparmor-${apparmor-version}.tar.gz"; - sha256 = "0nasq8pdmzkrf856yg1v8z5hcs0nn6gw2qr60ab0a7j9ixfv0g8m"; + apparmor-sources = fetchFromGitLab { + owner = "apparmor"; + repo = "apparmor"; + rev = "v${apparmor-version}"; + sha256 = "1a217j28rgfq4lsmpn0wv1xgmdr9ba8iysv9i6q477kj6z77zrb9"; }; aa-teardown = writeShellScript "aa-teardown" '' @@ -48,8 +50,9 @@ let substituteInPlace ./common/Make.rules \ --replace "/usr/bin/pod2man" "${buildPackages.perl}/bin/pod2man" \ --replace "/usr/bin/pod2html" "${buildPackages.perl}/bin/pod2html" \ - --replace "/usr/include/linux/capability.h" "${linuxHeaders}/include/linux/capability.h" \ --replace "/usr/share/man" "share/man" + substituteInPlace ./utils/Makefile \ + --replace "/usr/include/linux/capability.h" "${linuxHeaders}/include/linux/capability.h" ''; patches = lib.optionals stdenv.hostPlatform.isMusl [ @@ -60,6 +63,8 @@ let }) ]; + python = python3.withPackages (ps: with ps; [ setuptools ]); + # Set to `true` after the next FIXME gets fixed or this gets some # common derivation infra. Too much copy-paste to fix one by one. doCheck = false; @@ -86,19 +91,16 @@ let ncurses which perl - ] ++ lib.optional withPython python3; + ] ++ lib.optional withPython python; buildInputs = lib.optional withPerl perl - ++ lib.optional withPython python3; + ++ lib.optional withPython python; # required to build apparmor-parser dontDisableStatic = true; prePatch = prePatchCommon + '' substituteInPlace ./libraries/libapparmor/swig/perl/Makefile.am --replace install_vendor install_site - substituteInPlace ./libraries/libapparmor/swig/perl/Makefile.in --replace install_vendor install_site - substituteInPlace ./libraries/libapparmor/src/Makefile.am --replace "/usr/include/netinet/in.h" "${lib.getDev stdenv.cc.libc}/include/netinet/in.h" - substituteInPlace ./libraries/libapparmor/src/Makefile.in --replace "/usr/include/netinet/in.h" "${lib.getDev stdenv.cc.libc}/include/netinet/in.h" ''; inherit patches; @@ -132,12 +134,12 @@ let strictDeps = true; - nativeBuildInputs = [ makeWrapper which python3 ]; + nativeBuildInputs = [ makeWrapper which python ]; buildInputs = [ bash perl - python3 + python libapparmor libapparmor.python ]; @@ -159,7 +161,7 @@ let postInstall = '' sed -i $out/bin/aa-unconfined -e "/my_env\['PATH'\]/d" for prog in aa-audit aa-autodep aa-cleanprof aa-complain aa-disable aa-enforce aa-genprof aa-logprof aa-mergeprof aa-unconfined ; do - wrapProgram $out/bin/$prog --prefix PYTHONPATH : "$out/lib/${python3.libPrefix}/site-packages:$PYTHONPATH" + wrapProgram $out/bin/$prog --prefix PYTHONPATH : "$out/lib/${python.sitePackages}:$PYTHONPATH" done substituteInPlace $out/bin/aa-notify \ @@ -190,7 +192,6 @@ let nativeBuildInputs = [ pkg-config libapparmor - gawk which ]; diff --git a/pkgs/os-specific/linux/audit/default.nix b/pkgs/os-specific/linux/audit/default.nix index 9fd24eea6d9..6d14a3293fc 100644 --- a/pkgs/os-specific/linux/audit/default.nix +++ b/pkgs/os-specific/linux/audit/default.nix @@ -3,11 +3,13 @@ runCommand, autoreconfHook, autoconf, automake, libtool, - enablePython ? false, python ? null, + # Enabling python support while cross compiling would be possible, but + # the configure script tries executing python to gather info instead of + # relying on python3-config exclusively + enablePython ? stdenv.hostPlatform == stdenv.buildPlatform, python3, swig, + linuxHeaders ? stdenv.cc.libc.linuxHeaders }: -assert enablePython -> python != null; - stdenv.mkDerivation rec { pname = "audit"; version = "2.8.5"; # at the next release, remove the patches below! @@ -21,7 +23,7 @@ stdenv.mkDerivation rec { depsBuildBuild = [ buildPackages.stdenv.cc ]; nativeBuildInputs = [ autoreconfHook ]; - buildInputs = lib.optional enablePython python; + buildInputs = lib.optionals enablePython [ python3 swig ]; configureFlags = [ # z/OS plugin is not useful on Linux, @@ -67,10 +69,20 @@ stdenv.mkDerivation rec { sha256 = "0qjq41ridyamajz9v9nyplgq7f8nn3fxw375s9sa5a0igsrx9pm0"; excludes = [ "ChangeLog" ]; }) + # Fix pending upstream inclusion for linux-headers-5.17 support: + # https://github.com/linux-audit/audit-userspace/pull/253 + (fetchpatch { + name = "ignore-flexible-array.patch"; + url = "https://github.com/linux-audit/audit-userspace/commit/beed138222421a2eb4212d83cb889404bd7efc49.patch"; + sha256 = "1hf02zaxv6x0wmn4ca9fj48y2shks7vfna43i1zz58xw9jq7sza0"; + }) ]; - prePatch = '' + postPatch = '' sed -i 's,#include <sys/poll.h>,#include <poll.h>\n#include <limits.h>,' audisp/audispd.c + substituteInPlace bindings/swig/src/auditswig.i \ + --replace "/usr/include/linux/audit.h" \ + "${linuxHeaders}/include/linux/audit.h" '' # According to https://stackoverflow.com/questions/13089166 # --whole-archive linker flag is required to be sure that linker diff --git a/pkgs/os-specific/linux/autofs/default.nix b/pkgs/os-specific/linux/autofs/default.nix index 7b29f5a0e5c..5e552301fe4 100644 --- a/pkgs/os-specific/linux/autofs/default.nix +++ b/pkgs/os-specific/linux/autofs/default.nix @@ -1,5 +1,7 @@ { lib, stdenv, fetchurl, flex, bison, linuxHeaders, libtirpc, mount, umount, nfs-utils, e2fsprogs -, libxml2, libkrb5, kmod, openldap, sssd, cyrus_sasl, openssl, rpcsvc-proto }: +, libxml2, libkrb5, kmod, openldap, sssd, cyrus_sasl, openssl, rpcsvc-proto +, fetchpatch +}: stdenv.mkDerivation rec { version = "5.1.6"; @@ -10,6 +12,15 @@ stdenv.mkDerivation rec { sha256 = "1vya21mb4izj3khcr3flibv7xc15vvx2v0rjfk5yd31qnzcy7pnx"; }; + patches = [ + # glibc 2.34 compat + (fetchpatch { + url = "https://src.fedoraproject.org/rpms/autofs/raw/cc745af5e42396d540d5b3b92fae486e232bf6bd/f/autofs-5.1.7-use-default-stack-size-for-threads.patch"; + sha256 = "sha256-6ETDFbW7EhHR03xFWF+6OJBgn9NX3WW3bGhTNGodaOc="; + excludes = [ "CHANGELOG" ]; + }) + ]; + preConfigure = '' configureFlags="--enable-force-shutdown --enable-ignore-busy --with-path=$PATH" export sssldir="${sssd}/lib/sssd/modules" diff --git a/pkgs/os-specific/linux/autosuspend/default.nix b/pkgs/os-specific/linux/autosuspend/default.nix index 4283230f7ad..fd4164be34a 100644 --- a/pkgs/os-specific/linux/autosuspend/default.nix +++ b/pkgs/os-specific/linux/autosuspend/default.nix @@ -5,13 +5,13 @@ python3.pkgs.buildPythonApplication rec { pname = "autosuspend"; - version = "4.1.0"; + version = "4.1.1"; src = fetchFromGitHub { owner = "languitar"; repo = pname; rev = "v${version}"; - sha256 = "0vn1qhsmjlgd7gn11w938kraz55xyixpzrgq06dar066hcsn1x8w"; + sha256 = "sha256-UdHaz1JIofUrw9G/K40AVhBWdvMdTK4Wa7FWb6ntwr0="; }; postPatch = '' diff --git a/pkgs/os-specific/linux/batman-adv/default.nix b/pkgs/os-specific/linux/batman-adv/default.nix index 354f4b1bff2..79dc48a6ea9 100644 --- a/pkgs/os-specific/linux/batman-adv/default.nix +++ b/pkgs/os-specific/linux/batman-adv/default.nix @@ -1,4 +1,9 @@ -{ lib, stdenv, fetchurl, kernel }: +{ lib +, stdenv +, fetchurl +, fetchpatch +, kernel +}: let cfg = import ./version.nix; in @@ -11,12 +16,27 @@ stdenv.mkDerivation rec { sha256 = cfg.sha256.${pname}; }; + patches = [ + # batman-adv: make mc_forwarding atomic + (fetchpatch { + url = "https://git.open-mesh.org/batman-adv.git/blobdiff_plain/c142c00f6b1a2ad5f5d74202fb1249e6a6575407..56db7c0540e733a1f063ccd6bab1b537a80857eb:/net/batman-adv/multicast.c"; + hash = "sha256-2zXg8mZ3/iK9E/kyn+wHSrlLq87HuK72xuXojQ9KjkI="; + }) + # batman-adv: compat: Add atomic mc_fowarding support for stable kernels + (fetchpatch { + url = "https://git.open-mesh.org/batman-adv.git/blobdiff_plain/f07a0c37ab278fb6a9e95cad89429b1282f1ab59..350adcaec82fbaa358a2406343b6130ac8dad126:/net/batman-adv/multicast.c"; + hash = "sha256-r/Xp5bmDo9GVfAF6bn2Xq+cOq5ddQe+D5s/h37uI6bM="; + }) + ]; + nativeBuildInputs = kernel.moduleBuildDependencies; + makeFlags = kernel.makeFlags ++ [ + "KERNELPATH=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" + ]; hardeningDisable = [ "pic" ]; preBuild = '' - makeFlags="KERNELPATH=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" sed -i -e "s,INSTALL_MOD_DIR=,INSTALL_MOD_PATH=$out INSTALL_MOD_DIR=," \ -e /depmod/d Makefile ''; diff --git a/pkgs/os-specific/linux/batman-adv/version.nix b/pkgs/os-specific/linux/batman-adv/version.nix index 048318e3e33..12a7f26a336 100644 --- a/pkgs/os-specific/linux/batman-adv/version.nix +++ b/pkgs/os-specific/linux/batman-adv/version.nix @@ -1,9 +1,9 @@ { - version = "2021.4"; + version = "2022.0"; sha256 = { - batman-adv = "06zbyf8s7njn6wdm1fdq3kl8kx1vx4spxkgiy7dx0pq4c3qs5xyg"; - alfred = "15fbw80ix95zy8i4c6acm1631vxlz2hakjv4zv5wig74bp2bcyac"; - batctl = "1ryqz90av2p5pgmmpi1afmycd18zhpwz1i4f7r0s359jis86xndn"; + batman-adv = "sha256-STOHBbwgdwmshNdmaI5wJXEAnIJ8CjIHiOpR+4h3FKo="; + alfred = "sha256-q7odrGHsz81jKeczHQVV/syTd2D7NsbPVc5sHXUc/Zg="; + batctl = "sha256-iTlm+aLWpQch3hJM5i2l096cIOBVdspIK8VwTMWm9z0="; }; } diff --git a/pkgs/os-specific/linux/bionic-prebuilt/default.nix b/pkgs/os-specific/linux/bionic-prebuilt/default.nix index 8fa17036c4a..da5011e6737 100644 --- a/pkgs/os-specific/linux/bionic-prebuilt/default.nix +++ b/pkgs/os-specific/linux/bionic-prebuilt/default.nix @@ -4,22 +4,47 @@ }: let - prebuilt_crt = fetchzip { - url = "https://android.googlesource.com/platform/prebuilts/gcc/linux-x86/aarch64/aarch64-linux-android-4.9/+archive/98dce673ad97a9640c5d90bbb1c718e75c21e071/lib/gcc/aarch64-linux-android/4.9.x.tar.gz"; - sha256 = "sha256-LLD2OJi78sNN5NulOsJZl7Ei4F1EUYItGG6eUsKWULc="; - stripRoot = false; + choosePlatform = + let pname = stdenv.targetPlatform.parsed.cpu.name; in + pset: pset.${pname} or (throw "bionic-prebuilt: unsupported platform ${pname}"); + + prebuilt_crt = choosePlatform { + aarch64 = fetchzip { + url = "https://android.googlesource.com/platform/prebuilts/gcc/linux-x86/aarch64/aarch64-linux-android-4.9/+archive/98dce673ad97a9640c5d90bbb1c718e75c21e071/lib/gcc/aarch64-linux-android/4.9.x.tar.gz"; + sha256 = "sha256-LLD2OJi78sNN5NulOsJZl7Ei4F1EUYItGG6eUsKWULc="; + stripRoot = false; + }; + x86_64 = fetchzip { + url = "https://android.googlesource.com/platform/prebuilts/gcc/linux-x86/x86/x86_64-linux-android-4.9/+archive/7e8507d2a2d4df3bced561b894576de70f065be4/lib/gcc/x86_64-linux-android/4.9.x.tar.gz"; + sha256 = "sha256-y7CFLF76pTlj+oYev9taBnL2nlT3+Tx8c6wmicWmKEw="; + stripRoot = false; + }; }; - prebuilt_libs = fetchzip { - url = "https://android.googlesource.com/platform/prebuilts/ndk/+archive/f2c77d8ba8a7f5c2d91771e31164f29be0b8ff98/platform/platforms/android-30/arch-arm64/usr/lib.tar.gz"; - sha256 = "sha256-TZBV7+D1QvKOCEi+VNGT5SStkgj0xRbyWoLH65zSrjw="; - stripRoot = false; + prebuilt_libs = choosePlatform { + aarch64 = fetchzip { + url = "https://android.googlesource.com/platform/prebuilts/ndk/+archive/f2c77d8ba8a7f5c2d91771e31164f29be0b8ff98/platform/platforms/android-30/arch-arm64/usr/lib.tar.gz"; + sha256 = "sha256-TZBV7+D1QvKOCEi+VNGT5SStkgj0xRbyWoLH65zSrjw="; + stripRoot = false; + }; + x86_64 = fetchzip { + url = "https://android.googlesource.com/platform/prebuilts/ndk/+archive/f2c77d8ba8a7f5c2d91771e31164f29be0b8ff98/platform/platforms/android-30/arch-x86_64/usr/lib64.tar.gz"; + sha256 = "sha256-n2EuOKy3RGKmEYofNlm+vDDBuiQRuAJEJT6wq6NEJQs="; + stripRoot = false; + }; }; - prebuilt_ndk_crt = fetchzip { - url = "https://android.googlesource.com/toolchain/prebuilts/ndk/r23/+archive/6c5fa4c0d3999b9ee932f6acbd430eb2f31f3151/toolchains/llvm/prebuilt/linux-x86_64/sysroot/usr/lib/aarch64-linux-android/30.tar.gz"; - sha256 = "sha256-KHw+cCwAwlm+5Nwp1o8WONqdi4BBDhFaVVr+7GxQ5uE="; - stripRoot = false; + prebuilt_ndk_crt = choosePlatform { + aarch64 = fetchzip { + url = "https://android.googlesource.com/toolchain/prebuilts/ndk/r23/+archive/6c5fa4c0d3999b9ee932f6acbd430eb2f31f3151/toolchains/llvm/prebuilt/linux-x86_64/sysroot/usr/lib/aarch64-linux-android/30.tar.gz"; + sha256 = "sha256-KHw+cCwAwlm+5Nwp1o8WONqdi4BBDhFaVVr+7GxQ5uE="; + stripRoot = false; + }; + x86_64 = fetchzip { + url = "https://android.googlesource.com/toolchain/prebuilts/ndk/r23/+archive/6c5fa4c0d3999b9ee932f6acbd430eb2f31f3151/toolchains/llvm/prebuilt/linux-x86_64/sysroot/usr/lib/x86_64-linux-android/30.tar.gz"; + sha256 = "sha256-XEd7L3cBzn+1pKfji40V92G/uZhHSMMuZcRZaiKkLnk="; + stripRoot = false; + }; }; ndk_support_headers = fetchzip { @@ -41,6 +66,7 @@ in stdenvNoCC.mkDerivation rec { pname = "bionic-prebuilt"; version = "ndk-release-r23"; + name = "${stdenv.targetPlatform.parsed.cpu.name}-${pname}-${version}"; src = fetchzip { url = "https://android.googlesource.com/platform/bionic/+archive/00e8ce1142d8823b0d2fc8a98b40119b0f1f02cd.tar.gz"; diff --git a/pkgs/os-specific/linux/bluez/default.nix b/pkgs/os-specific/linux/bluez/default.nix index 5e81cf6b2c1..1f6fb31d93d 100644 --- a/pkgs/os-specific/linux/bluez/default.nix +++ b/pkgs/os-specific/linux/bluez/default.nix @@ -22,11 +22,11 @@ ]; in stdenv.mkDerivation rec { pname = "bluez"; - version = "5.62"; + version = "5.64"; src = fetchurl { url = "mirror://kernel/linux/bluetooth/${pname}-${version}.tar.xz"; - sha256 = "sha256-OAkKW3UOF/wI0+UheO2NMlTF9L0sSIMNXBlVuI47wMI="; + sha256 = "sha256-rkN+ZbazBwwZi8WwEJ/pzeueqjhzgOIHL53mX+ih3jQ="; }; buildInputs = [ @@ -135,6 +135,5 @@ in stdenv.mkDerivation rec { homepage = "http://www.bluez.org/"; license = with licenses; [ gpl2 lgpl21 ]; platforms = platforms.linux; - repositories.git = "https://git.kernel.org/pub/scm/bluetooth/bluez.git"; }; } diff --git a/pkgs/os-specific/linux/broadcom-sta/default.nix b/pkgs/os-specific/linux/broadcom-sta/default.nix index 5d86c2311f1..b15c61488cb 100644 --- a/pkgs/os-specific/linux/broadcom-sta/default.nix +++ b/pkgs/os-specific/linux/broadcom-sta/default.nix @@ -39,6 +39,8 @@ stdenv.mkDerivation { ./linux-5.6.patch # source: https://gist.github.com/joanbm/5c640ac074d27fd1d82c74a5b67a1290 ./linux-5.9.patch + # source: https://github.com/archlinux/svntogit-community/blob/5ec5b248976f84fcd7e3d7fae49ee91289912d12/trunk/012-linux517.patch + ./linux-5.17.patch ./null-pointer-fix.patch ./gcc.patch ]; diff --git a/pkgs/os-specific/linux/broadcom-sta/linux-5.17.patch b/pkgs/os-specific/linux/broadcom-sta/linux-5.17.patch new file mode 100644 index 00000000000..74847cb6bb4 --- /dev/null +++ b/pkgs/os-specific/linux/broadcom-sta/linux-5.17.patch @@ -0,0 +1,39 @@ +diff -u -r a/src/wl/sys/wl_linux.c b/src/wl/sys/wl_linux.c +--- a/src/wl/sys/wl_linux.c 2022-03-23 00:35:42.930416350 +0000 ++++ b/src/wl/sys/wl_linux.c 2022-03-23 00:40:12.903771013 +0000 +@@ -2980,7 +2980,11 @@ + else + dev->type = ARPHRD_IEEE80211_RADIOTAP; + ++#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 17, 0) + bcopy(wl->dev->dev_addr, dev->dev_addr, ETHER_ADDR_LEN); ++#else ++ eth_hw_addr_set(wl->dev, dev->dev_addr); ++#endif + + #if defined(WL_USE_NETDEV_OPS) + dev->netdev_ops = &wl_netdev_monitor_ops; +@@ -3261,7 +3265,11 @@ + static ssize_t + wl_proc_read(struct file *filp, char __user *buffer, size_t length, loff_t *offp) + { ++#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 17, 0) + wl_info_t * wl = PDE_DATA(file_inode(filp)); ++#else ++ wl_info_t * wl = pde_data(file_inode(filp)); ++#endif + #endif + int bcmerror, len; + int to_user = 0; +@@ -3318,7 +3326,11 @@ + static ssize_t + wl_proc_write(struct file *filp, const char __user *buff, size_t length, loff_t *offp) + { ++#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 17, 0) + wl_info_t * wl = PDE_DATA(file_inode(filp)); ++#else ++ wl_info_t * wl = pde_data(file_inode(filp)); ++#endif + #endif + int from_user = 0; + int bcmerror; diff --git a/pkgs/os-specific/linux/busybox/default.nix b/pkgs/os-specific/linux/busybox/default.nix index 7aaedb5b1ac..636a07edddf 100644 --- a/pkgs/os-specific/linux/busybox/default.nix +++ b/pkgs/os-specific/linux/busybox/default.nix @@ -50,14 +50,14 @@ in stdenv.mkDerivation rec { pname = "busybox"; - version = "1.34.1"; + version = "1.35.0"; # Note to whoever is updating busybox: please verify that: # nix-build pkgs/stdenv/linux/make-bootstrap-tools.nix -A test # still builds after the update. src = fetchurl { url = "https://busybox.net/downloads/${pname}-${version}.tar.bz2"; - sha256 = "0jfm9fik7nv4w21zqdg830pddgkdjmplmna9yjn9ck1lwn4vsps1"; + sha256 = "sha256-+u6yRMNaNIozT0pZ5EYm7ocPsHtohNaMEK6LwZ+DppQ="; }; hardeningDisable = [ "format" "pie" ] @@ -65,6 +65,16 @@ stdenv.mkDerivation rec { patches = [ ./busybox-in-store.patch + (fetchurl { + name = "CVE-2022-28391.patch"; + url = "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch?id=ed92963eb55bbc8d938097b9ccb3e221a94653f4"; + sha256 = "sha256-yviw1GV+t9tbHbY7YNxEqPi7xEreiXVqbeRyf8c6Awo="; + }) + (fetchurl { + name = "CVE-2022-28391.patch"; + url = "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch?id=ed92963eb55bbc8d938097b9ccb3e221a94653f4"; + sha256 = "sha256-vl1wPbsHtXY9naajjnTicQ7Uj3N+EQ8pRNnrdsiow+w="; + }) ] ++ lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) ./clang-cross.patch; separateDebugInfo = true; diff --git a/pkgs/os-specific/linux/can-isotp/default.nix b/pkgs/os-specific/linux/can-isotp/default.nix index 9c30aae86fe..73edb3be9ec 100644 --- a/pkgs/os-specific/linux/can-isotp/default.nix +++ b/pkgs/os-specific/linux/can-isotp/default.nix @@ -13,16 +13,13 @@ stdenv.mkDerivation { sha256 = "1laax93czalclg7cy9iq1r7hfh9jigh7igj06y9lski75ap2vhfq"; }; - KERNELDIR = "${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"; - INSTALL_MOD_PATH = "\${out}"; + makeFlags = kernel.makeFlags ++ [ + "KERNELDIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" + "INSTALL_MOD_PATH=${placeholder "out"}" + ]; - buildPhase = '' - make modules - ''; - - installPhase = '' - make modules_install - ''; + buildFlags = [ "modules" ]; + installTargets = [ "modules_install" ]; nativeBuildInputs = kernel.moduleBuildDependencies; diff --git a/pkgs/os-specific/linux/cifs-utils/default.nix b/pkgs/os-specific/linux/cifs-utils/default.nix index d6dcf702110..e4635a915ef 100644 --- a/pkgs/os-specific/linux/cifs-utils/default.nix +++ b/pkgs/os-specific/linux/cifs-utils/default.nix @@ -1,4 +1,4 @@ -{ stdenv, lib, fetchurl, autoreconfHook, docutils, pkg-config +{ stdenv, lib, fetchurl, fetchpatch, autoreconfHook, docutils, pkg-config , libkrb5, keyutils, pam, talloc, python3 }: stdenv.mkDerivation rec { @@ -10,6 +10,22 @@ stdenv.mkDerivation rec { sha256 = "sha256-ZgnoB0tUISlf8BKjHwLM2aBYQVxhnIE2Lrt4jb8HVrg="; }; + patches = [ + (fetchpatch { + # Fix buffer-overflow in handling of ip= parameter in mount.cifs + # https://www.openwall.com/lists/oss-security/2022/04/27/5 + name = "CVE-2022-27239.patch"; + url = "https://github.com/piastry/cifs-utils/commit/007c07fd91b6d42f8bd45187cf78ebb06801139d.patch"; + sha256 = "sha256-3uoHso2q17r2bcEW+ZjYUWsW4OIGYA7kxYZxQQy0JOg="; + }) + (fetchpatch { + # Fix disclosure of invalid credential configuration in verbose mode + name = "CVE-2022-29869.patch"; + url = "https://github.com/piastry/cifs-utils/commit/8acc963a2e7e9d63fe1f2e7f73f5a03f83d9c379.patch"; + sha256 = "sha256-MjfreeL1ME550EYK9LPOUAAjIk1BoMGfb+pQe3A1bz8="; + }) + ]; + nativeBuildInputs = [ autoreconfHook docutils pkg-config ]; buildInputs = [ libkrb5 keyutils pam talloc python3 ]; diff --git a/pkgs/os-specific/linux/conky/default.nix b/pkgs/os-specific/linux/conky/default.nix index 9bd8890e713..87f5bb052f4 100644 --- a/pkgs/os-specific/linux/conky/default.nix +++ b/pkgs/os-specific/linux/conky/default.nix @@ -1,7 +1,7 @@ { config, lib, stdenv, fetchFromGitHub, pkg-config, cmake # dependencies -, glib, libXinerama +, glib, libXinerama, catch2 # optional features without extra dependencies , mpdSupport ? true @@ -85,6 +85,8 @@ stdenv.mkDerivation rec { sed -i 's/ Example: .*$//' doc/config_settings.xml substituteInPlace cmake/Conky.cmake --replace "# set(RELEASE true)" "set(RELEASE true)" + + cp ${catch2}/include/catch2/catch.hpp tests/catch2/catch.hpp ''; NIX_LDFLAGS = "-lgcc_s"; @@ -133,6 +135,8 @@ stdenv.mkDerivation rec { # src/conky.cc:137:23: fatal error: defconfig.h: No such file or directory enableParallelBuilding = false; + doCheck = true; + meta = with lib; { homepage = "http://conky.sourceforge.net/"; description = "Advanced, highly configurable system monitor based on torsmo"; diff --git a/pkgs/os-specific/linux/conspy/default.nix b/pkgs/os-specific/linux/conspy/default.nix index 12e7f798e79..00e97855e26 100644 --- a/pkgs/os-specific/linux/conspy/default.nix +++ b/pkgs/os-specific/linux/conspy/default.nix @@ -10,9 +10,8 @@ stdenv.mkDerivation rec { curlOpts = " -A application/octet-stream "; }; + nativeBuildInputs = [ autoconf automake ]; buildInputs = [ - autoconf - automake ncurses ]; diff --git a/pkgs/os-specific/linux/cpupower-gui/default.nix b/pkgs/os-specific/linux/cpupower-gui/default.nix index 2fcc55e14cb..1f57bc9428f 100644 --- a/pkgs/os-specific/linux/cpupower-gui/default.nix +++ b/pkgs/os-specific/linux/cpupower-gui/default.nix @@ -1,6 +1,7 @@ { lib , stdenv , fetchFromGitHub +, fetchpatch , buildPythonApplication , appstream-glib , dbus-python @@ -35,6 +36,15 @@ buildPythonApplication rec { sha256 = "05lvpi3wgyi741sd8lgcslj8i7yi3wz7jwl7ca3y539y50hwrdas"; }; + patches = [ + # Fix build with 0.61, can be removed on next update + # https://hydra.nixos.org/build/171052557/nixlog/1 + (fetchpatch { + url = "https://github.com/vagnum08/cpupower-gui/commit/97f8ac02fe33e412b59d3f3968c16a217753e74b.patch"; + sha256 = "XYnpm03kq8JLMjAT73BMCJWlzz40IAuHESm715VV6G0="; + }) + ]; + nativeBuildInputs = [ appstream-glib desktop-file-utils # needed for update-desktop-database diff --git a/pkgs/os-specific/linux/cryptodev/default.nix b/pkgs/os-specific/linux/cryptodev/default.nix index f09679ba212..cc3a1d81109 100644 --- a/pkgs/os-specific/linux/cryptodev/default.nix +++ b/pkgs/os-specific/linux/cryptodev/default.nix @@ -11,6 +11,7 @@ stdenv.mkDerivation rec { sha256 = "sha256-vJQ10rG5FGbeEOqCUmH/pZ0P77kAW/MtUarywbtIyHw="; }; + nativeBuildInputs = kernel.moduleBuildDependencies; hardeningDisable = [ "pic" ]; KERNEL_DIR = "${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"; diff --git a/pkgs/os-specific/linux/cryptsetup/default.nix b/pkgs/os-specific/linux/cryptsetup/default.nix index a9bd508d16e..be819802394 100644 --- a/pkgs/os-specific/linux/cryptsetup/default.nix +++ b/pkgs/os-specific/linux/cryptsetup/default.nix @@ -5,7 +5,7 @@ stdenv.mkDerivation rec { pname = "cryptsetup"; version = "2.4.3"; - outputs = [ "out" "dev" "man" ]; + outputs = [ "bin" "out" "dev" "man" ]; separateDebugInfo = true; src = fetchurl { @@ -31,6 +31,12 @@ stdenv.mkDerivation rec { "--enable-cryptsetup-reencrypt" "--with-crypto_backend=openssl" "--disable-ssh-token" + ] ++ lib.optionals stdenv.hostPlatform.isStatic [ + "--disable-external-tokens" + # We have to override this even though we're removing token + # support, because the path still gets included in the binary even + # though it isn't used. + "--with-luks2-external-tokens-path=/" ]; nativeBuildInputs = [ pkg-config ]; diff --git a/pkgs/os-specific/linux/device-tree/default.nix b/pkgs/os-specific/linux/device-tree/default.nix index 13c609cdf7d..88791a1fb1d 100644 --- a/pkgs/os-specific/linux/device-tree/default.nix +++ b/pkgs/os-specific/linux/device-tree/default.nix @@ -1,9 +1,9 @@ -{ lib, stdenvNoCC, dtc, findutils }: +{ lib, stdenvNoCC, dtc }: with lib; { applyOverlays = (base: overlays': stdenvNoCC.mkDerivation { name = "device-tree-overlays"; - nativeBuildInputs = [ dtc findutils ]; + nativeBuildInputs = [ dtc ]; buildCommand = let overlays = toList overlays'; in '' diff --git a/pkgs/os-specific/linux/digimend/default.nix b/pkgs/os-specific/linux/digimend/default.nix index 6b5f66f825b..b0ae7cc8508 100644 --- a/pkgs/os-specific/linux/digimend/default.nix +++ b/pkgs/os-specific/linux/digimend/default.nix @@ -1,7 +1,5 @@ { lib, stdenv, fetchFromGitHub, fetchpatch, kernel }: -assert lib.versionAtLeast kernel.version "3.5"; - stdenv.mkDerivation rec { pname = "digimend"; version = "unstable-2019-06-18"; @@ -13,8 +11,6 @@ stdenv.mkDerivation rec { sha256 = "1l54j85540386a8aypqka7p5hy1b63cwmpsscv9rmmf10f78v8mm"; }; - INSTALL_MOD_PATH = "\${out}"; - postPatch = '' sed 's/udevadm /true /' -i Makefile sed 's/depmod /true /' -i Makefile @@ -38,10 +34,11 @@ stdenv.mkDerivation rec { rm -r $out/lib/udev ''; - makeFlags = [ + makeFlags = kernel.makeFlags ++ [ "KVERSION=${kernel.modDirVersion}" "KDIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" "DESTDIR=${placeholder "out"}" + "INSTALL_MOD_PATH=${placeholder "out"}" ]; meta = with lib; { diff --git a/pkgs/os-specific/linux/disk-indicator/default.nix b/pkgs/os-specific/linux/disk-indicator/default.nix index 8a083b8b894..44dd19b27df 100644 --- a/pkgs/os-specific/linux/disk-indicator/default.nix +++ b/pkgs/os-specific/linux/disk-indicator/default.nix @@ -1,13 +1,14 @@ -{ lib, stdenv, fetchgit, libX11 }: +{ lib, stdenv, fetchFromGitHub, libX11 }: stdenv.mkDerivation { pname = "disk-indicator"; version = "unstable-2014-05-19"; - src = fetchgit { - url = "git://github.com/MeanEYE/Disk-Indicator.git"; + src = fetchFromGitHub { + owner = "MeanEYE"; + repo = "Disk-Indicator"; rev = "51ef4afd8141b8d0659cbc7dc62189c56ae9c2da"; - sha256 = "10jx6mx9qarn21p2l2jayxkn1gmqhvck1wymgsr4jmbwxl8ra5kd"; + sha256 = "sha256-bRaVEe18VUmyftXzMNmGuL5gZ/dKCipuEDYrnHo1XYI="; }; buildInputs = [ libX11 ]; diff --git a/pkgs/os-specific/linux/displaylink/default.nix b/pkgs/os-specific/linux/displaylink/default.nix index f1e942a4399..1823613a58a 100644 --- a/pkgs/os-specific/linux/displaylink/default.nix +++ b/pkgs/os-specific/linux/displaylink/default.nix @@ -20,22 +20,22 @@ let in stdenv.mkDerivation rec { pname = "displaylink"; - version = "5.5.0-beta-59.118"; + version = "5.5.0-59.151"; src = requireFile rec { name = "displaylink-55.zip"; - sha256 = "0mid6p1mnkhbl96cr763ngdwrlgnpgs6c137rwc2sjf4v33g59ma"; + sha256 = "0pswmczzrqqq0s0ksp6rfnkm693ligq4nblki1v53jdh0y7d1gff"; message = '' In order to install the DisplayLink drivers, you must first comply with DisplayLink's EULA and download the binaries and sources from here: - https://www.synaptics.com/products/displaylink-graphics/downloads/ubuntu-5.5-Beta + https://www.synaptics.com/products/displaylink-graphics/downloads/ubuntu-5.5 Once you have downloaded the file, please use the following commands and re-run the installation: - mv \$PWD/"DisplayLink USB Graphics Software for Ubuntu (Beta)5.5 Beta-EXE.zip" \$PWD/${name} + mv \$PWD/"DisplayLink USB Graphics Software for Ubuntu5.5-EXE.zip" \$PWD/${name} nix-prefetch-url file://\$PWD/${name} ''; }; @@ -58,7 +58,7 @@ stdenv.mkDerivation rec { --set-rpath ${libPath} \ $out/bin/DisplayLinkManager wrapProgram $out/bin/DisplayLinkManager \ - --run "cd $out/lib/displaylink" + --chdir "$out/lib/displaylink" # We introduce a dependency on the source file so that it need not be redownloaded everytime echo $src >> "$out/share/workspace_dependencies.pin" diff --git a/pkgs/os-specific/linux/dmtcp/default.nix b/pkgs/os-specific/linux/dmtcp/default.nix index 50124a2bf45..6315d361ed6 100644 --- a/pkgs/os-specific/linux/dmtcp/default.nix +++ b/pkgs/os-specific/linux/dmtcp/default.nix @@ -1,16 +1,14 @@ -{ lib, stdenv, fetchFromGitHub, bash, perl, python2 }: - -# There are fixes for python3 compatibility on master +{ lib, stdenv, fetchFromGitHub, bash, perl, python3 }: stdenv.mkDerivation rec { pname = "dmtcp"; - version = "unstable-2021-03-01"; + version = "unstable-2022-02-28"; src = fetchFromGitHub { owner = pname; repo = pname; - rev = "f999adbb8e88fe452a0e57ceb43b6eed7b4409f9"; - sha256 = "sha256-codCHQui3fGfUZSNq8GuH4ad/GjD6I/S9rX83o8oFPc="; + rev = "133687764c6742906006a1d247e3b83cd860fa1d"; + hash = "sha256-9Vr8IhoeATCfyt7Lp7kYe/7e87mFX9KMNGTqxJgIztE="; }; dontDisableStatic = true; @@ -30,7 +28,7 @@ stdenv.mkDerivation rec { substituteInPlace test/autotest.py \ --replace /bin/bash ${bash}/bin/bash \ --replace /usr/bin/perl ${perl}/bin/perl \ - --replace /usr/bin/python ${python2}/bin/python \ + --replace /usr/bin/python ${python3.interpreter} \ --replace "os.environ['USER']" "\"nixbld1\"" \ --replace "os.getenv('USER')" "\"nixbld1\"" ''; diff --git a/pkgs/os-specific/linux/dpdk-kmods/default.nix b/pkgs/os-specific/linux/dpdk-kmods/default.nix index a188336cbe5..694e508dcd0 100644 --- a/pkgs/os-specific/linux/dpdk-kmods/default.nix +++ b/pkgs/os-specific/linux/dpdk-kmods/default.nix @@ -11,6 +11,9 @@ stdenv.mkDerivation rec { hardeningDisable = [ "pic" ]; + makeFlags = kernel.makeFlags ++ [ + "INSTALL_MOD_PATH=${placeholder "out"}" + ]; KSRC = "${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"; nativeBuildInputs = kernel.moduleBuildDependencies; @@ -18,10 +21,9 @@ stdenv.mkDerivation rec { preBuild = "cd linux/igb_uio"; installPhase = '' - make -C ${KSRC} M=$(pwd) modules_install + make -C ${KSRC} M=$(pwd) modules_install $makeFlags ''; - INSTALL_MOD_PATH = placeholder "out"; enableParallelBuilding = true; meta = with lib; { diff --git a/pkgs/os-specific/linux/earlyoom/default.nix b/pkgs/os-specific/linux/earlyoom/default.nix index 46e83609722..ad7468bac0f 100644 --- a/pkgs/os-specific/linux/earlyoom/default.nix +++ b/pkgs/os-specific/linux/earlyoom/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchFromGitHub, pandoc, installShellFiles, withManpage ? false }: +{ lib, stdenv, fetchFromGitHub, pandoc, installShellFiles, withManpage ? false, nixosTests }: stdenv.mkDerivation rec { pname = "earlyoom"; @@ -23,6 +23,10 @@ stdenv.mkDerivation rec { installManPage earlyoom.1 ''; + passthru.tests = { + inherit (nixosTests) earlyoom; + }; + meta = with lib; { description = "Early OOM Daemon for Linux"; homepage = "https://github.com/rfjakob/earlyoom"; diff --git a/pkgs/os-specific/linux/ell/default.nix b/pkgs/os-specific/linux/ell/default.nix index aa8e3f15aab..43b65f5ae7b 100644 --- a/pkgs/os-specific/linux/ell/default.nix +++ b/pkgs/os-specific/linux/ell/default.nix @@ -7,14 +7,14 @@ stdenv.mkDerivation rec { pname = "ell"; - version = "0.46"; + version = "0.50"; outputs = [ "out" "dev" ]; src = fetchgit { url = "https://git.kernel.org/pub/scm/libs/ell/ell.git"; rev = version; - sha256 = "sha256-Am1PNFFfSzII4Iaeq0wgfuVHSeMDjiDzYkNQWlnEHJY="; + sha256 = "sha256-LQAbE/pAKjVFsn9FjIbvY6sTBcVBdi4LCOnDVZ/WGV0="; }; nativeBuildInputs = [ @@ -31,11 +31,12 @@ stdenv.mkDerivation rec { doCheck = true; meta = with lib; { - homepage = "https://01.org/ell"; + homepage = "https://git.kernel.org/pub/scm/libs/ell/ell.git"; description = "Embedded Linux Library"; longDescription = '' The Embedded Linux* Library (ELL) provides core, low-level functionality for system daemons. It typically has no dependencies other than the Linux kernel, C standard library, and libdl (for dynamic linking). While ELL is designed to be efficient and compact enough for use on embedded Linux platforms, it is not limited to resource-constrained systems. ''; + changelog = "https://git.kernel.org/pub/scm/libs/ell/ell.git/tree/ChangeLog?h=${version}"; license = licenses.lgpl21Plus; platforms = platforms.linux; maintainers = with maintainers; [ mic92 dtzWill maxeaubrey ]; diff --git a/pkgs/os-specific/linux/ena/default.nix b/pkgs/os-specific/linux/ena/default.nix index 1257217a520..9f2f8682078 100644 --- a/pkgs/os-specific/linux/ena/default.nix +++ b/pkgs/os-specific/linux/ena/default.nix @@ -14,6 +14,7 @@ stdenv.mkDerivation rec { hardeningDisable = [ "pic" ]; nativeBuildInputs = kernel.moduleBuildDependencies; + makeFlags = kernel.makeFlags; # linux 3.12 NIX_CFLAGS_COMPILE = "-Wno-error=implicit-function-declaration"; @@ -27,7 +28,7 @@ stdenv.mkDerivation rec { installPhase = '' runHook preInstall - strip -S ena.ko + $STRIP -S ena.ko dest=$out/lib/modules/${kernel.modDirVersion}/misc mkdir -p $dest cp ena.ko $dest/ @@ -41,6 +42,6 @@ stdenv.mkDerivation rec { license = licenses.gpl2Only; maintainers = [ maintainers.eelco ]; platforms = platforms.linux; - broken = kernel.kernelOlder "4.5" || kernel.kernelAtLeast "5.15"; + broken = kernel.kernelAtLeast "5.15"; }; } diff --git a/pkgs/os-specific/linux/evdi/default.nix b/pkgs/os-specific/linux/evdi/default.nix index fb750570e1d..3c6207890e2 100644 --- a/pkgs/os-specific/linux/evdi/default.nix +++ b/pkgs/os-specific/linux/evdi/default.nix @@ -17,7 +17,7 @@ stdenv.mkDerivation rec { buildInputs = [ kernel libdrm ]; - makeFlags = [ + makeFlags = kernel.makeFlags ++ [ "KVER=${kernel.modDirVersion}" "KDIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" ]; diff --git a/pkgs/os-specific/linux/facetimehd/default.nix b/pkgs/os-specific/linux/facetimehd/default.nix index 163001638cd..27bbfcc6767 100644 --- a/pkgs/os-specific/linux/facetimehd/default.nix +++ b/pkgs/os-specific/linux/facetimehd/default.nix @@ -1,9 +1,9 @@ { stdenv, lib, fetchFromGitHub, kernel }: -# facetimehd is not supported for kernels older than 3.19"; -assert lib.versionAtLeast kernel.version "3.19"; +stdenv.mkDerivation rec { + name = "facetimehd-${version}-${kernel.version}"; + version = "unstable-2020-04-16"; -let # Note: When updating this revision: # 1. Also update pkgs/os-specific/linux/firmware/facetimehd-firmware/ # 2. Test the module and firmware change via: @@ -14,29 +14,11 @@ let # e. see if the module loads back (apps using the camera won't # recover and will have to be restarted) and the camera # still works. - srcParams = if (lib.versionAtLeast kernel.version "4.8") then - { # Use mainline branch - version = "unstable-2020-04-16"; - rev = "82626d4892eeb9eb704538bf0dc49a00725ff451"; - sha256 = "118z6vjvhhcwvs4n3sgwwdagys9w718b8nkh6l9ic93732vv7cqx"; - } - else - { # Use master branch (broken on 4.8) - version = "unstable-2016-05-02"; - rev = "5a7083bd98b38ef3bd223f7ee531d58f4fb0fe7c"; - sha256 = "0d455kajvn5xav9iilqy7s1qvsy4yb8vzjjxx7bvcgp7aj9ljvdp"; - } - ; -in - -stdenv.mkDerivation rec { - name = "facetimehd-${version}-${kernel.version}"; - version = srcParams.version; - src = fetchFromGitHub { owner = "patjak"; repo = "bcwc_pcie"; - inherit (srcParams) rev sha256; + rev = "82626d4892eeb9eb704538bf0dc49a00725ff451"; + sha256 = "118z6vjvhhcwvs4n3sgwwdagys9w718b8nkh6l9ic93732vv7cqx"; }; preConfigure = '' diff --git a/pkgs/os-specific/linux/firmware/b43-firmware-cutter/default.nix b/pkgs/os-specific/linux/firmware/b43-firmware-cutter/default.nix index 389078db0af..fe7a3e9ae40 100644 --- a/pkgs/os-specific/linux/firmware/b43-firmware-cutter/default.nix +++ b/pkgs/os-specific/linux/firmware/b43-firmware-cutter/default.nix @@ -11,7 +11,10 @@ stdenv.mkDerivation rec { patches = [ ./no-root-install.patch ]; - makeFlags = [ "PREFIX=$(out)" ]; + makeFlags = [ + "PREFIX=$(out)" + "CC=${stdenv.cc.targetPrefix}cc" + ]; meta = { description = "Firmware extractor for cards supported by the b43 kernel module"; diff --git a/pkgs/os-specific/linux/firmware/b43-firmware/5.1.138.nix b/pkgs/os-specific/linux/firmware/b43-firmware/5.1.138.nix index 3f810fd93a1..98d793c5d99 100644 --- a/pkgs/os-specific/linux/firmware/b43-firmware/5.1.138.nix +++ b/pkgs/os-specific/linux/firmware/b43-firmware/5.1.138.nix @@ -11,7 +11,7 @@ stdenv.mkDerivation { sha256 = "0vz4ka8gycf72gmnaq61k8rh8y17j1wm2k3fidxvcqjvmix0drzi"; }; - buildInputs = [ b43FirmwareCutter ]; + nativeBuildInputs = [ b43FirmwareCutter ]; installPhase = '' mkdir -p $out/lib/firmware diff --git a/pkgs/os-specific/linux/firmware/b43-firmware/6.30.163.46.nix b/pkgs/os-specific/linux/firmware/b43-firmware/6.30.163.46.nix index 1116d96a637..622b89b1bae 100644 --- a/pkgs/os-specific/linux/firmware/b43-firmware/6.30.163.46.nix +++ b/pkgs/os-specific/linux/firmware/b43-firmware/6.30.163.46.nix @@ -9,7 +9,7 @@ stdenv.mkDerivation rec { sha256 = "0baw6gcnrhxbb447msv34xg6rmlcj0gm3ahxwvdwfcvq4xmknz50"; }; - buildInputs = [ b43FirmwareCutter ]; + nativeBuildInputs = [ b43FirmwareCutter ]; sourceRoot = "."; diff --git a/pkgs/os-specific/linux/firmware/facetimehd-calibration/default.nix b/pkgs/os-specific/linux/firmware/facetimehd-calibration/default.nix new file mode 100644 index 00000000000..5152b3dfe71 --- /dev/null +++ b/pkgs/os-specific/linux/firmware/facetimehd-calibration/default.nix @@ -0,0 +1,62 @@ +{ lib, stdenv, fetchurl, unrar-wrapper, pkgs }: + +let + + version = "5.1.5769"; + + + # Described on https://github.com/patjak/facetimehd/wiki/Extracting-the-sensor-calibration-files + + # From the wiki page, range extracted with binwalk: + zipUrl = "https://download.info.apple.com/Mac_OS_X/031-30890-20150812-ea191174-4130-11e5-a125-930911ba098f/bootcamp${version}.zip"; + zipRange = "2338085-3492508"; # the whole download is 518MB, this deflate stream is 1.2MB + + # CRC and length from the ZIP entry header (not strictly necessary, but makes it extract cleanly): + gzFooter = ''\x51\x1f\x86\x78\xcf\x5b\x12\x00''; + + # Also from the wiki page: + calibrationFiles = [ + { file = "1771_01XX.dat"; offset = "1644880"; size = "19040"; } + { file = "1871_01XX.dat"; offset = "1606800"; size = "19040"; } + { file = "1874_01XX.dat"; offset = "1625840"; size = "19040"; } + { file = "9112_01XX.dat"; offset = "1663920"; size = "33060"; } + ]; + +in + +stdenv.mkDerivation { + + pname = "facetimehd-calibration"; + inherit version; + src = fetchurl { + url = zipUrl; + sha256 = "1dzyv457fp6d8ly29sivqn6llwj5ydygx7p8kzvdnsp11zvid2xi"; + curlOpts = "-r ${zipRange}"; + }; + + dontUnpack = true; + dontInstall = true; + + buildInputs = [ unrar-wrapper ]; + + buildPhase = '' + { printf '\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\x00' + cat $src + printf '${gzFooter}' + } | zcat > AppleCamera64.exe + unrar x AppleCamera64.exe AppleCamera.sys + + mkdir -p $out/lib/firmware/facetimehd + '' + lib.concatMapStrings ({file, offset, size}: '' + dd bs=1 skip=${offset} count=${size} if=AppleCamera.sys of=$out/lib/firmware/facetimehd/${file} + '') calibrationFiles; + + meta = with lib; { + description = "facetimehd calibration"; + homepage = "https://support.apple.com/kb/DL1837"; + license = licenses.unfree; + maintainers = with maintainers; [ womfoo grahamc ]; + platforms = [ "i686-linux" "x86_64-linux" ]; + }; + +} diff --git a/pkgs/os-specific/linux/firmware/fwupd/default.nix b/pkgs/os-specific/linux/firmware/fwupd/default.nix index 272bd6dbe8f..596db7511b0 100644 --- a/pkgs/os-specific/linux/firmware/fwupd/default.nix +++ b/pkgs/os-specific/linux/firmware/fwupd/default.nix @@ -3,7 +3,6 @@ { stdenv , lib , fetchurl -, fetchpatch , fetchFromGitHub , gtk-doc , pkg-config @@ -54,6 +53,8 @@ , modemmanager , libqmi , libmbim +, libcbor +, xz }: let @@ -116,7 +117,7 @@ let self = stdenv.mkDerivation rec { pname = "fwupd"; - version = "1.7.6"; + version = "1.8.0"; # libfwupd goes to lib # daemon, plug-ins and libfwupdplugin go to out @@ -125,7 +126,7 @@ let src = fetchurl { url = "https://people.freedesktop.org/~hughsient/releases/fwupd-${version}.tar.xz"; - sha256 = "sha256-fr4VFKy2iNJknOzDktuSkJTaPwPPyYqcD6zKuwhJEvo="; + sha256 = "LAliLnOSowtORQQ0M4z2cNQzKMLyE/RsX//xAWifrps="; }; patches = [ @@ -140,26 +141,12 @@ let # they are not really part of the library. ./install-fwupdplugin-to-out.patch - # Fix detection of installed tests - # https://github.com/fwupd/fwupd/issues/3880 - (fetchpatch { - url = "https://github.com/fwupd/fwupd/commit/5bc546221331feae9cedc1892219a25d8837955f.patch"; - sha256 = "XcLhcDrB2/MFCXjKAyhftQgvJG4BBkp07geM9eK3q1g="; - }) - # Installed tests are installed to different output # we also cannot have fwupd-tests.conf in $out/etc since it would form a cycle. ./installed-tests-path.patch # EFI capsule is located in fwupd-efi now. ./efi-app-path.patch - - # Drop hard-coded FHS path - # https://github.com/fwupd/fwupd/issues/4360 - (fetchpatch { - url = "https://github.com/fwupd/fwupd/commit/14cc2e7ee471b66ee2ef54741f4bec1f92204620.patch"; - sha256 = "47682oqE66Y6QKPtN2mYpnb2+TIJFqBgsgx60LmC3FM="; - }) ]; nativeBuildInputs = [ @@ -204,16 +191,20 @@ let protobufc modemmanager libmbim + libcbor libqmi + xz # for liblzma. ] ++ lib.optionals haveDell [ libsmbios + ] ++ lib.optionals haveFlashrom [ + flashrom ]; mesonFlags = [ "-Ddocs=gtkdoc" "-Dplugin_dummy=true" # We are building the official releases. - "-Dsupported_build=true" + "-Dsupported_build=enabled" # Would dlopen libsoup to preserve compatibility with clients linking against older fwupd. # https://github.com/fwupd/fwupd/commit/173d389fa59d8db152a5b9da7cc1171586639c97 "-Dsoup_session_compat=false" @@ -224,7 +215,7 @@ let "--sysconfdir=/etc" "-Dsysconfdir_install=${placeholder "out"}/etc" "-Defi_os_dir=nixos" - "-Dplugin_modem_manager=true" + "-Dplugin_modem_manager=enabled" # We do not want to place the daemon into lib (cyclic reference) "--libexecdir=${placeholder "out"}/libexec" @@ -232,14 +223,14 @@ let # against libfwupdplugin which is in $out/lib. "-Dc_link_args=-Wl,-rpath,${placeholder "out"}/lib" ] ++ lib.optionals (!haveDell) [ - "-Dplugin_dell=false" - "-Dplugin_synaptics_mst=false" + "-Dplugin_dell=disabled" + "-Dplugin_synaptics_mst=disabled" ] ++ lib.optionals (!haveRedfish) [ - "-Dplugin_redfish=false" - ] ++ lib.optionals haveFlashrom [ - "-Dplugin_flashrom=true" + "-Dplugin_redfish=disabled" + ] ++ lib.optionals (!haveFlashrom) [ + "-Dplugin_flashrom=disabled" ] ++ lib.optionals (!haveMSR) [ - "-Dplugin_msr=false" + "-Dplugin_msr=disabled" ]; # TODO: wrapGAppsHook wraps efi capsule even though it is not ELF @@ -298,7 +289,7 @@ let efibootmgr bubblewrap tpm2-tools - ] ++ lib.optional haveFlashrom flashrom; + ]; in '' gappsWrapperArgs+=( --prefix XDG_DATA_DIRS : "${shared-mime-info}/share" @@ -323,7 +314,6 @@ let passthru = { filesInstalledToEtc = [ "fwupd/daemon.conf" - "fwupd/msr.conf" "fwupd/remotes.d/lvfs-testing.conf" "fwupd/remotes.d/lvfs.conf" "fwupd/remotes.d/vendor.conf" @@ -341,6 +331,8 @@ let "fwupd/remotes.d/dell-esrt.conf" ] ++ lib.optionals haveRedfish [ "fwupd/redfish.conf" + ] ++ lib.optionals haveMSR [ + "fwupd/msr.conf" ]; # DisabledPlugins key in fwupd/daemon.conf diff --git a/pkgs/os-specific/linux/firmware/fwupd/installed-tests-path.patch b/pkgs/os-specific/linux/firmware/fwupd/installed-tests-path.patch index ea50d88dfed..4b278c33f7f 100644 --- a/pkgs/os-specific/linux/firmware/fwupd/installed-tests-path.patch +++ b/pkgs/os-specific/linux/firmware/fwupd/installed-tests-path.patch @@ -10,10 +10,10 @@ index b8ec916f0..38209b363 100644 + install_dir: join_paths(get_option('installed_test_prefix'), 'etc', 'fwupd', 'remotes.d'), ) diff --git a/meson.build b/meson.build -index 32fe6e408..b35d741e0 100644 +index d8bd9fdc7..ff924d373 100644 --- a/meson.build +++ b/meson.build -@@ -183,8 +183,8 @@ else +@@ -187,8 +187,8 @@ else datadir = join_paths(prefix, get_option('datadir')) sysconfdir = join_paths(prefix, get_option('sysconfdir')) localstatedir = join_paths(prefix, get_option('localstatedir')) @@ -24,7 +24,7 @@ index 32fe6e408..b35d741e0 100644 endif mandir = join_paths(prefix, get_option('mandir')) localedir = join_paths(prefix, get_option('localedir')) -@@ -484,6 +484,7 @@ gnome = import('gnome') +@@ -487,6 +487,7 @@ gnome = import('gnome') i18n = import('i18n') conf.set_quoted('FWUPD_PREFIX', prefix) @@ -33,19 +33,19 @@ index 32fe6e408..b35d741e0 100644 conf.set_quoted('FWUPD_LIBDIR', libdir) conf.set_quoted('FWUPD_LIBEXECDIR', libexecdir) diff --git a/meson_options.txt b/meson_options.txt -index 0a0e2853..5f68d78b 100644 +index d00038dbc..be1c45b40 100644 --- a/meson_options.txt +++ b/meson_options.txt -@@ -25,6 +26,7 @@ option('plugin_coreboot', type : 'boolean', value : true, description : 'enable - option('systemd', type : 'boolean', value : true, description : 'enable systemd support') +@@ -56,6 +56,7 @@ option('systemd', type : 'feature', description : 'systemd support', deprecated: + option('systemd_unit_user', type : 'string', description : 'User account to use for fwupd-refresh.service (empty for DynamicUser)') option('systemd_root_prefix', type: 'string', value: '', description: 'Directory to base systemd’s installation directories on') - option('elogind', type : 'boolean', value : false, description : 'enable elogind support') + option('elogind', type : 'feature', description : 'elogind support', deprecated: {'true': 'enabled', 'false': 'disabled'}) +option('installed_test_prefix', type: 'string', description: 'Prefix for installed tests') option('tests', type : 'boolean', value : true, description : 'enable tests') - option('tpm', type : 'boolean', value : true, description : 'enable TPM support') - option('udevdir', type: 'string', value: '', description: 'Directory for udev rules') + option('soup_session_compat', type : 'boolean', value : true, description : 'enable SoupSession runtime compatibility support') + option('curl', type : 'feature', description : 'libcurl support', deprecated: {'true': 'enabled', 'false': 'disabled'}) diff --git a/plugins/redfish/fu-self-test.c b/plugins/redfish/fu-self-test.c -index c507fabc8..0cddc3248 100644 +index 4d19e560f..91cfaa616 100644 --- a/plugins/redfish/fu-self-test.c +++ b/plugins/redfish/fu-self-test.c @@ -27,7 +27,7 @@ fu_test_is_installed_test(void) diff --git a/pkgs/os-specific/linux/firmware/raspberrypi-wireless/default.nix b/pkgs/os-specific/linux/firmware/raspberrypi-wireless/default.nix index 4ade35845ec..c9192744a46 100644 --- a/pkgs/os-specific/linux/firmware/raspberrypi-wireless/default.nix +++ b/pkgs/os-specific/linux/firmware/raspberrypi-wireless/default.nix @@ -2,7 +2,7 @@ stdenv.mkDerivation { pname = "raspberrypi-wireless-firmware"; - version = "2021-11-02"; + version = "2021-12-06"; srcs = [ (fetchFromGitHub { @@ -10,14 +10,14 @@ stdenv.mkDerivation { owner = "RPi-Distro"; repo = "bluez-firmware"; rev = "e7fd166981ab4bb9a36c2d1500205a078a35714d"; - sha256 = "1dkg8mzn7n4afi50ibrda2s33nw2qj52jjjdv9w560q601gms47b"; + hash = "sha256-6xBdXwAGA1N42k1KKYrEgtsxtFAtrwhKdIrYY39Fb7Y="; }) (fetchFromGitHub { name = "firmware-nonfree"; owner = "RPi-Distro"; repo = "firmware-nonfree"; - rev = "54ffdd6e2ea6055d46656b78e148fe7def3ec9d8"; - sha256 = "4WTrs/tUyOugufRrrh0qsEmhPclQD64ypYysxsnOyS8="; + rev = "99d5c588e95ec9c9b86d7e88d3cf85b4f729d2bc"; + hash = "sha256-xg6fYQvg7t2ikyLI8/XfpiNaNTf7CNFQlAzpTldTz10="; }) ]; @@ -32,20 +32,19 @@ stdenv.mkDerivation { mkdir -p "$out/lib/firmware/brcm" # Wifi firmware - shopt -s extglob - for filename in firmware-nonfree/brcm/brcmfmac434??{,s}-sdio.*; do - cp "$filename" "$out/lib/firmware/brcm" - done + cp -rv "$NIX_BUILD_TOP/firmware-nonfree/debian/config/brcm80211/." "$out/lib/firmware/" # Bluetooth firmware - cp bluez-firmware/broadcom/*.hcd "$out/lib/firmware/brcm" + cp -rv "$NIX_BUILD_TOP/bluez-firmware/broadcom/." "$out/lib/firmware/brcm" + + # CM4 symlink must be added since it's missing from upstream + pushd $out/lib/firmware/brcm &>/dev/null + ln -s "./brcmfmac43455-sdio.txt" "$out/lib/firmware/brcm/brcmfmac43455-sdio.raspberrypi,4-compute-module.txt" + popd &>/dev/null + runHook postInstall ''; - outputHashMode = "recursive"; - outputHashAlgo = "sha256"; - outputHash = "l+7VOq7CV5QA8/FWjMBGDcxq8Qe7NFf6E2Y42htZEgE="; - meta = with lib; { description = "Firmware for builtin Wifi/Bluetooth devices in the Raspberry Pi 3+ and Zero W"; homepage = "https://github.com/RPi-Distro/firmware-nonfree"; diff --git a/pkgs/os-specific/linux/firmware/raspberrypi/default.nix b/pkgs/os-specific/linux/firmware/raspberrypi/default.nix index 7f0eef05dc4..9181a94dcb6 100644 --- a/pkgs/os-specific/linux/firmware/raspberrypi/default.nix +++ b/pkgs/os-specific/linux/firmware/raspberrypi/default.nix @@ -1,17 +1,17 @@ -{ lib, stdenvNoCC, fetchurl, unzip }: +{ lib, stdenvNoCC, fetchFromGitHub }: stdenvNoCC.mkDerivation rec { # NOTE: this should be updated with linux_rpi pname = "raspberrypi-firmware"; - version = "1.20220118"; + version = "1.20220331"; - src = fetchurl { - url = "https://github.com/raspberrypi/firmware/archive/${version}.zip"; - sha256 = "sha256-98rbwKIuB7vb4MWbFCr7TYsvJB0HzPdH8Tw0+bktK/M="; + src = fetchFromGitHub { + owner = "raspberrypi"; + repo = "firmware"; + rev = version; + hash = "sha256-TxlpHPEJAtVJTtDghuJpx2mLjEPiKkcAr7S9Cd/cocE="; }; - nativeBuildInputs = [ unzip ]; - installPhase = '' mkdir -p $out/share/raspberrypi/ mv boot "$out/share/raspberrypi/" @@ -26,5 +26,6 @@ stdenvNoCC.mkDerivation rec { homepage = "https://github.com/raspberrypi/firmware"; license = licenses.unfreeRedistributableFirmware; # See https://github.com/raspberrypi/firmware/blob/master/boot/LICENCE.broadcom maintainers = with maintainers; [ dezgeg ]; + broken = stdenvNoCC.isDarwin; # Hash mismatch on source, mystery. }; } diff --git a/pkgs/os-specific/linux/firmware/rt5677/default.nix b/pkgs/os-specific/linux/firmware/rt5677/default.nix index f5d84179fd2..f21d34bbe53 100644 --- a/pkgs/os-specific/linux/firmware/rt5677/default.nix +++ b/pkgs/os-specific/linux/firmware/rt5677/default.nix @@ -1,15 +1,15 @@ -{ lib, stdenv, fetchgit }: +{ lib, stdenv, fetchFromGitHub }: stdenv.mkDerivation { name = "rt5677-firmware"; - src = fetchgit { - url = "https://github.com/raphael/linux-samus"; + src = fetchFromGitHub { + owner = "raphael"; + repo = "linux-samus"; rev = "995de6c2093797905fbcd79f1a3625dd3f50be37"; - sha256 = "0a6lz9wadm47cmva136q6wd0lw03bmymf9ispnzb091a7skwacry"; + sha256 = "sha256-PjPFpz4qJLC+vTomV31dA3AKGjfYjKB2ZYfUpnj61Cg="; }; - installPhase = '' mkdir -p $out/lib/firmware cp ./firmware/rt5677_elf_vad $out/lib/firmware diff --git a/pkgs/os-specific/linux/firmware/sof-firmware/default.nix b/pkgs/os-specific/linux/firmware/sof-firmware/default.nix index 841e73cfc8b..7192fbac478 100644 --- a/pkgs/os-specific/linux/firmware/sof-firmware/default.nix +++ b/pkgs/os-specific/linux/firmware/sof-firmware/default.nix @@ -5,13 +5,13 @@ stdenvNoCC.mkDerivation rec { pname = "sof-firmware"; - version = "2.0"; + version = "2.1.1"; src = fetchFromGitHub { owner = "thesofproject"; repo = "sof-bin"; rev = "v${version}"; - sha256 = "sha256-pDxNcDe/l1foFYuHB0w3YZidKIeH6h0IuwRmMzeMteE="; + sha256 = "sha256-/OYYfIJWMT+rBBhSCtHaSWvwRMlReEQ5y4FuMfk5zUg="; }; dontFixup = true; # binaries must not be stripped or patchelfed diff --git a/pkgs/os-specific/linux/forktty/default.nix b/pkgs/os-specific/linux/forktty/default.nix index f060557cdec..7dc1f0c3b2e 100644 --- a/pkgs/os-specific/linux/forktty/default.nix +++ b/pkgs/os-specific/linux/forktty/default.nix @@ -5,8 +5,8 @@ stdenv.mkDerivation rec { version = "1.3"; src = fetchurl { - url = "http://sunsite.unc.edu/pub/linux/utils/terminal/forktty-${version}.tgz"; - sha256 = "sha256-6xc5eshCuCIOsDh0r2DizKAeypGH0TRRotZ4itsvpVk="; + url = "mirror://ibiblioPubLinux/utils/terminal/${pname}-${version}.tgz"; + hash = "sha256-6xc5eshCuCIOsDh0r2DizKAeypGH0TRRotZ4itsvpVk="; }; preBuild = '' diff --git a/pkgs/os-specific/linux/fuse/common.nix b/pkgs/os-specific/linux/fuse/common.nix index 5adb1b5355a..ac4deb19f51 100644 --- a/pkgs/os-specific/linux/fuse/common.nix +++ b/pkgs/os-specific/linux/fuse/common.nix @@ -31,7 +31,13 @@ in stdenv.mkDerivation rec { }) ++ (if isFuse3 then [ ./fuse3-install.patch ./fuse3-Do-not-set-FUSERMOUNT_DIR.patch ] - else [ ./fuse2-Do-not-set-FUSERMOUNT_DIR.patch ]); + else [ + ./fuse2-Do-not-set-FUSERMOUNT_DIR.patch + (fetchpatch { + url = "https://gitweb.gentoo.org/repo/gentoo.git/plain/sys-fs/fuse/files/fuse-2.9.9-closefrom-glibc-2-34.patch?id=8a970396fca7aca2d5a761b8e7a8242f1eef14c9"; + sha256 = "sha256-ELYBW/wxRcSMssv7ejCObrpsJHtOPJcGq33B9yHQII4="; + }) + ]); nativeBuildInputs = if isFuse3 then [ meson ninja pkg-config ] @@ -92,7 +98,7 @@ in stdenv.mkDerivation rec { provides the reference implementation for communicating with the FUSE kernel module. ''; - inherit (src.meta) homepage; + homepage = "https://github.com/libfuse/libfuse"; changelog = "https://github.com/libfuse/libfuse/releases/tag/fuse-${version}"; platforms = platforms.linux; license = with licenses; [ gpl2Only lgpl21Only ]; diff --git a/pkgs/os-specific/linux/fwts/module.nix b/pkgs/os-specific/linux/fwts/module.nix index 737d3316e21..72f25aa800e 100644 --- a/pkgs/os-specific/linux/fwts/module.nix +++ b/pkgs/os-specific/linux/fwts/module.nix @@ -18,7 +18,7 @@ stdenv.mkDerivation rec { hardeningDisable = [ "pic" ]; - makeFlags = [ + makeFlags = kernel.makeFlags ++ [ "INSTALL_MOD_PATH=${placeholder "out"}" ]; diff --git a/pkgs/os-specific/linux/gcadapter-oc-kmod/default.nix b/pkgs/os-specific/linux/gcadapter-oc-kmod/default.nix index ab2e099d970..bcea220cc96 100644 --- a/pkgs/os-specific/linux/gcadapter-oc-kmod/default.nix +++ b/pkgs/os-specific/linux/gcadapter-oc-kmod/default.nix @@ -19,7 +19,7 @@ in stdenv.mkDerivation rec { nativeBuildInputs = kernel.moduleBuildDependencies; - makeFlags = [ + makeFlags = kernel.makeFlags ++ [ "KERNEL_SOURCE_DIR=${kernel.dev}/${kerneldir}/build" "INSTALL_MOD_PATH=$(out)" ]; diff --git a/pkgs/os-specific/linux/hid-nintendo/default.nix b/pkgs/os-specific/linux/hid-nintendo/default.nix index e9ee88252ea..7d01120b2f3 100644 --- a/pkgs/os-specific/linux/hid-nintendo/default.nix +++ b/pkgs/os-specific/linux/hid-nintendo/default.nix @@ -17,7 +17,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = kernel.moduleBuildDependencies; - makeFlags = [ + makeFlags = kernel.makeFlags ++ [ "-C" "${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" "M=$(sourceRoot)" diff --git a/pkgs/os-specific/linux/hostapd/default.nix b/pkgs/os-specific/linux/hostapd/default.nix index 8124da489ae..3fdbaa9149a 100644 --- a/pkgs/os-specific/linux/hostapd/default.nix +++ b/pkgs/os-specific/linux/hostapd/default.nix @@ -73,7 +73,6 @@ stdenv.mkDerivation rec { meta = with lib; { homepage = "https://hostap.epitest.fi"; - repositories.git = "git://w1.fi/hostap.git"; description = "A user space daemon for access point and authentication servers"; license = licenses.gpl2; maintainers = with maintainers; [ ninjatrappeur hexa ]; diff --git a/pkgs/os-specific/linux/i7z/default.nix b/pkgs/os-specific/linux/i7z/default.nix index 7de8046483d..9af2aba3d80 100644 --- a/pkgs/os-specific/linux/i7z/default.nix +++ b/pkgs/os-specific/linux/i7z/default.nix @@ -49,7 +49,6 @@ stdenv.mkDerivation rec { meta = with lib; { description = "A better i7 (and now i3, i5) reporting tool for Linux"; homepage = "https://github.com/DimitryAndric/i7z"; - repositories.git = "https://github.com/DimitryAndric/i7z.git"; license = licenses.gpl2; maintainers = with maintainers; [ bluescreen303 ]; # broken on ARM diff --git a/pkgs/os-specific/linux/intel-ocl/default.nix b/pkgs/os-specific/linux/intel-ocl/default.nix index 06cb18b2377..026ce80c645 100644 --- a/pkgs/os-specific/linux/intel-ocl/default.nix +++ b/pkgs/os-specific/linux/intel-ocl/default.nix @@ -5,7 +5,11 @@ stdenv.mkDerivation rec { version = "5.0-63503"; src = fetchzip { - url = "https://registrationcenter-download.intel.com/akdlm/irc_nas/11396/SRB5.0_linux64.zip"; + # https://github.com/NixOS/nixpkgs/issues/166886 + urls = [ + "https://registrationcenter-download.intel.com/akdlm/irc_nas/11396/SRB5.0_linux64.zip" + "http://registrationcenter-download.intel.com/akdlm/irc_nas/11396/SRB5.0_linux64.zip" + ]; sha256 = "0qbp63l74s0i80ysh9ya8x7r79xkddbbz4378nms9i7a0kprg9p2"; stripRoot = false; }; diff --git a/pkgs/os-specific/linux/iproute/default.nix b/pkgs/os-specific/linux/iproute/default.nix index 74003ff83b8..64c54306333 100644 --- a/pkgs/os-specific/linux/iproute/default.nix +++ b/pkgs/os-specific/linux/iproute/default.nix @@ -1,15 +1,16 @@ { lib, stdenv, fetchurl, fetchpatch , buildPackages, bison, flex, pkg-config , db, iptables, libelf, libmnl +, gitUpdater }: stdenv.mkDerivation rec { pname = "iproute2"; - version = "5.14.0"; + version = "5.17.0"; src = fetchurl { url = "mirror://kernel/linux/utils/net/${pname}/${pname}-${version}.tar.xz"; - sha256 = "1m4ifnxq7lxnm95l5354z8dk3xj6w9isxmbz53266drgln2sf3r1"; + sha256 = "bjhPG0LHXhqdqsV4Zto33P+QkJC6huslpudk2niTZg4="; }; patches = [ @@ -48,6 +49,13 @@ stdenv.mkDerivation rec { enableParallelBuilding = true; + passthru.updateScript = gitUpdater { + inherit pname version; + # No nicer place to find latest release. + url = "https://git.kernel.org/pub/scm/network/iproute2/iproute2.git"; + rev-prefix = "v"; + }; + meta = with lib; { homepage = "https://wiki.linuxfoundation.org/networking/iproute2"; description = "A collection of utilities for controlling TCP/IP networking and traffic control in Linux"; diff --git a/pkgs/os-specific/linux/iwd/default.nix b/pkgs/os-specific/linux/iwd/default.nix index 72ecaffe5f5..bc5811942a5 100644 --- a/pkgs/os-specific/linux/iwd/default.nix +++ b/pkgs/os-specific/linux/iwd/default.nix @@ -12,12 +12,12 @@ stdenv.mkDerivation rec { pname = "iwd"; - version = "1.20"; + version = "1.26"; src = fetchgit { url = "https://git.kernel.org/pub/scm/network/wireless/iwd.git"; rev = version; - sha256 = "sha256-GcqmMqrZSgvSrsY8FJbPynNWTzSi5A6kmyq+xJ+2i3Y="; + sha256 = "sha256-+BciYfb9++u9Ux4AdvPFFIFVq8j+TVoTLKqxzmn5p3o="; }; outputs = [ "out" "man" "doc" ] @@ -59,6 +59,7 @@ stdenv.mkDerivation rec { postUnpack = '' mkdir -p iwd/ell ln -s ${ell.src}/ell/useful.h iwd/ell/useful.h + ln -s ${ell.src}/ell/asn1-private.h iwd/ell/asn1-private.h patchShebangs . ''; diff --git a/pkgs/os-specific/linux/jool/default.nix b/pkgs/os-specific/linux/jool/default.nix index 2fd10778e2c..9246ca679a6 100644 --- a/pkgs/os-specific/linux/jool/default.nix +++ b/pkgs/os-specific/linux/jool/default.nix @@ -16,13 +16,12 @@ stdenv.mkDerivation { sed -e 's@/lib/modules/\$(.*)@${kernel.dev}/lib/modules/${kernel.modDirVersion}@' -i src/mod/*/Makefile ''; - buildPhase = '' - make -C src/mod - ''; + makeFlags = kernel.makeFlags ++ [ + "-C src/mod" + "INSTALL_MOD_PATH=${placeholder "out"}" + ]; - installPhase = '' - make -C src/mod modules_install INSTALL_MOD_PATH=$out - ''; + installTargets = "modules_install"; meta = with lib; { homepage = "https://www.jool.mx/"; diff --git a/pkgs/os-specific/linux/kbd/default.nix b/pkgs/os-specific/linux/kbd/default.nix index 23a523b15d7..4c89d8c8219 100644 --- a/pkgs/os-specific/linux/kbd/default.nix +++ b/pkgs/os-specific/linux/kbd/default.nix @@ -68,6 +68,7 @@ stdenv.mkDerivation rec { passthru.tests = { inherit (nixosTests) keymap kbd-setfont-decompress kbd-update-search-paths-patch; }; + passthru.gzip = gzip; meta = with lib; { homepage = "https://kbd-project.org/"; diff --git a/pkgs/os-specific/linux/kernel-headers/default.nix b/pkgs/os-specific/linux/kernel-headers/default.nix index 83359844887..0c1514d01c2 100644 --- a/pkgs/os-specific/linux/kernel-headers/default.nix +++ b/pkgs/os-specific/linux/kernel-headers/default.nix @@ -81,12 +81,12 @@ let in { inherit makeLinuxHeaders; - linuxHeaders = let version = "5.16"; in + linuxHeaders = let version = "5.17"; in makeLinuxHeaders { inherit version; src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "1fq86dbx2p124vi4j8nan68gj4zyw4xnqh4jxq9aqsdvi24pwz82"; + sha256 = "1cdi43x4c3l4chznh57gm55szycj4wjlxl1dss1ilnfvvmhyypsm"; }; patches = [ ./no-relocs.patch # for building x86 kernel headers on non-ELF platforms diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix index 671fdef2f5d..fdf54d302bf 100644 --- a/pkgs/os-specific/linux/kernel/common-config.nix +++ b/pkgs/os-specific/linux/kernel/common-config.nix @@ -60,16 +60,16 @@ let }; power-management = { - PM_ADVANCED_DEBUG = yes; - X86_INTEL_LPSS = yes; - X86_INTEL_PSTATE = yes; - INTEL_IDLE = yes; CPU_FREQ_DEFAULT_GOV_PERFORMANCE = yes; CPU_FREQ_GOV_SCHEDUTIL = yes; + PM_ADVANCED_DEBUG = yes; PM_WAKELOCKS = yes; - # Power-capping framework and support for INTEL RAPL POWERCAP = yes; + } // optionalAttrs (stdenv.hostPlatform.isx86) { + INTEL_IDLE = yes; INTEL_RAPL = whenAtLeast "5.3" module; + X86_INTEL_LPSS = yes; + X86_INTEL_PSTATE = yes; }; external-firmware = { @@ -218,6 +218,11 @@ let # Kernel TLS TLS = whenAtLeast "4.13" module; TLS_DEVICE = whenAtLeast "4.18" yes; + + # infiniband + INFINIBAND = module; + INFINIBAND_IPOIB = module; + INFINIBAND_IPOIB_CM = yes; }; wireless = { @@ -264,8 +269,6 @@ let DRM_GMA600 = whenOlder "5.13" yes; DRM_GMA3600 = whenOlder "5.12" yes; DRM_VMWGFX_FBCON = yes; - # necessary for amdgpu polaris support - DRM_AMD_POWERPLAY = whenBetween "4.5" "4.9" yes; # (experimental) amdgpu support for verde and newer chipsets DRM_AMDGPU_SI = yes; # (stable) amdgpu support for bonaire and newer chipsets @@ -378,7 +381,7 @@ let EXT4_FS_POSIX_ACL = yes; EXT4_FS_SECURITY = yes; - EXT4_ENCRYPTION = { optional = true; tristate = if (versionOlder version "4.8") then "m" else "y"; }; + EXT4_ENCRYPTION = option yes; REISERFS_FS_XATTR = option yes; REISERFS_FS_POSIX_ACL = option yes; @@ -445,6 +448,9 @@ let NLS_CODEPAGE_437 = module; # VFAT default for the codepage= mount option NLS_ISO8859_1 = module; # VFAT default for the iocharset= mount option + # Needed to use the installation iso image. Not included in all defconfigs (e.g. arm64) + ISO9660_FS = module; + DEVTMPFS = yes; UNICODE = whenAtLeast "5.2" yes; # Casefolding support for filesystems @@ -456,7 +462,7 @@ let # https://googleprojectzero.blogspot.com/2019/11/bad-binder-android-in-wild-exploit.html DEBUG_LIST = yes; # Detect writes to read-only module pages - DEBUG_SET_MODULE_RONX = { optional = true; tristate = whenOlder "4.11" "y"; }; + DEBUG_SET_MODULE_RONX = whenOlder "4.11" (option yes); RANDOMIZE_BASE = option yes; STRICT_DEVMEM = mkDefault yes; # Filter access to /dev/mem IO_STRICT_DEVMEM = mkDefault yes; @@ -474,6 +480,7 @@ let DEFAULT_SECURITY_APPARMOR = yes; RANDOM_TRUST_CPU = whenAtLeast "4.19" yes; # allow RDRAND to seed the RNG + RANDOM_TRUST_BOOTLOADER = whenAtLeast "5.4" yes; # allow the bootloader to seed the RNG MODULE_SIG = no; # r13y, generates a random key during build and bakes it in # Depends on MODULE_SIG and only really helps when you sign your modules @@ -542,7 +549,7 @@ let UPROBE_EVENT = { optional = true; tristate = whenOlder "4.11" "y";}; UPROBE_EVENTS = { optional = true; tristate = whenAtLeast "4.11" "y";}; BPF_SYSCALL = yes; - BPF_UNPRIV_DEFAULT_OFF = whenBetween "5.10" "5.15" yes; + BPF_UNPRIV_DEFAULT_OFF = whenBetween "5.10" "5.16" yes; BPF_EVENTS = yes; FUNCTION_PROFILER = yes; RING_BUFFER_BENCHMARK = no; @@ -555,8 +562,8 @@ let PARAVIRT_SPINLOCKS = option yes; KVM_ASYNC_PF = yes; - KVM_COMPAT = { optional = true; tristate = whenBetween "4.0" "4.12" "y"; }; - KVM_DEVICE_ASSIGNMENT = { optional = true; tristate = whenBetween "3.10" "4.12" "y"; }; + KVM_COMPAT = whenOlder "4.12" (option yes); + KVM_DEVICE_ASSIGNMENT = whenOlder "4.12" (option yes); KVM_GENERIC_DIRTYLOG_READ_PROTECT = yes; KVM_GUEST = yes; KVM_MMIO = yes; @@ -719,7 +726,12 @@ let HID_ACRUX_FF = yes; DRAGONRISE_FF = yes; + GREENASIA_FF = yes; HOLTEK_FF = yes; + JOYSTICK_PSXPAD_SPI_FF = whenAtLeast "4.14" yes; + LOGIG940_FF = yes; + NINTENDO_FF = whenAtLeast "5.16" yes; + PLAYSTATION_FF = whenAtLeast "5.12" yes; SONY_FF = yes; SMARTJOYPLUS_FF = yes; THRUSTMASTER_FF = yes; @@ -759,7 +771,6 @@ let AIC79XX_DEBUG_ENABLE = no; AIC7XXX_DEBUG_ENABLE = no; AIC94XX_DEBUG = no; - B43_PCMCIA = { optional=true; tristate = whenOlder "4.4" "y";}; BLK_DEV_INTEGRITY = yes; @@ -780,7 +791,9 @@ let BT_RFCOMM_TTY = option yes; # RFCOMM TTY support BT_QCA = module; # enables QCA6390 bluetooth - CLEANCACHE = option yes; + # Removed on 5.17 as it was unused + # upstream: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0a4ee518185e902758191d968600399f3bc2be31 + CLEANCACHE = whenOlder "5.17" (option yes); CRASH_DUMP = option no; DVB_DYNAMIC_MINORS = option yes; # we use udev @@ -896,6 +909,11 @@ let ANDROID_BINDER_IPC = { optional = true; tristate = whenAtLeast "5.0" "y";}; ANDROID_BINDERFS = { optional = true; tristate = whenAtLeast "5.0" "y";}; ANDROID_BINDER_DEVICES = { optional = true; freeform = whenAtLeast "5.0" "binder,hwbinder,vndbinder";}; + + TASKSTATS = yes; + TASK_DELAY_ACCT = yes; + TASK_XACCT = yes; + TASK_IO_ACCOUNTING = yes; } // optionalAttrs (stdenv.hostPlatform.system == "x86_64-linux" || stdenv.hostPlatform.system == "aarch64-linux") { # Enable CPU/memory hotplug support # Allows you to dynamically add & remove CPUs/memory to a VM client running NixOS without requiring a reboot diff --git a/pkgs/os-specific/linux/kernel/generate-config.pl b/pkgs/os-specific/linux/kernel/generate-config.pl index df807188f14..7e12ca5d96a 100644 --- a/pkgs/os-specific/linux/kernel/generate-config.pl +++ b/pkgs/os-specific/linux/kernel/generate-config.pl @@ -81,7 +81,7 @@ sub runConfig { my $question = $1; my $name = $2; my $alts = $3; my $answer = ""; # Build everything as a module if possible. - $answer = "m" if $autoModules && $alts =~ /\/m/ && !($preferBuiltin && $alts =~ /Y/); + $answer = "m" if $autoModules && $alts =~ qr{\A(\w/)+m/(\w/)*\?\z} && !($preferBuiltin && $alts =~ /Y/); $answer = $answers{$name} if defined $answers{$name}; print STDERR "QUESTION: $question, NAME: $name, ALTS: $alts, ANSWER: $answer\n" if $debug; print OUT "$answer\n"; diff --git a/pkgs/os-specific/linux/kernel/gpio-utils.nix b/pkgs/os-specific/linux/kernel/gpio-utils.nix index 9c7386f61c1..40e282bbf54 100644 --- a/pkgs/os-specific/linux/kernel/gpio-utils.nix +++ b/pkgs/os-specific/linux/kernel/gpio-utils.nix @@ -2,8 +2,6 @@ with lib; -assert versionAtLeast linux.version "4.6"; - stdenv.mkDerivation { pname = "gpio-utils"; version = linux.version; diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index cdb6099d4a1..cb73bbed557 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -2,51 +2,51 @@ "4.14": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-4.14.269-hardened1.patch", - "sha256": "1hj3yn70aifprcfz4k088pj0lbr92cl5y840g08p0cqz3f3jvf24", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.269-hardened1/linux-hardened-4.14.269-hardened1.patch" + "name": "linux-hardened-4.14.276-hardened1.patch", + "sha256": "1q0w8fqn9z32r35s3lil9dllkykydnpfp1dkhgvmy5rggbm801ay", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.276-hardened1/linux-hardened-4.14.276-hardened1.patch" }, - "sha256": "1lhqq3va468k8w5f4hhsq1rgjcfrgi5l8lnrikfy9jisbi05z9h3", - "version": "4.14.269" + "sha256": "1rxksrmkh5raz930y9khfg85dglgphrgcvkj21n86m333pajs4mf", + "version": "4.14.276" }, "4.19": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-4.19.232-hardened1.patch", - "sha256": "195gbiial5rpiak4mszw3kn1dmm38npk2bchyb9lfvk1f26h2ybc", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.232-hardened1/linux-hardened-4.19.232-hardened1.patch" + "name": "linux-hardened-4.19.239-hardened1.patch", + "sha256": "1w0h47av90aapz5g5ldny1vrq21n22kxag24byk4b43ndg6q0ksc", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.239-hardened1/linux-hardened-4.19.239-hardened1.patch" }, - "sha256": "0b520cwwqr5b1skc3gbq35hfjqpidxcl3gq7x5bdqqqdg0afiksg", - "version": "4.19.232" + "sha256": "0fsr9jy8d1rpg6ixp7av01pqz3vq50rgfcjd7vj16ccsdk15sz5z", + "version": "4.19.239" }, "5.10": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-5.10.103-hardened1.patch", - "sha256": "0i70cya9llz6nnhf4d5zz3f8xhj21si8capymmzcjczz0378argj", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.103-hardened1/linux-hardened-5.10.103-hardened1.patch" + "name": "linux-hardened-5.10.112-hardened1.patch", + "sha256": "1sryrhl7bblx4r0smvlzw7p4xhc4l8bsqgwzlj2x8qamj544w464", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.112-hardened1/linux-hardened-5.10.112-hardened1.patch" }, - "sha256": "02jq126r8dgqrhgdg8dym2v8xgp9jkjm8kf9zgj440s3wrasvf2g", - "version": "5.10.103" + "sha256": "19aa7fq8n75gh0vv01mpxg4cxkfpr5lj0sv6lxiyzcgbc71isv4c", + "version": "5.10.112" }, "5.15": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-5.15.26-hardened1.patch", - "sha256": "14pdmiqnn06by8mvxw4gklqfrnngrimyz1ag76pr60iz6ka6y5g8", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.15.26-hardened1/linux-hardened-5.15.26-hardened1.patch" + "name": "linux-hardened-5.15.35-hardened1.patch", + "sha256": "10x2q01bckmfmgdzfg01khj43pav1drzzp3fr20hk718ywikvgax", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.15.35-hardened1/linux-hardened-5.15.35-hardened1.patch" }, - "sha256": "0fmydc5v51iacd5ys7p1m1k2318p47prj8xv02rcngv1y8s224jq", - "version": "5.15.26" + "sha256": "1n05c4c4ish25x483a2p5177zgda8pq7g4752n1b7chfygi5l6ha", + "version": "5.15.35" }, "5.4": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-5.4.182-hardened1.patch", - "sha256": "0hcxy2hn836mivydmrbqrpvm4bfdsgf9xpx0iyz92rhd91ipgcyq", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.182-hardened1/linux-hardened-5.4.182-hardened1.patch" + "name": "linux-hardened-5.4.190-hardened1.patch", + "sha256": "0z4w05fq20pmiyxf4bip61ywy5xg96klbnj62yxiaha68pfwlm29", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.190-hardened1/linux-hardened-5.4.190-hardened1.patch" }, - "sha256": "03gly4ivsdahixmshi021al48ycsalx30vsxr3iyj47hchgj1wdj", - "version": "5.4.182" + "sha256": "157ifcl59xxj721r302hg82vmbqzx5hjrlihrc5s4maxfw3ygm41", + "version": "5.4.190" } } diff --git a/pkgs/os-specific/linux/kernel/hardened/update.py b/pkgs/os-specific/linux/kernel/hardened/update.py index 48567b68dc3..d0f8c77c783 100755 --- a/pkgs/os-specific/linux/kernel/hardened/update.py +++ b/pkgs/os-specific/linux/kernel/hardened/update.py @@ -219,7 +219,16 @@ failures = False # Match each kernel version with the best patch version. releases = {} +i = 0 for release in repo.get_releases(): + # Dirty workaround to make sure that we don't run into issues because + # GitHub's API only allows fetching the last 1000 releases. + # It's not reliable to exit earlier because not every kernel minor may + # have hardened patches, hence the naive search below. + i += 1 + if i > 500: + break + version = parse_version(release.tag_name) # needs to look like e.g. 5.6.3-hardened1 if len(version) < 4: diff --git a/pkgs/os-specific/linux/kernel/linux-4.14.nix b/pkgs/os-specific/linux/kernel/linux-4.14.nix index 4336e6297f5..b451202871e 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.14.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.14.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "4.14.270"; + version = "4.14.277"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "17fj5aif5f0z0xgb321ghpv5p6drqxz0w948dr4hql4cj193r2zv"; + sha256 = "058vzn1gcsc194hgwrj78afawz2anm7ga8a1x5m5i4cw8p1arp73"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-4.19.nix b/pkgs/os-specific/linux/kernel/linux-4.19.nix index ff3b8ea22b6..c03c5d5afd2 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.19.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.19.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "4.19.233"; + version = "4.19.240"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "0dyf1xapmhly9gpygyjzj5yhn6s5xb0gss033sgllwn243q6bxmq"; + sha256 = "1hj6vngynx6kjaczjl77jjwqq0kh0lm6jdqjvakd1cgrppaizb3j"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-4.9.nix b/pkgs/os-specific/linux/kernel/linux-4.9.nix index 1a8be19098f..704423c6e99 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.9.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.9.nix @@ -1,12 +1,12 @@ { buildPackages, fetchurl, perl, buildLinux, nixosTests, stdenv, ... } @ args: buildLinux (args // rec { - version = "4.9.305"; + version = "4.9.312"; extraMeta.branch = "4.9"; extraMeta.broken = stdenv.isAarch64; src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "0yspfrqlgpsa3a591bk9c2xqq5xf70lqfgj8wrnhd42agfxanr8k"; + sha256 = "09y6wl4j3y46fza6kmssibmxspxx0i44fqrhc2cyvrm2bgxv2bzs"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-5.10.nix b/pkgs/os-specific/linux/kernel/linux-5.10.nix index 07061ec05bc..1ac78adf7c7 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.10.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.10.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.10.104"; + version = "5.10.113"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "1wb2ql58md45wi49bp3rck7ppgisyjdl7lxarzqd094fx9kr4jir"; + sha256 = "1z3dd5hrdbn2axsi2n70n41q1dq2dvg7s8aph1p6yiajpc16llc2"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-5.15.nix b/pkgs/os-specific/linux/kernel/linux-5.15.nix index b1a0b1bdcf0..44438676ae3 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.15.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.15.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.15.27"; + version = "5.15.36"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -15,6 +15,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "01ksvmcwljzphbdll0pd9zg8ys8jy5xy29b54pxqjs3wq3n8zj9k"; + sha256 = "1466557034q1fzvpy8vwj8ps3cv2q8s7z76af9y1jz4kgaqmsd1n"; }; } // (args.argsOverride or { })) diff --git a/pkgs/os-specific/linux/kernel/linux-5.16.nix b/pkgs/os-specific/linux/kernel/linux-5.17.nix index 43aca96805e..4c67169b706 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.16.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.17.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.16.13"; + version = "5.17.5"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "1fvz4v3mcm9yxfak6mshl764piadgz46y71wprb85b1shc09i2ig"; + sha256 = "11z95wsgmj97pg77yck26l0383gncbla0zwpzv4gjdj4p62x3g4v"; }; } // (args.argsOverride or { })) diff --git a/pkgs/os-specific/linux/kernel/linux-5.4.nix b/pkgs/os-specific/linux/kernel/linux-5.4.nix index f9e65542390..073d0ef7705 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.4.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.4.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.4.183"; + version = "5.4.191"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "17691h1575spgwh88mk189ars6gyjcl9nnaz585l2da8civhnjrd"; + sha256 = "0fharjqasvq76pciwci6qamdadpfjh2n8gdyri8fj65drmgsi318"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-libre.nix b/pkgs/os-specific/linux/kernel/linux-libre.nix index 16577980809..7bb6e5f7972 100644 --- a/pkgs/os-specific/linux/kernel/linux-libre.nix +++ b/pkgs/os-specific/linux/kernel/linux-libre.nix @@ -1,8 +1,8 @@ { stdenv, lib, fetchsvn, linux , scripts ? fetchsvn { url = "https://www.fsfla.org/svn/fsfla/software/linux-libre/releases/branches/"; - rev = "18613"; - sha256 = "1qgvhrh4nnn56aykaxqmlnzy8s111b5vn277n7qm4ldyr312g4hs"; + rev = "18688"; + sha256 = "15f83zcwxk28b3a4am8avi0xwd7zr79n00150k6xdf3g8haz7yaj"; } , ... }: diff --git a/pkgs/os-specific/linux/kernel/linux-rpi.nix b/pkgs/os-specific/linux/kernel/linux-rpi.nix index 99b966ac5cd..8654bc432ce 100644 --- a/pkgs/os-specific/linux/kernel/linux-rpi.nix +++ b/pkgs/os-specific/linux/kernel/linux-rpi.nix @@ -2,9 +2,8 @@ let # NOTE: raspberrypifw & raspberryPiWirelessFirmware should be updated with this - modDirVersion = "5.10.92"; - tag = "1.20220118"; - rev = "650082a559a570d6c9d2739ecc62843d6f951059"; + modDirVersion = "5.15.32"; + tag = "1.20220331"; in lib.overrideDerivation (buildLinux (args // { version = "${modDirVersion}-${tag}"; @@ -13,8 +12,8 @@ lib.overrideDerivation (buildLinux (args // { src = fetchFromGitHub { owner = "raspberrypi"; repo = "linux"; - inherit rev; - sha256 = "sha256-OSDx9dzqm8JnLUvdiv1aKqhRz80uWqfjXLd7m6ycXME="; + rev = tag; + hash = "sha256-dJtOXe4yvZz/iu0Ly5F9/E/2GbpTJF/9ZMU3rC1nKMw="; }; defconfig = { diff --git a/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix b/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix index 70be0e58ebc..7162fe8ac19 100644 --- a/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix +++ b/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix @@ -6,7 +6,7 @@ , ... } @ args: let - version = "5.10.100-rt62"; # updated by ./update-rt.sh + version = "5.10.109-rt65"; # updated by ./update-rt.sh branch = lib.versions.majorMinor version; kversion = builtins.elemAt (lib.splitString "-" version) 0; in buildLinux (args // { @@ -18,14 +18,14 @@ in buildLinux (args // { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${kversion}.tar.xz"; - sha256 = "16892wnfkdpqy3v4xmdzlqn5zlfrgz9wqh6vadnx58xnr6pnasfm"; + sha256 = "1p0k46isy2wzzms801lrnb59f1nb9mhywjj7fnkrwrj9nbn25yqq"; }; kernelPatches = let rt-patch = { name = "rt"; patch = fetchurl { url = "mirror://kernel/linux/kernel/projects/rt/${branch}/older/patch-${version}.patch.xz"; - sha256 = "1wimp4ckaqp5cfvkf50gv3s5biyr0sjifz4faw23m07ciydm15k0"; + sha256 = "0w7bs5kmwvbyfy5js218ys42s8i51m8v0mbkfhiynlpm3iph357q"; }; }; in [ rt-patch ] ++ kernelPatches; diff --git a/pkgs/os-specific/linux/kernel/linux-rt-5.4.nix b/pkgs/os-specific/linux/kernel/linux-rt-5.4.nix index c1534838b72..bb404fc59e9 100644 --- a/pkgs/os-specific/linux/kernel/linux-rt-5.4.nix +++ b/pkgs/os-specific/linux/kernel/linux-rt-5.4.nix @@ -6,7 +6,7 @@ , ... } @ args: let - version = "5.4.182-rt70"; # updated by ./update-rt.sh + version = "5.4.188-rt73"; # updated by ./update-rt.sh branch = lib.versions.majorMinor version; kversion = builtins.elemAt (lib.splitString "-" version) 0; in buildLinux (args // { @@ -14,14 +14,14 @@ in buildLinux (args // { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${kversion}.tar.xz"; - sha256 = "03gly4ivsdahixmshi021al48ycsalx30vsxr3iyj47hchgj1wdj"; + sha256 = "1g7xf2jx1hx580f42yirfgv9v0f9f88wzxxx0wiwx7wcqbyqpg4z"; }; kernelPatches = let rt-patch = { name = "rt"; patch = fetchurl { url = "mirror://kernel/linux/kernel/projects/rt/${branch}/older/patch-${version}.patch.xz"; - sha256 = "193glhb0bkaa7qggkj2vpp3r6avf0sh8fasj8byww7xwkhm7cncq"; + sha256 = "17qx5xrchgss7zxg9lg91mqh0v3irx355003g7rj12h8y5r16l58"; }; }; in [ rt-patch ] ++ kernelPatches; diff --git a/pkgs/os-specific/linux/kernel/linux-testing-bcachefs.nix b/pkgs/os-specific/linux/kernel/linux-testing-bcachefs.nix index 52fc24e101e..51f47cea2c4 100644 --- a/pkgs/os-specific/linux/kernel/linux-testing-bcachefs.nix +++ b/pkgs/os-specific/linux/kernel/linux-testing-bcachefs.nix @@ -1,9 +1,9 @@ { lib , fetchpatch , kernel -, date ? "2022-01-12" -, commit ? "0e6eb60f8be14b02e0a76cb330f4b22c80ec82e9" -, diffHash ? "091w4r7h93s5rv8hk65aix7l0rr4bd504mv998j7x360bqlb7vpi" +, date ? "2022-04-25" +, commit ? "bdf6d7c1350497bc7b0be6027a51d9330645672d" +, diffHash ? "09bcbklvfj9i9czjdpix2iz7fvjksmavaljx8l92ay1i9fapjmhc" , kernelPatches # must always be defined in bcachefs' all-packages.nix entry because it's also a top-level attribute supplied by callPackage , argsOverride ? {} , ... @@ -16,7 +16,7 @@ extraMeta = { branch = "master"; - maintainers = with lib.maintainers; [ davidak chiiruno ]; + maintainers = with lib.maintainers; [ davidak Madouura ]; }; } // argsOverride; diff --git a/pkgs/os-specific/linux/kernel/linux-xanmod.nix b/pkgs/os-specific/linux/kernel/linux-xanmod.nix deleted file mode 100644 index b170ec044b0..00000000000 --- a/pkgs/os-specific/linux/kernel/linux-xanmod.nix +++ /dev/null @@ -1,68 +0,0 @@ -{ lib, stdenv, buildLinux, fetchFromGitHub, ... } @ args: - -let - version = "5.15.27"; - release = "1"; - suffix = "xanmod${release}-tt"; -in -buildLinux (args // rec { - inherit version; - modDirVersion = "${version}-${suffix}"; - - src = fetchFromGitHub { - owner = "xanmod"; - repo = "linux"; - rev = modDirVersion; - sha256 = "sha256-ycUvTXDKnffxs8FKZJurX2bDr85gMQlSIFD0nST2Q98="; - }; - - structuredExtraConfig = with lib.kernel; { - # removed options - CFS_BANDWIDTH = lib.mkForce (option no); - RT_GROUP_SCHED = lib.mkForce (option no); - SCHED_AUTOGROUP = lib.mkForce (option no); - - # AMD P-state driver - X86_AMD_PSTATE = yes; - - # Linux RNG framework - LRNG = yes; - - # Paragon's NTFS3 driver - NTFS3_FS = module; - NTFS3_LZX_XPRESS = yes; - NTFS3_FS_POSIX_ACL = yes; - - # Preemptive Full Tickless Kernel at 500Hz - SCHED_CORE = lib.mkForce (option no); - PREEMPT_VOLUNTARY = lib.mkForce no; - PREEMPT = lib.mkForce yes; - NO_HZ_FULL = yes; - HZ_500 = yes; - - # Google's BBRv2 TCP congestion Control - TCP_CONG_BBR2 = yes; - DEFAULT_BBR2 = yes; - - # FQ-PIE Packet Scheduling - NET_SCH_DEFAULT = yes; - DEFAULT_FQ_PIE = yes; - - # Graysky's additional CPU optimizations - CC_OPTIMIZE_FOR_PERFORMANCE_O3 = yes; - - # Futex WAIT_MULTIPLE implementation for Wine / Proton Fsync. - FUTEX = yes; - FUTEX_PI = yes; - - # WineSync driver for fast kernel-backed Wine - WINESYNC = module; - }; - - extraMeta = { - branch = "5.15-tt"; - maintainers = with lib.maintainers; [ fortuneteller2k lovesegfault ]; - description = "Built with custom settings and new features built to provide a stable, responsive and smooth desktop experience"; - broken = stdenv.isAarch64; - }; -} // (args.argsOverride or { })) diff --git a/pkgs/os-specific/linux/kernel/linux-zen.nix b/pkgs/os-specific/linux/kernel/linux-zen.nix index d990d6d4ed1..aec27a7620a 100644 --- a/pkgs/os-specific/linux/kernel/linux-zen.nix +++ b/pkgs/os-specific/linux/kernel/linux-zen.nix @@ -2,13 +2,14 @@ let # having the full version string here makes it easier to update - modDirVersion = "5.16.11-zen1"; + modDirVersion = "5.17.5-zen1"; parts = lib.splitString "-" modDirVersion; version = lib.elemAt parts 0; suffix = lib.elemAt parts 1; numbers = lib.splitString "." version; branch = "${lib.elemAt numbers 0}.${lib.elemAt numbers 1}"; + rev = if ((lib.elemAt numbers 2) == "0") then "v${branch}-${suffix}" else "v${modDirVersion}"; in buildLinux (args // { @@ -18,8 +19,8 @@ buildLinux (args // { src = fetchFromGitHub { owner = "zen-kernel"; repo = "zen-kernel"; - rev = "v${modDirVersion}"; - sha256 = "sha256-aCmHtWTOlFo9r6g0pcOXMzksAH3spcOqElE9hynFbFo="; + inherit rev; + sha256 = "sha256-DWkdnSG+4qMAFdGDmtEItaQZnIiorxLYMqdq5eBqQfs="; }; structuredExtraConfig = with lib.kernel; { diff --git a/pkgs/os-specific/linux/kernel/manual-config.nix b/pkgs/os-specific/linux/kernel/manual-config.nix index 4f12337c893..aeb8d8d0902 100644 --- a/pkgs/os-specific/linux/kernel/manual-config.nix +++ b/pkgs/os-specific/linux/kernel/manual-config.nix @@ -1,5 +1,5 @@ { lib, buildPackages, runCommand, nettools, bc, bison, flex, perl, rsync, gmp, libmpc, mpfr, openssl -, libelf, cpio, elfutils, zstd, gawk, python3Minimal, zlib, pahole +, libelf, cpio, elfutils, zstd, python3Minimal, zlib, pahole , writeTextFile }: @@ -56,7 +56,7 @@ let hasAttr getAttr optional optionals optionalString optionalAttrs maintainers platforms; # Dependencies that are required to build kernel modules - moduleBuildDependencies = optional (lib.versionAtLeast version "4.14") libelf; + moduleBuildDependencies = [ perl ] ++ optional (lib.versionAtLeast version "4.14") libelf; installkernel = writeTextFile { name = "installkernel"; executable=true; text = '' @@ -301,7 +301,6 @@ let + ")"); license = lib.licenses.gpl2Only; homepage = "https://www.kernel.org/"; - repositories.git = "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git"; maintainers = lib.teams.linux-kernel.members ++ [ maintainers.thoughtpolice ]; @@ -321,7 +320,7 @@ stdenv.mkDerivation ((drvAttrs config stdenv.hostPlatform.linux-kernel kernelPat enableParallelBuilding = true; depsBuildBuild = [ buildPackages.stdenv.cc ]; - nativeBuildInputs = [ perl bc nettools openssl rsync gmp libmpc mpfr gawk zstd python3Minimal ] + nativeBuildInputs = [ perl bc nettools openssl rsync gmp libmpc mpfr zstd python3Minimal ] ++ optional (stdenv.hostPlatform.linux-kernel.target == "uImage") buildPackages.ubootTools ++ optional (lib.versionAtLeast version "4.14" && lib.versionOlder version "5.8") libelf # Removed util-linuxMinimal since it should not be a dependency. diff --git a/pkgs/os-specific/linux/kernel/perf.nix b/pkgs/os-specific/linux/kernel/perf.nix index 6d1763a0d0f..0183e9ffa3f 100644 --- a/pkgs/os-specific/linux/kernel/perf.nix +++ b/pkgs/os-specific/linux/kernel/perf.nix @@ -9,8 +9,6 @@ with lib; -assert versionAtLeast kernel.version "3.12"; - stdenv.mkDerivation { pname = "perf-linux"; version = kernel.version; diff --git a/pkgs/os-specific/linux/kernel/update-zen.sh b/pkgs/os-specific/linux/kernel/update-zen.sh index 1532d7be02b..48b29b6dd43 100755 --- a/pkgs/os-specific/linux/kernel/update-zen.sh +++ b/pkgs/os-specific/linux/kernel/update-zen.sh @@ -18,4 +18,4 @@ sed -i -e "s!modDirVersion = \".*\"!modDirVersion = \"${new}\"!" "$path" checksum=$(nix-prefetch "(import ${nixpkgs} {}).linuxPackages_zen.kernel") sed -i -e "s!sha256 = \".*\"!sha256 = \"${checksum}\"!" "$path" -git commit -m "linux_zen: ${old} -> ${new}" $path +git commit -m "linuxKernel.kernels.linux_zen: ${old} -> ${new}" $path diff --git a/pkgs/os-specific/linux/kernel/xanmod-kernels.nix b/pkgs/os-specific/linux/kernel/xanmod-kernels.nix new file mode 100644 index 00000000000..8464b9ad25f --- /dev/null +++ b/pkgs/os-specific/linux/kernel/xanmod-kernels.nix @@ -0,0 +1,81 @@ +{ lib, stdenv, fetchFromGitHub, buildLinux, ... } @ args: + +let + stableVariant = { + version = "5.15.34"; + suffix = "xanmod1"; + hash = "sha256-sfrcaFhrdvupygXvajGyl6ruuBu+vFsAKjLyINyV3pw="; + }; + + edgeVariant = { + version = "5.17.2"; + suffix = "xanmod1"; + hash = "sha256-DK6yFZewqmr/BXFW5tqKXtWb1OLfqokZRQLOQxvBg6Q="; + }; + + xanmodKernelFor = { version, suffix, hash }: buildLinux (args // rec { + inherit version; + modDirVersion = "${version}-${suffix}"; + + src = fetchFromGitHub { + owner = "xanmod"; + repo = "linux"; + rev = modDirVersion; + inherit hash; + }; + + structuredExtraConfig = with lib.kernel; { + # removed options + CFS_BANDWIDTH = lib.mkForce (option no); + RT_GROUP_SCHED = lib.mkForce (option no); + SCHED_AUTOGROUP = lib.mkForce (option no); + + # AMD P-state driver + X86_AMD_PSTATE = yes; + + # Linux RNG framework + LRNG = yes; + + # Paragon's NTFS3 driver + NTFS3_FS = module; + NTFS3_LZX_XPRESS = yes; + NTFS3_FS_POSIX_ACL = yes; + + # Preemptive Full Tickless Kernel at 500Hz + SCHED_CORE = lib.mkForce (option no); + PREEMPT_VOLUNTARY = lib.mkForce no; + PREEMPT = lib.mkForce yes; + NO_HZ_FULL = yes; + HZ_500 = yes; + + # Google's BBRv2 TCP congestion Control + TCP_CONG_BBR2 = yes; + DEFAULT_BBR2 = yes; + + # FQ-PIE Packet Scheduling + NET_SCH_DEFAULT = yes; + DEFAULT_FQ_PIE = yes; + + # Graysky's additional CPU optimizations + CC_OPTIMIZE_FOR_PERFORMANCE_O3 = yes; + + # Futex WAIT_MULTIPLE implementation for Wine / Proton Fsync. + FUTEX = yes; + FUTEX_PI = yes; + + # WineSync driver for fast kernel-backed Wine + WINESYNC = module; + }; + + extraMeta = { + branch = lib.versions.majorMinor version; + maintainers = with lib.maintainers; [ fortuneteller2k lovesegfault ]; + description = "Built with custom settings and new features built to provide a stable, responsive and smooth desktop experience"; + broken = stdenv.isAarch64; + }; + } // (args.argsOverride or { })); +in +{ + stable = xanmodKernelFor stableVariant; + edge = xanmodKernelFor edgeVariant; +} diff --git a/pkgs/os-specific/linux/keyutils/default.nix b/pkgs/os-specific/linux/keyutils/default.nix index f307bd56d1c..88410654f3b 100644 --- a/pkgs/os-specific/linux/keyutils/default.nix +++ b/pkgs/os-specific/linux/keyutils/default.nix @@ -15,11 +15,6 @@ stdenv.mkDerivation rec { }; patches = [ - (fetchurl { - # improve reproducibility - url = "https://salsa.debian.org/debian/keyutils/raw/4cecffcb8e2a2aa4ef41777ed40e4e4bcfb2e5bf/debian/patches/Make-build-reproducible.patch"; - sha256 = "0wnvbjfrbk7rghd032z684l7vk7mhy3bd41zvhkrhgp3cd5id0bm"; - }) ./conf-symlink.patch # This patch solves a duplicate symbol error when building with a clang stdenv # Before removing this patch, please ensure the package still builds by running eg. @@ -29,9 +24,16 @@ stdenv.mkDerivation rec { makeFlags = lib.optionals stdenv.hostPlatform.isStatic "NO_SOLIB=1"; - BUILDDATE = "1970-01-01"; outputs = [ "out" "lib" "dev" ]; + postPatch = '' + # https://github.com/archlinux/svntogit-packages/blob/packages/keyutils/trunk/reproducible.patch + substituteInPlace Makefile \ + --replace \ + 'VCPPFLAGS := -DPKGBUILD="\"$(shell date -u +%F)\""' \ + 'VCPPFLAGS := -DPKGBUILD="\"$(date -ud "@$SOURCE_DATE_EPOCH" +%F)\""' + ''; + enableParallelBuilding = true; installFlags = [ diff --git a/pkgs/os-specific/linux/kmod/default.nix b/pkgs/os-specific/linux/kmod/default.nix index a1a1906ba9c..0411bae2060 100644 --- a/pkgs/os-specific/linux/kmod/default.nix +++ b/pkgs/os-specific/linux/kmod/default.nix @@ -16,6 +16,8 @@ in stdenv.mkDerivation rec { sha256 = "0am54mi5rk72g5q7k6l6f36gw3r9vwgjmyna43ywcjhqmakyx00b"; }; + outputs = [ "out" "dev" "lib" ]; + nativeBuildInputs = [ autoreconfHook pkg-config libxslt ]; buildInputs = [ xz zstd ] ++ lib.optional stdenv.isDarwin elf-header; diff --git a/pkgs/os-specific/linux/kvdo/default.nix b/pkgs/os-specific/linux/kvdo/default.nix new file mode 100644 index 00000000000..74895e11bd5 --- /dev/null +++ b/pkgs/os-specific/linux/kvdo/default.nix @@ -0,0 +1,31 @@ +{ stdenv, lib, fetchFromGitHub, vdo, kernel }: + +stdenv.mkDerivation rec { + inherit (vdo) version; + pname = "kvdo"; + + src = fetchFromGitHub { + owner = "dm-vdo"; + repo = "kvdo"; + rev = version; + sha256 = "1xl7dwcqx00w1gbpb6vlkn8nchyfj1fsc8c06vgda0sgxp7qs5gn"; + }; + + dontConfigure = true; + enableParallelBuilding = true; + + KSRC = "${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"; + INSTALL_MOD_PATH = placeholder "out"; + + preBuild = '' + makeFlags="$makeFlags -C ${KSRC} M=$(pwd)" +''; + installTargets = [ "modules_install" ]; + + meta = with lib; { + inherit (vdo.meta) license maintainers; + homepage = "https://github.com/dm-vdo/kvdo"; + description = "A pair of kernel modules which provide pools of deduplicated and/or compressed block storage"; + platforms = platforms.linux; + }; +} diff --git a/pkgs/os-specific/linux/ldm/default.nix b/pkgs/os-specific/linux/ldm/default.nix index 072b53b02ec..f8a519de847 100644 --- a/pkgs/os-specific/linux/ldm/default.nix +++ b/pkgs/os-specific/linux/ldm/default.nix @@ -4,7 +4,6 @@ assert mountPath != ""; let version = "0.5"; - git = "https://github.com/LemonBoy/ldm.git"; in stdenv.mkDerivation rec { pname = "ldm"; @@ -13,7 +12,7 @@ stdenv.mkDerivation rec { # There is a stable release, but we'll use the lvm branch, which # contains important fixes for LVM setups. src = fetchgit { - url = meta.repositories.git; + url = "https://github.com/LemonBoy/ldm"; rev = "refs/tags/v${version}"; sha256 = "0lxfypnbamfx6p9ar5k9wra20gvwn665l4pp2j4vsx4yi5q7rw2n"; }; @@ -36,8 +35,6 @@ stdenv.mkDerivation rec { meta = { description = "A lightweight device mounter, with libudev as only dependency"; license = lib.licenses.mit; - platforms = lib.platforms.linux; - repositories.git = git; }; } diff --git a/pkgs/os-specific/linux/ledger-udev-rules/default.nix b/pkgs/os-specific/linux/ledger-udev-rules/default.nix index 7b23719c791..3a6bf9e5d51 100644 --- a/pkgs/os-specific/linux/ledger-udev-rules/default.nix +++ b/pkgs/os-specific/linux/ledger-udev-rules/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation { pname = "ledger-udev-rules"; - version = "unstable-2019-05-30"; + version = "unstable-2021-09-10"; src = fetchFromGitHub { owner = "LedgerHQ"; repo = "udev-rules"; - rev = "765b7fdf57b20fd9326cedf48ee52e905024ab4f"; - sha256 = "10a42al020zpkx918y6b1l9az45vk3921b2l1mx87w3m0ad9qvif"; + rev = "2776324af6df36c2af4d2e8e92a1c98c281117c9"; + sha256 = "sha256-yTYI81PXMc32lMfI5uhD14nP20zAI7ZF33V1LRDWg2Y="; }; dontBuild = true; diff --git a/pkgs/os-specific/linux/libbpf/default.nix b/pkgs/os-specific/linux/libbpf/default.nix index 8e6b9fa0663..cb2f4611fde 100644 --- a/pkgs/os-specific/linux/libbpf/default.nix +++ b/pkgs/os-specific/linux/libbpf/default.nix @@ -8,8 +8,6 @@ , nixosTests }: -with builtins; - stdenv.mkDerivation rec { pname = "libbpf"; version = "0.7.0"; diff --git a/pkgs/os-specific/linux/libcap-ng/default.nix b/pkgs/os-specific/linux/libcap-ng/default.nix index 615f376d79d..ad01a83ac93 100644 --- a/pkgs/os-specific/linux/libcap-ng/default.nix +++ b/pkgs/os-specific/linux/libcap-ng/default.nix @@ -6,11 +6,11 @@ stdenv.mkDerivation rec { pname = "libcap-ng"; # When updating make sure to test that the version with # all of the python bindings still works - version = "0.8.2"; + version = "0.8.3"; src = fetchurl { url = "${meta.homepage}/${pname}-${version}.tar.gz"; - sha256 = "1sasp1n154aqy9fz0knlb966svm7xg1zjhg1vr4q839bgjvq7h2j"; + sha256 = "sha256-vtb2hI4iuy+Dtfdksq7w7TkwVOgDqOOocRyyo55rSS0="; }; nativeBuildInputs = [ swig ]; diff --git a/pkgs/os-specific/linux/libcap/default.nix b/pkgs/os-specific/linux/libcap/default.nix index 2f12d2fea38..1fa887dd2a3 100644 --- a/pkgs/os-specific/linux/libcap/default.nix +++ b/pkgs/os-specific/linux/libcap/default.nix @@ -1,4 +1,4 @@ -{ stdenv, lib, buildPackages, fetchurl, attr, perl, runtimeShell +{ stdenv, lib, buildPackages, fetchurl, attr, runtimeShell , usePam ? !isStatic, pam ? null , isStatic ? stdenv.hostPlatform.isStatic }: @@ -7,18 +7,17 @@ assert usePam -> pam != null; stdenv.mkDerivation rec { pname = "libcap"; - version = "2.49"; + version = "2.63"; src = fetchurl { url = "mirror://kernel/linux/libs/security/linux-privs/libcap2/${pname}-${version}.tar.xz"; - sha256 = "sha256-6YvE2TZFCC7Hh3MLD9GnErOIgkZcUFd33hfDOIMe4YE="; + sha256 = "sha256-DGN7j0T8fYYneH6c9X8VrAbB3cy1PkH+7FSWvjRm938="; }; outputs = [ "out" "dev" "lib" "man" "doc" ] ++ lib.optional usePam "pam"; depsBuildBuild = [ buildPackages.stdenv.cc ]; - nativeBuildInputs = [ perl ]; buildInputs = lib.optional usePam pam; @@ -29,9 +28,12 @@ stdenv.mkDerivation rec { "PAM_CAP=${if usePam then "yes" else "no"}" "BUILD_CC=$(CC_FOR_BUILD)" "CC:=$(CC)" + "CROSS_COMPILE=${stdenv.cc.targetPrefix}" ] ++ lib.optional isStatic "SHARED=no"; - prePatch = '' + postPatch = '' + patchShebangs ./progs/mkcapshdoc.sh + # use full path to bash substituteInPlace progs/capsh.c --replace "/bin/bash" "${runtimeShell}" diff --git a/pkgs/os-specific/linux/libpsm2/default.nix b/pkgs/os-specific/linux/libpsm2/default.nix index aeb261aaaca..070a18f6984 100644 --- a/pkgs/os-specific/linux/libpsm2/default.nix +++ b/pkgs/os-specific/linux/libpsm2/default.nix @@ -2,7 +2,7 @@ stdenv.mkDerivation rec { pname = "libpsm2"; - version = "11.2.203"; + version = "11.2.206"; preConfigure= '' export UDEVDIR=$out/etc/udev @@ -29,7 +29,7 @@ stdenv.mkDerivation rec { owner = "intel"; repo = "opa-psm2"; rev = "PSM2_${version}"; - sha256 = "sha256-W5Mg5ATUARMFAy1VVpMKPar0VpbKfrkxa6bDhqVYpoc="; + sha256 = "sha256-HsM2OaoX+SdbIednX1MWw1M4kkkPwUs5Dm32q2H7Mg4="; }; postInstall = '' diff --git a/pkgs/os-specific/linux/lightum/default.nix b/pkgs/os-specific/linux/lightum/default.nix index 8da12d78bc9..95b766aec05 100644 --- a/pkgs/os-specific/linux/lightum/default.nix +++ b/pkgs/os-specific/linux/lightum/default.nix @@ -1,12 +1,14 @@ -{ lib, stdenv, fetchgit, libX11, libXScrnSaver, libXext, glib, dbus, pkg-config, systemd }: +{ lib, stdenv, fetchFromGitHub, libX11, libXScrnSaver, libXext, glib, dbus, pkg-config, systemd }: stdenv.mkDerivation { pname = "lightum"; version = "unstable-2014-06-07"; - src = fetchgit { - url = "https://github.com/poliva/lightum"; + + src = fetchFromGitHub { + owner = "poliva"; + repo = "lightum"; rev = "123e6babe0669b23d4c1dfa5511088608ff2baa8"; - sha256 = "01x24rcrkgksyvqpgkr9zafg3jgs8nqng8yf0hx0kbmcimar8dbp"; + sha256 = "sha256-dzWUVY2srgk6BM6jZ7FF+snxnPopz3fx9nq+mVkmogc="; }; buildInputs = [ diff --git a/pkgs/os-specific/linux/linux-wifi-hotspot/default.nix b/pkgs/os-specific/linux/linux-wifi-hotspot/default.nix new file mode 100644 index 00000000000..a29fe923f60 --- /dev/null +++ b/pkgs/os-specific/linux/linux-wifi-hotspot/default.nix @@ -0,0 +1,79 @@ +{ lib +, stdenv +, fetchFromGitHub +, which +, pkg-config +, glib +, gtk3 +, iw +, makeWrapper +, qrencode +, hostapd +, getopt +, dnsmasq +, iproute2 +, flock +, iptables +, gawk }: + +stdenv.mkDerivation rec { + pname = "linux-wifi-hotspot"; + version = "4.4.0"; + + src = fetchFromGitHub { + owner = "lakinduakash"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-XCgYWOX7QSdANG6DqYk0yZZqnvZGDl3GaF9KtYRmpJ0="; + }; + + nativeBuildInputs = [ + which + pkg-config + makeWrapper + qrencode + hostapd + ]; + + buildInputs = [ + glib + gtk3 + ]; + + outputs = [ "out" ]; + + postPatch = '' + substituteInPlace ./src/scripts/Makefile \ + --replace "etc" "$out/etc" + substituteInPlace ./src/scripts/wihotspot \ + --replace "/usr" "$out" + ''; + + makeFlags = [ + "PREFIX=${placeholder "out"}" + ]; + + postInstall = '' + wrapProgram $out/bin/create_ap \ + --prefix PATH : ${lib.makeBinPath [ + hostapd getopt iw which dnsmasq iproute2 flock iptables gawk + ]} + + wrapProgram $out/bin/wihotspot-gui \ + --prefix PATH : ${lib.makeBinPath [ iw ]} \ + --prefix PATH : "${placeholder "out"}/bin" + + wrapProgram $out/bin/wihotspot \ + --prefix PATH : ${lib.makeBinPath [ iw ]} \ + --prefix PATH : "${placeholder "out"}/bin" + ''; + + meta = with lib; { + description = "Feature-rich wifi hotspot creator for Linux which provides both GUI and command-line interface"; + homepage = "https://github.com/lakinduakash/linux-wifi-hotspot"; + license = licenses.bsd2; + maintainers = with maintainers; [ onny ]; + platforms = platforms.unix; + }; + +} diff --git a/pkgs/os-specific/linux/lttng-modules/default.nix b/pkgs/os-specific/linux/lttng-modules/default.nix index 8753f34087c..706ee95fb70 100644 --- a/pkgs/os-specific/linux/lttng-modules/default.nix +++ b/pkgs/os-specific/linux/lttng-modules/default.nix @@ -2,23 +2,23 @@ stdenv.mkDerivation rec { pname = "lttng-modules-${kernel.version}"; - version = "2.13.1"; + version = "2.13.2"; src = fetchurl { url = "https://lttng.org/files/lttng-modules/lttng-modules-${version}.tar.bz2"; - sha256 = "0hzksx2fw008jdsgfzpws9g7imy6ryw09ai5y0knvrmvr68nvj57"; + sha256 = "sha256-39VH2QQcjFRa5be/7z8O8tnyUg1qtEGIyeqN5W1dKYo="; }; - buildInputs = kernel.moduleBuildDependencies; + nativeBuildInputs = kernel.moduleBuildDependencies; hardeningDisable = [ "pic" ]; NIX_CFLAGS_COMPILE = "-Wno-error=implicit-function-declaration"; - preConfigure = '' - export KERNELDIR="${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" - export INSTALL_MOD_PATH="$out" - ''; + makeFlags = kernel.makeFlags ++ [ + "KERNELDIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" + "INSTALL_MOD_PATH=${placeholder "out"}" + ]; installTargets = [ "modules_install" ]; diff --git a/pkgs/os-specific/linux/lvm2/2_03.nix b/pkgs/os-specific/linux/lvm2/2_03.nix index 555ff6b0dc1..73f1e9fbdee 100644 --- a/pkgs/os-specific/linux/lvm2/2_03.nix +++ b/pkgs/os-specific/linux/lvm2/2_03.nix @@ -1,4 +1,4 @@ import ./common.nix { - version = "2.03.14"; - sha256 = "0p5077h3z7mrr0b49ikmhlhrs4v4qb530raypk3y72ja125bqqsa"; + version = "2.03.15"; + sha256 = "17n9xl01by7dcbjwjnr6b4rrkp2frz8hwnjl59svsyp13sjq6llk"; } diff --git a/pkgs/os-specific/linux/lvm2/common.nix b/pkgs/os-specific/linux/lvm2/common.nix index 0749292531b..4cb86bf3d8b 100644 --- a/pkgs/os-specific/linux/lvm2/common.nix +++ b/pkgs/os-specific/linux/lvm2/common.nix @@ -4,13 +4,19 @@ , fetchpatch , fetchurl , pkg-config -, util-linux +, coreutils , libuuid , libaio +, substituteAll , enableCmdlib ? false , enableDmeventd ? false -, udevSupport ? !stdenv.targetPlatform.isStatic, udev ? null -, onlyLib ? stdenv.targetPlatform.isStatic +, udevSupport ? !stdenv.hostPlatform.isStatic, udev +, onlyLib ? stdenv.hostPlatform.isStatic + # Otherwise we have a infinity recursion during static compilation +, enableUtilLinux ? !stdenv.hostPlatform.isStatic, util-linux +, enableVDO ? false, vdo +, enableMdadm ? false, mdadm +, enableMultipath ? false, multipath-tools , nixosTests }: @@ -18,7 +24,7 @@ assert enableDmeventd -> enableCmdlib; stdenv.mkDerivation rec { - pname = "lvm2" + lib.optionalString enableDmeventd "-with-dmeventd"; + pname = "lvm2" + lib.optionalString enableDmeventd "-with-dmeventd" + lib.optionalString enableVDO "-with-vdo"; inherit version; src = fetchurl { @@ -33,6 +39,8 @@ stdenv.mkDerivation rec { udev ] ++ lib.optionals (!onlyLib) [ libuuid + ] ++ lib.optionals enableVDO [ + vdo ]; configureFlags = [ @@ -56,13 +64,16 @@ stdenv.mkDerivation rec { ] ++ lib.optionals udevSupport [ "--enable-udev_rules" "--enable-udev_sync" - ] ++ lib.optionals stdenv.targetPlatform.isStatic [ + ] ++ lib.optionals stdenv.hostPlatform.isStatic [ "--enable-static_link" + ] ++ lib.optionals enableVDO [ + "--enable-vdo" ]; preConfigure = '' sed -i /DEFAULT_SYS_DIR/d Makefile.in sed -i /DEFAULT_PROFILE_DIR/d conf/Makefile.in + '' + lib.optionalString (lib.versionOlder version "2.03.15") '' substituteInPlace scripts/lvm2_activation_generator_systemd_red_hat.c \ --replace /usr/bin/udevadm /run/current-system/systemd/bin/udevadm # https://github.com/lvmteam/lvm2/issues/36 @@ -76,13 +87,29 @@ stdenv.mkDerivation rec { substituteInPlace make.tmpl.in --replace "@systemdsystemunitdir@" "$out/lib/systemd/system" '' + lib.optionalString (lib.versionAtLeast version "2.03") '' substituteInPlace libdm/make.tmpl.in --replace "@systemdsystemunitdir@" "$out/lib/systemd/system" + + substituteInPlace scripts/blk_availability_systemd_red_hat.service.in \ + --replace '/usr/bin/true' '${coreutils}/bin/true' ''; postConfigure = '' sed -i 's|^#define LVM_CONFIGURE_LINE.*$|#define LVM_CONFIGURE_LINE "<removed>"|g' ./include/configure.h ''; - patches = [ + patches = lib.optionals (lib.versionAtLeast version "2.03.15") [ + # fixes paths to and checks for tools + # TODO: needs backport to LVM 2.02 used by static/musl + (substituteAll (let + optionalTool = cond: pkg: if cond then pkg else "/run/current-system/sw"; + in { + src = ./fix-blkdeactivate.patch; + inherit coreutils; + util_linux = optionalTool enableUtilLinux util-linux; + mdadm = optionalTool enableMdadm mdadm; + multipath_tools = optionalTool enableMultipath multipath-tools; + vdo = optionalTool enableVDO vdo; + })) + ] ++ lib.optionals (lib.versionOlder version "2.03.15") [ # Musl fixes from Alpine. ./fix-stdio-usage.patch (fetchpatch { @@ -90,7 +117,7 @@ stdenv.mkDerivation rec { url = "https://git.alpinelinux.org/aports/plain/main/lvm2/mallinfo.patch?h=3.7-stable&id=31bd4a8c2dc00ae79a821f6fe0ad2f23e1534f50"; sha256 = "0g6wlqi215i5s30bnbkn8w7axrs27y3bnygbpbnf64wwx7rxxlj0"; }) - ] ++ lib.optionals stdenv.targetPlatform.isStatic [ + ] ++ lib.optionals stdenv.hostPlatform.isStatic [ ./no-shared.diff ]; @@ -113,7 +140,7 @@ stdenv.mkDerivation rec { ]; installPhase = lib.optionalString onlyLib '' - install -D -t $out/lib libdm/ioctl/libdevmapper.${if stdenv.targetPlatform.isStatic then "a" else "so"} + install -D -t $out/lib libdm/ioctl/libdevmapper.${if stdenv.hostPlatform.isStatic then "a" else "so"} make -C libdm install_include make -C libdm install_pkgconfig ''; diff --git a/pkgs/os-specific/linux/lvm2/fix-blkdeactivate.patch b/pkgs/os-specific/linux/lvm2/fix-blkdeactivate.patch new file mode 100644 index 00000000000..db8cfaeae9e --- /dev/null +++ b/pkgs/os-specific/linux/lvm2/fix-blkdeactivate.patch @@ -0,0 +1,51 @@ +diff --git a/scripts/blkdeactivate.sh.in b/scripts/blkdeactivate.sh.in +index 7c517b87b..e51a33778 100644 +--- a/scripts/blkdeactivate.sh.in ++++ b/scripts/blkdeactivate.sh.in +@@ -34,11 +34,11 @@ TOOL=blkdeactivate + DEV_DIR="/dev" + SYS_BLK_DIR="/sys/block" + +-MDADM="/sbin/mdadm" +-MOUNTPOINT="/bin/mountpoint" +-MPATHD="/sbin/multipathd" +-UMOUNT="/bin/umount" +-VDO="/bin/vdo" ++MDADM="@mdadm@/bin/mdadm" ++MOUNTPOINT="@util_linux@/bin/mountpoint" ++MPATHD="@multipath_tools@/bin/multipathd" ++UMOUNT="@util_linux@/bin/umount" ++VDO="@vdo@/bin/vdo" + + sbindir="@SBINDIR@" + DMSETUP="$sbindir/dmsetup" +@@ -48,7 +48,7 @@ if "$UMOUNT" --help | grep -- "--all-targets" >"$DEV_DIR/null"; then + UMOUNT_OPTS="--all-targets " + else + UMOUNT_OPTS="" +- FINDMNT="/bin/findmnt -r --noheadings -u -o TARGET" ++ FINDMNT="@util_linux@/bin/findmnt -r --noheadings -u -o TARGET" + FINDMNT_READ="read -r mnt" + fi + DMSETUP_OPTS="" +@@ -57,10 +57,10 @@ MDADM_OPTS="" + MPATHD_OPTS="" + VDO_OPTS="" + +-LSBLK="/bin/lsblk -r --noheadings -o TYPE,KNAME,NAME,MOUNTPOINT" ++LSBLK="@util_linux@/bin/lsblk -r --noheadings -o TYPE,KNAME,NAME,MOUNTPOINT" + LSBLK_VARS="local devtype local kname local name local mnt" + LSBLK_READ="read -r devtype kname name mnt" +-SORT_MNT="/bin/sort -r -u -k 4" ++SORT_MNT="@coreutils@/bin/sort -r -u -k 4" + + # Do not show tool errors by default (only done/skipping summary + # message provided by this script) and no verbose mode by default. +@@ -102,6 +102,7 @@ declare -A SKIP_VG_LIST=() + # (list is an associative array!) + # + declare -A SKIP_UMOUNT_LIST=(["/"]=1 \ ++ ["/nix"]=1 ["/nix/store"]=1 \ + ["/lib"]=1 ["/lib64"]=1 \ + ["/bin"]=1 ["/sbin"]=1 \ + ["/var"]=1 ["/var/log"]=1 \ diff --git a/pkgs/os-specific/linux/mba6x_bl/default.nix b/pkgs/os-specific/linux/mba6x_bl/default.nix index fe9c11ace1f..04a89ad038d 100644 --- a/pkgs/os-specific/linux/mba6x_bl/default.nix +++ b/pkgs/os-specific/linux/mba6x_bl/default.nix @@ -16,7 +16,7 @@ stdenv.mkDerivation { nativeBuildInputs = kernel.moduleBuildDependencies; - makeFlags = [ + makeFlags = kernel.makeFlags ++ [ "KDIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" "INSTALL_MOD_PATH=$(out)" ]; diff --git a/pkgs/os-specific/linux/mbp-modules/mbp2018-bridge-drv/default.nix b/pkgs/os-specific/linux/mbp-modules/mbp2018-bridge-drv/default.nix index 070b4a6207e..0b4fec4dfb4 100644 --- a/pkgs/os-specific/linux/mbp-modules/mbp2018-bridge-drv/default.nix +++ b/pkgs/os-specific/linux/mbp-modules/mbp2018-bridge-drv/default.nix @@ -11,14 +11,17 @@ stdenv.mkDerivation rec { sha256 = "sha256-o6yGiR+Y5SnX1johdi7fQWP5ts7HdDMqeju75UOhgik="; }; + nativeBuildInputs = kernel.moduleBuildDependencies; + makeFlags = kernel.makeFlags; + buildPhase = '' make -C ${kernel.dev}/lib/modules/${kernel.modDirVersion}/build \ - -j$NIX_BUILD_CORES M=$(pwd) modules + -j$NIX_BUILD_CORES M=$(pwd) modules $makeFlags ''; installPhase = '' make -C ${kernel.dev}/lib/modules/${kernel.modDirVersion}/build \ - INSTALL_MOD_PATH=$out M=$(pwd) modules_install + INSTALL_MOD_PATH=$out M=$(pwd) modules_install $makeFlags ''; meta = with lib; { diff --git a/pkgs/os-specific/linux/mbpfan/default.nix b/pkgs/os-specific/linux/mbpfan/default.nix index 675d9417a01..26c3d07364c 100644 --- a/pkgs/os-specific/linux/mbpfan/default.nix +++ b/pkgs/os-specific/linux/mbpfan/default.nix @@ -2,12 +2,12 @@ stdenv.mkDerivation rec { pname = "mbpfan"; - version = "2.2.1"; + version = "2.3.0"; src = fetchFromGitHub { owner = "dgraziotin"; repo = "mbpfan"; rev = "v${version}"; - sha256 = "0gc9ypxi55vxs77nx8ihhh9zk7fr9v0m0zfm76q7x0bi6jz11mbr"; + sha256 = "sha256-jIYg9b0c/7mMRS5WF+mOH6t9SCWEP32lsdbCgpWpg24="; }; installPhase = '' mkdir -p $out/bin $out/etc diff --git a/pkgs/os-specific/linux/microcode/amd.nix b/pkgs/os-specific/linux/microcode/amd.nix index 0f3d0f18186..051ad131be9 100644 --- a/pkgs/os-specific/linux/microcode/amd.nix +++ b/pkgs/os-specific/linux/microcode/amd.nix @@ -12,13 +12,14 @@ stdenv.mkDerivation { buildPhase = '' mkdir -p kernel/x86/microcode - find ${linux-firmware}/lib/firmware/amd-ucode -name \*.bin \ - -exec sh -c 'cat {} >> kernel/x86/microcode/AuthenticAMD.bin' \; + find ${linux-firmware}/lib/firmware/amd-ucode -name \*.bin -print0 | sort -z |\ + xargs -0 -I{} sh -c 'cat {} >> kernel/x86/microcode/AuthenticAMD.bin' ''; installPhase = '' mkdir -p $out - echo kernel/x86/microcode/AuthenticAMD.bin | bsdcpio -o -H newc -R 0:0 > $out/amd-ucode.img + touch -d @$SOURCE_DATE_EPOCH kernel/x86/microcode/AuthenticAMD.bin + echo kernel/x86/microcode/AuthenticAMD.bin | bsdtar --uid 0 --gid 0 -cnf - -T - | bsdtar --null -cf - --format=newc @- > $out/amd-ucode.img ''; meta = with lib; { diff --git a/pkgs/os-specific/linux/microcode/intel.nix b/pkgs/os-specific/linux/microcode/intel.nix index 923047ead11..f239cb307c7 100644 --- a/pkgs/os-specific/linux/microcode/intel.nix +++ b/pkgs/os-specific/linux/microcode/intel.nix @@ -18,7 +18,8 @@ stdenv.mkDerivation rec { mkdir -p $out kernel/x86/microcode iucode_tool -w kernel/x86/microcode/GenuineIntel.bin intel-ucode/ - echo kernel/x86/microcode/GenuineIntel.bin | bsdcpio -o -H newc -R 0:0 > $out/intel-ucode.img + touch -d @$SOURCE_DATE_EPOCH kernel/x86/microcode/GenuineIntel.bin + echo kernel/x86/microcode/GenuineIntel.bin | bsdtar --uid 0 --gid 0 -cnf - -T - | bsdtar --null -cf - --format=newc @- > $out/intel-ucode.img runHook postInstall ''; diff --git a/pkgs/os-specific/linux/multipath-tools/default.nix b/pkgs/os-specific/linux/multipath-tools/default.nix index 184d2e1fe6e..437fe9bd1bd 100644 --- a/pkgs/os-specific/linux/multipath-tools/default.nix +++ b/pkgs/os-specific/linux/multipath-tools/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl, fetchpatch, pkg-config, perl, lvm2, libaio, gzip, readline, systemd, liburcu, json_c, kmod, nixosTests }: +{ lib, stdenv, fetchurl, fetchpatch, pkg-config, perl, lvm2, libaio, readline, systemd, liburcu, json_c, kmod, nixosTests }: stdenv.mkDerivation rec { pname = "multipath-tools"; @@ -41,7 +41,7 @@ stdenv.mkDerivation rec { $(find * -name Makefile\*) ''; - nativeBuildInputs = [ gzip pkg-config perl ]; + nativeBuildInputs = [ pkg-config perl ]; buildInputs = [ systemd lvm2 libaio readline liburcu json_c ]; makeFlags = [ diff --git a/pkgs/os-specific/linux/musl-obstack/default.nix b/pkgs/os-specific/linux/musl-obstack/default.nix index f7682d37efd..ec183da7048 100644 --- a/pkgs/os-specific/linux/musl-obstack/default.nix +++ b/pkgs/os-specific/linux/musl-obstack/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "musl-obstack"; - version = "1.2.2"; + version = "1.2.3"; src = fetchFromGitHub { owner = "void-linux"; repo = "musl-obstack"; rev = "v${version}"; - sha256 = "v0RTnrqAmJfOeGsJFc04lqFR8QZhYiLyvy8oRYiuC80="; + sha256 = "sha256-oydS7FubUniMHAUWfg84OH9+CZ0JCrTXy7jzwOyJzC8="; }; nativeBuildInputs = [ autoreconfHook pkg-config ]; diff --git a/pkgs/os-specific/linux/musl/default.nix b/pkgs/os-specific/linux/musl/default.nix index f19c7ea7a44..fb0d19115da 100644 --- a/pkgs/os-specific/linux/musl/default.nix +++ b/pkgs/os-specific/linux/musl/default.nix @@ -40,11 +40,11 @@ let in stdenv.mkDerivation rec { pname = "musl"; - version = "1.2.2"; + version = "1.2.3"; src = fetchurl { url = "https://musl.libc.org/releases/${pname}-${version}.tar.gz"; - sha256 = "1p8r6bac64y98ln0wzmnixysckq3crca69ys7p16sy9d04i975lv"; + sha256 = "sha256-fVsLYGJSHkYn4JnkydyCSNMqMChelZt+7Kp4DPjP1KQ="; }; enableParallelBuilding = true; diff --git a/pkgs/os-specific/linux/netatop/default.nix b/pkgs/os-specific/linux/netatop/default.nix index 28f989929a4..dec1399d169 100644 --- a/pkgs/os-specific/linux/netatop/default.nix +++ b/pkgs/os-specific/linux/netatop/default.nix @@ -12,6 +12,7 @@ stdenv.mkDerivation { sha256 = "0qjw8glfdmngfvbn1w63q128vxdz2jlabw13y140ga9i5ibl6vvk"; }; + nativeBuildInputs = kernel.moduleBuildDependencies; buildInputs = [ kmod zlib ]; hardeningDisable = [ "pic" ]; @@ -36,6 +37,8 @@ stdenv.mkDerivation { kmod=${kmod} substituteAllInPlace netatop.service ''; + makeFlags = kernel.makeFlags; + preInstall = '' mkdir -p $out/lib/systemd/system $out/bin $out/sbin $out/share/man/man{4,8} mkdir -p $out/lib/modules/${kernel.modDirVersion}/extra diff --git a/pkgs/os-specific/linux/nftables/default.nix b/pkgs/os-specific/linux/nftables/default.nix index 0b6291226bc..8485a868d8a 100644 --- a/pkgs/os-specific/linux/nftables/default.nix +++ b/pkgs/os-specific/linux/nftables/default.nix @@ -1,7 +1,8 @@ { lib, stdenv, fetchurl, pkg-config, bison, file, flex , asciidoc, libxslt, findXMLCatalogs, docbook_xml_dtd_45, docbook_xsl , libmnl, libnftnl, libpcap -, gmp, jansson, readline +, gmp, jansson, libedit +, autoreconfHook, fetchpatch , withDebugSymbols ? false , withPython ? false , python3 , withXtables ? true , iptables @@ -10,22 +11,23 @@ with lib; stdenv.mkDerivation rec { - version = "1.0.1"; + version = "1.0.2"; pname = "nftables"; src = fetchurl { url = "https://netfilter.org/projects/nftables/files/${pname}-${version}.tar.bz2"; - sha256 = "08x4xw0s5sap3q7jfr91v7mrkxrydi4dvsckw85ims0qb1ibmviw"; + sha256 = "00jcjn1pl7qyqpg8pd4yhlkys7wbj4vkzgg73n27nmplzips6a0b"; }; nativeBuildInputs = [ + autoreconfHook pkg-config bison file flex asciidoc docbook_xml_dtd_45 docbook_xsl findXMLCatalogs libxslt ]; buildInputs = [ libmnl libnftnl libpcap - gmp jansson readline + gmp jansson libedit ] ++ optional withXtables iptables ++ optional withPython python3; @@ -33,9 +35,17 @@ stdenv.mkDerivation rec { substituteInPlace ./configure --replace /usr/bin/file ${file}/bin/file ''; + patches = [ + # fix build after 1.0.2 release, drop when updating to a newer release + (fetchpatch { + url = "https://git.netfilter.org/nftables/patch/?id=18a08fb7f0443f8bde83393bd6f69e23a04246b3"; + sha256 = "03dzhd7fhg0d20ly4rffk4ra7wlxp731892dhp8zw67jwhys9ywz"; + }) + ]; + configureFlags = [ "--with-json" - "--with-cli=readline" # TODO: maybe switch to editline + "--with-cli=editline" ] ++ optional (!withDebugSymbols) "--disable-debug" ++ optional (!withPython) "--disable-python" ++ optional withPython "--enable-python" diff --git a/pkgs/os-specific/linux/nix-ld/default.nix b/pkgs/os-specific/linux/nix-ld/default.nix new file mode 100644 index 00000000000..dcab99cabfe --- /dev/null +++ b/pkgs/os-specific/linux/nix-ld/default.nix @@ -0,0 +1,49 @@ +{ stdenv, meson, ninja, lib, nixosTests, fetchFromGitHub }: +let + self = stdenv.mkDerivation { + name = "nix-ld"; + src = fetchFromGitHub { + owner = "Mic92"; + repo = "nix-ld"; + rev = "1.0.0"; + sha256 = "sha256-QYPg8wPpq7q5Xd1jW17Lh36iKFSsVkN/gWYoQRv2XoU="; + }; + + doCheck = true; + + nativeBuildInputs = [ meson ninja ]; + + mesonFlags = [ + "-Dnix-system=${stdenv.system}" + ]; + + hardeningDisable = [ + "stackprotector" + ]; + + postInstall = '' + mkdir -p $out/nix-support + basename $(< ${stdenv.cc}/nix-support/dynamic-linker) > $out/nix-support/ld-name + ''; + + passthru.tests.nix-ld = nixosTests.nix-ld; + passthru.ldPath = let + libDir = if stdenv.system == "x86_64-linux" || + stdenv.system == "mips64-linux" || + stdenv.system == "powerpc64le-linux" + then + "/lib64" + else + "/lib"; + ldName = lib.fileContents "${self}/nix-support/ld-name"; + in "${libDir}/${ldName}"; + + meta = with lib; { + description = "Run unpatched dynamic binaries on NixOS"; + homepage = "https://github.com/Mic92/nix-ld"; + license = licenses.mit; + maintainers = with maintainers; [ mic92 ]; + platforms = platforms.linux; + }; + }; +in self diff --git a/pkgs/os-specific/linux/nixos-rebuild/default.nix b/pkgs/os-specific/linux/nixos-rebuild/default.nix index 08bba5a428d..34611d3f400 100644 --- a/pkgs/os-specific/linux/nixos-rebuild/default.nix +++ b/pkgs/os-specific/linux/nixos-rebuild/default.nix @@ -5,6 +5,7 @@ , gnugrep , nix , lib +, nixosTests }: let fallback = import ./../../../../nixos/modules/installer/tools/nix-fallback-paths.nix; @@ -19,4 +20,17 @@ substituteAll { nix_i686_linux = fallback.i686-linux; nix_aarch64_linux = fallback.aarch64-linux; path = lib.makeBinPath [ coreutils gnused gnugrep ]; + + # run some a simple installer tests to make sure nixos-rebuild still works for them + passthru.tests = { + simple-installer-test = nixosTests.installer.simple; + }; + + meta = { + description = "Rebuild your NixOS configuration and switch to it, on local hosts and remote."; + homepage = "https://github.com/NixOS/nixpkgs/tree/master/pkgs/os-specific/linux/nixos-rebuild"; + license = lib.licenses.mit; + maintainers = [ lib.maintainers.Profpatsch ]; + mainProgram = "nixos-rebuild"; + }; } diff --git a/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh b/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh index 5f950eb8b76..795bedb99d4 100755 --- a/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh +++ b/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh @@ -31,9 +31,16 @@ profile=/nix/var/nix/profiles/system buildHost=localhost targetHost= remoteSudo= +verboseScript= +noFlake= # comma separated list of vars to preserve when using sudo preservedSudoVars=NIXOS_INSTALL_BOOTLOADER +# log the given argument to stderr +log() { + echo "$@" >&2 +} + while [ "$#" -gt 0 ]; do i="$1"; shift 1 case "$i" in @@ -45,7 +52,7 @@ while [ "$#" -gt 0 ]; do action="$i" ;; --install-grub) - echo "$0: --install-grub deprecated, use --install-bootloader instead" >&2 + log "$0: --install-grub deprecated, use --install-bootloader instead" export NIXOS_INSTALL_BOOTLOADER=1 ;; --install-bootloader) @@ -64,14 +71,18 @@ while [ "$#" -gt 0 ]; do upgrade=1 upgrade_all=1 ;; - -s|--use-substitutes) + --use-substitutes|-s) copyClosureFlags+=("$i") ;; - --max-jobs|-j|--cores|-I|--builders) + -I|--max-jobs|-j|--cores|--builders) j="$1"; shift 1 extraBuildFlags+=("$i" "$j") ;; - --show-trace|--keep-failed|-K|--keep-going|-k|--verbose|-v|-vv|-vvv|-vvvv|-vvvvv|--fallback|--repair|--no-build-output|-Q|-j*|-L|--print-build-logs|--refresh|--no-net|--offline|--impure) + -j*|--quiet|--print-build-logs|-L|--no-build-output|-Q| --show-trace|--keep-going|-k|--keep-failed|-K|--fallback|--refresh|--repair|--impure|--offline|--no-net) + extraBuildFlags+=("$i") + ;; + --verbose|-v|-vv|-vvv|-vvvv|-vvvvv) + verboseScript="true" extraBuildFlags+=("$i") ;; --option) @@ -85,7 +96,7 @@ while [ "$#" -gt 0 ]; do ;; --profile-name|-p) if [ -z "$1" ]; then - echo "$0: ‘--profile-name’ requires an argument" + log "$0: ‘--profile-name’ requires an argument" exit 1 fi if [ "$1" != system ]; then @@ -110,6 +121,9 @@ while [ "$#" -gt 0 ]; do flakeFlags=(--extra-experimental-features 'nix-command flakes') shift 1 ;; + --no-flake) + noFlake=1 + ;; --recreate-lock-file|--no-update-lock-file|--no-write-lock-file|--no-registries|--commit-lock-file) lockFlags+=("$i") ;; @@ -123,7 +137,7 @@ while [ "$#" -gt 0 ]; do lockFlags+=("$i" "$j" "$k") ;; *) - echo "$0: unknown option \`$i'" + log "$0: unknown option \`$i'" exit 1 ;; esac @@ -143,30 +157,45 @@ if [ "$buildHost" = localhost ]; then buildHost= fi +# log the given argument to stderr if verbose mode is on +logVerbose() { + if [ -n "$verboseScript" ]; then + echo "$@" >&2 + fi +} + +# Run a command, logging it first if verbose mode is on +runCmd() { + logVerbose "$" "$@" + "$@" +} + buildHostCmd() { if [ -z "$buildHost" ]; then - "$@" + runCmd "$@" elif [ -n "$remoteNix" ]; then - ssh $SSHOPTS "$buildHost" "${maybeSudo[@]}" env PATH="$remoteNix":'$PATH' "$@" + runCmd ssh $SSHOPTS "$buildHost" "${maybeSudo[@]}" env PATH="$remoteNix":'$PATH' "$@" else - ssh $SSHOPTS "$buildHost" "${maybeSudo[@]}" "$@" + runCmd ssh $SSHOPTS "$buildHost" "${maybeSudo[@]}" "$@" fi } targetHostCmd() { if [ -z "$targetHost" ]; then - "${maybeSudo[@]}" "$@" + runCmd "${maybeSudo[@]}" "$@" else - ssh $SSHOPTS "$targetHost" "${maybeSudo[@]}" "$@" + runCmd ssh $SSHOPTS "$targetHost" "${maybeSudo[@]}" "$@" fi } copyToTarget() { if ! [ "$targetHost" = "$buildHost" ]; then if [ -z "$targetHost" ]; then - NIX_SSHOPTS=$SSHOPTS nix-copy-closure "${copyClosureFlags[@]}" --from "$buildHost" "$1" + logVerbose "Running nix-copy-closure with these NIX_SSHOPTS: $SSHOPTS" + NIX_SSHOPTS=$SSHOPTS runCmd nix-copy-closure "${copyClosureFlags[@]}" --from "$buildHost" "$1" elif [ -z "$buildHost" ]; then - NIX_SSHOPTS=$SSHOPTS nix-copy-closure "${copyClosureFlags[@]}" --to "$targetHost" "$1" + logVerbose "Running nix-copy-closure with these NIX_SSHOPTS: $SSHOPTS" + NIX_SSHOPTS=$SSHOPTS runCmd nix-copy-closure "${copyClosureFlags[@]}" --to "$targetHost" "$1" else buildHostCmd nix-copy-closure "${copyClosureFlags[@]}" --to "$targetHost" "$1" fi @@ -174,9 +203,12 @@ copyToTarget() { } nixBuild() { + logVerbose "Building in legacy (non-flake) mode." if [ -z "$buildHost" ]; then - nix-build "$@" + logVerbose "No --build-host given, running nix-build locally" + runCmd nix-build "$@" else + logVerbose "buildHost set to \"$buildHost\", running nix-build remotely" local instArgs=() local buildArgs=() local drv= @@ -206,24 +238,26 @@ nixBuild() { esac done - drv="$(nix-instantiate "${instArgs[@]}" "${extraBuildFlags[@]}")" + drv="$(runCmd nix-instantiate "${instArgs[@]}" "${extraBuildFlags[@]}")" if [ -a "$drv" ]; then - NIX_SSHOPTS=$SSHOPTS nix-copy-closure --to "$buildHost" "$drv" + logVerbose "Running nix-copy-closure with these NIX_SSHOPTS: $SSHOPTS" + NIX_SSHOPTS=$SSHOPTS runCmd nix-copy-closure --to "$buildHost" "$drv" buildHostCmd nix-store -r "$drv" "${buildArgs[@]}" else - echo "nix-instantiate failed" + log "nix-instantiate failed" exit 1 fi fi } nixFlakeBuild() { + logVerbose "Building in flake mode." if [[ -z "$buildHost" && -z "$targetHost" && "$action" != switch && "$action" != boot ]] then - nix "${flakeFlags[@]}" build "$@" + runCmd nix "${flakeFlags[@]}" build "$@" readlink -f ./result elif [ -z "$buildHost" ]; then - nix "${flakeFlags[@]}" build "$@" --out-link "${tmpDir}/result" + runCmd nix "${flakeFlags[@]}" build "$@" --out-link "${tmpDir}/result" readlink -f "${tmpDir}/result" else local attr="$1" @@ -255,12 +289,13 @@ nixFlakeBuild() { esac done - drv="$(nix "${flakeFlags[@]}" eval --raw "${attr}.drvPath" "${evalArgs[@]}" "${extraBuildFlags[@]}")" + drv="$(runCmd nix "${flakeFlags[@]}" eval --raw "${attr}.drvPath" "${evalArgs[@]}" "${extraBuildFlags[@]}")" if [ -a "$drv" ]; then - NIX_SSHOPTS=$SSHOPTS nix "${flakeFlags[@]}" copy --derivation --to "ssh://$buildHost" "$drv" + logVerbose "Running nix with these NIX_SSHOPTS: $SSHOPTS" + NIX_SSHOPTS=$SSHOPTS runCmd nix "${flakeFlags[@]}" copy --derivation --to "ssh://$buildHost" "$drv" buildHostCmd nix-store -r "$drv" "${buildArgs[@]}" else - echo "nix eval failed" + log "nix eval failed" exit 1 fi fi @@ -291,11 +326,11 @@ if [[ -n $upgrade && -z $_NIXOS_REBUILD_REEXEC && -z $flake ]]; then channel_name=$(basename "$channelpath") if [[ "$channel_name" == "nixos" ]]; then - nix-channel --update "$channel_name" + runCmd nix-channel --update "$channel_name" elif [ -e "$channelpath/.update-on-nixos-rebuild" ]; then - nix-channel --update "$channel_name" + runCmd nix-channel --update "$channel_name" elif [[ -n $upgrade_all ]] ; then - nix-channel --update "$channel_name" + runCmd nix-channel --update "$channel_name" fi done fi @@ -313,20 +348,10 @@ fi # Use /etc/nixos/flake.nix if it exists. It can be a symlink to the # actual flake. -if [[ -z $flake && -e /etc/nixos/flake.nix ]]; then +if [[ -z $flake && -e /etc/nixos/flake.nix && -z $noFlake ]]; then flake="$(dirname "$(readlink -f /etc/nixos/flake.nix)")" fi -# Re-execute nixos-rebuild from the Nixpkgs tree. -# FIXME: get nixos-rebuild from $flake. -if [[ -z $_NIXOS_REBUILD_REEXEC && -n $canRun && -z $fast && -z $flake ]]; then - if p=$(nix-build --no-out-link --expr 'with import <nixpkgs/nixos> {}; config.system.build.nixos-rebuild' "${extraBuildFlags[@]}"); then - export _NIXOS_REBUILD_REEXEC=1 - exec "$p/bin/nixos-rebuild" "${origArgs[@]}" - exit 1 - fi -fi - # For convenience, use the hostname as the default configuration to # build from the flake. if [[ -n $flake ]]; then @@ -345,33 +370,56 @@ if [[ -n $flake ]]; then fi fi + +tmpDir=$(mktemp -t -d nixos-rebuild.XXXXXX) + +cleanup() { + for ctrl in "$tmpDir"/ssh-*; do + ssh -o ControlPath="$ctrl" -O exit dummyhost 2>/dev/null || true + done + rm -rf "$tmpDir" +} +trap cleanup EXIT + + +# Re-execute nixos-rebuild from the Nixpkgs tree. +if [[ -z $_NIXOS_REBUILD_REEXEC && -n $canRun && -z $fast ]]; then + if [[ -z $flake ]]; then + if p=$(runCmd nix-build --no-out-link --expr 'with import <nixpkgs/nixos> {}; config.system.build.nixos-rebuild' "${extraBuildFlags[@]}"); then + SHOULD_REEXEC=1 + fi + else + runCmd nix "${flakeFlags[@]}" build --out-link "${tmpDir}/nixos-rebuild" "$flake#$flakeAttr.config.system.build.nixos-rebuild" "${extraBuildFlags[@]}" "${lockFlags[@]}" + if p=$(readlink -e "${tmpDir}/nixos-rebuild"); then + SHOULD_REEXEC=1 + fi + fi + + if [[ -n $SHOULD_REEXEC ]]; then + export _NIXOS_REBUILD_REEXEC=1 + # Manually call cleanup as the EXIT trap is not triggered when using exec + cleanup + runCmd exec "$p/bin/nixos-rebuild" "${origArgs[@]}" + exit 1 + fi +fi + # Find configuration.nix and open editor instead of building. if [ "$action" = edit ]; then if [[ -z $flake ]]; then - NIXOS_CONFIG=${NIXOS_CONFIG:-$(nix-instantiate --find-file nixos-config)} + NIXOS_CONFIG=${NIXOS_CONFIG:-$(runCmd nix-instantiate --find-file nixos-config)} if [[ -d $NIXOS_CONFIG ]]; then NIXOS_CONFIG=$NIXOS_CONFIG/default.nix fi - exec ${EDITOR:-nano} "$NIXOS_CONFIG" + runCmd exec ${EDITOR:-nano} "$NIXOS_CONFIG" else - exec nix "${flakeFlags[@]}" edit "${lockFlags[@]}" -- "$flake#$flakeAttr" + runCmd exec nix "${flakeFlags[@]}" edit "${lockFlags[@]}" -- "$flake#$flakeAttr" fi exit 1 fi - -tmpDir=$(mktemp -t -d nixos-rebuild.XXXXXX) SSHOPTS="$NIX_SSHOPTS -o ControlMaster=auto -o ControlPath=$tmpDir/ssh-%n -o ControlPersist=60" -cleanup() { - for ctrl in "$tmpDir"/ssh-*; do - ssh -o ControlPath="$ctrl" -O exit dummyhost 2>/dev/null || true - done - rm -rf "$tmpDir" -} -trap cleanup EXIT - - # First build Nix, since NixOS may require a newer version than the # current one. if [[ -n "$rollback" || "$action" = dry-build ]]; then @@ -395,32 +443,32 @@ prebuiltNix() { elif [[ "$machine" = aarch64 ]]; then echo @nix_aarch64_linux@ else - echo "$0: unsupported platform" + log "$0: unsupported platform" exit 1 fi } if [[ -n $buildNix && -z $flake ]]; then - echo "building Nix..." >&2 + log "building Nix..." nixDrv= - if ! nixDrv="$(nix-instantiate '<nixpkgs/nixos>' --add-root "$tmpDir/nix.drv" --indirect -A config.nix.package.out "${extraBuildFlags[@]}")"; then - if ! nixDrv="$(nix-instantiate '<nixpkgs>' --add-root "$tmpDir/nix.drv" --indirect -A nix "${extraBuildFlags[@]}")"; then - if ! nixStorePath="$(nix-instantiate --eval '<nixpkgs/nixos/modules/installer/tools/nix-fallback-paths.nix>' -A "$(nixSystem)" | sed -e 's/^"//' -e 's/"$//')"; then + if ! nixDrv="$(runCmd nix-instantiate '<nixpkgs/nixos>' --add-root "$tmpDir/nix.drv" --indirect -A config.nix.package.out "${extraBuildFlags[@]}")"; then + if ! nixDrv="$(runCmd nix-instantiate '<nixpkgs>' --add-root "$tmpDir/nix.drv" --indirect -A nix "${extraBuildFlags[@]}")"; then + if ! nixStorePath="$(runCmd nix-instantiate --eval '<nixpkgs/nixos/modules/installer/tools/nix-fallback-paths.nix>' -A "$(nixSystem)" | sed -e 's/^"//' -e 's/"$//')"; then nixStorePath="$(prebuiltNix "$(uname -m)")" fi - if ! nix-store -r "$nixStorePath" --add-root "${tmpDir}/nix" --indirect \ + if ! runCmd nix-store -r "$nixStorePath" --add-root "${tmpDir}/nix" --indirect \ --option extra-binary-caches https://cache.nixos.org/; then - echo "warning: don't know how to get latest Nix" >&2 + log "warning: don't know how to get latest Nix" fi # Older version of nix-store -r don't support --add-root. [ -e "$tmpDir/nix" ] || ln -sf "$nixStorePath" "$tmpDir/nix" if [ -n "$buildHost" ]; then - remoteNixStorePath="$(prebuiltNix "$(buildHostCmd uname -m)")" + remoteNixStorePath="$(runCmd prebuiltNix "$(buildHostCmd uname -m)")" remoteNix="$remoteNixStorePath/bin" if ! buildHostCmd nix-store -r "$remoteNixStorePath" \ --option extra-binary-caches https://cache.nixos.org/ >/dev/null; then remoteNix= - echo "warning: don't know how to get latest Nix" >&2 + log "warning: don't know how to get latest Nix" fi fi fi @@ -442,8 +490,8 @@ fi # Update the version suffix if we're building from Git (so that # nixos-version shows something useful). if [[ -n $canRun && -z $flake ]]; then - if nixpkgs=$(nix-instantiate --find-file nixpkgs "${extraBuildFlags[@]}"); then - suffix=$($SHELL "$nixpkgs/nixos/modules/installer/tools/get-version-suffix" "${extraBuildFlags[@]}" || true) + if nixpkgs=$(runCmd nix-instantiate --find-file nixpkgs "${extraBuildFlags[@]}"); then + suffix=$(runCmd $SHELL "$nixpkgs/nixos/modules/installer/tools/get-version-suffix" "${extraBuildFlags[@]}" || true) if [ -n "$suffix" ]; then echo -n "$suffix" > "$nixpkgs/.version-suffix" || true fi @@ -460,7 +508,7 @@ fi # or "boot"), or just build it and create a symlink "result" in the # current directory (for "build" and "test"). if [ -z "$rollback" ]; then - echo "building the system configuration..." >&2 + log "building the system configuration..." if [[ "$action" = switch || "$action" = boot ]]; then if [[ -z $flake ]]; then pathToConfig="$(nixBuild '<nixpkgs/nixos>' --no-out-link -A system "${extraBuildFlags[@]}")" @@ -517,7 +565,7 @@ fi # default and/or activate it now. if [[ "$action" = switch || "$action" = boot || "$action" = test || "$action" = dry-activate ]]; then if ! targetHostCmd "$pathToConfig/bin/switch-to-configuration" "$action"; then - echo "warning: error(s) occurred while switching to the new configuration" >&2 + log "warning: error(s) occurred while switching to the new configuration" exit 1 fi fi diff --git a/pkgs/os-specific/linux/nvidia-x11/default.nix b/pkgs/os-specific/linux/nvidia-x11/default.nix index 14526501785..996db748055 100644 --- a/pkgs/os-specific/linux/nvidia-x11/default.nix +++ b/pkgs/os-specific/linux/nvidia-x11/default.nix @@ -3,8 +3,8 @@ let generic = args: let imported = import ./generic.nix args; - in if ((!lib.versionOlder args.version "391") - && stdenv.hostPlatform.system != "x86_64-linux") then null + in if lib.versionAtLeast args.version "391" + && stdenv.hostPlatform.system != "x86_64-linux" then null else callPackage imported { lib32 = (pkgsi686Linux.callPackage imported { libsOnly = true; @@ -19,10 +19,10 @@ rec { # Policy: use the highest stable version as the default (on our master). stable = if stdenv.hostPlatform.system == "x86_64-linux" then generic { - version = "510.54"; - sha256_64bit = "TCDezK4/40et/Q5piaMG+QJP2t+DGtwejmCFVnUzUWE="; - settingsSha256 = "ZWz5UN6Pa69NlmerKu30G+X8WfGlAwnVerDrO7TRO6w="; - persistencedSha256 = "MgWrBjKXJeRqF+ouT72tTiLPtn+lsS/Cp3oS61AWV8Q="; + version = "510.68.02"; + sha256_64bit = "sha256-vSw0SskrL8ErBgQ1kKT+jU6wzLdNDEk1LwBM8tKZ9MU="; + settingsSha256 = "sha256-4TBA/ITpaaBiVDkpj7/Iydei1knRPpruPL4fRrqFAmU="; + persistencedSha256 = "sha256-Q1Rk6dAK4pnm6yDK4kmj5Vg4GRbi034C96ypywHYB2I="; } else legacy_390; @@ -39,12 +39,12 @@ rec { # Vulkan developer beta driver # See here for more information: https://developer.nvidia.com/vulkan-driver vulkan_beta = generic rec { - version = "455.46.04"; - persistencedVersion = "455.45.01"; - settingsVersion = "455.45.01"; - sha256_64bit = "1iv42w3x1vc00bgn6y4w1hnfsvnh6bvj3vcrq8hw47760sqwa4xa"; - settingsSha256 = "09v86y2c8xas9ql0bqr7vrjxx3if6javccwjzyly11dzffm02h7g"; - persistencedSha256 = "13s4b73il0lq2hs81q03176n16mng737bfsp3bxnxgnrv3whrayz"; + version = "470.62.13"; + persistencedVersion = "470.86"; + settingsVersion = "470.86"; + sha256_64bit = "sha256-itBFNPMy+Nn0g8V8qdkRb+ELHj57GRso1lXhPHUxKVI="; + settingsSha256 = "sha256-fq6RlD6g3uylvvTjE4MmaQwxPJYU0u6IMfpPVzks0tI="; + persistencedSha256 = "sha256-eHvauvh8Wd+b8DK6B3ZWNjoWGztupWrR8iog9ok58io="; url = "https://developer.nvidia.com/vulkan-beta-${lib.concatStrings (lib.splitString "." version)}-linux"; }; @@ -54,10 +54,10 @@ rec { # Last one supporting Kepler architecture legacy_470 = generic { - version = "470.94"; - sha256_64bit = "lYWqKTMOutm98izjyiusICbIWpoy8D18WfcUp3mFAOs="; - settingsSha256 = "blJNKuFu/Th/ceexkKhTH/eYk8miUlTT+ESrcIyJNn0="; - persistencedSha256 = "xnccQ/EgafwnReBlk5Y7iClAj4hwXyFq9gUmwqyEuwE="; + version = "470.103.01"; + sha256_64bit = "VsIwn4nCE0Y7DEY2D3siddc3HTxyevP+3IjElu3Ih6U="; + settingsSha256 = "Roc2OFSNEnIGLVwP0D9f8vFTf5v3KkL99S0mZBWN7s0="; + persistencedSha256 = "AVI0j2bpfMCMBTKuQp+BoCewaXIW3Xt4NnV1fjAHOr0="; }; # Last one supporting x86 @@ -67,6 +67,8 @@ rec { sha256_64bit = "09qcdfn4j5jza3iw59wqwgq4a489qf7kx355yssrcahaw9g87lxz"; settingsSha256 = "16qqw0jy31da65cdi17y3j2kcdhw09vra7g17bkcimaqnf70j0ni"; persistencedSha256 = "1ad81y4qfpxrx0vqsk81a3h0bi1yg8hw5gi5y5d58p76vc8083i9"; + + broken = kernel.kernelAtLeast "5.17"; }; legacy_340 = generic { @@ -77,7 +79,7 @@ rec { persistencedSha256 = "1ax4xn3nmxg1y6immq933cqzw6cj04x93saiasdc0kjlv0pvvnkn"; useGLVND = false; - broken = with kernel; kernelAtLeast "5.5"; + broken = kernel.kernelAtLeast "5.5"; patches = [ ./vm_operations_struct-fault.patch ]; }; } diff --git a/pkgs/os-specific/linux/nvidia-x11/generic.nix b/pkgs/os-specific/linux/nvidia-x11/generic.nix index c7e062534a4..bc867d8b82b 100644 --- a/pkgs/os-specific/linux/nvidia-x11/generic.nix +++ b/pkgs/os-specific/linux/nvidia-x11/generic.nix @@ -33,7 +33,7 @@ with lib; assert !libsOnly -> kernel != null; assert versionOlder version "391" -> sha256_32bit != null; -assert ! versionOlder version "391" -> stdenv.hostPlatform.system == "x86_64-linux"; +assert versionAtLeast version "391" -> stdenv.hostPlatform.system == "x86_64-linux"; let nameSuffix = optionalString (!libsOnly) "-${kernel.version}"; diff --git a/pkgs/os-specific/linux/ocf-resource-agents/default.nix b/pkgs/os-specific/linux/ocf-resource-agents/default.nix index 9c9557c7be8..8d7f2b52714 100644 --- a/pkgs/os-specific/linux/ocf-resource-agents/default.nix +++ b/pkgs/os-specific/linux/ocf-resource-agents/default.nix @@ -1,3 +1,5 @@ +# This combines together OCF definitions from other derivations. +# https://github.com/ClusterLabs/resource-agents/blob/master/doc/dev-guides/ra-dev-guide.asc { stdenv , lib , runCommand @@ -8,12 +10,16 @@ , python3 , glib , drbd +, pacemaker }: let drbdForOCF = drbd.override { forOCF = true; }; + pacemakerForOCF = pacemaker.override { + forOCF = true; + }; resource-agentsForOCF = stdenv.mkDerivation rec { pname = "resource-agents"; @@ -53,4 +59,5 @@ runCommand "ocf-resource-agents" {} '' mkdir -p $out/usr/lib/ocf ${lndir}/bin/lndir -silent "${resource-agentsForOCF}/lib/ocf/" $out/usr/lib/ocf ${lndir}/bin/lndir -silent "${drbdForOCF}/usr/lib/ocf/" $out/usr/lib/ocf + ${lndir}/bin/lndir -silent "${pacemakerForOCF}/usr/lib/ocf/" $out/usr/lib/ocf '' diff --git a/pkgs/os-specific/linux/oci-seccomp-bpf-hook/default.nix b/pkgs/os-specific/linux/oci-seccomp-bpf-hook/default.nix index 511dd162785..1952d31b024 100644 --- a/pkgs/os-specific/linux/oci-seccomp-bpf-hook/default.nix +++ b/pkgs/os-specific/linux/oci-seccomp-bpf-hook/default.nix @@ -10,12 +10,12 @@ buildGoModule rec { pname = "oci-seccomp-bpf-hook"; - version = "1.2.3"; + version = "1.2.5"; src = fetchFromGitHub { owner = "containers"; repo = "oci-seccomp-bpf-hook"; rev = "v${version}"; - sha256 = "sha256-EKD6tkdQCPlVlb9ScvRwDxYAtbbv9PIqBHH6SvtPDsE="; + sha256 = "sha256-PU7WX5RAV6wWVRsqq6MdEjr00AtlTT4cSacRaxrEF2s="; }; vendorSha256 = null; diff --git a/pkgs/os-specific/linux/openrazer/driver.nix b/pkgs/os-specific/linux/openrazer/driver.nix index 6e387de0719..2de63580ac3 100644 --- a/pkgs/os-specific/linux/openrazer/driver.nix +++ b/pkgs/os-specific/linux/openrazer/driver.nix @@ -15,7 +15,7 @@ stdenv.mkDerivation (common // { nativeBuildInputs = kernel.moduleBuildDependencies; - buildFlags = [ + makeFlags = kernel.makeFlags ++ [ "KERNELDIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" ]; diff --git a/pkgs/os-specific/linux/pam_u2f/default.nix b/pkgs/os-specific/linux/pam_u2f/default.nix index 5e4b190c7a3..1b95067bab5 100644 --- a/pkgs/os-specific/linux/pam_u2f/default.nix +++ b/pkgs/os-specific/linux/pam_u2f/default.nix @@ -30,5 +30,6 @@ stdenv.mkDerivation rec { license = licenses.bsd2; platforms = platforms.unix; maintainers = with maintainers; [ philandstuff ]; + mainProgram = "pamu2fcfg"; }; } diff --git a/pkgs/os-specific/linux/pam_usb/default.nix b/pkgs/os-specific/linux/pam_usb/default.nix index 0091accd57a..ebd45246ae8 100644 --- a/pkgs/os-specific/linux/pam_usb/default.nix +++ b/pkgs/os-specific/linux/pam_usb/default.nix @@ -41,8 +41,12 @@ stdenv.mkDerivation rec { sha256 = "1g1w0s9d8mfld8abrn405ll5grv3xgs0b0hsganrz6qafdq9j7q1"; }; - buildInputs = [ + nativeBuildInputs = [ makeWrapper + pkg-config + ]; + + buildInputs = [ # pam_usb dependencies dbus libxml2 pam pmount pkg-config # pam_usb's tools dependencies diff --git a/pkgs/os-specific/linux/pam_ussh/default.nix b/pkgs/os-specific/linux/pam_ussh/default.nix new file mode 100644 index 00000000000..889c8bc6f57 --- /dev/null +++ b/pkgs/os-specific/linux/pam_ussh/default.nix @@ -0,0 +1,67 @@ +{ buildGoModule +, fetchFromGitHub +, pam +, lib +, nixosTests +}: + +buildGoModule rec { + pname = "pam_ussh"; + version = "unstable-20210615"; + + src = fetchFromGitHub { + owner = "uber"; + repo = "pam-ussh"; + rev = "e9524bda90ba19d3b9eb24f49cb63a6a56a19193"; # HEAD as of 2022-03-13 + sha256 = "0nb9hpqbghgi3zvq41kabydzyc6ffaaw9b4jkc5jrwn1klpw1xk8"; + }; + + prePatch = '' + cp ${./go.mod} go.mod + ''; + overrideModAttrs = (_: { + inherit prePatch; + }); + + vendorSha256 = "0hjifc3kbwmx7kjn858vi05cwwra6q19cqjfd94k726pwhk37qkw"; + + buildInputs = [ + pam + ]; + + buildPhase = '' + runHook preBuild + + if [ -z "$enableParallelBuilding" ]; then + export NIX_BUILD_CORES=1 + fi + go build -buildmode=c-shared -o pam_ussh.so -v -p $NIX_BUILD_CORES . + + runHook postBuild + ''; + checkPhase = '' + runHook preCheck + + go test -v -p $NIX_BUILD_CORES . + + runHook postCheck + ''; + installPhase = '' + runHook preInstall + + mkdir -p $out/lib/security + cp pam_ussh.so $out/lib/security + + runHook postInstall + ''; + + passthru.tests = { inherit (nixosTests) pam-ussh; }; + + meta = with lib; { + homepage = "https://github.com/uber/pam-ussh"; + description = "PAM module to authenticate using SSH certificates"; + license = licenses.mit; + platforms = platforms.linux; + maintainers = with maintainers; [ lukegb ]; + }; +} diff --git a/pkgs/os-specific/linux/pam_ussh/go.mod b/pkgs/os-specific/linux/pam_ussh/go.mod new file mode 100644 index 00000000000..9adc453560a --- /dev/null +++ b/pkgs/os-specific/linux/pam_ussh/go.mod @@ -0,0 +1,15 @@ +module github.com/uber/pam-ussh + +go 1.17 + +require ( + github.com/stretchr/testify v1.7.0 + golang.org/x/crypto v0.0.0-20220313003712-b769efc7c000 +) + +require ( + github.com/davecgh/go-spew v1.1.0 // indirect + github.com/pmezard/go-difflib v1.0.0 // indirect + golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1 // indirect + gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c // indirect +) diff --git a/pkgs/os-specific/linux/pflask/default.nix b/pkgs/os-specific/linux/pflask/default.nix index ba525c1a387..deb3e06ca49 100644 --- a/pkgs/os-specific/linux/pflask/default.nix +++ b/pkgs/os-specific/linux/pflask/default.nix @@ -1,18 +1,22 @@ -{ lib, stdenv, fetchFromGitHub, python2, wafHook }: +{ lib, stdenv, fetchFromGitHub, python3, wafHook }: stdenv.mkDerivation rec { pname = "pflask"; - version = "unstable-2015-12-17"; + version = "unstable-2018-01-23"; src = fetchFromGitHub { owner = "ghedo"; - repo = "pflask"; - rev = "599418bb6453eaa0ccab493f9411f13726c1a636"; - hash = "sha256-0RjitZd2JUK7WUEJuw4qhUx3joY5OI0Hh74mTzp7GmY="; + repo = pname; + rev = "9ac31ffe2ed29453218aac89ae992abbd6e7cc69"; + hash = "sha256-bAKPUj/EipZ98kHbZiFZZI3hLVMoQpCrYKMmznpSDhg="; }; - nativeBuildInputs = [ wafHook ]; - buildInputs = [ python2 ]; + nativeBuildInputs = [ python3 wafHook ]; + + postInstall = '' + mkdir -p $out/bin + cp build/pflask $out/bin + ''; meta = { description = "Lightweight process containers for Linux"; diff --git a/pkgs/os-specific/linux/pipework/default.nix b/pkgs/os-specific/linux/pipework/default.nix index 33192392888..ea274377ced 100644 --- a/pkgs/os-specific/linux/pipework/default.nix +++ b/pkgs/os-specific/linux/pipework/default.nix @@ -1,5 +1,5 @@ { stdenv, lib, fetchFromGitHub, makeWrapper -, bridge-utils, iproute2, lxc, openvswitch, docker, busybox, dhcpcd, dhcp +, bridge-utils, iproute2, lxc, openvswitch, docker, busybox, dhcpcd }: stdenv.mkDerivation { @@ -15,7 +15,7 @@ stdenv.mkDerivation { installPhase = '' install -D pipework $out/bin/pipework wrapProgram $out/bin/pipework --prefix PATH : \ - ${lib.makeBinPath [ bridge-utils iproute2 lxc openvswitch docker busybox dhcpcd dhcp ]}; + ${lib.makeBinPath [ bridge-utils iproute2 lxc openvswitch docker busybox dhcpcd ]}; ''; meta = with lib; { description = "Software-Defined Networking tools for LXC"; diff --git a/pkgs/os-specific/linux/ply/default.nix b/pkgs/os-specific/linux/ply/default.nix index 916aa39eee2..dbd8925a5cb 100644 --- a/pkgs/os-specific/linux/ply/default.nix +++ b/pkgs/os-specific/linux/ply/default.nix @@ -35,6 +35,5 @@ stdenv.mkDerivation rec { homepage = "https://wkz.github.io/ply/"; license = [ licenses.gpl2Only ]; maintainers = with maintainers; [ mic92 mbbx6spp ]; - broken = lib.versionOlder kernel.version "4.0"; }; } diff --git a/pkgs/os-specific/linux/plymouth/default.nix b/pkgs/os-specific/linux/plymouth/default.nix index 62950b08525..4e755a28db8 100644 --- a/pkgs/os-specific/linux/plymouth/default.nix +++ b/pkgs/os-specific/linux/plymouth/default.nix @@ -96,7 +96,7 @@ stdenv.mkDerivation rec { homepage = "https://www.freedesktop.org/wiki/Software/Plymouth/"; description = "Boot splash and boot logger"; license = licenses.gpl2Plus; - maintainers = [ maintainers.goibhniu teams.gnome.members ]; + maintainers = [ maintainers.goibhniu ] ++ teams.gnome.members; platforms = platforms.linux; }; } diff --git a/pkgs/os-specific/linux/projecteur/default.nix b/pkgs/os-specific/linux/projecteur/default.nix new file mode 100644 index 00000000000..63de7453935 --- /dev/null +++ b/pkgs/os-specific/linux/projecteur/default.nix @@ -0,0 +1,32 @@ +{ lib, mkDerivation, fetchFromGitHub, + cmake, pkg-config, + qtbase, qtgraphicaleffects, wrapQtAppsHook }: +mkDerivation rec { + pname = "projecteur"; + version = "0.9.2"; + + src = fetchFromGitHub { + owner = "jahnf"; + repo = "Projecteur"; + rev = "v${version}"; + fetchSubmodules = false; + sha256 = "sha256-kg6oYtJ4H5A6RNATBg+XvMfCb9FlhEBFjfxamGosMQg="; + }; + + buildInputs = [ qtbase qtgraphicaleffects ]; + nativeBuildInputs = [ wrapQtAppsHook cmake pkg-config ]; + + cmakeFlags = [ + "-DCMAKE_INSTALL_PREFIX:PATH=${placeholder "out"}" + "-DPACKAGE_TARGETS=OFF" + "-DCMAKE_INSTALL_UDEVRULESDIR=${placeholder "out"}/lib/udev/rules.d" + ]; + + meta = with lib; { + description = "Linux/X11 application for the Logitech Spotlight device (and similar devices)."; + homepage = "https://github.com/jahnf/Projecteur"; + license = licenses.mit; + platforms = platforms.linux; + maintainers = with maintainers; [ benneti ]; + }; +} diff --git a/pkgs/os-specific/linux/pscircle/default.nix b/pkgs/os-specific/linux/pscircle/default.nix index ef7dbc55a9a..a293790cc97 100644 --- a/pkgs/os-specific/linux/pscircle/default.nix +++ b/pkgs/os-specific/linux/pscircle/default.nix @@ -11,11 +11,14 @@ stdenv.mkDerivation rec { sha256 = "1sm99423hh90kr4wdjqi9sdrrpk65j2vz2hzj65zcxfxyr6khjci"; }; + nativeBuildInputs = [ + meson + pkg-config + ninja + ]; + buildInputs = [ - meson - pkg-config - cairo - ninja + cairo ]; meta = with lib; { diff --git a/pkgs/os-specific/linux/r8168/default.nix b/pkgs/os-specific/linux/r8168/default.nix index 91e15db2eeb..bcf5fb8956a 100644 --- a/pkgs/os-specific/linux/r8168/default.nix +++ b/pkgs/os-specific/linux/r8168/default.nix @@ -10,7 +10,7 @@ in stdenv.mkDerivation rec { # This is a mirror. The original website[1] doesn't allow non-interactive # downloads, instead emailing you a download link. - # [1] http://www.realtek.com.tw/downloads/downloadsView.aspx?PFid=5&Level=5&Conn=4&DownTypeID=3 + # [1] https://www.realtek.com/en/component/zoo/category/network-interface-controllers-10-100-1000m-gigabit-ethernet-pci-express-software # I've verified manually (`diff -r`) that the source code for version 8.046.00 # is the same as the one available on the realtek website. src = fetchFromGitHub { @@ -27,11 +27,13 @@ in stdenv.mkDerivation rec { # avoid using the Makefile directly -- it doesn't understand # any kernel but the current. # based on the ArchLinux pkgbuild: https://git.archlinux.org/svntogit/community.git/tree/trunk/PKGBUILD?h=packages/r8168 + makeFlags = kernel.makeFlags ++ [ + "-C ${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" + "M=$(PWD)/src" + "modules" + ]; preBuild = '' - makeFlagsArray+=("-C${kernel.dev}/lib/modules/${kernel.modDirVersion}/build") - makeFlagsArray+=("M=$PWD/src") makeFlagsArray+=("EXTRA_CFLAGS=-DCONFIG_R8168_NAPI -DCONFIG_R8168_VLAN -DCONFIG_ASPM -DENABLE_S5WOL -DENABLE_EEE") - makeFlagsArray+=("modules") ''; enableParallelBuilding = true; @@ -52,5 +54,6 @@ in stdenv.mkDerivation rec { license = licenses.gpl2Plus; platforms = platforms.linux; maintainers = with maintainers; [ timokau ]; + broken = kernel.kernelAtLeast "5.17"; }; } diff --git a/pkgs/os-specific/linux/rasdaemon/default.nix b/pkgs/os-specific/linux/rasdaemon/default.nix index 22ca59bff53..cccd91fff8e 100644 --- a/pkgs/os-specific/linux/rasdaemon/default.nix +++ b/pkgs/os-specific/linux/rasdaemon/default.nix @@ -7,13 +7,13 @@ stdenv.mkDerivation rec { pname = "rasdaemon"; - version = "0.6.7"; + version = "0.6.8"; src = fetchFromGitHub { owner = "mchehab"; repo = "rasdaemon"; rev = "v${version}"; - sha256 = "sha256-vyUDwqDe+HD4mka6smdQuVSM5U9uMv/TrfHkyqVJMIo="; + sha256 = "sha256-gcwoc9lIJyqUiCSAHf1U8geLG58CxzjMFYFl8moaA2Q="; }; nativeBuildInputs = [ autoreconfHook ]; diff --git a/pkgs/os-specific/linux/raspberrypi-eeprom/default.nix b/pkgs/os-specific/linux/raspberrypi-eeprom/default.nix index c68d4058396..c2ce195faf1 100644 --- a/pkgs/os-specific/linux/raspberrypi-eeprom/default.nix +++ b/pkgs/os-specific/linux/raspberrypi-eeprom/default.nix @@ -3,18 +3,13 @@ }: stdenvNoCC.mkDerivation rec { pname = "raspberrypi-eeprom"; - version = "2021.12.02"; - # From 3fdf703f3f7bbe57eacceada3b558031229a34b0 Mon Sep 17 00:00:00 2001 - # From: Peter Harper <peter.harper@raspberrypi.com> - # Date: Mon, 13 Dec 2021 11:56:11 +0000 - # Subject: [PATCH] 2021-12-02: Promote the 2021-12-02 beta release to LATEST/STABLE - commit = "3fdf703f3f7bbe57eacceada3b558031229a34b0"; + version = "unstable-2022-03-10"; src = fetchFromGitHub { owner = "raspberrypi"; repo = "rpi-eeprom"; - rev = commit; - sha256 = "sha256-JTL2ziOkT0tnOrOS08ttNtxj3qegsacP73xZBVur7xM="; + rev = "e8927007e3800db3a72100ee6cd38b0d9b687c16"; + hash = "sha256-/hn6l5gheh6E3zoANwU1SXYgdry2IjOT9Muw2jkrtCU="; }; buildInputs = [ python3 ]; diff --git a/pkgs/os-specific/linux/rdma-core/default.nix b/pkgs/os-specific/linux/rdma-core/default.nix index f7543291ded..44308d8a89d 100644 --- a/pkgs/os-specific/linux/rdma-core/default.nix +++ b/pkgs/os-specific/linux/rdma-core/default.nix @@ -5,13 +5,13 @@ stdenv.mkDerivation rec { pname = "rdma-core"; - version = "39.0"; + version = "40.0"; src = fetchFromGitHub { owner = "linux-rdma"; repo = "rdma-core"; rev = "v${version}"; - sha256 = "sha256-7Z06bdCtv/gdZKzKfcU+JrWl4+b6b/cdKp8pMLCZZo0="; + sha256 = "0pcpbri50y5gzrmdqx90wngfd6cfas3m7zlfhz9lqr583fp08vfw"; }; strictDeps = true; diff --git a/pkgs/os-specific/linux/reap/default.nix b/pkgs/os-specific/linux/reap/default.nix new file mode 100644 index 00000000000..fbbabc96c78 --- /dev/null +++ b/pkgs/os-specific/linux/reap/default.nix @@ -0,0 +1,27 @@ +{ lib, stdenv, fetchFromGitHub }: + +stdenv.mkDerivation rec { + pname = "reap"; + version = "0.3-unreleased"; + + src = fetchFromGitHub { + owner = "leahneukirchen"; + repo = "reap"; + rev = "0e68d09804fb9ec82af37045fb37c2ceefa391d5"; + hash = "sha256-4Bv7stW5PKcODQanup37YbiUWrEGR6BuSFXibAHmwn0="; + }; + + makeFlags = [ "PREFIX=${placeholder "out"}" ]; + + postInstall = '' + install -dm755 "$out/share/licenses/reap/" + ''; + + meta = with lib; { + homepage = "https://github.com/leahneukirchen/reap"; + description = "run process until all its spawned processes are dead "; + license = with licenses; [ publicDomain ]; + platforms = platforms.linux; + maintainers = [ maintainers.leahneukirchen ]; + }; +} diff --git a/pkgs/os-specific/linux/rtl8189es/default.nix b/pkgs/os-specific/linux/rtl8189es/default.nix index 500359f7e4f..c1032473db1 100644 --- a/pkgs/os-specific/linux/rtl8189es/default.nix +++ b/pkgs/os-specific/linux/rtl8189es/default.nix @@ -2,17 +2,16 @@ stdenv.mkDerivation rec { name = "rtl8189es-${kernel.version}-${version}"; - version = "2020-10-03"; + version = "2021-10-01"; src = fetchFromGitHub { owner = "jwrdegoede"; repo = "rtl8189ES_linux"; - rev = "03ac413135a355b55b693154c44b70f86a39732e"; - sha256 = "0wiikviwyvy6h55rgdvy7csi1zqniqg26p8x44rd6mhbw0g00h56"; + rev = "be378f47055da1bae42ff6ec1d62f1a5052ef097"; + sha256 = "sha256-+19q1Xux2BjquavY+s0UDzTubEt6BEUZ9XVDVmj36us="; }; - nativeBuildInputs = [ bc nukeReferences ]; - buildInputs = kernel.moduleBuildDependencies; + nativeBuildInputs = [ bc nukeReferences ] ++ kernel.moduleBuildDependencies; hardeningDisable = [ "pic" "format" ]; @@ -23,13 +22,10 @@ stdenv.mkDerivation rec { substituteInPlace ./Makefile --replace '$(MODDESTDIR)' "$out/lib/modules/${kernel.modDirVersion}/kernel/net/wireless/" ''; - makeFlags = [ - "ARCH=${stdenv.hostPlatform.linuxArch}" + makeFlags = kernel.makeFlags ++ [ "KSRC=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" ("CONFIG_PLATFORM_I386_PC=" + (if (stdenv.hostPlatform.isi686 || stdenv.hostPlatform.isx86_64) then "y" else "n")) ("CONFIG_PLATFORM_ARM_RPI=" + (if (stdenv.hostPlatform.isAarch32 || stdenv.hostPlatform.isAarch64) then "y" else "n")) - ] ++ lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) [ - "CROSS_COMPILE=${stdenv.cc.targetPrefix}" ]; preInstall = '' @@ -46,5 +42,6 @@ stdenv.mkDerivation rec { license = licenses.gpl2; platforms = platforms.linux; maintainers = with maintainers; [ danielfullmer lheckemann ]; + broken = kernel.kernelAtLeast "5.17"; }; } diff --git a/pkgs/os-specific/linux/rtl8192eu/default.nix b/pkgs/os-specific/linux/rtl8192eu/default.nix index b33330611b8..de4dd52e511 100644 --- a/pkgs/os-specific/linux/rtl8192eu/default.nix +++ b/pkgs/os-specific/linux/rtl8192eu/default.nix @@ -6,20 +6,20 @@ let modDestDir = "$out/lib/modules/${kernel.modDirVersion}/kernel/drivers/net/wi in stdenv.mkDerivation rec { pname = "rtl8192eu"; - version = "${kernel.version}-4.4.1.20211023"; + version = "${kernel.version}-4.4.1.20220313"; src = fetchFromGitHub { owner = "Mange"; repo = "rtl8192eu-linux-driver"; - rev = "744bbe52976e51895fce2c1d4075f97a98dca2b2"; - sha256 = "1ayb3fljvpljwcgi47h8vj2d2w5imqyjxc7mvmfrvmilzg5d5cj7"; + rev = "e0f967cea1d0037c730246c572f7fef000865ff7"; + sha256 = "sha256-Wgp1MZ/z8AxbZPYsmR6t7Q4nsL0TFEqTEsrkkWPI6gI="; }; hardeningDisable = [ "pic" ]; nativeBuildInputs = kernel.moduleBuildDependencies ++ [ bc ]; - makeFlags = [ "KSRC=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" ]; + makeFlags = kernel.makeFlags ++ [ "KSRC=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" ]; enableParallelBuilding = true; diff --git a/pkgs/os-specific/linux/rtl8723bs/default.nix b/pkgs/os-specific/linux/rtl8723bs/default.nix index a862b351716..b6ab883ca75 100644 --- a/pkgs/os-specific/linux/rtl8723bs/default.nix +++ b/pkgs/os-specific/linux/rtl8723bs/default.nix @@ -35,7 +35,7 @@ stdenv.mkDerivation rec { homepage = "https://github.com/hadess/rtl8723bs"; license = lib.licenses.gpl2; platforms = lib.platforms.linux; - broken = (! versionOlder kernel.version "4.12"); # Now in kernel staging drivers + broken = versionAtLeast kernel.version "4.12"; # Now in kernel staging drivers maintainers = with maintainers; [ elitak ]; }; } diff --git a/pkgs/os-specific/linux/rtl8814au/default.nix b/pkgs/os-specific/linux/rtl8814au/default.nix index f9ca60b1112..dce8733c0cc 100644 --- a/pkgs/os-specific/linux/rtl8814au/default.nix +++ b/pkgs/os-specific/linux/rtl8814au/default.nix @@ -2,16 +2,17 @@ stdenv.mkDerivation { pname = "rtl8814au"; - version = "${kernel.version}-unstable-2021-10-25"; + version = "${kernel.version}-unstable-2022-02-21"; src = fetchFromGitHub { owner = "morrownr"; repo = "8814au"; - rev = "d36c0874716b0776ac6c7dcd6110598ef0f6dd53"; - sha256 = "0lk3ldff489ggbqmlfi4zvnp1cvxj1b06m0fhpzai82070klzzmj"; + rev = "a538e3878c4b7b0b012f2d2fe7804390caaebd90"; + sha256 = "sha256-xBGbcy/WonFrNflMlFCD/JQOFKhPrv0J3j2XcXWc6hk="; }; - buildInputs = kernel.moduleBuildDependencies; + nativeBuildInputs = kernel.moduleBuildDependencies; + makeFlags = kernel.makeFlags; hardeningDisable = [ "pic" ]; diff --git a/pkgs/os-specific/linux/rtl8821au/default.nix b/pkgs/os-specific/linux/rtl8821au/default.nix index 5800405f283..dc693f01f57 100644 --- a/pkgs/os-specific/linux/rtl8821au/default.nix +++ b/pkgs/os-specific/linux/rtl8821au/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "rtl8821au"; - version = "${kernel.version}-unstable-2021-11-05"; + version = "${kernel.version}-unstable-2022-03-08"; src = fetchFromGitHub { owner = "morrownr"; repo = "8821au-20210708"; - rev = "dd9f442d86535fb749ab06f38f97160484d9f04b"; - sha256 = "0d90zd45b8934wxy51q1x39lx4n3i28zjm6jcq98wkm4lypgphxv"; + rev = "2c0c6fef81c0c7dcf8fa06fc4ab72168abc4f7bb"; + sha256 = "sha256-Hdzi3pGqH71O0Jenjd/myG4+rZDLC/CcWHkjDoXBxS0="; }; nativeBuildInputs = [ bc nukeReferences ]; diff --git a/pkgs/os-specific/linux/rtl8821ce/default.nix b/pkgs/os-specific/linux/rtl8821ce/default.nix index 75e12a1b7a4..039d4b3fb7b 100644 --- a/pkgs/os-specific/linux/rtl8821ce/default.nix +++ b/pkgs/os-specific/linux/rtl8821ce/default.nix @@ -1,4 +1,10 @@ -{ lib, stdenv, fetchFromGitHub, kernel, bc }: +{ lib +, stdenv +, fetchFromGitHub +, fetchpatch +, kernel +, bc +}: stdenv.mkDerivation rec { pname = "rtl8821ce"; @@ -11,10 +17,16 @@ stdenv.mkDerivation rec { sha256 = "18ma8a8h1l90dss0k6al7q6plwr57jc9g67p22g9917k1jfbhm97"; }; + # Fixes the build on kernel >= 5.17. Can be removed once https://github.com/tomaspinho/rtl8821ce/pull/267 is merged + patches = [(fetchpatch { + url = "https://github.com/tomaspinho/rtl8821ce/commit/7b9e55df64b10fed785f22df9f36ed4a30b59d0e.patch"; + sha256 = "sha256-mpAWOG1aXsklGuDbrRB9Vd36mgeCdctKQaWuuoqEEp0="; + })]; + hardeningDisable = [ "pic" ]; - nativeBuildInputs = [ bc ]; - buildInputs = kernel.moduleBuildDependencies; + nativeBuildInputs = [ bc ] ++ kernel.moduleBuildDependencies; + makeFlags = kernel.makeFlags; prePatch = '' substituteInPlace ./Makefile \ diff --git a/pkgs/os-specific/linux/rtl8821cu/default.nix b/pkgs/os-specific/linux/rtl8821cu/default.nix index 9229a3c1306..a3d767d2ee6 100644 --- a/pkgs/os-specific/linux/rtl8821cu/default.nix +++ b/pkgs/os-specific/linux/rtl8821cu/default.nix @@ -2,19 +2,19 @@ stdenv.mkDerivation rec { pname = "rtl8821cu"; - version = "${kernel.version}-unstable-2021-10-21"; + version = "${kernel.version}-unstable-2022-03-08"; src = fetchFromGitHub { owner = "morrownr"; - repo = "8821cu"; - rev = "4e2d84c5e70245f850877f355e8bf293f252f61c"; - sha256 = "1j32psvfgzfs5b1pdff6xk76iz7j8scakji6zm3vgqb2ssbxx1k1"; + repo = "8821cu-20210118"; + rev = "4bdd7c8668562e43564cd5d786055633e591ad4d"; + sha256 = "sha256-dfvDpjsra/nHwIGywOkZICTEP/Ex7ooH4zzkXqAaDkI="; }; hardeningDisable = [ "pic" ]; - nativeBuildInputs = [ bc ]; - buildInputs = kernel.moduleBuildDependencies; + nativeBuildInputs = [ bc ] ++ kernel.moduleBuildDependencies; + makeFlags = kernel.makeFlags; prePatch = '' substituteInPlace ./Makefile \ diff --git a/pkgs/os-specific/linux/rtl88x2bu/default.nix b/pkgs/os-specific/linux/rtl88x2bu/default.nix index 31d8f50a528..e092d145abd 100644 --- a/pkgs/os-specific/linux/rtl88x2bu/default.nix +++ b/pkgs/os-specific/linux/rtl88x2bu/default.nix @@ -13,10 +13,10 @@ stdenv.mkDerivation rec { hardeningDisable = [ "pic" ]; - nativeBuildInputs = [ bc ]; - buildInputs = kernel.moduleBuildDependencies; + nativeBuildInputs = [ bc ] ++ kernel.moduleBuildDependencies; + makeFlags = kernel.makeFlags; - prePatch = '' + prePatch = '' substituteInPlace ./Makefile \ --replace /lib/modules/ "${kernel.dev}/lib/modules/" \ --replace '$(shell uname -r)' "${kernel.modDirVersion}" \ diff --git a/pkgs/os-specific/linux/rtl88xxau-aircrack/default.nix b/pkgs/os-specific/linux/rtl88xxau-aircrack/default.nix index 1f27c262e67..f975cc2b420 100644 --- a/pkgs/os-specific/linux/rtl88xxau-aircrack/default.nix +++ b/pkgs/os-specific/linux/rtl88xxau-aircrack/default.nix @@ -1,7 +1,7 @@ { lib, stdenv, fetchFromGitHub, kernel }: let - rev = "307d694076b056588c652c2bdaa543a89eb255d9"; + rev = "37e27f9165300c89607144b646545fac576ec510"; in stdenv.mkDerivation rec { pname = "rtl88xxau-aircrack"; @@ -11,7 +11,7 @@ stdenv.mkDerivation rec { owner = "aircrack-ng"; repo = "rtl8812au"; inherit rev; - sha256 = "sha256-iSJnKWc+LxGHUhb/wbFSMh7w6Oi9v4v5V+R+LI96X7w="; + sha256 = "sha256-TpmpueKAaCe7Nlmv8pMvgMXGVmXVa/1mBwtEoy4JyCY="; }; buildInputs = kernel.moduleBuildDependencies; diff --git a/pkgs/os-specific/linux/rtw88/default.nix b/pkgs/os-specific/linux/rtw88/default.nix index c3f849df118..529ee621892 100644 --- a/pkgs/os-specific/linux/rtw88/default.nix +++ b/pkgs/os-specific/linux/rtw88/default.nix @@ -14,7 +14,8 @@ stdenv.mkDerivation { hash = "sha256-PRzWXC1lre8gt1GfVdnaG836f5YK57P9a8tG20yef0w="; }; - makeFlags = [ "KSRC=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" ]; + nativeBuildInputs = kernel.moduleBuildDependencies; + makeFlags = kernel.makeFlags ++ [ "KSRC=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" ]; enableParallelBuilding = true; diff --git a/pkgs/os-specific/linux/rtw89/default.nix b/pkgs/os-specific/linux/rtw89/default.nix index 6b0f06c5bdc..6ff208fa6dd 100644 --- a/pkgs/os-specific/linux/rtw89/default.nix +++ b/pkgs/os-specific/linux/rtw89/default.nix @@ -14,7 +14,8 @@ stdenv.mkDerivation { sha256 = "0cvawyi1ksw9xkr8pzwipsl7b8hnmrb17w5cblyicwih8fqaw632"; }; - makeFlags = [ "KSRC=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" ]; + nativeBuildInputs = kernel.moduleBuildDependencies; + makeFlags = kernel.makeFlags ++ [ "KSRC=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" ]; enableParallelBuilding = true; diff --git a/pkgs/os-specific/linux/s6-linux-init/default.nix b/pkgs/os-specific/linux/s6-linux-init/default.nix index ab9843d07f1..199442b65da 100644 --- a/pkgs/os-specific/linux/s6-linux-init/default.nix +++ b/pkgs/os-specific/linux/s6-linux-init/default.nix @@ -4,8 +4,8 @@ with skawarePackages; buildPackage { pname = "s6-linux-init"; - version = "1.0.7.0"; - sha256 = "16bzijmzxi91ycayhpn398yjgag3c5pnlghs6sqdmzlf2fiirif5"; + version = "1.0.7.3"; + sha256 = "sha256-yQblfr/jANwXz7+5wlSvWZaHYt/RYr/gZLTOK9aVp3Y="; description = "A set of minimalistic tools used to create a s6-based init system, including a /sbin/init binary, on a Linux kernel"; platforms = lib.platforms.linux; diff --git a/pkgs/os-specific/linux/sasutils/default.nix b/pkgs/os-specific/linux/sasutils/default.nix new file mode 100644 index 00000000000..fd1a6f0b049 --- /dev/null +++ b/pkgs/os-specific/linux/sasutils/default.nix @@ -0,0 +1,28 @@ +{ lib, python3Packages, fetchFromGitHub, installShellFiles, sg3_utils }: + +python3Packages.buildPythonApplication rec { + pname = "sasutils"; + version = "0.3.12"; + + src = fetchFromGitHub { + owner = "stanford-rc"; + repo = pname; + rev = "v${version}"; + sha256 = "0kh5pcc2shdmrvqqi2y1zamzsfvk56pqgwqgqhjfz4r6yfpm04wl"; + }; + + nativeBuildInputs = [ installShellFiles ]; + + propagatedBuildInputs = [ sg3_utils ]; + + postInstall = '' + installManPage doc/man/man1/*.1 + ''; + + meta = with lib; { + homepage = "https://github.com/stanford-rc/sasutils"; + description = "A set of command-line tools to ease the administration of Serial Attached SCSI (SAS) fabrics"; + license = licenses.asl20; + maintainers = with maintainers; [ aij ]; + }; +} diff --git a/pkgs/os-specific/linux/sch_cake/default.nix b/pkgs/os-specific/linux/sch_cake/default.nix index facf690a9bd..f93713344ef 100644 --- a/pkgs/os-specific/linux/sch_cake/default.nix +++ b/pkgs/os-specific/linux/sch_cake/default.nix @@ -1,7 +1,5 @@ { stdenv, lib, fetchFromGitHub, kernel }: -assert lib.versionAtLeast kernel.version "4.4"; - stdenv.mkDerivation { pname = "sch_cake"; version = "unstable-2017-07-16"; @@ -31,6 +29,6 @@ stdenv.mkDerivation { license = with licenses; [ bsd3 gpl2 ]; maintainers = with maintainers; [ fpletz ]; platforms = platforms.linux; - broken = !lib.versionOlder kernel.version "4.13"; + broken = lib.versionAtLeast kernel.version "4.13"; }; } diff --git a/pkgs/os-specific/linux/sgx/psw/default.nix b/pkgs/os-specific/linux/sgx/psw/default.nix index b418d5c1822..f6564f1560c 100644 --- a/pkgs/os-specific/linux/sgx/psw/default.nix +++ b/pkgs/os-specific/linux/sgx/psw/default.nix @@ -135,7 +135,7 @@ stdenv.mkDerivation rec { mkdir $out/bin makeWrapper $out/aesm/aesm_service $out/bin/aesm_service \ --prefix LD_LIBRARY_PATH : ${lib.makeLibraryPath [ protobuf ]}:$out/aesm \ - --run "cd $out/aesm" + --chdir "$out/aesm" # Make sure we didn't forget to handle any files rmdir $sgxPswDir || (echo "Error: The directory $installDir still contains unhandled files: $(ls -A $installDir)" >&2 && exit 1) diff --git a/pkgs/os-specific/linux/sgx/samples/default.nix b/pkgs/os-specific/linux/sgx/samples/default.nix index f9c5ae45054..2afd62de75d 100644 --- a/pkgs/os-specific/linux/sgx/samples/default.nix +++ b/pkgs/os-specific/linux/sgx/samples/default.nix @@ -41,7 +41,7 @@ let install *.so $out/lib wrapProgram "$out/bin/app" \ - --run "cd $out/lib" \ + --chdir "$out/lib" \ ${lib.optionalString (!isSimulation) ''--prefix LD_LIBRARY_PATH : "${lib.makeLibraryPath [ sgx-psw ]}"''} @@ -76,7 +76,7 @@ in for bin in $out/bin/*; do wrapProgram $bin \ - --run "cd $out/lib" \ + --chdir "$out/lib" \ ${lib.optionalString (!isSimulation) ''--prefix LD_LIBRARY_PATH : "${lib.makeLibraryPath [ sgx-psw ]}"''} done diff --git a/pkgs/os-specific/linux/sgx/ssl/default.nix b/pkgs/os-specific/linux/sgx/ssl/default.nix index c54eda19d6a..6b83515ff13 100644 --- a/pkgs/os-specific/linux/sgx/ssl/default.nix +++ b/pkgs/os-specific/linux/sgx/ssl/default.nix @@ -14,12 +14,12 @@ let in stdenv.mkDerivation rec { pname = "sgx-ssl" + lib.optionalString debug "-debug"; - version = "lin_${sgxVersion}_${opensslVersion}"; + version = "${sgxVersion}_${opensslVersion}"; src = fetchFromGitHub { owner = "intel"; repo = "intel-sgx-ssl"; - rev = version; + rev = "lin_${sgxVersion}_${opensslVersion}"; hash = "sha256-ibPXs90ni2fkxJ09fNO6wWVpfCFdko6MjBFkEsyIih8="; }; diff --git a/pkgs/os-specific/linux/shadow/default.nix b/pkgs/os-specific/linux/shadow/default.nix index 2e4ae1649ea..5537f9f6aac 100644 --- a/pkgs/os-specific/linux/shadow/default.nix +++ b/pkgs/os-specific/linux/shadow/default.nix @@ -19,13 +19,13 @@ in stdenv.mkDerivation rec { pname = "shadow"; - version = "4.8.1"; + version = "4.11.1"; src = fetchFromGitHub { owner = "shadow-maint"; repo = "shadow"; - rev = version; - sha256 = "13407r6qwss00504qy740jghb2dzd561la7dhp47rg8w3g8jarpn"; + rev = "v${version}"; + sha256 = "sha256-PxLX5V0t18JftT5wT41krNv18Ew7Kz3MfZkOi/80ODA="; }; buildInputs = lib.optional (pam != null && stdenv.isLinux) pam; diff --git a/pkgs/os-specific/linux/smem/default.nix b/pkgs/os-specific/linux/smem/default.nix index b2636382aec..6308b83b600 100644 --- a/pkgs/os-specific/linux/smem/default.nix +++ b/pkgs/os-specific/linux/smem/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl, python2 }: +{ lib, stdenv, fetchurl, python3 }: stdenv.mkDerivation rec { pname = "smem"; @@ -9,7 +9,7 @@ stdenv.mkDerivation rec { sha256 = "19ibv1byxf2b68186ysrgrhy5shkc5mc69abark1h18yigp3j34m"; }; - buildInputs = [ python2 ]; + buildInputs = [ python3 ]; makeFlags = [ "smemcap" ]; diff --git a/pkgs/os-specific/linux/speedometer/default.nix b/pkgs/os-specific/linux/speedometer/default.nix deleted file mode 100644 index 2802fddf8ce..00000000000 --- a/pkgs/os-specific/linux/speedometer/default.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ lib, fetchurl, python2Packages }: - -python2Packages.buildPythonApplication rec { - pname = "speedometer"; - version = "2.8"; - - src = fetchurl { - url = "https://excess.org/speedometer/speedometer-${version}.tar.gz"; - sha256 = "060bikv3gwr203jbdmvawsfhc0yq0bg1m42dk8czx1nqvwvgv6fm"; - }; - - propagatedBuildInputs = [ python2Packages.urwid ]; - - postPatch = '' - sed -i "/'entry_points': {/d" setup.py - sed -i "/'console_scripts': \['speedometer = speedometer:console'\],},/d" setup.py - ''; - - meta = with lib; { - description = "Measure and display the rate of data across a network connection or data being stored in a file"; - homepage = "https://excess.org/speedometer/"; - license = licenses.lgpl21Plus; - platforms = platforms.linux; - maintainers = with maintainers; [ Baughn ]; - }; -} diff --git a/pkgs/os-specific/linux/sysstat/default.nix b/pkgs/os-specific/linux/sysstat/default.nix index 5389caaa33f..127c6fc9c03 100644 --- a/pkgs/os-specific/linux/sysstat/default.nix +++ b/pkgs/os-specific/linux/sysstat/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "sysstat"; - version = "12.4.4"; + version = "12.4.5"; src = fetchurl { url = "http://pagesperso-orange.fr/sebastien.godard/sysstat-${version}.tar.xz"; - sha256 = "sha256-lRLnR54E+S4lHFxrS9lLj2Q9ISvQ6Yao6k0Uem6UPSQ="; + sha256 = "sha256-70RazqMBu7mW5BCEL2KQqNBJ6ITUhoz+9+hdwEt+7ls="; }; buildInputs = [ gettext ]; diff --git a/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch b/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch index a87c59558e0..404b0d2ee6f 100644 --- a/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch +++ b/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch @@ -1,4 +1,4 @@ -From 93b2d29de784c68d1b4d70d7f214b19432aec6a8 Mon Sep 17 00:00:00 2001 +From 8622539fe2ce67934ed2e60626a2303ef8191e40 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Tue, 8 Jan 2013 15:46:30 +0100 Subject: [PATCH 01/19] Start device units for uninitialised encrypted devices @@ -28,5 +28,5 @@ index 25b8a590a6..d18999ea87 100644 SUBSYSTEM=="block", ENV{ID_PART_GPT_AUTO_ROOT}=="1", ENV{ID_FS_TYPE}!="crypto_LUKS", SYMLINK+="gpt-auto-root" SUBSYSTEM=="block", ENV{ID_PART_GPT_AUTO_ROOT}=="1", ENV{ID_FS_TYPE}=="crypto_LUKS", SYMLINK+="gpt-auto-root-luks" -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch b/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch index e9fedd239f4..d37ace3250c 100644 --- a/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch +++ b/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch @@ -1,4 +1,4 @@ -From 41edb381df0326e216b3c569d2cd5764591267d9 Mon Sep 17 00:00:00 2001 +From a845786195182c376b72a85433e278c35243676d Mon Sep 17 00:00:00 2001 From: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri, 12 Apr 2013 13:16:57 +0200 Subject: [PATCH 02/19] Don't try to unmount /nix or /nix/store @@ -25,10 +25,10 @@ index f683f05981..5a04c2c2a6 100644 "/etc")) return true; diff --git a/src/shutdown/umount.c b/src/shutdown/umount.c -index 1f945b7875..6df9d383ba 100644 +index f5a2cb20c1..51608d24c0 100644 --- a/src/shutdown/umount.c +++ b/src/shutdown/umount.c -@@ -508,6 +508,8 @@ static int delete_md(MountPoint *m) { +@@ -502,6 +502,8 @@ static int delete_md(MountPoint *m) { static bool nonunmountable_path(const char *path) { return path_equal(path, "/") @@ -38,5 +38,5 @@ index 1f945b7875..6df9d383ba 100644 || path_equal(path, "/usr") #endif -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch b/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch index 217629f7d6a..56c6238b81f 100644 --- a/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch +++ b/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch @@ -1,4 +1,4 @@ -From 43620479f6bfbbc4c3eed28947e0676c817acb7c Mon Sep 17 00:00:00 2001 +From d33f3461fa2202ef9b0d6cdf2137c510c59fb052 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Wed, 16 Apr 2014 10:59:28 +0200 Subject: [PATCH 03/19] Fix NixOS containers @@ -10,10 +10,10 @@ container, so checking early whether it exists will fail. 1 file changed, 2 insertions(+) diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c -index 575b9da447..438ca294db 100644 +index 8f17ab8810..197e5aa252 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c -@@ -5590,6 +5590,7 @@ static int run(int argc, char *argv[]) { +@@ -5625,6 +5625,7 @@ static int run(int argc, char *argv[]) { goto finish; } } else { @@ -21,7 +21,7 @@ index 575b9da447..438ca294db 100644 const char *p, *q; if (arg_pivot_root_new) -@@ -5604,6 +5605,7 @@ static int run(int argc, char *argv[]) { +@@ -5639,6 +5640,7 @@ static int run(int argc, char *argv[]) { r = -EINVAL; goto finish; } @@ -30,5 +30,5 @@ index 575b9da447..438ca294db 100644 } else { -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0004-Look-for-fsck-in-the-right-place.patch b/pkgs/os-specific/linux/systemd/0004-Look-for-fsck-in-the-right-place.patch index f7b768af515..36d0ee0cde2 100644 --- a/pkgs/os-specific/linux/systemd/0004-Look-for-fsck-in-the-right-place.patch +++ b/pkgs/os-specific/linux/systemd/0004-Look-for-fsck-in-the-right-place.patch @@ -1,4 +1,4 @@ -From a08ed6697974d7f7dabe60d42bbc9e31a10f7e23 Mon Sep 17 00:00:00 2001 +From 8fd5968163f3a1cb5f196d934756ba08ccaa5b1e Mon Sep 17 00:00:00 2001 From: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu, 1 May 2014 14:10:10 +0200 Subject: [PATCH 04/19] Look for fsck in the right place @@ -8,7 +8,7 @@ Subject: [PATCH 04/19] Look for fsck in the right place 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/fsck/fsck.c b/src/fsck/fsck.c -index cd7adfaeb9..68cebdd158 100644 +index 745d01ff50..dd4eef45c3 100644 --- a/src/fsck/fsck.c +++ b/src/fsck/fsck.c @@ -368,7 +368,7 @@ static int run(int argc, char *argv[]) { @@ -21,5 +21,5 @@ index cd7adfaeb9..68cebdd158 100644 cmdline[i++] = "-T"; -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch b/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch index 7ebf07d0a82..6acac84a9d2 100644 --- a/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch +++ b/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch @@ -1,4 +1,4 @@ -From ddcfae6de8c460903c5db8c536ffeb5771e976f8 Mon Sep 17 00:00:00 2001 +From 90d1a90d3147e9c8db5caec8befabda270e755d4 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri, 19 Dec 2014 14:46:17 +0100 Subject: [PATCH 05/19] Add some NixOS-specific unit directories @@ -14,10 +14,10 @@ Also, remove /usr and /lib as these don't exist on NixOS. 2 files changed, 6 insertions(+), 19 deletions(-) diff --git a/src/basic/path-lookup.c b/src/basic/path-lookup.c -index 05eb17d66c..1cd141d012 100644 +index 6fb8c40e7a..142ecdecec 100644 --- a/src/basic/path-lookup.c +++ b/src/basic/path-lookup.c -@@ -91,11 +91,7 @@ int xdg_user_data_dir(char **ret, const char *suffix) { +@@ -92,11 +92,7 @@ int xdg_user_data_dir(char **ret, const char *suffix) { } static const char* const user_data_unit_paths[] = { @@ -29,7 +29,7 @@ index 05eb17d66c..1cd141d012 100644 NULL }; -@@ -613,15 +609,13 @@ int lookup_paths_init( +@@ -614,15 +610,13 @@ int lookup_paths_init( persistent_config, SYSTEM_CONFIG_UNIT_DIR, "/etc/systemd/system", @@ -46,7 +46,7 @@ index 05eb17d66c..1cd141d012 100644 STRV_IFNOTNULL(generator_late)); break; -@@ -637,14 +631,11 @@ int lookup_paths_init( +@@ -638,14 +632,11 @@ int lookup_paths_init( persistent_config, USER_CONFIG_UNIT_DIR, "/etc/systemd/user", @@ -62,7 +62,7 @@ index 05eb17d66c..1cd141d012 100644 STRV_IFNOTNULL(generator_late)); break; -@@ -794,7 +785,6 @@ char **generator_binary_paths(UnitFileScope scope) { +@@ -795,7 +786,6 @@ char **generator_binary_paths(UnitFileScope scope) { case UNIT_FILE_SYSTEM: add = strv_new("/run/systemd/system-generators", "/etc/systemd/system-generators", @@ -70,7 +70,7 @@ index 05eb17d66c..1cd141d012 100644 SYSTEM_GENERATOR_DIR); break; -@@ -802,7 +792,6 @@ char **generator_binary_paths(UnitFileScope scope) { +@@ -803,7 +793,6 @@ char **generator_binary_paths(UnitFileScope scope) { case UNIT_FILE_USER: add = strv_new("/run/systemd/user-generators", "/etc/systemd/user-generators", @@ -78,7 +78,7 @@ index 05eb17d66c..1cd141d012 100644 USER_GENERATOR_DIR); break; -@@ -841,12 +830,10 @@ char **env_generator_binary_paths(bool is_system) { +@@ -842,12 +831,10 @@ char **env_generator_binary_paths(bool is_system) { if (is_system) add = strv_new("/run/systemd/system-environment-generators", "/etc/systemd/system-environment-generators", @@ -122,5 +122,5 @@ index fc0f8c34fa..162432e77f 100644 systemd_sleep_dir=${root_prefix}/lib/systemd/system-sleep -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0006-Get-rid-of-a-useless-message-in-user-sessions.patch b/pkgs/os-specific/linux/systemd/0006-Get-rid-of-a-useless-message-in-user-sessions.patch index 0c09107c5ef..438d841bb1c 100644 --- a/pkgs/os-specific/linux/systemd/0006-Get-rid-of-a-useless-message-in-user-sessions.patch +++ b/pkgs/os-specific/linux/systemd/0006-Get-rid-of-a-useless-message-in-user-sessions.patch @@ -1,4 +1,4 @@ -From b39b8871bcaa07280d6b0cf2226b1a3be31232b8 Mon Sep 17 00:00:00 2001 +From 213279752124dc4a57a4189df9b5b2e96feaa0b3 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Mon, 11 May 2015 15:39:38 +0200 Subject: [PATCH 06/19] Get rid of a useless message in user sessions @@ -13,10 +13,10 @@ in containers. 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/core/manager.c b/src/core/manager.c -index 34891a8754..b9b4789720 100644 +index 9368a1dfa1..5b0bdb1bc7 100644 --- a/src/core/manager.c +++ b/src/core/manager.c -@@ -1375,7 +1375,8 @@ static unsigned manager_dispatch_stop_when_bound_queue(Manager *m) { +@@ -1408,7 +1408,8 @@ static unsigned manager_dispatch_stop_when_bound_queue(Manager *m) { if (!unit_is_bound_by_inactive(u, &culprit)) continue; @@ -27,5 +27,5 @@ index 34891a8754..b9b4789720 100644 /* If stopping a unit fails continuously we might enter a stop loop here, hence stop acting on the * service being unnecessary after a while. */ -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0007-hostnamed-localed-timedated-disable-methods-that-cha.patch b/pkgs/os-specific/linux/systemd/0007-hostnamed-localed-timedated-disable-methods-that-cha.patch index d7649b5e44a..a93488afbf9 100644 --- a/pkgs/os-specific/linux/systemd/0007-hostnamed-localed-timedated-disable-methods-that-cha.patch +++ b/pkgs/os-specific/linux/systemd/0007-hostnamed-localed-timedated-disable-methods-that-cha.patch @@ -1,4 +1,4 @@ -From 566208aea81057789218b959f4d0e898eec54fc9 Mon Sep 17 00:00:00 2001 +From 14474d5e116609ce4fac60d779b08fa3eab840c3 Mon Sep 17 00:00:00 2001 From: Gabriel Ebner <gebner@gebner.org> Date: Sun, 6 Dec 2015 14:26:36 +0100 Subject: [PATCH 07/19] hostnamed, localed, timedated: disable methods that @@ -11,10 +11,10 @@ Subject: [PATCH 07/19] hostnamed, localed, timedated: disable methods that 3 files changed, 25 insertions(+) diff --git a/src/hostname/hostnamed.c b/src/hostname/hostnamed.c -index 36702f2fb0..669257ea2f 100644 +index b20a93ad81..6292fca4fc 100644 --- a/src/hostname/hostnamed.c +++ b/src/hostname/hostnamed.c -@@ -797,6 +797,9 @@ static int method_set_static_hostname(sd_bus_message *m, void *userdata, sd_bus_ +@@ -813,6 +813,9 @@ static int method_set_static_hostname(sd_bus_message *m, void *userdata, sd_bus_ if (r < 0) return r; @@ -24,7 +24,7 @@ index 36702f2fb0..669257ea2f 100644 name = empty_to_null(name); context_read_etc_hostname(c); -@@ -860,6 +863,9 @@ static int set_machine_info(Context *c, sd_bus_message *m, int prop, sd_bus_mess +@@ -876,6 +879,9 @@ static int set_machine_info(Context *c, sd_bus_message *m, int prop, sd_bus_mess if (r < 0) return r; @@ -104,5 +104,5 @@ index 66b454269d..0a8fe25d0f 100644 if (r < 0) return r; -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0008-Fix-hwdb-paths.patch b/pkgs/os-specific/linux/systemd/0008-Fix-hwdb-paths.patch index f938b553c9f..e1bc44a148e 100644 --- a/pkgs/os-specific/linux/systemd/0008-Fix-hwdb-paths.patch +++ b/pkgs/os-specific/linux/systemd/0008-Fix-hwdb-paths.patch @@ -1,4 +1,4 @@ -From 3b9983969de2a86929768f6362ed41c20dd13bd3 Mon Sep 17 00:00:00 2001 +From d668df39728c992ec0c691ef6e76664e7121f5bd Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov <ab@fmap.me> Date: Thu, 7 Jul 2016 02:47:13 +0300 Subject: [PATCH 08/19] Fix hwdb paths @@ -24,5 +24,5 @@ index 5ddc2211e6..ee621eec46 100644 + "/etc/udev/hwdb.bin\0" + -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0009-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch b/pkgs/os-specific/linux/systemd/0009-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch index 87cf1afc7d2..68d40980ab1 100644 --- a/pkgs/os-specific/linux/systemd/0009-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch +++ b/pkgs/os-specific/linux/systemd/0009-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch @@ -1,4 +1,4 @@ -From b5966b6abb9696798618367cab33d1fed317734f Mon Sep 17 00:00:00 2001 +From dd59ce5f1bbdafb0b92f8aeacc68b000ec347a61 Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov <ab@fmap.me> Date: Tue, 11 Oct 2016 13:12:08 +0300 Subject: [PATCH 09/19] Change /usr/share/zoneinfo to /etc/zoneinfo @@ -35,10 +35,10 @@ index e486474c44..5f373d0723 100644 <literal>Etc/UTC</literal>. The resulting link should lead to the corresponding binary diff --git a/src/basic/time-util.c b/src/basic/time-util.c -index 5d162e8ffe..1bec83e555 100644 +index b659d6905d..660b1c6fed 100644 --- a/src/basic/time-util.c +++ b/src/basic/time-util.c -@@ -1269,7 +1269,7 @@ static int get_timezones_from_zone1970_tab(char ***ret) { +@@ -1267,7 +1267,7 @@ static int get_timezones_from_zone1970_tab(char ***ret) { assert(ret); @@ -47,7 +47,7 @@ index 5d162e8ffe..1bec83e555 100644 if (!f) return -errno; -@@ -1308,7 +1308,7 @@ static int get_timezones_from_tzdata_zi(char ***ret) { +@@ -1306,7 +1306,7 @@ static int get_timezones_from_tzdata_zi(char ***ret) { _cleanup_strv_free_ char **zones = NULL; int r; @@ -56,7 +56,7 @@ index 5d162e8ffe..1bec83e555 100644 if (!f) return -errno; -@@ -1421,7 +1421,7 @@ int verify_timezone(const char *name, int log_level) { +@@ -1419,7 +1419,7 @@ int verify_timezone(const char *name, int log_level) { if (p - name >= PATH_MAX) return -ENAMETOOLONG; @@ -65,7 +65,7 @@ index 5d162e8ffe..1bec83e555 100644 fd = open(t, O_RDONLY|O_CLOEXEC); if (fd < 0) -@@ -1512,7 +1512,7 @@ int get_timezone(char **ret) { +@@ -1510,7 +1510,7 @@ int get_timezone(char **ret) { if (r < 0) return r; /* returns EINVAL if not a symlink */ @@ -75,10 +75,10 @@ index 5d162e8ffe..1bec83e555 100644 return -EINVAL; diff --git a/src/firstboot/firstboot.c b/src/firstboot/firstboot.c -index 2cb4f80d5d..ebeaeac52f 100644 +index d28a416e5d..c7c215731d 100644 --- a/src/firstboot/firstboot.c +++ b/src/firstboot/firstboot.c -@@ -491,7 +491,7 @@ static int process_timezone(void) { +@@ -494,7 +494,7 @@ static int process_timezone(void) { if (isempty(arg_timezone)) return 0; @@ -88,10 +88,10 @@ index 2cb4f80d5d..ebeaeac52f 100644 (void) mkdir_parents(etc_localtime, 0755); if (symlink(e, etc_localtime) < 0) diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c -index 438ca294db..98bd110d92 100644 +index 197e5aa252..c674fa61d5 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c -@@ -1887,8 +1887,8 @@ int userns_mkdir(const char *root, const char *path, mode_t mode, uid_t uid, gid +@@ -1899,8 +1899,8 @@ int userns_mkdir(const char *root, const char *path, mode_t mode, uid_t uid, gid static const char *timezone_from_path(const char *path) { return PATH_STARTSWITH_SET( path, @@ -137,5 +137,5 @@ index 0a8fe25d0f..2f02b9a520 100644 return -ENOMEM; -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0010-localectl-use-etc-X11-xkb-for-list-x11.patch b/pkgs/os-specific/linux/systemd/0010-localectl-use-etc-X11-xkb-for-list-x11.patch index 6e36bbdc340..f2514de6c66 100644 --- a/pkgs/os-specific/linux/systemd/0010-localectl-use-etc-X11-xkb-for-list-x11.patch +++ b/pkgs/os-specific/linux/systemd/0010-localectl-use-etc-X11-xkb-for-list-x11.patch @@ -1,4 +1,4 @@ -From f4e9304560ad42eeb8d42be583cc55eb2e5b4bb1 Mon Sep 17 00:00:00 2001 +From a93da270bed88972f4d60a1fa08f24e00712d7fb Mon Sep 17 00:00:00 2001 From: Imuli <i@imu.li> Date: Wed, 19 Oct 2016 08:46:47 -0400 Subject: [PATCH 10/19] localectl: use /etc/X11/xkb for list-x11-* @@ -10,10 +10,10 @@ NixOS has an option to link the xkb data files to /etc/X11, but not to 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/locale/localectl.c b/src/locale/localectl.c -index 548ac8eb2c..5e372f1566 100644 +index b5624209dc..4ab7adfdb6 100644 --- a/src/locale/localectl.c +++ b/src/locale/localectl.c -@@ -280,7 +280,7 @@ static int list_x11_keymaps(int argc, char **argv, void *userdata) { +@@ -279,7 +279,7 @@ static int list_x11_keymaps(int argc, char **argv, void *userdata) { } state = NONE, look_for; int r; @@ -23,5 +23,5 @@ index 548ac8eb2c..5e372f1566 100644 return log_error_errno(errno, "Failed to open keyboard mapping list. %m"); -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0011-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch b/pkgs/os-specific/linux/systemd/0011-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch index 5aa22d98895..c21a1bda412 100644 --- a/pkgs/os-specific/linux/systemd/0011-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch +++ b/pkgs/os-specific/linux/systemd/0011-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch @@ -1,4 +1,4 @@ -From 43a363f30b6012d600cfb62a3851c4ac7af4d1d5 Mon Sep 17 00:00:00 2001 +From 3bc3462165cd72de93a1c71f03e6c4150726b159 Mon Sep 17 00:00:00 2001 From: Franz Pletz <fpletz@fnordicwalking.de> Date: Sun, 11 Feb 2018 04:37:44 +0100 Subject: [PATCH 11/19] build: don't create statedir and don't touch prefixdir @@ -8,12 +8,12 @@ Subject: [PATCH 11/19] build: don't create statedir and don't touch prefixdir 1 file changed, 3 deletions(-) diff --git a/meson.build b/meson.build -index 5bdfd9753d..5bf6afc7b7 100644 +index c0cbadecb1..8266bf57de 100644 --- a/meson.build +++ b/meson.build -@@ -3539,9 +3539,6 @@ install_data('LICENSE.GPL2', - 'docs/GVARIANT-SERIALIZATION.md', - install_dir : docdir) +@@ -3729,9 +3729,6 @@ install_data('LICENSE.GPL2', + install_subdir('LICENSES', + install_dir : docdir) -meson.add_install_script('sh', '-c', mkdir_p.format(systemdstatedir)) -meson.add_install_script('sh', '-c', 'touch $DESTDIR@0@'.format(prefixdir)) @@ -22,5 +22,5 @@ index 5bdfd9753d..5bf6afc7b7 100644 # Ensure that changes to the docs/ directory do not break the -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0012-inherit-systemd-environment-when-calling-generators.patch b/pkgs/os-specific/linux/systemd/0012-inherit-systemd-environment-when-calling-generators.patch index a2bdfcf8ec3..5f27e417523 100644 --- a/pkgs/os-specific/linux/systemd/0012-inherit-systemd-environment-when-calling-generators.patch +++ b/pkgs/os-specific/linux/systemd/0012-inherit-systemd-environment-when-calling-generators.patch @@ -1,4 +1,4 @@ -From 7ea935a5ac4f31106ce9347227d4eb59b77b02cd Mon Sep 17 00:00:00 2001 +From 85f0ad0cb7b4f0cfd482c9611f9cbc2dacbba33a Mon Sep 17 00:00:00 2001 From: Andreas Rammhold <andreas@rammhold.de> Date: Fri, 2 Nov 2018 21:15:42 +0100 Subject: [PATCH 12/19] inherit systemd environment when calling generators. @@ -16,10 +16,10 @@ executables that are being called from managers. 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/src/core/manager.c b/src/core/manager.c -index b9b4789720..79239afe4a 100644 +index 5b0bdb1bc7..1538a5200a 100644 --- a/src/core/manager.c +++ b/src/core/manager.c -@@ -4149,10 +4149,15 @@ static int manager_run_generators(Manager *m) { +@@ -3653,10 +3653,15 @@ static int manager_run_generators(Manager *m) { argv[4] = NULL; RUN_WITH_UMASK(0022) @@ -40,5 +40,5 @@ index b9b4789720..79239afe4a 100644 finish: -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0013-add-rootprefix-to-lookup-dir-paths.patch b/pkgs/os-specific/linux/systemd/0013-add-rootprefix-to-lookup-dir-paths.patch index 20372a5dbad..d008cf2821c 100644 --- a/pkgs/os-specific/linux/systemd/0013-add-rootprefix-to-lookup-dir-paths.patch +++ b/pkgs/os-specific/linux/systemd/0013-add-rootprefix-to-lookup-dir-paths.patch @@ -1,4 +1,4 @@ -From eb93778af78a127e8e20d6ed7fd9f91fd22dc7c9 Mon Sep 17 00:00:00 2001 +From b30d2273d3ce1480b0c4c27c25211f84e04172e9 Mon Sep 17 00:00:00 2001 From: Andreas Rammhold <andreas@rammhold.de> Date: Thu, 9 May 2019 11:15:22 +0200 Subject: [PATCH 13/19] add rootprefix to lookup dir paths @@ -12,7 +12,7 @@ files that I might have missed. 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/basic/def.h b/src/basic/def.h -index 2e60abb4f1..732ec51d36 100644 +index eccee3d3fa..e94a2c8bd0 100644 --- a/src/basic/def.h +++ b/src/basic/def.h @@ -39,13 +39,15 @@ @@ -34,5 +34,5 @@ index 2e60abb4f1..732ec51d36 100644 #define CONF_PATHS(n) \ CONF_PATHS_USR(n) \ -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0014-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch b/pkgs/os-specific/linux/systemd/0014-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch index a22566eb4cc..49c6651c0ed 100644 --- a/pkgs/os-specific/linux/systemd/0014-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch +++ b/pkgs/os-specific/linux/systemd/0014-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch @@ -1,4 +1,4 @@ -From 1d623def80a3532ac1445499c9d4673e21ae8195 Mon Sep 17 00:00:00 2001 +From 76da27ff77e5db07e502d4d8d26286d69c3f0319 Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov <ab@fmap.me> Date: Thu, 25 Jul 2019 20:45:55 +0300 Subject: [PATCH 14/19] systemd-shutdown: execute scripts in @@ -10,12 +10,12 @@ This is needed for NixOS to use such scripts as systemd directory is immutable. 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/shutdown/shutdown.c b/src/shutdown/shutdown.c -index a98cfc4d8a..b0b34edda7 100644 +index 7ad9930677..fdb03a2e1a 100644 --- a/src/shutdown/shutdown.c +++ b/src/shutdown/shutdown.c -@@ -312,7 +312,7 @@ int main(int argc, char *argv[]) { +@@ -335,7 +335,7 @@ int main(int argc, char *argv[]) { _cleanup_free_ char *cgroup = NULL; - char *arguments[3], *watchdog_device; + char *arguments[3]; int cmd, r, umount_log_level = LOG_INFO; - static const char* const dirs[] = {SYSTEM_SHUTDOWN_PATH, NULL}; + static const char* const dirs[] = {SYSTEM_SHUTDOWN_PATH, "/etc/systemd/system-shutdown", NULL}; @@ -23,5 +23,5 @@ index a98cfc4d8a..b0b34edda7 100644 /* The log target defaults to console, but the original systemd process will pass its log target in through a * command line argument, which will override this default. Also, ensure we'll never log to the journal or -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0015-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch b/pkgs/os-specific/linux/systemd/0015-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch index 1a21d1005ee..78d77c00582 100644 --- a/pkgs/os-specific/linux/systemd/0015-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch +++ b/pkgs/os-specific/linux/systemd/0015-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch @@ -1,4 +1,4 @@ -From 5a96c4a98be971d84a12ae04e42bc3cb889d5191 Mon Sep 17 00:00:00 2001 +From 47c651f97acae814d4ff679ae04d78d4532cbca6 Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov <ab@fmap.me> Date: Thu, 25 Jul 2019 20:46:58 +0300 Subject: [PATCH 15/19] systemd-sleep: execute scripts in @@ -10,7 +10,7 @@ This is needed for NixOS to use such scripts as systemd directory is immutable. 1 file changed, 1 insertion(+) diff --git a/src/sleep/sleep.c b/src/sleep/sleep.c -index a3aeb24633..0ed6a34d79 100644 +index 7064f3a905..b60ced9d9b 100644 --- a/src/sleep/sleep.c +++ b/src/sleep/sleep.c @@ -182,6 +182,7 @@ static int execute( @@ -22,5 +22,5 @@ index a3aeb24633..0ed6a34d79 100644 }; -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0016-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch b/pkgs/os-specific/linux/systemd/0016-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch index 12624cb5548..3c1643e0f1a 100644 --- a/pkgs/os-specific/linux/systemd/0016-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch +++ b/pkgs/os-specific/linux/systemd/0016-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch @@ -1,32 +1,27 @@ -From 775a2a8940c07f4af33a2a11bfa17e0257b427cb Mon Sep 17 00:00:00 2001 +From df0fec7ac2f33bcca60ba9a2396af33397ba42cc Mon Sep 17 00:00:00 2001 From: Florian Klink <flokli@flokli.de> Date: Sat, 7 Mar 2020 22:40:27 +0100 Subject: [PATCH 16/19] kmod-static-nodes.service: Update ConditionFileNotEmpty -kmod loads modules from not only /lib/modules but also from -/run/booted-system/kernel-modules/lib/modules and -/run/current-system/kernel-modules/lib/module - -Co-authored-by: Arian van Putten <arian.vanputten@gmail.com> +On NixOS, kernel modules of the currently booted systems are located at +/run/booted-system/kernel-modules/lib/modules/%v/, not /lib/modules/%v/. --- - units/kmod-static-nodes.service.in | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) + units/kmod-static-nodes.service.in | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/units/kmod-static-nodes.service.in b/units/kmod-static-nodes.service.in -index 777e82d16b..9a5e05a1cc 100644 +index 777e82d16b..b6abc2bba0 100644 --- a/units/kmod-static-nodes.service.in +++ b/units/kmod-static-nodes.service.in -@@ -12,7 +12,9 @@ Description=Create List of Static Device Nodes +@@ -12,7 +12,7 @@ Description=Create List of Static Device Nodes DefaultDependencies=no Before=sysinit.target systemd-tmpfiles-setup-dev.service ConditionCapability=CAP_SYS_MODULE -ConditionFileNotEmpty=/lib/modules/%v/modules.devname -+ConditionFileNotEmpty=|/lib/modules/%v/modules.devname -+ConditionFileNotEmpty=|/run/booted-system/kernel-modules/lib/modules/%v/modules.devname -+ConditionFileNotEmpty=|/run/current-system/kernel-modules/lib/modules/%v/modules.devname ++ConditionFileNotEmpty=/run/booted-system/kernel-modules/lib/modules/%v/modules.devname [Service] Type=oneshot -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0017-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch b/pkgs/os-specific/linux/systemd/0017-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch index 52b74284fe2..882690ad914 100644 --- a/pkgs/os-specific/linux/systemd/0017-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch +++ b/pkgs/os-specific/linux/systemd/0017-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch @@ -1,4 +1,4 @@ -From 6ddb2011b379f3232374327517af874b68c434b5 Mon Sep 17 00:00:00 2001 +From f21722ac0f51b0b59a5c030af3db5fe4e6397f7c Mon Sep 17 00:00:00 2001 From: Florian Klink <flokli@flokli.de> Date: Sun, 8 Mar 2020 01:05:54 +0100 Subject: [PATCH 17/19] path-util.h: add placeholder for DEFAULT_PATH_NORMAL @@ -10,7 +10,7 @@ systemd itself uses extensively. 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/basic/path-util.h b/src/basic/path-util.h -index 26e7362d1f..a8f8a863ec 100644 +index 518f3340bf..18e826ea0b 100644 --- a/src/basic/path-util.h +++ b/src/basic/path-util.h @@ -24,11 +24,11 @@ @@ -29,5 +29,5 @@ index 26e7362d1f..a8f8a863ec 100644 #if HAVE_SPLIT_USR # define DEFAULT_PATH DEFAULT_PATH_SPLIT_USR -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0018-pkg-config-derive-prefix-from-prefix.patch b/pkgs/os-specific/linux/systemd/0018-pkg-config-derive-prefix-from-prefix.patch index 58eb7f96e64..e602bef9c3d 100644 --- a/pkgs/os-specific/linux/systemd/0018-pkg-config-derive-prefix-from-prefix.patch +++ b/pkgs/os-specific/linux/systemd/0018-pkg-config-derive-prefix-from-prefix.patch @@ -1,4 +1,4 @@ -From 50f2ada6cbfafa75b628410e8834f29581854e6f Mon Sep 17 00:00:00 2001 +From 968bd0c7bc058a4b05b6457f9ff20d02b70c9852 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io> Date: Sun, 6 Dec 2020 08:34:19 +0100 Subject: [PATCH 18/19] pkg-config: derive prefix from --prefix @@ -29,5 +29,5 @@ index 162432e77f..2fc20daf03 100644 rootprefix=${root_prefix} sysconf_dir={{SYSCONF_DIR}} -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0019-core-handle-lookup-paths-being-symlinks.patch b/pkgs/os-specific/linux/systemd/0019-core-handle-lookup-paths-being-symlinks.patch index 54e5c32aeb4..916f95e194a 100644 --- a/pkgs/os-specific/linux/systemd/0019-core-handle-lookup-paths-being-symlinks.patch +++ b/pkgs/os-specific/linux/systemd/0019-core-handle-lookup-paths-being-symlinks.patch @@ -1,4 +1,4 @@ -From 2ab388cf0be320879e668a6206cb15d002b55f98 Mon Sep 17 00:00:00 2001 +From 169fc6f270ff3e3903a7a31550c964152f9751ec Mon Sep 17 00:00:00 2001 From: Andreas Rammhold <andreas@rammhold.de> Date: Wed, 18 Aug 2021 19:10:08 +0200 Subject: [PATCH 19/19] core: handle lookup paths being symlinks @@ -15,10 +15,10 @@ directory itself is already a symlink. 1 file changed, 31 insertions(+), 2 deletions(-) diff --git a/src/basic/unit-file.c b/src/basic/unit-file.c -index 0d58b1c4fe..7314f1245f 100644 +index 30c632dfce..6179100126 100644 --- a/src/basic/unit-file.c +++ b/src/basic/unit-file.c -@@ -254,6 +254,7 @@ int unit_file_build_name_map( +@@ -255,6 +255,7 @@ int unit_file_build_name_map( _cleanup_hashmap_free_ Hashmap *ids = NULL, *names = NULL; _cleanup_set_free_free_ Set *paths = NULL; @@ -26,7 +26,7 @@ index 0d58b1c4fe..7314f1245f 100644 uint64_t timestamp_hash; char **dir; int r; -@@ -273,6 +274,34 @@ int unit_file_build_name_map( +@@ -274,6 +275,34 @@ int unit_file_build_name_map( return log_oom(); } @@ -59,9 +59,9 @@ index 0d58b1c4fe..7314f1245f 100644 + } + STRV_FOREACH(dir, (char**) lp->search_path) { - struct dirent *de; _cleanup_closedir_ DIR *d = NULL; -@@ -351,11 +380,11 @@ int unit_file_build_name_map( + +@@ -386,11 +415,11 @@ int unit_file_build_name_map( continue; } @@ -76,5 +76,5 @@ index 0d58b1c4fe..7314f1245f 100644 log_debug("%s: linked unit file: %s → %s", __func__, filename, simplified); -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index 3a3a419093b..e130abbf27f 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -15,6 +15,8 @@ , gperf , getent , glibcLocales + + # glib is only used during tests (test-bus-gvariant, test-bus-marshal) , glib , substituteAll , gettext @@ -29,7 +31,6 @@ # Optional dependencies , pam , cryptsetup -, lvm2 , audit , acl , lz4 @@ -61,8 +62,10 @@ , kexec-tools , bashInteractive , libmicrohttpd +, libfido2 +, p11-kit - # the (optional) BPF feature requires bpftool, libbpf, clang and llmv-strip to be avilable during build time. + # the (optional) BPF feature requires bpftool, libbpf, clang and llvm-strip to be available during build time. # Only libbpf should be a runtime dependency. , bpftools , libbpf @@ -97,8 +100,8 @@ , withTimesyncd ? true , withTpm2Tss ? !stdenv.hostPlatform.isMusl , withUserDb ? !stdenv.hostPlatform.isMusl -, libfido2 -, p11-kit + # tests assume too much system access for them to be feasible for us right now +, withTests ? false # name argument , pname ? "systemd" @@ -123,7 +126,14 @@ assert withHomed -> withCryptsetup; assert withCryptsetup -> (cryptsetup != null); let wantCurl = withRemote || withImportd; - version = "249.7"; + wantGcrypt = withResolved || withImportd; + version = "250.4"; + + # Bump this variable on every (major) version change. See below (in the meson options list) for why. + # command: + # $ curl -s https://api.github.com/repos/systemd/systemd/releases/latest | \ + # jq '.created_at|strptime("%Y-%m-%dT%H:%M:%SZ")|mktime' + releaseTimestamp = "1640290180"; in stdenv.mkDerivation { inherit pname version; @@ -134,12 +144,12 @@ stdenv.mkDerivation { owner = "systemd"; repo = "systemd-stable"; rev = "v${version}"; - sha256 = "sha256-y33/BvvI+JyhsvuT1Cbm6J2Z72j71oXgLw6X9NwCMPE="; + sha256 = "sha256-AdzPh7dGVrGbbjL9+PqytQOpRzNDUUEftmKZAbFH3L4="; }; - # If these need to be regenerated, `git am path/to/00*.patch` them into a - # systemd worktree, rebase to the more recent systemd version, and export the - # patches again via `git -c format.signoff=false format-patch v${version}`. + # On major changes, or when otherwise required, you *must* reformat the patches, + # `git am path/to/00*.patch` them into a systemd worktree, rebase to the more recent + # systemd version, and export the patches again via `git -c format.signoff=false format-patch v${version}`. # Use `find . -name "*.patch" | sort` to get an up-to-date listing of all patches patches = [ ./0001-Start-device-units-for-uninitialised-encrypted-devic.patch @@ -166,42 +176,44 @@ stdenv.mkDerivation { # systemd. With the below patch we mitigate that effect by special casing # all our root unit dirs if they are symlinks. This does exactly what we # need (AFAICT). - # See https://github.com/systemd/systemd/pull/20479 for upsteam discussion. + # See https://github.com/systemd/systemd/pull/20479 for upstream discussion. ./0019-core-handle-lookup-paths-being-symlinks.patch - ] ++ lib.optional stdenv.hostPlatform.isMusl (let - oe-core = fetchzip { - url = "https://git.openembedded.org/openembedded-core/snapshot/openembedded-core-14c6e5a4b72d0e4665279158a0740dd1dc21f72f.tar.bz2"; - sha256 = "1jixya4czkr5p5rdcw3d6ips8zzr82dvnanvzvgjh67730scflya"; - }; - musl-patches = oe-core + "/meta/recipes-core/systemd/systemd"; - in [ - (musl-patches + "/0002-don-t-use-glibc-specific-qsort_r.patch") - (musl-patches + "/0003-missing_type.h-add-__compare_fn_t-and-comparison_fn_.patch") - (musl-patches + "/0004-add-fallback-parse_printf_format-implementation.patch") - (musl-patches + "/0005-src-basic-missing.h-check-for-missing-strndupa.patch") - (musl-patches + "/0006-Include-netinet-if_ether.h.patch") - (musl-patches + "/0007-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch") - (musl-patches + "/0008-add-missing-FTW_-macros-for-musl.patch") - (musl-patches + "/0009-fix-missing-of-__register_atfork-for-non-glibc-build.patch") - (musl-patches + "/0010-Use-uintmax_t-for-handling-rlim_t.patch") - (musl-patches + "/0011-test-sizeof.c-Disable-tests-for-missing-typedefs-in-.patch") - (musl-patches + "/0012-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch") - (musl-patches + "/0013-Define-glibc-compatible-basename-for-non-glibc-syste.patch") - (musl-patches + "/0014-Do-not-disable-buffering-when-writing-to-oom_score_a.patch") - (musl-patches + "/0015-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch") - (musl-patches + "/0016-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch") - (musl-patches + "/0017-missing_type.h-add-__compar_d_fn_t-definition.patch") - (musl-patches + "/0018-avoid-redefinition-of-prctl_mm_map-structure.patch") - (musl-patches + "/0019-Handle-missing-LOCK_EX.patch") - (musl-patches + "/0021-test-json.c-define-M_PIl.patch") - (musl-patches + "/0022-do-not-disable-buffer-in-writing-files.patch") - (musl-patches + "/0025-Handle-__cpu_mask-usage.patch") - (musl-patches + "/0026-Handle-missing-gshadow.patch") - (musl-patches + "/0028-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch") - - # Being discussed upstream: https://lists.openembedded.org/g/openembedded-core/topic/86411771#157056 - ./musl.diff - ]); + ] ++ lib.optional stdenv.hostPlatform.isMusl ( + let + oe-core = fetchzip { + url = "https://git.openembedded.org/openembedded-core/snapshot/openembedded-core-7e35a575ef09a85e625a81e0b4d80b020e3e3a92.tar.bz2"; + sha256 = "0dvz4685nk0y7nnq3sr2q8ab3wfx0bi8ilwcgn0h6kagwcnav2n8"; + }; + musl-patches = oe-core + "/meta/recipes-core/systemd/systemd"; + in + [ + (musl-patches + "/0002-don-t-use-glibc-specific-qsort_r.patch") + (musl-patches + "/0003-missing_type.h-add-__compare_fn_t-and-comparison_fn_.patch") + (musl-patches + "/0004-add-fallback-parse_printf_format-implementation.patch") + (musl-patches + "/0005-src-basic-missing.h-check-for-missing-strndupa.patch") + (musl-patches + "/0007-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch") + (musl-patches + "/0008-add-missing-FTW_-macros-for-musl.patch") + (musl-patches + "/0009-fix-missing-of-__register_atfork-for-non-glibc-build.patch") + (musl-patches + "/0010-Use-uintmax_t-for-handling-rlim_t.patch") + (musl-patches + "/0011-test-sizeof.c-Disable-tests-for-missing-typedefs-in-.patch") + (musl-patches + "/0012-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch") + (musl-patches + "/0013-Define-glibc-compatible-basename-for-non-glibc-syste.patch") + (musl-patches + "/0014-Do-not-disable-buffering-when-writing-to-oom_score_a.patch") + (musl-patches + "/0015-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch") + (musl-patches + "/0016-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch") + (musl-patches + "/0017-missing_type.h-add-__compar_d_fn_t-definition.patch") + (musl-patches + "/0018-avoid-redefinition-of-prctl_mm_map-structure.patch") + (musl-patches + "/0019-Handle-missing-LOCK_EX.patch") + (musl-patches + "/0021-test-json.c-define-M_PIl.patch") + (musl-patches + "/0022-do-not-disable-buffer-in-writing-files.patch") + (musl-patches + "/0025-Handle-__cpu_mask-usage.patch") + (musl-patches + "/0026-Handle-missing-gshadow.patch") + (musl-patches + "/0028-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch") + (musl-patches + "/0001-pass-correct-parameters-to-getdents64.patch") + (musl-patches + "/0002-Add-sys-stat.h-for-S_IFDIR.patch") + (musl-patches + "/0001-Adjust-for-musl-headers.patch") + ] + ); postPatch = '' substituteInPlace src/basic/path-util.h --replace "@defaultPathNormal@" "${placeholder "out"}/bin/" @@ -211,7 +223,7 @@ stdenv.mkDerivation { "find_program('${stdenv.cc.bintools.targetPrefix}objcopy'" '' + ( let - # The folllowing patches references to dynamic libraries to ensure that + # The following patches references to dynamic libraries to ensure that # all the features that are implemented via dlopen(3) are available (or # explicitly deactivated) by pointing dlopen to the absolute store path # instead of relying on the linkers runtime lookup code. @@ -267,7 +279,7 @@ stdenv.mkDerivation { { name = "libidn.so.12"; pkg = null; } { name = "libidn.so.11"; pkg = null; } - # journalctl --grep requires libpcre so lets provide it + # journalctl --grep requires libpcre so let's provide it { name = "libpcre2-8.so.0"; pkg = pcre2; } # Support for TPM2 in systemd-cryptsetup, systemd-repart and systemd-cryptenroll @@ -276,6 +288,10 @@ stdenv.mkDerivation { { name = "libtss2-mu.so.0"; pkg = opt withTpm2Tss tpm2-tss; } { name = "libtss2-tcti-"; pkg = opt withTpm2Tss tpm2-tss; } { name = "libfido2.so.1"; pkg = opt withFido2 libfido2; } + + # inspect-elf support + { name = "libelf.so.1"; pkg = opt withCoredump elfutils; } + { name = "libdw.so.1"; pkg = opt withCoredump elfutils; } ]; patchDlOpen = dl: @@ -294,7 +310,7 @@ stdenv.mkDerivation { # exceptional case, details: # https://github.com/systemd/systemd-stable/blob/v249-stable/src/shared/tpm2-util.c#L157 if ! [[ "${library}" =~ .*libtss2-tcti-$ ]]; then - echo 'The shared library `${library}` does not exist but was given as subtitute for `${dl.name}`' + echo 'The shared library `${library}` does not exist but was given as substitute for `${dl.name}`' exit 1 fi fi @@ -318,8 +334,8 @@ stdenv.mkDerivation { fi '' # Finally patch shebangs that might need patching. - # Should no longer be necessary with v250. - # https://github.com/systemd/systemd/pull/19638 + # Should no longer be necessary with v251. + # https://github.com/systemd/systemd/pull/21749 + '' patchShebangs . ''; @@ -356,16 +372,16 @@ stdenv.mkDerivation { [ acl audit - glib kmod libcap - libgcrypt libidn2 libuuid linuxHeaders pam ] + ++ lib.optional wantGcrypt libgcrypt + ++ lib.optional withTests glib ++ lib.optional withApparmor libapparmor ++ lib.optional wantCurl (lib.getDev curl) ++ lib.optionals withCompression [ bzip2 lz4 xz zstd ] @@ -389,6 +405,14 @@ stdenv.mkDerivation { mesonFlags = [ "-Dversion-tag=${version}" + # We bump this variable on every (major) version change to ensure + # that we have known-good value for a timestamp that is in the (not so distant) past. + # This serves as a lower bound for valid system timestamps during startup. Systemd will + # reset the system timestamp if this date is +- 15 years from the system time. + # See the systemd v250 release notes for further details: + # https://github.com/systemd/systemd/blob/60e930fc3e6eb8a36fbc184773119eb8d2f30364/NEWS#L258-L266 + "-Dtime-epoch=${releaseTimestamp}" + "-Ddbuspolicydir=${placeholder "out"}/share/dbus-1/system.d" "-Ddbussessionservicedir=${placeholder "out"}/share/dbus-1/services" "-Ddbussystemservicedir=${placeholder "out"}/share/dbus-1/system-services" @@ -400,11 +424,11 @@ stdenv.mkDerivation { "-Dsetfont-path=${kbd}/bin/setfont" "-Dtty-gid=3" # tty in NixOS has gid 3 "-Ddebug-shell=${bashInteractive}/bin/bash" - "-Dglib=${lib.boolToString (glib != null)}" + "-Dglib=${lib.boolToString withTests}" # while we do not run tests we should also not build them. Removes about 600 targets "-Dtests=false" "-Danalyze=${lib.boolToString withAnalyze}" - "-Dgcrypt=${lib.boolToString (libgcrypt != null)}" + "-Dgcrypt=${lib.boolToString wantGcrypt}" "-Dimportd=${lib.boolToString withImportd}" "-Dlz4=${lib.boolToString withCompression}" "-Dhomed=${lib.boolToString withHomed}" @@ -435,7 +459,11 @@ stdenv.mkDerivation { "-Dsmack=true" "-Db_pie=true" "-Dinstall-sysconfdir=false" - "-Defi-ld=${stdenv.cc.bintools.targetPrefix}ld" + "-Dsbat-distro=nixos" + "-Dsbat-distro-summary=NixOS" + "-Dsbat-distro-url=https://nixos.org/" + "-Dsbat-distro-pkgname=${pname}" + "-Dsbat-distro-version=${version}" /* As of now, systemd doesn't allow runtime configuration of these values. So the settings in /etc/login.defs have no effect on it. Many people think this @@ -448,7 +476,6 @@ stdenv.mkDerivation { */ "-Dsystem-uid-max=999" "-Dsystem-gid-max=999" - # "-Dtime-epoch=1" "-Dsysvinit-path=" "-Dsysvrcnd-path=" @@ -487,57 +514,96 @@ stdenv.mkDerivation { "-Dutmp=false" "-Didn=false" ]; + preConfigure = + let + # A list of all the runtime binaries that the systemd exectuables, tests and libraries are referencing in their source code, scripts and unit files. + # As soon as a dependency isn't required anymore we should remove it from the list. The `where` attribute for each of the replacement patterns must be exhaustive. If another (unhandled) case is found in the source code the build fails with an error message. + binaryReplacements = [ + { search = "/usr/bin/getent"; replacement = "${getent}/bin/getent"; where = [ "src/nspawn/nspawn-setuid.c" ]; } + + { + search = "/sbin/mkswap"; + replacement = "${lib.getBin util-linux}/sbin/mkswap"; + where = [ + "man/systemd-makefs@.service.xml" + ]; + } + { search = "/sbin/swapon"; replacement = "${lib.getBin util-linux}/sbin/swapon"; where = [ "src/core/swap.c" "src/basic/unit-def.h" ]; } + { search = "/sbin/swapoff"; replacement = "${lib.getBin util-linux}/sbin/swapoff"; where = [ "src/core/swap.c" ]; } + { + search = "/bin/echo"; + replacement = "${coreutils}/bin/echo"; + where = [ + "man/systemd-analyze.xml" + "man/systemd.service.xml" + "src/analyze/test-verify.c" + "src/test/test-env-file.c" + "src/test/test-fileio.c" + ]; + } + { + search = "/bin/cat"; + replacement = "${coreutils}/bin/cat"; + where = [ "test/create-busybox-container" "test/test-execute/exec-noexecpaths-simple.service" "src/journal/cat.c" ]; + } + { search = "/sbin/modprobe"; replacement = "${lib.getBin kmod}/sbin/modprobe"; where = [ "units/modprobe@.service" ]; } + { + search = "/usr/lib/systemd/systemd-fsck"; + replacement = "$out/lib/systemd/systemd-fsck"; + where = [ + "man/systemd-fsck@.service.xml" + ]; + } + ] ++ lib.optionals withImportd [ + { + search = "\"gpg\""; + replacement = "\\\"${gnupg}/bin/gpg\\\""; + where = [ "src/import/pull-common.c" ]; + } + { + search = "\"tar\""; + replacement = "\\\"${gnutar}/bin/tar\\\""; + where = [ + "src/import/export-tar.c" + "src/import/export.c" + "src/import/import-common.c" + "src/import/import-tar.c" + "src/import/import.c" + "src/import/importd.c" + "src/import/pull-tar.c" + "src/import/pull.c" + ]; + } + ]; + + # { replacement, search, where } -> List[str] + mkSubstitute = { replacement, search, where }: + map (path: "substituteInPlace ${path} --replace '${search}' \"${replacement}\"") where; + mkEnsureSubstituted = { replacement, search, where }: + '' + if [[ $(grep -r '${search}' | grep -v "${replacement}" | grep -Ev 'NEWS|^test/' | wc -l) -gt 0 ]]; then + echo "Not all references to '${search}' have been replaced. Found the following matches:" + grep '${search}' -r | grep -v "${replacement}" | grep -Ev 'NEWS|^test/' + exit 1 + fi + ''; - preConfigure = '' - mesonFlagsArray+=(-Dntp-servers="0.nixos.pool.ntp.org 1.nixos.pool.ntp.org 2.nixos.pool.ntp.org 3.nixos.pool.ntp.org") - export LC_ALL="en_US.UTF-8"; - # FIXME: patch this in systemd properly (and send upstream). - # already fixed in f00929ad622c978f8ad83590a15a765b4beecac9: (u)mount - for i in \ - src/core/mount.c \ - src/core/swap.c \ - src/cryptsetup/cryptsetup-generator.c \ - src/journal/cat.c \ - src/nspawn/nspawn.c \ - src/remount-fs/remount-fs.c \ - src/shared/generator.c \ - src/shutdown/shutdown.c \ - units/emergency.service.in \ - units/modprobe@.service \ - units/rescue.service.in \ - units/systemd-logind.service.in \ - units/systemd-nspawn@.service.in; \ - do - test -e $i - substituteInPlace $i \ - --replace /usr/bin/getent ${getent}/bin/getent \ - --replace /sbin/mkswap ${lib.getBin util-linux}/sbin/mkswap \ - --replace /sbin/swapon ${lib.getBin util-linux}/sbin/swapon \ - --replace /sbin/swapoff ${lib.getBin util-linux}/sbin/swapoff \ - --replace /bin/echo ${coreutils}/bin/echo \ - --replace /bin/cat ${coreutils}/bin/cat \ - --replace /sbin/sulogin ${lib.getBin util-linux}/sbin/sulogin \ - --replace /sbin/modprobe ${lib.getBin kmod}/sbin/modprobe \ - --replace /usr/lib/systemd/systemd-fsck $out/lib/systemd/systemd-fsck \ - --replace /bin/plymouth /run/current-system/sw/bin/plymouth # To avoid dependency - done + in + '' + mesonFlagsArray+=(-Dntp-servers="0.nixos.pool.ntp.org 1.nixos.pool.ntp.org 2.nixos.pool.ntp.org 3.nixos.pool.ntp.org") + export LC_ALL="en_US.UTF-8"; - for dir in tools src/resolve test src/test src/shared; do - patchShebangs $dir - done + ${lib.concatStringsSep "\n" (lib.flatten (map mkSubstitute binaryReplacements))} + ${lib.concatMapStringsSep "\n" mkEnsureSubstituted binaryReplacements} - # absolute paths to gpg & tar - substituteInPlace src/import/pull-common.c \ - --replace '"gpg"' '"${gnupg}/bin/gpg"' - for file in src/import/{{export,import,pull}-tar,import-common}.c; do - substituteInPlace $file \ - --replace '"tar"' '"${gnutar}/bin/tar"' - done + for dir in tools src/resolve test src/test src/shared; do + patchShebangs $dir + done - substituteInPlace src/libsystemd/sd-journal/catalog.c \ - --replace /usr/lib/systemd/catalog/ $out/lib/systemd/catalog/ - ''; + substituteInPlace src/libsystemd/sd-journal/catalog.c \ + --replace /usr/lib/systemd/catalog/ $out/lib/systemd/catalog/ + ''; # These defines are overridden by CFLAGS and would trigger annoying # warning messages @@ -545,7 +611,7 @@ stdenv.mkDerivation { substituteInPlace config.h \ --replace "POLKIT_AGENT_BINARY_PATH" "_POLKIT_AGENT_BINARY_PATH" \ --replace "SYSTEMD_BINARY_PATH" "_SYSTEMD_BINARY_PATH" \ - --replace "SYSTEMD_CGROUP_AGENT_PATH" "_SYSTEMD_CGROUP_AGENT_PATH" + --replace "SYSTEMD_CGROUP_AGENTS_PATH" "_SYSTEMD_CGROUP_AGENT_PATH" ''; NIX_CFLAGS_COMPILE = toString ([ @@ -557,8 +623,8 @@ stdenv.mkDerivation { # Set the release_agent on /sys/fs/cgroup/systemd to the # currently running systemd (/run/current-system/systemd) so # that we don't use an obsolete/garbage-collected release agent. - "-USYSTEMD_CGROUP_AGENT_PATH" - "-DSYSTEMD_CGROUP_AGENT_PATH=\"/run/current-system/systemd/lib/systemd/systemd-cgroups-agent\"" + "-USYSTEMD_CGROUP_AGENTS_PATH" + "-DSYSTEMD_CGROUP_AGENTS_PATH=\"/run/current-system/systemd/lib/systemd/systemd-cgroups-agent\"" "-USYSTEMD_BINARY_PATH" "-DSYSTEMD_BINARY_PATH=\"/run/current-system/systemd/lib/systemd/systemd\"" @@ -575,6 +641,12 @@ stdenv.mkDerivation { ''; postInstall = '' + # sysinit.target: Don't depend on + # systemd-tmpfiles-setup.service. This interferes with NixOps's + # send-keys feature (since sshd.service depends indirectly on + # sysinit.target). + mv $out/lib/systemd/system/sysinit.target.wants/systemd-tmpfiles-setup-dev.service $out/lib/systemd/system/multi-user.target.wants/ + mkdir -p $out/example/systemd mv $out/lib/{modules-load.d,binfmt.d,sysctl.d,tmpfiles.d} $out/example mv $out/lib/systemd/{system,user} $out/example/systemd @@ -603,7 +675,7 @@ stdenv.mkDerivation { # runtime; otherwise we can't and we need to reboot. interfaceVersion = 2; - inherit withCryptsetup; + inherit withCryptsetup util-linux kmod kbd; tests = { inherit (nixosTests) switchTest; diff --git a/pkgs/os-specific/linux/systemd/musl.diff b/pkgs/os-specific/linux/systemd/musl.diff deleted file mode 100644 index cab135dd8fc..00000000000 --- a/pkgs/os-specific/linux/systemd/musl.diff +++ /dev/null @@ -1,12 +0,0 @@ -diff --git a/src/shared/mount-setup.c b/src/shared/mount-setup.c -index ef3527e..cc1ba23 100644 ---- a/src/shared/mount-setup.c -+++ b/src/shared/mount-setup.c -@@ -32,6 +32,7 @@ - #include "strv.h" - #include "user-util.h" - #include "virt.h" -+#include "missing_type.h" - - typedef enum MountMode { - MNT_NONE = 0, diff --git a/pkgs/os-specific/linux/tiscamera/default.nix b/pkgs/os-specific/linux/tiscamera/default.nix index 38bc7c3eaff..1182aead36b 100644 --- a/pkgs/os-specific/linux/tiscamera/default.nix +++ b/pkgs/os-specific/linux/tiscamera/default.nix @@ -17,6 +17,7 @@ , python3Packages , libuuid , wrapGAppsHook +, catch2 }: stdenv.mkDerivation rec { @@ -30,6 +31,10 @@ stdenv.mkDerivation rec { sha256 = "0hpy9yhc4mn6w8gvzwif703smmcys0j2jqbz2xfghqxcyb0ykplj"; }; + postPatch = '' + cp ${catch2}/include/catch2/catch.hpp external/catch/catch.hpp + ''; + nativeBuildInputs = [ cmake pkg-config diff --git a/pkgs/os-specific/linux/tuigreet/default.nix b/pkgs/os-specific/linux/tuigreet/default.nix index 581b89fb1c6..95de5b8c8d9 100644 --- a/pkgs/os-specific/linux/tuigreet/default.nix +++ b/pkgs/os-specific/linux/tuigreet/default.nix @@ -17,7 +17,7 @@ rustPlatform.buildRustPackage rec { cargoSha256 = "sha256-H5xqk7Yd3M8sFGHlmhAS0fhh3eM4dkvkNQGVxRSXUJs="; meta = with lib; { - description = "Graphical console greter for greetd"; + description = "Graphical console greeter for greetd"; homepage = "https://github.com/apognu/tuigreet"; license = licenses.gpl3Plus; maintainers = with maintainers; [ luc65r ivar ]; diff --git a/pkgs/os-specific/linux/udisks/2-default.nix b/pkgs/os-specific/linux/udisks/2-default.nix index fd321d90cb2..5aff6e96970 100644 --- a/pkgs/os-specific/linux/udisks/2-default.nix +++ b/pkgs/os-specific/linux/udisks/2-default.nix @@ -1,8 +1,9 @@ -{ lib, stdenv, fetchFromGitHub, substituteAll, libtool, pkg-config, gettext, gnused +{ lib, stdenv, fetchFromGitHub, substituteAll, pkg-config, gnused, autoreconfHook , gtk-doc, acl, systemd, glib, libatasmart, polkit, coreutils, bash, which , expat, libxslt, docbook_xsl, util-linux, mdadm, libgudev, libblockdev, parted -, gobject-introspection, docbook_xml_dtd_412, docbook_xml_dtd_43, autoconf, automake +, gobject-introspection, docbook_xml_dtd_412, docbook_xml_dtd_43 , xfsprogs, f2fs-tools, dosfstools, e2fsprogs, btrfs-progs, exfat, nilfs-utils, ntfs3g +, nixosTests }: stdenv.mkDerivation rec { @@ -25,9 +26,11 @@ stdenv.mkDerivation rec { blkid = "${util-linux}/bin/blkid"; false = "${coreutils}/bin/false"; mdadm = "${mdadm}/bin/mdadm"; + mkswap = "${util-linux}/bin/mkswap"; sed = "${gnused}/bin/sed"; sh = "${bash}/bin/sh"; sleep = "${coreutils}/bin/sleep"; + swapon = "${util-linux}/bin/swapon"; true = "${coreutils}/bin/true"; }) (substituteAll { @@ -39,8 +42,11 @@ stdenv.mkDerivation rec { }) ]; + strictDeps = true; + # pkg-config had to be in both to find gtk-doc and gobject-introspection + depsBuildBuild = [ pkg-config ]; nativeBuildInputs = [ - autoconf automake pkg-config libtool gettext which gobject-introspection + autoreconfHook which gobject-introspection pkg-config gtk-doc libxslt docbook_xml_dtd_412 docbook_xml_dtd_43 docbook_xsl ]; @@ -58,6 +64,7 @@ stdenv.mkDerivation rec { configureFlags = [ (lib.enableFeature (stdenv.buildPlatform == stdenv.hostPlatform) "gtk-doc") + "--sysconfdir=/etc" "--localstatedir=/var" "--with-systemdsystemunitdir=$(out)/etc/systemd/system" "--with-udevdir=$(out)/lib/udev" @@ -69,15 +76,21 @@ stdenv.mkDerivation rec { "INTROSPECTION_TYPELIBDIR=$(out)/lib/girepository-1.0" ]; + installFlags = [ + "sysconfdir=${placeholder "out"}/etc" + ]; + enableParallelBuilding = true; doCheck = true; + passthru.tests.vm = nixosTests.udisks2; + meta = with lib; { description = "A daemon, tools and libraries to access and manipulate disks, storage devices and technologies"; homepage = "https://www.freedesktop.org/wiki/Software/udisks/"; license = with licenses; [ lgpl2Plus gpl2Plus ]; # lgpl2Plus for the library, gpl2Plus for the tools & daemon - maintainers = with maintainers; [ johnazoidberg ]; + maintainers = teams.freedesktop.members ++ (with maintainers; [ johnazoidberg ]); platforms = platforms.linux; }; } diff --git a/pkgs/os-specific/linux/udisks/fix-paths.patch b/pkgs/os-specific/linux/udisks/fix-paths.patch index 215df565ecc..30bc08da8cf 100644 --- a/pkgs/os-specific/linux/udisks/fix-paths.patch +++ b/pkgs/os-specific/linux/udisks/fix-paths.patch @@ -1,17 +1,5 @@ -diff --git a/Makefile.am b/Makefile.am -index 56922b79..697f8c6e 100644 ---- a/Makefile.am -+++ b/Makefile.am -@@ -1,6 +1,6 @@ - ## Process this file with automake to produce Makefile.in - --SHELL = @BASH@ -+SHELL = @bash@ - .SHELLFLAGS = -o pipefail -c - - PYTHON ?= python3 diff --git a/data/80-udisks2.rules b/data/80-udisks2.rules -index 39bfa28b..ee1ca90a 100644 +index ca802cce..bfd1c29e 100644 --- a/data/80-udisks2.rules +++ b/data/80-udisks2.rules @@ -17,9 +17,9 @@ ENV{DM_UDEV_DISABLE_OTHER_RULES_FLAG}=="?*", GOTO="udisks_probe_end" @@ -66,9 +54,27 @@ index e7df4ed2..ab4356d9 100644 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # diff --git a/src/tests/integration-test b/src/tests/integration-test -index 4499a6a9..8b711f95 100755 +index 07e4e029..3bd8ec51 100755 --- a/src/tests/integration-test +++ b/src/tests/integration-test +@@ -299,7 +299,7 @@ class UDisksTestCase(unittest.TestCase): + if not device: + device = cls.devname(partition) + result = {} +- cmd = subprocess.Popen(['blkid', '-p', '-o', 'udev', device], stdout=subprocess.PIPE) ++ cmd = subprocess.Popen(['@blkid@', '-p', '-o', 'udev', device], stdout=subprocess.PIPE) + for l in cmd.stdout: + (key, value) = l.decode('UTF-8').split('=', 1) + result[key] = value.strip() +@@ -437,7 +437,7 @@ class UDisksTestCase(unittest.TestCase): + f.write('KERNEL=="sr*", ENV{DISK_EJECT_REQUEST}!="?*", ' + 'ATTRS{model}=="scsi_debug*", ' + 'ENV{ID_CDROM_MEDIA}=="?*", ' +- 'IMPORT{program}="/sbin/blkid -o udev -p -u noraid $tempnode"\n') ++ 'IMPORT{program}="@blkid@ -o udev -p -u noraid $tempnode"\n') + # reload udev + subprocess.call('sync; pkill --signal HUP udevd || ' + 'pkill --signal HUP systemd-udevd', @@ -1142,7 +1142,7 @@ class FS(UDisksTestCase): self.assertFalse(os.access(f, os.X_OK)) @@ -150,6 +156,3 @@ index 3ddbdf2c..a87f960a 100644 udisks_spawned_job_start (job); g_object_unref (job); } --- -2.33.1 - diff --git a/pkgs/os-specific/linux/unscd/0001-adjust-socket-paths-for-nixos.patch b/pkgs/os-specific/linux/unscd/0001-adjust-socket-paths-for-nixos.patch new file mode 100644 index 00000000000..941b5c90a62 --- /dev/null +++ b/pkgs/os-specific/linux/unscd/0001-adjust-socket-paths-for-nixos.patch @@ -0,0 +1,41 @@ +From 9d76d183a97cb667a1ab6d95af69d6db745215df Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Milan=20P=C3=A4ssler?= <milan@petabyte.dev> +Date: Tue, 1 Jun 2021 16:55:45 +0200 +Subject: [PATCH] adjust socket paths for nixos + +The original unscd would crash, because it is not allowed to create its +legacy socket at /var/run/.nscd_socket. + +This socket is only required for very old glibc versions, but removing it +is currently non-trivial, so we just move it somewhere, where it is +allowed to be created. A patch has been submitted upstream to make this +hack unnecessary. + +Also change /var/run to /run, since we shouldn't be using /var/run +anymore. +--- + nscd.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/nscd.c b/nscd.c +index a71e474..0cd7106 100644 +--- a/nscd.c ++++ b/nscd.c +@@ -2100,10 +2100,10 @@ static void main_loop(void) + ** Initialization + */ + +-#define NSCD_PIDFILE "/var/run/nscd/nscd.pid" +-#define NSCD_DIR "/var/run/nscd" +-#define NSCD_SOCKET "/var/run/nscd/socket" +-#define NSCD_SOCKET_OLD "/var/run/.nscd_socket" ++#define NSCD_PIDFILE "/run/nscd/nscd.pid" ++#define NSCD_DIR "/run/nscd" ++#define NSCD_SOCKET "/run/nscd/socket" ++#define NSCD_SOCKET_OLD "/run/nscd/socket_legacy" + + static smallint wrote_pidfile; + +-- +2.31.1 + diff --git a/pkgs/os-specific/linux/unscd/default.nix b/pkgs/os-specific/linux/unscd/default.nix new file mode 100644 index 00000000000..1f974029b01 --- /dev/null +++ b/pkgs/os-specific/linux/unscd/default.nix @@ -0,0 +1,76 @@ +{ fetchurl, fetchpatch, stdenv, systemd, lib }: + +stdenv.mkDerivation rec { + pname = "unscd"; + version = "0.54"; + + src = fetchurl { + url = "https://busybox.net/~vda/unscd/nscd-${version}.c"; + sha256 = "0iv4iwgs3sjnqnwd7dpcw6s7i4ar9q89vgsms32clx14fdqjrqch"; + }; + + unpackPhase = '' + runHook preUnpack + cp $src nscd.c + chmod u+w nscd.c + runHook postUnpack + ''; + + patches = [ + # Patches from Debian that have not (yet) been included upstream, but are useful to us + (fetchpatch { + url = "https://sources.debian.org/data/main/u/${pname}/${version}-1/debian/patches/change_invalidate_request_info_output"; + sha256 = "17whakazpisiq9nnw3zybaf7v3lqkww7n6jkx0igxv4z2r3mby6l"; + }) + (fetchpatch { + url = "https://sources.debian.org/data/main/u/${pname}/${version}-1/debian/patches/support_large_numbers_in_config"; + sha256 = "0jrqb4cwclwirpqfb6cvnmiff3sm2jhxnjwxa7h0wx78sg0y3bpp"; + }) + (fetchpatch { + url = "https://sources.debian.org/data/main/u/${pname}/${version}-1/debian/patches/no_debug_on_invalidate"; + sha256 = "0znwzb522zgikb0mm7awzpvvmy0wf5z7l3jgjlkdpgj0scxgz86w"; + }) + (fetchpatch { + url = "https://sources.debian.org/data/main/u/${pname}/${version}-1/debian/patches/notify_systemd_about_successful_startup"; + sha256 = "1ipwmbfwm65yisy74nig9960vxpjx683l3skgxfgssfx1jb9z2mc"; + }) + + # The original unscd would crash, because it is not allowed to create its + # legacy socket at /var/run/.nscd_socket. + # This socket is only required for very old glibc versions, but removing it + # is currently non-trivial, so we just move it somewhere, where it is + # allowed to be created. A patch has been submitted upstream to make this + # hack unnecessary. + # Also change /var/run to /run, since we shouldn't be using /var/run + # anymore. + # See also: http://lists.busybox.net/pipermail/busybox/2021-June/088866.html + ./0001-adjust-socket-paths-for-nixos.patch + ]; + + buildInputs = [ systemd ]; + + buildPhase = '' + runHook preBuild + gcc -Wall \ + -Wl,--sort-section -Wl,alignment \ + -Wl,--sort-common \ + -fomit-frame-pointer \ + -lsystemd \ + -o nscd nscd.c + runHook postBuild + ''; + + installPhase = '' + runHook preInstall + install -Dm755 -t $out/bin nscd + runHook postInstall + ''; + + meta = with lib; { + homepage = "https://busybox.net/~vda/unscd/"; + description = "Less buggy replacement for the glibc name service cache daemon"; + license = licenses.gpl2Only; + platforms = platforms.linux; + maintainers = with maintainers; [ petabyteboy ]; + }; +} diff --git a/pkgs/os-specific/linux/upower/default.nix b/pkgs/os-specific/linux/upower/default.nix index 51ae7b002f9..f083184a114 100644 --- a/pkgs/os-specific/linux/upower/default.nix +++ b/pkgs/os-specific/linux/upower/default.nix @@ -8,7 +8,7 @@ , ninja , python3 , gtk-doc -, docbook_xsl +, docbook-xsl-nons , udev , libgudev , libusb1 @@ -18,28 +18,36 @@ , systemd , useIMobileDevice ? true , libimobiledevice +, withDocs ? (stdenv.buildPlatform == stdenv.hostPlatform) }: stdenv.mkDerivation rec { pname = "upower"; - version = "0.99.15"; + version = "0.99.17"; - outputs = [ "out" "dev" "devdoc" ]; + outputs = [ "out" "dev" ] + ++ lib.optionals withDocs [ "devdoc" ]; src = fetchFromGitLab { domain = "gitlab.freedesktop.org"; owner = "upower"; repo = "upower"; rev = "v${version}"; - sha256 = "sha256-GlLy2MPip21KOabdW8Vw6NVe3xhzsd9htxQ2xO/hZ/4="; + sha256 = "xvvqzGxgkuGcvnO12jnLURNJUoSlnMw2g/mnII+i6Bs="; }; + strictDeps = true; + + depsBuildBuild = [ + pkg-config + ]; + nativeBuildInputs = [ meson ninja python3 gtk-doc - docbook_xsl + docbook-xsl-nons gettext gobject-introspection libxslt @@ -66,6 +74,8 @@ stdenv.mkDerivation rec { "-Dos_backend=linux" "-Dsystemdsystemunitdir=${placeholder "out"}/etc/systemd/system" "-Dudevrulesdir=${placeholder "out"}/lib/udev/rules.d" + "-Dintrospection=${if (stdenv.buildPlatform == stdenv.hostPlatform) then "auto" else "disabled"}" + "-Dgtk-doc=${lib.boolToString withDocs}" ]; doCheck = false; # fails with "env: './linux/integration-test': No such file or directory" @@ -99,7 +109,9 @@ stdenv.mkDerivation rec { meta = with lib; { homepage = "https://upower.freedesktop.org/"; + changelog = "https://gitlab.freedesktop.org/upower/upower/-/blob/v${version}/NEWS"; description = "A D-Bus service for power management"; + maintainers = teams.freedesktop.members; platforms = platforms.linux; license = licenses.gpl2Plus; }; diff --git a/pkgs/os-specific/linux/usbguard/default.nix b/pkgs/os-specific/linux/usbguard/default.nix index de4517872fc..35505af5a1e 100644 --- a/pkgs/os-specific/linux/usbguard/default.nix +++ b/pkgs/os-specific/linux/usbguard/default.nix @@ -24,14 +24,14 @@ assert libgcrypt != null -> libsodium == null; stdenv.mkDerivation rec { - version = "1.1.0"; + version = "1.1.1"; pname = "usbguard"; src = fetchFromGitHub { owner = "USBGuard"; repo = pname; rev = "usbguard-${version}"; - sha256 = "sha256-lnHeU/X/2N81WPLakRYLs8TjpBhxBPhiXDJ+wNW0sU0="; + sha256 = "sha256-lAh+l9GF+FHQqv2kEYU5JienZKGwR5e45BYAwjieYgw="; fetchSubmodules = true; }; diff --git a/pkgs/os-specific/linux/usbrelay/daemon.nix b/pkgs/os-specific/linux/usbrelay/daemon.nix new file mode 100644 index 00000000000..5f8d23e5201 --- /dev/null +++ b/pkgs/os-specific/linux/usbrelay/daemon.nix @@ -0,0 +1,36 @@ +{ stdenv, usbrelay, python3 }: +let + python = python3.withPackages (ps: with ps; [ usbrelay-py paho-mqtt ]); +in +# This is a separate derivation, not just an additional output of +# usbrelay, because otherwise, we have a cyclic dependency between +# usbrelay (default.nix) and the python module (python.nix). +stdenv.mkDerivation rec { + pname = "usbrelayd"; + + inherit (usbrelay) src version; + + postPatch = '' + substituteInPlace 'usbrelayd.service' \ + --replace '/usr/bin/python3' "${python}/bin/python3" \ + --replace '/usr/sbin/usbrelayd' "$out/bin/usbrelayd" + ''; + + buildInputs = [ python ]; + + dontBuild = true; + + installPhase = '' + runHook preInstall; + install -m 644 -D usbrelayd $out/bin/usbrelayd + install -m 644 -D usbrelayd.service $out/lib/systemd/system/usbrelayd.service + install -m 644 -D 50-usbrelay.rules $out/lib/udev/rules.d/50-usbrelay.rules + runHook postInstall + ''; + # TODO for later releases: install -D usbrelayd.conf $out/etc/usbrelayd.conf # include this as an example + + meta = { + description = "USB Relay MQTT service"; + inherit (usbrelay.meta) homepage license maintainers platforms; + }; +} diff --git a/pkgs/os-specific/linux/usbrelay/default.nix b/pkgs/os-specific/linux/usbrelay/default.nix new file mode 100644 index 00000000000..ebbb1dd7922 --- /dev/null +++ b/pkgs/os-specific/linux/usbrelay/default.nix @@ -0,0 +1,29 @@ +{ stdenv, lib, fetchFromGitHub, hidapi }: +stdenv.mkDerivation rec { + pname = "usbrelay"; + version = "0.9"; + + src = fetchFromGitHub { + owner = "darrylb123"; + repo = "usbrelay"; + rev = version; + sha256 = "sha256-bxME4r5W5bZKxMZ/Svi1EenqHKVWIjU6iiKaM8U6lmA="; + }; + + buildInputs = [ + hidapi + ]; + + makeFlags = [ + "DIR_VERSION=${version}" + "PREFIX=${placeholder "out"}" + ]; + + meta = with lib; { + description = "Tool to control USB HID relays"; + homepage = "https://github.com/darrylb123/usbrelay"; + license = licenses.gpl2Plus; + maintainers = with maintainers; [ wentasah ]; + platforms = platforms.linux; + }; +} diff --git a/pkgs/os-specific/linux/usbrelay/python.nix b/pkgs/os-specific/linux/usbrelay/python.nix new file mode 100644 index 00000000000..02d5ac284ed --- /dev/null +++ b/pkgs/os-specific/linux/usbrelay/python.nix @@ -0,0 +1,12 @@ +{ buildPythonPackage, usbrelay }: + +buildPythonPackage rec { + pname = "usbrelay_py"; + inherit (usbrelay) version src; + + buildInputs = [ usbrelay ]; + + pythonImportsCheck = [ "usbrelay_py" ]; + + inherit (usbrelay) meta; +} diff --git a/pkgs/os-specific/linux/usbrelay/test.nix b/pkgs/os-specific/linux/usbrelay/test.nix new file mode 100644 index 00000000000..dc5847558a6 --- /dev/null +++ b/pkgs/os-specific/linux/usbrelay/test.nix @@ -0,0 +1,63 @@ +# NixOS test for usbrelayd +# +# It is not stored in nixos/tests directory, because it requires the +# USB relay connected to the host computer and as such, it cannot be +# run automatically. +# +# Run this test as: +# +# nix-build test.nix -A driverInteractive && ./result/bin/nixos-test-driver --no-interactive +# +# The interactive driver is required because the default +# (non-interactive) driver uses qemu without support for passing USB +# devices to the guest (see +# https://discourse.nixos.org/t/hardware-dependent-nixos-tests/18564 +# for discussion of other alternatives). + +import ../../../../nixos/tests/make-test-python.nix ({ pkgs, ... }: { + name = "usbrelayd"; + + nodes.machine = { + virtualisation.qemu.options = [ + "-device qemu-xhci" + "-device usb-host,vendorid=0x16c0,productid=0x05df" + ]; + services.usbrelayd.enable = true; + systemd.services.usbrelayd = { + after = [ "mosquitto.service" ]; + }; + services.mosquitto = { + enable = true; + listeners = [{ + acl = [ "pattern readwrite #" ]; + omitPasswordAuth = true; + settings.allow_anonymous = true; + }]; + }; + environment.systemPackages = [ + pkgs.usbrelay + pkgs.mosquitto + ]; + documentation.nixos.enable = false; # building nixos manual takes long time + }; + + testScript = '' + if os.waitstatus_to_exitcode(os.system("lsusb -d 16c0:05df")) != 0: + print("No USB relay detected, skipping test") + import sys + sys.exit(2) + machine.start() + # usbrelayd is started by udev when an relay is detected + machine.wait_for_unit("usbrelayd.service") + + stdout = machine.succeed("usbrelay") + relay_id = stdout.split(sep="_")[0] + assert relay_id != "" + import time + time.sleep(1) + machine.succeed(f"mosquitto_pub -h localhost -t cmnd/{relay_id}/1 -m ON") + time.sleep(1) + machine.succeed(f"mosquitto_pub -h localhost -t cmnd/{relay_id}/1 -m OFF") + print("Did you see the relay switching on and off?") + ''; +}) diff --git a/pkgs/os-specific/linux/usermount/default.nix b/pkgs/os-specific/linux/usermount/default.nix index 87b38b9af6e..934367dcd11 100644 --- a/pkgs/os-specific/linux/usermount/default.nix +++ b/pkgs/os-specific/linux/usermount/default.nix @@ -1,13 +1,14 @@ -{ lib, stdenv, fetchgit, pkg-config, dbus, libnotify, udisks2, gdk-pixbuf }: +{ lib, stdenv, fetchFromGitHub, pkg-config, dbus, libnotify, udisks2, gdk-pixbuf }: stdenv.mkDerivation { pname = "usermount"; version = "0.1"; - src = fetchgit { - url = "https://github.com/tom5760/usermount.git"; + src = fetchFromGitHub { + owner = "tom5760"; + repo = "usermount"; rev = "0d6aba3c1f8fec80de502f5b92fd8b28041cc8e4"; - sha256 = "0gpp0vwiwr7kgbhh26jspv3255662mnvnav6g8i2h0qxar8hf8w2"; + sha256 = "sha256-giMHUVYdAygiemYru20VxpQixr5aGgHhevNkHvkG9z4="; }; nativeBuildInputs = [ pkg-config ]; diff --git a/pkgs/os-specific/linux/util-linux/default.nix b/pkgs/os-specific/linux/util-linux/default.nix index 8485565e0a8..3efb3914b85 100644 --- a/pkgs/os-specific/linux/util-linux/default.nix +++ b/pkgs/os-specific/linux/util-linux/default.nix @@ -1,15 +1,18 @@ { lib, stdenv, fetchurl, pkg-config, zlib, shadow, libcap_ng -, ncurses ? null, pam, systemd ? null +, ncursesSupport ? true +, ncurses, pam +, systemdSupport ? stdenv.isLinux +, systemd , nlsSupport ? true }: stdenv.mkDerivation rec { - pname = "util-linux"; - version = "2.37.3"; + pname = "util-linux" + lib.optionalString (!nlsSupport && !ncursesSupport && !systemdSupport) "-minimal"; + version = "2.37.4"; src = fetchurl { - url = "mirror://kernel/linux/utils/util-linux/v${lib.versions.majorMinor version}/${pname}-${version}.tar.xz"; - sha256 = "sha256-WQxZLljNa/OFGctGevBc5qGrGAQOPjQY8kvPsvVfl3Y="; + url = "mirror://kernel/linux/utils/util-linux/v${lib.versions.majorMinor version}/util-linux-${version}.tar.xz"; + sha256 = "sha256-Y05pFq2RM2bDU2tkaOeER2lUm5mnsr+AMU3nirVlW4M="; }; patches = [ @@ -40,9 +43,9 @@ stdenv.mkDerivation rec { "--disable-makeinstall-setuid" "--disable-makeinstall-chown" "--disable-su" # provided by shadow (lib.enableFeature nlsSupport "nls") - (lib.withFeature (ncurses != null) "ncursesw") - (lib.withFeature (systemd != null) "systemd") - (lib.withFeatureAs (systemd != null) + (lib.withFeature ncursesSupport "ncursesw") + (lib.withFeature systemdSupport "systemd") + (lib.withFeatureAs systemdSupport "systemdsystemunitdir" "${placeholder "bin"}/lib/systemd/system/") "SYSCONFSTATICDIR=${placeholder "lib"}/lib" ] ++ lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) @@ -56,9 +59,9 @@ stdenv.mkDerivation rec { ]; nativeBuildInputs = [ pkg-config ]; - buildInputs = - [ zlib pam libcap_ng ] - ++ lib.filter (p: p != null) [ ncurses systemd ]; + buildInputs = [ zlib pam libcap_ng ] + ++ lib.optionals ncursesSupport [ ncurses ] + ++ lib.optionals systemdSupport [ systemd ]; doCheck = false; # "For development purpose only. Don't execute on production system!" diff --git a/pkgs/os-specific/linux/v4l-utils/default.nix b/pkgs/os-specific/linux/v4l-utils/default.nix index 90a052fdef9..3fdd9e791bd 100644 --- a/pkgs/os-specific/linux/v4l-utils/default.nix +++ b/pkgs/os-specific/linux/v4l-utils/default.nix @@ -12,11 +12,11 @@ let # we need to use stdenv.mkDerivation in order not to pollute the libv4l’s closure with Qt in stdenv.mkDerivation rec { pname = "v4l-utils"; - version = "1.20.0"; + version = "1.22.1"; src = fetchurl { url = "https://linuxtv.org/downloads/${pname}/${pname}-${version}.tar.bz2"; - sha256 = "1xr66y6w422hil6s7n8d61a2vhwh4im8l267amf41jvw7xqihqcm"; + hash = "sha256-Zcb76DCkTKEFxEOwJxgsGyyQU6kdHnKthJ36s4i5TjE="; }; outputs = [ "out" ] ++ lib.optional withUtils "lib" ++ [ "dev" ]; @@ -40,14 +40,16 @@ in stdenv.mkDerivation rec { propagatedBuildInputs = [ libjpeg ]; postPatch = '' - patchShebangs utils/cec-ctl/msg2ctl.pl - patchShebangs utils/libcecutil/cec-gen.pl + patchShebangs utils/ ''; + enableParallelBuilding = true; + meta = with lib; { description = "V4L utils and libv4l, provide common image formats regardless of the v4l device"; homepage = "https://linuxtv.org/projects.php"; - license = licenses.lgpl21Plus; + changelog = "https://git.linuxtv.org/v4l-utils.git/plain/ChangeLog?h=v4l-utils-${version}"; + license = with licenses; [ lgpl21Plus gpl2Plus ]; maintainers = with maintainers; [ codyopel ]; platforms = platforms.linux; }; diff --git a/pkgs/os-specific/linux/v4l2loopback/default.nix b/pkgs/os-specific/linux/v4l2loopback/default.nix index c1aa7be2af6..095d873e66c 100644 --- a/pkgs/os-specific/linux/v4l2loopback/default.nix +++ b/pkgs/os-specific/linux/v4l2loopback/default.nix @@ -16,12 +16,9 @@ stdenv.mkDerivation rec { preBuild = '' substituteInPlace Makefile --replace "modules_install" "INSTALL_MOD_PATH=$out modules_install" sed -i '/depmod/d' Makefile - export PATH=${kmod}/sbin:$PATH ''; - nativeBuildInputs = kernel.moduleBuildDependencies; - - buildInputs = [ kmod ]; + nativeBuildInputs = [ kmod ] ++ kernel.moduleBuildDependencies; postInstall = '' make install-utils PREFIX=$bin @@ -29,7 +26,7 @@ stdenv.mkDerivation rec { outputs = [ "out" "bin" ]; - makeFlags = [ + makeFlags = kernel.makeFlags ++ [ "KERNELRELEASE=${kernel.modDirVersion}" "KERNEL_DIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" ]; diff --git a/pkgs/os-specific/linux/vdo/default.nix b/pkgs/os-specific/linux/vdo/default.nix new file mode 100644 index 00000000000..1904445d4c2 --- /dev/null +++ b/pkgs/os-specific/linux/vdo/default.nix @@ -0,0 +1,64 @@ +{ lib, stdenv +, fetchFromGitHub +, installShellFiles +, libuuid +, lvm2_dmeventd # <libdevmapper-event.h> +, zlib +, python3 +}: + +stdenv.mkDerivation rec { + pname = "vdo"; + version = "8.1.1.360"; # kvdo uses this! + + src = fetchFromGitHub { + owner = "dm-vdo"; + repo = pname; + rev = version; + sha256 = "1zp8aaw0diramnlx5z96jcpbm6x0r204xf1vwq6k21rzcazczkwv"; + }; + + nativeBuildInputs = [ + installShellFiles + ]; + + buildInputs = [ + libuuid + lvm2_dmeventd + zlib + python3.pkgs.wrapPython + ]; + + propagatedBuildInputs = with python3.pkgs; [ + pyyaml + ]; + + pythonPath = propagatedBuildInputs; + + makeFlags = [ + "DESTDIR=${placeholder "out"}" + "INSTALLOWNER=" + # all of these paths are relative to DESTDIR and have defaults that don't work for us + "bindir=/bin" + "defaultdocdir=/share/doc" + "mandir=/share/man" + "python3_sitelib=${python3.sitePackages}" + ]; + + enableParallelBuilding = true; + + postInstall = '' + installShellCompletion --bash $out/bash_completion.d/* + rm -r $out/bash_completion.d + + wrapPythonPrograms + ''; + + meta = with lib; { + homepage = "https://github.com/dm-vdo/vdo"; + description = "A set of userspace tools for managing pools of deduplicated and/or compressed block storage"; + platforms = platforms.linux; + license = with licenses; [ gpl2Plus ]; + maintainers = with maintainers; [ ajs124 ]; + }; +} diff --git a/pkgs/os-specific/linux/veikk-linux-driver/default.nix b/pkgs/os-specific/linux/veikk-linux-driver/default.nix index a1019d7b7fd..8cf4896ae02 100644 --- a/pkgs/os-specific/linux/veikk-linux-driver/default.nix +++ b/pkgs/os-specific/linux/veikk-linux-driver/default.nix @@ -15,9 +15,9 @@ stdenv.mkDerivation rec { buildInputs = [ kernel ]; - buildPhase = '' - make BUILD_DIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build - ''; + makeFlags = kernel.makeFlags ++ [ + "BUILD_DIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" + ]; installPhase = '' mkdir -p $out/lib/modules/${kernel.modDirVersion}/kernel/drivers/veikk diff --git a/pkgs/os-specific/linux/wireguard/default.nix b/pkgs/os-specific/linux/wireguard/default.nix index 32389d27369..a47fb30c1b3 100644 --- a/pkgs/os-specific/linux/wireguard/default.nix +++ b/pkgs/os-specific/linux/wireguard/default.nix @@ -1,17 +1,15 @@ { lib, stdenv, fetchzip, kernel, perl, wireguard-tools, bc }: -# module requires Linux >= 3.10 https://www.wireguard.io/install/#kernel-requirements -assert lib.versionAtLeast kernel.version "3.10"; # wireguard upstreamed since 5.6 https://lists.zx2c4.com/pipermail/wireguard/2019-December/004704.html assert lib.versionOlder kernel.version "5.6"; stdenv.mkDerivation rec { pname = "wireguard"; - version = "1.0.20210606"; + version = "1.0.20211208"; src = fetchzip { url = "https://git.zx2c4.com/wireguard-linux-compat/snapshot/wireguard-linux-compat-${version}.tar.xz"; - sha256 = "sha256-ha7x6+41oPRRhuRwEb1ojRWLF1dlEMoJtqXrzRKQ408="; + sha256 = "sha256-MHC4ojhRD8IGwTUE8oEew8IVof9hQCC7CPgVQIBfBRQ="; }; hardeningDisable = [ "pic" ]; diff --git a/pkgs/os-specific/linux/wpa_supplicant/default.nix b/pkgs/os-specific/linux/wpa_supplicant/default.nix index 925ec71d3fa..1d58d47cf66 100644 --- a/pkgs/os-specific/linux/wpa_supplicant/default.nix +++ b/pkgs/os-specific/linux/wpa_supplicant/default.nix @@ -1,6 +1,6 @@ { lib, stdenv, fetchurl, openssl, pkg-config, libnl , nixosTests, wpa_supplicant_gui -, withDbus ? true, dbus +, dbusSupport ? true, dbus , withReadline ? true, readline , withPcsclite ? true, pcsclite , readOnlyModeSSIDs ? false @@ -68,7 +68,7 @@ stdenv.mkDerivation rec { CONFIG_EAP_AKA=y CONFIG_EAP_AKA_PRIME=y CONFIG_PCSC=y - '' + optionalString withDbus '' + '' + optionalString dbusSupport '' CONFIG_CTRL_IFACE_DBUS=y CONFIG_CTRL_IFACE_DBUS_NEW=y CONFIG_CTRL_IFACE_DBUS_INTRO=y @@ -93,7 +93,7 @@ stdenv.mkDerivation rec { ''; buildInputs = [ openssl libnl ] - ++ optional withDbus dbus + ++ optional dbusSupport dbus ++ optional withReadline readline ++ optional withPcsclite pcsclite; diff --git a/pkgs/os-specific/linux/x86info/default.nix b/pkgs/os-specific/linux/x86info/default.nix index e842b59651e..db5b040da3a 100644 --- a/pkgs/os-specific/linux/x86info/default.nix +++ b/pkgs/os-specific/linux/x86info/default.nix @@ -1,32 +1,45 @@ -{lib, stdenv, fetchurl, pciutils, python2}: +{ lib +, stdenv +, fetchFromGitHub +, pciutils +, pkg-config +, python3 +}: stdenv.mkDerivation rec { - version = "1.30"; pname = "x86info"; + version = "unstable-2021-08-07"; - src = fetchurl { - url = "http://codemonkey.org.uk/projects/x86info/${pname}-${version}.tgz"; - sha256 = "0a4lzka46nabpsrg3n7akwr46q38f96zfszd73xcback1s2hjc7y"; + src = fetchFromGitHub { + owner = "kernelslacker"; + repo = pname; + rev = "061ea35ecb0697761b6260998fa2045b8bb0be68"; + hash = "sha256-/qWioC4dV1bQkU4SiTR8duYqoGIMIH7s8vuAXi75juo="; }; - preConfigure = '' - patchShebangs . + nativeBuildInputs = [ + pkg-config + python3 + ]; - # ignore warnings - sed -i 's/-Werror -Wall//' Makefile - ''; + buildInputs = [ + pciutils + ]; - buildInputs = [ pciutils python2 ]; + postBuild = '' + patchShebangs lsmsr/createheader.py + make -C lsmsr + ''; installPhase = '' mkdir -p $out/bin - cp x86info lsmsr $out/bin + cp x86info $out/bin + cp lsmsr/lsmsr $out/bin ''; meta = { description = "Identification utility for the x86 series of processors"; - longDescription = - '' + longDescription = '' x86info will identify all Intel/AMD/Centaur/Cyrix/VIA CPUs. It leverages the cpuid kernel module where possible. it supports parsing model specific registers (MSRs) via the msr kernel module. it will approximate processor @@ -34,7 +47,7 @@ stdenv.mkDerivation rec { ''; platforms = [ "i686-linux" "x86_64-linux" ]; license = lib.licenses.gpl2; - homepage = "http://codemonkey.org.uk/projects/x86info/"; - maintainers = with lib.maintainers; [jcumming]; + homepage = "https://github.com/kernelslacker/x86info"; + maintainers = with lib.maintainers; [ jcumming ]; }; } diff --git a/pkgs/os-specific/linux/xmm7360-pci/default.nix b/pkgs/os-specific/linux/xmm7360-pci/default.nix index 6a589ff889c..435ff94afb7 100644 --- a/pkgs/os-specific/linux/xmm7360-pci/default.nix +++ b/pkgs/os-specific/linux/xmm7360-pci/default.nix @@ -11,10 +11,12 @@ stdenv.mkDerivation rec { sha256 = "1wdb0phqg9rj9g9ycqdya0m7lx24kzjlh25yw0ifp898ddxrrr0c"; }; - makeFlags = [ "KDIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" ]; + makeFlags = kernel.makeFlags ++ [ + "KDIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" + "INSTALL_MOD_PATH=${placeholder "out"}" + ]; nativeBuildInputs = kernel.moduleBuildDependencies; - INSTALL_MOD_PATH = placeholder "out"; installFlags = [ "DEPMOD=true" ]; meta = with lib; { diff --git a/pkgs/os-specific/linux/xpadneo/default.nix b/pkgs/os-specific/linux/xpadneo/default.nix index c1874877620..c5aa09a8860 100644 --- a/pkgs/os-specific/linux/xpadneo/default.nix +++ b/pkgs/os-specific/linux/xpadneo/default.nix @@ -18,7 +18,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = kernel.moduleBuildDependencies; buildInputs = [ bluez ]; - makeFlags = [ + makeFlags = kernel.makeFlags ++ [ "-C" "${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" "M=$(sourceRoot)" diff --git a/pkgs/os-specific/linux/zfs/default.nix b/pkgs/os-specific/linux/zfs/default.nix index e3a856c12a4..5a5fd2d19a8 100644 --- a/pkgs/os-specific/linux/zfs/default.nix +++ b/pkgs/os-specific/linux/zfs/default.nix @@ -16,11 +16,12 @@ , enablePython ? true # for determining the latest compatible linuxPackages -, linuxPackages_5_16 ? pkgs.linuxKernel.packages.linux_5_16 +, linuxPackages_5_17 ? pkgs.linuxKernel.packages.linux_5_17 }: -with lib; let + inherit (lib) any optionalString optionals optional makeBinPath; + smartmon = smartmontools.override { inherit enableMail; }; buildKernel = any (n: n == configFile) [ "kernel" "all" ]; @@ -113,7 +114,7 @@ let configureFlags = [ "--with-config=${configFile}" "--with-tirpc=1" - (withFeatureAs (buildUser && enablePython) "python" python3.interpreter) + (lib.withFeatureAs (buildUser && enablePython) "python" python3.interpreter) ] ++ optionals buildUser [ "--with-dracutdir=$(out)/lib/dracut" "--with-udevdir=$(out)/lib/udev" @@ -200,9 +201,9 @@ let ''; homepage = "https://github.com/openzfs/zfs"; changelog = "https://github.com/openzfs/zfs/releases/tag/zfs-${version}"; - license = licenses.cddl; - platforms = platforms.linux; - maintainers = with maintainers; [ hmenke jcumming jonringer wizeman fpletz globin ]; + license = lib.licenses.cddl; + platforms = lib.platforms.linux; + maintainers = with lib.maintainers; [ hmenke jcumming jonringer wizeman fpletz globin ]; mainProgram = "zfs"; # If your Linux kernel version is not yet supported by zfs, try zfsUnstable. # On NixOS set the option boot.zfs.enableUnstable. @@ -215,28 +216,28 @@ in { # to be adapted zfsStable = common { # check the release notes for compatible kernels - kernelCompatible = kernel.kernelAtLeast "3.10" && kernel.kernelOlder "5.17"; - latestCompatibleLinuxPackages = linuxPackages_5_16; + kernelCompatible = kernel.kernelOlder "5.18"; + latestCompatibleLinuxPackages = linuxPackages_5_17; # this package should point to the latest release. - version = "2.1.3"; + version = "2.1.4"; - sha256 = "10p9s835wj5msspqwnqbfbnh8jmcazzd2v0gj4hn7vvni4p48gfl"; + sha256 = "sha256-pHz1N2j+d9p1xleEBwwrmK9mN5gEyM69Suy0dsrkZT4="; }; zfsUnstable = common { # check the release notes for compatible kernels - kernelCompatible = kernel.kernelAtLeast "3.10" && kernel.kernelOlder "5.17"; - latestCompatibleLinuxPackages = linuxPackages_5_16; + kernelCompatible = kernel.kernelOlder "5.18"; + latestCompatibleLinuxPackages = linuxPackages_5_17; # this package should point to a version / git revision compatible with the latest kernel release # IMPORTANT: Always use a tagged release candidate or commits from the # zfs-<version>-staging branch, because this is tested by the OpenZFS # maintainers. - version = "2.1.3"; + version = "2.1.4"; # rev = "0000000000000000000000000000000000000000"; - sha256 = "10p9s835wj5msspqwnqbfbnh8jmcazzd2v0gj4hn7vvni4p48gfl"; + sha256 = "sha256-pHz1N2j+d9p1xleEBwwrmK9mN5gEyM69Suy0dsrkZT4="; isUnstable = true; }; |