diff options
Diffstat (limited to 'pkgs/os-specific')
-rw-r--r-- | pkgs/os-specific/linux/apparmor/default.nix | 13 | ||||
-rw-r--r-- | pkgs/os-specific/linux/iproute/default.nix | 8 | ||||
-rw-r--r-- | pkgs/os-specific/linux/libcap/default.nix | 5 | ||||
-rw-r--r-- | pkgs/os-specific/linux/systemd/default.nix | 106 |
4 files changed, 84 insertions, 48 deletions
diff --git a/pkgs/os-specific/linux/apparmor/default.nix b/pkgs/os-specific/linux/apparmor/default.nix index 0e10add5561..64fa92be865 100644 --- a/pkgs/os-specific/linux/apparmor/default.nix +++ b/pkgs/os-specific/linux/apparmor/default.nix @@ -14,7 +14,7 @@ let apparmor-series = "2.13"; - apparmor-patchver = "4"; + apparmor-patchver = "5"; apparmor-version = apparmor-series + "." + apparmor-patchver; apparmor-meta = component: with stdenv.lib; { @@ -27,19 +27,10 @@ let apparmor-sources = fetchurl { url = "https://launchpad.net/apparmor/${apparmor-series}/${apparmor-version}/+download/apparmor-${apparmor-version}.tar.gz"; - sha256 = "03nislxccnbxld89giak2s8xa4mdbwscfxbdwhmw5qpvgz08dgwh"; - }; - - # See <https://gitlab.com/apparmor/apparmor/-/issues/74> This and the - # accompanying application in prePatchCommon should be removed in 2.13.5 - gnumake43Patch = fetchpatch { - url = "https://gitlab.com/apparmor/apparmor/-/merge_requests/465.patch"; - name = "2-23-fix-build-with-make-4.3.patch"; - sha256 = "0xw028iqp69j9mxv0kbwraplgkj5i5djdlgf0anpkc5cdbsf96r9"; + sha256 = "05x7r99k00r97v1cq2f711lv6yqzhbl8zp1i1c7kxra4v0a2lzk3"; }; prePatchCommon = '' - patch -p1 < ${gnumake43Patch} chmod a+x ./common/list_capabilities.sh ./common/list_af_names.sh patchShebangs ./common/list_capabilities.sh ./common/list_af_names.sh substituteInPlace ./common/Make.rules --replace "/usr/bin/pod2man" "${buildPackages.perl}/bin/pod2man" diff --git a/pkgs/os-specific/linux/iproute/default.nix b/pkgs/os-specific/linux/iproute/default.nix index a9fcf455ee4..b3de7ceedaa 100644 --- a/pkgs/os-specific/linux/iproute/default.nix +++ b/pkgs/os-specific/linux/iproute/default.nix @@ -5,19 +5,19 @@ stdenv.mkDerivation rec { pname = "iproute2"; - version = "5.8.0"; + version = "5.9.0"; src = fetchurl { url = "mirror://kernel/linux/utils/net/${pname}/${pname}-${version}.tar.xz"; - sha256 = "0vk4vickrpahdhl3zazr2qn2bf99v5549ncirjpwiy4h0a4izkfg"; + sha256 = "1kys6dmhrl43iaq95n5sh02p39d7bq8i5y672qrzgwnwpjaaqpd2"; }; preConfigure = '' # Don't try to create /var/lib/arpd: sed -e '/ARPDDIR/d' -i Makefile - # TODO: Drop temporary version fix for 5.8 (53159d81) once 5.9 is out: + # TODO: Drop temporary version fix for 5.9 once 5.10 is out: substituteInPlace include/version.h \ - --replace "v5.7.0-77-gb687d1067169" "5.8.0" + --replace "5.8.0" "${version}" ''; outputs = [ "out" "dev" ]; diff --git a/pkgs/os-specific/linux/libcap/default.nix b/pkgs/os-specific/linux/libcap/default.nix index 174f1be99db..7931e35a844 100644 --- a/pkgs/os-specific/linux/libcap/default.nix +++ b/pkgs/os-specific/linux/libcap/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "libcap"; - version = "2.27"; + version = "2.44"; src = fetchurl { url = "mirror://kernel/linux/libs/security/linux-privs/libcap2/${pname}-${version}.tar.xz"; - sha256 = "0sj8kidl7qgf2qwxcbw1vadnlb30y4zvjzxswsmfdghq04npkhfs"; + sha256 = "1qf80lifygbnxwvqjf8jz5j24n6fqqx4ixnkbf76xs2vrmcq664j"; }; outputs = [ "out" "dev" "lib" "man" "doc" "pam" ]; @@ -54,6 +54,7 @@ stdenv.mkDerivation rec { meta = { description = "Library for working with POSIX capabilities"; + homepage = "https://sites.google.com/site/fullycapable"; platforms = stdenv.lib.platforms.linux; license = stdenv.lib.licenses.bsd3; }; diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index cef9d96ae6e..da99280f63b 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -1,27 +1,61 @@ -{ stdenv, lib, fetchFromGitHub, pkgconfig, intltool, gperf, libcap -, curl, kmod, gnupg, gnutar, xz, pam, acl, libuuid, m4, e2fsprogs, utillinux, libffi -, glib, kbd, libxslt, coreutils, libgcrypt, libgpgerror, libidn2, libapparmor -, audit, lz4, bzip2, pcre2 -, linuxHeaders ? stdenv.cc.libc.linuxHeaders -, iptables, gnu-efi, bashInteractive -, gettext, docbook_xsl, docbook_xml_dtd_42, docbook_xml_dtd_45 -, ninja, meson, python3Packages, glibcLocales -, patchelf -, substituteAll -, getent -, cryptsetup, lvm2 +{ stdenv, lib, fetchFromGitHub , buildPackages -, perl +, ninja, meson, m4, pkgconfig, coreutils, gperf, getent +, patchelf, perl, glibcLocales, glib, substituteAll +, gettext, python3Packages + +# Mandatory dependencies +, libcap +, utillinux +, kbd +, kmod + +# Optional dependencies +, pam, cryptsetup, lvm2, audit, acl +, lz4, libgcrypt, libgpgerror, libidn2 +, curl, gnutar, gnupg, zlib +, xz, libuuid, libffi +, libapparmor, intltool +, bzip2, pcre2, e2fsprogs +, linuxHeaders ? stdenv.cc.libc.linuxHeaders +, gnu-efi +, iptables , withSelinux ? false, libselinux , withLibseccomp ? lib.any (lib.meta.platformMatch stdenv.hostPlatform) libseccomp.meta.platforms, libseccomp , withKexectools ? lib.any (lib.meta.platformMatch stdenv.hostPlatform) kexectools.meta.platforms, kexectools +, bashInteractive + +, withResolved ? true +, withLogind ? true +, withHostnamed ? true +, withLocaled ? true +, withNetworkd ? true +, withTimedated ? true +, withTimesyncd ? true +, withHwdb ? true +, withEfi ? stdenv.hostPlatform.isEfi +, withImportd ? true +, withCryptsetup ? true + +# name argument +, pname ? "systemd" + + +, libxslt, docbook_xsl, docbook_xml_dtd_42, docbook_xml_dtd_45 }: +assert withResolved -> (libgcrypt != null && libgpgerror != null); +assert withImportd -> + ( curl.dev != null && zlib != null && xz != null && libgcrypt != null + && gnutar != null && gnupg != null); + +assert withCryptsetup -> + ( cryptsetup != null ); + let version = "246.6"; in stdenv.mkDerivation { - inherit version; - pname = "systemd"; + inherit version pname; # We use systemd/systemd-stable for src, and ship NixOS-specific patches inside nixpkgs directly # This has proven to be less error-prone than the previous systemd fork. @@ -71,13 +105,17 @@ in stdenv.mkDerivation { outputs = [ "out" "man" "dev" ]; nativeBuildInputs = - [ pkgconfig intltool gperf libxslt gettext docbook_xsl docbook_xml_dtd_42 docbook_xml_dtd_45 + [ pkgconfig gperf ninja meson coreutils # meson calls date, stat etc. glibcLocales patchelf getent m4 perl # to patch the libsystemd.so and remove dependencies on aarch64 + intltool + gettext + + libxslt docbook_xsl docbook_xml_dtd_42 docbook_xml_dtd_45 (buildPackages.python3Packages.python.withPackages ( ps: with ps; [ python3Packages.lxml ])) ]; buildInputs = @@ -86,9 +124,10 @@ in stdenv.mkDerivation { pcre2 ] ++ stdenv.lib.optional withKexectools kexectools ++ stdenv.lib.optional withLibseccomp libseccomp ++ - [ libffi audit lz4 bzip2 libapparmor - iptables gnu-efi - ] ++ stdenv.lib.optional withSelinux libselinux; + [ libffi audit lz4 bzip2 libapparmor iptables ] ++ + stdenv.lib.optional withEfi gnu-efi ++ + stdenv.lib.optional withSelinux libselinux ++ + stdenv.lib.optional withCryptsetup cryptsetup.dev; #dontAddPrefix = true; @@ -106,19 +145,23 @@ in stdenv.mkDerivation { "-Ddebug-shell=${bashInteractive}/bin/bash" # while we do not run tests we should also not build them. Removes about 600 targets "-Dtests=false" - "-Dimportd=true" + "-Dimportd=${stdenv.lib.boolToString withImportd}" "-Dlz4=true" "-Dhomed=false" - "-Dhostnamed=true" - "-Dnetworkd=true" + "-Dlogind=${stdenv.lib.boolToString withLogind}" + "-Dlocaled=${stdenv.lib.boolToString withLocaled}" + "-Dhostnamed=${stdenv.lib.boolToString withHostnamed}" + "-Dnetworkd=${stdenv.lib.boolToString withNetworkd}" + "-Dcryptsetup=${stdenv.lib.boolToString withCryptsetup}" "-Dportabled=false" + "-Dhwdb=${stdenv.lib.boolToString withHwdb}" "-Dremote=false" "-Dsysusers=false" - "-Dtimedated=true" - "-Dtimesyncd=true" + "-Dtimedated=${stdenv.lib.boolToString withTimedated}" + "-Dtimesyncd=${stdenv.lib.boolToString withTimesyncd}" "-Dfirstboot=false" "-Dlocaled=true" - "-Dresolve=true" + "-Dresolve=${stdenv.lib.boolToString withResolved}" "-Dsplit-usr=false" "-Dlibcurl=true" "-Dlibidn=false" @@ -141,11 +184,6 @@ in stdenv.mkDerivation { "-Dsystem-gid-max=999" # "-Dtime-epoch=1" - (if !stdenv.hostPlatform.isEfi then "-Dgnu-efi=false" else "-Dgnu-efi=true") - "-Defi-libdir=${toString gnu-efi}/lib" - "-Defi-includedir=${toString gnu-efi}/include/efi" - "-Defi-ldsdir=${toString gnu-efi}/lib" - "-Dsysvinit-path=" "-Dsysvrcnd-path=" @@ -161,6 +199,12 @@ in stdenv.mkDerivation { # Upstream defaulted to disable manpages since they optimize for the much # more frequent development builds "-Dman=true" + + "-Dgnu-efi=${stdenv.lib.boolToString (withEfi && gnu-efi != null)}" + ] ++ stdenv.lib.optionals (withEfi && gnu-efi != null) [ + "-Defi-libdir=${toString gnu-efi}/lib" + "-Defi-includedir=${toString gnu-efi}/include/efi" + "-Defi-ldsdir=${toString gnu-efi}/lib" ]; preConfigure = '' @@ -284,6 +328,6 @@ in stdenv.mkDerivation { license = licenses.lgpl21Plus; platforms = platforms.linux; priority = 10; - maintainers = with maintainers; [ andir eelco flokli ]; + maintainers = with maintainers; [ andir eelco flokli kloenk ]; }; } |