diff options
Diffstat (limited to 'pkgs/os-specific')
78 files changed, 653 insertions, 360 deletions
diff --git a/pkgs/os-specific/bsd/netbsd/default.nix b/pkgs/os-specific/bsd/netbsd/default.nix index c53b7e50b9f..d7f7c64fc2d 100644 --- a/pkgs/os-specific/bsd/netbsd/default.nix +++ b/pkgs/os-specific/bsd/netbsd/default.nix @@ -548,6 +548,12 @@ let NIX_CFLAGS_COMPILE = "-DYESSTR=__YESSTR -DNOSTR=__NOSTR"; }; + column = netBSDDerivation { + path = "usr.bin/column"; + version = "8.0"; + sha256 = "0r6b0hjn5ls3j3sv6chibs44fs32yyk2cg8kh70kb4cwajs4ifyl"; + }; + }; in nbPackages diff --git a/pkgs/os-specific/darwin/apple-source-releases/adv_cmds/default.nix b/pkgs/os-specific/darwin/apple-source-releases/adv_cmds/default.nix index 80d57484ecc..1d8ebac74b0 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/adv_cmds/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/adv_cmds/default.nix @@ -11,7 +11,7 @@ # the more recent adv_cmds release is used for everything else in this package let recentAdvCmds = fetchzip { - url = "http://opensource.apple.com/tarballs/adv_cmds/adv_cmds-158.tar.gz"; + url = "https://opensource.apple.com/tarballs/adv_cmds/adv_cmds-158.tar.gz"; sha256 = "0z081kcprzg5jcvqivfnwvvv6wfxzkjg2jc2lagsf8c7j7vgm8nn"; }; diff --git a/pkgs/os-specific/darwin/apple-source-releases/adv_cmds/xcode.nix b/pkgs/os-specific/darwin/apple-source-releases/adv_cmds/xcode.nix index 7b1492799dd..45912041a24 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/adv_cmds/xcode.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/adv_cmds/xcode.nix @@ -16,7 +16,8 @@ appleDerivation { substituteInPlace adv_cmds.xcodeproj/project.pbxproj \ --replace "FD201DC214369B4200906237 /* pkill.c in Sources */," "" \ --replace "FDF278D60FC6204E00D7A3C6 /* locale.cc in Sources */," "" \ - --replace '/usr/lib/libtermcap.dylib' 'libncurses.dylib' + --replace '/usr/lib/libtermcap.dylib' 'libncurses.dylib' \ + --replace 'DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym";' "" ''; buildPhase = '' diff --git a/pkgs/os-specific/darwin/apple-source-releases/basic_cmds/default.nix b/pkgs/os-specific/darwin/apple-source-releases/basic_cmds/default.nix index f646e57549e..4a0180dda7a 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/basic_cmds/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/basic_cmds/default.nix @@ -15,7 +15,7 @@ appleDerivation rec { installPhase = '' for f in Products/Release/*; do if [ -f $f ]; then - install -D $f $out/usr/bin/$(basename $f) + install -D $f $out/bin/$(basename $f) fi done diff --git a/pkgs/os-specific/darwin/apple-source-releases/diskdev_cmds/default.nix b/pkgs/os-specific/darwin/apple-source-releases/diskdev_cmds/default.nix index 0f46e50de3a..08c7a883502 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/diskdev_cmds/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/diskdev_cmds/default.nix @@ -18,14 +18,16 @@ appleDerivation { cp xnu-*/bsd/i386/disklabel.h i386 cp -r xnu-*/bsd/sys System cp -r Libc-*/uuid System + substituteInPlace diskdev_cmds.xcodeproj/project.pbxproj \ + --replace 'DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym";' "" ''; installPhase = '' install -D Products/Release/libdisk.a $out/lib/libdisk.a rm Products/Release/libdisk.a for f in Products/Release/*; do if [ -f $f ]; then - install -D $file $out/bin/$(basename $f) - done + install -D $f $out/bin/$(basename $f) + fi done ''; diff --git a/pkgs/os-specific/darwin/apple-source-releases/file_cmds/default.nix b/pkgs/os-specific/darwin/apple-source-releases/file_cmds/default.nix index c2320525322..2f5e4f542d7 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/file_cmds/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/file_cmds/default.nix @@ -21,8 +21,8 @@ appleDerivation rec { installPhase = '' for f in Products/Release/*; do if [ -f $f ]; then - install -D $file $out/bin/$(basename $f) - done + install -D $f $out/bin/$(basename $f) + fi done for n in 1; do diff --git a/pkgs/os-specific/darwin/apple-source-releases/network_cmds/default.nix b/pkgs/os-specific/darwin/apple-source-releases/network_cmds/default.nix index 8e69cb4bfa7..feee054c2ac 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/network_cmds/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/network_cmds/default.nix @@ -22,7 +22,7 @@ appleDerivation rec { installPhase = '' for f in Products/Release/*; do if [ -f $f ]; then - install -D $file $out/bin/$(basename $f) + install -D $f $out/bin/$(basename $f) fi done diff --git a/pkgs/os-specific/darwin/insert_dylib/default.nix b/pkgs/os-specific/darwin/insert_dylib/default.nix index 510c7154f2b..0ab6a415707 100644 --- a/pkgs/os-specific/darwin/insert_dylib/default.nix +++ b/pkgs/os-specific/darwin/insert_dylib/default.nix @@ -11,9 +11,8 @@ stdenv.mkDerivation nativeBuildInputs = [ xcbuildHook ]; installPhase = '' - prog=$(find . -type f -name insert_dylib) mkdir -p $out/bin - install -m755 $prog $out/bin + install -m755 Products/Release/insert_dylib $out/bin ''; meta.platforms = stdenv.lib.platforms.darwin; } diff --git a/pkgs/os-specific/darwin/xcode/default.nix b/pkgs/os-specific/darwin/xcode/default.nix index 369529d7167..62785f34fe8 100644 --- a/pkgs/os-specific/darwin/xcode/default.nix +++ b/pkgs/os-specific/darwin/xcode/default.nix @@ -45,6 +45,7 @@ in lib.makeExtensible (self: { xcode_8_2 = requireXcode "8.2" "13nd1zsfqcp9hwp15hndr0rsbb8rgprrz7zr2ablj4697qca06m2"; xcode_9_1 = requireXcode "9.1" "0ab1403wy84ys3yn26fj78cazhpnslmh3nzzp1wxib3mr1afjvic"; xcode_9_2 = requireXcode "9.2" "1bgfgdp266cbbqf2axcflz92frzvhi0qw0jdkcw6r85kdpc8dj4c"; - xcode_9_4 = requireXcode "9.4" "6731381785075602a52489f7ea47ece8f6daf225007ba3ffae1fd59b1c0b5f01"; + xcode_9_4 = requireXcode "9.4" "132l92c702lm8yrc62w4b8n2iap1qzqvklqzi39x9832ajysn6vw"; + xcode_10_1 = requireXcode "10.1" "1ssdbg4v8r11fjf4jl38pwyry2aia1qihbxyxapz0v0n5gfnp05v"; xcode = self."xcode_${lib.replaceStrings ["."] ["_"] (if stdenv.targetPlatform.useiOSPrebuilt then stdenv.targetPlatform.xcodeVer else "8.2")}"; }) diff --git a/pkgs/os-specific/linux/alsa-utils/default.nix b/pkgs/os-specific/linux/alsa-utils/default.nix index c9cf1291267..2ced9c6094e 100644 --- a/pkgs/os-specific/linux/alsa-utils/default.nix +++ b/pkgs/os-specific/linux/alsa-utils/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { name = "alsa-utils-${version}"; - version = "1.1.7"; + version = "1.1.8"; src = fetchurl { url = "mirror://alsa/utils/${name}.tar.bz2"; - sha256 = "02jlw6a22j2rr7inggfgk2hzx3w0fjhvhs0dn1afpzdp9aspzchx"; + sha256 = "1kx45yhrxai3k595yyqs4wj0p2n5b0c9mf0k36ljjf1bj8lgb6zx"; }; patchPhase = '' diff --git a/pkgs/os-specific/linux/android-udev-rules/default.nix b/pkgs/os-specific/linux/android-udev-rules/default.nix index b428c1c0bf7..bfacdd4a2f4 100644 --- a/pkgs/os-specific/linux/android-udev-rules/default.nix +++ b/pkgs/os-specific/linux/android-udev-rules/default.nix @@ -6,13 +6,13 @@ stdenv.mkDerivation rec { name = "android-udev-rules-${version}"; - version = "20181031"; + version = "20190114"; src = fetchFromGitHub { owner = "M0Rf30"; repo = "android-udev-rules"; rev = version; - sha256 = "175js0vimv6b92cxl0sc4ihdj1k8yq3jrpbjy0zsvrm2367z7xqp"; + sha256 = "1x3vaq8jpnfhxc2lzz5jnlz219w66sn151v5fkdgv68pya4nzhjj"; }; installPhase = '' diff --git a/pkgs/os-specific/linux/ati-drivers/builder.sh b/pkgs/os-specific/linux/ati-drivers/builder.sh index 6cb8cacbffa..f6ad8e2c03b 100644 --- a/pkgs/os-specific/linux/ati-drivers/builder.sh +++ b/pkgs/os-specific/linux/ati-drivers/builder.sh @@ -263,7 +263,7 @@ if test -z "$libsOnly"; then cd programs/fglrx_gamma gcc -fPIC -I${libXxf86vm.dev}/include \ - -I${xf86vidmodeproto}/include \ + -I${xorgproto}/include \ -I$out/X11R6/include \ -L$out/lib \ -Wall -lm -lfglrx_gamma -lX11 -lXext -o $out/bin/fglrx_xgamma fglrx_xgamma.c diff --git a/pkgs/os-specific/linux/ati-drivers/default.nix b/pkgs/os-specific/linux/ati-drivers/default.nix index bc35d14321b..24d0aa695f3 100644 --- a/pkgs/os-specific/linux/ati-drivers/default.nix +++ b/pkgs/os-specific/linux/ati-drivers/default.nix @@ -51,7 +51,7 @@ stdenv.mkDerivation rec { libXrandr = xorg.libXrandr; libXrender = xorg.libXrender; libXxf86vm = xorg.libXxf86vm; - xf86vidmodeproto = xorg.xf86vidmodeproto; + xorgproto = xorg.xorgproto; libSM = xorg.libSM; libICE = xorg.libICE; libfreetype = freetype; @@ -87,7 +87,7 @@ stdenv.mkDerivation rec { buildInputs = [ xorg.libXrender xorg.libXext xorg.libX11 xorg.libXinerama xorg.libSM - xorg.libXrandr xorg.libXxf86vm xorg.xf86vidmodeproto xorg.imake xorg.libICE + xorg.libXrandr xorg.libXxf86vm xorg.xorgproto xorg.imake xorg.libICE patchelf unzip libGLU_combined @@ -107,7 +107,7 @@ stdenv.mkDerivation rec { # outputs TODO: probably many fixes are needed; LD_LIBRARY_PATH = makeLibraryPath [ xorg.libXrender xorg.libXext xorg.libX11 xorg.libXinerama xorg.libSM - xorg.libXrandr xorg.libXxf86vm xorg.xf86vidmodeproto xorg.imake xorg.libICE + xorg.libXrandr xorg.libXxf86vm xorg.xorgproto xorg.imake xorg.libICE libGLU_combined fontconfig freetype diff --git a/pkgs/os-specific/linux/atop/default.nix b/pkgs/os-specific/linux/atop/default.nix index 739342b77fd..5d002bf72ea 100644 --- a/pkgs/os-specific/linux/atop/default.nix +++ b/pkgs/os-specific/linux/atop/default.nix @@ -1,12 +1,12 @@ {stdenv, fetchurl, zlib, ncurses}: stdenv.mkDerivation rec { - version = "2.3.0"; + version = "2.4.0"; name = "atop-${version}"; src = fetchurl { url = "https://www.atoptool.nl/download/atop-${version}.tar.gz"; - sha256 = "0r5j9q89wpylmg0px5xymxi3jpihw9wq8bh37g3ciymsw1fp5r3k"; + sha256 = "0s9xlxlzz688a80zxld840zkrmzw998rdkkg6yc7ssq8fw50275y"; }; buildInputs = [zlib ncurses]; diff --git a/pkgs/os-specific/linux/batman-adv/alfred.nix b/pkgs/os-specific/linux/batman-adv/alfred.nix index 390b0c9e4b4..1227d22916c 100644 --- a/pkgs/os-specific/linux/batman-adv/alfred.nix +++ b/pkgs/os-specific/linux/batman-adv/alfred.nix @@ -1,14 +1,14 @@ { stdenv, fetchurl, pkgconfig, gpsd, libcap, libnl }: let - ver = "2018.4"; + ver = "2019.0"; in stdenv.mkDerivation rec { name = "alfred-${ver}"; src = fetchurl { url = "https://downloads.open-mesh.org/batman/releases/batman-adv-${ver}/${name}.tar.gz"; - sha256 = "0n6cw6inkzlgz8p6jcc83npqjmvhxp4qsh2dhbiv88ax3lh9arcd"; + sha256 = "0sml6z90kpchmn61597j7yag97gk59fscz4xjxdfh9zycd3nfsn0"; }; nativeBuildInputs = [ pkgconfig ]; diff --git a/pkgs/os-specific/linux/batman-adv/batctl.nix b/pkgs/os-specific/linux/batman-adv/batctl.nix index 1645fbef49b..b84338ed258 100644 --- a/pkgs/os-specific/linux/batman-adv/batctl.nix +++ b/pkgs/os-specific/linux/batman-adv/batctl.nix @@ -1,14 +1,14 @@ { stdenv, fetchurl, pkgconfig, libnl }: let - ver = "2018.4"; + ver = "2019.0"; in stdenv.mkDerivation rec { name = "batctl-${ver}"; src = fetchurl { url = "https://downloads.open-mesh.org/batman/releases/batman-adv-${ver}/${name}.tar.gz"; - sha256 = "0mv2vlzcqfh5yavg2sqncca9iqgxi6llv83wwwsf3d38x2jjff74"; + sha256 = "0cdmb3zkjh8xcsicwyrimwzj8f4x3rjsfzk9im7695pkdw4j2xwr"; }; nativeBuildInputs = [ pkgconfig ]; diff --git a/pkgs/os-specific/linux/batman-adv/default.nix b/pkgs/os-specific/linux/batman-adv/default.nix index 744d42ea9fd..52ef018cbfe 100644 --- a/pkgs/os-specific/linux/batman-adv/default.nix +++ b/pkgs/os-specific/linux/batman-adv/default.nix @@ -1,13 +1,13 @@ { stdenv, fetchurl, kernel }: -let base = "batman-adv-2018.4"; in +let base = "batman-adv-2019.0"; in stdenv.mkDerivation rec { name = "${base}-${kernel.version}"; src = fetchurl { url = "http://downloads.open-mesh.org/batman/releases/${base}/${base}.tar.gz"; - sha256 = "0ka80l3ajfzi9plq50m79d2qpm1rlir4js5hy3g1mkj1gnyb801m"; + sha256 = "1h5xxf6nkdhk9dxf3d4fsasmiahy0y7bhlicyhnppgfdf6kxi5ry"; }; nativeBuildInputs = kernel.moduleBuildDependencies; diff --git a/pkgs/os-specific/linux/bcc/default.nix b/pkgs/os-specific/linux/bcc/default.nix index 5a40368f3ce..d66c5dad771 100644 --- a/pkgs/os-specific/linux/bcc/default.nix +++ b/pkgs/os-specific/linux/bcc/default.nix @@ -4,14 +4,14 @@ }: python.pkgs.buildPythonApplication rec { - version = "0.7.0"; + version = "0.8.0"; name = "bcc-${version}"; src = fetchFromGitHub { owner = "iovisor"; repo = "bcc"; rev = "v${version}"; - sha256 = "1ww7l0chx2ivw9d2ahxjyhxmh6hz3w5z69r4lz02f0361rnrvk7f"; + sha256 = "15vvybllmh9hdj801v3psd671c0qq2a1xdv73kabb9r4fzgaknxk"; }; format = "other"; diff --git a/pkgs/os-specific/linux/busybox/default.nix b/pkgs/os-specific/linux/busybox/default.nix index 5f4efe943ca..73bea1c7da6 100644 --- a/pkgs/os-specific/linux/busybox/default.nix +++ b/pkgs/os-specific/linux/busybox/default.nix @@ -106,5 +106,6 @@ stdenv.mkDerivation rec { license = licenses.gpl2; maintainers = with maintainers; [ ]; platforms = platforms.linux; + priority = 10; }; } diff --git a/pkgs/os-specific/linux/cgmanager/default.nix b/pkgs/os-specific/linux/cgmanager/default.nix index e46aecbd414..9acb011b463 100644 --- a/pkgs/os-specific/linux/cgmanager/default.nix +++ b/pkgs/os-specific/linux/cgmanager/default.nix @@ -22,6 +22,5 @@ stdenv.mkDerivation rec { description = "A central privileged daemon that manages all your cgroups"; license = licenses.lgpl21; platforms = platforms.linux; - maintainers = with maintainers; [ wkennington ]; }; } diff --git a/pkgs/os-specific/linux/conky/default.nix b/pkgs/os-specific/linux/conky/default.nix index 654e565140d..3d7fb43bbd1 100644 --- a/pkgs/os-specific/linux/conky/default.nix +++ b/pkgs/os-specific/linux/conky/default.nix @@ -33,6 +33,7 @@ , rssSupport ? curlSupport , weatherMetarSupport ? curlSupport , weatherXoapSupport ? curlSupport +, journalSupport ? true, systemd ? null , libxml2 ? null }: @@ -51,7 +52,7 @@ assert luaImlib2Support -> luaSupport && imlib2Support assert luaCairoSupport -> luaSupport && toluapp != null && cairo != null; assert luaCairoSupport || luaImlib2Support - -> lua.luaversion == "5.1"; + -> lua.luaversion == "5.3"; assert wirelessSupport -> wirelesstools != null; assert nvidiaSupport -> libXNVCtrl != null; @@ -61,18 +62,19 @@ assert curlSupport -> curl != null; assert rssSupport -> curlSupport && libxml2 != null; assert weatherMetarSupport -> curlSupport; assert weatherXoapSupport -> curlSupport && libxml2 != null; +assert journalSupport -> systemd != null; with stdenv.lib; stdenv.mkDerivation rec { name = "conky-${version}"; - version = "1.11.1"; + version = "1.11.2"; src = fetchFromGitHub { owner = "brndnmtthws"; repo = "conky"; rev = "v${version}"; - sha256 = "00ghxzg78mp7w2y9cxhsdmkab2n7vfg76p6zihiglb2x3h2gjm5x"; + sha256 = "0yalcpwx85smh6nnvxxsgqi344nk7jzlkkam7yjghm87df4v7xmx"; }; postPatch = '' @@ -82,7 +84,7 @@ stdenv.mkDerivation rec { # Drop examples, since they contain non-ASCII characters that break docbook2x :( sed -i 's/ Example: .*$//' doc/config_settings.xml - substituteInPlace cmake/Conky.cmake --replace "#set(RELEASE true)" "set(RELEASE true)" + substituteInPlace cmake/Conky.cmake --replace "# set(RELEASE true)" "set(RELEASE true)" ''; NIX_LDFLAGS = "-lgcc_s"; @@ -103,6 +105,7 @@ stdenv.mkDerivation rec { ++ optional weatherXoapSupport libxml2 ++ optional nvidiaSupport libXNVCtrl ++ optional pulseSupport libpulseaudio + ++ optional journalSupport systemd ; cmakeFlags = [] @@ -123,6 +126,7 @@ stdenv.mkDerivation rec { ++ optional wirelessSupport "-DBUILD_WLAN=ON" ++ optional nvidiaSupport "-DBUILD_NVIDIA=ON" ++ optional pulseSupport "-DBUILD_PULSEAUDIO=ON" + ++ optional journalSupport "-DBUILD_JOURNAL=ON" ; # `make -f src/CMakeFiles/conky.dir/build.make src/CMakeFiles/conky.dir/conky.cc.o`: diff --git a/pkgs/os-specific/linux/cpupower/default.nix b/pkgs/os-specific/linux/cpupower/default.nix index 2b8efe7e744..1b307da8cb8 100644 --- a/pkgs/os-specific/linux/cpupower/default.nix +++ b/pkgs/os-specific/linux/cpupower/default.nix @@ -1,9 +1,8 @@ { stdenv, buildPackages, kernel, pciutils, gettext }: stdenv.mkDerivation { - name = "cpupower-${kernel.version}"; - - src = kernel.src; + pname = "cpupower"; + inherit (kernel) version src; nativeBuildInputs = [ gettext ]; buildInputs = [ pciutils ]; @@ -17,16 +16,18 @@ stdenv.mkDerivation { makeFlags = [ "CROSS=${stdenv.cc.targetPrefix}" ]; - installFlags = [ - "bindir=$(out)/bin" - "sbindir=$(out)/sbin" - "mandir=$(out)/share/man" - "includedir=$(out)/include" - "libdir=$(out)/lib" - "localedir=$(out)/share/locale" - "docdir=$(out)/share/doc/cpupower" - "confdir=$(out)/etc" - ]; + installFlags = stdenv.lib.mapAttrsToList + (n: v: "${n}dir=${placeholder "out"}/${v}") { + bin = "bin"; + sbin = "sbin"; + man = "share/man"; + include = "include"; + lib = "lib"; + locale = "share/locale"; + doc = "share/doc/cpupower"; + conf = "etc"; + bash_completion_ = "share/bash-completion/completions"; + }; enableParallelBuilding = true; diff --git a/pkgs/os-specific/linux/directvnc/default.nix b/pkgs/os-specific/linux/directvnc/default.nix index b11a4d6d8f2..e8c1e9bfe5e 100644 --- a/pkgs/os-specific/linux/directvnc/default.nix +++ b/pkgs/os-specific/linux/directvnc/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, autoreconfHook, pkgconfig, directfb, zlib, libjpeg, xproto }: +{ stdenv, fetchFromGitHub, autoreconfHook, pkgconfig, directfb, zlib, libjpeg, xorgproto }: stdenv.mkDerivation rec { name = "directvnc-${version}"; @@ -13,7 +13,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ autoreconfHook pkgconfig ]; - buildInputs = [ directfb zlib libjpeg xproto ]; + buildInputs = [ directfb zlib libjpeg xorgproto ]; meta = with stdenv.lib; { description = "DirectFB VNC client"; diff --git a/pkgs/os-specific/linux/edac-utils/default.nix b/pkgs/os-specific/linux/edac-utils/default.nix index 0f8826ecf8d..eabd0848553 100644 --- a/pkgs/os-specific/linux/edac-utils/default.nix +++ b/pkgs/os-specific/linux/edac-utils/default.nix @@ -33,6 +33,5 @@ stdenv.mkDerivation { description = "Handles the reporting of hardware-related memory errors"; license = licenses.gpl2; platforms = platforms.linux; - maintainers = with maintainers; [ wkennington ]; }; } diff --git a/pkgs/os-specific/linux/exfat/default.nix b/pkgs/os-specific/linux/exfat/default.nix index 8cc481334e3..036cd3f28a1 100644 --- a/pkgs/os-specific/linux/exfat/default.nix +++ b/pkgs/os-specific/linux/exfat/default.nix @@ -1,4 +1,4 @@ -{ stdenv, lib, fetchFromGitHub, kernel }: +{ stdenv, lib, fetchFromGitHub, fetchpatch, kernel }: # Upstream build for kernel 4.1 is broken, 3.12 and below seems to be working @@ -27,12 +27,20 @@ stdenv.mkDerivation rec { install -m644 -b -D exfat.ko $out/lib/modules/${kernel.modDirVersion}/kernel/fs/exfat/exfat.ko ''; + patches = [ + # fix compile-errors in 4.18 and 4.20 + # ref: https://github.com/dorimanx/exfat-nofuse/pull/137 + (fetchpatch { + url = https://github.com/dorimanx/exfat-nofuse/compare/01c30ad52625a7261e1b0d874553b6ca7af25966...f93a47e6414d567a1e7f6ab7f34b015b20f9a050.patch ; + sha256 = "0w57pi9h6dwjxfgc3zpwy6sr4zw42hn1zj72f7wgfpqrx6d8xkh5"; + } ) + ]; + meta = { description = "exfat kernel module"; homepage = https://github.com/dorimanx/exfat-nofuse; license = lib.licenses.gpl2; maintainers = with lib.maintainers; [ makefu ]; platforms = lib.platforms.linux; - broken = stdenv.lib.versionAtLeast kernel.version "4.18"; }; } diff --git a/pkgs/os-specific/linux/ffado/default.nix b/pkgs/os-specific/linux/ffado/default.nix index 761ca564584..027706c25b7 100644 --- a/pkgs/os-specific/linux/ffado/default.nix +++ b/pkgs/os-specific/linux/ffado/default.nix @@ -61,7 +61,7 @@ stdenv.mkDerivation rec { homepage = http://www.ffado.org; description = "FireWire audio drivers"; license = licenses.gpl3; - maintainers = with maintainers; [ goibhniu wkennington ]; + maintainers = with maintainers; [ goibhniu ]; platforms = platforms.linux; }; } diff --git a/pkgs/os-specific/linux/firmware/fwupd/add-option-for-installation-sysconfdir.patch b/pkgs/os-specific/linux/firmware/fwupd/add-option-for-installation-sysconfdir.patch index 44369dc5117..d77053f5d39 100644 --- a/pkgs/os-specific/linux/firmware/fwupd/add-option-for-installation-sysconfdir.patch +++ b/pkgs/os-specific/linux/firmware/fwupd/add-option-for-installation-sysconfdir.patch @@ -1,4 +1,4 @@ -From 2fe9625cc6dec10531482a3947ef75009eb21489 Mon Sep 17 00:00:00 2001 +From 44887227f7f617cbf84713ec45685cb4999039ff Mon Sep 17 00:00:00 2001 From: Jan Tojnar <jtojnar@gmail.com> Date: Tue, 30 Oct 2018 22:26:30 +0100 Subject: [PATCH] build: Add option for installation sysconfdir @@ -17,17 +17,17 @@ prefix only to `make install`, but Meson does not support anything like that. Until we manage to convince Meson to support install flags, we need to create our own install flag. --- - data/meson.build | 4 ++-- - data/pki/meson.build | 8 ++++---- - data/remotes.d/meson.build | 6 +++--- - meson.build | 6 ++++++ - meson_options.txt | 1 + - plugins/redfish/meson.build | 2 +- - plugins/uefi/meson.build | 2 +- + data/meson.build | 4 ++-- + data/pki/meson.build | 8 ++++---- + data/remotes.d/meson.build | 6 +++--- + meson.build | 6 ++++++ + meson_options.txt | 1 + + plugins/redfish/meson.build | 2 +- + plugins/uefi/meson.build | 2 +- 7 files changed, 18 insertions(+), 11 deletions(-) diff --git a/data/meson.build b/data/meson.build -index 8dd2ac9ad..d4ad1cbc1 100644 +index 8dd2ac9a..d4ad1cbc 100644 --- a/data/meson.build +++ b/data/meson.build @@ -9,7 +9,7 @@ if get_option('tests') and get_option('daemon') @@ -49,7 +49,7 @@ index 8dd2ac9ad..d4ad1cbc1 100644 install_data(['metadata.xml'], diff --git a/data/pki/meson.build b/data/pki/meson.build -index eefcc9142..dc801fa18 100644 +index eefcc914..dc801fa1 100644 --- a/data/pki/meson.build +++ b/data/pki/meson.build @@ -4,14 +4,14 @@ if get_option('gpg') @@ -85,7 +85,7 @@ index eefcc9142..dc801fa18 100644 endif diff --git a/data/remotes.d/meson.build b/data/remotes.d/meson.build -index 824291fc5..d0599a00a 100644 +index 824291fc..d0599a00 100644 --- a/data/remotes.d/meson.build +++ b/data/remotes.d/meson.build @@ -3,7 +3,7 @@ if get_option('daemon') and get_option('lvfs') @@ -113,10 +113,10 @@ index 824291fc5..d0599a00a 100644 + install_dir: join_paths(sysconfdir_install, 'fwupd', 'remotes.d'), ) diff --git a/meson.build b/meson.build -index 737841f1a..23bd7a2e3 100644 +index b6df98b3..d672ee37 100644 --- a/meson.build +++ b/meson.build -@@ -144,6 +144,12 @@ localstatedir = join_paths(prefix, get_option('localstatedir')) +@@ -145,6 +145,12 @@ localstatedir = join_paths(prefix, get_option('localstatedir')) mandir = join_paths(prefix, get_option('mandir')) localedir = join_paths(prefix, get_option('localedir')) @@ -130,7 +130,7 @@ index 737841f1a..23bd7a2e3 100644 if gio.version().version_compare ('>= 2.55.0') conf.set('HAVE_GIO_2_55_0', '1') diff --git a/meson_options.txt b/meson_options.txt -index 23ef8cdb8..db8f93b6c 100644 +index 23ef8cdb..db8f93b6 100644 --- a/meson_options.txt +++ b/meson_options.txt @@ -17,6 +17,7 @@ option('plugin_uefi', type : 'boolean', value : true, description : 'enable UEFI @@ -142,10 +142,10 @@ index 23ef8cdb8..db8f93b6c 100644 option('udevdir', type: 'string', value: '', description: 'Directory for udev rules') option('efi-cc', type : 'string', value : 'gcc', description : 'the compiler to use for EFI modules') diff --git a/plugins/redfish/meson.build b/plugins/redfish/meson.build -index 288f614e4..90cfe6484 100644 +index ef07bd81..d2c7e259 100644 --- a/plugins/redfish/meson.build +++ b/plugins/redfish/meson.build -@@ -22,7 +22,7 @@ shared_module('fu_plugin_redfish', +@@ -25,7 +25,7 @@ shared_module('fu_plugin_redfish', ) install_data(['redfish.conf'], @@ -155,10 +155,10 @@ index 288f614e4..90cfe6484 100644 if get_option('tests') diff --git a/plugins/uefi/meson.build b/plugins/uefi/meson.build -index c037e1b30..a0e8cd3e6 100644 +index 09ebdf82..02fc0661 100644 --- a/plugins/uefi/meson.build +++ b/plugins/uefi/meson.build -@@ -69,7 +69,7 @@ executable( +@@ -73,7 +73,7 @@ executable( ) install_data(['uefi.conf'], @@ -167,3 +167,5 @@ index c037e1b30..a0e8cd3e6 100644 ) if get_option('tests') +-- +2.19.1 diff --git a/pkgs/os-specific/linux/firmware/fwupd/default.nix b/pkgs/os-specific/linux/firmware/fwupd/default.nix index de0a1e2ee0d..cf6e2bf6040 100644 --- a/pkgs/os-specific/linux/firmware/fwupd/default.nix +++ b/pkgs/os-specific/linux/firmware/fwupd/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, gtk-doc, pkgconfig, gobject-introspection, intltool +{ stdenv, fetchurl, substituteAll, gtk-doc, pkgconfig, gobject-introspection, intltool , libgudev, polkit, libxmlb, gusb, sqlite, libarchive, glib-networking , libsoup, help2man, gpgme, libxslt, elfutils, libsmbios, efivar, glibcLocales , gnu-efi, libyaml, valgrind, meson, libuuid, colord, docbook_xml_dtd_43, docbook_xsl @@ -6,20 +6,23 @@ , shared-mime-info, umockdev, vala, makeFontsConf, freefont_ttf , cairo, freetype, fontconfig, pango }: + +# Updating? Keep $out/etc synchronized with passthru.filesInstalledToEtc + let - # Updating? Keep $out/etc synchronized with passthru.filesInstalledToEtc - version = "1.2.1"; python = python3.withPackages (p: with p; [ pygobject3 pycairo pillow ]); installedTestsPython = python3.withPackages (p: with p; [ pygobject3 requests ]); fontsConf = makeFontsConf { fontDirectories = [ freefont_ttf ]; }; -in stdenv.mkDerivation { - name = "fwupd-${version}"; +in stdenv.mkDerivation rec { + pname = "fwupd"; + version = "1.2.3"; + src = fetchurl { url = "https://people.freedesktop.org/~hughsient/releases/fwupd-${version}.tar.xz"; - sha256 = "126b3lsh4gkyajsqm2c8l6wqr4dd7m26krz2527khmlps0lxdhg1"; + sha256 = "11qpgincndahq96rbm2kgcy9kw5n9cmbbilsrqcqcyk7mvv464sl"; }; outputs = [ "out" "lib" "dev" "devdoc" "man" "installedTests" ]; @@ -39,15 +42,27 @@ in stdenv.mkDerivation { patches = [ ./fix-paths.patch ./add-option-for-installation-sysconfdir.patch + + # installed tests are installed to different output + # we also cannot have fwupd-tests.conf in $out/etc since it would form a cycle + (substituteAll { + src = ./installed-tests-path.patch; + # needs a different set of modules than po/make-images + inherit installedTestsPython; + }) ]; postPatch = '' - # needs a different set of modules than po/make-images - escapedInterpreterLine=$(echo "${installedTestsPython}/bin/python3" | sed 's|\\|\\\\|g') - sed -i -e "1 s|.*|#\!$escapedInterpreterLine|" data/installed-tests/hardware.py - patchShebangs . - substituteInPlace data/installed-tests/fwupdmgr.test.in --subst-var-by installedtestsdir "$installedTests/share/installed-tests/fwupd" + + # we cannot use placeholder in substituteAll + # https://github.com/NixOS/nix/issues/1846 + substituteInPlace data/installed-tests/meson.build --subst-var installedTests + + # install plug-ins to out, they are not really part of the library + substituteInPlace meson.build \ + --replace "plugin_dir = join_paths(libdir, 'fwupd-plugins-3')" \ + "plugin_dir = join_paths('${placeholder "out"}', 'fwupd_plugins-3')" ''; # /etc/os-release not available in sandbox diff --git a/pkgs/os-specific/linux/firmware/fwupd/installed-tests-path.patch b/pkgs/os-specific/linux/firmware/fwupd/installed-tests-path.patch new file mode 100644 index 00000000000..6c4b6b62a0c --- /dev/null +++ b/pkgs/os-specific/linux/firmware/fwupd/installed-tests-path.patch @@ -0,0 +1,25 @@ +--- a/data/installed-tests/hardware.py ++++ b/data/installed-tests/hardware.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/python3 ++#!@installedTestsPython@/bin/python3 + # pylint: disable=wrong-import-position,too-many-locals,unused-argument,wrong-import-order + # + # Copyright (C) 2017 Richard Hughes <richard@hughsie.com> +--- a/data/installed-tests/meson.build ++++ b/data/installed-tests/meson.build +@@ -1,6 +1,6 @@ + con2 = configuration_data() + con2.set('installedtestsdir', +- join_paths(datadir, 'installed-tests', 'fwupd')) ++ join_paths('@installedTests@', 'share', 'installed-tests', 'fwupd')) + con2.set('bindir', bindir) + + configure_file( +@@ -52,5 +52,5 @@ + output : 'fwupd-tests.conf', + configuration : con2, + install: true, +- install_dir: join_paths(sysconfdir, 'fwupd', 'remotes.d'), ++ install_dir: join_paths('@installedTests@', 'etc', 'fwupd', 'remotes.d'), + ) diff --git a/pkgs/os-specific/linux/fwts/default.nix b/pkgs/os-specific/linux/fwts/default.nix index daeda5fa8c0..fb609f4a727 100644 --- a/pkgs/os-specific/linux/fwts/default.nix +++ b/pkgs/os-specific/linux/fwts/default.nix @@ -3,11 +3,11 @@ stdenv.mkDerivation rec { name = "fwts-${version}"; - version = "18.12.00"; + version = "19.01.00"; src = fetchzip { url = "http://fwts.ubuntu.com/release/fwts-V${version}.tar.gz"; - sha256 = "10kzn5r099i4b8m5l7s68fs885d126l9cingq9gj1g574c18hg2s"; + sha256 = "00vixb8kml5hgdqscqr9biwbvivfjwpf1fk53425kdqzyg6bqsmq"; stripRoot = false; }; diff --git a/pkgs/os-specific/linux/guvcview/default.nix b/pkgs/os-specific/linux/guvcview/default.nix index 4b9c37686c1..1afd1078c03 100644 --- a/pkgs/os-specific/linux/guvcview/default.nix +++ b/pkgs/os-specific/linux/guvcview/default.nix @@ -5,12 +5,12 @@ assert pulseaudioSupport -> libpulseaudio != null; stdenv.mkDerivation rec { - version = "2.0.5"; + version = "2.0.6"; name = "guvcview-${version}"; src = fetchurl { url = "mirror://sourceforge/project/guvcview/source/guvcview-src-${version}.tar.gz"; - sha256 = "a86beb5993a8449ed3cbcc6ec2a238ef0b90138b6cbe2afab4456d37f44c41a0"; + sha256 = "11byyfpkcik7wvf2qic77zjamfr2rhji97dpj1gy2fg1bvpiqf4m"; }; buildInputs = diff --git a/pkgs/os-specific/linux/hostapd/default.nix b/pkgs/os-specific/linux/hostapd/default.nix index 8ae082ba9d4..3a6e0a08103 100644 --- a/pkgs/os-specific/linux/hostapd/default.nix +++ b/pkgs/os-specific/linux/hostapd/default.nix @@ -115,7 +115,7 @@ stdenv.mkDerivation rec { repositories.git = git://w1.fi/hostap.git; description = "A user space daemon for access point and authentication servers"; license = licenses.gpl2; - maintainers = with maintainers; [ phreedom wkennington ]; + maintainers = with maintainers; [ phreedom ]; platforms = platforms.linux; }; } diff --git a/pkgs/os-specific/linux/iproute/default.nix b/pkgs/os-specific/linux/iproute/default.nix index 4fd2b2a9124..c324e1e27e9 100644 --- a/pkgs/os-specific/linux/iproute/default.nix +++ b/pkgs/os-specific/linux/iproute/default.nix @@ -50,6 +50,6 @@ stdenv.mkDerivation rec { description = "A collection of utilities for controlling TCP/IP networking and traffic control in Linux"; platforms = platforms.linux; license = licenses.gpl2; - maintainers = with maintainers; [ eelco wkennington fpletz ]; + maintainers = with maintainers; [ eelco fpletz ]; }; } diff --git a/pkgs/os-specific/linux/ipset/default.nix b/pkgs/os-specific/linux/ipset/default.nix index e64840ac369..0ae971b6a69 100644 --- a/pkgs/os-specific/linux/ipset/default.nix +++ b/pkgs/os-specific/linux/ipset/default.nix @@ -18,6 +18,5 @@ stdenv.mkDerivation rec { description = "Administration tool for IP sets"; license = licenses.gpl2; platforms = platforms.linux; - maintainers = with maintainers; [ wkennington ]; }; } diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix index c098571bb60..1a56e68fa4b 100644 --- a/pkgs/os-specific/linux/kernel/common-config.nix +++ b/pkgs/os-specific/linux/kernel/common-config.nix @@ -12,23 +12,12 @@ # Configuration { stdenv, version -# to let user override values, aka converting modules to included and vice-versa -, mkValueOverride ? null - -# new extraConfig as a flattened set -, structuredExtraConfig ? {} - -# legacy extraConfig as string -, extraConfig ? "" - , features ? { grsecurity = false; xen_dom0 = false; } }: -assert (mkValueOverride == null) || (builtins.isFunction mkValueOverride); - with stdenv.lib; -with import ../../../../lib/kernel.nix { inherit (stdenv) lib; inherit version; }; + with import ../../../../lib/kernel.nix { inherit (stdenv) lib; inherit version; }; let @@ -46,7 +35,7 @@ let DEBUG_NX_TEST = whenOlder "4.11" no; CPU_NOTIFIER_ERROR_INJECT = whenOlder "4.4" (option no); DEBUG_STACK_USAGE = no; - DEBUG_STACKOVERFLOW = when (!features.grsecurity) no; + DEBUG_STACKOVERFLOW = mkIf (!features.grsecurity) no; RCU_TORTURE_TEST = no; SCHEDSTATS = no; DETECT_HUNG_TASK = yes; @@ -88,9 +77,9 @@ let # Include the CFQ I/O scheduler in the kernel, rather than as a # module, so that the initrd gets a good I/O scheduler. scheduler = { - IOSCHED_CFQ = yes; + IOSCHED_CFQ = whenOlder "5.0" yes; # Removed in 5.0-RC1 BLK_CGROUP = yes; # required by CFQ" - IOSCHED_DEADLINE = yes; + IOSCHED_DEADLINE = whenOlder "5.0" yes; # Removed in 5.0-RC1 MQ_IOSCHED_DEADLINE = whenAtLeast "4.11" yes; BFQ_GROUP_IOSCHED = whenAtLeast "4.12" yes; MQ_IOSCHED_KYBER = whenAtLeast "4.12" yes; @@ -114,7 +103,7 @@ let IP_DCCP_CCID3 = no; # experimental CLS_U32_PERF = yes; CLS_U32_MARK = yes; - BPF_JIT = when (stdenv.hostPlatform.system == "x86_64-linux") yes; + BPF_JIT = mkIf (stdenv.hostPlatform.system == "x86_64-linux") yes; WAN = yes; # Required by systemd per-cgroup firewalling CGROUP_BPF = option yes; @@ -184,7 +173,7 @@ let FB_VESA = yes; FRAMEBUFFER_CONSOLE = yes; FRAMEBUFFER_CONSOLE_ROTATION = yes; - FB_GEODE = when (stdenv.hostPlatform.system == "i686-linux") yes; + FB_GEODE = mkIf (stdenv.hostPlatform.system == "i686-linux") yes; }; video = { @@ -239,7 +228,7 @@ let }; usb = { - USB_DEBUG = option (whenOlder "4.18" no); + USB_DEBUG = { optional = true; tristate = whenOlder "4.18" "n";}; USB_EHCI_ROOT_HUB_TT = yes; # Root Hub Transaction Translators USB_EHCI_TT_NEWSCHED = yes; # Improved transaction translator scheduling }; @@ -250,7 +239,7 @@ let FANOTIFY = yes; TMPFS = yes; TMPFS_POSIX_ACL = yes; - FS_ENCRYPTION = option (whenAtLeast "4.9" module); + FS_ENCRYPTION = { optional = true; tristate = whenAtLeast "4.9" "m"; }; EXT2_FS_XATTR = yes; EXT2_FS_POSIX_ACL = yes; @@ -262,7 +251,7 @@ let EXT4_FS_POSIX_ACL = yes; EXT4_FS_SECURITY = yes; - EXT4_ENCRYPTION = option ((if (versionOlder version "4.8") then module else yes)); + EXT4_ENCRYPTION = { optional = true; tristate = if (versionOlder version "4.8") then "m" else "y"; }; REISERFS_FS_XATTR = option yes; REISERFS_FS_POSIX_ACL = option yes; @@ -320,10 +309,11 @@ let SQUASHFS_LZO = yes; SQUASHFS_XZ = yes; SQUASHFS_LZ4 = yes; + SQUASHFS_ZSTD = whenAtLeast "4.14" yes; # Native Language Support modules, needed by some filesystems NLS = yes; - NLS_DEFAULT = "utf8"; + NLS_DEFAULT = freeform "utf8"; NLS_UTF8 = module; NLS_CODEPAGE_437 = module; # VFAT default for the codepage= mount option NLS_ISO8859_1 = module; # VFAT default for the iocharset= mount option @@ -333,13 +323,13 @@ let security = { # Detect writes to read-only module pages - DEBUG_SET_MODULE_RONX = option (whenOlder "4.11" yes); + DEBUG_SET_MODULE_RONX = { optional = true; tristate = whenOlder "4.11" "y"; }; RANDOMIZE_BASE = option yes; STRICT_DEVMEM = option yes; # Filter access to /dev/mem - SECURITY_SELINUX_BOOTPARAM_VALUE = "0"; # Disable SELinux by default + SECURITY_SELINUX_BOOTPARAM_VALUE = freeform "0"; # Disable SELinux by default # Prevent processes from ptracing non-children processes SECURITY_YAMA = option yes; - DEVKMEM = when (!features.grsecurity) no; # Disable /dev/kmem + DEVKMEM = mkIf (!features.grsecurity) no; # Disable /dev/kmem USER_NS = yes; # Support for user namespaces @@ -349,7 +339,7 @@ let } // optionalAttrs (!stdenv.hostPlatform.isAarch32) { # Detect buffer overflows on the stack - CC_STACKPROTECTOR_REGULAR = option (whenOlder "4.18" yes); + CC_STACKPROTECTOR_REGULAR = {optional = true; tristate = whenOlder "4.18" "y";}; }; microcode = { @@ -365,7 +355,7 @@ let # https://lwn.net/Articles/682582/ # https://bugzilla.kernel.org/show_bug.cgi?id=12309#c655 BLK_WBT = yes; - BLK_WBT_SQ = yes; + BLK_WBT_SQ = whenOlder "5.0" yes; # Removed in 5.0-RC1 BLK_WBT_MQ = yes; }; @@ -382,7 +372,7 @@ let DEVPTS_MULTIPLE_INSTANCES = whenOlder "4.7" yes; BLK_DEV_THROTTLING = yes; - CFQ_GROUP_IOSCHED = yes; + CFQ_GROUP_IOSCHED = whenOlder "5.0" yes; # Removed in 5.0-RC1 CGROUP_PIDS = whenAtLeast "4.3" yes; }; @@ -406,8 +396,8 @@ let FTRACE_SYSCALLS = yes; SCHED_TRACER = yes; STACK_TRACER = yes; - UPROBE_EVENT = option (whenOlder "4.11" yes); - UPROBE_EVENTS = option (whenAtLeast "4.11" yes); + UPROBE_EVENT = { optional = true; tristate = whenOlder "4.11" "y";}; + UPROBE_EVENTS = { optional = true; tristate = whenAtLeast "4.11" "y";}; BPF_SYSCALL = whenAtLeast "4.4" yes; BPF_EVENTS = whenAtLeast "4.4" yes; FUNCTION_PROFILER = yes; @@ -417,23 +407,23 @@ let virtualisation = { PARAVIRT = option yes; - HYPERVISOR_GUEST = when (!features.grsecurity) yes; + HYPERVISOR_GUEST = mkIf (!features.grsecurity) yes; PARAVIRT_SPINLOCKS = option yes; KVM_APIC_ARCHITECTURE = whenOlder "4.8" yes; KVM_ASYNC_PF = yes; - KVM_COMPAT = option (whenBetween "4.0" "4.12" yes); - KVM_DEVICE_ASSIGNMENT = option (whenBetween "3.10" "4.12" yes); + KVM_COMPAT = { optional = true; tristate = whenBetween "4.0" "4.12" "y"; }; + KVM_DEVICE_ASSIGNMENT = { optional = true; tristate = whenBetween "3.10" "4.12" "y"; }; KVM_GENERIC_DIRTYLOG_READ_PROTECT = whenAtLeast "4.0" yes; - KVM_GUEST = when (!features.grsecurity) yes; + KVM_GUEST = mkIf (!features.grsecurity) yes; KVM_MMIO = yes; KVM_VFIO = yes; KSM = yes; VIRT_DRIVERS = yes; # We nneed 64 GB (PAE) support for Xen guest support - HIGHMEM64G = option (when (!stdenv.is64bit) yes); + HIGHMEM64G = { optional = true; tristate = mkIf (!stdenv.is64bit) "y";}; - VFIO_PCI_VGA = when stdenv.is64bit yes; + VFIO_PCI_VGA = mkIf stdenv.is64bit yes; } // optionalAttrs (stdenv.isx86_64 || stdenv.isi686) ({ XEN = option yes; @@ -466,7 +456,7 @@ let MEDIA_DIGITAL_TV_SUPPORT = yes; MEDIA_CAMERA_SUPPORT = yes; MEDIA_RC_SUPPORT = whenOlder "4.14" yes; - MEDIA_CONTROLLER = yes; + MEDIA_CONTROLLER = yes; MEDIA_PCI_SUPPORT = yes; MEDIA_USB_SUPPORT = yes; MEDIA_ANALOG_TV_SUPPORT = yes; @@ -541,8 +531,8 @@ let CRYPTO_TEST = option no; EFI_TEST = option no; GLOB_SELFTEST = option no; - DRM_DEBUG_MM_SELFTEST = option (whenOlder "4.18" no); - LNET_SELFTEST = option (whenOlder "4.18" no); + DRM_DEBUG_MM_SELFTEST = { optional = true; tristate = whenOlder "4.18" "n";}; + LNET_SELFTEST = { optional = true; tristate = whenOlder "4.18" "n";}; LOCK_TORTURE_TEST = option no; MTD_TESTS = option no; NOTIFIER_ERROR_INJECTION = option no; @@ -597,7 +587,7 @@ let AIC79XX_DEBUG_ENABLE = no; AIC7XXX_DEBUG_ENABLE = no; AIC94XX_DEBUG = no; - B43_PCMCIA = option (whenOlder "4.4" yes); + B43_PCMCIA = { optional=true; tristate = whenOlder "4.4" "y";}; BLK_DEV_INTEGRITY = yes; @@ -650,7 +640,7 @@ let # GPIO on Intel Bay Trail, for some Chromebook internal eMMC disks PINCTRL_BAYTRAIL = yes; # 8 is default. Modern gpt tables on eMMC may go far beyond 8. - MMC_BLOCK_MINORS = "32"; + MMC_BLOCK_MINORS = freeform "32"; REGULATOR = yes; # Voltage and Current Regulator Support RC_DEVICES = option yes; # Enable IR devices @@ -687,9 +677,18 @@ let HOTPLUG_PCI_PCIE = yes; # PCI-Expresscard hotplug support } // optionalAttrs (stdenv.hostPlatform.system == "x86_64-linux" || stdenv.hostPlatform.system == "aarch64-linux") { + # Enable memory hotplug support + # Allows you to dynamically add & remove memory to a VM client running NixOS without requiring a reboot + ACPI_HOTPLUG_MEMORY = yes; + MEMORY_HOTPLUG = yes; + MEMORY_HOTREMOVE = yes; + MIGRATION = yes; + SPARSEMEM = yes; + # Bump the maximum number of CPUs to support systems like EC2 x1.* # instances and Xeon Phi. - NR_CPUS = "384"; + NR_CPUS = freeform "384"; }; }; -in (generateNixKConf ((flattenKConf options) // structuredExtraConfig) mkValueOverride) + extraConfig +in + flattenKConf options diff --git a/pkgs/os-specific/linux/kernel/generic.nix b/pkgs/os-specific/linux/kernel/generic.nix index 3f6479c572b..df9a628f83d 100644 --- a/pkgs/os-specific/linux/kernel/generic.nix +++ b/pkgs/os-specific/linux/kernel/generic.nix @@ -47,7 +47,6 @@ , preferBuiltin ? stdenv.hostPlatform.platform.kernelPreferBuiltin or false , kernelArch ? stdenv.hostPlatform.platform.kernelArch -, mkValueOverride ? null , ... }: @@ -65,22 +64,29 @@ let netfilterRPFilter = true; grsecurity = false; xen_dom0 = false; + ia32Emulation = true; } // features) kernelPatches; - intermediateNixConfig = import ./common-config.nix { - inherit stdenv version structuredExtraConfig mkValueOverride; - - # append extraConfig for backwards compatibility but also means the user can't override the kernelExtraConfig part - extraConfig = extraConfig + lib.optionalString (stdenv.hostPlatform.platform ? kernelExtraConfig) stdenv.hostPlatform.platform.kernelExtraConfig; + commonStructuredConfig = import ./common-config.nix { + inherit stdenv version ; features = kernelFeatures; # Ensure we know of all extra patches, etc. }; - kernelConfigFun = baseConfig: + intermediateNixConfig = configfile.moduleStructuredConfig.intermediateNixConfig + # extra config in legacy string format + + extraConfig + + lib.optionalString (stdenv.hostPlatform.platform ? kernelExtraConfig) stdenv.hostPlatform.platform.kernelExtraConfig; + + structuredConfigFromPatches = + map ({extraStructuredConfig ? {}, ...}: {settings=extraStructuredConfig;}) kernelPatches; + + # appends kernel patches extraConfig + kernelConfigFun = baseConfigStr: let configFromPatches = map ({extraConfig ? "", ...}: extraConfig) kernelPatches; - in lib.concatStringsSep "\n" ([baseConfig] ++ configFromPatches); + in lib.concatStringsSep "\n" ([baseConfigStr] ++ configFromPatches); configfile = stdenv.mkDerivation { inherit ignoreConfigErrors autoModules preferBuiltin kernelArch; @@ -130,7 +136,30 @@ let installPhase = "mv $buildRoot/.config $out"; enableParallelBuilding = true; - }; + + passthru = rec { + + module = import ../../../../nixos/modules/system/boot/kernel_config.nix; + # used also in apache + # { modules = [ { options = res.options; config = svc.config or svc; } ]; + # check = false; + # The result is a set of two attributes + moduleStructuredConfig = (lib.evalModules { + modules = [ + module + { settings = commonStructuredConfig; } + { settings = structuredExtraConfig; } + ] + ++ structuredConfigFromPatches + ; + }).config; + + # + structuredConfig = moduleStructuredConfig.settings; + }; + + + }; # end of configfile derivation kernel = (callPackage ./manual-config.nix {}) { inherit version modDirVersion src kernelPatches stdenv extraMeta configfile; @@ -140,6 +169,7 @@ let passthru = { features = kernelFeatures; + inherit commonStructuredConfig; passthru = kernel.passthru // (removeAttrs passthru [ "passthru" ]); }; diff --git a/pkgs/os-specific/linux/kernel/hardened-config.nix b/pkgs/os-specific/linux/kernel/hardened-config.nix index ed540a9e751..f1f18c64130 100644 --- a/pkgs/os-specific/linux/kernel/hardened-config.nix +++ b/pkgs/os-specific/linux/kernel/hardened-config.nix @@ -11,138 +11,110 @@ { stdenv, version }: with stdenv.lib; +with import ../../../../lib/kernel.nix { inherit (stdenv) lib; inherit version; }; assert (versionAtLeast version "4.9"); -'' -# Report BUG() conditions and kill the offending process. -BUG y - -${optionalString (versionAtLeast version "4.10") '' - BUG_ON_DATA_CORRUPTION y -''} - -${optionalString (stdenv.hostPlatform.platform.kernelArch == "x86_64") '' - DEFAULT_MMAP_MIN_ADDR 65536 # Prevent allocation of first 64K of memory +optionalAttrs (stdenv.hostPlatform.platform.kernelArch == "x86_64") { + DEFAULT_MMAP_MIN_ADDR = freeform "65536"; # Prevent allocation of first 64K of memory # Reduce attack surface by disabling various emulations - IA32_EMULATION n - X86_X32 n + IA32_EMULATION = no; + X86_X32 = no; # Note: this config depends on EXPERT y and so will not take effect, hence # it is left "optional" for now. - MODIFY_LDT_SYSCALL? n - - VMAP_STACK y # Catch kernel stack overflows + MODIFY_LDT_SYSCALL = option no; + VMAP_STACK = yes; # Catch kernel stack overflows # Randomize position of kernel and memory. - RANDOMIZE_BASE y - RANDOMIZE_MEMORY y + RANDOMIZE_BASE = yes; + RANDOMIZE_MEMORY = yes; # Disable legacy virtual syscalls by default (modern glibc use vDSO instead). # # Note that the vanilla default is to *emulate* the legacy vsyscall mechanism, # which is supposed to be safer than the native variant (wrt. ret2libc), so # disabling it mainly helps reduce surface. - LEGACY_VSYSCALL_NONE y -''} - -# Safer page access permissions (wrt. code injection). Default on >=4.11. -${optionalString (versionOlder version "4.11") '' - DEBUG_RODATA y - DEBUG_SET_MODULE_RONX y -''} - -# Mark LSM hooks read-only after init. SECURITY_WRITABLE_HOOKS n -# conflicts with SECURITY_SELINUX_DISABLE y; disabling the latter -# implicitly marks LSM hooks read-only after init. -# -# SELinux can only be disabled at boot via selinux=0 -# -# We set SECURITY_WRITABLE_HOOKS n primarily for documentation purposes; the -# config builder fails to detect that it has indeed been unset. -${optionalString (versionAtLeast version "4.12") '' - SECURITY_SELINUX_DISABLE n - SECURITY_WRITABLE_HOOKS? n -''} - -DEBUG_WX y # boot-time warning on RWX mappings -${optionalString (versionAtLeast version "4.11") '' - STRICT_KERNEL_RWX y -''} - -# Stricter /dev/mem -STRICT_DEVMEM? y -IO_STRICT_DEVMEM? y - -# Perform additional validation of commonly targeted structures. -DEBUG_CREDENTIALS y -DEBUG_NOTIFIERS y -DEBUG_LIST y -DEBUG_PI_LIST y # doesn't BUG() -DEBUG_SG y -SCHED_STACK_END_CHECK y - -${optionalString (versionAtLeast version "4.13") '' - REFCOUNT_FULL y -''} - -# Perform usercopy bounds checking. -HARDENED_USERCOPY y -${optionalString (versionAtLeast version "4.16") '' - HARDENED_USERCOPY_FALLBACK n # for full whitelist enforcement -''} - -# Randomize allocator freelists. -SLAB_FREELIST_RANDOM y - -${optionalString (versionAtLeast version "4.14") '' - SLAB_FREELIST_HARDENED y -''} - -# Allow enabling slub/slab free poisoning with slub_debug=P -SLUB_DEBUG y - -# Wipe higher-level memory allocations on free() with page_poison=1 -PAGE_POISONING y -PAGE_POISONING_NO_SANITY y -PAGE_POISONING_ZERO y - -# Reboot devices immediately if kernel experiences an Oops. -PANIC_ON_OOPS y -PANIC_TIMEOUT -1 - -GCC_PLUGINS y # Enable gcc plugin options -# Gather additional entropy at boot time for systems that may not have appropriate entropy sources. -GCC_PLUGIN_LATENT_ENTROPY y - -${optionalString (versionAtLeast version "4.11") '' - GCC_PLUGIN_STRUCTLEAK y # A port of the PaX structleak plugin -''} -${optionalString (versionAtLeast version "4.14") '' - GCC_PLUGIN_STRUCTLEAK_BYREF_ALL y # Also cover structs passed by address -''} -${optionalString (versionAtLeast version "4.20") '' - GCC_PLUGIN_STACKLEAK y # A port of the PaX stackleak plugin -''} - -${optionalString (versionAtLeast version "4.13") '' - GCC_PLUGIN_RANDSTRUCT y # A port of the PaX randstruct plugin - GCC_PLUGIN_RANDSTRUCT_PERFORMANCE y -''} - -# Disable various dangerous settings -ACPI_CUSTOM_METHOD n # Allows writing directly to physical memory -PROC_KCORE n # Exposes kernel text image layout -INET_DIAG n # Has been used for heap based attacks in the past - -# Use -fstack-protector-strong (gcc 4.9+) for best stack canary coverage. -${optionalString (versionOlder version "4.18") '' - CC_STACKPROTECTOR_REGULAR n - CC_STACKPROTECTOR_STRONG y -''} - -# Enable compile/run-time buffer overflow detection ala glibc's _FORTIFY_SOURCE -${optionalString (versionAtLeast version "4.13") '' - FORTIFY_SOURCE y -''} -'' + LEGACY_VSYSCALL_NONE = yes; +} // { + # Report BUG() conditions and kill the offending process. + BUG = yes; + + BUG_ON_DATA_CORRUPTION = whenAtLeast "4.10" yes; + + # Safer page access permissions (wrt. code injection). Default on >=4.11. + DEBUG_RODATA = whenOlder "4.11" yes; + DEBUG_SET_MODULE_RONX = whenOlder "4.11" yes; + + # Mark LSM hooks read-only after init. SECURITY_WRITABLE_HOOKS n + # conflicts with SECURITY_SELINUX_DISABLE y; disabling the latter + # implicitly marks LSM hooks read-only after init. + # + # SELinux can only be disabled at boot via selinux=0 + # + # We set SECURITY_WRITABLE_HOOKS n primarily for documentation purposes; the + # config builder fails to detect that it has indeed been unset. + SECURITY_SELINUX_DISABLE = whenAtLeast "4.12" no; + SECURITY_WRITABLE_HOOKS = whenAtLeast "4.12" (option no); + + DEBUG_WX = yes; # boot-time warning on RWX mappings + STRICT_KERNEL_RWX = whenAtLeast "4.11" yes; + + # Stricter /dev/mem + STRICT_DEVMEM = option yes; + IO_STRICT_DEVMEM = option yes; + + # Perform additional validation of commonly targeted structures. + DEBUG_CREDENTIALS = yes; + DEBUG_NOTIFIERS = yes; + DEBUG_LIST = yes; + DEBUG_PI_LIST = yes; # doesn't BUG() + DEBUG_SG = yes; + SCHED_STACK_END_CHECK = yes; + + REFCOUNT_FULL = whenAtLeast "4.13" yes; + + # Perform usercopy bounds checking. + HARDENED_USERCOPY = yes; + HARDENED_USERCOPY_FALLBACK = whenAtLeast "4.16" no; # for full whitelist enforcement + + # Randomize allocator freelists. + SLAB_FREELIST_RANDOM = yes; + + SLAB_FREELIST_HARDENED = whenAtLeast "4.14" yes; + + # Allow enabling slub/slab free poisoning with slub_debug=P + SLUB_DEBUG = yes; + + # Wipe higher-level memory allocations on free() with page_poison=1 + PAGE_POISONING = yes; + PAGE_POISONING_NO_SANITY = yes; + PAGE_POISONING_ZERO = yes; + + # Reboot devices immediately if kernel experiences an Oops. + PANIC_ON_OOPS = yes; + PANIC_TIMEOUT = freeform "-1"; + + GCC_PLUGINS = yes; # Enable gcc plugin options + # Gather additional entropy at boot time for systems that may = no;ot have appropriate entropy sources. + GCC_PLUGIN_LATENT_ENTROPY = yes; + + GCC_PLUGIN_STRUCTLEAK = whenAtLeast "4.11" yes; # A port of the PaX structleak plugin + GCC_PLUGIN_STRUCTLEAK_BYREF_ALL = whenAtLeast "4.14" yes; # Also cover structs passed by address + GCC_PLUGIN_STACKLEAK = whenAtLeast "4.20" yes; # A port of the PaX stackleak plugin + GCC_PLUGIN_RANDSTRUCT = whenAtLeast "4.13" yes; # A port of the PaX randstruct plugin + GCC_PLUGIN_RANDSTRUCT_PERFORMANCE = whenAtLeast "4.13" yes; + + # Disable various dangerous settings + ACPI_CUSTOM_METHOD = no; # Allows writing directly to physical memory + PROC_KCORE = no; # Exposes kernel text image layout + INET_DIAG = no; # Has been used for heap based attacks in the past + + # Use -fstack-protector-strong (gcc 4.9+) for best stack canary coverage. + CC_STACKPROTECTOR_REGULAR = whenOlder "4.18" no; + CC_STACKPROTECTOR_STRONG = whenOlder "4.18" yes; + + # Enable compile/run-time buffer overflow detection ala glibc's _FORTIFY_SOURCE + FORTIFY_SOURCE = whenAtLeast "4.13" yes; + +} diff --git a/pkgs/os-specific/linux/kernel/linux-4.14.nix b/pkgs/os-specific/linux/kernel/linux-4.14.nix index bebfe402af0..78448b4bc38 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.14.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.14.nix @@ -3,7 +3,7 @@ with stdenv.lib; buildLinux (args // rec { - version = "4.14.91"; + version = "4.14.98"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStrings (intersperse "." (take 3 (splitString "." "${version}.0"))) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "1ad6dkvfvqabr4d1vb8li06zbc1dikd2w31b13x8x4b0865pqn3a"; + sha256 = "0pqc04ij6qdfhh3rpakas0qc0vqj8mm120z64q9v9vxin5qi20lg"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-4.19.nix b/pkgs/os-specific/linux/kernel/linux-4.19.nix index a9e11449d18..b88196754a1 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.19.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.19.nix @@ -3,7 +3,7 @@ with stdenv.lib; buildLinux (args // rec { - version = "4.19.13"; + version = "4.19.20"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStrings (intersperse "." (take 3 (splitString "." "${version}.0"))) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "1hn0mimh0x13gin28l6dfic21533ja8zlihkg43c8gz183y7f2pm"; + sha256 = "1904zamsxxzm0qbjv9mprxamhs7a3dymxl0yfj777gylv9v2fzfw"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-4.20.nix b/pkgs/os-specific/linux/kernel/linux-4.20.nix index 838ef4a5b80..d3fce3b3ec0 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.20.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.20.nix @@ -3,7 +3,7 @@ with stdenv.lib; buildLinux (args // rec { - version = "4.20"; + version = "4.20.7"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStrings (intersperse "." (take 3 (splitString "." "${version}.0"))) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "0f14l6mb5c4rwpqjbcb2yrvk1bmmiyh0mpw24fbl7rr26lc2625d"; + sha256 = "0ivdz7kdc69n86rd489dhi4srhr4k3fic5vabf61l3syzqx7s3al"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-4.4.nix b/pkgs/os-specific/linux/kernel/linux-4.4.nix index 2e83e73df2e..9095a63355b 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.4.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.4.nix @@ -1,11 +1,11 @@ { stdenv, buildPackages, fetchurl, perl, buildLinux, ... } @ args: buildLinux (args // rec { - version = "4.4.169"; + version = "4.4.173"; extraMeta.branch = "4.4"; src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "1aah2qmifj15kcck4m6p00zz0d80afs22bg44y3n4l926f0b1w86"; + sha256 = "0wj2y6y2ac5m6p6ghb4rmxfdxyx0gq7yv7b0qzmdyh4dkpi7qa0f"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-4.9.nix b/pkgs/os-specific/linux/kernel/linux-4.9.nix index 5cca257cef2..6bc54ef44f6 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.9.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.9.nix @@ -1,11 +1,11 @@ { stdenv, buildPackages, fetchurl, perl, buildLinux, ... } @ args: buildLinux (args // rec { - version = "4.9.148"; + version = "4.9.155"; extraMeta.branch = "4.9"; src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "1559i06mcsa1d0kfnf6q1k5fldz2pbkrpg4snwddxa1508diarv0"; + sha256 = "179w0yfnqk0rjdfl3fjqx5b9jn8i0bizhqckv49f63rwwc5wcam5"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-testing-bcachefs.nix b/pkgs/os-specific/linux/kernel/linux-testing-bcachefs.nix index b4df3b7b33e..a3275786b33 100644 --- a/pkgs/os-specific/linux/kernel/linux-testing-bcachefs.nix +++ b/pkgs/os-specific/linux/kernel/linux-testing-bcachefs.nix @@ -1,13 +1,13 @@ { stdenv, buildPackages, fetchgit, perl, buildLinux, ... } @ args: buildLinux (args // rec { - version = "4.18.2018.10.12"; - modDirVersion = "4.18.0"; + version = "4.20.2019.01.23"; + modDirVersion = "4.20.0"; src = fetchgit { url = "https://evilpiepirate.org/git/bcachefs.git"; - rev = "d7f6da1d60ec24266301231538ff6f09716537ed"; - sha256 = "05d7dh41nc35www8vmrn47wlf2mr2b8i4rm15vq3zgm32d0xv3lk"; + rev = "99750eab4d583132cf61f071082c7cf21f5295c0"; + sha256 = "05wg9w5f68qg02yrciir9h1wx448869763hg3w7j23wc2qywhwqb"; }; extraConfig = "BCACHEFS_FS m"; diff --git a/pkgs/os-specific/linux/kernel/linux-testing.nix b/pkgs/os-specific/linux/kernel/linux-testing.nix index 1e810a12931..b1e74da256b 100644 --- a/pkgs/os-specific/linux/kernel/linux-testing.nix +++ b/pkgs/os-specific/linux/kernel/linux-testing.nix @@ -1,13 +1,13 @@ { stdenv, buildPackages, fetchurl, perl, buildLinux, libelf, utillinux, ... } @ args: buildLinux (args // rec { - version = "4.20-rc7"; - modDirVersion = "4.20.0-rc7"; - extraMeta.branch = "4.20"; + version = "5.0-rc5"; + modDirVersion = "5.0.0-rc5"; + extraMeta.branch = "5.0"; src = fetchurl { url = "https://git.kernel.org/torvalds/t/linux-${version}.tar.gz"; - sha256 = "0qga2x4rz1vphi7j044f4b4la24qyk5sm7lm8q991imq5wm5s2rl"; + sha256 = "0a60svgiz06cq4hq5z1rmwyjq1748fm7wi87arl659aidp0r0qky"; }; # Should the testing kernels ever be built on Hydra? diff --git a/pkgs/os-specific/linux/kernel/manual-config.nix b/pkgs/os-specific/linux/kernel/manual-config.nix index 6adc3a33bb0..4b570c1fe94 100644 --- a/pkgs/os-specific/linux/kernel/manual-config.nix +++ b/pkgs/os-specific/linux/kernel/manual-config.nix @@ -88,7 +88,10 @@ let inherit src; - patches = map (p: p.patch) kernelPatches; + patches = + map (p: p.patch) kernelPatches + # Required for deterministic builds along with some postPatch magic. + ++ optional (stdenv.lib.versionAtLeast version "4.13") ./randstruct-provide-seed.patch; prePatch = '' for mf in $(find -name Makefile -o -name Makefile.include -o -name install.sh); do @@ -99,6 +102,19 @@ let sed -i scripts/ld-version.sh -e "s|/usr/bin/awk|${buildPackages.gawk}/bin/awk|" ''; + postPatch = '' + # Set randstruct seed to a deterministic but diversified value. Note: + # we could have instead patched gen-random-seed.sh to take input from + # the buildFlags, but that would require also patching the kernel's + # toplevel Makefile to add a variable export. This would be likely to + # cause future patch conflicts. + if [ -f scripts/gcc-plugins/gen-random-seed.sh ]; then + substituteInPlace scripts/gcc-plugins/gen-random-seed.sh \ + --replace NIXOS_RANDSTRUCT_SEED \ + $(echo ${src} ${configfile} | sha256sum | cut -d ' ' -f 1 | tr -d '\n') + fi + ''; + configurePhase = '' runHook preConfigure diff --git a/pkgs/os-specific/linux/kernel/patches.nix b/pkgs/os-specific/linux/kernel/patches.nix index 2ff0d5d2620..4c338b37dec 100644 --- a/pkgs/os-specific/linux/kernel/patches.nix +++ b/pkgs/os-specific/linux/kernel/patches.nix @@ -57,15 +57,4 @@ rec { sha256 = "1l8xq02rd7vakxg52xm9g4zng0ald866rpgm8kjlh88mwwyjkrwv"; }; }; - - # Reverts a change related to the overlayfs overhaul in 4.19 - # https://github.com/NixOS/nixpkgs/issues/48828#issuecomment-445208626 - revert-vfs-dont-open-real = rec { - name = "revert-vfs-dont-open-real"; - patch = fetchpatch { - name = name + ".patch"; - url = https://github.com/samueldr/linux/commit/ee23fa215caaa8102f4ab411d39fcad5858147f2.patch; - sha256 = "0bp4jryihg1y2sl8zlj6w7vvnxj0kmb6xdy42hpvdv43kb6ngiaq"; - }; - }; } diff --git a/pkgs/os-specific/linux/kernel/randstruct-provide-seed.patch b/pkgs/os-specific/linux/kernel/randstruct-provide-seed.patch new file mode 100644 index 00000000000..1328b9cee3c --- /dev/null +++ b/pkgs/os-specific/linux/kernel/randstruct-provide-seed.patch @@ -0,0 +1,12 @@ +diff -ru a/scripts/gcc-plugins/gen-random-seed.sh b/scripts/gcc-plugins/gen-random-seed.sh +--- a/scripts/gcc-plugins/gen-random-seed.sh 2019-01-11 11:50:29.228258920 +0100 ++++ b/scripts/gcc-plugins/gen-random-seed.sh 2019-01-11 12:18:33.555902720 +0100 +@@ -2,7 +2,7 @@ + # SPDX-License-Identifier: GPL-2.0 + + if [ ! -f "$1" ]; then +- SEED=`od -A n -t x8 -N 32 /dev/urandom | tr -d ' \n'` ++ SEED="NIXOS_RANDSTRUCT_SEED" + echo "const char *randstruct_seed = \"$SEED\";" > "$1" + HASH=`echo -n "$SEED" | sha256sum | cut -d" " -f1 | tr -d ' \n'` + echo "#define RANDSTRUCT_HASHED_SEED \"$HASH\"" > "$2" diff --git a/pkgs/os-specific/linux/libcap-ng/default.nix b/pkgs/os-specific/linux/libcap-ng/default.nix index e530850221c..838f5c1e8c0 100644 --- a/pkgs/os-specific/linux/libcap-ng/default.nix +++ b/pkgs/os-specific/linux/libcap-ng/default.nix @@ -35,6 +35,5 @@ stdenv.mkDerivation rec { homepage = https://people.redhat.com/sgrubb/libcap-ng/; platforms = platforms.linux; license = licenses.lgpl21; - maintainers = with maintainers; [ wkennington ]; }; } diff --git a/pkgs/os-specific/linux/libratbag/default.nix b/pkgs/os-specific/linux/libratbag/default.nix index c614b39255d..edba8b090df 100644 --- a/pkgs/os-specific/linux/libratbag/default.nix +++ b/pkgs/os-specific/linux/libratbag/default.nix @@ -3,13 +3,13 @@ stdenv.mkDerivation rec { name = "libratbag-${version}"; - version = "0.9.903"; + version = "0.9.904"; src = fetchFromGitHub { owner = "libratbag"; repo = "libratbag"; rev = "v${version}"; - sha256 = "0cr5skrb7a5mgj7dkm647ib8336hb88bf11blaf6xldafi8b0jlj"; + sha256 = "0d2gw4bviy6zf1q9a18chlsbqylhppbby336fznh6nkpdl3jckfd"; }; nativeBuildInputs = [ diff --git a/pkgs/os-specific/linux/lxc/default.nix b/pkgs/os-specific/linux/lxc/default.nix index 1adf820c68e..a8668313465 100644 --- a/pkgs/os-specific/linux/lxc/default.nix +++ b/pkgs/os-specific/linux/lxc/default.nix @@ -83,6 +83,6 @@ stdenv.mkDerivation rec { ''; platforms = platforms.linux; - maintainers = with maintainers; [ wkennington globin fpletz ]; + maintainers = with maintainers; [ globin fpletz ]; }; } diff --git a/pkgs/os-specific/linux/microcode/amd.nix b/pkgs/os-specific/linux/microcode/amd.nix index bd4b3d9377f..34f19db524c 100644 --- a/pkgs/os-specific/linux/microcode/amd.nix +++ b/pkgs/os-specific/linux/microcode/amd.nix @@ -24,7 +24,6 @@ stdenv.mkDerivation rec { description = "AMD Processor microcode patch"; homepage = http://www.amd64.org/support/microcode.html; license = licenses.unfreeRedistributableFirmware; - maintainers = with maintainers; [ wkennington ]; platforms = platforms.linux; }; } diff --git a/pkgs/os-specific/linux/microcode/intel.nix b/pkgs/os-specific/linux/microcode/intel.nix index 8362392e0bf..cbcab06f56a 100644 --- a/pkgs/os-specific/linux/microcode/intel.nix +++ b/pkgs/os-specific/linux/microcode/intel.nix @@ -27,7 +27,6 @@ stdenv.mkDerivation rec { homepage = http://www.intel.com/; description = "Microcode for Intel processors"; license = licenses.unfreeRedistributableFirmware; - maintainers = with maintainers; [ wkennington ]; platforms = platforms.linux; }; } diff --git a/pkgs/os-specific/linux/mstpd/default.nix b/pkgs/os-specific/linux/mstpd/default.nix index e9d654add49..ea5790b495b 100644 --- a/pkgs/os-specific/linux/mstpd/default.nix +++ b/pkgs/os-specific/linux/mstpd/default.nix @@ -19,6 +19,5 @@ stdenv.mkDerivation { homepage = https://sourceforge.net/projects/mstpd/; license = licenses.gpl2; platforms = platforms.linux; - maintainers = with maintainers; [ wkennington ]; }; } diff --git a/pkgs/os-specific/linux/nftables/default.nix b/pkgs/os-specific/linux/nftables/default.nix index 468bfd135e7..b4878ff4eac 100644 --- a/pkgs/os-specific/linux/nftables/default.nix +++ b/pkgs/os-specific/linux/nftables/default.nix @@ -25,6 +25,5 @@ stdenv.mkDerivation rec { homepage = http://netfilter.org/projects/nftables; license = licenses.gpl2; platforms = platforms.linux; - maintainers = with maintainers; [ wkennington ]; }; } diff --git a/pkgs/os-specific/linux/nmon/default.nix b/pkgs/os-specific/linux/nmon/default.nix index ae6abeb1f56..21579f47a0a 100644 --- a/pkgs/os-specific/linux/nmon/default.nix +++ b/pkgs/os-specific/linux/nmon/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { name = "nmon-${version}"; - version = "16g"; + version = "16h"; src = fetchurl { url = "mirror://sourceforge/nmon/lmon${version}.c"; - sha256 = "127n8xvmg7byp42sm924mdr7hd3bsfsxpryzahl0cfsh7dlxv0ns"; + sha256 = "1snfi6wsnpwhpzi33yhqvrrmxmfw6ilcxjkgjx3jkk0453y2sfz2"; }; buildInputs = [ ncurses ]; diff --git a/pkgs/os-specific/linux/numactl/default.nix b/pkgs/os-specific/linux/numactl/default.nix index 3c02cf2bb88..3bdb9886d39 100644 --- a/pkgs/os-specific/linux/numactl/default.nix +++ b/pkgs/os-specific/linux/numactl/default.nix @@ -27,6 +27,5 @@ stdenv.mkDerivation rec { homepage = https://github.com/numactl/numactl; license = with licenses; [ gpl2 lgpl21 ]; # libnuma is lgpl21 platforms = [ "i686-linux" "x86_64-linux" "aarch64-linux" ]; - maintainers = with maintainers; [ wkennington ]; }; } diff --git a/pkgs/os-specific/linux/nvidia-x11/atomic64_t.patch b/pkgs/os-specific/linux/nvidia-x11/atomic64_t.patch new file mode 100644 index 00000000000..18fcca314a8 --- /dev/null +++ b/pkgs/os-specific/linux/nvidia-x11/atomic64_t.patch @@ -0,0 +1,12 @@ +diff --git a/kernel/conftest.sh b/kernel/conftest.sh +index e8de161..6c284e9 100755 +--- a/kernel/conftest.sh ++++ b/kernel/conftest.sh +@@ -1784,7 +1784,6 @@ compile_test() { + atomic64_t data; + atomic64_read(&data); + atomic64_set(&data, 0); +- atomic64_inc(&data); + }" + + compile_check_conftest "$CODE" "NV_ATOMIC64_PRESENT" "" "types" diff --git a/pkgs/os-specific/linux/nvidia-x11/builder.sh b/pkgs/os-specific/linux/nvidia-x11/builder.sh index 8882ffdd45e..46ea5a55aa5 100755 --- a/pkgs/os-specific/linux/nvidia-x11/builder.sh +++ b/pkgs/os-specific/linux/nvidia-x11/builder.sh @@ -33,11 +33,17 @@ installPhase() { # since version 391, 32bit libraries are bundled in the 32/ sub-directory if [ "$i686bundled" = "1" ]; then mkdir -p "$lib32/lib" - cp -prd 32/*.so.* 32/tls "$lib32/lib/" + cp -prd 32/*.so.* "$lib32/lib/" + if [ -d 32/tls ]; then + cp -prd 32/tls "$lib32/lib/" + fi fi mkdir -p "$out/lib" - cp -prd *.so.* tls "$out/lib/" + cp -prd *.so.* "$out/lib/" + if [ -d tls ]; then + cp -prd tls "$out/lib/" + fi for i in $lib32 $out; do rm -f $i/lib/lib{glx,nvidia-wfb}.so.* # handled separately diff --git a/pkgs/os-specific/linux/nvidia-x11/default.nix b/pkgs/os-specific/linux/nvidia-x11/default.nix index 90efb9bda52..d76a1452455 100644 --- a/pkgs/os-specific/linux/nvidia-x11/default.nix +++ b/pkgs/os-specific/linux/nvidia-x11/default.nix @@ -16,18 +16,18 @@ let in rec { # Policy: use the highest stable version as the default (on our master). - stable = if stdenv.hostPlatform.system != "x86_64-linux" - then legacy_390 - else generic { - version = "410.78"; - sha256_64bit = "1ciabnmvh95gsfiaakq158x2yws3m9zxvnxws3p32lz9riblpdjx"; - settingsSha256 = "1677g7rcjbcs5fja1s4p0syhhz46g9x2qqzyn3wwwrjsj7rwaz77"; - persistencedSha256 = "01kvd3zp056i4n8vazj7gx1xw0h4yjdlpazmspnsmwg24ijb82x4"; - }; + stable = if stdenv.hostPlatform.system == "x86_64-linux" then stable_415 else legacy_390; # No active beta right now beta = stable; + stable_415 = generic { + version = "415.27"; + sha256_64bit = "12ylf1h1wpgkd0g7r30c33hhhialn315k5sbxyzks0rm42k7cay8"; + settingsSha256 = "0m8hfxb6fhanqlkkk4ayn1blgdsvnn0ipxdl19ifdl200ln6j053"; + persistencedSha256 = "0i6ik6xv6rnwcd6vg5xrxcd9g7nzca3vkiy2srbv0simw86nwgdz"; + }; + # Last one supporting x86 legacy_390 = generic { version = "390.87"; diff --git a/pkgs/os-specific/linux/nvidia-x11/generic.nix b/pkgs/os-specific/linux/nvidia-x11/generic.nix index be378d66caf..1a08a89dc23 100644 --- a/pkgs/os-specific/linux/nvidia-x11/generic.nix +++ b/pkgs/os-specific/linux/nvidia-x11/generic.nix @@ -90,7 +90,7 @@ let description = "X.org driver and kernel module for NVIDIA graphics cards"; license = licenses.unfreeRedistributable; platforms = [ "i686-linux" "x86_64-linux" ]; - maintainers = [ maintainers.vcunat ]; + maintainers = with maintainers; [ baracoder ]; priority = 4; # resolves collision with xorg-server's "lib/xorg/modules/extensions/libglx.so" inherit broken; }; diff --git a/pkgs/os-specific/linux/nvme-cli/default.nix b/pkgs/os-specific/linux/nvme-cli/default.nix index b40b6125bd9..49171697ffe 100644 --- a/pkgs/os-specific/linux/nvme-cli/default.nix +++ b/pkgs/os-specific/linux/nvme-cli/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { name = "nvme-cli-${version}"; - version = "1.6"; + version = "1.7"; src = fetchFromGitHub { owner = "linux-nvme"; repo = "nvme-cli"; rev = "v${version}"; - sha256 = "0pp00yzj9c398bzd7jrjhzr7q1pk7d069dnbzyq1qqssszgcj599"; + sha256 = "1wwr31s337km3v528hvsq72j2ph17fir0j3rr622z74k68pzdh1x"; }; makeFlags = [ "DESTDIR=$(out)" "PREFIX=" ]; diff --git a/pkgs/os-specific/linux/pam_krb5/default.nix b/pkgs/os-specific/linux/pam_krb5/default.nix index dd3957d3618..3b23c286e19 100644 --- a/pkgs/os-specific/linux/pam_krb5/default.nix +++ b/pkgs/os-specific/linux/pam_krb5/default.nix @@ -19,6 +19,5 @@ stdenv.mkDerivation rec { ''; platforms = platforms.linux; license = licenses.bsd3; - maintainers = with maintainers; [ wkennington ]; }; } diff --git a/pkgs/os-specific/linux/powertop/default.nix b/pkgs/os-specific/linux/powertop/default.nix index 5ec708dd69f..f24f5a5d06f 100644 --- a/pkgs/os-specific/linux/powertop/default.nix +++ b/pkgs/os-specific/linux/powertop/default.nix @@ -1,12 +1,12 @@ { stdenv, fetchurl, fetchpatch, gettext, libnl, ncurses, pciutils, pkgconfig, zlib }: stdenv.mkDerivation rec { - name = "powertop-${version}"; - version = "2.9"; + pname = "powertop"; + version = "2.10"; src = fetchurl { - url = "https://01.org/sites/default/files/downloads/powertop/powertop-v${version}.tar.gz"; - sha256 = "0l4jjlf05li2mc6g8nrss3h435wjhmnqd8m7v3kha3x0x7cbfzxa"; + url = "https://01.org/sites/default/files/downloads/${pname}-v${version}.tar.gz"; + sha256 = "0xaazqccyd42v2q532dxx40nqhb9sfsa6cyx8641rl57mfg4bdyk"; }; outputs = [ "out" "man" ]; diff --git a/pkgs/os-specific/linux/rdma-core/default.nix b/pkgs/os-specific/linux/rdma-core/default.nix index 8f2c834672f..1316775775e 100644 --- a/pkgs/os-specific/linux/rdma-core/default.nix +++ b/pkgs/os-specific/linux/rdma-core/default.nix @@ -3,7 +3,7 @@ } : let - version = "21"; + version = "22"; in stdenv.mkDerivation { name = "rdma-core-${version}"; @@ -12,7 +12,7 @@ in stdenv.mkDerivation { owner = "linux-rdma"; repo = "rdma-core"; rev = "v${version}"; - sha256 = "0q4hdm14f1xz2h0m5d821fdyp7i917rvmkas5axmfr1myv5422fl"; + sha256 = "1xkd51bz6p85gahsw18knrvirn404ca98lqmp1assyn4irs7khx8"; }; nativeBuildInputs = [ cmake pkgconfig pandoc ]; diff --git a/pkgs/os-specific/linux/rtkit/default.nix b/pkgs/os-specific/linux/rtkit/default.nix index 059b0944961..78bcd925aea 100644 --- a/pkgs/os-specific/linux/rtkit/default.nix +++ b/pkgs/os-specific/linux/rtkit/default.nix @@ -34,6 +34,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ pkgconfig ]; buildInputs = [ dbus libcap ]; + NIX_LDFLAGS = [ "-lrt" ]; meta = with stdenv.lib; { homepage = http://0pointer.de/blog/projects/rtkit; diff --git a/pkgs/os-specific/linux/sdnotify-wrapper/default.nix b/pkgs/os-specific/linux/sdnotify-wrapper/default.nix new file mode 100644 index 00000000000..28e1f025789 --- /dev/null +++ b/pkgs/os-specific/linux/sdnotify-wrapper/default.nix @@ -0,0 +1,37 @@ +{ lib, fetchurl, runCommandCC, skawarePackages }: + +with skawarePackages; + +let + # From https://skarnet.org/software/misc/sdnotify-wrapper.c, + # which is unversioned. + src = ./sdnotify-wrapper.c; + +in runCommandCC "sdnotify-wrapper" { + + outputs = [ "bin" "doc" "out" ]; + + meta = { + homepage = "https://skarnet.org/software/misc/sdnotify-wrapper.c"; + description = "Use systemd sd_notify without having to link against libsystemd"; + platforms = lib.platforms.all; + license = lib.licenses.isc; + maintainers = with lib.maintainers; [ Profpatsch ]; + }; + +} '' + mkdir -p $bin/bin + mkdir $out + + # just dynamic for now + $CC \ + -o $bin/bin/sdnotify-wrapper \ + -I${skalibs.dev}/include \ + -L${skalibs.lib}/lib \ + -lskarnet \ + ${src} + + mkdir -p $doc/share/doc/sdnotify-wrapper + # copy the documentation comment + sed -ne '/Usage:/,/*\//p' ${src} > $doc/share/doc/sdnotify-wrapper/README +'' diff --git a/pkgs/os-specific/linux/sdnotify-wrapper/sdnotify-wrapper.c b/pkgs/os-specific/linux/sdnotify-wrapper/sdnotify-wrapper.c new file mode 100644 index 00000000000..0d1ae96068a --- /dev/null +++ b/pkgs/os-specific/linux/sdnotify-wrapper/sdnotify-wrapper.c @@ -0,0 +1,172 @@ +/* + Copyright: (C)2015-2017 Laurent Bercot. http://skarnet.org/ + ISC license. See http://opensource.org/licenses/ISC + + Build-time requirements: skalibs. http://skarnet.org/software/skalibs/ + Run-time requirements: none, if you link skalibs statically. + + Compilation: + gcc -o sdnotify-wrapper -L/usr/lib/skalibs sdnotify-wrapper.c -lskarnet + Use /usr/lib/skalibs/libskarnet.a instead of -lskarnet to link statically. + Adapt gcc's -I and -L options to your skalibs installation paths. + + Usage: if a daemon would be launched by systemd as "foobard args...", + launch it as "sdnotify-wrapper foobard args..." instead, and you can now + tell systemd that this daemon supports readiness notification. + + Instead of using sd_notify() and having to link against the systemd + library, the daemon notifies readiness by writing whatever it wants + to a file descriptor (by default: stdout), then a newline. (Then it + should close that file descriptor.) The simplest way is something like + int notify_readiness() { write(1, "\n", 1) ; close(1) ; } + This mechanism is understandable by any notification readiness framework. + + Readiness notification occurs when the newline is written, not when + the descriptor is closed; but since sdnotify-wrapper stops reading + after the first newline and will exit, any subsequent writes will + fail and it's best to simply close the descriptor right away. + + sdnotify-wrapper sees the notification when it occurs and sends it + to systemd using the sd_notify format. + + Options: + -d fd: the daemon will write its notification on descriptor fd. + Default is 1. + -f: do not doublefork. Use if the daemon waits for children it does + not know it has (for instance, superservers do this). When in doubt, + do not use that option, or you may have a zombie hanging around. + -t timeout: if the daemon has not sent a notification after timeout + milliseconds, give up and exit; systemd will not be notified. + -k: keep the NOTIFY_SOCKET environment variable when execing into the + daemon. By default, the variable is unset: the daemon should not need it. + + Notes: + sdnotify-wrapper does not change the daemon's pid. It runs as a + (grand)child of the daemon. + If the NOTIFY_SOCKET environment variable is not set, sdnotify-wrapper + does nothing - it only execs into the daemon. + sdnotify-wrapper is more liberal than sd_notify(). It will accept + a relative path in NOTIFY_SOCKET. +*/ + + +#include <sys/types.h> +#include <string.h> +#include <unistd.h> +#include <errno.h> +#include <sys/socket.h> +#include <sys/un.h> +#include <skalibs/uint64.h> +#include <skalibs/types.h> +#include <skalibs/bytestr.h> +#include <skalibs/sgetopt.h> +#include <skalibs/strerr2.h> +#include <skalibs/env.h> +#include <skalibs/allreadwrite.h> +#include <skalibs/tai.h> +#include <skalibs/iopause.h> +#include <skalibs/djbunix.h> +#include <skalibs/webipc.h> + +#define USAGE "sdnotify-wrapper [ -d fd ] [ -f ] [ -t timeout ] [ -k ] prog..." +#define dieusage() strerr_dieusage(100, USAGE) + +#define VAR "NOTIFY_SOCKET" + +static inline int ipc_sendto (int fd, char const *s, size_t len, char const *path) +{ + struct sockaddr_un sa ; + size_t l = strlen(path) ; + if (l > IPCPATH_MAX) return (errno = ENAMETOOLONG, 0) ; + memset(&sa, 0, sizeof sa) ; + sa.sun_family = AF_UNIX ; + memcpy(sa.sun_path, path, l+1) ; + if (path[0] == '@') sa.sun_path[0] = 0 ; + return sendto(fd, s, len, MSG_NOSIGNAL, (struct sockaddr *)&sa, sizeof sa) >= 0 ; +} + +static inline void notify_systemd (pid_t pid, char const *socketpath) +{ + size_t n = 16 ; + char fmt[16 + PID_FMT] = "READY=1\nMAINPID=" ; + int fd = ipc_datagram_b() ; + if (fd < 0) strerr_diefu1sys(111, "create socket") ; + n += pid_fmt(fmt + n, pid) ; + fmt[n++] = '\n' ; + if (!ipc_sendto(fd, fmt, n, socketpath)) + strerr_diefu2sys(111, "send notification message to ", socketpath) ; + close(fd) ; +} + +static inline int run_child (int fd, unsigned int timeout, pid_t pid, char const *s) +{ + char dummy[4096] ; + iopause_fd x = { .fd = fd, .events = IOPAUSE_READ } ; + tain_t deadline ; + tain_now_g() ; + if (timeout) tain_from_millisecs(&deadline, timeout) ; + else deadline = tain_infinite_relative ; + tain_add_g(&deadline, &deadline) ; + for (;;) + { + int r = iopause_g(&x, 1, &deadline) ; + if (r < 0) strerr_diefu1sys(111, "iopause") ; + if (!r) return 99 ; + r = sanitize_read(fd_read(fd, dummy, 4096)) ; + if (r < 0) + if (errno == EPIPE) return 1 ; + else strerr_diefu1sys(111, "read from parent") ; + else if (r && memchr(dummy, '\n', r)) break ; + } + close(fd) ; + notify_systemd(pid, s) ; + return 0 ; +} + +int main (int argc, char const *const *argv, char const *const *envp) +{ + char const *s = env_get2(envp, VAR) ; + unsigned int fd = 1 ; + unsigned int timeout = 0 ; + int df = 1, keep = 0 ; + PROG = "sdnotify-wrapper" ; + { + subgetopt_t l = SUBGETOPT_ZERO ; + for (;;) + { + register int opt = subgetopt_r(argc, argv, "d:ft:k", &l) ; + if (opt == -1) break ; + switch (opt) + { + case 'd' : if (!uint0_scan(l.arg, &fd)) dieusage() ; break ; + case 'f' : df = 0 ; break ; + case 't' : if (!uint0_scan(l.arg, &timeout)) dieusage() ; break ; + case 'k' : keep = 1 ; break ; + default : dieusage() ; + } + } + argc -= l.ind ; argv += l.ind ; + } + if (!argc) dieusage() ; + + if (!s) xpathexec_run(argv[0], argv, envp) ; + else + { + pid_t parent = getpid() ; + pid_t child ; + int p[2] ; + if (pipe(p) < 0) strerr_diefu1sys(111, "pipe") ; + child = df ? doublefork() : fork() ; + if (child < 0) strerr_diefu1sys(111, df ? "doublefork" : "fork") ; + else if (!child) + { + PROG = "sdnotify-wrapper (child)" ; + close(p[1]) ; + return run_child(p[0], timeout, parent, s) ; + } + close(p[0]) ; + if (fd_move((int)fd, p[1]) < 0) strerr_diefu1sys(111, "move descriptor") ; + if (keep) xpathexec_run(argv[0], argv, envp) ; + else xpathexec_r(argv, envp, env_len(envp), VAR, sizeof(VAR)) ; + } +} diff --git a/pkgs/os-specific/linux/seturgent/default.nix b/pkgs/os-specific/linux/seturgent/default.nix index 42b5317d556..15582574ecb 100644 --- a/pkgs/os-specific/linux/seturgent/default.nix +++ b/pkgs/os-specific/linux/seturgent/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, libX11, xproto, unzip }: +{ stdenv, fetchurl, libX11, xorgproto, unzip }: stdenv.mkDerivation { name = "seturgent-2012-08-17"; @@ -9,7 +9,7 @@ stdenv.mkDerivation { }; buildInputs = [ - libX11 xproto unzip + libX11 xorgproto unzip ]; installPhase = '' diff --git a/pkgs/os-specific/linux/spl/default.nix b/pkgs/os-specific/linux/spl/default.nix index 42e193a21ad..d8714d9c172 100644 --- a/pkgs/os-specific/linux/spl/default.nix +++ b/pkgs/os-specific/linux/spl/default.nix @@ -51,6 +51,6 @@ stdenv.mkDerivation rec { homepage = http://zfsonlinux.org/; platforms = platforms.linux; license = licenses.gpl2Plus; - maintainers = with maintainers; [ jcumming wizeman wkennington fpletz globin ]; + maintainers = with maintainers; [ jcumming wizeman fpletz globin ]; }; } diff --git a/pkgs/os-specific/linux/sysdig/default.nix b/pkgs/os-specific/linux/sysdig/default.nix index 2a614e22c9a..33f1bbdd893 100644 --- a/pkgs/os-specific/linux/sysdig/default.nix +++ b/pkgs/os-specific/linux/sysdig/default.nix @@ -57,7 +57,7 @@ stdenv.mkDerivation rec { license = with licenses; [ asl20 gpl2 mit ]; maintainers = [maintainers.raskin]; platforms = ["x86_64-linux"] ++ platforms.darwin; - broken = kernel != null && (versionOlder kernel.version "4.14" || versionAtLeast kernel.version "4.20"); + broken = kernel != null && versionOlder kernel.version "4.14"; homepage = "https://sysdig.com/opensource/"; downloadPage = "https://github.com/draios/sysdig/releases"; }; diff --git a/pkgs/os-specific/linux/systemd/cryptsetup-generator.nix b/pkgs/os-specific/linux/systemd/cryptsetup-generator.nix index 703d13126a3..2ff0e4cd38f 100644 --- a/pkgs/os-specific/linux/systemd/cryptsetup-generator.nix +++ b/pkgs/os-specific/linux/systemd/cryptsetup-generator.nix @@ -14,12 +14,13 @@ systemd.overrideAttrs (p: { # As ninja install is not used here, the rpath needs to be manually fixed. # Otherwise the resulting binary doesn't properly link against systemd-shared.so postFixup = '' - sharedLib=libsystemd-shared-${p.version}.so for prog in `find $out -type f -executable`; do - (patchelf --print-needed $prog | grep $sharedLib > /dev/null) && ( + (patchelf --print-needed $prog | grep 'libsystemd-shared-.*\.so' > /dev/null) && ( patchelf --set-rpath `patchelf --print-rpath $prog`:"$out/lib/systemd" $prog ) || true done + # test it's OK + "$out"/lib/systemd/systemd-cryptsetup ''; installPhase = '' diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index 1d45109ac85..d4623ccd633 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -18,7 +18,7 @@ let pythonLxmlEnv = buildPackages.python3Packages.python.withPackages ( ps: with ps; [ python3Packages.lxml ]); in stdenv.mkDerivation rec { - version = "239"; + version = "239.20190110"; name = "systemd-${version}"; # When updating, use https://github.com/systemd/systemd-stable tree, not the development one! @@ -26,8 +26,8 @@ in stdenv.mkDerivation rec { src = fetchFromGitHub { owner = "NixOS"; repo = "systemd"; - rev = "31859ddd35fc3fa82a583744caa836d356c31d7f"; - sha256 = "1xci0491j95vdjgs397n618zii3sgwnvanirkblqqw6bcvcjvir1"; + rev = "nixos-v${version}"; + sha256 = "1m9mhv7b4kfa43z79106gpgxx51zlhvvfjrlmimdsvsiw72nzldj"; }; prePatch = let @@ -37,8 +37,8 @@ in stdenv.mkDerivation rec { # When the URL disappears, it typically means that Debian has new patches # (probably security) and updating to new tarball will apply them as well. name = "systemd-debian-patches.tar.xz"; - url = mirror://debian/pool/main/s/systemd/systemd_239-11~bpo9+1.debian.tar.xz; - sha256 = "136f6p4jbi4z94mf4g099dfcacwka8jwhza0wxxw2q5l5q3xiysh"; + url = mirror://debian/pool/main/s/systemd/systemd_239-12~bpo9+1.debian.tar.xz; + sha256 = "0v9f62gyfiw5icdrdlcvjcipsqrsm49w6n8bqp9nb8s2ih6rsfhg"; }; # Note that we skip debian-specific patches, i.e. ./debian/patches/debian/* in '' diff --git a/pkgs/os-specific/linux/wpa_supplicant/default.nix b/pkgs/os-specific/linux/wpa_supplicant/default.nix index 733da0d8989..176eef3b861 100644 --- a/pkgs/os-specific/linux/wpa_supplicant/default.nix +++ b/pkgs/os-specific/linux/wpa_supplicant/default.nix @@ -142,7 +142,7 @@ stdenv.mkDerivation rec { homepage = http://hostap.epitest.fi/wpa_supplicant/; description = "A tool for connecting to WPA and WPA2-protected wireless networks"; license = licenses.bsd3; - maintainers = with maintainers; [ marcweber wkennington ]; + maintainers = with maintainers; [ marcweber ]; platforms = platforms.linux; }; } diff --git a/pkgs/os-specific/linux/xf86-input-mtrack/default.nix b/pkgs/os-specific/linux/xf86-input-mtrack/default.nix index ef6e3f4c67f..2897e9200fd 100644 --- a/pkgs/os-specific/linux/xf86-input-mtrack/default.nix +++ b/pkgs/os-specific/linux/xf86-input-mtrack/default.nix @@ -5,8 +5,7 @@ , pkgconfig , mtdev , xorgserver -, xproto -, inputproto +, xorgproto , pixman , autoreconfHook }: @@ -19,8 +18,7 @@ stdenv.mkDerivation { pkgconfig mtdev xorgserver - xproto - inputproto + xorgproto pixman autoreconfHook ]; diff --git a/pkgs/os-specific/linux/xf86-input-multitouch/default.nix b/pkgs/os-specific/linux/xf86-input-multitouch/default.nix index 527471bad32..71242348f68 100644 --- a/pkgs/os-specific/linux/xf86-input-multitouch/default.nix +++ b/pkgs/os-specific/linux/xf86-input-multitouch/default.nix @@ -1,12 +1,7 @@ { stdenv , fetchgit , mtdev -, xorgserver -, xproto , pixman -, xextproto -, inputproto -, randrproto , xorg , libpciaccess }: @@ -30,13 +25,11 @@ stdenv.mkDerivation { ''; buildInputs = with xorg; [ - mtdev xproto xextproto inputproto libpciaccess randrproto renderproto - xineramaproto resourceproto scrnsaverproto kbproto libxcb videoproto - dri3proto presentproto + mtdev xorgproto libpciaccess libxcb ]; buildPhase = '' - make INCLUDE="$NIX_CFLAGS_COMPILE -I${xorgserver.dev}/include/xorg -I${pixman}/include/pixman-1 -Iinclude" + make INCLUDE="$NIX_CFLAGS_COMPILE -I${xorg.xorgserver.dev}/include/xorg -I${pixman}/include/pixman-1 -Iinclude" ''; installPhase = '' diff --git a/pkgs/os-specific/linux/xf86-input-wacom/default.nix b/pkgs/os-specific/linux/xf86-input-wacom/default.nix index e0e211642af..ac095ffaf89 100644 --- a/pkgs/os-specific/linux/xf86-input-wacom/default.nix +++ b/pkgs/os-specific/linux/xf86-input-wacom/default.nix @@ -1,6 +1,6 @@ { stdenv, fetchurl -, inputproto, libX11, libXext, libXi, libXrandr, libXrender -, ncurses, pkgconfig, randrproto, xorgserver, xproto, udev, libXinerama, pixman }: +, xorgproto, libX11, libXext, libXi, libXrandr, libXrender +, ncurses, pkgconfig, xorgserver, udev, libXinerama, pixman }: stdenv.mkDerivation rec { name = "xf86-input-wacom-0.36.0"; @@ -10,8 +10,8 @@ stdenv.mkDerivation rec { sha256 = "1xi39hl8ddgj9m7m2k2ll2r3wh0k0aq45fvrsv43651bhz9cbrza"; }; - buildInputs = [ inputproto libX11 libXext libXi libXrandr libXrender - ncurses pkgconfig randrproto xorgserver xproto udev libXinerama pixman ]; + buildInputs = [ xorgproto libX11 libXext libXi libXrandr libXrender + ncurses pkgconfig xorgserver udev libXinerama pixman ]; preConfigure = '' mkdir -p $out/share/X11/xorg.conf.d diff --git a/pkgs/os-specific/linux/xf86-video-nested/default.nix b/pkgs/os-specific/linux/xf86-video-nested/default.nix index 54d16473770..14d2b249fc0 100644 --- a/pkgs/os-specific/linux/xf86-video-nested/default.nix +++ b/pkgs/os-specific/linux/xf86-video-nested/default.nix @@ -1,5 +1,5 @@ -{ stdenv, fetchgit, autoreconfHook, fontsproto, libX11, libXext -, pixman, pkgconfig, renderproto, utilmacros, xorgserver +{ stdenv, fetchgit, autoreconfHook, xorgproto, libX11, libXext +, pixman, pkgconfig, utilmacros, xorgserver }: stdenv.mkDerivation { @@ -12,8 +12,8 @@ stdenv.mkDerivation { }; buildInputs = - [ autoreconfHook fontsproto libX11 libXext pixman - pkgconfig renderproto utilmacros xorgserver + [ autoreconfHook xorgproto libX11 libXext pixman + pkgconfig utilmacros xorgserver ]; hardeningDisable = [ "fortify" ]; diff --git a/pkgs/os-specific/linux/zfs/default.nix b/pkgs/os-specific/linux/zfs/default.nix index 9d48ee01509..73be13e17af 100644 --- a/pkgs/os-specific/linux/zfs/default.nix +++ b/pkgs/os-specific/linux/zfs/default.nix @@ -93,6 +93,7 @@ let configureFlags = [ "--with-config=${configFile}" + "--with-python=${python3.interpreter}" ] ++ optionals buildUser [ "--with-dracutdir=$(out)/lib/dracut" "--with-udevdir=$(out)/lib/udev" @@ -149,7 +150,7 @@ let homepage = http://zfsonlinux.org/; license = licenses.cddl; platforms = platforms.linux; - maintainers = with maintainers; [ jcumming wizeman wkennington fpletz globin ]; + maintainers = with maintainers; [ jcumming wizeman fpletz globin ]; }; }; in { @@ -158,7 +159,7 @@ in { # to be adapted zfsStable = common { # comment/uncomment if breaking kernel versions are known - # incompatibleKernelVersion = "4.19"; + incompatibleKernelVersion = "4.20"; # this package should point to the latest release. version = "0.7.12"; @@ -180,15 +181,14 @@ in { # incompatibleKernelVersion = "4.19"; # this package should point to a version / git revision compatible with the latest kernel release - version = "0.8.0-rc2"; + version = "0.8.0-rc3"; - rev = "af2e8411dacbc694b1aaf9074e68a9d12270e74c"; - sha256 = "0wm7x9dwrw30jnjlnz6a224h88qd6a5794pzbjsih50lqb10g2gy"; + sha256 = "0wmkis0q2gbj7sgx3ipxngbgzjcf7ay353v3mglf2ay50q4da5i7"; isUnstable = true; extraPatches = [ (fetchpatch { - url = "https://github.com/Mic92/zfs/compare/${rev}...nixos-zfs-2018-08-13.patch"; + url = "https://github.com/Mic92/zfs/commit/bc29b5783da0af2c80c85126a1831ce1d52bfb69.patch"; sha256 = "1sdcr1w2jp3djpwlf1f91hrxxmc34q0jl388smdkxh5n5bpw5gzw"; }) ]; |