From 5a9f7d1fe65238f49c3337580ea599077033a1f4 Mon Sep 17 00:00:00 2001 From: Symphorien Gibol Date: Sun, 23 Sep 2018 18:22:53 +0200 Subject: graphviz: fix CVE-2018-10196 --- pkgs/tools/graphics/graphviz/base.nix | 20 +++++++++++++++++++- pkgs/top-level/all-packages.nix | 4 ++-- 2 files changed, 21 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/graphics/graphviz/base.nix b/pkgs/tools/graphics/graphviz/base.nix index 68ff84c7495..db21df9b5d0 100644 --- a/pkgs/tools/graphics/graphviz/base.nix +++ b/pkgs/tools/graphics/graphviz/base.nix @@ -2,12 +2,26 @@ { stdenv, fetchFromGitLab, autoreconfHook, pkgconfig, cairo, expat, flex , fontconfig, gd, gettext, gts, libdevil, libjpeg, libpng, libtool, pango -, yacc, xorg ? null, ApplicationServices ? null }: +, yacc, fetchpatch, xorg ? null, ApplicationServices ? null }: assert stdenv.isDarwin -> ApplicationServices != null; let inherit (stdenv.lib) optionals optionalString; + raw_patch = + # https://gitlab.com/graphviz/graphviz/issues/1367 CVE-2018-10196 + fetchpatch { + name = "CVE-2018-10196.patch"; + url = https://gitlab.com/graphviz/graphviz/uploads/30f8f0b00e357c112ac35fb20241604a/p.diff; + sha256 = "074qx6ch9blrnlilmz7p96fkiz2va84x2fbqdza5k4808rngirc7"; + excludes = ["tests/*"]; # we don't run them and they don't apply + }; + # the patch needs a small adaption for older versions + patch = if stdenv.lib.versionAtLeast version "2.37" then raw_patch else + stdenv.mkDerivation { + inherit (raw_patch) name; + buildCommand = "sed s/dot_root/agroot/g ${raw_patch} > $out"; + }; in stdenv.mkDerivation rec { @@ -37,6 +51,10 @@ stdenv.mkDerivation rec { "--with-ltdl-include=${libtool}/include" ] ++ stdenv.lib.optional (xorg == null) [ "--without-x" ]; + patches = [ + patch + ]; + postPatch = '' for f in $(find . -name Makefile.in); do substituteInPlace $f --replace "-lstdc++" "-lc++" diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 0062289d204..77e6cfcaebe 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -2926,9 +2926,9 @@ with pkgs; * that do want 2.32 but not 2.0 or 2.36. Please give a day's notice for * objections before removal. The feature is libgraph. */ - graphviz_2_32 = lib.overrideDerivation (callPackage ../tools/graphics/graphviz/2.32.nix { + graphviz_2_32 = (callPackage ../tools/graphics/graphviz/2.32.nix { inherit (darwin.apple_sdk.frameworks) ApplicationServices; - }) (x: { configureFlags = x.configureFlags ++ ["--with-cgraph=no"];}); + }).overrideAttrs(x: { configureFlags = x.configureFlags ++ ["--with-cgraph=no"];}); grin = callPackage ../tools/text/grin { }; -- cgit 1.4.1 From 64b3350537ad8ecfd8b4d3fd8fb31b7deb41d014 Mon Sep 17 00:00:00 2001 From: Will Dietz Date: Tue, 13 Mar 2018 20:06:43 -0500 Subject: glibc: don't use bootstrap libgcc_s Fixes #36947 --- pkgs/development/libraries/glibc/default.nix | 16 ---------------- 1 file changed, 16 deletions(-) diff --git a/pkgs/development/libraries/glibc/default.nix b/pkgs/development/libraries/glibc/default.nix index 8b17ff9e558..ce0a689cdb7 100644 --- a/pkgs/development/libraries/glibc/default.nix +++ b/pkgs/development/libraries/glibc/default.nix @@ -31,22 +31,6 @@ callPackage ./common.nix { inherit stdenv; } { # does not work. hardeningDisable = [ "stackprotector" "fortify" ]; - # When building glibc from bootstrap-tools, we need libgcc_s at RPATH for - # any program we run, because the gcc will have been placed at a new - # store path than that determined when built (as a source for the - # bootstrap-tools tarball) - # Building from a proper gcc staying in the path where it was installed, - # libgcc_s will not be at {gcc}/lib, and gcc's libgcc will be found without - # any special hack. - preInstall = '' - if [ -f ${stdenv.cc.cc}/lib/libgcc_s.so.1 ]; then - mkdir -p $out/lib - cp ${stdenv.cc.cc}/lib/libgcc_s.so.1 $out/lib/libgcc_s.so.1 - # the .so It used to be a symlink, but now it is a script - cp -a ${stdenv.cc.cc}/lib/libgcc_s.so $out/lib/libgcc_s.so - fi - ''; - postInstall = '' if test -n "$installLocales"; then make -j''${NIX_BUILD_CORES:-1} -l''${NIX_BUILD_CORES:-1} localedata/install-locales -- cgit 1.4.1 From ff30d7b957db573ae76a9a53c34c1f27eb1ee379 Mon Sep 17 00:00:00 2001 From: Tuomas Tynkkynen Date: Fri, 27 Jul 2018 21:32:04 +0300 Subject: all-packages.nix: Remove gcc7 i686 workarounds The underlying problem with libgcc is worked around. (cherry picked from commit afea12f8c33d7399ff140826cc443fafdf86365c) --- pkgs/top-level/all-packages.nix | 79 ++++++++++++++--------------------------- 1 file changed, 26 insertions(+), 53 deletions(-) diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index ec338f5b913..5892e16342a 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -7113,67 +7113,51 @@ with pkgs; llvmPackages = recurseIntoAttrs llvmPackages_5; - llvmPackages_35 = callPackage ../development/compilers/llvm/3.5 ({ + llvmPackages_35 = callPackage ../development/compilers/llvm/3.5 { isl = isl_0_14; - } // stdenv.lib.optionalAttrs (stdenv.cc.isGNU && stdenv.hostPlatform.isi686) { - stdenv = overrideCC stdenv buildPackages.gcc6; - }); + }; - llvmPackages_37 = callPackage ../development/compilers/llvm/3.7 ({ + llvmPackages_37 = callPackage ../development/compilers/llvm/3.7 { inherit (stdenvAdapters) overrideCC; buildLlvmTools = buildPackages.llvmPackages_37.tools; targetLlvmLibraries = targetPackages.llvmPackages_37.libraries; - } // stdenv.lib.optionalAttrs (stdenv.cc.isGNU && stdenv.hostPlatform.isi686) { - stdenv = overrideCC stdenv buildPackages.gcc6; - }); + }; - llvmPackages_38 = callPackage ../development/compilers/llvm/3.8 ({ + llvmPackages_38 = callPackage ../development/compilers/llvm/3.8 { inherit (stdenvAdapters) overrideCC; buildLlvmTools = buildPackages.llvmPackages_38.tools; targetLlvmLibraries = targetPackages.llvmPackages_38.libraries; - } // stdenv.lib.optionalAttrs (stdenv.cc.isGNU && stdenv.hostPlatform.isi686) { - stdenv = overrideCC stdenv buildPackages.gcc6; - }); + }; - llvmPackages_39 = callPackage ../development/compilers/llvm/3.9 ({ + llvmPackages_39 = callPackage ../development/compilers/llvm/3.9 { inherit (stdenvAdapters) overrideCC; buildLlvmTools = buildPackages.llvmPackages_39.tools; targetLlvmLibraries = targetPackages.llvmPackages_39.libraries; - } // stdenv.lib.optionalAttrs (stdenv.cc.isGNU && stdenv.hostPlatform.isi686) { - stdenv = overrideCC stdenv buildPackages.gcc6; - }); + }; - llvmPackages_4 = callPackage ../development/compilers/llvm/4 ({ + llvmPackages_4 = callPackage ../development/compilers/llvm/4 { inherit (stdenvAdapters) overrideCC; buildLlvmTools = buildPackages.llvmPackages_4.tools; targetLlvmLibraries = targetPackages.llvmPackages_4.libraries; - } // stdenv.lib.optionalAttrs (stdenv.cc.isGNU && stdenv.hostPlatform.isi686) { - stdenv = overrideCC stdenv buildPackages.gcc6; - }); + }; - llvmPackages_5 = callPackage ../development/compilers/llvm/5 ({ + llvmPackages_5 = callPackage ../development/compilers/llvm/5 { inherit (stdenvAdapters) overrideCC; buildLlvmTools = buildPackages.llvmPackages_5.tools; targetLlvmLibraries = targetPackages.llvmPackages_5.libraries; - } // stdenv.lib.optionalAttrs (stdenv.cc.isGNU && stdenv.hostPlatform.isi686) { - stdenv = overrideCC stdenv buildPackages.gcc6; # with gcc-7: undefined reference to `__divmoddi4' - }); + }; - llvmPackages_6 = callPackage ../development/compilers/llvm/6 ({ + llvmPackages_6 = callPackage ../development/compilers/llvm/6 { inherit (stdenvAdapters) overrideCC; buildLlvmTools = buildPackages.llvmPackages_6.tools; targetLlvmLibraries = targetPackages.llvmPackages_6.libraries; - } // stdenv.lib.optionalAttrs (stdenv.cc.isGNU && stdenv.hostPlatform.isi686) { - stdenv = overrideCC stdenv buildPackages.gcc6; # with gcc-7: undefined reference to `__divmoddi4' - }); + }; - llvmPackages_7 = callPackage ../development/compilers/llvm/7 ({ + llvmPackages_7 = callPackage ../development/compilers/llvm/7 { inherit (stdenvAdapters) overrideCC; buildLlvmTools = buildPackages.llvmPackages_7.tools; targetLlvmLibraries = targetPackages.llvmPackages_7.libraries; - } // stdenv.lib.optionalAttrs (stdenv.cc.isGNU && stdenv.hostPlatform.isi686) { - stdenv = overrideCC stdenv buildPackages.gcc6; # with gcc-7: undefined reference to `__divmoddi4' - }); + }; manticore = callPackage ../development/compilers/manticore { }; @@ -7308,11 +7292,9 @@ with pkgs; }; # For beta and nightly releases use the nixpkgs-mozilla overlay - rust = callPackage ../development/compilers/rust ({ + rust = callPackage ../development/compilers/rust { inherit (darwin.apple_sdk.frameworks) CoreFoundation Security; - } // stdenv.lib.optionalAttrs (stdenv.cc.isGNU && stdenv.hostPlatform.isi686) { - stdenv = overrideCC stdenv gcc6; # with gcc-7: undefined reference to `__divmoddi4' - }); + }; inherit (rust) cargo rustc; buildRustCrate = callPackage ../build-support/rust/build-rust-crate { }; @@ -7911,11 +7893,9 @@ with pkgs; stdenv = gccStdenv; }; spidermonkey_31 = callPackage ../development/interpreters/spidermonkey/31.nix { }; - spidermonkey_38 = callPackage ../development/interpreters/spidermonkey/38.nix ({ + spidermonkey_38 = callPackage ../development/interpreters/spidermonkey/38.nix { inherit (darwin) libobjc; - } // (stdenv.lib.optionalAttrs (stdenv.cc.isGNU && stdenv.hostPlatform.isi686) { - stdenv = overrideCC stdenv gcc6; # with gcc-7: undefined reference to `__divmoddi4' - })); + }; spidermonkey_52 = callPackage ../development/interpreters/spidermonkey/52.nix { }; spidermonkey = spidermonkey_31; @@ -10087,22 +10067,15 @@ with pkgs; hyena = callPackage ../development/libraries/hyena { mono = mono4; }; - icu58 = callPackage (import ../development/libraries/icu/58.nix fetchurl) ({ + icu58 = callPackage (import ../development/libraries/icu/58.nix fetchurl) { nativeBuildRoot = buildPackages.icu58.override { buildRootOnly = true; }; - } // - (stdenv.lib.optionalAttrs (stdenv.cc.isGNU && stdenv.hostPlatform.isi686) { - stdenv = overrideCC stdenv gcc6; # with gcc-7: undefined reference to `__divmoddi4' - })); - icu59 = callPackage ../development/libraries/icu/59.nix ({ + }; + icu59 = callPackage ../development/libraries/icu/59.nix { nativeBuildRoot = buildPackages.icu59.override { buildRootOnly = true; }; - } // (stdenv.lib.optionalAttrs (stdenv.cc.isGNU && stdenv.hostPlatform.isi686) { - stdenv = overrideCC stdenv gcc6; # with gcc-7: undefined reference to `__divmoddi4' - })); - icu60 = callPackage ../development/libraries/icu/60.nix ({ + }; + icu60 = callPackage ../development/libraries/icu/60.nix { nativeBuildRoot = buildPackages.icu60.override { buildRootOnly = true; }; - } // (stdenv.lib.optionalAttrs (stdenv.cc.isGNU && stdenv.hostPlatform.isi686) { - stdenv = overrideCC stdenv gcc6; # with gcc-7: undefined reference to `__divmoddi4' - })); + }; icu = icu59; -- cgit 1.4.1 From a2756a396f69d7b9496f4ab43096767bc6d23bd0 Mon Sep 17 00:00:00 2001 From: Dmitry Kalinkin Date: Sun, 18 Nov 2018 22:57:38 -0500 Subject: epoxy: 1.5.2 -> 1.5.3 --- pkgs/development/libraries/epoxy/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/epoxy/default.nix b/pkgs/development/libraries/epoxy/default.nix index 7c3dd19a479..c4285eadabc 100644 --- a/pkgs/development/libraries/epoxy/default.nix +++ b/pkgs/development/libraries/epoxy/default.nix @@ -6,13 +6,13 @@ with stdenv.lib; stdenv.mkDerivation rec { name = "epoxy-${version}"; - version = "1.5.2"; + version = "1.5.3"; src = fetchFromGitHub { owner = "anholt"; repo = "libepoxy"; rev = "${version}"; - sha256 = "0frs42s7d3ff2wlw0jns6vb3myx2bhz9m5nkzbnfyn436s2qqls3"; + sha256 = "03nrmf161xyj3q9zsigr5qj5vx5dsfxxyjva73cm1mgqqc5d60px"; }; outputs = [ "out" "dev" ]; -- cgit 1.4.1 From 6f986c8bdc92fe84856dd9b28db698ca30929d1b Mon Sep 17 00:00:00 2001 From: Will Dietz Date: Mon, 3 Dec 2018 06:18:31 -0600 Subject: libpng: 1.6.35 -> 1.6.36, license v2 --- lib/licenses.nix | 5 +++++ pkgs/development/libraries/libpng/default.nix | 12 ++++++------ 2 files changed, 11 insertions(+), 6 deletions(-) diff --git a/lib/licenses.nix b/lib/licenses.nix index fc9cb42621d..58c1b6ee611 100644 --- a/lib/licenses.nix +++ b/lib/licenses.nix @@ -451,6 +451,11 @@ lib.mapAttrs (n: v: v // { shortName = n; }) rec { fullName = "libpng License"; }; + libpng2 = { + fullName = "libpng License v2"; # 1.6.36+ + inherit (libpng) url; + }; + libtiff = spdx { spdxId = "libtiff"; fullName = "libtiff License"; diff --git a/pkgs/development/libraries/libpng/default.nix b/pkgs/development/libraries/libpng/default.nix index 9c1ed80e51e..9fc7d771202 100644 --- a/pkgs/development/libraries/libpng/default.nix +++ b/pkgs/development/libraries/libpng/default.nix @@ -3,20 +3,20 @@ assert zlib != null; let - patchVersion = "1.6.35"; + patchVersion = "1.6.36"; patch_src = fetchurl { url = "mirror://sourceforge/libpng-apng/libpng-${patchVersion}-apng.patch.gz"; - sha256 = "011fq5wgyz07pfrqs9albixbiksx3agx5nkcf3535gbvhlwv5khq"; + sha256 = "03ywdwaq1k3pfslvbs2b33z3pdmazz6yp8g56mzafacvfgd367wc"; }; whenPatched = stdenv.lib.optionalString apngSupport; in stdenv.mkDerivation rec { name = "libpng" + whenPatched "-apng" + "-${version}"; - version = "1.6.35"; + version = "1.6.36"; src = fetchurl { url = "mirror://sourceforge/libpng/libpng-${version}.tar.xz"; - sha256 = "1mxwjf5cdzk7g0y51gl9w3f0j5ypcls05i89kgnifjaqr742x493"; + sha256 = "06d35a3xz2a0kph82r56hqm1fn8fbwrqs07xzmr93dx63x695szc"; }; postPatch = whenPatched "gunzip < ${patch_src} | patch -Np1"; @@ -25,14 +25,14 @@ in stdenv.mkDerivation rec { propagatedBuildInputs = [ zlib ]; - doCheck = stdenv.hostPlatform == stdenv.buildPlatform; + doCheck = true; passthru = { inherit zlib; }; meta = with stdenv.lib; { description = "The official reference implementation for the PNG file format" + whenPatched " with animation patch"; homepage = http://www.libpng.org/pub/png/libpng.html; - license = licenses.libpng; + license = licenses.libpng2; platforms = platforms.all; maintainers = [ maintainers.vcunat maintainers.fuuzetsu ]; }; -- cgit 1.4.1 From d37b48d1e4b77aafcfcaad1139690ea4a19944ab Mon Sep 17 00:00:00 2001 From: Will Dietz Date: Sat, 29 Dec 2018 14:21:47 -0600 Subject: libpng2: link to license, SPDX seems geared to old version See https://github.com/NixOS/nixpkgs/pull/51447 for some discussion. --- lib/licenses.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/licenses.nix b/lib/licenses.nix index 58c1b6ee611..b022d8bc11b 100644 --- a/lib/licenses.nix +++ b/lib/licenses.nix @@ -453,7 +453,7 @@ lib.mapAttrs (n: v: v // { shortName = n; }) rec { libpng2 = { fullName = "libpng License v2"; # 1.6.36+ - inherit (libpng) url; + url = "http://www.libpng.org/pub/png/src/libpng-LICENSE.txt"; }; libtiff = spdx { -- cgit 1.4.1 From 69466ba96a5fbd78bff80b01582649400d4da488 Mon Sep 17 00:00:00 2001 From: Dylan Simon Date: Tue, 8 Jan 2019 10:23:32 -0500 Subject: boehm-gc: remove obsolete sys_select patch --- pkgs/development/libraries/boehm-gc/default.nix | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/pkgs/development/libraries/boehm-gc/default.nix b/pkgs/development/libraries/boehm-gc/default.nix index 5c57f21a228..399581400a0 100644 --- a/pkgs/development/libraries/boehm-gc/default.nix +++ b/pkgs/development/libraries/boehm-gc/default.nix @@ -24,10 +24,7 @@ stdenv.mkDerivation rec { export NIX_CFLAGS_COMPILE+="-D_GNU_SOURCE -DUSE_MMAP -DHAVE_DL_ITERATE_PHDR" ''; - patches = [ (fetchpatch { - url = "https://gitweb.gentoo.org/proj/musl.git/plain/dev-libs/boehm-gc/files/boehm-gc-7.6.0-sys_select.patch"; - sha256 = "1gydwlklvci30f5dpp5ccw2p2qpph5y41r55wx9idamjlq66fbb3"; - }) ] ++ + patches = # https://github.com/ivmai/bdwgc/pull/208 lib.optional stdenv.hostPlatform.isRiscV ./riscv.patch; -- cgit 1.4.1 From fa565b651012b34cc9e154ee73906fc2839ce511 Mon Sep 17 00:00:00 2001 From: Tor Hedin Brønner Date: Sun, 13 Jan 2019 21:55:50 +0100 Subject: attr: fix issues with 2.4.48 Add upstream patch to fix issues with fakechroot. --- pkgs/development/libraries/attr/default.nix | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/pkgs/development/libraries/attr/default.nix b/pkgs/development/libraries/attr/default.nix index 623864529f0..497262c04d7 100644 --- a/pkgs/development/libraries/attr/default.nix +++ b/pkgs/development/libraries/attr/default.nix @@ -12,6 +12,14 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ gettext ]; + patches = [ + # fix fakechroot: https://github.com/dex4er/fakechroot/issues/57 + (fetchurl { + url = "https://git.savannah.nongnu.org/cgit/attr.git/patch/?id=14adc898a36948267bfe5c63b399996879e94c98"; + sha256 = "0gja54fz79a9ma6b4mprnjxq77l5yg2z9xknlwhmkcrfnam02qxp"; + }) + ]; + postPatch = '' for script in install-sh include/install-sh; do patchShebangs $script -- cgit 1.4.1 From bcf54ce5bbc8c325cfd2b6bcc5cec7661ef49183 Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Tue, 15 Jan 2019 23:41:31 +0100 Subject: treewide: use ${stdenv.shell} instead of /bin/sh where possible --- pkgs/applications/editors/standardnotes/default.nix | 2 +- pkgs/applications/editors/sublime/3/common.nix | 2 +- pkgs/applications/graphics/alchemy/default.nix | 2 +- pkgs/applications/graphics/swingsane/default.nix | 2 +- pkgs/applications/graphics/wings/default.nix | 2 +- pkgs/applications/graphics/zgrviewer/default.nix | 2 +- pkgs/applications/misc/curabydagoma/default.nix | 2 +- pkgs/applications/misc/freemind/default.nix | 2 +- pkgs/applications/misc/hello-unfree/default.nix | 2 +- pkgs/applications/misc/jbidwatcher/default.nix | 2 +- pkgs/applications/misc/multibootusb/default.nix | 6 +++--- pkgs/applications/misc/openjump/default.nix | 4 ++-- pkgs/applications/misc/thinking-rock/default.nix | 2 +- .../pidgin-plugins/purple-facebook/default.nix | 2 +- .../instant-messengers/telegram/telegram-cli/default.nix | 2 +- pkgs/applications/science/logic/hol_light/default.nix | 2 +- pkgs/applications/science/logic/iprover/default.nix | 2 +- .../version-management/smartgithg/default.nix | 6 +++++- .../smartgithg/install_freedesktop_items.sh | 2 +- pkgs/applications/video/zdfmediathk/default.nix | 2 +- pkgs/applications/virtualization/xen/generic.nix | 6 +++--- pkgs/build-support/docker/default.nix | 13 ++++++++++--- pkgs/build-support/vm/default.nix | 2 +- pkgs/data/misc/geolite-legacy/builder.sh | 2 -- pkgs/development/compilers/cmdstan/default.nix | 2 +- pkgs/development/compilers/fsharp/default.nix | 2 +- pkgs/development/compilers/fsharp41/default.nix | 2 +- pkgs/development/compilers/ghc/8.2.2-binary.nix | 14 ++++++++++---- pkgs/development/compilers/ghc/gcc-clang-wrapper.sh | 2 +- pkgs/development/compilers/openjdk/8.nix | 2 +- pkgs/development/interpreters/guile/2.0.nix | 4 ++-- pkgs/development/libraries/libguestfs/default.nix | 4 ++-- pkgs/development/lisp-modules/define-package.nix | 2 +- pkgs/development/misc/avr8-burn-omat/default.nix | 2 +- pkgs/development/pharo/vm/build-vm.nix | 2 +- pkgs/development/python-modules/cmd2/default.nix | 4 ++-- pkgs/development/python-modules/cmd2/old.nix | 4 ++-- pkgs/development/python-modules/pandas/default.nix | 4 ++-- pkgs/development/tools/misc/ctags/wrapped.nix | 2 +- pkgs/development/tools/misc/distcc/default.nix | 4 ++-- pkgs/development/tools/misc/opengrok/default.nix | 2 +- pkgs/games/andyetitmoves/default.nix | 2 +- pkgs/games/eduke32/default.nix | 2 +- pkgs/games/freeorion/default.nix | 1 + pkgs/games/freeorion/fix-paths.sh | 2 +- pkgs/games/gargoyle/darwin.sh | 2 +- pkgs/games/gargoyle/default.nix | 13 ++++++++----- pkgs/games/mars/default.nix | 2 +- pkgs/games/minecraft-server/default.nix | 2 +- pkgs/games/oilrush/default.nix | 2 +- pkgs/games/openttd/default.nix | 2 +- pkgs/games/tremulous/default.nix | 2 +- pkgs/games/trigger/default.nix | 2 +- pkgs/games/vessel/default.nix | 2 +- pkgs/games/worldofgoo/default.nix | 2 +- pkgs/games/zangband/default.nix | 2 +- pkgs/misc/cups/drivers/mfcj6510dwlpr/default.nix | 2 +- pkgs/misc/drivers/foomatic-filters/default.nix | 2 +- pkgs/misc/emulators/retrofe/default.nix | 2 +- pkgs/misc/emulators/wine/builder-wow.sh | 2 -- pkgs/misc/vim-plugins/vim-utils.nix | 2 +- pkgs/os-specific/linux/alsa-plugins/wrapper.nix | 2 +- pkgs/os-specific/linux/bbswitch/default.nix | 4 ++-- pkgs/os-specific/linux/ofp/default.nix | 2 +- pkgs/os-specific/linux/rfkill/rfkill-hook.sh | 2 +- pkgs/os-specific/linux/rfkill/udev.nix | 16 +++++++++++----- pkgs/os-specific/linux/service-wrapper/default.nix | 5 +++-- .../os-specific/linux/service-wrapper/service-wrapper.sh | 2 +- pkgs/os-specific/linux/tp_smapi/default.nix | 2 +- pkgs/servers/mail/system-sendmail/default.nix | 2 +- pkgs/servers/web-apps/codimd/default.nix | 2 +- pkgs/servers/x11/xquartz/default.nix | 5 +++++ pkgs/servers/x11/xquartz/privileged | 2 +- pkgs/servers/x11/xquartz/startx | 2 +- pkgs/servers/x11/xquartz/xinitrc | 2 +- pkgs/tools/X11/xnee/default.nix | 2 +- pkgs/tools/archivers/rpmextract/default.nix | 1 + pkgs/tools/archivers/rpmextract/rpmextract.sh | 2 +- pkgs/tools/backup/flockit/default.nix | 2 +- pkgs/tools/backup/store-backup/default.nix | 2 +- pkgs/tools/graphics/briss/default.nix | 2 +- pkgs/tools/graphics/povray/default.nix | 2 +- pkgs/tools/misc/fzf/default.nix | 2 +- pkgs/tools/misc/grub/2.0x.nix | 2 +- pkgs/tools/misc/grub/trusted.nix | 2 +- pkgs/tools/misc/qjoypad/default.nix | 2 +- pkgs/tools/misc/xfstests/default.nix | 2 +- pkgs/tools/networking/airfield/default.nix | 2 +- pkgs/tools/networking/zap/default.nix | 2 +- pkgs/tools/security/eid-mw/default.nix | 14 +++++++++++--- pkgs/tools/typesetting/lout/builder.sh | 2 -- .../google-compute-engine-oslogin/default.nix | 2 +- 92 files changed, 156 insertions(+), 120 deletions(-) diff --git a/pkgs/applications/editors/standardnotes/default.nix b/pkgs/applications/editors/standardnotes/default.nix index d9bca530948..0787250fece 100644 --- a/pkgs/applications/editors/standardnotes/default.nix +++ b/pkgs/applications/editors/standardnotes/default.nix @@ -29,7 +29,7 @@ stdenv.mkDerivation rec { installPhase = '' mkdir -p $out/{bin,share} cp $src $out/share/standardNotes.AppImage - echo "#!/bin/sh" > $out/bin/standardnotes + echo "#!${stdenv.shell}" > $out/bin/standardnotes echo "${appimage-run}/bin/appimage-run $out/share/standardNotes.AppImage" >> $out/bin/standardnotes chmod +x $out/bin/standardnotes $out/share/standardNotes.AppImage ''; diff --git a/pkgs/applications/editors/sublime/3/common.nix b/pkgs/applications/editors/sublime/3/common.nix index cf6802eb9a9..71bd3544feb 100644 --- a/pkgs/applications/editors/sublime/3/common.nix +++ b/pkgs/applications/editors/sublime/3/common.nix @@ -115,7 +115,7 @@ in stdenv.mkDerivation (rec { mkdir -p $out/bin cat > $out/bin/subl <<-EOF - #!/bin/sh + #!${stdenv.shell} exec $sublime/sublime_text "\$@" EOF chmod +x $out/bin/subl diff --git a/pkgs/applications/graphics/alchemy/default.nix b/pkgs/applications/graphics/alchemy/default.nix index 848f132060f..30223658f53 100644 --- a/pkgs/applications/graphics/alchemy/default.nix +++ b/pkgs/applications/graphics/alchemy/default.nix @@ -15,7 +15,7 @@ stdenv.mkDerivation rec { mkdir -p $out/bin $out/share cp -a . $out/share/alchemy cat >> $out/bin/alchemy << EOF - #!/bin/sh + #!${stdenv.shell} cd $out/share/alchemy ${jre}/bin/java -jar Alchemy.jar "$@" EOF diff --git a/pkgs/applications/graphics/swingsane/default.nix b/pkgs/applications/graphics/swingsane/default.nix index 94666531c0c..ac3de4a4e14 100644 --- a/pkgs/applications/graphics/swingsane/default.nix +++ b/pkgs/applications/graphics/swingsane/default.nix @@ -16,7 +16,7 @@ stdenv.mkDerivation rec { installPhase = let execWrapper = '' - #!/bin/sh + #!${stdenv.shell} exec ${jre}/bin/java -jar $out/share/java/swingsane/swingsane-${version}.jar "$@" ''; diff --git a/pkgs/applications/graphics/wings/default.nix b/pkgs/applications/graphics/wings/default.nix index ed3220d2bf9..e27f074b21b 100644 --- a/pkgs/applications/graphics/wings/default.nix +++ b/pkgs/applications/graphics/wings/default.nix @@ -28,7 +28,7 @@ stdenv.mkDerivation rec { cp ebin/* $out/lib/${name}/ebin cp -R textures shaders plugins $out/lib/$name cat << EOF > $out/bin/wings - #!/bin/sh + #!${stdenv.shell} ${erlang}/bin/erl \ -pa $out/lib/${name}/ebin -run wings_start start_halt "$@" EOF diff --git a/pkgs/applications/graphics/zgrviewer/default.nix b/pkgs/applications/graphics/zgrviewer/default.nix index 03ffa8af370..c60d4b7b904 100644 --- a/pkgs/applications/graphics/zgrviewer/default.nix +++ b/pkgs/applications/graphics/zgrviewer/default.nix @@ -16,7 +16,7 @@ stdenv.mkDerivation rec { cp -r target/* "$out/share/java/zvtm/" - echo '#!/bin/sh' > "$out/bin/zgrviewer" + echo '#!${stdenv.shell}' > "$out/bin/zgrviewer" echo "${jre}/lib/openjdk/jre/bin/java -jar '$out/share/java/zvtm/zgrviewer-${version}.jar' \"\$@\"" >> "$out/bin/zgrviewer" chmod a+x "$out/bin/zgrviewer" ''; diff --git a/pkgs/applications/misc/curabydagoma/default.nix b/pkgs/applications/misc/curabydagoma/default.nix index 439b0fc2568..1ea106d6a18 100644 --- a/pkgs/applications/misc/curabydagoma/default.nix +++ b/pkgs/applications/misc/curabydagoma/default.nix @@ -44,7 +44,7 @@ stdenv.mkDerivation rec { mkdir $out/bin cat > $out/bin/curabydago <$out/bin/freemind < $out/bin/hello-unfree << EOF - #!/bin/sh + #!${stdenv.shell} echo "Hello, you are running an unfree system!" EOF chmod +x $out/bin/hello-unfree diff --git a/pkgs/applications/misc/jbidwatcher/default.nix b/pkgs/applications/misc/jbidwatcher/default.nix index ed8573b8850..2c46ea3ac9a 100644 --- a/pkgs/applications/misc/jbidwatcher/default.nix +++ b/pkgs/applications/misc/jbidwatcher/default.nix @@ -21,7 +21,7 @@ stdenv.mkDerivation rec { installPhase = '' mkdir -p "$out/bin" - echo > "$out/bin/${pname}" "#!/bin/sh" + echo > "$out/bin/${pname}" "#!${stdenv.shell}" echo >>"$out/bin/${pname}" "${java}/bin/java -Xmx512m -jar ${jarfile}" chmod +x "$out/bin/${pname}" install -D -m644 ${src} ${jarfile} diff --git a/pkgs/applications/misc/multibootusb/default.nix b/pkgs/applications/misc/multibootusb/default.nix index 02541842c36..88a7b94897d 100644 --- a/pkgs/applications/misc/multibootusb/default.nix +++ b/pkgs/applications/misc/multibootusb/default.nix @@ -1,4 +1,4 @@ -{ lib, python36Packages, fetchFromGitHub, libxcb, mtools, p7zip, parted, procps, utillinux, qt5 }: +{ stdenv, python36Packages, fetchFromGitHub, libxcb, mtools, p7zip, parted, procps, utillinux, qt5 }: python36Packages.buildPythonApplication rec { pname = "multibootusb"; name = "${pname}-${version}"; @@ -40,7 +40,7 @@ python36Packages.buildPythonApplication rec { mkdir "$out/bin" cat > "$out/bin/${pname}" <> $s << EOF - #!/bin/sh + #!${stdenv.shell} cd $dir/bin - exec /bin/sh openjump.sh + exec ${stdenv.shell} openjump.sh EOF chmod +x $s ln -s /tmp/openjump.log $dir/bin/jump.log diff --git a/pkgs/applications/misc/thinking-rock/default.nix b/pkgs/applications/misc/thinking-rock/default.nix index 1229990b1ab..ab9611326ca 100644 --- a/pkgs/applications/misc/thinking-rock/default.nix +++ b/pkgs/applications/misc/thinking-rock/default.nix @@ -24,7 +24,7 @@ stdenv.mkDerivation { mkdir -p $out/{nix-support/tr-files,bin} cp -r . $out/nix-support/tr-files cat >> $out/bin/thinkingrock << EOF - #!/bin/sh + #!${stdenv.shell} exec $out/nix-support/tr-files/bin/tr "$@" EOF chmod +x $out/bin/thinkingrock diff --git a/pkgs/applications/networking/instant-messengers/pidgin-plugins/purple-facebook/default.nix b/pkgs/applications/networking/instant-messengers/pidgin-plugins/purple-facebook/default.nix index 150c47b9b50..cff1bcc56b9 100644 --- a/pkgs/applications/networking/instant-messengers/pidgin-plugins/purple-facebook/default.nix +++ b/pkgs/applications/networking/instant-messengers/pidgin-plugins/purple-facebook/default.nix @@ -21,7 +21,7 @@ in stdenv.mkDerivation rec { postPatch = '' # we do all patching from update.sh in preAutoreconf - echo "#!/bin/sh" > update.sh + echo "#!${stdenv.shell}" > update.sh ''; preAutoreconf = '' diff --git a/pkgs/applications/networking/instant-messengers/telegram/telegram-cli/default.nix b/pkgs/applications/networking/instant-messengers/telegram/telegram-cli/default.nix index 3e9ebf3fe93..3c9157081d3 100644 --- a/pkgs/applications/networking/instant-messengers/telegram/telegram-cli/default.nix +++ b/pkgs/applications/networking/instant-messengers/telegram/telegram-cli/default.nix @@ -20,7 +20,7 @@ stdenv.mkDerivation rec { cp ./bin/telegram-cli $out/bin/telegram-wo-key cp ./tg-server.pub $out/ cat > $out/bin/telegram-cli < "$out"/bin/iprover + echo -e "#! ${stdenv.shell}\\n$out/bin/iproveropt --clausifier \"${eprover}/bin/eprover\" --clausifier_options \" --tstp-format --silent --cnf \" \"\$@\"" > "$out"/bin/iprover chmod a+x "$out"/bin/iprover ''; diff --git a/pkgs/applications/version-management/smartgithg/default.nix b/pkgs/applications/version-management/smartgithg/default.nix index d6ae37c3f7f..d03353599d9 100644 --- a/pkgs/applications/version-management/smartgithg/default.nix +++ b/pkgs/applications/version-management/smartgithg/default.nix @@ -1,4 +1,5 @@ { stdenv, fetchurl, lib, makeWrapper +, substituteAll , jre , gtk2, glib , libXtst @@ -21,7 +22,10 @@ stdenv.mkDerivation rec { buildCommand = let pkg_path = "$out/${name}"; bin_path = "$out/bin"; - install_freedesktop_items = ./install_freedesktop_items.sh; + install_freedesktop_items = substituteAll { + inherit (stdenv) shell; + src = ./install_freedesktop_items.sh; + }; runtime_paths = lib.makeBinPath [ jre #git mercurial subversion # the paths are requested in configuration diff --git a/pkgs/applications/version-management/smartgithg/install_freedesktop_items.sh b/pkgs/applications/version-management/smartgithg/install_freedesktop_items.sh index 66fb0cf8f95..2ff14dcf099 100755 --- a/pkgs/applications/version-management/smartgithg/install_freedesktop_items.sh +++ b/pkgs/applications/version-management/smartgithg/install_freedesktop_items.sh @@ -1,4 +1,4 @@ -#!/bin/sh +#!@shell@ inBinDir=$1 out=$2 diff --git a/pkgs/applications/video/zdfmediathk/default.nix b/pkgs/applications/video/zdfmediathk/default.nix index a875daf065e..befbfb2d630 100644 --- a/pkgs/applications/video/zdfmediathk/default.nix +++ b/pkgs/applications/video/zdfmediathk/default.nix @@ -21,7 +21,7 @@ mkDerivation rec { install -m644 -t $out/share/licenses Copyright/{*.*,_copyright} bin="$out/bin/mediathek" cat >> "$bin" << EOF - #!/bin/sh + #!${stdenv.shell} exec ${jre}/bin/java -cp "$out/lib/*" -Xms128M -Xmx1G -jar "$out/MediathekView.jar" "\$@" EOF chmod +x "$bin" diff --git a/pkgs/applications/virtualization/xen/generic.nix b/pkgs/applications/virtualization/xen/generic.nix index 968d998792d..93b33a1eea1 100644 --- a/pkgs/applications/virtualization/xen/generic.nix +++ b/pkgs/applications/virtualization/xen/generic.nix @@ -86,14 +86,14 @@ stdenv.mkDerivation (rec { # Fake git: just print what it wants and die cat > fake-bin/wget << EOF - #!/bin/sh -e + #!${stdenv.shell} -e echo ===== FAKE WGET: Not fetching \$* [ -e \$3 ] EOF # Fake git: just print what it wants and die cat > fake-bin/git << EOF - #!/bin/sh + #!${stdenv.shell} echo ===== FAKE GIT: Not cloning \$* [ -e \$3 ] EOF @@ -109,7 +109,7 @@ stdenv.mkDerivation (rec { # (prefetched stuff has lots of files) find . -type f | xargs sed -i 's@/usr/bin/\(python\|perl\)@/usr/bin/env \1@g' find . -type f -not -path "./tools/hotplug/Linux/xendomains.in" \ - | xargs sed -i 's@/bin/bash@/bin/sh@g' + | xargs sed -i 's@/bin/bash@${stdenv.shell}@g' # Get prefetched stuff ${withXenfiles (name: x: '' diff --git a/pkgs/build-support/docker/default.nix b/pkgs/build-support/docker/default.nix index b3a4b774b12..6de38821baf 100644 --- a/pkgs/build-support/docker/default.nix +++ b/pkgs/build-support/docker/default.nix @@ -22,7 +22,8 @@ referencesByPopularity, writeScript, writeText, - closureInfo + closureInfo, + substituteAll }: # WARNING: this API is unstable and may be subject to backwards-incompatible changes in the future. @@ -279,6 +280,12 @@ rec { # of room for extension maxLayers ? 24 }: + let + storePathToLayer = substituteAll + { inherit (stdenv) shell; + src = ./store-path-to-layer.sh; + }; + in runCommand "${name}-granular-docker-layers" { inherit maxLayers; paths = referencesByPopularity closure; @@ -298,9 +305,9 @@ rec { # following head and tail call lines, double-check that your # code behaves properly when the number of layers equals: # maxLayers-1, maxLayers, and maxLayers+1 - head -n $((maxLayers - 1)) $paths | cat -n | xargs -P$NIX_BUILD_CORES -n2 ${./store-path-to-layer.sh} + head -n $((maxLayers - 1)) $paths | cat -n | xargs -P$NIX_BUILD_CORES -n2 ${storePathToLayer} if [ $(cat $paths | wc -l) -ge $maxLayers ]; then - tail -n+$maxLayers $paths | xargs ${./store-path-to-layer.sh} $maxLayers + tail -n+$maxLayers $paths | xargs ${storePathToLayer} $maxLayers fi echo "Finished building layer '$name'" diff --git a/pkgs/build-support/vm/default.nix b/pkgs/build-support/vm/default.nix index 7880d98e6b6..bd4465e93a1 100644 --- a/pkgs/build-support/vm/default.nix +++ b/pkgs/build-support/vm/default.nix @@ -164,7 +164,7 @@ rec { # Set up automatic kernel module loading. export MODULE_DIR=${linux}/lib/modules/ ${coreutils}/bin/cat < /run/modprobe - #! /bin/sh + #! ${bash}/bin/sh export MODULE_DIR=$MODULE_DIR exec ${kmod}/bin/modprobe "\$@" EOF diff --git a/pkgs/data/misc/geolite-legacy/builder.sh b/pkgs/data/misc/geolite-legacy/builder.sh index c3e09e8543c..683b2e8606b 100644 --- a/pkgs/data/misc/geolite-legacy/builder.sh +++ b/pkgs/data/misc/geolite-legacy/builder.sh @@ -1,5 +1,3 @@ -#!/bin/sh -e - source "$stdenv/setup" mkdir -p $out/share/GeoIP diff --git a/pkgs/development/compilers/cmdstan/default.nix b/pkgs/development/compilers/cmdstan/default.nix index 2b2ae896a6d..3d9fe3a59cf 100644 --- a/pkgs/development/compilers/cmdstan/default.nix +++ b/pkgs/development/compilers/cmdstan/default.nix @@ -21,7 +21,7 @@ stdenv.mkDerivation rec { ln -s $out/opt/cmdstan/bin/stanc $out/bin/stanc ln -s $out/opt/cmdstan/bin/stansummary $out/bin/stansummary cat > $out/bin/stan <. - SHELL = "/bin/sh"; - CONFIG_SHELL = "/bin/sh"; + SHELL = "${stdenv.shell}"; + CONFIG_SHELL = "${stdenv.shell}"; }) diff --git a/pkgs/development/libraries/libguestfs/default.nix b/pkgs/development/libraries/libguestfs/default.nix index 4e43ef91e79..07c0f8cb1b4 100644 --- a/pkgs/development/libraries/libguestfs/default.nix +++ b/pkgs/development/libraries/libguestfs/default.nix @@ -30,8 +30,8 @@ stdenv.mkDerivation rec { prePatch = '' # build-time scripts - substituteInPlace run.in --replace '#!/bin/bash' '#!/bin/sh' - substituteInPlace ocaml-link.sh --replace '#!/bin/bash' '#!/bin/sh' + substituteInPlace run.in --replace '#!/bin/bash' '#!${stdenv.shell}' + substituteInPlace ocaml-link.sh --replace '#!/bin/bash' '#!${stdenv.shell}' # $(OCAMLLIB) is read-only "${ocamlPackages.ocaml}/lib/ocaml" substituteInPlace ocaml/Makefile.am --replace '$(DESTDIR)$(OCAMLLIB)' '$(out)/lib/ocaml' diff --git a/pkgs/development/lisp-modules/define-package.nix b/pkgs/development/lisp-modules/define-package.nix index 390e0e06112..49eb9c40344 100644 --- a/pkgs/development/lisp-modules/define-package.nix +++ b/pkgs/development/lisp-modules/define-package.nix @@ -41,7 +41,7 @@ let mkdir -p "$(dirname "$launch_script")" touch "$launch_script" chmod a+x "$launch_script" - echo "#! /bin/sh" >> "$launch_script" + echo "#! ${stdenv.shell}" >> "$launch_script" echo "source '$config_script'" >> "$launch_script" echo "test -n \"\$NIX_LISP_LD_LIBRARY_PATH\" export LD_LIBRARY_PATH=\"\$NIX_LISP_LD_LIBRARY_PATH\''${LD_LIBRARY_PATH:+:}\$LD_LIBRARY_PATH\"" >> "$launch_script" echo '"${clwrapper}/bin/common-lisp.sh" "$@"' >> "$launch_script" diff --git a/pkgs/development/misc/avr8-burn-omat/default.nix b/pkgs/development/misc/avr8-burn-omat/default.nix index 692f61cec74..4ddab380825 100644 --- a/pkgs/development/misc/avr8-burn-omat/default.nix +++ b/pkgs/development/misc/avr8-burn-omat/default.nix @@ -18,7 +18,7 @@ stdenv.mkDerivation { mkdir -p $out/{nix-support,bin} mv *.jar license_gpl-3.0.txt lib *.xml *.png $out/nix-support cat >> $out/bin/avr8-burn-omat << EOF - #!/bin/sh + #!${stdenv.shell} cd $out/nix-support; exec java -jar AVR8_Burn_O_Mat.jar EOF chmod +x $out/bin/avr8-burn-omat diff --git a/pkgs/development/pharo/vm/build-vm.nix b/pkgs/development/pharo/vm/build-vm.nix index c67e5a9489b..76e52692383 100644 --- a/pkgs/development/pharo/vm/build-vm.nix +++ b/pkgs/development/pharo/vm/build-vm.nix @@ -114,7 +114,7 @@ stdenv.mkDerivation rec { # Create the script cat > "$out/bin/${cmd}" < bin/pbpaste - echo '#/bin/sh' > bin/pbcopy + echo '#${stdenv.shell}' > bin/pbpaste + echo '#${stdenv.shell}' > bin/pbcopy chmod +x bin/{pbcopy,pbpaste} export PATH=$(realpath bin):$PATH ''; diff --git a/pkgs/development/python-modules/cmd2/old.nix b/pkgs/development/python-modules/cmd2/old.nix index 7778e73f92f..c6ee1eaf8bc 100644 --- a/pkgs/development/python-modules/cmd2/old.nix +++ b/pkgs/development/python-modules/cmd2/old.nix @@ -19,8 +19,8 @@ buildPythonPackage rec { postPatch = stdenv.lib.optional stdenv.isDarwin '' # Fake the impure dependencies pbpaste and pbcopy mkdir bin - echo '#/bin/sh' > bin/pbpaste - echo '#/bin/sh' > bin/pbcopy + echo '#${stdenv.shell}' > bin/pbpaste + echo '#${stdenv.shell}' > bin/pbcopy chmod +x bin/{pbcopy,pbpaste} export PATH=$(realpath bin):$PATH ''; diff --git a/pkgs/development/python-modules/pandas/default.nix b/pkgs/development/python-modules/pandas/default.nix index 839e7f1e819..c489b2cd125 100644 --- a/pkgs/development/python-modules/pandas/default.nix +++ b/pkgs/development/python-modules/pandas/default.nix @@ -96,8 +96,8 @@ in buildPythonPackage rec { # Until then we disable the tests. + optionalString isDarwin '' # Fake the impure dependencies pbpaste and pbcopy - echo "#!/bin/sh" > pbcopy - echo "#!/bin/sh" > pbpaste + echo "#!${stdenv.shell}" > pbcopy + echo "#!${stdenv.shell}" > pbpaste chmod a+x pbcopy pbpaste export PATH=$(pwd):$PATH '' + '' diff --git a/pkgs/development/tools/misc/ctags/wrapped.nix b/pkgs/development/tools/misc/ctags/wrapped.nix index 75ae9f1ba8b..ed265b4489b 100644 --- a/pkgs/development/tools/misc/ctags/wrapped.nix +++ b/pkgs/development/tools/misc/ctags/wrapped.nix @@ -14,7 +14,7 @@ with pkgs.stdenv.lib; # the derivation. use language extensions specified by args ctagsWrapped = makeOverridable ( {args, name} : pkgs.writeScriptBin name '' - #!/bin/sh + #!${stdenv.shell} exec ${pkgs.ctags}/bin/ctags ${concatStringsSep " " (map escapeShellArg args)} "$@" '') { args = let x = pkgs.ctagsWrapped; in concatLists [ diff --git a/pkgs/development/tools/misc/distcc/default.nix b/pkgs/development/tools/misc/distcc/default.nix index cef399eb5c1..e80a37d37dd 100644 --- a/pkgs/development/tools/misc/distcc/default.nix +++ b/pkgs/development/tools/misc/distcc/default.nix @@ -53,7 +53,7 @@ let mkdir -p $out/bin if [ -x "${gcc.cc}/bin/gcc" ]; then cat > $out/bin/gcc << EOF - #!/bin/sh + #!${stdenv.shell} ${extraConfig} exec ${distcc}/bin/distcc gcc "\$@" EOF @@ -61,7 +61,7 @@ let fi if [ -x "${gcc.cc}/bin/g++" ]; then cat > $out/bin/g++ << EOF - #!/bin/sh + #!${stdenv.shell} ${extraConfig} exec ${distcc}/bin/distcc g++ "\$@" EOF diff --git a/pkgs/development/tools/misc/opengrok/default.nix b/pkgs/development/tools/misc/opengrok/default.nix index c8fdf246bcf..f7b77cdc418 100644 --- a/pkgs/development/tools/misc/opengrok/default.nix +++ b/pkgs/development/tools/misc/opengrok/default.nix @@ -16,7 +16,7 @@ stdenv.mkDerivation rec { mkdir -p $out cp -a * $out/ substituteInPlace $out/bin/OpenGrok --replace "/bin/uname" "${coreutils}/bin/uname" - substituteInPlace $out/bin/Messages --replace "#!/bin/ksh" "#!/bin/sh" + substituteInPlace $out/bin/Messages --replace "#!/bin/ksh" "#!${stdenv.shell}" wrapProgram $out/bin/OpenGrok \ --prefix PATH : "${stdenv.lib.makeBinPath [ ctags git ]}" \ --set JAVA_HOME "${jre}" \ diff --git a/pkgs/games/andyetitmoves/default.nix b/pkgs/games/andyetitmoves/default.nix index 97cbe616c57..123d4296c97 100644 --- a/pkgs/games/andyetitmoves/default.nix +++ b/pkgs/games/andyetitmoves/default.nix @@ -50,7 +50,7 @@ stdenv.mkDerivation rec { patchelf --set-interpreter $(cat $NIX_CC/nix-support/dynamic-linker) --set-rpath $fullPath $out/opt/andyetitmoves/lib/$binName cat > $out/bin/$binName << EOF - #!/bin/sh + #!${stdenv.shell} cd $out/opt/andyetitmoves exec ./lib/$binName EOF diff --git a/pkgs/games/eduke32/default.nix b/pkgs/games/eduke32/default.nix index 502a554bae2..859e503e101 100644 --- a/pkgs/games/eduke32/default.nix +++ b/pkgs/games/eduke32/default.nix @@ -45,7 +45,7 @@ in stdenv.mkDerivation rec { installPhase = '' # Make wrapper script cat > eduke32-wrapper < "$out/bin/mars" - #! /bin/sh + #! ${stdenv.shell} cd "$out/share/mars/" exec "$out/bin/mars.bin" "\$@" EOF diff --git a/pkgs/games/minecraft-server/default.nix b/pkgs/games/minecraft-server/default.nix index 050e0126fa7..97e0a5b81fd 100644 --- a/pkgs/games/minecraft-server/default.nix +++ b/pkgs/games/minecraft-server/default.nix @@ -18,7 +18,7 @@ stdenv.mkDerivation rec { cp -v $src $out/lib/minecraft/server.jar cat > $out/bin/minecraft-server << EOF - #!/bin/sh + #!${stdenv.shell} exec ${jre}/bin/java \$@ -jar $out/lib/minecraft/server.jar nogui EOF diff --git a/pkgs/games/oilrush/default.nix b/pkgs/games/oilrush/default.nix index 319cdb610ca..2d636064205 100644 --- a/pkgs/games/oilrush/default.nix +++ b/pkgs/games/oilrush/default.nix @@ -54,7 +54,7 @@ stdenv.mkDerivation { cp -r * "$out/opt/oilrush" mkdir -p "$out/bin" cat << EOF > "$out/bin/oilrush" - #! /bin/sh + #!${stdenv.shell} LD_LIBRARY_PATH=.:${makeLibraryPath [ openal ]}:\$LD_LIBRARY_PATH cd "$out/opt/oilrush" exec ./launcher_$arch.sh "\$@" diff --git a/pkgs/games/openttd/default.nix b/pkgs/games/openttd/default.nix index 78fdb32b436..e5243aef2d3 100644 --- a/pkgs/games/openttd/default.nix +++ b/pkgs/games/openttd/default.nix @@ -21,7 +21,7 @@ let }; playmidi = writeScriptBin "playmidi" '' - #!/bin/sh + #!${stdenv.shell} trap "${procps}/bin/pkill fluidsynth" EXIT ${fluidsynth}/bin/fluidsynth -a ${audioDriver} -i ${soundfont-fluid}/share/soundfonts/FluidR3_GM2-2.sf2 $* ''; diff --git a/pkgs/games/tremulous/default.nix b/pkgs/games/tremulous/default.nix index ce30be7be0b..fd1a3e178d5 100644 --- a/pkgs/games/tremulous/default.nix +++ b/pkgs/games/tremulous/default.nix @@ -49,7 +49,7 @@ stdenv.mkDerivation rec { for b in tremulous tremded do cat << EOF > $out/bin/$b - #!/bin/sh + #!${stdenv.shell} cd $out/opt/tremulous exec ./$b.$arch "\$@" EOF diff --git a/pkgs/games/trigger/default.nix b/pkgs/games/trigger/default.nix index fc6a45ace57..85157d8df18 100644 --- a/pkgs/games/trigger/default.nix +++ b/pkgs/games/trigger/default.nix @@ -23,7 +23,7 @@ stdenv.mkDerivation rec { postInstall = '' mkdir -p $out/bin cat < $out/bin/trigger-rally - #!/bin/sh + #!${stdenv.shell} exec $out/games/trigger-rally "$@" EOF chmod +x $out/bin/trigger-rally diff --git a/pkgs/games/vessel/default.nix b/pkgs/games/vessel/default.nix index ab6f1ca765c..83fce64ca32 100644 --- a/pkgs/games/vessel/default.nix +++ b/pkgs/games/vessel/default.nix @@ -59,7 +59,7 @@ stdenv.mkDerivation rec { done cat > $out/bin/Vessel << EOW - #!/bin/sh + #!${stdenv.shell} cd $out/libexec/strangeloop/vessel/ exec ./x86/vessel.x86 EOW diff --git a/pkgs/games/worldofgoo/default.nix b/pkgs/games/worldofgoo/default.nix index ad86072dd1c..97bfd9e730c 100644 --- a/pkgs/games/worldofgoo/default.nix +++ b/pkgs/games/worldofgoo/default.nix @@ -60,7 +60,7 @@ stdenv.mkDerivation rec { #makeWrapper doesn't do cd. :( cat > $out/bin/WorldofGoo << EOF - #!/bin/sh + #!${stdenv.shell} cd $out/libexec/2dboy/WorldOfGoo exec ./WorldOfGoo.bin64 EOF diff --git a/pkgs/games/zangband/default.nix b/pkgs/games/zangband/default.nix index 6fab4982534..3d5da239115 100644 --- a/pkgs/games/zangband/default.nix +++ b/pkgs/games/zangband/default.nix @@ -28,7 +28,7 @@ stdenv.mkDerivation rec { postInstall = '' mv $out/bin/zangband $out/bin/.zangband.real - echo '#! /bin/sh + echo '#! ${stdenv.shell} PATH="$PATH:${coreutils}/bin" ZANGBAND_PATH="$HOME/.zangband" diff --git a/pkgs/misc/cups/drivers/mfcj6510dwlpr/default.nix b/pkgs/misc/cups/drivers/mfcj6510dwlpr/default.nix index ff71df5dc1b..607e3c2c57f 100644 --- a/pkgs/misc/cups/drivers/mfcj6510dwlpr/default.nix +++ b/pkgs/misc/cups/drivers/mfcj6510dwlpr/default.nix @@ -34,7 +34,7 @@ stdenv.mkDerivation rec { unpackPhase = "true"; brprintconf_mfcj6510dw_script = '' - #!/bin/sh + #!${stdenv.shell} cd $(mktemp -d) ln -s @out@/usr/bin/brprintconf_mfcj6510dw_patched brprintconf_mfcj6510dw_patched ln -s @out@/opt/brother/Printers/mfcj6510dw/inf/brmfcj6510dwfunc brmfcj6510dwfunc diff --git a/pkgs/misc/drivers/foomatic-filters/default.nix b/pkgs/misc/drivers/foomatic-filters/default.nix index 99286d5f204..580b473b0cd 100644 --- a/pkgs/misc/drivers/foomatic-filters/default.nix +++ b/pkgs/misc/drivers/foomatic-filters/default.nix @@ -21,7 +21,7 @@ stdenv.mkDerivation rec { preConfigure = '' - substituteInPlace foomaticrip.c --replace /bin/bash /bin/sh + substituteInPlace foomaticrip.c --replace /bin/bash ${stdenv.shell} ''; installTargets = "install-cups"; diff --git a/pkgs/misc/emulators/retrofe/default.nix b/pkgs/misc/emulators/retrofe/default.nix index 40c1fcc6fde..fa2121f5bc1 100644 --- a/pkgs/misc/emulators/retrofe/default.nix +++ b/pkgs/misc/emulators/retrofe/default.nix @@ -38,7 +38,7 @@ stdenv.mkDerivation rec { mv $out/share/retrofe/example/retrofe $out/bin/ cat > $out/bin/retrofe-init << EOF - #!/bin/sh + #!${stdenv.shell} echo "This will install retrofe's example files into this directory" echo "Example files location: $out/share/retrofe/example/" diff --git a/pkgs/misc/emulators/wine/builder-wow.sh b/pkgs/misc/emulators/wine/builder-wow.sh index 1aad9fe20c7..c006db3116b 100644 --- a/pkgs/misc/emulators/wine/builder-wow.sh +++ b/pkgs/misc/emulators/wine/builder-wow.sh @@ -1,5 +1,3 @@ -#!/bin/sh - ## build described at http://wiki.winehq.org/Wine64 source $stdenv/setup diff --git a/pkgs/misc/vim-plugins/vim-utils.nix b/pkgs/misc/vim-plugins/vim-utils.nix index cf5eeaec3e3..9216c4a4eb7 100644 --- a/pkgs/misc/vim-plugins/vim-utils.nix +++ b/pkgs/misc/vim-plugins/vim-utils.nix @@ -362,7 +362,7 @@ rec { vimWithRC = {vimExecutable, name ? null, vimrcFile ? null, gvimrcFile ? null}: let rcOption = o: file: stdenv.lib.optionalString (file != null) "-${o} ${file}"; in writeScriptBin (if name == null then "vim" else name) '' - #!/bin/sh + #!${stdenv.shell} exec ${vimExecutable} ${rcOption "u" vimrcFile} ${rcOption "U" gvimrcFile} "$@" ''; diff --git a/pkgs/os-specific/linux/alsa-plugins/wrapper.nix b/pkgs/os-specific/linux/alsa-plugins/wrapper.nix index 60262a14c9b..769b6ecd9bf 100644 --- a/pkgs/os-specific/linux/alsa-plugins/wrapper.nix +++ b/pkgs/os-specific/linux/alsa-plugins/wrapper.nix @@ -1,5 +1,5 @@ { writeScriptBin, stdenv, alsaPlugins }: writeScriptBin "ap${if stdenv.hostPlatform.system == "i686-linux" then "32" else "64"}" '' - #/bin/sh + #${stdenv.shell} ALSA_PLUGIN_DIRS=${alsaPlugins}/lib/alsa-lib "$@" '' diff --git a/pkgs/os-specific/linux/bbswitch/default.nix b/pkgs/os-specific/linux/bbswitch/default.nix index f5d3b4f5c4e..f5bc7458240 100644 --- a/pkgs/os-specific/linux/bbswitch/default.nix +++ b/pkgs/os-specific/linux/bbswitch/default.nix @@ -36,12 +36,12 @@ stdenv.mkDerivation { mkdir -p $out/bin tee $out/bin/discrete_vga_poweroff << EOF - #!/bin/sh + #!${stdenv.shell} echo -n OFF > /proc/acpi/bbswitch EOF tee $out/bin/discrete_vga_poweron << EOF - #!/bin/sh + #!${stdenv.shell} echo -n ON > /proc/acpi/bbswitch EOF diff --git a/pkgs/os-specific/linux/ofp/default.nix b/pkgs/os-specific/linux/ofp/default.nix index 3b2a22e452d..93cf33979f4 100644 --- a/pkgs/os-specific/linux/ofp/default.nix +++ b/pkgs/os-specific/linux/ofp/default.nix @@ -20,7 +20,7 @@ stdenv.mkDerivation rec { postPatch = '' substituteInPlace configure.ac --replace m4_esyscmd m4_esyscmd_s - substituteInPlace scripts/git_hash.sh --replace /bin/bash /bin/sh + substituteInPlace scripts/git_hash.sh --replace /bin/bash ${stdenv.shell} echo ${version} > .scmversion ''; diff --git a/pkgs/os-specific/linux/rfkill/rfkill-hook.sh b/pkgs/os-specific/linux/rfkill/rfkill-hook.sh index bf6e679660c..75716e40dae 100755 --- a/pkgs/os-specific/linux/rfkill/rfkill-hook.sh +++ b/pkgs/os-specific/linux/rfkill/rfkill-hook.sh @@ -1,4 +1,4 @@ -#!/bin/sh +#!@shell@ # Executes a hook in case of a change to the # rfkill state. The hook can be passed as diff --git a/pkgs/os-specific/linux/rfkill/udev.nix b/pkgs/os-specific/linux/rfkill/udev.nix index 054ed471eaa..de23071f026 100644 --- a/pkgs/os-specific/linux/rfkill/udev.nix +++ b/pkgs/os-specific/linux/rfkill/udev.nix @@ -1,4 +1,4 @@ -{ stdenv }: +{ stdenv, substituteAll }: # Provides a facility to hook into rfkill changes. # @@ -10,7 +10,7 @@ # Add a hook script in the managed etc directory, e.g.: # etc = [ # { source = pkgs.writeScript "rtfkill.hook" '' -# #!/bin/sh +# #!${stdenv.shell} # # if [ "$RFKILL_STATE" -eq "1" ]; then # exec ${config.system.build.upstart}/sbin/initctl emit -n antenna-on @@ -24,7 +24,13 @@ # Note: this package does not need the binaries # in the rfkill package. -stdenv.mkDerivation { +let + rfkillHook = + substituteAll { + inherit (stdenv) shell; + src = ./rfkill-hook.sh; + }; +in stdenv.mkDerivation { name = "rfkill-udev"; unpackPhase = "true"; @@ -37,7 +43,7 @@ stdenv.mkDerivation { EOF mkdir -p "$out/bin/"; - cp ${./rfkill-hook.sh} "$out/bin/rfkill-hook.sh" + cp ${rfkillHook} "$out/bin/rfkill-hook.sh" chmod +x "$out/bin/rfkill-hook.sh"; ''; @@ -46,4 +52,4 @@ stdenv.mkDerivation { description = "Rules+hook for udev to catch rfkill state changes"; platforms = stdenv.lib.platforms.linux; }; -} \ No newline at end of file +} diff --git a/pkgs/os-specific/linux/service-wrapper/default.nix b/pkgs/os-specific/linux/service-wrapper/default.nix index 64e38b41a5f..6c9635b3aee 100644 --- a/pkgs/os-specific/linux/service-wrapper/default.nix +++ b/pkgs/os-specific/linux/service-wrapper/default.nix @@ -1,4 +1,4 @@ -{ lib, runCommand, substituteAll, coreutils }: +{ stdenv, runCommand, substituteAll, coreutils }: let name = "service-wrapper-${version}"; @@ -7,10 +7,11 @@ in runCommand "${name}" { script = substituteAll { src = ./service-wrapper.sh; + inherit (stdenv) shell; inherit coreutils; }; - meta = with lib; { + meta = with stdenv.lib; { description = "A convenient wrapper for the systemctl commands, borrow from Ubuntu"; license = licenses.gpl2Plus; platforms = platforms.linux; diff --git a/pkgs/os-specific/linux/service-wrapper/service-wrapper.sh b/pkgs/os-specific/linux/service-wrapper/service-wrapper.sh index 373d86443f0..460bf678e6a 100755 --- a/pkgs/os-specific/linux/service-wrapper/service-wrapper.sh +++ b/pkgs/os-specific/linux/service-wrapper/service-wrapper.sh @@ -1,4 +1,4 @@ -#!/bin/sh +#!@shell@ ########################################################################### # /usr/bin/service diff --git a/pkgs/os-specific/linux/tp_smapi/default.nix b/pkgs/os-specific/linux/tp_smapi/default.nix index 89c6639748d..6ad232e0b1d 100644 --- a/pkgs/os-specific/linux/tp_smapi/default.nix +++ b/pkgs/os-specific/linux/tp_smapi/default.nix @@ -19,7 +19,7 @@ stdenv.mkDerivation rec { makeFlags = [ "KBASE=${kernel.dev}/lib/modules/${kernel.modDirVersion}" - "SHELL=/bin/sh" + "SHELL=${stdenv.shell}" "HDAPS=1" ]; diff --git a/pkgs/servers/mail/system-sendmail/default.nix b/pkgs/servers/mail/system-sendmail/default.nix index 0e290f13518..fe0aeb5b3af 100644 --- a/pkgs/servers/mail/system-sendmail/default.nix +++ b/pkgs/servers/mail/system-sendmail/default.nix @@ -1,7 +1,7 @@ { stdenv, writeText }: let script = writeText "script" '' - #!/bin/sh + #!${stdenv.shell} if command -v sendmail > /dev/null 2>&1 && [ "$(command -v sendmail)" != "{{MYPATH}}" ]; then exec sendmail "$@" diff --git a/pkgs/servers/web-apps/codimd/default.nix b/pkgs/servers/web-apps/codimd/default.nix index e9f5e089872..c48a9f938bd 100644 --- a/pkgs/servers/web-apps/codimd/default.nix +++ b/pkgs/servers/web-apps/codimd/default.nix @@ -126,7 +126,7 @@ stdenv.mkDerivation rec { installPhase = '' mkdir -p $out/bin cat > $out/bin/codimd <&2 diff --git a/pkgs/tools/backup/flockit/default.nix b/pkgs/tools/backup/flockit/default.nix index e569d9b6d59..e6284aa42d7 100644 --- a/pkgs/tools/backup/flockit/default.nix +++ b/pkgs/tools/backup/flockit/default.nix @@ -16,7 +16,7 @@ stdenv.mkDerivation rec { cp ./libflockit.so $out/lib (cat < $out/bin/flockit diff --git a/pkgs/tools/backup/store-backup/default.nix b/pkgs/tools/backup/store-backup/default.nix index 5f44e19fdf2..7324f75d95f 100644 --- a/pkgs/tools/backup/store-backup/default.nix +++ b/pkgs/tools/backup/store-backup/default.nix @@ -9,7 +9,7 @@ # known impurity: test cases seem to bu using /tmp/storeBackup.lock .. -let dummyMount = writeScriptBin "mount" "#!/bin/sh"; +let dummyMount = writeScriptBin "mount" "#!${stdenv.shell}"; in stdenv.mkDerivation rec { diff --git a/pkgs/tools/graphics/briss/default.nix b/pkgs/tools/graphics/briss/default.nix index a5045f97b45..fb9b7cae488 100644 --- a/pkgs/tools/graphics/briss/default.nix +++ b/pkgs/tools/graphics/briss/default.nix @@ -18,7 +18,7 @@ in stdenv.mkDerivation { mkdir -p "$out/bin"; mkdir -p "$out/share"; install -D -m444 -t "$out/share" *.jar - echo "#!/bin/sh" > "$out/bin/briss" + echo "#!${stdenv.shell}" > "$out/bin/briss" echo "${jre}/bin/java -Xms128m -Xmx1024m -cp \"$out/share/\" -jar \"$out/share/briss-${version}.jar\"" >> "$out/bin/briss" chmod +x "$out/bin/briss" ''; diff --git a/pkgs/tools/graphics/povray/default.nix b/pkgs/tools/graphics/povray/default.nix index 76829b6b727..dc9d9630ae5 100644 --- a/pkgs/tools/graphics/povray/default.nix +++ b/pkgs/tools/graphics/povray/default.nix @@ -34,7 +34,7 @@ stdenv.mkDerivation rec { preInstall = '' mkdir "$TMP/bin" for i in chown chgrp; do - echo '#!/bin/sh' >> "$TMP/bin/$i" + echo '#!${stdenv.shell}' >> "$TMP/bin/$i" chmod +x "$TMP/bin/$i" PATH="$TMP/bin:$PATH" done diff --git a/pkgs/tools/misc/fzf/default.nix b/pkgs/tools/misc/fzf/default.nix index a882fe9a9ba..08efe3e6e18 100644 --- a/pkgs/tools/misc/fzf/default.nix +++ b/pkgs/tools/misc/fzf/default.nix @@ -47,7 +47,7 @@ buildGoPackage rec { cp -R $src/shell $bin/share/fzf cat <