diff options
author | Alyssa Ross <hi@alyssa.is> | 2022-01-03 23:55:00 +0000 |
---|---|---|
committer | Alyssa Ross <hi@alyssa.is> | 2022-02-19 11:03:39 +0000 |
commit | f4cf97a04cd5d0b86aa46baec9fb228a8f671c03 (patch) | |
tree | 28192415ff39a661d0001563bf81cc93fa25d16d /nixpkgs/pkgs/os-specific | |
parent | f8422837c9bde058e8f2de37702e7e94b2226040 (diff) | |
parent | 18c84ea816348e2a098390101b92d1e39a9dbd45 (diff) | |
download | nixlib-f4cf97a04cd5d0b86aa46baec9fb228a8f671c03.tar nixlib-f4cf97a04cd5d0b86aa46baec9fb228a8f671c03.tar.gz nixlib-f4cf97a04cd5d0b86aa46baec9fb228a8f671c03.tar.bz2 nixlib-f4cf97a04cd5d0b86aa46baec9fb228a8f671c03.tar.lz nixlib-f4cf97a04cd5d0b86aa46baec9fb228a8f671c03.tar.xz nixlib-f4cf97a04cd5d0b86aa46baec9fb228a8f671c03.tar.zst nixlib-f4cf97a04cd5d0b86aa46baec9fb228a8f671c03.zip |
Merge commit '18c84ea816348e2a098390101b92d1e39a9dbd45'
Conflicts: nixpkgs/nixos/modules/misc/documentation.nix nixpkgs/pkgs/applications/networking/browsers/firefox/packages.nix nixpkgs/pkgs/applications/window-managers/sway/default.nix nixpkgs/pkgs/build-support/rust/build-rust-package/default.nix nixpkgs/pkgs/development/go-modules/generic/default.nix nixpkgs/pkgs/development/interpreters/ruby/default.nix nixpkgs/pkgs/development/interpreters/ruby/patchsets.nix nixpkgs/pkgs/development/libraries/boehm-gc/7.6.6.nix nixpkgs/pkgs/development/python-modules/django-mailman3/default.nix nixpkgs/pkgs/servers/mail/mailman/web.nix nixpkgs/pkgs/top-level/aliases.nix nixpkgs/pkgs/top-level/all-packages.nix nixpkgs/pkgs/top-level/impure.nix
Diffstat (limited to 'nixpkgs/pkgs/os-specific')
255 files changed, 4088 insertions, 1689 deletions
diff --git a/nixpkgs/pkgs/os-specific/bsd/netbsd/default.nix b/nixpkgs/pkgs/os-specific/bsd/netbsd/default.nix index 8f24d28409f9..beaa176dae15 100644 --- a/nixpkgs/pkgs/os-specific/bsd/netbsd/default.nix +++ b/nixpkgs/pkgs/os-specific/bsd/netbsd/default.nix @@ -72,7 +72,7 @@ in lib.makeScopeWithSplicing nativeBuildInputs = with buildPackages.netbsd; [ bsdSetupHook netbsdSetupHook makeMinimal - install tsort lorder mandoc groff statHook rsync + install tsort lorder buildPackages.mandoc groff statHook rsync ]; buildInputs = with self; compatIfNeeded; @@ -508,7 +508,7 @@ in lib.makeScopeWithSplicing nativeBuildInputs = with buildPackages.netbsd; [ bsdSetupHook netbsdSetupHook makeMinimal - install mandoc groff nbperf + install mandoc groff nbperf rsync ]; makeFlags = defaultMakeFlags ++ [ "TOOLDIR=$(out)" ]; extraPaths = with self; [ @@ -674,7 +674,7 @@ in lib.makeScopeWithSplicing nativeBuildInputs = with buildPackages.netbsd; [ bsdSetupHook netbsdSetupHook makeMinimal - byacc install tsort lorder mandoc statHook + byacc install tsort lorder mandoc statHook rsync ]; buildInputs = with self; [ headers ]; SHLIBINSTALLDIR = "$(out)/lib"; @@ -707,7 +707,7 @@ in lib.makeScopeWithSplicing sha256 = "0pq05k3dj0dfsczv07frnnji92mazmy2qqngqbx2zgqc1x251414"; nativeBuildInputs = with buildPackages.netbsd; [ bsdSetupHook netbsdSetupHook - makeMinimal install tsort lorder mandoc statHook nbperf tic + makeMinimal install tsort lorder mandoc statHook nbperf tic rsync ]; buildInputs = with self; compatIfNeeded; SHLIBINSTALLDIR = "$(out)/lib"; @@ -966,7 +966,15 @@ in lib.makeScopeWithSplicing noCC = true; version = "9.2"; sha256 = "1l4lmj4kmg8dl86x94sr45w0xdnkz8dn4zjx0ipgr9bnq98663zl"; - makeFlags = defaultMakeFlags ++ [ "FILESDIR=$(out)/share" ]; + # man0 generates a man.pdf using ps2pdf, but doesn't install it later, + # so we can avoid the dependency on ghostscript + postPatch = '' + substituteInPlace man0/Makefile --replace "ps2pdf" "echo noop " + ''; + makeFlags = defaultMakeFlags ++ [ + "FILESDIR=$(out)/share" + "MKRUMP=no" # would require to have additional path sys/rump/share/man + ]; }; # # END MISCELLANEOUS diff --git a/nixpkgs/pkgs/os-specific/darwin/DarwinTools/default.nix b/nixpkgs/pkgs/os-specific/darwin/DarwinTools/default.nix index 588769c7bfc6..f648435eed27 100644 --- a/nixpkgs/pkgs/os-specific/darwin/DarwinTools/default.nix +++ b/nixpkgs/pkgs/os-specific/darwin/DarwinTools/default.nix @@ -1,10 +1,11 @@ { lib, stdenv, fetchurl }: stdenv.mkDerivation rec { - name = "DarwinTools-1"; + pname = "DarwinTools"; + version = "1"; src = fetchurl { - url = "https://opensource.apple.com/tarballs/DarwinTools/${name}.tar.gz"; + url = "https://opensource.apple.com/tarballs/DarwinTools/DarwinTools-${version}.tar.gz"; sha256 = "0hh4jl590jv3v830p77r3jcrnpndy7p2b8ajai3ldpnx2913jfhp"; }; diff --git a/nixpkgs/pkgs/os-specific/darwin/apple-sdk/default.nix b/nixpkgs/pkgs/os-specific/darwin/apple-sdk/default.nix index 56b77fbf2148..0cf95cbe9c56 100644 --- a/nixpkgs/pkgs/os-specific/darwin/apple-sdk/default.nix +++ b/nixpkgs/pkgs/os-specific/darwin/apple-sdk/default.nix @@ -271,7 +271,7 @@ in rec { overrides = super: { AppKit = lib.overrideDerivation super.AppKit (drv: { - __propagatedImpureHostDeps = drv.__propagatedImpureHostDeps ++ [ + __propagatedImpureHostDeps = drv.__propagatedImpureHostDeps or [] ++ [ "/System/Library/PrivateFrameworks/" ]; }); @@ -285,13 +285,13 @@ in rec { }); CoreMedia = lib.overrideDerivation super.CoreMedia (drv: { - __propagatedImpureHostDeps = drv.__propagatedImpureHostDeps ++ [ + __propagatedImpureHostDeps = drv.__propagatedImpureHostDeps or [] ++ [ "/System/Library/Frameworks/CoreImage.framework" ]; }); CoreMIDI = lib.overrideDerivation super.CoreMIDI (drv: { - __propagatedImpureHostDeps = drv.__propagatedImpureHostDeps ++ [ + __propagatedImpureHostDeps = drv.__propagatedImpureHostDeps or [] ++ [ "/System/Library/PrivateFrameworks/" ]; setupHook = ./private-frameworks-setup-hook.sh; diff --git a/nixpkgs/pkgs/os-specific/darwin/apple-source-releases/Libc/0001-Define-TARGET_OS_EMBEDDED-in-std-lib-io-if-not-defin.patch b/nixpkgs/pkgs/os-specific/darwin/apple-source-releases/Libc/0001-Define-TARGET_OS_EMBEDDED-in-std-lib-io-if-not-defin.patch new file mode 100644 index 000000000000..2ba67734c544 --- /dev/null +++ b/nixpkgs/pkgs/os-specific/darwin/apple-source-releases/Libc/0001-Define-TARGET_OS_EMBEDDED-in-std-lib-io-if-not-defin.patch @@ -0,0 +1,47 @@ +From 187d0e8847d080790b22724352e51de50d214dd8 Mon Sep 17 00:00:00 2001 +From: toonn <toonn@toonn.io> +Date: Tue, 27 Jul 2021 15:12:14 +0200 +Subject: [PATCH] Define TARGET_OS_EMBEDDED in std{lib,io} if not defined + +Originally attempted including `TargetConditionals.h` but this had +knock-on effects, for example, breaking the zlib build because of +`TARGET_OS_MAC` getting defined. + +This should be the lowest impact solution and corresponds to the default +behavior IIUC. +--- + include/stdio.h | 3 +++ + include/stdlib.h | 3 +++ + 2 files changed, 6 insertions(+) + +diff --git a/include/stdio.h b/include/stdio.h +index d0cf7a5..487496e 100644 +--- a/include/stdio.h ++++ b/include/stdio.h +@@ -351,6 +351,9 @@ __END_DECLS + /* Additional functionality provided by: + * POSIX.2-1992 C Language Binding Option + */ ++#ifndef TARGET_OS_EMBEDDED ++# define TARGET_OS_EMBEDDED 0 ++#endif + #if TARGET_OS_EMBEDDED + #define __swift_unavailable_on(osx_msg, ios_msg) __swift_unavailable(ios_msg) + #else +diff --git a/include/stdlib.h b/include/stdlib.h +index c04d3a7..0b454ba 100644 +--- a/include/stdlib.h ++++ b/include/stdlib.h +@@ -183,6 +183,9 @@ unsigned long long + #ifndef LIBC_ALIAS_SYSTEM + //End-Libc + ++#ifndef TARGET_OS_EMBEDDED ++# define TARGET_OS_EMBEDDED 0 ++#endif + #if TARGET_OS_EMBEDDED + #define __swift_unavailable_on(osx_msg, ios_msg) __swift_unavailable(ios_msg) + #else +-- +2.17.2 (Apple Git-113) + diff --git a/nixpkgs/pkgs/os-specific/darwin/apple-source-releases/Libc/default.nix b/nixpkgs/pkgs/os-specific/darwin/apple-source-releases/Libc/default.nix index 9bec0b103c9d..915d3a61f816 100644 --- a/nixpkgs/pkgs/os-specific/darwin/apple-source-releases/Libc/default.nix +++ b/nixpkgs/pkgs/os-specific/darwin/apple-source-releases/Libc/default.nix @@ -3,6 +3,10 @@ appleDerivation' stdenvNoCC { nativeBuildInputs = [ ed unifdef ]; + patches = [ + ./0001-Define-TARGET_OS_EMBEDDED-in-std-lib-io-if-not-defin.patch + ]; + # TODO: asl.h actually comes from syslog project now installPhase = '' export SRCROOT=$PWD diff --git a/nixpkgs/pkgs/os-specific/darwin/apple-source-releases/Libsystem/default.nix b/nixpkgs/pkgs/os-specific/darwin/apple-source-releases/Libsystem/default.nix index 66190b7b4e37..86c91e9b55cc 100644 --- a/nixpkgs/pkgs/os-specific/darwin/apple-source-releases/Libsystem/default.nix +++ b/nixpkgs/pkgs/os-specific/darwin/apple-source-releases/Libsystem/default.nix @@ -63,20 +63,21 @@ appleDerivation' stdenv { cat <<EOF > $out/include/TargetConditionals.h #ifndef __TARGETCONDITIONALS__ #define __TARGETCONDITIONALS__ - #define TARGET_OS_MAC 1 - #define TARGET_OS_OSX 1 - #define TARGET_OS_WIN32 0 - #define TARGET_OS_UNIX 0 - #define TARGET_OS_EMBEDDED 0 - #define TARGET_OS_IPHONE 0 - #define TARGET_OS_IOS 0 - #define TARGET_OS_WATCH 0 - #define TARGET_OS_BRIDGE 0 - #define TARGET_OS_TV 0 - #define TARGET_OS_SIMULATOR 0 - #define TARGET_IPHONE_SIMULATOR 0 - #define TARGET_OS_NANO 0 - #define TARGET_OS_LINUX 0 + #define TARGET_OS_MAC 1 + #define TARGET_OS_WIN32 0 + #define TARGET_OS_UNIX 0 + #define TARGET_OS_OSX 1 + #define TARGET_OS_IPHONE 0 + #define TARGET_OS_IOS 0 + #define TARGET_OS_WATCH 0 + #define TARGET_OS_BRIDGE 0 + #define TARGET_OS_TV 0 + #define TARGET_OS_SIMULATOR 0 + #define TARGET_OS_EMBEDDED 0 + #define TARGET_OS_EMBEDDED_OTHER 0 /* Used in configd */ + #define TARGET_IPHONE_SIMULATOR TARGET_OS_SIMULATOR /* deprecated */ + #define TARGET_OS_NANO TARGET_OS_WATCH /* deprecated */ + #define TARGET_OS_LINUX 0 #define TARGET_CPU_PPC 0 #define TARGET_CPU_PPC64 0 @@ -84,6 +85,7 @@ appleDerivation' stdenv { #define TARGET_CPU_X86 0 #define TARGET_CPU_X86_64 1 #define TARGET_CPU_ARM 0 + #define TARGET_CPU_ARM64 0 #define TARGET_CPU_MIPS 0 #define TARGET_CPU_SPARC 0 #define TARGET_CPU_ALPHA 0 diff --git a/nixpkgs/pkgs/os-specific/darwin/apple-source-releases/xnu/python3.patch b/nixpkgs/pkgs/os-specific/darwin/apple-source-releases/xnu/python3.patch index 10778406c8e0..9f29376187f4 100644 --- a/nixpkgs/pkgs/os-specific/darwin/apple-source-releases/xnu/python3.patch +++ b/nixpkgs/pkgs/os-specific/darwin/apple-source-releases/xnu/python3.patch @@ -18,7 +18,7 @@ index 73b2db4..d354ba0 100755 - m = id_name_pattern.match(line) - if m: + m = id_name_pattern.match(line) -+ if m: ++ if m: code_table += [(int(m.group(1),base=16), m.group(2))] # emit typedef: diff --git a/nixpkgs/pkgs/os-specific/darwin/insert_dylib/default.nix b/nixpkgs/pkgs/os-specific/darwin/insert_dylib/default.nix index 07e8886e3e63..7ab9692f0d42 100644 --- a/nixpkgs/pkgs/os-specific/darwin/insert_dylib/default.nix +++ b/nixpkgs/pkgs/os-specific/darwin/insert_dylib/default.nix @@ -1,18 +1,22 @@ { lib, stdenv, fetchFromGitHub, xcbuildHook }: -stdenv.mkDerivation - { name = "insert_dylib-2016.08.28"; - src = fetchFromGitHub - { owner = "Tyilo"; - repo = "insert_dylib"; - rev = "c8beef66a08688c2feeee2c9b6eaf1061c2e67a9"; - sha256 = "0az38y06pvvy9jf2wnzdwp9mp98lj6nr0ldv0cs1df5p9x2qvbya"; - }; - nativeBuildInputs = [ xcbuildHook ]; - installPhase = - '' - mkdir -p $out/bin - install -m755 Products/Release/insert_dylib $out/bin - ''; - meta.platforms = lib.platforms.darwin; - } +stdenv.mkDerivation { + pname = "insert_dylib"; + version = "unstable-2016-08-28"; + + src = fetchFromGitHub { + owner = "Tyilo"; + repo = "insert_dylib"; + rev = "c8beef66a08688c2feeee2c9b6eaf1061c2e67a9"; + sha256 = "0az38y06pvvy9jf2wnzdwp9mp98lj6nr0ldv0cs1df5p9x2qvbya"; + }; + + nativeBuildInputs = [ xcbuildHook ]; + + installPhase = '' + mkdir -p $out/bin + install -m755 Products/Release/insert_dylib $out/bin + ''; + + meta.platforms = lib.platforms.darwin; +} diff --git a/nixpkgs/pkgs/os-specific/darwin/maloader/default.nix b/nixpkgs/pkgs/os-specific/darwin/maloader/default.nix index 9142484e043c..bcd9fe6488d2 100644 --- a/nixpkgs/pkgs/os-specific/darwin/maloader/default.nix +++ b/nixpkgs/pkgs/os-specific/darwin/maloader/default.nix @@ -1,7 +1,8 @@ { lib, stdenv, fetchgit, opencflite, clang, libcxx }: stdenv.mkDerivation { - name = "maloader-0git"; + pname = "maloader"; + version = "unstable-2014-02-25"; src = fetchgit { url = "git://github.com/shinh/maloader.git"; diff --git a/nixpkgs/pkgs/os-specific/darwin/rewrite-tbd/default.nix b/nixpkgs/pkgs/os-specific/darwin/rewrite-tbd/default.nix index f41b81b3bc90..e5ef118e514c 100644 --- a/nixpkgs/pkgs/os-specific/darwin/rewrite-tbd/default.nix +++ b/nixpkgs/pkgs/os-specific/darwin/rewrite-tbd/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, cmake, pkg-config, libyaml }: +{ stdenv, lib, fetchFromGitHub, cmake, pkg-config, libyaml }: stdenv.mkDerivation { pname = "rewrite-tbd"; @@ -13,4 +13,11 @@ stdenv.mkDerivation { nativeBuildInputs = [ cmake pkg-config ]; buildInputs = [ libyaml ]; + + meta = with lib; { + homepage = "https://github.com/thefloweringash/rewrite-tbd/"; + description = "Rewrite filepath in .tbd to Nix applicable format"; + platforms = platforms.darwin; + license = licenses.mit; + }; } diff --git a/nixpkgs/pkgs/os-specific/darwin/swift-corelibs/0001-Add-missing-TARGET_OS_-defines.patch b/nixpkgs/pkgs/os-specific/darwin/swift-corelibs/0001-Add-missing-TARGET_OS_-defines.patch new file mode 100644 index 000000000000..db17c517c720 --- /dev/null +++ b/nixpkgs/pkgs/os-specific/darwin/swift-corelibs/0001-Add-missing-TARGET_OS_-defines.patch @@ -0,0 +1,30 @@ +From 549160574ee44656d50997b27ef83736e0848201 Mon Sep 17 00:00:00 2001 +From: toonn <toonn@toonn.io> +Date: Mon, 26 Apr 2021 20:51:05 +0200 +Subject: [PATCH] Add missing TARGET_OS_* defines + +--- + .../Base.subproj/SwiftRuntime/TargetConditionals.h | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/CoreFoundation/Base.subproj/SwiftRuntime/TargetConditionals.h b/CoreFoundation/Base.subproj/SwiftRuntime/TargetConditionals.h +index 6d42b873..abf746c9 100644 +--- a/CoreFoundation/Base.subproj/SwiftRuntime/TargetConditionals.h ++++ b/CoreFoundation/Base.subproj/SwiftRuntime/TargetConditionals.h +@@ -118,6 +118,13 @@ + + #define TARGET_OS_WIN32 TARGET_OS_WINDOWS + #define TARGET_OS_MAC TARGET_OS_DARWIN ++#define TARGET_OS_OSX TARGET_OS_DARWIN ++ ++#define TARGET_OS_IPHONE 0 ++#define TARGET_OS_WATCH 0 ++#define TARGET_OS_TV 0 ++#define TARGET_OS_EMBEDDED 0 ++ + + #if __x86_64__ + #define TARGET_CPU_PPC 0 +-- +2.17.2 (Apple Git-113) + diff --git a/nixpkgs/pkgs/os-specific/darwin/swift-corelibs/corefoundation.nix b/nixpkgs/pkgs/os-specific/darwin/swift-corelibs/corefoundation.nix index 560be0c31ab6..bfe862eb3957 100644 --- a/nixpkgs/pkgs/os-specific/darwin/swift-corelibs/corefoundation.nix +++ b/nixpkgs/pkgs/os-specific/darwin/swift-corelibs/corefoundation.nix @@ -23,6 +23,8 @@ stdenv.mkDerivation { nativeBuildInputs = [ ninja python3 ]; buildInputs = [ curl libxml2 objc4 ICU ]; + patches = [ ./0001-Add-missing-TARGET_OS_-defines.patch ]; + postPatch = '' cd CoreFoundation @@ -71,23 +73,12 @@ stdenv.mkDerivation { enableParallelBuilding = true; - # FIXME: Workaround for intermittent build failures of CFRuntime.c. - # Based on testing this issue seems to only occur with clang_7, so - # please remove this when updating the default llvm versions to 8 or - # later. - buildPhase = lib.optionalString true '' - for i in {1..512}; do - if ninja -j $NIX_BUILD_CORES; then - break - fi - - echo >&2 - echo "[$i/512] retrying build, workaround for #66811" >&2 - echo " With clang_7 the build of CFRuntime.c fails intermittently." >&2 - echo " See https://github.com/NixOS/nixpkgs/issues/66811 for more details." >&2 - echo >&2 - continue - done + buildPhase = '' + runHook preBuild + + ninja -j $NIX_BUILD_CORES + + runHook postBuild ''; # TODO: their build system sorta kinda can do this, but it doesn't seem to work right now diff --git a/nixpkgs/pkgs/os-specific/darwin/yabai/default.nix b/nixpkgs/pkgs/os-specific/darwin/yabai/default.nix index b371e97d06fc..5a3daed9fff8 100644 --- a/nixpkgs/pkgs/os-specific/darwin/yabai/default.nix +++ b/nixpkgs/pkgs/os-specific/darwin/yabai/default.nix @@ -1,17 +1,24 @@ -{ lib, stdenv, fetchFromGitHub, Carbon, Cocoa, ScriptingBridge, xxd }: +{ lib, stdenv, fetchFromGitHub, darwin, xxd }: stdenv.mkDerivation rec { pname = "yabai"; - version = "3.3.4"; + version = "3.3.10"; src = fetchFromGitHub { owner = "koekeishiya"; repo = pname; rev = "v${version}"; - sha256 = "1pvyjdxgy7yxxz4x87f8an0dlxvxbnmv5kya8hkzw2na453ihvab"; + sha256 = "sha256-8O6//T894C32Pba3F2Z84Z6VWeCXlwml3xsXoIZGqL0="; }; - buildInputs = [ Carbon Cocoa ScriptingBridge xxd ]; + nativeBuildInputs = [ xxd ]; + + buildInputs = with darwin.apple_sdk.frameworks; [ + Carbon + Cocoa + ScriptingBridge + SkyLight + ]; installPhase = '' mkdir -p $out/bin diff --git a/nixpkgs/pkgs/os-specific/linux/acpi-call/default.nix b/nixpkgs/pkgs/os-specific/linux/acpi-call/default.nix index 39842927c9a1..b84ecd21293a 100644 --- a/nixpkgs/pkgs/os-specific/linux/acpi-call/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/acpi-call/default.nix @@ -16,7 +16,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = kernel.moduleBuildDependencies; - makeFlags = [ + makeFlags = kernel.makeFlags ++ [ "KDIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" ]; diff --git a/nixpkgs/pkgs/os-specific/linux/acpid/default.nix b/nixpkgs/pkgs/os-specific/linux/acpid/default.nix index 2b8dac0c8e43..b766739aaafa 100644 --- a/nixpkgs/pkgs/os-specific/linux/acpid/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/acpid/default.nix @@ -2,23 +2,15 @@ stdenv.mkDerivation rec { pname = "acpid"; - version = "2.0.32"; + version = "2.0.33"; src = fetchurl { url = "mirror://sourceforge/acpid2/acpid-${version}.tar.xz"; - sha256 = "0zhmxnhnhg4v1viw82yjr22kram6k5k1ixznhayk8cnw7q5x7lpj"; + sha256 = "sha256-CFb3Gz6zShtmPQqOY2Pfy8UZ5j2EczBJiJhljily2+g="; }; nativeBuildInputs = [ autoreconfHook ]; - # remove when https://sourceforge.net/p/acpid2/code/merge-requests/1/ is merged - postPatch = '' - substituteInPlace configure.ac \ - --replace "AC_FUNC_MALLOC" "" \ - --replace "AC_FUNC_REALLOC" "" \ - --replace "strrchr strtol" "strrchr strtol malloc realloc" - ''; - meta = with lib; { homepage = "https://sourceforge.net/projects/acpid2/"; description = "A daemon for delivering ACPI events to userspace programs"; diff --git a/nixpkgs/pkgs/os-specific/linux/alsa-project/alsa-utils/default.nix b/nixpkgs/pkgs/os-specific/linux/alsa-project/alsa-utils/default.nix index 782e6ffce8cb..e614be978c06 100644 --- a/nixpkgs/pkgs/os-specific/linux/alsa-project/alsa-utils/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/alsa-project/alsa-utils/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "alsa-utils"; - version = "1.2.5.1"; + version = "1.2.6"; src = fetchurl { url = "mirror://alsa/utils/${pname}-${version}.tar.bz2"; - sha256 = "sha256-nBaa43pJKV+bl7kqzncoA9r2tlEKGVdOC3j4flYhGNA="; + sha256 = "sha256-ah79ih8dnTjkiWM+rsH/+lwxVmOzFsq4BL5IaIfmFF0="; }; nativeBuildInputs = [ gettext makeWrapper ]; diff --git a/nixpkgs/pkgs/os-specific/linux/amdgpu-pro/default.nix b/nixpkgs/pkgs/os-specific/linux/amdgpu-pro/default.nix index 13dd8302b18d..0f65d1c0c484 100644 --- a/nixpkgs/pkgs/os-specific/linux/amdgpu-pro/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/amdgpu-pro/default.nix @@ -1,6 +1,6 @@ { lib, stdenv, fetchurl, elfutils , xorg, patchelf, openssl, libdrm, udev -, libxcb, libxshmfence, epoxy, perl, zlib +, libxcb, libxshmfence, libepoxy, perl, zlib , ncurses , libsOnly ? false, kernel ? null }: @@ -101,7 +101,7 @@ in stdenv.mkDerivation rec { depLibPath = makeLibraryPath [ stdenv.cc.cc.lib xorg.libXext xorg.libX11 xorg.libXdamage xorg.libXfixes zlib - xorg.libXxf86vm libxcb libxshmfence epoxy openssl libdrm elfutils udev ncurses5 + xorg.libXxf86vm libxcb libxshmfence libepoxy openssl libdrm elfutils udev ncurses5 ]; installPhase = '' @@ -173,7 +173,7 @@ in stdenv.mkDerivation rec { meta = with lib; { description = "AMDGPU-PRO drivers"; - homepage = "http://support.amd.com/en-us/kb-articles/Pages/AMDGPU-PRO-Beta-Driver-for-Vulkan-Release-Notes.aspx"; + homepage = "https://www.amd.com/en/support"; license = licenses.unfree; platforms = platforms.linux; maintainers = with maintainers; [ corngood ]; diff --git a/nixpkgs/pkgs/os-specific/linux/apparmor/default.nix b/nixpkgs/pkgs/os-specific/linux/apparmor/default.nix index 344913888d57..8e95c44f95cd 100644 --- a/nixpkgs/pkgs/os-specific/linux/apparmor/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/apparmor/default.nix @@ -4,13 +4,14 @@ , linuxHeaders ? stdenv.cc.libc.linuxHeaders , gawk , withPerl ? stdenv.hostPlatform == stdenv.buildPlatform && lib.meta.availableOn stdenv.hostPlatform perl, perl -, withPython ? stdenv.hostPlatform == stdenv.buildPlatform && lib.meta.availableOn stdenv.hostPlatform python, python +, withPython ? stdenv.hostPlatform == stdenv.buildPlatform && lib.meta.availableOn stdenv.hostPlatform python3, python3 , swig , ncurses , pam , libnotify , buildPackages , coreutils +, bash , gnugrep , gnused , kmod @@ -26,7 +27,7 @@ let homepage = "https://apparmor.net/"; description = "A mandatory access control system - ${component}"; license = licenses.gpl2; - maintainers = with maintainers; [ joachifm julm phreedom thoughtpolice ]; + maintainers = with maintainers; [ joachifm julm thoughtpolice ]; platforms = platforms.linux; }; @@ -44,10 +45,11 @@ let prePatchCommon = '' chmod a+x ./common/list_capabilities.sh ./common/list_af_names.sh patchShebangs ./common/list_capabilities.sh ./common/list_af_names.sh - substituteInPlace ./common/Make.rules --replace "/usr/bin/pod2man" "${buildPackages.perl}/bin/pod2man" - substituteInPlace ./common/Make.rules --replace "/usr/bin/pod2html" "${buildPackages.perl}/bin/pod2html" - substituteInPlace ./common/Make.rules --replace "/usr/include/linux/capability.h" "${linuxHeaders}/include/linux/capability.h" - substituteInPlace ./common/Make.rules --replace "/usr/share/man" "share/man" + substituteInPlace ./common/Make.rules \ + --replace "/usr/bin/pod2man" "${buildPackages.perl}/bin/pod2man" \ + --replace "/usr/bin/pod2html" "${buildPackages.perl}/bin/pod2html" \ + --replace "/usr/include/linux/capability.h" "${linuxHeaders}/include/linux/capability.h" \ + --replace "/usr/share/man" "share/man" ''; patches = lib.optionals stdenv.hostPlatform.isMusl [ @@ -65,9 +67,16 @@ let # FIXME: convert these to a single multiple-outputs package? libapparmor = stdenv.mkDerivation { - name = "libapparmor-${apparmor-version}"; + pname = "libapparmor"; + version = apparmor-version; + src = apparmor-sources; + # checking whether python bindings are enabled... yes + # checking for python3... no + # configure: error: python is required when enabling python bindings + strictDeps = false; + nativeBuildInputs = [ autoreconfHook bison @@ -77,11 +86,10 @@ let ncurses which perl - ]; + ] ++ lib.optional withPython python3; - buildInputs = [] - ++ lib.optional withPerl perl - ++ lib.optional withPython python; + buildInputs = lib.optional withPerl perl + ++ lib.optional withPython python3; # required to build apparmor-parser dontDisableStatic = true; @@ -94,7 +102,10 @@ let ''; inherit patches; - postPatch = "cd ./libraries/libapparmor"; + postPatch = '' + cd ./libraries/libapparmor + ''; + # https://gitlab.com/apparmor/apparmor/issues/1 configureFlags = [ (lib.withFeature withPerl "perl") @@ -114,14 +125,19 @@ let }; apparmor-utils = stdenv.mkDerivation { - name = "apparmor-utils-${apparmor-version}"; + pname = "apparmor-utils"; + version = apparmor-version; + src = apparmor-sources; - nativeBuildInputs = [ makeWrapper which ]; + strictDeps = true; + + nativeBuildInputs = [ makeWrapper which python3 ]; buildInputs = [ + bash perl - python + python3 libapparmor libapparmor.python ]; @@ -131,9 +147,9 @@ let lib.optionalString stdenv.hostPlatform.isMusl '' sed -i ./utils/Makefile -e "/\<vim\>/d" '' + '' - substituteInPlace ./utils/apparmor/easyprof.py --replace "/sbin/apparmor_parser" "${apparmor-parser}/bin/apparmor_parser" - substituteInPlace ./utils/apparmor/aa.py --replace "/sbin/apparmor_parser" "${apparmor-parser}/bin/apparmor_parser" - substituteInPlace ./utils/logprof.conf --replace "/sbin/apparmor_parser" "${apparmor-parser}/bin/apparmor_parser" + for file in utils/apparmor/easyprof.py utils/apparmor/aa.py utils/logprof.conf; do + substituteInPlace $file --replace "/sbin/apparmor_parser" "${apparmor-parser}/bin/apparmor_parser" + done ''; inherit patches; postPatch = "cd ./utils"; @@ -143,7 +159,7 @@ let postInstall = '' sed -i $out/bin/aa-unconfined -e "/my_env\['PATH'\]/d" for prog in aa-audit aa-autodep aa-cleanprof aa-complain aa-disable aa-enforce aa-genprof aa-logprof aa-mergeprof aa-unconfined ; do - wrapProgram $out/bin/$prog --prefix PYTHONPATH : "$out/lib/${python.libPrefix}/site-packages:$PYTHONPATH" + wrapProgram $out/bin/$prog --prefix PYTHONPATH : "$out/lib/${python3.libPrefix}/site-packages:$PYTHONPATH" done substituteInPlace $out/bin/aa-notify \ @@ -153,7 +169,7 @@ let substituteInPlace $out/bin/aa-remove-unknown \ --replace "/lib/apparmor/rc.apparmor.functions" "${apparmor-parser}/lib/apparmor/rc.apparmor.functions" wrapProgram $out/bin/aa-remove-unknown \ - --prefix PATH : ${lib.makeBinPath [gawk]} + --prefix PATH : ${lib.makeBinPath [ gawk ]} ln -s ${aa-teardown} $out/bin/aa-teardown ''; @@ -166,7 +182,9 @@ let }; apparmor-bin-utils = stdenv.mkDerivation { - name = "apparmor-bin-utils-${apparmor-version}"; + pname = "apparmor-bin-utils"; + version = apparmor-version; + src = apparmor-sources; nativeBuildInputs = [ @@ -181,7 +199,9 @@ let ]; prePatch = prePatchCommon; - postPatch = "cd ./binutils"; + postPatch = '' + cd ./binutils + ''; makeFlags = [ "LANGS=" "USE_SYSTEM=1" ]; installFlags = [ "DESTDIR=$(out)" "BINDIR=$(out)/bin" "SBINDIR=$(out)/bin" ]; @@ -191,7 +211,9 @@ let }; apparmor-parser = stdenv.mkDerivation { - name = "apparmor-parser-${apparmor-version}"; + name = "apparmor-parser"; + version = apparmor-version; + src = apparmor-sources; nativeBuildInputs = [ bison flex which ]; @@ -199,17 +221,20 @@ let buildInputs = [ libapparmor ]; prePatch = prePatchCommon + '' - substituteInPlace ./parser/Makefile --replace "/usr/bin/bison" "${bison}/bin/bison" - substituteInPlace ./parser/Makefile --replace "/usr/bin/flex" "${flex}/bin/flex" - substituteInPlace ./parser/Makefile --replace "/usr/include/linux/capability.h" "${linuxHeaders}/include/linux/capability.h" ## techdoc.pdf still doesn't build ... - substituteInPlace ./parser/Makefile --replace "manpages htmlmanpages pdf" "manpages htmlmanpages" + substituteInPlace ./parser/Makefile \ + --replace "/usr/bin/bison" "${bison}/bin/bison" \ + --replace "/usr/bin/flex" "${flex}/bin/flex" \ + --replace "/usr/include/linux/capability.h" "${linuxHeaders}/include/linux/capability.h" \ + --replace "manpages htmlmanpages pdf" "manpages htmlmanpages" substituteInPlace parser/rc.apparmor.functions \ --replace "/sbin/apparmor_parser" "$out/bin/apparmor_parser" sed -i parser/rc.apparmor.functions -e '2i . ${./fix-rc.apparmor.functions.sh}' ''; inherit patches; - postPatch = "cd ./parser"; + postPatch = '' + cd ./parser + ''; makeFlags = [ "LANGS=" "USE_SYSTEM=1" "INCLUDEDIR=${libapparmor}/include" "AR=${stdenv.cc.bintools.targetPrefix}ar" @@ -222,14 +247,18 @@ let }; apparmor-pam = stdenv.mkDerivation { - name = "apparmor-pam-${apparmor-version}"; + pname = "apparmor-pam"; + version = apparmor-version; + src = apparmor-sources; nativeBuildInputs = [ pkg-config which ]; buildInputs = [ libapparmor pam ]; - postPatch = "cd ./changehat/pam_apparmor"; + postPatch = '' + cd ./changehat/pam_apparmor + ''; makeFlags = [ "USE_SYSTEM=1" ]; installFlags = [ "DESTDIR=$(out)" ]; @@ -239,12 +268,17 @@ let }; apparmor-profiles = stdenv.mkDerivation { - name = "apparmor-profiles-${apparmor-version}"; + pname = "apparmor-profiles"; + version = apparmor-version; + src = apparmor-sources; nativeBuildInputs = [ which ]; - postPatch = "cd ./profiles"; + postPatch = '' + cd ./profiles + ''; + installFlags = [ "DESTDIR=$(out)" "EXTRAS_DEST=$(out)/share/apparmor/extra-profiles" ]; inherit doCheck; @@ -253,7 +287,9 @@ let }; apparmor-kernel-patches = stdenv.mkDerivation { - name = "apparmor-kernel-patches-${apparmor-version}"; + pname = "apparmor-kernel-patches"; + version = apparmor-version; + src = apparmor-sources; dontBuild = true; @@ -294,7 +330,7 @@ let touch $out while read -r path do printf >>$out "%s,\n" ${lib.concatMapStringsSep " " (x: "\"${x}\"") (baseRules ++ additionalRules)} - done <${closureInfo {inherit rootPaths;}}/store-paths + done <${closureInfo { inherit rootPaths; }}/store-paths ''; in { diff --git a/nixpkgs/pkgs/os-specific/linux/asus-ec-sensors/default.nix b/nixpkgs/pkgs/os-specific/linux/asus-ec-sensors/default.nix new file mode 100644 index 000000000000..f046ec206ab6 --- /dev/null +++ b/nixpkgs/pkgs/os-specific/linux/asus-ec-sensors/default.nix @@ -0,0 +1,34 @@ +{ lib, stdenv, fetchFromGitHub, kernel }: + +stdenv.mkDerivation rec { + name = "asus-ec-sensors-${version}-${kernel.version}"; + version = "unstable-2021-12-16"; + + src = fetchFromGitHub { + owner = "zeule"; + repo = "asus-ec-sensors"; + rev = "3621741c4ecb93216d546942707a9c413e971787"; + sha256 = "0akdga2854q3w0pyi0jywa6cxr32541ifz0ka1hgn6j4czk39kyn"; + }; + + hardeningDisable = [ "pic" ]; + + nativeBuildInputs = kernel.moduleBuildDependencies; + + makeFlags = [ + "KERNELRELEASE=${kernel.modDirVersion}" + "KDIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}" + ]; + + installPhase = '' + install asus-ec-sensors.ko -Dm444 -t ${placeholder "out"}/lib/modules/${kernel.modDirVersion}/kernel/drivers/hwmon + ''; + + meta = with lib; { + description = "Linux HWMON sensors driver for ASUS motherboards to read sensor data from the embedded controller"; + homepage = "https://github.com/zeule/asus-ec-sensors"; + license = licenses.gpl2; + platforms = [ "x86_64-linux" ]; + maintainers = with maintainers; [ nickhu ]; + }; +} diff --git a/nixpkgs/pkgs/os-specific/linux/audit/default.nix b/nixpkgs/pkgs/os-specific/linux/audit/default.nix index a7f17e449505..9fd24eea6d9b 100644 --- a/nixpkgs/pkgs/os-specific/linux/audit/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/audit/default.nix @@ -1,6 +1,7 @@ { lib, stdenv, buildPackages, fetchurl, fetchpatch, runCommand, + autoreconfHook, autoconf, automake, libtool, enablePython ? false, python ? null, }: @@ -19,8 +20,7 @@ stdenv.mkDerivation rec { outputs = [ "bin" "dev" "out" "man" ]; depsBuildBuild = [ buildPackages.stdenv.cc ]; - nativeBuildInputs = lib.optionals stdenv.hostPlatform.isMusl - [ autoconf automake libtool ]; + nativeBuildInputs = [ autoreconfHook ]; buildInputs = lib.optional enablePython python; configureFlags = [ @@ -44,8 +44,7 @@ stdenv.mkDerivation rec { url = "https://github.com/linux-audit/audit-userspace/commit/017e6c6ab95df55f34e339d2139def83e5dada1f.patch"; sha256 = "100xa1rzkv0mvhjbfgpfm72f7c4p68syflvgc3xm6pxgrqqmfq8h"; }) - ] - ++ lib.optional stdenv.hostPlatform.isMusl [ + ( let patch = fetchpatch { url = "https://github.com/linux-audit/audit-userspace/commit/d579a08bb1cde71f939c13ac6b2261052ae9f77e.patch"; @@ -60,6 +59,14 @@ stdenv.mkDerivation rec { '-* Copyright (c) 2007-09,2011-16 Red Hat Inc., Durham, North Carolina.' '' ) + + # upstream fix for linux-headers-5.15 which removed ipx.h + (fetchpatch { + name = "no-ipx.patch"; + url = "https://github.com/linux-audit/audit-userspace/commit/6b09724c69d91668418ddb3af00da6db6755208c.patch"; + sha256 = "0qjq41ridyamajz9v9nyplgq7f8nn3fxw375s9sa5a0igsrx9pm0"; + excludes = [ "ChangeLog" ]; + }) ]; prePatch = '' diff --git a/nixpkgs/pkgs/os-specific/linux/autofs/default.nix b/nixpkgs/pkgs/os-specific/linux/autofs/default.nix index 3055a91161b3..7b29f5a0e5cf 100644 --- a/nixpkgs/pkgs/os-specific/linux/autofs/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/autofs/default.nix @@ -1,14 +1,12 @@ { lib, stdenv, fetchurl, flex, bison, linuxHeaders, libtirpc, mount, umount, nfs-utils, e2fsprogs , libxml2, libkrb5, kmod, openldap, sssd, cyrus_sasl, openssl, rpcsvc-proto }: -let +stdenv.mkDerivation rec { version = "5.1.6"; - name = "autofs-${version}"; -in stdenv.mkDerivation { - inherit name; + pname = "autofs"; src = fetchurl { - url = "mirror://kernel/linux/daemons/autofs/v5/${name}.tar.xz"; + url = "mirror://kernel/linux/daemons/autofs/v5/autofs-${version}.tar.xz"; sha256 = "1vya21mb4izj3khcr3flibv7xc15vvx2v0rjfk5yd31qnzcy7pnx"; }; diff --git a/nixpkgs/pkgs/os-specific/linux/autosuspend/default.nix b/nixpkgs/pkgs/os-specific/linux/autosuspend/default.nix index e9931f0ab7e2..f25568f5a7cc 100644 --- a/nixpkgs/pkgs/os-specific/linux/autosuspend/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/autosuspend/default.nix @@ -5,13 +5,13 @@ python3.pkgs.buildPythonApplication rec { pname = "autosuspend"; - version = "4.0.0"; + version = "4.0.1"; src = fetchFromGitHub { owner = "languitar"; repo = pname; rev = "v${version}"; - sha256 = "03qca6avn7bwxcavif7q2nqfzivzp0py7qw3i4hsb28gjrq9nz36"; + sha256 = "149b4qn3nmz48ydnlcgks3as3zzzzn3f5cvj3kdxqxjy4c052lpz"; }; postPatch = '' diff --git a/nixpkgs/pkgs/os-specific/linux/bcc/absolute-ausyscall.patch b/nixpkgs/pkgs/os-specific/linux/bcc/absolute-ausyscall.patch new file mode 100644 index 000000000000..7480e9c5d97b --- /dev/null +++ b/nixpkgs/pkgs/os-specific/linux/bcc/absolute-ausyscall.patch @@ -0,0 +1,43 @@ +From 01e793163231c5085afced37471df32b94a313f5 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io> +Date: Thu, 30 Dec 2021 06:34:41 +0100 +Subject: [PATCH] absolute ausyscall +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Signed-off-by: Jörg Thalheim <joerg@thalheim.io> +--- + libbpf-tools/syscall_helpers.c | 2 +- + src/python/bcc/syscall.py | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/libbpf-tools/syscall_helpers.c b/libbpf-tools/syscall_helpers.c +index e114a08f..62adea78 100644 +--- a/libbpf-tools/syscall_helpers.c ++++ b/libbpf-tools/syscall_helpers.c +@@ -47,7 +47,7 @@ void init_syscall_names(void) + int err; + FILE *f; + +- f = popen("ausyscall --dump 2>/dev/null", "r"); ++ f = popen("@ausyscall@ --dump 2>/dev/null", "r"); + if (!f) { + warn("popen: ausyscall --dump: %s\n", strerror(errno)); + return; +diff --git a/src/python/bcc/syscall.py b/src/python/bcc/syscall.py +index 1346b4e8..e7e29a11 100644 +--- a/src/python/bcc/syscall.py ++++ b/src/python/bcc/syscall.py +@@ -376,7 +376,7 @@ def _parse_syscall(line): + try: + # Skip the first line, which is a header. The rest of the lines are simply + # SYSCALL_NUM\tSYSCALL_NAME pairs. +- out = subprocess.check_output(['ausyscall', '--dump'], stderr=subprocess.STDOUT) ++ out = subprocess.check_output(['@ausyscall@', '--dump'], stderr=subprocess.STDOUT) + # remove the first line of expected output + out = out.split(b'\n',1)[1] + syscalls = dict(map(_parse_syscall, out.strip().split(b'\n'))) +-- +2.34.0 + diff --git a/nixpkgs/pkgs/os-specific/linux/bcc/default.nix b/nixpkgs/pkgs/os-specific/linux/bcc/default.nix index 221f38faa879..caeaed455f7e 100644 --- a/nixpkgs/pkgs/os-specific/linux/bcc/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/bcc/default.nix @@ -1,12 +1,13 @@ { lib, stdenv, fetchFromGitHub -, makeWrapper, cmake, llvmPackages, kernel +, makeWrapper, cmake, llvmPackages , flex, bison, elfutils, python, luajit, netperf, iperf, libelf -, systemtap, bash, libbpf +, bash, libbpf, nixosTests +, audit }: python.pkgs.buildPythonApplication rec { pname = "bcc"; - version = "0.20.0"; + version = "0.23.0"; disabled = !stdenv.isLinux; @@ -14,15 +15,14 @@ python.pkgs.buildPythonApplication rec { owner = "iovisor"; repo = "bcc"; rev = "v${version}"; - sha256 = "1xnpz2zv445dp5h0160drv6xlvrnwfj23ngc4dp3clcd59jh1baq"; + sha256 = "sha256-iLVUwJTDQ8Bn38sgHOcIR8TYxIB+gIlfTgr9+gPU0gE="; }; format = "other"; buildInputs = with llvmPackages; [ - llvm llvm.dev libclang kernel + llvm llvm.dev libclang elfutils luajit netperf iperf - systemtap.stapBuild flex bash - libbpf + flex bash libbpf ]; patches = [ @@ -32,21 +32,26 @@ python.pkgs.buildPythonApplication rec { ]; propagatedBuildInputs = [ python.pkgs.netaddr ]; - nativeBuildInputs = [ makeWrapper cmake flex bison llvmPackages.llvm.dev ] - # libelf is incompatible with elfutils-libelf - ++ lib.filter (x: x != libelf) kernel.moduleBuildDependencies; + nativeBuildInputs = [ makeWrapper cmake flex bison llvmPackages.llvm.dev ]; cmakeFlags = [ - "-DBCC_KERNEL_MODULES_DIR=${kernel.dev}/lib/modules" + "-DBCC_KERNEL_MODULES_DIR=/run/booted-system/kernel-modules/lib/modules" "-DREVISION=${version}" "-DENABLE_USDT=ON" "-DENABLE_CPP_API=ON" "-DCMAKE_USE_LIBBPF_PACKAGE=ON" ]; + # to replace this executable path: + # https://github.com/iovisor/bcc/blob/master/src/python/bcc/syscall.py#L384 + ausyscall = "${audit}/bin/ausyscall"; + postPatch = '' substituteAll ${./libbcc-path.patch} ./libbcc-path.patch patch -p1 < libbcc-path.patch + + substituteAll ${./absolute-ausyscall.patch} ./absolute-ausyscall.patch + patch -p1 < absolute-ausyscall.patch ''; postInstall = '' @@ -72,10 +77,14 @@ python.pkgs.buildPythonApplication rec { wrapPythonProgramsIn "$out/share/bcc/tools" "$out $pythonPath" ''; + passthru.tests = { + bpf = nixosTests.bpf; + }; + meta = with lib; { description = "Dynamic Tracing Tools for Linux"; homepage = "https://iovisor.github.io/bcc/"; license = licenses.asl20; - maintainers = with maintainers; [ ragge mic92 thoughtpolice ]; + maintainers = with maintainers; [ ragge mic92 thoughtpolice martinetd ]; }; } diff --git a/nixpkgs/pkgs/os-specific/linux/bluez/default.nix b/nixpkgs/pkgs/os-specific/linux/bluez/default.nix index 3d345e68f3c3..2c05a4aa271e 100644 --- a/nixpkgs/pkgs/os-specific/linux/bluez/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/bluez/default.nix @@ -21,11 +21,11 @@ ]; in stdenv.mkDerivation rec { pname = "bluez"; - version = "5.61"; + version = "5.62"; src = fetchurl { url = "mirror://kernel/linux/bluetooth/${pname}-${version}.tar.xz"; - sha256 = "sha256-g6/WxSF5VUv+q7y1OP7C62vpCorDxAhxtJ162LScQjs="; + sha256 = "sha256-OAkKW3UOF/wI0+UheO2NMlTF9L0sSIMNXBlVuI47wMI="; }; buildInputs = [ diff --git a/nixpkgs/pkgs/os-specific/linux/bpftrace/btf-dump-new-0.6.0.patch b/nixpkgs/pkgs/os-specific/linux/bpftrace/btf-dump-new-0.6.0.patch new file mode 100644 index 000000000000..b5037192203c --- /dev/null +++ b/nixpkgs/pkgs/os-specific/linux/bpftrace/btf-dump-new-0.6.0.patch @@ -0,0 +1,39 @@ +diff -ur source/src/btf.cpp new/src/btf.cpp +--- source/src/btf.cpp 1970-01-01 09:00:01.000000000 +0900 ++++ new/src/btf.cpp 2021-12-04 21:46:59.337023489 +0900 +@@ -225,7 +225,7 @@ + char err_buf[256]; + int err; + +- dump = btf_dump__new(btf, nullptr, &opts, dump_printf); ++ dump = btf_dump__new_deprecated(btf, nullptr, &opts, dump_printf); + err = libbpf_get_error(dump); + if (err) + { +@@ -496,7 +496,7 @@ + char err_buf[256]; + int err; + +- dump = btf_dump__new(btf, nullptr, &opts, dump_printf); ++ dump = btf_dump__new_deprecated(btf, nullptr, &opts, dump_printf); + err = libbpf_get_error(dump); + if (err) + { +@@ -554,7 +554,7 @@ + char err_buf[256]; + int err; + +- dump = btf_dump__new(btf, nullptr, &opts, dump_printf); ++ dump = btf_dump__new_deprecated(btf, nullptr, &opts, dump_printf); + err = libbpf_get_error(dump); + if (err) + { +@@ -648,7 +648,7 @@ + char err_buf[256]; + int err; + +- dump = btf_dump__new(btf, nullptr, &opts, dump_printf); ++ dump = btf_dump__new_deprecated(btf, nullptr, &opts, dump_printf); + err = libbpf_get_error(dump); + if (err) + { diff --git a/nixpkgs/pkgs/os-specific/linux/bpftrace/default.nix b/nixpkgs/pkgs/os-specific/linux/bpftrace/default.nix index 4d2f29491fca..9a197b4c78c8 100644 --- a/nixpkgs/pkgs/os-specific/linux/bpftrace/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/bpftrace/default.nix @@ -1,38 +1,35 @@ { lib, stdenv, fetchFromGitHub , cmake, pkg-config, flex, bison -, llvmPackages, kernel, elfutils +, llvmPackages, elfutils , libelf, libbfd, libbpf, libopcodes, bcc +, cereal, asciidoctor +, nixosTests }: stdenv.mkDerivation rec { pname = "bpftrace"; - version = "0.13.0"; + version = "0.14.0"; src = fetchFromGitHub { owner = "iovisor"; repo = "bpftrace"; rev = "v${version}"; - sha256 = "sha256-BKWBdFzj0j7rAfG30A0fwyYCpOG/5NFRPODW46EP1u0="; + sha256 = "sha256-rlaajNfpoiMtU/4aNAnbQ0VixPz9/302TZMarGzsb58="; }; + # libbpf 0.6.0 relies on typeof in bpf/btf.h to pick the right version of + # btf_dump__new() but that's not valid c++. + # see https://github.com/iovisor/bpftrace/issues/2068 + patches = [ ./btf-dump-new-0.6.0.patch ]; + buildInputs = with llvmPackages; [ llvm libclang - kernel elfutils libelf bcc + elfutils libelf bcc libbpf libbfd libopcodes + cereal asciidoctor ]; - nativeBuildInputs = [ cmake pkg-config flex bison llvmPackages.llvm.dev ] - # libelf is incompatible with elfutils-libelf - ++ lib.filter (x: x != libelf) kernel.moduleBuildDependencies; - - # patch the source, *then* substitute on @NIX_KERNEL_SRC@ in the result. we could - # also in theory make this an environment variable around bpftrace, but this works - # nicely without wrappers. - patchPhase = '' - patch -p1 < ${./fix-kernel-include-dir.patch} - substituteInPlace ./src/utils.cpp \ - --subst-var-by NIX_KERNEL_SRC '${kernel.dev}/lib/modules/${kernel.modDirVersion}' - ''; + nativeBuildInputs = [ cmake pkg-config flex bison llvmPackages.llvm.dev ]; # tests aren't built, due to gtest shenanigans. see: # @@ -52,10 +49,14 @@ stdenv.mkDerivation rec { outputs = [ "out" "man" ]; + passthru.tests = { + bpf = nixosTests.bpf; + }; + meta = with lib; { description = "High-level tracing language for Linux eBPF"; homepage = "https://github.com/iovisor/bpftrace"; license = licenses.asl20; - maintainers = with maintainers; [ rvl thoughtpolice ]; + maintainers = with maintainers; [ rvl thoughtpolice martinetd ]; }; } diff --git a/nixpkgs/pkgs/os-specific/linux/bpftrace/fix-kernel-include-dir.patch b/nixpkgs/pkgs/os-specific/linux/bpftrace/fix-kernel-include-dir.patch deleted file mode 100644 index bff370d51e27..000000000000 --- a/nixpkgs/pkgs/os-specific/linux/bpftrace/fix-kernel-include-dir.patch +++ /dev/null @@ -1,22 +0,0 @@ -commit b6172952c0150d84912fa6f09bab782dd0549f1e -Author: Austin Seipp <aseipp@pobox.com> -Date: Fri May 3 00:47:12 2019 -0500 - - src: special case nix build directories for clang - - Signed-off-by: Austin Seipp <aseipp@pobox.com> - -diff --git a/src/clang_parser.cpp b/src/clang_parser.cpp -index b1db8ff..0cfb01f 100644 ---- a/src/utils.cpp -+++ b/src/utils.cpp -@@ -140,6 +140,9 @@ static bool is_dir(const std::string& path) - // Both ksrc and kobj are guaranteed to be != "", if at least some trace of kernel sources was found. - std::tuple<std::string, std::string> get_kernel_dirs(const struct utsname& utsname) - { -+ // NB (aseipp): special case the kernel directory for nix -+ return { "@NIX_KERNEL_SRC@/source", "@NIX_KERNEL_SRC@/build" }; -+ - #ifdef KERNEL_HEADERS_DIR - return {KERNEL_HEADERS_DIR, KERNEL_HEADERS_DIR}; - #endif diff --git a/nixpkgs/pkgs/os-specific/linux/bridge-utils/add-ip6-header.patch b/nixpkgs/pkgs/os-specific/linux/bridge-utils/add-ip6-header.patch deleted file mode 100644 index c9149bfec386..000000000000 --- a/nixpkgs/pkgs/os-specific/linux/bridge-utils/add-ip6-header.patch +++ /dev/null @@ -1,11 +0,0 @@ -diff --git a/libbridge/libbridge.h b/libbridge/libbridge.h -index 39964f2..dd14bae 100644 ---- a/libbridge/libbridge.h -+++ b/libbridge/libbridge.h -@@ -20,6 +20,7 @@ - #define _LIBBRIDGE_H - - #include <sys/socket.h> -+#include <netinet/in.h> - #include <linux/if.h> - #include <linux/if_bridge.h> diff --git a/nixpkgs/pkgs/os-specific/linux/bridge-utils/autoconf-ar.patch b/nixpkgs/pkgs/os-specific/linux/bridge-utils/autoconf-ar.patch index efa41075644d..21b089179ce1 100644 --- a/nixpkgs/pkgs/os-specific/linux/bridge-utils/autoconf-ar.patch +++ b/nixpkgs/pkgs/os-specific/linux/bridge-utils/autoconf-ar.patch @@ -1,7 +1,5 @@ -diff --git a/configure.in b/configure.in -index 5e3f89b..19be6d9 100644 ---- a/configure.in -+++ b/configure.in +--- a/configure.ac ++++ b/configure.ac @@ -9,6 +9,7 @@ dnl Checks for programs. AC_PROG_CC AC_PROG_INSTALL @@ -10,8 +8,6 @@ index 5e3f89b..19be6d9 100644 dnl Checks for header files. AC_HEADER_STDC -diff --git a/libbridge/Makefile.in b/libbridge/Makefile.in -index 20512c4..83c802b 100644 --- a/libbridge/Makefile.in +++ b/libbridge/Makefile.in @@ -1,7 +1,7 @@ diff --git a/nixpkgs/pkgs/os-specific/linux/bridge-utils/default.nix b/nixpkgs/pkgs/os-specific/linux/bridge-utils/default.nix index 92e7606c9bdb..cbbf77c67c8a 100644 --- a/nixpkgs/pkgs/os-specific/linux/bridge-utils/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/bridge-utils/default.nix @@ -2,29 +2,19 @@ stdenv.mkDerivation rec { pname = "bridge-utils"; - version = "1.5"; + version = "1.7.1"; src = fetchurl { - url = "mirror://sourceforge/bridge/bridge-utils-${version}.tar.gz"; - sha256 = "42f9e5fb8f6c52e63a98a43b81bd281c227c529f194913e1c51ec48a393b6688"; + url = "https://kernel.org/pub/linux/utils/net/bridge-utils/bridge-utils-${version}.tar.xz"; + sha256 = "sha256-ph2L5PGhQFxgyO841UTwwYwFszubB+W0sxAzU2Fl5g4="; }; - patches = [ - ./autoconf-ar.patch - ./add-ip6-header.patch # Remove patch once the kernel headers are updated - ]; + patches = [ ./autoconf-ar.patch ]; nativeBuildInputs = [ autoreconfHook ]; - postInstall = '' - # The bridge utils build does not fail even if the brctl binary - # is not build. This test ensures that we fail if we don't produce a brctl - # binary. - test -f $out/sbin/brctl - ''; - meta = { - description = "https://sourceforge.net/projects/bridge/"; + description = "An userspace tool to configure linux bridges (deprecated in favour or iproute2)."; homepage = "https://wiki.linuxfoundation.org/networking/bridge"; license = lib.licenses.gpl2Plus; platforms = lib.platforms.linux; diff --git a/nixpkgs/pkgs/os-specific/linux/brillo/default.nix b/nixpkgs/pkgs/os-specific/linux/brillo/default.nix index 0736a13ce12e..246aa471c2a9 100644 --- a/nixpkgs/pkgs/os-specific/linux/brillo/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/brillo/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "brillo"; - version = "1.4.9"; + version = "1.4.10"; src = fetchFromGitLab { owner= "cameronnemo"; repo= "brillo"; rev= "v${version}"; - sha256 = "0ab7s60zcgl6hvm0a9rlwq35p25n3jnw6r9256pwl4cdwyjyybsb"; + sha256 = "sha256-x8K6CMkOyR+kWRlqa/BmJogZo41LvsL1kfz6CZ5PaUI="; }; patches = [ diff --git a/nixpkgs/pkgs/os-specific/linux/broadcom-sta/default.nix b/nixpkgs/pkgs/os-specific/linux/broadcom-sta/default.nix index 527d2253e5b2..5d86c2311f1f 100644 --- a/nixpkgs/pkgs/os-specific/linux/broadcom-sta/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/broadcom-sta/default.nix @@ -63,7 +63,7 @@ stdenv.mkDerivation { description = "Kernel module driver for some Broadcom's wireless cards"; homepage = "http://www.broadcom.com/support/802.11/linux_sta.php"; license = lib.licenses.unfreeRedistributable; - maintainers = with lib.maintainers; [ phreedom ]; + maintainers = with lib.maintainers; [ ]; platforms = lib.platforms.linux; }; } diff --git a/nixpkgs/pkgs/os-specific/linux/checkpolicy/default.nix b/nixpkgs/pkgs/os-specific/linux/checkpolicy/default.nix index c3d8928c7ba4..52cf0a3ec037 100644 --- a/nixpkgs/pkgs/os-specific/linux/checkpolicy/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/checkpolicy/default.nix @@ -2,12 +2,12 @@ stdenv.mkDerivation rec { pname = "checkpolicy"; - version = "2.9"; - inherit (libsepol) se_release se_url; + version = "3.3"; + inherit (libsepol) se_url; src = fetchurl { - url = "${se_url}/${se_release}/checkpolicy-${version}.tar.gz"; - sha256 = "13jz6f8zdrijvn5w1j102b36fs41z0q8ii74axw48cj550mw6im9"; + url = "${se_url}/${version}/checkpolicy-${version}.tar.gz"; + sha256 = "118l8c2vvnnckbd269saslr7adv6rdavr5rv0z5vh2m1lgglxj15"; }; nativeBuildInputs = [ bison flex ]; diff --git a/nixpkgs/pkgs/os-specific/linux/checksec/0001-attempt-to-modprobe-config-before-checking-kernel.patch b/nixpkgs/pkgs/os-specific/linux/checksec/0001-attempt-to-modprobe-config-before-checking-kernel.patch index 9beeab0f9543..2aabbc4d4c80 100644 --- a/nixpkgs/pkgs/os-specific/linux/checksec/0001-attempt-to-modprobe-config-before-checking-kernel.patch +++ b/nixpkgs/pkgs/os-specific/linux/checksec/0001-attempt-to-modprobe-config-before-checking-kernel.patch @@ -1,28 +1,24 @@ -From 6503848d9e0eb009e5f462116a963beacb208930 Mon Sep 17 00:00:00 2001 +From 5cfb08effd21d9278e3eb8901c85112a331c3181 Mon Sep 17 00:00:00 2001 From: Austin Seipp <aseipp@pobox.com> -Date: Thu, 20 Feb 2014 00:11:44 -0600 +Date: Tue, 26 Oct 2021 09:23:07 +0000 Subject: [PATCH] attempt to 'modprobe config' before checking kernel -Signed-off-by: Austin Seipp <aseipp@pobox.com> --- - checksec.sh | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) + checksec | 1 + + 1 file changed, 1 insertion(+) diff --git a/checksec b/checksec -index dd1f72e..63acc29 100644 +index 5536250..895073b 100755 --- a/checksec +++ b/checksec -@@ -676,7 +676,8 @@ kernelcheck() { - echo_message " userspace processes, this option lists the status of kernel configuration\n" '' '' '' +@@ -1059,6 +1059,7 @@ kernelcheck() { echo_message " options that harden the kernel itself against attack.\n\n" '' '' '' echo_message " Kernel config:\n" '' '' '{ "kernel": ' -- -+ + + modprobe configs 2> /dev/null - if [[ ! "${1}" == "" ]] ; then + if [[ ! "${1}" == "" ]]; then kconfig="cat ${1}" - echo_message " Warning: The config ${1} on disk may not represent running kernel config!\n\n" "${1}" "<kernel config=\"${1}\"" "{ \"KernelConfig\":\"${1}\"," - # update the architecture based on the config rather than the system + echo_message " Warning: The config ${1} on disk may not represent running kernel config!\n\n" "${1}" "<kernel config=\"${1}\"" "{ \"KernelConfig\":\"${1}\"" -- -1.8.3.2 +2.33.0 diff --git a/nixpkgs/pkgs/os-specific/linux/checksec/default.nix b/nixpkgs/pkgs/os-specific/linux/checksec/default.nix index e0a65589571e..fada305c3720 100644 --- a/nixpkgs/pkgs/os-specific/linux/checksec/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/checksec/default.nix @@ -4,13 +4,13 @@ stdenv.mkDerivation rec { pname = "checksec"; - version = "2.4.0"; + version = "2.5.0"; src = fetchFromGitHub { owner = "slimm609"; repo = "checksec.sh"; rev = version; - sha256 = "1gbbq85d3g3mnm3xvgvi2085aba7qc3cmsbwn76al50ax1518j2q"; + sha256 = "sha256-GxWXocz+GCEssRrIQP6E9hjVIhVh2EmZrefELxQlV1Q="; }; patches = [ ./0001-attempt-to-modprobe-config-before-checking-kernel.patch ]; diff --git a/nixpkgs/pkgs/os-specific/linux/cifs-utils/default.nix b/nixpkgs/pkgs/os-specific/linux/cifs-utils/default.nix index 8c587a401960..d6dcf702110d 100644 --- a/nixpkgs/pkgs/os-specific/linux/cifs-utils/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/cifs-utils/default.nix @@ -3,11 +3,11 @@ stdenv.mkDerivation rec { pname = "cifs-utils"; - version = "6.13"; + version = "6.14"; src = fetchurl { url = "mirror://samba/pub/linux-cifs/cifs-utils/${pname}-${version}.tar.bz2"; - sha256 = "sha256-Q9h4bIYTysz6hJEwgcHWK8JAlXWFTPiVsFtIrwhj0FY="; + sha256 = "sha256-ZgnoB0tUISlf8BKjHwLM2aBYQVxhnIE2Lrt4jb8HVrg="; }; nativeBuildInputs = [ autoreconfHook docutils pkg-config ]; diff --git a/nixpkgs/pkgs/os-specific/linux/conspy/default.nix b/nixpkgs/pkgs/os-specific/linux/conspy/default.nix index 480962024f7e..12e7f798e79e 100644 --- a/nixpkgs/pkgs/os-specific/linux/conspy/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/conspy/default.nix @@ -1,25 +1,21 @@ -{lib, stdenv, fetchurl, autoconf, automake, ncurses}: -let - s = # Generated upstream information - rec { - baseName="conspy"; - version="1.16"; - name="${baseName}-${version}"; - hash="02andak806vd04bgjlr0y0d2ddx7cazyf8nvca80vlh8x94gcppf"; - url="mirror://sourceforge/project/conspy/conspy-1.16-1/conspy-1.16.tar.gz"; - sha256="02andak806vd04bgjlr0y0d2ddx7cazyf8nvca80vlh8x94gcppf"; - }; - buildInputs = [ - autoconf automake ncurses - ]; -in -stdenv.mkDerivation { - inherit (s) name version; - inherit buildInputs; +{ lib, stdenv, fetchurl, autoconf, automake, ncurses }: + +stdenv.mkDerivation rec { + pname = "conspy"; + version = "1.16"; + src = fetchurl { - inherit (s) url sha256; + url = "mirror://sourceforge/project/conspy/conspy-${version}-1/conspy-${version}.tar.gz"; + sha256 = "02andak806vd04bgjlr0y0d2ddx7cazyf8nvca80vlh8x94gcppf"; curlOpts = " -A application/octet-stream "; }; + + buildInputs = [ + autoconf + automake + ncurses + ]; + preConfigure = '' touch NEWS echo "EPL 1.0" > COPYING @@ -27,11 +23,11 @@ stdenv.mkDerivation { automake --add-missing autoconf ''; - meta = { - inherit (s) version; + + meta = with lib; { description = "Linux text console viewer"; - license = lib.licenses.epl10 ; - maintainers = [lib.maintainers.raskin]; - platforms = lib.platforms.linux; + license = licenses.epl10; + maintainers = with maintainers; [ raskin ]; + platforms = platforms.linux; }; } diff --git a/nixpkgs/pkgs/os-specific/linux/conspy/default.upstream b/nixpkgs/pkgs/os-specific/linux/conspy/default.upstream deleted file mode 100644 index 3f9ff3e4a820..000000000000 --- a/nixpkgs/pkgs/os-specific/linux/conspy/default.upstream +++ /dev/null @@ -1,5 +0,0 @@ -url https://sourceforge.net/projects/conspy/files/ -version_link 'conspy-[-0-9.]+/$' -version_link '[-0-9.]+[.]tar[.][a-z0-9]+/download$' -SF_redirect -version '.*-([-0-9.]+)[.]tar[.].*' '\1' diff --git a/nixpkgs/pkgs/os-specific/linux/cpuid/default.nix b/nixpkgs/pkgs/os-specific/linux/cpuid/default.nix index ea9ae06130ec..21a69a2234e2 100644 --- a/nixpkgs/pkgs/os-specific/linux/cpuid/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/cpuid/default.nix @@ -1,20 +1,27 @@ -{ lib, stdenv, fetchurl, perl }: +{ lib +, stdenv +, fetchurl +, perl +}: stdenv.mkDerivation rec { pname = "cpuid"; - version = "20201006"; + version = "20211210"; src = fetchurl { - name = "${pname}-${version}.src.tar.gz"; url = "http://etallen.com/cpuid/${pname}-${version}.src.tar.gz"; - sha256 = "19jnkh57f979b78ak5mpxmdvnkgc33r55cw9shgd2hc380b3zi8k"; + sha256 = "sha256-4CmJVwDeGm+DNgJSgEiSzVi1TR9f869Et7tq/kEOX0Q="; }; # For pod2man during the build process. - nativeBuildInputs = [ perl ]; + nativeBuildInputs = [ + perl + ]; # As runtime dependency for cpuinfo2cpuid. - buildInputs = [ perl ]; + buildInputs = [ + perl + ]; # The Makefile hardcodes $(BUILDROOT)/usr as installation # destination. Just nuke all mentions of /usr to get the right @@ -32,7 +39,7 @@ stdenv.mkDerivation rec { fi ''; - meta = { + meta = with lib; { description = "Linux tool to dump x86 CPUID information about the CPU"; longDescription = '' cpuid dumps detailed information about the CPU(s) gathered from the CPUID @@ -40,11 +47,9 @@ stdenv.mkDerivation rec { Intel, AMD, VIA, Hygon, and Zhaoxin CPUs, as well as older Transmeta, Cyrix, UMC, NexGen, Rise, and SiS CPUs. ''; - - platforms = [ "i686-linux" "x86_64-linux" ]; - license = lib.licenses.gpl2; homepage = "http://etallen.com/cpuid.html"; - maintainers = with lib.maintainers; [ blitz ]; + license = licenses.gpl2Plus; + maintainers = with maintainers; [ blitz ]; + platforms = [ "i686-linux" "x86_64-linux" ]; }; - } diff --git a/nixpkgs/pkgs/os-specific/linux/cpustat/default.nix b/nixpkgs/pkgs/os-specific/linux/cpustat/default.nix index 23ed2b07c966..c37c191d8c5f 100644 --- a/nixpkgs/pkgs/os-specific/linux/cpustat/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/cpustat/default.nix @@ -1,12 +1,14 @@ -{ stdenv, lib, fetchurl, ncurses }: +{ stdenv, lib, fetchFromGitHub, ncurses }: stdenv.mkDerivation rec { pname = "cpustat"; - version = "0.02.09"; + version = "0.02.17"; - src = fetchurl { - url = "https://kernel.ubuntu.com/~cking/tarballs/${pname}/${pname}-${version}.tar.xz"; - sha256 = "12xahv65yrhs5r830clkl1qnwg3dnrk5qn3zsznzbv1iy2f3cj7y"; + src = fetchFromGitHub { + owner = "ColinIanKing"; + repo = pname; + rev = "V${version}"; + hash = "sha256-4HDXRtklzQSsywCGCTKdz6AtZta9R1mx7qkT7skX6Kc="; }; buildInputs = [ ncurses ]; @@ -14,11 +16,12 @@ stdenv.mkDerivation rec { installFlags = [ "BINDIR=${placeholder "out"}/bin" "MANDIR=${placeholder "out"}/share/man/man8" + "BASHDIR=${placeholder "out"}/share/bash-completion/completions" ]; meta = with lib; { description = "CPU usage monitoring tool"; - homepage = "https://kernel.ubuntu.com/~cking/cpustat/"; + homepage = "https://github.com/ColinIanKing/cpustat"; license = licenses.gpl2; platforms = platforms.linux; maintainers = with maintainers; [ dtzWill ]; diff --git a/nixpkgs/pkgs/os-specific/linux/cramfsswap/default.nix b/nixpkgs/pkgs/os-specific/linux/cramfsswap/default.nix index ee3c12d251b2..f79921186388 100644 --- a/nixpkgs/pkgs/os-specific/linux/cramfsswap/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/cramfsswap/default.nix @@ -8,6 +8,8 @@ stdenv.mkDerivation rec { url = "mirror://debian/pool/main/c/cramfsswap/${pname}_${version}.tar.xz"; sha256 = "10mj45zx71inaa3l1d81g64f7yn1xcprvq4v4yzpdwbxqmqaikw1"; }; + # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=996964 + patches = [ ./parallel-make.patch ]; # Needed for cross-compilation postPatch = '' diff --git a/nixpkgs/pkgs/os-specific/linux/cramfsswap/parallel-make.patch b/nixpkgs/pkgs/os-specific/linux/cramfsswap/parallel-make.patch new file mode 100644 index 000000000000..280c5286b79a --- /dev/null +++ b/nixpkgs/pkgs/os-specific/linux/cramfsswap/parallel-make.patch @@ -0,0 +1,14 @@ +Fix parallel build failure bya dding the dependency. + +https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=996964 +--- a/Makefile ++++ b/Makefile +@@ -6,7 +6,7 @@ debian: cramfsswap + cramfsswap: cramfsswap.c + $(CC) -Wall -g -O $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) -o cramfsswap cramfsswap.c -lz + +-strip: ++strip: cramfsswap + strip cramfsswap + + install: cramfsswap diff --git a/nixpkgs/pkgs/os-specific/linux/crda/default.nix b/nixpkgs/pkgs/os-specific/linux/crda/default.nix index c337da2fe723..d12bba4e1645 100644 --- a/nixpkgs/pkgs/os-specific/linux/crda/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/crda/default.nix @@ -2,35 +2,42 @@ stdenv.mkDerivation rec { pname = "crda"; - version = "3.18"; + version = "4.14"; src = fetchurl { - sha256 = "1gydiqgb08d9gbx4l6gv98zg3pljc984m50hmn3ysxcbkxkvkz23"; - url = "http://kernel.org/pub/software/network/crda/crda-${version}.tar.xz"; + url = "https://git.kernel.org/pub/scm/linux/kernel/git/mcgrof/crda.git/snapshot/crda-${version}.tar.gz"; + sha256 = "sha256-Wo81u4snR09Gaw511FG6kXQz2KqxiJZ4pk2cTnKouMI="; }; patches = [ - # Switch to Python 3 - # https://lore.kernel.org/linux-wireless/1437542484-23409-1-git-send-email-ahmed.taahir@gmail.com/ + # Fix python 3 build: except ImportError, e: SyntaxError: invalid syntax (fetchpatch { - url = "https://lore.kernel.org/linux-wireless/1437542484-23409-2-git-send-email-ahmed.taahir@gmail.com/raw"; - sha256 = "0s2n340cgaasvg1k8g9v8xjrbh4y2mcgrhdmv97ja2fs8xjcjbf1"; + url = "https://raw.githubusercontent.com/archlinux/svntogit-packages/d234fddf451fab0f4fc412e2769f54e11f10d7d8/trunk/crda-4.14-python-3.patch"; + sha256 = "sha256-KEezEKrfizq9k4ZiE2mf3Nl4JiBayhXeVnFl7wYh28Y="; }) + (fetchpatch { - url = "https://lore.kernel.org/linux-wireless/1437542484-23409-3-git-send-email-ahmed.taahir@gmail.com/raw"; - sha256 = "01dlfw7kqhyx025jxq2l75950b181p9r7i9zkflcwvbzzdmx59md"; + url = "https://raw.githubusercontent.com/archlinux/svntogit-packages/d48ec843222b0d74c85bce86fa6f087c7dfdf952/trunk/0001-Makefile-Link-libreg.so-against-the-crypto-library.patch"; + sha256 = "sha256-j93oydi209f22OF8aXZ/NczuUOnlhkdSeYvy2WRRvm0="; }) ]; - buildInputs = [ libgcrypt libnl ]; + strictDeps = true; + nativeBuildInputs = [ pkg-config - python3Packages.pycrypto + python3Packages.m2crypto # only used for a build time script + ]; + + buildInputs = [ + libgcrypt + libnl ]; postPatch = '' patchShebangs utils/ substituteInPlace Makefile \ + --replace 'gzip' 'gzip -n' \ --replace ldconfig true \ --replace pkg-config $PKG_CONFIG sed -i crda.c \ @@ -45,19 +52,12 @@ stdenv.mkDerivation rec { "REG_BIN=${wireless-regdb}/lib/crda/regulatory.bin" ]; - NIX_CFLAGS_COMPILE = "-Wno-error=unused-const-variable"; - buildFlags = [ "all_noverify" ]; enableParallelBuilding = true; doCheck = true; checkTarget = "verify"; - postInstall = '' - # The patch installs build header - rm $out/include/reglib/keys-gcrypt.h - ''; - meta = with lib; { description = "Linux wireless Central Regulatory Domain Agent"; longDescription = '' diff --git a/nixpkgs/pkgs/os-specific/linux/cryptsetup/default.nix b/nixpkgs/pkgs/os-specific/linux/cryptsetup/default.nix index 9522e9e52241..150547367a34 100644 --- a/nixpkgs/pkgs/os-specific/linux/cryptsetup/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/cryptsetup/default.nix @@ -3,13 +3,13 @@ stdenv.mkDerivation rec { pname = "cryptsetup"; - version = "2.4.0"; + version = "2.4.1"; outputs = [ "out" "dev" "man" ]; src = fetchurl { url = "mirror://kernel/linux/utils/cryptsetup/v2.4/${pname}-${version}.tar.xz"; - sha256 = "sha256-xci9oxFZqcAQ6nLnCAU8xCUs9e69ylIOFQq8Bgkof/g="; + sha256 = "sha256-o1anJ6g6RkreVm6VI5Yioi2+Tg9IKxmP2wSrDTpanF8="; }; # Disable 4 test cases that fail in a sandbox diff --git a/nixpkgs/pkgs/os-specific/linux/ddcci/default.nix b/nixpkgs/pkgs/os-specific/linux/ddcci/default.nix index 5ee5eafb0207..fe16d283ffc8 100644 --- a/nixpkgs/pkgs/os-specific/linux/ddcci/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/ddcci/default.nix @@ -2,14 +2,14 @@ stdenv.mkDerivation rec { pname = "ddcci-driver"; - version = "0.4.1"; + version = "0.4.2"; name = "${pname}-${kernel.version}-${version}"; src = fetchFromGitLab { owner = "${pname}-linux"; repo = "${pname}-linux"; rev = "v${version}"; - sha256 = "1qhsm0ccwfmwn0r6sbc6ms4lf4a3iqfcgqmbs6afr6hhxkqll3fg"; + sha256 = "sSmL8PqxqHHQiume62si/Kc9El58/b4wkB93iG0dnNM="; }; hardeningDisable = [ "pic" ]; diff --git a/nixpkgs/pkgs/os-specific/linux/displaylink/default.nix b/nixpkgs/pkgs/os-specific/linux/displaylink/default.nix index ca3e38c2e707..6cc22c25602b 100644 --- a/nixpkgs/pkgs/os-specific/linux/displaylink/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/displaylink/default.nix @@ -20,17 +20,17 @@ let in stdenv.mkDerivation rec { pname = "displaylink"; - version = "5.4.0-55.153"; + version = "5.4.1-55.174"; src = requireFile rec { name = "displaylink.zip"; - sha256 = "1m2l3bnlfwfp94w7khr05npsbysg9mcyi7hi85n78xkd0xdcxml8"; + sha256 = "1biswvjz91gmx7xf9g05h3ra463hf2yv9mr2nkxclyrd283iiiqc"; message = '' In order to install the DisplayLink drivers, you must first comply with DisplayLink's EULA and download the binaries and sources from here: - https://www.synaptics.com/node/3751 + https://www.synaptics.com/products/displaylink-graphics/downloads/ubuntu-5.4.1 Once you have downloaded the file, please use the following commands and re-run the installation: diff --git a/nixpkgs/pkgs/os-specific/linux/dmraid/default.nix b/nixpkgs/pkgs/os-specific/linux/dmraid/default.nix index 3a6f31fa5523..fa26f38941b9 100644 --- a/nixpkgs/pkgs/os-specific/linux/dmraid/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/dmraid/default.nix @@ -35,6 +35,11 @@ stdenv.mkDerivation rec { buildInputs = [ lvm2 ]; + # Hand-written Makefile does not have full dependencies to survive + # parallel build: + # tools/dmraid.c:12:10: fatal error: dmraid/dmraid.h: No such file + enableParallelBuilding = false; + meta = { description = "Old-style RAID configuration utility"; longDescription = '' diff --git a/nixpkgs/pkgs/os-specific/linux/dpdk/default.nix b/nixpkgs/pkgs/os-specific/linux/dpdk/default.nix index ca8905e62402..7592be483f53 100644 --- a/nixpkgs/pkgs/os-specific/linux/dpdk/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/dpdk/default.nix @@ -2,21 +2,21 @@ , kernel , fetchurl , pkg-config, meson, ninja -, libbsd, numactl, libbpf, zlib, libelf, jansson, openssl, libpcap +, libbsd, numactl, libbpf, zlib, libelf, jansson, openssl, libpcap, rdma-core , doxygen, python3 , withExamples ? [] , shared ? false }: let mod = kernel != null; - dpdkVersion = "21.05"; + dpdkVersion = "21.11"; in stdenv.mkDerivation rec { pname = "dpdk"; version = "${dpdkVersion}" + lib.optionalString mod "-${kernel.version}"; src = fetchurl { url = "https://fast.dpdk.org/rel/dpdk-${dpdkVersion}.tar.xz"; - sha256 = "sha256-HhJJm0xfzbV8g+X+GE6mvs3ffPCSiTwsXvLvsO7BLws="; + sha256 = "sha256-Mkbj7WjuKzaaXYviwGzxCKZp4Vf01Bxby7sha/Wr06E="; }; nativeBuildInputs = [ @@ -39,6 +39,12 @@ in stdenv.mkDerivation rec { zlib ] ++ lib.optionals mod kernel.moduleBuildDependencies; + # Propagated to support current DPDK users in nixpkgs which statically link + # with the framework (e.g. odp-dpdk). + propagatedBuildInputs = [ + rdma-core + ]; + postPatch = '' patchShebangs config/arm buildtools ''; @@ -52,6 +58,7 @@ in stdenv.mkDerivation rec { ++ lib.optional (mod && kernel.kernelOlder "5.11") "-Ddisable_drivers=kni" ++ lib.optional (!shared) "-Ddefault_library=static" ++ lib.optional stdenv.isx86_64 "-Dmachine=nehalem" + ++ lib.optional stdenv.isAarch64 "-Dmachine=generic" ++ lib.optional mod "-Dkernel_dir=${placeholder "kmod"}/lib/modules/${kernel.modDirVersion}" ++ lib.optional (withExamples != []) "-Dexamples=${builtins.concatStringsSep "," withExamples}"; @@ -67,7 +74,11 @@ in stdenv.mkDerivation rec { rm -f $kmod/lib/modules/${kernel.modDirVersion}/build ''; - postInstall = lib.optionalString (withExamples != []) '' + postInstall = '' + # Remove Sphinx cache files. Not only are they not useful, but they also + # contain store paths causing spurious dependencies. + rm -rf $out/share/doc/dpdk/html/.doctrees + '' + lib.optionalString (withExamples != []) '' find examples -type f -executable -exec install {} $out/bin \; ''; diff --git a/nixpkgs/pkgs/os-specific/linux/drbd/default.nix b/nixpkgs/pkgs/os-specific/linux/drbd/default.nix index 85be205749ac..0c5acd0ac064 100644 --- a/nixpkgs/pkgs/os-specific/linux/drbd/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/drbd/default.nix @@ -1,49 +1,128 @@ -{ lib, stdenv, fetchurl, flex, systemd, perl }: +{ lib +, stdenv +, docbook_xml_dtd_44 +, docbook_xml_dtd_45 +, docbook_xsl +, asciidoctor +, fetchurl +, flex +, kmod +, libxslt +, nixosTests +, perl +, systemd + +# drbd-utils are compiled twice, once with forOCF = true to extract +# its OCF definitions for use in the ocf-resource-agents derivation, +# then again with forOCF = false, where the ocf-resource-agents is +# provided as the OCF_ROOT. +, forOCF ? false +, ocf-resource-agents +}: stdenv.mkDerivation rec { pname = "drbd"; - version = "8.4.4"; + version = "9.19.1"; src = fetchurl { - url = "http://oss.linbit.com/drbd/8.4/drbd-${version}.tar.gz"; - sha256 = "1w4889h1ak7gy9w33kd4fgjlfpgmp6hzfya16p1pkc13bjf22mm0"; + url = "https://pkg.linbit.com/downloads/drbd/utils/${pname}-utils-${version}.tar.gz"; + sha256 = "1l99kcrb0j85wxxmrdihpx9bk1a4sdi7wlp5m1x5l24k8ck1m5cf"; }; - patches = [ ./pass-force.patch ./fix-glibc-compilation.patch ]; + nativeBuildInputs = [ + flex + libxslt + docbook_xsl + asciidoctor + ]; - nativeBuildInputs = [ flex ]; - buildInputs = [ perl ]; + buildInputs = [ + perl + # perlPackages.Po4a used by ja documentation + ]; configureFlags = [ - "--without-distro" - "--without-pacemaker" + "--libdir=${placeholder "out"}/lib" + "--sbindir=${placeholder "out"}/bin" "--localstatedir=/var" "--sysconfdir=/etc" + "--without-distro" ]; - preConfigure = - '' - export PATH=${systemd}/sbin:$PATH - substituteInPlace user/Makefile.in \ - --replace /sbin '$(sbindir)' - substituteInPlace user/legacy/Makefile.in \ - --replace '$(DESTDIR)/lib/drbd' '$(DESTDIR)$(LIBDIR)' - substituteInPlace user/drbdadm_usage_cnt.c --replace /lib/drbd $out/lib/drbd - substituteInPlace scripts/drbd.rules --replace /usr/sbin/drbdadm $out/sbin/drbdadm - ''; - - makeFlags = [ "SHELL=${stdenv.shell}" ]; + makeFlags = [ + "SOURCE_DATE_EPOCH=1" + "WANT_DRBD_REPRODUCIBLE_BUILD=1" + ] ++ lib.optional (!forOCF) "OCF_ROOT=${ocf-resource-agents}/usr/lib/ocf}"; installFlags = [ - "localstatedir=$(TMPDIR)/var" - "sysconfdir=$(out)/etc" - "INITDIR=$(out)/etc/init.d" + "prefix=" + "DESTDIR=${placeholder "out"}" + "localstatedir=/var" + "DRBD_LIB_DIR=/var/lib" + "INITDIR=/etc/init.d" + "udevrulesdir=/etc/udev/rules.d" + "sysconfdir=/etc" + "sbindir=/bin" + "datadir=" + "LIBDIR=/lib/drbd" + "mandir=/share/man" ]; + postPatch = '' + patchShebangs . + substituteInPlace user/v84/drbdadm_usage_cnt.c \ + --replace '"/lib/drbd");' \ + '"${placeholder "out"}/lib/drbd");' + substituteInPlace user/v9/drbdsetup_linux.c \ + --replace 'ret = system("/sbin/modprobe drbd");' \ + 'ret = system("${kmod}/bin/modprobe drbd");' + substituteInPlace user/v84/drbdsetup.c \ + --replace 'system("/sbin/modprobe drbd")' \ + 'system("${kmod}/bin/modprobe drbd")' + substituteInPlace documentation/ra2refentry.xsl \ + --replace "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd" \ + "${docbook_xml_dtd_44}/xml/dtd/docbook/docbookx.dtd" + function patch_docbook45() { + substituteInPlace $1 \ + --replace "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" \ + "${docbook_xml_dtd_45}/xml/dtd/docbook/docbookx.dtd" + } + patch_docbook45 documentation/v9/drbd.conf.xml.in + patch_docbook45 documentation/v9/drbdsetup.xml.in + patch_docbook45 documentation/v84/drbdsetup.xml + patch_docbook45 documentation/v84/drbd.conf.xml + # The ja documentation is disabled because: + # make[1]: Entering directory '/build/drbd-utils-9.16.0/documentation/ja/v84' + # /nix/store/wyx2nn2pjcn50lc95c6qgsgm606rn0x2-perl5.32.1-po4a-0.62/bin/po4a-translate -f docbook -M utf-8 -L utf-8 -keep 0 -m ../../v84/drbdsetup.xml -p drbdsetup.xml.po -l drbdsetup.xml + # Use of uninitialized value $args[1] in sprintf at /nix/store/wyx2nn2pjcn50lc95c6qgsgm606rn0x2-perl5.32.1-po4a-0.62/lib/perl5/site_perl/Locale/Po4a/Common.pm line 134. + # Invalid po file drbdsetup.xml.po: + substituteInPlace Makefile.in \ + --replace 'DOC_DIRS := documentation/v9 documentation/ja/v9' \ + 'DOC_DIRS := documentation/v9' \ + --replace 'DOC_DIRS += documentation/v84 documentation/ja/v84' \ + 'DOC_DIRS += documentation/v84' \ + --replace '$(MAKE) -C documentation/ja/v9 doc' \ + "" \ + --replace '$(MAKE) -C documentation/ja/v84 doc' \ + "" + substituteInPlace user/v9/drbdtool_common.c \ + --replace 'add_component_to_path("/lib/drbd");' \ + 'add_component_to_path("${placeholder "out"}/lib/drbd");' + ''; + + preConfigure = '' + export PATH=${systemd}/sbin:$PATH + ''; + + enableParallelBuilding = true; + + passthru.tests.drbd = nixosTests.drbd; + meta = with lib; { - homepage = "http://www.drbd.org/"; - description = "Distributed Replicated Block Device, a distributed storage system for Linux"; - license = licenses.gpl2; + homepage = "https://linbit.com/drbd/"; + description = "Distributed Replicated Block Device, a distributed storage system for Linux (userspace utilities)"; + license = licenses.gpl2Plus; platforms = platforms.linux; + maintainers = with maintainers; [ ryantm astro ]; }; } diff --git a/nixpkgs/pkgs/os-specific/linux/drbd/fix-glibc-compilation.patch b/nixpkgs/pkgs/os-specific/linux/drbd/fix-glibc-compilation.patch deleted file mode 100644 index 621a2dd995db..000000000000 --- a/nixpkgs/pkgs/os-specific/linux/drbd/fix-glibc-compilation.patch +++ /dev/null @@ -1,24 +0,0 @@ -diff --git a/user/drbdadm_adjust.c b/user/drbdadm_adjust.c -index cb23270..3a751ca 100644 ---- a/user/drbdadm_adjust.c -+++ b/user/drbdadm_adjust.c -@@ -29,6 +29,7 @@ - #include <sys/types.h> - #include <sys/stat.h> - #include <sys/wait.h> -+#include <sys/sysmacros.h> - #include <unistd.h> - #include <fcntl.h> - -diff --git a/user/legacy/drbdadm_adjust.c b/user/legacy/drbdadm_adjust.c -index c79163c..6990ffb 100644 ---- a/user/legacy/drbdadm_adjust.c -+++ b/user/legacy/drbdadm_adjust.c -@@ -27,6 +27,7 @@ - #include <sys/types.h> - #include <sys/stat.h> - #include <sys/wait.h> -+#include <sys/sysmacros.h> - #include <unistd.h> - #include <fcntl.h> - diff --git a/nixpkgs/pkgs/os-specific/linux/drbd/pass-force.patch b/nixpkgs/pkgs/os-specific/linux/drbd/pass-force.patch deleted file mode 100644 index 8f0201100f72..000000000000 --- a/nixpkgs/pkgs/os-specific/linux/drbd/pass-force.patch +++ /dev/null @@ -1,15 +0,0 @@ -Propagate the --force flag in the legacy drbdadm to drbdsetup. -Otherwise "drbdadm primary --force" won't work as expected (the kernel -will say "State change failed: Need access to UpToDate data"). - -diff -ru -x '*~' drbd-8.4.0-orig/user/legacy/drbdadm_main.c drbd-8.4.0/user/legacy/drbdadm_main.c ---- drbd-8.4.0-orig/user/legacy/drbdadm_main.c 2011-07-07 06:55:39.000000000 -0400 -+++ drbd-8.4.0/user/legacy/drbdadm_main.c 2011-11-02 14:51:04.000000000 -0400 -@@ -1547,6 +1547,7 @@ - for (i = 0; i < soi; i++) { - argv[NA(argc)] = setup_opts[i]; - } -+ if (force) argv[NA(argc)] = "--force"; - argv[NA(argc)] = 0; - - setenv("DRBD_RESOURCE", res->name, 1); diff --git a/nixpkgs/pkgs/os-specific/linux/ell/default.nix b/nixpkgs/pkgs/os-specific/linux/ell/default.nix index 5fea8c197963..aa8e3f15aab2 100644 --- a/nixpkgs/pkgs/os-specific/linux/ell/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/ell/default.nix @@ -7,14 +7,14 @@ stdenv.mkDerivation rec { pname = "ell"; - version = "0.43"; + version = "0.46"; outputs = [ "out" "dev" ]; src = fetchgit { - url = "https://git.kernel.org/pub/scm/libs/${pname}/${pname}.git"; + url = "https://git.kernel.org/pub/scm/libs/ell/ell.git"; rev = version; - sha256 = "sha256-ttKFKV8spxnkFpZHV4Dn9BxJdjxYLWYrHY+qq6uAOlg="; + sha256 = "sha256-Am1PNFFfSzII4Iaeq0wgfuVHSeMDjiDzYkNQWlnEHJY="; }; nativeBuildInputs = [ diff --git a/nixpkgs/pkgs/os-specific/linux/ena/default.nix b/nixpkgs/pkgs/os-specific/linux/ena/default.nix index 1ff0b9a154a4..1257217a5206 100644 --- a/nixpkgs/pkgs/os-specific/linux/ena/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/ena/default.nix @@ -41,6 +41,6 @@ stdenv.mkDerivation rec { license = licenses.gpl2Only; maintainers = [ maintainers.eelco ]; platforms = platforms.linux; - broken = kernel.kernelOlder "4.5"; + broken = kernel.kernelOlder "4.5" || kernel.kernelAtLeast "5.15"; }; } diff --git a/nixpkgs/pkgs/os-specific/linux/erofs-utils/default.nix b/nixpkgs/pkgs/os-specific/linux/erofs-utils/default.nix index 242f9e8391a4..40d958bdd0f8 100644 --- a/nixpkgs/pkgs/os-specific/linux/erofs-utils/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/erofs-utils/default.nix @@ -2,14 +2,14 @@ stdenv.mkDerivation rec { pname = "erofs-utils"; - version = "1.3"; + version = "1.4"; outputs = [ "out" "man" ]; src = fetchgit { url = "https://git.kernel.org/pub/scm/linux/kernel/git/xiang/erofs-utils.git"; rev = "v" + version; - sha256 = "0sqiw05zbxr6l0g9gn3whkc4qc5km2qvfg4lnm08nppwskm8yaw8"; + sha256 = "sha256-yYMvtW6mQKGx+TZGzadbLX9pXU7vY5b4d1B8d5Ph6vk="; }; nativeBuildInputs = [ autoreconfHook pkg-config ]; diff --git a/nixpkgs/pkgs/os-specific/linux/error-inject/default.nix b/nixpkgs/pkgs/os-specific/linux/error-inject/default.nix new file mode 100644 index 000000000000..87a40580deb7 --- /dev/null +++ b/nixpkgs/pkgs/os-specific/linux/error-inject/default.nix @@ -0,0 +1,68 @@ +{ lib, stdenv, fetchgit +, bison, flex, rasdaemon +}: + +{ + edac-inject = rasdaemon.inject; + + mce-inject = stdenv.mkDerivation rec { + pname = "mce-inject"; + version = "4cbe46321b4a81365ff3aafafe63967264dbfec5"; + + src = fetchgit { + url = "git://git.kernel.org/pub/scm/utils/cpu/mce/mce-inject.git"; + rev = version; + sha256 = "0gjapg2hrlxp8ssrnhvc19i3r1xpcnql7xv0zjgbv09zyha08g6z"; + }; + + nativeBuildInputs = [ bison flex ]; + + makeFlags = [ "destdir=${placeholder "out"}" ]; + + postInstall = '' + mkdir $out/sbin + mv $out/usr/sbin/mce-inject $out/sbin/mce-inject + + mkdir $out/test + cp test/* $out/test/. + ''; + + meta = with lib; { + description = "MCE error injection tool"; + license = licenses.gpl2Only; + platforms = platforms.linux; + maintainers = [ maintainers.evils ]; + }; + }; + + aer-inject = stdenv.mkDerivation rec { + pname = "aer-inject"; + version = "9bd5e2c7886fca72f139cd8402488a2235957d41"; + + src = fetchgit { + url = "git://git.kernel.org/pub/scm/linux/kernel/git/gong.chen/aer-inject.git"; + rev = version; + sha256 = "0bh6mzpk2mr4xidkammmkfk21b4dbq793qjg25ryyxd1qv0c6cg4"; + }; + + nativeBuildInputs = [ bison flex ]; + + # how is this necessary? + makeFlags = [ "DESTDIR=${placeholder "out"}" ]; + + postInstall = '' + mkdir $out/bin + mv $out/usr/local/aer-inject $out/bin/aer-inject + + mkdir -p $out/examples + cp examples/* $out/examples/. + ''; + + meta = with lib; { + description = "PCIE AER error injection tool"; + license = licenses.gpl2Only; + platforms = platforms.linux; + maintainers = [ maintainers.evils ]; + }; + }; +} diff --git a/nixpkgs/pkgs/os-specific/linux/eudev/default.nix b/nixpkgs/pkgs/os-specific/linux/eudev/default.nix index 1fdd0647557d..7807f475e9b1 100644 --- a/nixpkgs/pkgs/os-specific/linux/eudev/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/eudev/default.nix @@ -1,60 +1,68 @@ -{lib, stdenv, fetchurl, pkg-config, glib, gperf, util-linux, kmod}: -let - s = # Generated upstream information - rec { - baseName="eudev"; - version = "3.2.10"; - name="${baseName}-${version}"; - url="http://dev.gentoo.org/~blueness/eudev/eudev-${version}.tar.gz"; - sha256 = "sha256-h7sCjUcP0bhRaTSbRMVdW3M3M9wtUN3xGW4CZyXq0DQ="; +{ lib +, stdenv +, fetchFromGitHub +, autoreconfHook +, glib +, gperf +, kmod +, pkg-config +, util-linux +}: + +stdenv.mkDerivation rec { + pname = "eudev"; + version = "3.2.11"; + + src = fetchFromGitHub { + owner = "eudev-project"; + repo = pname; + rev = "v${version}"; + hash = "sha256-W5nL4hicQ4fxz5rqoP+hhkE1tVn8lJZjMq4UaiXH6jc="; }; - nativeBuildInputs = [ pkg-config ]; - buildInputs = [ - glib gperf util-linux kmod + nativeBuildInputs = [ + autoreconfHook + gperf + pkg-config ]; -in -stdenv.mkDerivation { - inherit (s) name version; - inherit nativeBuildInputs buildInputs; - src = fetchurl { - inherit (s) url sha256; - }; - patches = [ + + buildInputs = [ + glib + kmod + util-linux ]; configureFlags = [ "--localstatedir=/var" "--sysconfdir=/etc" ]; + makeFlags = [ "hwdb_bin=/var/lib/udev/hwdb.bin" "udevrulesdir=/etc/udev/rules.d" ]; preInstall = '' - # Disable install-exec-hook target as it conflicts with our move-sbin setup-hook + # Disable install-exec-hook target, + # as it conflicts with our move-sbin setup-hook + sed -i 's;$(MAKE) $(AM_MAKEFLAGS) install-exec-hook;$(MAKE) $(AM_MAKEFLAGS);g' src/udev/Makefile ''; - installFlags = - [ + installFlags = [ "localstatedir=$(TMPDIR)/var" "sysconfdir=$(out)/etc" "udevconfdir=$(out)/etc/udev" "udevhwdbbin=$(out)/var/lib/udev/hwdb.bin" "udevhwdbdir=$(out)/var/lib/udev/hwdb.d" "udevrulesdir=$(out)/var/lib/udev/rules.d" - ]; - enableParallelBuilding = true; - meta = { - inherit (s) version; - description = "An udev fork by Gentoo"; - license = lib.licenses.gpl2Plus ; - maintainers = [lib.maintainers.raskin]; - platforms = lib.platforms.linux; - homepage = "https://wiki.gentoo.org/wiki/Project:Eudev"; - downloadPage = "http://dev.gentoo.org/~blueness/eudev/"; - updateWalker = true; + ]; + + meta = with lib; { + homepage = "https://github.com/eudev-project/eudev"; + description = "A fork of udev with the aim of isolating it from init"; + license = licenses.gpl2Plus ; + maintainers = with maintainers; [ raskin AndersonTorres ]; + platforms = platforms.linux; }; } diff --git a/nixpkgs/pkgs/os-specific/linux/evdi/default.nix b/nixpkgs/pkgs/os-specific/linux/evdi/default.nix index c1b624386c39..e0d1c46d64ad 100644 --- a/nixpkgs/pkgs/os-specific/linux/evdi/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/evdi/default.nix @@ -33,6 +33,6 @@ stdenv.mkDerivation rec { platforms = platforms.linux; license = with licenses; [ lgpl21Only gpl2Only ]; homepage = "https://www.displaylink.com/"; - broken = kernel.kernelOlder "4.19" || stdenv.isAarch64; + broken = kernel.kernelOlder "4.19" || kernel.kernelAtLeast "5.15" || stdenv.isAarch64; }; } diff --git a/nixpkgs/pkgs/os-specific/linux/eventstat/default.nix b/nixpkgs/pkgs/os-specific/linux/eventstat/default.nix index 55b00ab8719e..9a2c20ca38aa 100644 --- a/nixpkgs/pkgs/os-specific/linux/eventstat/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/eventstat/default.nix @@ -1,20 +1,26 @@ -{ stdenv, lib, fetchzip, ncurses }: +{ stdenv, lib, fetchFromGitHub, ncurses }: stdenv.mkDerivation rec { pname = "eventstat"; - version = "0.04.12"; - src = fetchzip { - url = "https://kernel.ubuntu.com/~cking/tarballs/eventstat/eventstat-${version}.tar.gz"; - sha256 = "sha256-XBSs/jZodCpI9BHgAF8+bE23gRCr2uebYiMJxxB8T5E="; + version = "0.04.13"; + + src = fetchFromGitHub { + owner = "ColinIanKing"; + repo = pname; + rev = "V${version}"; + hash = "sha256-psamt9omhakiO3Kx2EzofPL2VAsva7XKQTZmn6zKefA="; }; + buildInputs = [ ncurses ]; - installFlags = [ "DESTDIR=$(out)" ]; - postInstall = '' - mv $out/usr/* $out - rm -r $out/usr - ''; + installFlags = [ + "BINDIR=${placeholder "out"}/bin" + "MANDIR=${placeholder "out"}/share/man/man8" + "BASHDIR=${placeholder "out"}/share/bash-completion/completions" + ]; + meta = with lib; { description = "Simple monitoring of system events"; + homepage = "https://github.com/ColinIanKing/eventstat"; license = licenses.gpl2; platforms = platforms.linux; maintainers = with maintainers; [ cstrahan ]; diff --git a/nixpkgs/pkgs/os-specific/linux/fbterm/default.nix b/nixpkgs/pkgs/os-specific/linux/fbterm/default.nix index 72e886b91f55..ecf1b5e2b314 100644 --- a/nixpkgs/pkgs/os-specific/linux/fbterm/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/fbterm/default.nix @@ -1,19 +1,18 @@ -{stdenv, lib, fetchurl, gpm, freetype, fontconfig, pkg-config, ncurses, libx86}: +{ stdenv, lib, fetchurl, gpm, freetype, fontconfig, pkg-config, ncurses, libx86 }: let s = # Generated upstream information - { - baseName="fbterm"; - version="1.7.0"; - name="fbterm-1.7.0"; - hash="0pciv5by989vzvjxsv1jsv4bdp4m8j0nfbl29jm5fwi12w4603vj"; - url = "https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/fbterm/fbterm-1.7.0.tar.gz"; - sha256="0pciv5by989vzvjxsv1jsv4bdp4m8j0nfbl29jm5fwi12w4603vj"; - }; - buildInputs = [gpm freetype fontconfig ncurses] - ++ lib.optional (stdenv.isi686 || stdenv.isx86_64) libx86; + { + version = "1.7.0"; + pname = "fbterm"; + hash = "0pciv5by989vzvjxsv1jsv4bdp4m8j0nfbl29jm5fwi12w4603vj"; + url = "https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/fbterm/fbterm-1.7.0.tar.gz"; + sha256 = "0pciv5by989vzvjxsv1jsv4bdp4m8j0nfbl29jm5fwi12w4603vj"; + }; + buildInputs = [ gpm freetype fontconfig ncurses ] + ++ lib.optional stdenv.hostPlatform.isx86 libx86; in stdenv.mkDerivation { - inherit (s) name version; + inherit (s) pname version; src = fetchurl { inherit (s) url sha256; }; diff --git a/nixpkgs/pkgs/os-specific/linux/firmware/firmware-linux-nonfree/default.nix b/nixpkgs/pkgs/os-specific/linux/firmware/firmware-linux-nonfree/default.nix index b06b239221de..ebe9b733e3d0 100644 --- a/nixpkgs/pkgs/os-specific/linux/firmware/firmware-linux-nonfree/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/firmware/firmware-linux-nonfree/default.nix @@ -2,12 +2,12 @@ stdenvNoCC.mkDerivation rec { pname = "firmware-linux-nonfree"; - version = "2021-09-19"; + version = "20211216"; src = fetchgit { url = "https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git"; - rev = "refs/tags/" + lib.replaceStrings [ "-" ] [ "" ] version; - sha256 = "1ix43qqpl5kvs6xpqrs3l5aj6vmwcaxcnv8l04mqqkyi9wamjydn"; + rev = "refs/tags/${version}"; + sha256 = "sha256-Q5TPtSbETDDRVKFfwQOp+GGsTGpTpGU5PQ5QkJCtWcM="; }; installFlags = [ "DESTDIR=$(out)" ]; @@ -17,7 +17,7 @@ stdenvNoCC.mkDerivation rec { outputHashMode = "recursive"; outputHashAlgo = "sha256"; - outputHash = "02nzl7bwvkcxd499glfbrkpyndrlmqkxvpjwgjr0rccaqdhfl21j"; + outputHash = "sha256-nyhxyDVO7tWkCD7fMjwiFNuMSh5e/z5w71CIZw3SJH8="; meta = with lib; { description = "Binary firmware collection packaged by kernel.org"; diff --git a/nixpkgs/pkgs/os-specific/linux/firmware/fwupd-efi/default.nix b/nixpkgs/pkgs/os-specific/linux/firmware/fwupd-efi/default.nix new file mode 100644 index 000000000000..0e74b32b3b6b --- /dev/null +++ b/nixpkgs/pkgs/os-specific/linux/firmware/fwupd-efi/default.nix @@ -0,0 +1,56 @@ +{ lib +, stdenv +, fetchurl +, fetchFromGitHub +, substituteAll +, pkg-config +, meson +, ninja +, gnu-efi +, python3 +}: + +stdenv.mkDerivation rec { + pname = "fwupd-efi"; + version = "1.1"; + + src = fetchurl { + url = "https://people.freedesktop.org/~hughsient/releases/${pname}-${version}.tar.xz"; + sha256 = "1w879qxlnsaz5xyp168a08f2p8yrgfpkfycls28jw8qxmz6g20aw"; + }; + + nativeBuildInputs = [ + meson + ninja + pkg-config + python3 + ]; + + buildInputs = [ + gnu-efi + ]; + + postPatch = '' + patchShebangs \ + efi/generate_binary.py \ + efi/generate_sbat.py + ''; + + mesonFlags = [ + "-Defi-includedir=${gnu-efi}/include/efi" + "-Defi-libdir=${gnu-efi}/lib" + "-Defi-ldsdir=${gnu-efi}/lib" + "-Defi_sbat_distro_id=nixos" + "-Defi_sbat_distro_summary=NixOS" + "-Defi_sbat_distro_pkgname=${pname}" + "-Defi_sbat_distro_version=${version}" + "-Defi_sbat_distro_url=https://search.nixos.org/packages?channel=unstable&show=fwupd-efi&from=0&size=50&sort=relevance&query=fwupd-efi" + ]; + + meta = with lib; { + homepage = "https://fwupd.org/"; + maintainers = with maintainers; [ maxeaubrey ]; + license = licenses.lgpl21Plus; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/os-specific/linux/firmware/fwupd/add-option-for-installation-sysconfdir.patch b/nixpkgs/pkgs/os-specific/linux/firmware/fwupd/add-option-for-installation-sysconfdir.patch index cd42f2f44e20..66194430b251 100644 --- a/nixpkgs/pkgs/os-specific/linux/firmware/fwupd/add-option-for-installation-sysconfdir.patch +++ b/nixpkgs/pkgs/os-specific/linux/firmware/fwupd/add-option-for-installation-sysconfdir.patch @@ -1,21 +1,21 @@ diff --git a/data/meson.build b/data/meson.build -index 50154569..f8058a8e 100644 +index f10d4ff6..2dc66fb6 100644 --- a/data/meson.build +++ b/data/meson.build -@@ -17,7 +17,7 @@ endif +@@ -21,7 +21,7 @@ endif if build_standalone install_data(['daemon.conf'], - install_dir : join_paths(sysconfdir, 'fwupd') + install_dir : join_paths(sysconfdir_install, 'fwupd') ) - endif - + install_data(['power.quirk'], + install_dir: join_paths(datadir, 'fwupd', 'quirks.d')) diff --git a/data/pki/meson.build b/data/pki/meson.build -index 94bb0b6f..1ea6a9ac 100644 +index dcd9e128..ff137f3a 100644 --- a/data/pki/meson.build +++ b/data/pki/meson.build -@@ -3,24 +3,23 @@ install_data([ +@@ -2,24 +2,23 @@ install_data([ 'GPG-KEY-Linux-Foundation-Firmware', 'GPG-KEY-Linux-Vendor-Firmware-Service', ], @@ -45,19 +45,28 @@ index 94bb0b6f..1ea6a9ac 100644 ) - diff --git a/data/remotes.d/meson.build b/data/remotes.d/meson.build -index 826a3c1d..b78db663 100644 +index 02d8777b..2c89d593 100644 --- a/data/remotes.d/meson.build +++ b/data/remotes.d/meson.build -@@ -3,7 +3,7 @@ if build_daemon and get_option('lvfs') - 'lvfs.conf', +@@ -2,7 +2,7 @@ if build_standalone and get_option('lvfs') != 'false' + install_data([ 'lvfs-testing.conf', ], - install_dir : join_paths(sysconfdir, 'fwupd', 'remotes.d') + install_dir : join_paths(sysconfdir_install, 'fwupd', 'remotes.d') ) + con3 = configuration_data() + if get_option('lvfs') == 'disabled' +@@ -15,7 +15,7 @@ if build_standalone and get_option('lvfs') != 'false' + output : 'lvfs.conf', + configuration : con3, + install: true, +- install_dir: join_paths(sysconfdir, 'fwupd', 'remotes.d'), ++ install_dir: join_paths(sysconfdir_install, 'fwupd', 'remotes.d'), + ) i18n.merge_file( input: 'lvfs.metainfo.xml', -@@ -37,12 +37,12 @@ configure_file( +@@ -49,12 +49,12 @@ configure_file( output : 'vendor.conf', configuration : con2, install: true, @@ -73,10 +82,10 @@ index 826a3c1d..b78db663 100644 + install_dir: join_paths(sysconfdir_install, 'fwupd', 'remotes.d'), ) diff --git a/meson.build b/meson.build -index b075ca89..8d504d3c 100644 +index 7557cd4a..4c98de6d 100644 --- a/meson.build +++ b/meson.build -@@ -194,6 +194,12 @@ endif +@@ -190,6 +190,12 @@ endif mandir = join_paths(prefix, get_option('mandir')) localedir = join_paths(prefix, get_option('localedir')) @@ -90,43 +99,44 @@ index b075ca89..8d504d3c 100644 gio = dependency('gio-2.0', version : '>= 2.45.8') giounix = dependency('gio-unix-2.0', version : '>= 2.45.8', required: false) diff --git a/meson_options.txt b/meson_options.txt -index bc76c0ab..8a67d012 100644 +index 94f73898..5de6cc7b 100644 --- a/meson_options.txt +++ b/meson_options.txt @@ -1,3 +1,4 @@ +option('sysconfdir_install', type: 'string', value: '', description: 'sysconfdir to use during installation') option('build', type : 'combo', choices : ['all', 'standalone', 'library'], value : 'all', description : 'build type') - option('agent', type : 'boolean', value : true, description : 'enable the fwupd agent') option('consolekit', type : 'boolean', value : true, description : 'enable ConsoleKit support') + option('firmware-packager', type : 'boolean', value : true, description : 'enable firmware-packager installation') diff --git a/plugins/dell-esrt/meson.build b/plugins/dell-esrt/meson.build -index ed4eee70..76dbdb1d 100644 +index e9f12879..a0126dbb 100644 --- a/plugins/dell-esrt/meson.build +++ b/plugins/dell-esrt/meson.build -@@ -37,5 +37,5 @@ configure_file( +@@ -38,6 +38,6 @@ configure_file( output : 'dell-esrt.conf', configuration : con2, install: true, - install_dir: join_paths(sysconfdir, 'fwupd', 'remotes.d'), + install_dir: join_paths(sysconfdir_install, 'fwupd', 'remotes.d'), ) + endif diff --git a/plugins/redfish/meson.build b/plugins/redfish/meson.build -index 205d1394..3223f404 100644 +index 5263048c..c46fac64 100644 --- a/plugins/redfish/meson.build +++ b/plugins/redfish/meson.build -@@ -27,7 +27,7 @@ shared_module('fu_plugin_redfish', +@@ -53,7 +53,7 @@ shared_module('fu_plugin_redfish', ) install_data(['redfish.conf'], -- install_dir: join_paths(sysconfdir, 'fwupd') -+ install_dir: join_paths(sysconfdir_install, 'fwupd') +- install_dir: join_paths(sysconfdir, 'fwupd'), ++ install_dir: join_paths(sysconfdir_install, 'fwupd'), + install_mode: 'rw-r-----', ) - if get_option('tests') diff --git a/plugins/thunderbolt/meson.build b/plugins/thunderbolt/meson.build -index 6b2368fb..2bd06fed 100644 +index 646ed6cb..8d7c59aa 100644 --- a/plugins/thunderbolt/meson.build +++ b/plugins/thunderbolt/meson.build -@@ -31,7 +31,7 @@ fu_plugin_thunderbolt = shared_module('fu_plugin_thunderbolt', +@@ -35,7 +35,7 @@ fu_plugin_thunderbolt = shared_module('fu_plugin_thunderbolt', ) install_data(['thunderbolt.conf'], @@ -136,10 +146,19 @@ index 6b2368fb..2bd06fed 100644 # we use functions from 2.52 in the tests if get_option('tests') and umockdev.found() and gio.version().version_compare('>= 2.52') diff --git a/plugins/uefi-capsule/meson.build b/plugins/uefi-capsule/meson.build -index 0b793a07..ebd3e5ea 100644 +index 708586b0..f29536b1 100644 --- a/plugins/uefi-capsule/meson.build +++ b/plugins/uefi-capsule/meson.build -@@ -97,7 +97,7 @@ if get_option('man') +@@ -21,7 +21,7 @@ if host_machine.system() == 'linux' + output : '35_fwupd', + configuration : con2, + install: true, +- install_dir: join_paths(sysconfdir, 'grub.d') ++ install_dir: join_paths(sysconfdir_install, 'grub.d') + ) + elif host_machine.system() == 'freebsd' + backend_srcs += 'fu-uefi-backend-freebsd.c' +@@ -116,7 +116,7 @@ if get_option('man') endif install_data(['uefi_capsule.conf'], @@ -147,15 +166,4 @@ index 0b793a07..ebd3e5ea 100644 + install_dir: join_paths(sysconfdir_install, 'fwupd') ) - if get_option('tests') -diff --git a/plugins/upower/meson.build b/plugins/upower/meson.build -index 290a3eb6..9ab2f452 100644 ---- a/plugins/upower/meson.build -+++ b/plugins/upower/meson.build -@@ -23,5 +23,5 @@ shared_module('fu_plugin_upower', - ) - - install_data(['upower.conf'], -- install_dir: join_paths(sysconfdir, 'fwupd') -+ install_dir: join_paths(sysconfdir_install, 'fwupd') - ) + # add all the .po files as inputs to watch diff --git a/nixpkgs/pkgs/os-specific/linux/firmware/fwupd/default.nix b/nixpkgs/pkgs/os-specific/linux/firmware/fwupd/default.nix index 4f3c3a79f5b0..71f6da0d13b1 100644 --- a/nixpkgs/pkgs/os-specific/linux/firmware/fwupd/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/firmware/fwupd/default.nix @@ -1,9 +1,10 @@ # Updating? Keep $out/etc synchronized with passthru keys -{ lib, stdenv +{ stdenv +, lib , fetchurl +, fetchpatch , fetchFromGitHub -, substituteAll , gtk-doc , pkg-config , gobject-introspection @@ -15,13 +16,11 @@ , sqlite , libarchive , curl -, help2man , libjcat , libxslt , elfutils , libsmbios , efivar -, gnu-efi , valgrind , meson , libuuid @@ -31,6 +30,7 @@ , ninja , gcab , gnutls +, protobufc , python3 , wrapGAppsHook , json-glib @@ -40,33 +40,25 @@ , vala , makeFontsConf , freefont_ttf -, cairo -, freetype -, fontconfig , pango , tpm2-tss , bubblewrap , efibootmgr , flashrom , tpm2-tools +, fwupd-efi , nixosTests , runCommand +, unstableGitUpdater }: let python = python3.withPackages (p: with p; [ pygobject3 - pycairo - pillow setuptools ]); - installedTestsPython = python3.withPackages (p: with p; [ - pygobject3 - requests - ]); - - isx86 = stdenv.isx86_64 || stdenv.isi686; + isx86 = stdenv.hostPlatform.isx86; # Dell isn't supported on Aarch64 haveDell = isx86; @@ -89,9 +81,38 @@ let exec python3 -c "$buildCommandPython" ''; + test-firmware = + let + version = "unstable-2021-11-02"; + src = fetchFromGitHub { + name = "fwupd-test-firmware-${version}"; + owner = "fwupd"; + repo = "fwupd-test-firmware"; + rev = "aaa2f9fd68a40684c256dd85b86093cba38ffd9d"; + sha256 = "Slk7CNfkmvmOh3WtIBkPs3NYT96co6i8PwqcbpeVFgA="; + passthru = { + inherit src version; # For update script + updateScript = unstableGitUpdater { + url = "${test-firmware.meta.homepage}.git"; + }; + }; + }; + in + src // { + meta = src.meta // { + # For update script + position = + let + pos = builtins.unsafeGetAttrPos "updateScript" test-firmware; + in + pos.file + ":" + toString pos.line; + }; + }; + + self = stdenv.mkDerivation rec { pname = "fwupd"; - version = "1.5.12"; + version = "1.7.2"; # libfwupd goes to lib # daemon, plug-ins and libfwupdplugin go to out @@ -100,27 +121,30 @@ let src = fetchurl { url = "https://people.freedesktop.org/~hughsient/releases/fwupd-${version}.tar.xz"; - sha256 = "sha256-BluwLlm6s/2H/USARQpAvDR0+X8WP/q0h8VvxA6Qftc="; + sha256 = "sha256-hjLfacO6/Fk4fNy1F8POMaWXoJAm5E9ZB9g4RnG5+DQ="; }; patches = [ - # Do not try to create useless paths in /var. - ./fix-paths.patch - - # Allow installing + # Since /etc is the domain of NixOS, not Nix, + # we cannot install files there. + # Let’s install the files to $prefix/etc + # while still reading them from /etc. + # NixOS module for fwupd will take take care of copying the files appropriately. ./add-option-for-installation-sysconfdir.patch - # Install plug-ins and libfwupdplugin to out, + # Install plug-ins and libfwupdplugin to $out output, # they are not really part of the library. ./install-fwupdplugin-to-out.patch # Installed tests are installed to different output # we also cannot have fwupd-tests.conf in $out/etc since it would form a cycle. - (substituteAll { - src = ./installed-tests-path.patch; - # Needs a different set of modules than po/make-images. - inherit installedTestsPython; - }) + ./installed-tests-path.patch + + # Tests detect fwupd is installed when prefix is /usr. + ./fix-install-detection.patch + + # EFI capsule is located in fwupd-efi now. + ./efi-app-path.patch ]; nativeBuildInputs = [ @@ -136,8 +160,8 @@ let gnutls docbook_xml_dtd_43 docbook-xsl-nons - help2man libxslt + protobufc # for protoc python wrapGAppsHook vala @@ -151,7 +175,6 @@ let libarchive curl elfutils - gnu-efi libgudev colord libjcat @@ -159,18 +182,17 @@ let json-glib umockdev bash-completion - cairo - freetype - fontconfig pango tpm2-tss efivar + fwupd-efi + protobufc ] ++ lib.optionals haveDell [ libsmbios ]; mesonFlags = [ - "-Dgtkdoc=true" + "-Ddocs=gtkdoc" "-Dplugin_dummy=true" # We are building the official releases. "-Dsupported_build=true" @@ -180,17 +202,10 @@ let "-Dudevdir=lib/udev" "-Dsystemd_root_prefix=${placeholder "out"}" "-Dinstalled_test_prefix=${placeholder "installedTests"}" - "-Defi-libdir=${gnu-efi}/lib" - "-Defi-ldsdir=${gnu-efi}/lib" - "-Defi-includedir=${gnu-efi}/include/efi" - "-Defi_sbat_distro_id=nixos" - "-Defi_sbat_distro_summary=NixOS" - "-Defi_sbat_distro_pkgname=fwupd" - "-Defi_sbat_distro_version=${version}" - "-Defi_sbat_distro_url=https://search.nixos.org/packages?channel=unstable&show=fwupd&from=0&size=50&sort=relevance&query=fwupd" "--localstatedir=/var" "--sysconfdir=/etc" "-Dsysconfdir_install=${placeholder "out"}/etc" + "-Defi_os_dir=nixos" # We do not want to place the daemon into lib (cyclic reference) "--libexecdir=${placeholder "out"}/libexec" @@ -232,13 +247,8 @@ let postPatch = '' patchShebangs \ - contrib/get-version.py \ contrib/generate-version-script.py \ meson_post_install.sh \ - plugins/uefi-capsule/efi/generate_sbat.py \ - plugins/uefi-capsule/efi/generate_binary.py \ - po/make-images \ - po/make-images.sh \ po/test-deps ''; @@ -246,18 +256,20 @@ let addToSearchPath XDG_DATA_DIRS "${shared-mime-info}/share" ''; - postInstall = - let - testFw = fetchFromGitHub { - owner = "fwupd"; - repo = "fwupd-test-firmware"; - rev = "c13bfb26cae5f4f115dd4e08f9f00b3cb9acc25e"; - sha256 = "US81i7mtLEe85KdWz5r+fQTk61IhqjVkzykBaBPuKL4="; - }; - in '' - # These files have weird licenses so they are shipped separately. - cp --recursive --dereference "${testFw}/installed-tests/tests" "$installedTests/libexec/installed-tests/fwupd" - ''; + preInstall = '' + # We have pkexec on PATH so Meson will try to use it when installation fails + # due to being unable to write to e.g. /etc. + # Let’s pretend we already ran pkexec – + # the pkexec on PATH would complain it lacks setuid bit, + # obscuring the underlying error. + # https://github.com/mesonbuild/meson/blob/492cc9bf95d573e037155b588dc5110ded4d9a35/mesonbuild/minstall.py#L558 + export PKEXEC_UID=-1 + ''; + + postInstall = '' + # These files have weird licenses so they are shipped separately. + cp --recursive --dereference "${test-firmware}/installed-tests/tests" "$installedTests/libexec/installed-tests/fwupd" + ''; preFixup = let binPath = [ @@ -294,7 +306,6 @@ let "fwupd/remotes.d/vendor.conf" "fwupd/remotes.d/vendor-directory.conf" "fwupd/thunderbolt.conf" - "fwupd/upower.conf" "fwupd/uefi_capsule.conf" "pki/fwupd/GPG-KEY-Linux-Foundation-Firmware" "pki/fwupd/GPG-KEY-Linux-Vendor-Firmware-Service" @@ -302,6 +313,7 @@ let "pki/fwupd-metadata/GPG-KEY-Linux-Foundation-Metadata" "pki/fwupd-metadata/GPG-KEY-Linux-Vendor-Firmware-Service" "pki/fwupd-metadata/LVFS-CA.pem" + "grub.d/35_fwupd" ] ++ lib.optionals haveDell [ "fwupd/remotes.d/dell-esrt.conf" ] ++ lib.optionals haveRedfish [ @@ -315,6 +327,9 @@ let "invalid" ]; + # For updating. + inherit test-firmware; + tests = let listToPy = list: "[${lib.concatMapStringsSep ", " (f: "'${f}'") list}]"; in { diff --git a/nixpkgs/pkgs/os-specific/linux/firmware/fwupd/efi-app-path.patch b/nixpkgs/pkgs/os-specific/linux/firmware/fwupd/efi-app-path.patch new file mode 100644 index 000000000000..c2502502a40c --- /dev/null +++ b/nixpkgs/pkgs/os-specific/linux/firmware/fwupd/efi-app-path.patch @@ -0,0 +1,13 @@ +diff --git a/meson.build b/meson.build +index 4330512e..e53b70ab 100644 +--- a/meson.build ++++ b/meson.build +@@ -403,7 +403,7 @@ endif + if build_standalone and get_option('plugin_uefi_capsule') + efiboot = dependency('efiboot') + +- efi_app_location = join_paths(libexecdir, 'fwupd', 'efi') ++ efi_app_location = join_paths(dependency('fwupd-efi').get_pkgconfig_variable('prefix'), 'libexec', 'fwupd', 'efi') + conf.set_quoted('EFI_APP_LOCATION', efi_app_location) + + if host_cpu == 'x86' diff --git a/nixpkgs/pkgs/os-specific/linux/firmware/fwupd/fix-install-detection.patch b/nixpkgs/pkgs/os-specific/linux/firmware/fwupd/fix-install-detection.patch new file mode 100644 index 000000000000..56d7def5c16a --- /dev/null +++ b/nixpkgs/pkgs/os-specific/linux/firmware/fwupd/fix-install-detection.patch @@ -0,0 +1,13 @@ +diff --git a/plugins/redfish/fu-self-test.c b/plugins/redfish/fu-self-test.c +index 4710c769..1c68fdb9 100644 +--- a/plugins/redfish/fu-self-test.c ++++ b/plugins/redfish/fu-self-test.c +@@ -27,7 +27,7 @@ fu_test_is_installed_test(void) + const gchar *builddir = g_getenv("G_TEST_BUILDDIR"); + if (builddir == NULL) + return FALSE; +- return g_str_has_prefix(builddir, "/usr"); ++ return g_str_has_prefix(builddir, "/nix"); + } + + static void diff --git a/nixpkgs/pkgs/os-specific/linux/firmware/fwupd/fix-paths.patch b/nixpkgs/pkgs/os-specific/linux/firmware/fwupd/fix-paths.patch deleted file mode 100644 index 474b250097d0..000000000000 --- a/nixpkgs/pkgs/os-specific/linux/firmware/fwupd/fix-paths.patch +++ /dev/null @@ -1,8 +0,0 @@ -diff --git a/data/builder/meson.build b/data/builder/meson.build -index c7a430c0..e69de29b 100644 ---- a/data/builder/meson.build -+++ b/data/builder/meson.build -@@ -1,3 +0,0 @@ --install_data('README.md', -- install_dir : join_paths(localstatedir, 'lib', 'fwupd', 'builder') --) diff --git a/nixpkgs/pkgs/os-specific/linux/firmware/fwupd/install-fwupdplugin-to-out.patch b/nixpkgs/pkgs/os-specific/linux/firmware/fwupd/install-fwupdplugin-to-out.patch index 347b6862146d..6667156e831c 100644 --- a/nixpkgs/pkgs/os-specific/linux/firmware/fwupd/install-fwupdplugin-to-out.patch +++ b/nixpkgs/pkgs/os-specific/linux/firmware/fwupd/install-fwupdplugin-to-out.patch @@ -1,8 +1,8 @@ diff --git a/libfwupdplugin/meson.build b/libfwupdplugin/meson.build -index 0abcd45c..51cbc912 100644 +index d6a2ed68..12c82a95 100644 --- a/libfwupdplugin/meson.build +++ b/libfwupdplugin/meson.build -@@ -114,7 +114,8 @@ +@@ -216,7 +216,8 @@ fwupdplugin = library( ], link_args : vflag, link_depends : fwupdplugin_mapfile, @@ -12,26 +12,26 @@ index 0abcd45c..51cbc912 100644 ) fwupdplugin_pkgg = import('pkgconfig') -@@ -167,7 +168,8 @@ - 'GUsb-1.0', +@@ -276,7 +277,8 @@ if get_option('introspection') + girtargets, fwupd_gir[0], ], - install : true + install : true, + install_dir_typelib : bindir / '..' / 'lib' / 'girepository-1.0', ) - gnome.generate_vapi('fwupdplugin', - sources : fwupd_gir[0], + + # Verify the map file is correct -- note we can't actually use the generated diff --git a/meson.build b/meson.build -index b1a523d2..00125997 100644 +index 38aa36b0..3fb7e579 100644 --- a/meson.build +++ b/meson.build -@@ -389,7 +389,7 @@ +@@ -521,7 +521,7 @@ if build_standalone if host_machine.system() == 'windows' - plugin_dir = 'fwupd-plugins-3' + plugin_dir = 'fwupd-plugins-@0@'.format(libfwupdplugin_lt_current) else -- plugin_dir = join_paths(libdir, 'fwupd-plugins-3') -+ plugin_dir = join_paths(bindir, '..', 'lib', 'fwupd-plugins-3') +- plugin_dir = join_paths(libdir, 'fwupd-plugins-@0@'.format(libfwupdplugin_lt_current)) ++ plugin_dir = join_paths(bindir, '..', 'lib', 'fwupd-plugins-@0@'.format(libfwupdplugin_lt_current)) endif conf.set_quoted('FWUPD_PLUGINDIR', plugin_dir) endif diff --git a/nixpkgs/pkgs/os-specific/linux/firmware/fwupd/installed-tests-path.patch b/nixpkgs/pkgs/os-specific/linux/firmware/fwupd/installed-tests-path.patch index d8f1a533b824..2024e84b0a83 100644 --- a/nixpkgs/pkgs/os-specific/linux/firmware/fwupd/installed-tests-path.patch +++ b/nixpkgs/pkgs/os-specific/linux/firmware/fwupd/installed-tests-path.patch @@ -1,13 +1,3 @@ -diff --git a/data/device-tests/hardware.py b/data/device-tests/hardware.py -index 7f1e1907..10fee1b8 100755 ---- a/data/device-tests/hardware.py -+++ b/data/device-tests/hardware.py -@@ -1,4 +1,4 @@ --#!/usr/bin/python3 -+#!@installedTestsPython@/bin/python3 - # pylint: disable=wrong-import-position,too-many-locals,unused-argument,wrong-import-order - # - # Copyright (C) 2017 Richard Hughes <richard@hughsie.com> diff --git a/data/installed-tests/meson.build b/data/installed-tests/meson.build index adadbcdd..1b51bb9c 100644 --- a/data/installed-tests/meson.build diff --git a/nixpkgs/pkgs/os-specific/linux/firmware/sof-firmware/default.nix b/nixpkgs/pkgs/os-specific/linux/firmware/sof-firmware/default.nix index 98cfa68e0313..841e73cfc8ba 100644 --- a/nixpkgs/pkgs/os-specific/linux/firmware/sof-firmware/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/firmware/sof-firmware/default.nix @@ -5,20 +5,20 @@ stdenvNoCC.mkDerivation rec { pname = "sof-firmware"; - version = "1.9"; + version = "2.0"; src = fetchFromGitHub { owner = "thesofproject"; repo = "sof-bin"; rev = "v${version}"; - sha256 = "sha256-yife3gO8lXOGwRye213II9rCQqDic7B7w1xW1o7ajF8="; + sha256 = "sha256-pDxNcDe/l1foFYuHB0w3YZidKIeH6h0IuwRmMzeMteE="; }; dontFixup = true; # binaries must not be stripped or patchelfed installPhase = '' runHook preInstall - cd "v${version}.x" + cd "v${lib.versions.majorMinor version}.x" mkdir -p $out/lib/firmware/intel/ cp -a sof-v${version} $out/lib/firmware/intel/sof cp -a sof-tplg-v${version} $out/lib/firmware/intel/sof-tplg diff --git a/nixpkgs/pkgs/os-specific/linux/forkstat/default.nix b/nixpkgs/pkgs/os-specific/linux/forkstat/default.nix index 09c9c660285e..1c3f3342e081 100644 --- a/nixpkgs/pkgs/os-specific/linux/forkstat/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/forkstat/default.nix @@ -1,20 +1,25 @@ -{ stdenv, lib, fetchurl }: +{ stdenv, lib, fetchFromGitHub }: stdenv.mkDerivation rec { pname = "forkstat"; - version = "0.02.16"; - src = fetchurl { - url = "https://kernel.ubuntu.com/~cking/tarballs/forkstat/forkstat-${version}.tar.xz"; - sha256 = "1rrzvlws9725dy2jq5k4zfv669ngrb2klhla6wvir8nwh53jms4w"; + version = "0.02.17"; + + src = fetchFromGitHub { + owner = "ColinIanKing"; + repo = pname; + rev = "V${version}"; + hash = "sha256-Rw1Xwst0+seksTLL+v3IUEojGjwCERwF89xkk70npUU="; }; - installFlags = [ "DESTDIR=$(out)" ]; - postInstall = '' - mv $out/usr/* $out - rm -r $out/usr - ''; + + installFlags = [ + "BINDIR=${placeholder "out"}/bin" + "MANDIR=${placeholder "out"}/share/man/man8" + "BASHDIR=${placeholder "out"}/share/bash-completion/completions" + ]; + meta = with lib; { description = "Process fork/exec/exit monitoring tool"; - homepage = "https://kernel.ubuntu.com/~cking/forkstat/"; + homepage = "https://github.com/ColinIanKing/forkstat"; license = licenses.gpl2; platforms = platforms.linux; maintainers = with maintainers; [ womfoo ]; diff --git a/nixpkgs/pkgs/os-specific/linux/forktty/default.nix b/nixpkgs/pkgs/os-specific/linux/forktty/default.nix index c2e493995829..f060557cdecd 100644 --- a/nixpkgs/pkgs/os-specific/linux/forktty/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/forktty/default.nix @@ -1,36 +1,29 @@ -{lib, stdenv, fetchurl}: -let - s = # Generated upstream information - rec { - baseName="forktty"; - version="1.3"; - name="${baseName}-${version}"; - hash="0nd55zdqly6nl98k9lc7j751x86cw9hayx1qn0725f22r1x3j5zb"; - url="http://sunsite.unc.edu/pub/linux/utils/terminal/forktty-1.3.tgz"; - sha256="0nd55zdqly6nl98k9lc7j751x86cw9hayx1qn0725f22r1x3j5zb"; - }; - buildInputs = [ - ]; -in -stdenv.mkDerivation { - inherit (s) name version; - inherit buildInputs; +{ lib, stdenv, fetchurl }: + +stdenv.mkDerivation rec { + pname = "forktty"; + version = "1.3"; + src = fetchurl { - inherit (s) url sha256; + url = "http://sunsite.unc.edu/pub/linux/utils/terminal/forktty-${version}.tgz"; + sha256 = "sha256-6xc5eshCuCIOsDh0r2DizKAeypGH0TRRotZ4itsvpVk="; }; + preBuild = '' sed -e s@/usr/bin/ginstall@install@g -i Makefile ''; + preInstall = '' mkdir -p "$out/bin" mkdir -p "$out/share/man/man8" ''; + makeFlags = [ "prefix=$(out)" "manprefix=$(out)/share/" ]; - meta = { - inherit (s) version; + + meta = with lib; { description = "Tool to detach from controlling TTY and attach to another"; - license = lib.licenses.gpl2 ; - maintainers = [lib.maintainers.raskin]; - platforms = lib.platforms.linux; + license = licenses.gpl2; + maintainers = with maintainers; [ raskin ]; + platforms = platforms.linux; }; } diff --git a/nixpkgs/pkgs/os-specific/linux/forktty/default.upstream b/nixpkgs/pkgs/os-specific/linux/forktty/default.upstream deleted file mode 100644 index 45cb775a0ae3..000000000000 --- a/nixpkgs/pkgs/os-specific/linux/forktty/default.upstream +++ /dev/null @@ -1,2 +0,0 @@ -url http://sunsite.unc.edu/pub/linux/utils/terminal/ -version_link 'forktty.*tgz' diff --git a/nixpkgs/pkgs/os-specific/linux/fscrypt/default.nix b/nixpkgs/pkgs/os-specific/linux/fscrypt/default.nix index 7528fae6bdd7..226c6e1c72ad 100644 --- a/nixpkgs/pkgs/os-specific/linux/fscrypt/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/fscrypt/default.nix @@ -4,13 +4,13 @@ buildGoModule rec { pname = "fscrypt"; - version = "0.3.0"; + version = "0.3.1"; src = fetchFromGitHub { owner = "google"; repo = "fscrypt"; rev = "v${version}"; - sha256 = "1zdadi9f7wj6kgmmk9zlkpdm1lb3gfiscg9gkqqdql2si7y6g2nq"; + sha256 = "0gi91vm0ai4vjzj6cfnjsfy8kbfxjiq2n7jnbhf5470qbx49qixr"; }; postPatch = '' @@ -19,7 +19,7 @@ buildGoModule rec { --replace "/usr/local" "$out" ''; - vendorSha256 = "0yak221mlyfacvlsaq9g3xiyk94n94vqgkbaji8d21pi8hhr38m6"; + vendorSha256 = "1gw3q2pn8v6n9wkl5881rbxglislnr98a9gjqnqm894gnz7hfdzb"; doCheck = false; diff --git a/nixpkgs/pkgs/os-specific/linux/fscryptctl/default.nix b/nixpkgs/pkgs/os-specific/linux/fscryptctl/default.nix index bd1b414f4cba..2a2a9b41c9c2 100644 --- a/nixpkgs/pkgs/os-specific/linux/fscryptctl/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/fscryptctl/default.nix @@ -32,7 +32,7 @@ stdenv.mkDerivation rec { documentation for filesystem encryption before using fscryptctl. ''; inherit (src.meta) homepage; - changelog = "https://github.com/google/fscryptctl/releases/tag/v{version}"; + changelog = "https://github.com/google/fscryptctl/releases/tag/v${version}"; license = licenses.asl20; platforms = platforms.linux; maintainers = with maintainers; [ primeos ]; diff --git a/nixpkgs/pkgs/os-specific/linux/fscryptctl/legacy.nix b/nixpkgs/pkgs/os-specific/linux/fscryptctl/legacy.nix deleted file mode 100644 index 64a409fb58bf..000000000000 --- a/nixpkgs/pkgs/os-specific/linux/fscryptctl/legacy.nix +++ /dev/null @@ -1,51 +0,0 @@ -{ lib, stdenv, fetchFromGitHub }: - -# Don't use this for anything important! -# TODO: Drop fscryptctl-experimental after the NixOS 21.03/21.05 release. - -stdenv.mkDerivation rec { - pname = "fscryptctl"; - version = "0.1.0"; - - goPackagePath = "github.com/google/fscrypt"; - - src = fetchFromGitHub { - owner = "google"; - repo = "fscryptctl"; - rev = "v${version}"; - sha256 = "1853hlpklisbqnkb7a921dsf0vp2nr2im26zpmrs592cnpsvk3hb"; - }; - - makeFlags = [ "DESTDIR=$(out)/bin" ]; - - meta = with lib; { - description = "Small C tool for Linux filesystem encryption"; - longDescription = '' - fscryptctl is a low-level tool written in C that handles raw keys and - manages policies for Linux filesystem encryption, specifically the - "fscrypt" kernel interface which is supported by the ext4, f2fs, and - UBIFS filesystems. - fscryptctl is mainly intended for embedded systems which can't use the - full-featured fscrypt tool, or for testing or experimenting with the - kernel interface to Linux filesystem encryption. fscryptctl does not - handle key generation, key stretching, key wrapping, or PAM integration. - Most users should use the fscrypt tool instead, which supports these - features and generally is much easier to use. - As fscryptctl is intended for advanced users, you should read the kernel - documentation for filesystem encryption before using fscryptctl. - ''; - inherit (src.meta) homepage; - license = licenses.asl20; - platforms = platforms.linux; - maintainers = with maintainers; [ primeos ]; - knownVulnerabilities = [ '' - fscryptctl version 1.0.0 was released and now uses v2 encryption - policies. fscryptctl-experimental will remain at version 0.1.0 which - still supports the v1 encryption policies. Please try to switch from the - "fscryptctl-experimental" package to "fscryptctl". The v1 encryption - policies can be insecure, are hard to use correctly, and have different - semantics from v2 policies (which is why they are no longer supported in - fscryptctl 1.0.0+). - '' ]; - }; -} diff --git a/nixpkgs/pkgs/os-specific/linux/fswebcam/default.nix b/nixpkgs/pkgs/os-specific/linux/fswebcam/default.nix index 08c35d79f3dc..678e0d428419 100644 --- a/nixpkgs/pkgs/os-specific/linux/fswebcam/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/fswebcam/default.nix @@ -2,10 +2,10 @@ stdenv.mkDerivation rec { pname = "fswebcam"; - version = "2020-07-25"; + version = "20200725"; src = fetchurl { - url = "https://www.sanslogic.co.uk/fswebcam/files/fswebcam-${lib.replaceStrings ["."] [""] version}.tar.gz"; + url = "https://www.sanslogic.co.uk/fswebcam/files/fswebcam-${version}.tar.gz"; sha256 = "1dazsrcaw9s30zz3jpxamk9lkff5dkmflp1s0jjjvdbwa0k6k6ii"; }; diff --git a/nixpkgs/pkgs/os-specific/linux/gogoclient/default.nix b/nixpkgs/pkgs/os-specific/linux/gogoclient/default.nix index 83ac93fbf71c..75c0f1c3d1bc 100644 --- a/nixpkgs/pkgs/os-specific/linux/gogoclient/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/gogoclient/default.nix @@ -1,11 +1,8 @@ {lib, stdenv, fetchurl, openssl, nettools, iproute2, sysctl}: -let baseName = "gogoclient"; - version = "1.2"; -in - stdenv.mkDerivation rec { - name = "${baseName}-${version}"; + pname = "gogoclient"; + version = "1.2"; src = fetchurl { #url = "http://gogo6.com/downloads/gogoc-1_2-RELEASE.tar.gz"; @@ -21,9 +18,9 @@ stdenv.mkDerivation rec { buildInputs = [openssl]; preFixup = '' - mkdir -p $out/share/${name} + mkdir -p $out/share/gogoclient-${version} chmod 444 $out/bin/gogoc.conf - mv $out/bin/gogoc.conf $out/share/${name}/gogoc.conf.sample + mv $out/bin/gogoc.conf $out/share/gogoclient-${version}/gogoc.conf.sample rm $out/bin/gogoc.conf.sample substituteInPlace "$out/template/linux.sh" \ diff --git a/nixpkgs/pkgs/os-specific/linux/greetd/default.nix b/nixpkgs/pkgs/os-specific/linux/greetd/default.nix index 6f305c5d6ebb..cfde703cd674 100644 --- a/nixpkgs/pkgs/os-specific/linux/greetd/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/greetd/default.nix @@ -8,16 +8,16 @@ rustPlatform.buildRustPackage rec { pname = "greetd"; - version = "0.7.0"; + version = "0.8.0"; src = fetchFromSourcehut { owner = "~kennylevinsen"; repo = pname; rev = version; - sha256 = "b+S3fuJ8gjnSQzLHl3Bs9iO/Un2ynggAplz01GjJvFI="; + sha256 = "sha256-20D6HanUeAc0S9czkNJFmhsrfEqodpafkHsmwKccrHQ="; }; - cargoHash = "sha256-YSC7osyBPwx+lo7P1ftI72mRWeQlDc2srRPzTFqVTxM="; + cargoHash = "sha256-8nMQ81Y0DnPs9WmxNASlcjTEVw5lh+nZtZ7vmmBCu2g="; nativeBuildInputs = [ scdoc diff --git a/nixpkgs/pkgs/os-specific/linux/hd-idle/default.nix b/nixpkgs/pkgs/os-specific/linux/hd-idle/default.nix index 301a218ff62e..a1f355a849c2 100644 --- a/nixpkgs/pkgs/os-specific/linux/hd-idle/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/hd-idle/default.nix @@ -1,25 +1,28 @@ -{ lib, stdenv, fetchurl }: +{ lib, buildGoModule, fetchFromGitHub, installShellFiles }: -stdenv.mkDerivation rec { +buildGoModule rec { pname = "hd-idle"; - version = "1.05"; + version = "1.16"; - src = fetchurl { - url = "mirror://sourceforge/project/hd-idle/hd-idle-${version}.tgz"; - sha256 = "031sm996s0rhy3z91b9xvyimsj2yd2fhsww2al2hxda5s5wzxzjf"; + src = fetchFromGitHub { + owner = "adelolmo"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-LZcMwF/BhHiWWXMcrzbk8GyvwXdA3B2olmbOBxQwV5g="; }; - prePatch = '' - substituteInPlace Makefile \ - --replace "-g root -o root" "" - ''; + vendorSha256 = null; + + nativeBuildInputs = [ installShellFiles ]; - installFlags = [ "TARGET_DIR=$(out)" ]; + postInstall = '' + installManPage debian/hd-idle.8 + ''; meta = with lib; { description = "Spins down external disks after a period of idle time"; - homepage = "http://hd-idle.sourceforge.net/"; - license = licenses.gpl2Plus; + homepage = "https://github.com/adelolmo/hd-idle"; + license = licenses.gpl3Plus; platforms = platforms.linux; maintainers = [ maintainers.rycee ]; }; diff --git a/nixpkgs/pkgs/os-specific/linux/health-check/default.nix b/nixpkgs/pkgs/os-specific/linux/health-check/default.nix index 694d4565d969..e876808b461a 100644 --- a/nixpkgs/pkgs/os-specific/linux/health-check/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/health-check/default.nix @@ -1,12 +1,14 @@ -{ stdenv, lib, fetchurl, json_c, libbsd }: +{ stdenv, lib, fetchFromGitHub, json_c, libbsd }: stdenv.mkDerivation rec { pname = "health-check"; - version = "0.03.05"; + version = "0.03.10"; - src = fetchurl { - url = "https://kernel.ubuntu.com/~cking/tarballs/${pname}/${pname}-${version}.tar.gz"; - sha256 = "1qxmkdl4pa043yg4kq5ffapm0c2cmm64h3v2c3xhnx0ad5pbhy5z"; + src = fetchFromGitHub { + owner = "ColinIanKing"; + repo = pname; + rev = "V${version}"; + hash = "sha256-1dm7tl7DHv1CzuLe1/UewDSUOanO0hN+STkPrAHcZmI="; }; buildInputs = [ json_c libbsd ]; @@ -16,11 +18,12 @@ stdenv.mkDerivation rec { installFlags = [ "BINDIR=${placeholder "out"}/bin" "MANDIR=${placeholder "out"}/share/man/man8" + "BASHDIR=${placeholder "out"}/share/bash-completion/completions" ]; meta = with lib; { description = "Process monitoring tool"; - homepage = "https://kernel.ubuntu.com/~cking/health-check/"; + homepage = "https://github.com/ColinIanKing/health-check"; license = licenses.gpl2; platforms = platforms.linux; maintainers = with maintainers; [ dtzWill ]; diff --git a/nixpkgs/pkgs/os-specific/linux/hostapd/default.nix b/nixpkgs/pkgs/os-specific/linux/hostapd/default.nix index 5d4edc4f7e76..268e178aad08 100644 --- a/nixpkgs/pkgs/os-specific/linux/hostapd/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/hostapd/default.nix @@ -106,7 +106,7 @@ stdenv.mkDerivation rec { repositories.git = "git://w1.fi/hostap.git"; description = "A user space daemon for access point and authentication servers"; license = licenses.gpl2; - maintainers = with maintainers; [ phreedom ninjatrappeur hexa ]; + maintainers = with maintainers; [ ninjatrappeur hexa ]; platforms = platforms.linux; }; } diff --git a/nixpkgs/pkgs/os-specific/linux/i2c-tools/default.nix b/nixpkgs/pkgs/os-specific/linux/i2c-tools/default.nix index 5c05ca6082e4..556bc2d89787 100644 --- a/nixpkgs/pkgs/os-specific/linux/i2c-tools/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/i2c-tools/default.nix @@ -7,19 +7,22 @@ stdenv.mkDerivation rec { pname = "i2c-tools"; - version = "4.2"; + version = "4.3"; src = fetchgit { url = "https://git.kernel.org/pub/scm/utils/i2c-tools/i2c-tools.git"; rev = "v${version}"; - sha256 = "0vqrbp10klr7ylarr6cy1q7nafiqaky4iq5my5dqy101h93vg4pg"; + sha256 = "sha256-HlmIocum+HZEKNiS5BUwEIswRfTMUhD1vCPibAuAK0Q="; }; buildInputs = [ perl ]; postPatch = '' - substituteInPlace eeprom/decode-edid --replace "/usr/sbin/parse-edid" "${read-edid}/bin/parse-edid" - substituteInPlace stub/i2c-stub-from-dump --replace "/sbin/" "" + substituteInPlace eeprom/decode-edid \ + --replace "/usr/sbin/parse-edid" "${read-edid}/bin/parse-edid" + + substituteInPlace stub/i2c-stub-from-dump \ + --replace "/sbin/" "" ''; makeFlags = [ "PREFIX=${placeholder "out"}" ]; @@ -27,7 +30,7 @@ stdenv.mkDerivation rec { outputs = [ "out" "man" ]; postInstall = '' - rm -rf $out/include # Installs include/linux/i2c-dev.h that conflics with kernel headers + rm -rf $out/include/linux/i2c-dev.h # conflics with kernel headers ''; meta = with lib; { diff --git a/nixpkgs/pkgs/os-specific/linux/i7z/default.nix b/nixpkgs/pkgs/os-specific/linux/i7z/default.nix index 2e00e9eedc3b..7de8046483d4 100644 --- a/nixpkgs/pkgs/os-specific/linux/i7z/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/i7z/default.nix @@ -3,13 +3,13 @@ stdenv.mkDerivation rec { pname = "i7z"; - version = "0.27.3"; + version = "0.27.4"; src = fetchFromGitHub { owner = "DimitryAndric"; repo = "i7z"; rev = "v${version}"; - sha256 = "0l8wz0ffb27nkwchc606js652spk8masy3kjmzh7ygipwsary5ds"; + sha256 = "00c4ng30ry88hcya4g1i9dngiqmz3cs31x7qh1a10nalxn1829xy"; }; buildInputs = [ ncurses ] ++ lib.optional withGui qtbase; diff --git a/nixpkgs/pkgs/os-specific/linux/intel-cmt-cat/default.nix b/nixpkgs/pkgs/os-specific/linux/intel-cmt-cat/default.nix new file mode 100644 index 000000000000..af194d9dc1ca --- /dev/null +++ b/nixpkgs/pkgs/os-specific/linux/intel-cmt-cat/default.nix @@ -0,0 +1,25 @@ +{ lib, stdenv, fetchFromGitHub }: + +stdenv.mkDerivation rec { + version = "4.3.0"; + pname = "intel-cmt-cat"; + + src = fetchFromGitHub { + owner = "intel"; + repo = "intel-cmt-cat"; + rev = "v${version}"; + sha256 = "sha256-9XZuSHWcAFN5otBfG8xE4gTIDixw7mYnHT/CTjyOvwo="; + }; + + enableParallelBuilding = true; + + makeFlags = [ "PREFIX=$(out)" "NOLDCONFIG=y" ]; + + meta = with lib; { + description = "User space software for Intel(R) Resource Director Technology"; + homepage = "https://github.com/intel/intel-cmt-cat"; + license = licenses.bsd3; + maintainers = with maintainers; [ arkivm ]; + platforms = [ "x86_64-linux" ]; + }; +} diff --git a/nixpkgs/pkgs/os-specific/linux/intel-compute-runtime/default.nix b/nixpkgs/pkgs/os-specific/linux/intel-compute-runtime/default.nix index 980b1fad0dfb..1d1d5667fe98 100644 --- a/nixpkgs/pkgs/os-specific/linux/intel-compute-runtime/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/intel-compute-runtime/default.nix @@ -11,13 +11,13 @@ stdenv.mkDerivation rec { pname = "intel-compute-runtime"; - version = "20.34.17727"; + version = "21.42.21270"; src = fetchFromGitHub { owner = "intel"; repo = "compute-runtime"; rev = version; - sha256 = "19scbbr6jf3yp2v7z8xyzzm01g44jym7xfkf1dz64d5nhvjw6ig5"; + sha256 = "N9MsDcsL8kBWxfZjhukcxZiSJnXxqMgWF0etOhf2/AE="; }; nativeBuildInputs = [ cmake pkg-config ]; diff --git a/nixpkgs/pkgs/os-specific/linux/iotop-c/default.nix b/nixpkgs/pkgs/os-specific/linux/iotop-c/default.nix index ea40ff79f64a..680bc53bd91b 100644 --- a/nixpkgs/pkgs/os-specific/linux/iotop-c/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/iotop-c/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "iotop-c"; - version = "1.19"; + version = "1.20"; src = fetchFromGitHub { owner = "Tomas-M"; repo = "iotop"; rev = "v${version}"; - sha256 = "sha256-CuZwOIhjl6fpEvfw/4CTjKQkxazLL/NGujmNcx1Jrbc="; + sha256 = "sha256-6Pg2CLWzsD6EPRKD2xMMgKFkpbSheiMMkd0BvHh9onA="; }; nativeBuildInputs = [ pkg-config ]; diff --git a/nixpkgs/pkgs/os-specific/linux/iptables/default.nix b/nixpkgs/pkgs/os-specific/linux/iptables/default.nix index fe0e82c4a8e6..50730597d9e6 100644 --- a/nixpkgs/pkgs/os-specific/linux/iptables/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/iptables/default.nix @@ -1,6 +1,6 @@ { lib, stdenv, fetchurl, pkg-config, pruneLibtoolFiles, flex, bison , libmnl, libnetfilter_conntrack, libnfnetlink, libnftnl, libpcap -, nftablesCompat ? false +, nftablesCompat ? true }: with lib; diff --git a/nixpkgs/pkgs/os-specific/linux/iptstate/default.nix b/nixpkgs/pkgs/os-specific/linux/iptstate/default.nix index 94693f1559e5..4e3693aba6f1 100644 --- a/nixpkgs/pkgs/os-specific/linux/iptstate/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/iptstate/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "iptstate"; - version = "2.2.6"; + version = "2.2.7"; src = fetchurl { url = "https://github.com/jaymzh/iptstate/releases/download/v${version}/${pname}-${version}.tar.bz2"; - sha256 = "bef8eb67a4533e53079f397b71e91dd34da23f8cbd65cb2d5b67cb907b00c068"; + sha256 = "sha256-iW3wYCiFRWomMfeV1jT8ITEeUF+MkQNI5jEoYPIJeVU="; }; buildInputs = [ libnetfilter_conntrack ncurses ]; diff --git a/nixpkgs/pkgs/os-specific/linux/irqbalance/default.nix b/nixpkgs/pkgs/os-specific/linux/irqbalance/default.nix index 4b7a4527e2c7..b11be3f27353 100644 --- a/nixpkgs/pkgs/os-specific/linux/irqbalance/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/irqbalance/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchFromGitHub, autoreconfHook, pkg-config, glib, ncurses, libcap_ng }: +{ lib, stdenv, fetchFromGitHub, fetchpatch, autoreconfHook, pkg-config, glib, ncurses, libcap_ng }: stdenv.mkDerivation rec { pname = "irqbalance"; @@ -11,6 +11,16 @@ stdenv.mkDerivation rec { sha256 = "sha256-K+Nv6HqBZb0pwfNV127QDq+suaUD7TTV413S6j8NdUU="; }; + patches = [ + # pull pending upstream inclusion fix for ncurses-6.3: + # https://github.com/Irqbalance/irqbalance/pull/194 + (fetchpatch { + name = "ncurses-6.3.patch"; + url = "https://github.com/Irqbalance/irqbalance/commit/f8bdd0e64284d841544fd3ebe22f4652902ba8d2.patch"; + sha256 = "sha256-QJIXr8BiKmn/81suuhNJsBRhY2as19/e480lsp2wd6g="; + }) + ]; + nativeBuildInputs = [ autoreconfHook pkg-config ]; buildInputs = [ glib ncurses libcap_ng ]; diff --git a/nixpkgs/pkgs/os-specific/linux/iw/default.nix b/nixpkgs/pkgs/os-specific/linux/iw/default.nix index 7d526db53e93..ac8efbb7969f 100644 --- a/nixpkgs/pkgs/os-specific/linux/iw/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/iw/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "iw"; - version = "5.9"; + version = "5.16"; src = fetchurl { url = "https://www.kernel.org/pub/software/network/${pname}/${pname}-${version}.tar.xz"; - sha256 = "1wp1ky1v353qqy5fnrk67apgzsap53jkr7pmghk3czpbk880ffi9"; + sha256 = "sha256-TETkJ2L5A/kJS6WlmJmMgAqXpir9b9MeweCnmeMIZZw="; }; nativeBuildInputs = [ pkg-config ]; diff --git a/nixpkgs/pkgs/os-specific/linux/iwd/default.nix b/nixpkgs/pkgs/os-specific/linux/iwd/default.nix index 33e1f1783ab3..3f725e3e5b26 100644 --- a/nixpkgs/pkgs/os-specific/linux/iwd/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/iwd/default.nix @@ -8,17 +8,16 @@ , readline , openssl , python3Packages -, fetchpatch }: stdenv.mkDerivation rec { pname = "iwd"; - version = "1.17"; + version = "1.20"; src = fetchgit { url = "https://git.kernel.org/pub/scm/network/wireless/iwd.git"; rev = version; - sha256 = "sha256-uWWdKjxctz8fdiIkSiuOYNcZPhxEWDXaA8QPLnd/I9c="; + sha256 = "sha256-GcqmMqrZSgvSrsY8FJbPynNWTzSi5A6kmyq+xJ+2i3Y="; }; outputs = [ "out" "man" ] @@ -57,14 +56,6 @@ stdenv.mkDerivation rec { "--with-systemd-networkdir=${placeholder "out"}/lib/systemd/network/" ]; - patches = [ - # Fix failure in test-eapol. Remove when bumping to 1.18 - (fetchpatch { - url = "https://git.kernel.org/pub/scm/network/wireless/iwd.git/patch/?id=ed10b00afa3f4c087b46d7ba0b60a47bd05d8b39"; - sha256 = "0n8ixrbfh428ajncakcb9kd2n4fw82kw9sfskn1d9ny0lrg39nvg"; - }) - ]; - postUnpack = '' mkdir -p iwd/ell ln -s ${ell.src}/ell/useful.h iwd/ell/useful.h diff --git a/nixpkgs/pkgs/os-specific/linux/kernel-headers/default.nix b/nixpkgs/pkgs/os-specific/linux/kernel-headers/default.nix index 27428b37284d..3c7e899cba71 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel-headers/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/kernel-headers/default.nix @@ -81,12 +81,12 @@ let in { inherit makeLinuxHeaders; - linuxHeaders = let version = "5.14"; in + linuxHeaders = let version = "5.15.5"; in makeLinuxHeaders { inherit version; src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "sha256-fgaLXg0mpisQ5TILJdzldYjLvG94HAkEQhOMnJwycbI="; + sha256 = "sha256-6VZaMBUlrIHBQs64MvkFPdVoXhB9vPdT0N5MWLyYhR8="; }; patches = [ ./no-relocs.patch # for building x86 kernel headers on non-ELF platforms diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/common-config.nix b/nixpkgs/pkgs/os-specific/linux/kernel/common-config.nix index 717fdaee72a5..b127ec9197cb 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/common-config.nix +++ b/nixpkgs/pkgs/os-specific/linux/kernel/common-config.nix @@ -41,6 +41,7 @@ let (whenAtLeast "5.2" yes) ]; DEBUG_INFO_BTF = whenAtLeast "5.2" (option yes); + BPF_LSM = whenAtLeast "5.7" (option yes); DEBUG_KERNEL = yes; DEBUG_DEVRES = no; DYNAMIC_DEBUG = yes; @@ -129,6 +130,7 @@ let XDP_SOCKETS = whenAtLeast "4.19" yes; XDP_SOCKETS_DIAG = whenAtLeast "5.1" yes; WAN = yes; + TCP_CONG_ADVANCED = yes; TCP_CONG_CUBIC = yes; # This is the default congestion control algorithm since 2.6.19 # Required by systemd per-cgroup firewalling CGROUP_BPF = option yes; @@ -212,6 +214,10 @@ let MPTCP = whenAtLeast "5.6" yes; MPTCP_IPV6 = whenAtLeast "5.6" yes; INET_MPTCP_DIAG = whenAtLeast "5.9" (mkDefault module); + + # Kernel TLS + TLS = whenAtLeast "4.13" module; + TLS_DEVICE = whenAtLeast "4.18" yes; }; wireless = { @@ -246,6 +252,8 @@ let FRAMEBUFFER_CONSOLE_DEFERRED_TAKEOVER = whenAtLeast "4.19" yes; FRAMEBUFFER_CONSOLE_ROTATION = yes; FB_GEODE = mkIf (stdenv.hostPlatform.system == "i686-linux") yes; + # On 5.14 this conflicts with FB_SIMPLE. + DRM_SIMPLEDRM = whenAtLeast "5.14" no; }; video = { @@ -410,7 +418,7 @@ let CIFS_POSIX = option yes; CIFS_FSCACHE = yes; CIFS_STATS = whenOlder "4.19" yes; - CIFS_WEAK_PW_HASH = yes; + CIFS_WEAK_PW_HASH = whenOlder "5.15" yes; CIFS_UPCALL = yes; CIFS_ACL = whenOlder "5.3" yes; CIFS_DFS_UPCALL = yes; @@ -465,6 +473,11 @@ let # Detect buffer overflows on the stack CC_STACKPROTECTOR_REGULAR = {optional = true; tristate = whenOlder "4.18" "y";}; + } // optionalAttrs stdenv.hostPlatform.isx86 { + # Enable Intel SGX + X86_SGX = whenAtLeast "5.11" yes; + # Allow KVM guests to load SGX enclaves + X86_SGX_KVM = whenAtLeast "5.13" yes; }; microcode = { @@ -745,10 +758,18 @@ let BSD_PROCESS_ACCT_V3 = yes; + SERIAL_DEV_BUS = whenAtLeast "4.11" yes; # enables support for serial devices + SERIAL_DEV_CTRL_TTYPORT = whenAtLeast "4.11" yes; # enables support for TTY serial devices + + BT_HCIBTUSB_MTK = whenAtLeast "5.3" yes; # MediaTek protocol support + BT_HCIUART_QCA = whenAtLeast "4.3" yes; # Qualcomm Atheros protocol support + BT_HCIUART_SERDEV = whenAtLeast "4.12" yes; # required by BT_HCIUART_QCA + BT_HCIUART = whenAtLeast "2.5.45" module; # required for BT devices with serial port interface (QCA6390) BT_HCIUART_BCSP = option yes; BT_HCIUART_H4 = option yes; # UART (H4) protocol support BT_HCIUART_LL = option yes; BT_RFCOMM_TTY = option yes; # RFCOMM TTY support + BT_QCA = whenAtLeast "4.3" module; # enables QCA6390 bluetooth CLEANCACHE = option yes; CRASH_DUMP = option no; @@ -756,6 +777,8 @@ let DVB_DYNAMIC_MINORS = option yes; # we use udev EFI_STUB = yes; # EFI bootloader in the bzImage itself + EFI_GENERIC_STUB_INITRD_CMDLINE_LOADER = + whenAtLeast "5.8" yes; # initrd kernel parameter for EFI CGROUPS = yes; # used by systemd FHANDLE = yes; # used by systemd SECCOMP = yes; # used by systemd >= 231 @@ -800,6 +823,9 @@ let NET_FC = yes; # Fibre Channel driver support # GPIO on Intel Bay Trail, for some Chromebook internal eMMC disks PINCTRL_BAYTRAIL = yes; + # GPIO for Braswell and Cherryview devices + # Needs to be built-in to for integrated keyboards to function properly + PINCTRL_CHERRYVIEW = yes; # 8 is default. Modern gpt tables on eMMC may go far beyond 8. MMC_BLOCK_MINORS = freeform "32"; @@ -854,6 +880,9 @@ let LIRC = mkMerge [ (whenOlder "4.16" module) (whenAtLeast "4.17" yes) ]; + SCHED_CORE = whenAtLeast "5.14" yes; + + FSL_MC_UAPI_SUPPORT = mkIf (stdenv.hostPlatform.system == "aarch64-linux") (whenAtLeast "5.12" yes); } // optionalAttrs (stdenv.hostPlatform.system == "x86_64-linux" || stdenv.hostPlatform.system == "aarch64-linux") { # Enable CPU/memory hotplug support # Allows you to dynamically add & remove CPUs/memory to a VM client running NixOS without requiring a reboot diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/generic.nix b/nixpkgs/pkgs/os-specific/linux/kernel/generic.nix index 7f2a97d868ed..bca6554ca2ae 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/generic.nix +++ b/nixpkgs/pkgs/os-specific/linux/kernel/generic.nix @@ -60,7 +60,7 @@ , kernelTests ? [] , nixosTests , ... -}: +}@args: # Note: this package is used for bootstrapping fetchurl, and thus # cannot use fetchpatch! All mutable patches (generated by GitHub or @@ -70,6 +70,18 @@ assert stdenv.isLinux; let + # Dirty hack to make sure that `version` & `src` have + # `<nixpkgs/pkgs/os-specific/linux/kernel/linux-x.y.nix>` as position + # when using `builtins.unsafeGetAttrPos`. + # + # This is to make sure that ofborg actually detects changes in the kernel derivation + # and pings all maintainers. + # + # For further context, see https://github.com/NixOS/nixpkgs/pull/143113#issuecomment-953319957 + basicArgs = builtins.removeAttrs + args + (lib.filter (x: ! (builtins.elem x [ "version" "src" ])) (lib.attrNames args)); + # Combine the `features' attribute sets of all the kernel patches. kernelFeatures = lib.foldr (x: y: (x.features or {}) // y) ({ iwlwifi = true; @@ -180,18 +192,17 @@ let }; }; # end of configfile derivation - kernel = (callPackage ./manual-config.nix { inherit buildPackages; }) { - inherit version modDirVersion src kernelPatches randstructSeed lib stdenv extraMakeFlags extraMeta configfile; + kernel = (callPackage ./manual-config.nix { inherit buildPackages; }) (basicArgs // { + inherit modDirVersion kernelPatches randstructSeed lib stdenv extraMakeFlags extraMeta configfile; + pos = builtins.unsafeGetAttrPos "version" args; config = { CONFIG_MODULES = "y"; CONFIG_FW_LOADER = "m"; }; - }; + }); - passthru = { + passthru = basicArgs // { features = kernelFeatures; inherit commonStructuredConfig structuredExtraConfig extraMakeFlags isZen isHardened isLibre modDirVersion; isXen = lib.warn "The isXen attribute is deprecated. All Nixpkgs kernels that support it now have Xen enabled." true; - kernelOlder = lib.versionOlder version; - kernelAtLeast = lib.versionAtLeast version; passthru = kernel.passthru // (removeAttrs passthru [ "passthru" ]); tests = let overridableKernel = finalKernel // { diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/hardened/patches.json b/nixpkgs/pkgs/os-specific/linux/kernel/hardened/patches.json index 8e1902b61dc1..1242aa8eba5a 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/nixpkgs/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -1,32 +1,52 @@ { "4.14": { - "extra": "-hardened1", - "name": "linux-hardened-4.14.250-hardened1.patch", - "sha256": "1jgqmrj5djapvk56jwlfq181knhywzrk9cswv1lp5y2jwnnvlj9x", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.250-hardened1/linux-hardened-4.14.250-hardened1.patch" + "patch": { + "extra": "-hardened1", + "name": "linux-hardened-4.14.258-hardened1.patch", + "sha256": "0rni42mbvyw0f9032i6bkgcwnzfw472vimd5l1q7rp52m63z6vbk", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.258-hardened1/linux-hardened-4.14.258-hardened1.patch" + }, + "sha256": "162bzhm0k8kipgk0ma745rjcl33rqhpwxdfdz3q6rkp48b82kbvi", + "version": "4.14.258" }, "4.19": { - "extra": "-hardened1", - "name": "linux-hardened-4.19.210-hardened1.patch", - "sha256": "0lnv0ym6jcf460hsn26lax65n2yb1vvzsfmckaz04jb2kdgm6hr5", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.210-hardened1/linux-hardened-4.19.210-hardened1.patch" + "patch": { + "extra": "-hardened1", + "name": "linux-hardened-4.19.221-hardened1.patch", + "sha256": "0lw4lysiv5h1vlkwlz2z1kv78wsszj1xc383i2qkzfsb4l9vsm7h", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.221-hardened1/linux-hardened-4.19.221-hardened1.patch" + }, + "sha256": "1yg1cibyn53gpjnxfgj2qxxi8k3l7gv1ri6kywvp6sk5bygx8jd3", + "version": "4.19.221" }, "5.10": { - "extra": "-hardened1", - "name": "linux-hardened-5.10.72-hardened1.patch", - "sha256": "14zchx1hc4jrq7prv4kkswjnmyqv74wfkjvky57scc8yl04yaqs6", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.72-hardened1/linux-hardened-5.10.72-hardened1.patch" + "patch": { + "extra": "-hardened1", + "name": "linux-hardened-5.10.87-hardened1.patch", + "sha256": "1r1vyf9wy49s7pfskxlng17n0khi1dpxg5cm4yfnbbq0gdisnh1f", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.87-hardened1/linux-hardened-5.10.87-hardened1.patch" + }, + "sha256": "0jz6xhph7x0x11cjmypaw5gh8z4d53dcgx2gmg7k6d06ydq8n4h3", + "version": "5.10.87" }, - "5.14": { - "extra": "-hardened1", - "name": "linux-hardened-5.14.11-hardened1.patch", - "sha256": "05n74rnq5c2jx7iynxwgj5wypb0i0p3dar0ri2zxmyssasmbkfa7", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.14.11-hardened1/linux-hardened-5.14.11-hardened1.patch" + "5.15": { + "patch": { + "extra": "-hardened1", + "name": "linux-hardened-5.15.10-hardened1.patch", + "sha256": "1fn37pg10w1m4cr4g0ibs5fvqs1yx3y776daxv836naffl1001fm", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.15.10-hardened1/linux-hardened-5.15.10-hardened1.patch" + }, + "sha256": "0jsv8lialjwp91qg9c9rh8rhn49a70ryyhzl19bxq3fhz1fwyks8", + "version": "5.15.10" }, "5.4": { - "extra": "-hardened1", - "name": "linux-hardened-5.4.152-hardened1.patch", - "sha256": "01rf9za9sv14pxpi0pj1izq4bihhldi2qnhaka5rxlw7nifzzsj2", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.152-hardened1/linux-hardened-5.4.152-hardened1.patch" + "patch": { + "extra": "-hardened1", + "name": "linux-hardened-5.4.167-hardened1.patch", + "sha256": "03mj8nncfpqf5j6l66239saxv251rh5infhl0jjyx1znhfzavg0p", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.167-hardened1/linux-hardened-5.4.167-hardened1.patch" + }, + "sha256": "19x5f3s5f4nqzjb61g22rs0hnmk43q4b7sm7mc4j1q3y44b33r5l", + "version": "5.4.167" } } diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/hardened/update.py b/nixpkgs/pkgs/os-specific/linux/kernel/hardened/update.py index f278b518c024..48567b68dc3e 100755 --- a/nixpkgs/pkgs/os-specific/linux/kernel/hardened/update.py +++ b/nixpkgs/pkgs/os-specific/linux/kernel/hardened/update.py @@ -31,7 +31,12 @@ VersionComponent = Union[int, str] Version = List[VersionComponent] -Patch = TypedDict("Patch", {"name": str, "url": str, "sha256": str, "extra": str}) +PatchData = TypedDict("PatchData", {"name": str, "url": str, "sha256": str, "extra": str}) +Patch = TypedDict("Patch", { + "patch": PatchData, + "version": str, + "sha256": str, +}) @dataclass @@ -133,7 +138,15 @@ def fetch_patch(*, name: str, release_info: ReleaseInfo) -> Optional[Patch]: if not sig_ok: return None - return Patch(name=patch_filename, url=patch_url, sha256=sha256, extra=extra) + kernel_ver = release_info.release.tag_name.replace("-hardened1", "") + major = kernel_ver.split('.')[0] + sha256_kernel, _ = nix_prefetch_url(f"mirror://kernel/linux/kernel/v{major}.x/linux-{kernel_ver}.tar.xz") + + return Patch( + patch=PatchData(name=patch_filename, url=patch_url, sha256=sha256, extra=extra), + version=kernel_ver, + sha256=sha256_kernel + ) def parse_version(version_str: str) -> Version: @@ -249,7 +262,7 @@ for kernel_key in sorted(releases.keys()): old_version_str: Optional[str] = None update: bool try: - old_filename = patches[kernel_key]["name"] + old_filename = patches[kernel_key]["patch"]["name"] old_version_str = old_filename.replace("linux-hardened-", "").replace( ".patch", "" ) diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/linux-4.14.nix b/nixpkgs/pkgs/os-specific/linux/kernel/linux-4.14.nix index 6044967eaf69..e6104c6ed0c9 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/linux-4.14.nix +++ b/nixpkgs/pkgs/os-specific/linux/kernel/linux-4.14.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "4.14.251"; + version = "4.14.260"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "08g1i6wylwi50rns2grdi9f0m8np64qvfqb28drafy772m2klinp"; + sha256 = "1bylxn6hsq17cann2w02ggz6xz3b3synrapcwlwfcfydf71hzj9f"; }; } // (args.argsOverride or {})) diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/linux-4.19.nix b/nixpkgs/pkgs/os-specific/linux/kernel/linux-4.19.nix index 3cb9fb7009f4..d87a635c5ef3 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/linux-4.19.nix +++ b/nixpkgs/pkgs/os-specific/linux/kernel/linux-4.19.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "4.19.212"; + version = "4.19.223"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "0hxn3mzxh4hpnrkyjv9gipb81k6p0zd07a3xvb6fb6njvmwdpvsw"; + sha256 = "1cnjk49g8sxsbzk375ji47lnx36drqh1x2pbfiqdwgrbjcb043sz"; }; } // (args.argsOverride or {})) diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/linux-4.4.nix b/nixpkgs/pkgs/os-specific/linux/kernel/linux-4.4.nix index a0d6115a856b..4bc6ca32c16b 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/linux-4.4.nix +++ b/nixpkgs/pkgs/os-specific/linux/kernel/linux-4.4.nix @@ -1,12 +1,12 @@ { buildPackages, fetchurl, perl, buildLinux, nixosTests, stdenv, ... } @ args: buildLinux (args // rec { - version = "4.4.289"; + version = "4.4.297"; extraMeta.branch = "4.4"; extraMeta.broken = stdenv.isAarch64; src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "1g77kf0yzwvpdxs3kw7wdvb07mmk3zm6ydjcw5dnsza8q2inl69k"; + sha256 = "116346nkbhaz8jc1118gh40y6pw1kq7c7hm74f8bjga1p0gjqn0c"; }; } // (args.argsOverride or {})) diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/linux-4.9.nix b/nixpkgs/pkgs/os-specific/linux/kernel/linux-4.9.nix index b4952dcb9277..eefe4fc7fb68 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/linux-4.9.nix +++ b/nixpkgs/pkgs/os-specific/linux/kernel/linux-4.9.nix @@ -1,12 +1,12 @@ { buildPackages, fetchurl, perl, buildLinux, nixosTests, stdenv, ... } @ args: buildLinux (args // rec { - version = "4.9.287"; + version = "4.9.295"; extraMeta.branch = "4.9"; extraMeta.broken = stdenv.isAarch64; src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "1hlpxnlz0y5vxcmkavsirk2kfb2l34fcvmhlcb99slh28xkjhhfl"; + sha256 = "095am71hl7qryrcn1blvxsq5zsy0gixmj7062p7vvz5ypcvqcd52"; }; } // (args.argsOverride or {})) diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/linux-5.10.nix b/nixpkgs/pkgs/os-specific/linux/kernel/linux-5.10.nix index a16c96b9eb83..7b38ba8b0959 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/linux-5.10.nix +++ b/nixpkgs/pkgs/os-specific/linux/kernel/linux-5.10.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.10.74"; + version = "5.10.89"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "1c717mn47mg43k7xfwydygwv14r67aksn1c24c99hf8qf14acmap"; + sha256 = "0c5v8fsv9sazdmdw4m1canm54x2p8777yavxq2gcpw8q98d8n8cj"; }; } // (args.argsOverride or {})) diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/linux-5.14.nix b/nixpkgs/pkgs/os-specific/linux/kernel/linux-5.15.nix index ec19fa2357f2..f5f98e3317c0 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/linux-5.14.nix +++ b/nixpkgs/pkgs/os-specific/linux/kernel/linux-5.15.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.14.13"; + version = "5.15.12"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "0kcn9g5jyd043f75wk3k34j430callzhw5jh1if9zacqq2s7haw3"; + sha256 = "182iwy2288layl2290cxla0k6y436lxlx43yaa8par325dviksbx"; }; } // (args.argsOverride or { })) diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/linux-5.4.nix b/nixpkgs/pkgs/os-specific/linux/kernel/linux-5.4.nix index 4b02d19d1cca..d568a2853814 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/linux-5.4.nix +++ b/nixpkgs/pkgs/os-specific/linux/kernel/linux-5.4.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.4.154"; + version = "5.4.169"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "01iwbz1ncakw90yykdw3cx04wnclwf1qa8nmlis08svbcvs99285"; + sha256 = "068sw1p50vcygi422bfjpahf2fxy3ifyp4ljnkwxbbvibzcq4hsm"; }; } // (args.argsOverride or {})) diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/linux-hardkernel-4.14.nix b/nixpkgs/pkgs/os-specific/linux/kernel/linux-hardkernel-4.14.nix index a64520ab8932..70ac299f1619 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/linux-hardkernel-4.14.nix +++ b/nixpkgs/pkgs/os-specific/linux/kernel/linux-hardkernel-4.14.nix @@ -1,10 +1,10 @@ { buildPackages, fetchFromGitHub, perl, buildLinux, libelf, util-linux, ... } @ args: buildLinux (args // rec { - version = "4.14.165-172"; + version = "4.14.180-176"; # modDirVersion needs to be x.y.z. - modDirVersion = "4.14.165"; + modDirVersion = "4.14.180"; # branchVersion needs to be x.y. extraMeta.branch = "4.14"; @@ -13,7 +13,7 @@ buildLinux (args // rec { owner = "hardkernel"; repo = "linux"; rev = version; - sha256 = "10ayqjjs2hxj1q7sb0mxa3gv75q28lznjha19rpxvig2fpi8015s"; + sha256 = "0n7i7a2bkrm9p1wfr20h54cqm32fbjvwyn703r6zm1f6ivqhk43v"; }; defconfig = "odroidxu4_defconfig"; diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/linux-libre.nix b/nixpkgs/pkgs/os-specific/linux/kernel/linux-libre.nix index 8ee8c663b3b5..4d078e45fe23 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/linux-libre.nix +++ b/nixpkgs/pkgs/os-specific/linux/kernel/linux-libre.nix @@ -1,8 +1,8 @@ { stdenv, lib, fetchsvn, linux , scripts ? fetchsvn { url = "https://www.fsfla.org/svn/fsfla/software/linux-libre/releases/branches/"; - rev = "18380"; - sha256 = "0sg7mnxqzc5zdnl8l7gfy1kc52w7c85fdhywvdbjgs7inx2bb1qd"; + rev = "18517"; + sha256 = "1i4gppn3lyi3aqzscrdhm2dsvfa84xqhymcc468sakn9in3g85gg"; } , ... }: @@ -14,9 +14,14 @@ let minor = lib.versions.minor linux.modDirVersion; patch = lib.versions.patch linux.modDirVersion; + # See http://linux-libre.fsfla.org/pub/linux-libre/releases + versionPrefix = if linux.kernelOlder "5.14" then + "gnu1" + else + "gnu"; in linux.override { argsOverride = { - modDirVersion = "${linux.modDirVersion}-gnu1"; + modDirVersion = "${linux.modDirVersion}-${versionPrefix}"; isLibre = true; src = stdenv.mkDerivation { @@ -37,6 +42,6 @@ in linux.override { passthru.updateScript = ./update-libre.sh; - maintainers = [ lib.maintainers.qyliss ]; + maintainers = with lib.maintainers; [ qyliss ivar ]; }; } diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/linux-lqx.nix b/nixpkgs/pkgs/os-specific/linux/kernel/linux-lqx.nix index a0da293548d9..02e3902d3c5c 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/linux-lqx.nix +++ b/nixpkgs/pkgs/os-specific/linux/kernel/linux-lqx.nix @@ -1,7 +1,7 @@ { lib, fetchFromGitHub, buildLinux, linux_zen, ... } @ args: let - version = "5.14.11"; + version = "5.14.18"; suffix = "lqx1"; in @@ -14,7 +14,7 @@ buildLinux (args // { owner = "zen-kernel"; repo = "zen-kernel"; rev = "v${version}-${suffix}"; - sha256 = "sha256-4SSAcI1TwaKgz/bwma+YQtIBtodEAYxqdtUI3ESM7I8="; + sha256 = "sha256-jn2Y/zusxwOvT5MXlM5HCojiyY0ssC36O92iv7/ZMWU="; }; extraMeta = { diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix b/nixpkgs/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix index 6ef781f6095c..b9458b3947f9 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix +++ b/nixpkgs/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix @@ -6,7 +6,7 @@ , ... } @ args: let - version = "5.10.73-rt54"; # updated by ./update-rt.sh + version = "5.10.87-rt59"; # updated by ./update-rt.sh branch = lib.versions.majorMinor version; kversion = builtins.elemAt (lib.splitString "-" version) 0; in buildLinux (args // { @@ -18,14 +18,14 @@ in buildLinux (args // { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${kversion}.tar.xz"; - sha256 = "0xhf0g5pra27hnavpy0y3mn05m5hqn5rd3d6fx0a3vr35c1jicpd"; + sha256 = "0jz6xhph7x0x11cjmypaw5gh8z4d53dcgx2gmg7k6d06ydq8n4h3"; }; kernelPatches = let rt-patch = { name = "rt"; patch = fetchurl { url = "mirror://kernel/linux/kernel/projects/rt/${branch}/older/patch-${version}.patch.xz"; - sha256 = "0szqm9f939p9z701i5hj881nf5bhfa0a6037bbcz974y0x8g9nmk"; + sha256 = "04sr3n3ilvqq0dl59l92qmn3p7fjlsxxvbs3qls7b4pncb2xyyj3"; }; }; in [ rt-patch ] ++ kernelPatches; diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/linux-rt-5.11.nix b/nixpkgs/pkgs/os-specific/linux/kernel/linux-rt-5.11.nix deleted file mode 100644 index 5d1b14f1d0f0..000000000000 --- a/nixpkgs/pkgs/os-specific/linux/kernel/linux-rt-5.11.nix +++ /dev/null @@ -1,45 +0,0 @@ -{ lib, buildLinux, fetchurl -, kernelPatches ? [ ] -, structuredExtraConfig ? {} -, extraMeta ? {} -, argsOverride ? {} -, ... } @ args: - -let - version = "5.11.4-rt11"; # updated by ./update-rt.sh - branch = lib.versions.majorMinor version; - kversion = builtins.elemAt (lib.splitString "-" version) 0; -in buildLinux (args // { - inherit version; - - # modDirVersion needs a patch number, change X.Y-rtZ to X.Y.0-rtZ. - modDirVersion = if (builtins.match "[^.]*[.][^.]*-.*" version) == null then version - else lib.replaceStrings ["-"] [".0-"] version; - - src = fetchurl { - url = "mirror://kernel/linux/kernel/v5.x/linux-${kversion}.tar.xz"; - sha256 = "1i8dfw83ndaylwji7lazfckk113plvnz7kh1yppbfg35r6przrc8"; - }; - - kernelPatches = let rt-patch = { - name = "rt"; - patch = fetchurl { - url = "mirror://kernel/linux/kernel/projects/rt/${branch}/older/patch-${version}.patch.xz"; - sha256 = "1az6cn9jj3bnjgwzzrjy1adnrnn06p2vzsnc1iib4xhs0sfr27hc"; - }; - }; in [ rt-patch ] ++ kernelPatches; - - structuredExtraConfig = with lib.kernel; { - PREEMPT_RT = yes; - # Fix error: unused option: PREEMPT_RT. - EXPERT = yes; # PREEMPT_RT depends on it (in kernel/Kconfig.preempt) - # Fix error: option not set correctly: PREEMPT_VOLUNTARY (wanted 'y', got 'n'). - PREEMPT_VOLUNTARY = lib.mkForce no; # PREEMPT_RT deselects it. - # Fix error: unused option: RT_GROUP_SCHED. - RT_GROUP_SCHED = lib.mkForce (option no); # Removed by sched-disable-rt-group-sched-on-rt.patch. - } // structuredExtraConfig; - - extraMeta = extraMeta // { - inherit branch; - }; -} // argsOverride) diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/linux-rt-5.4.nix b/nixpkgs/pkgs/os-specific/linux/kernel/linux-rt-5.4.nix index 7be45dc3e683..0d827ad653e4 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/linux-rt-5.4.nix +++ b/nixpkgs/pkgs/os-specific/linux/kernel/linux-rt-5.4.nix @@ -6,7 +6,7 @@ , ... } @ args: let - version = "5.4.143-rt64"; # updated by ./update-rt.sh + version = "5.4.161-rt67"; # updated by ./update-rt.sh branch = lib.versions.majorMinor version; kversion = builtins.elemAt (lib.splitString "-" version) 0; in buildLinux (args // { @@ -14,14 +14,14 @@ in buildLinux (args // { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${kversion}.tar.xz"; - sha256 = "090x087p8hxnc1daf2xwj7vg8hg1jhz5i4andkbhdy550l5nalq9"; + sha256 = "19rrz7fzka506bpgy229v1sbaxc2s609ldmxc2522y9h5aswcj9i"; }; kernelPatches = let rt-patch = { name = "rt"; patch = fetchurl { url = "mirror://kernel/linux/kernel/projects/rt/${branch}/older/patch-${version}.patch.xz"; - sha256 = "0prfrvk2ds20sclikizzgg5qf4mfcyaymp9r272d5nj35293622n"; + sha256 = "1xn3i1m0n4zcsnw5k52iyrd994zxmrla4rkjmdr71ra7csbrvkbx"; }; }; in [ rt-patch ] ++ kernelPatches; diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/linux-testing-bcachefs.nix b/nixpkgs/pkgs/os-specific/linux/kernel/linux-testing-bcachefs.nix index fa5729baf73a..e417ee6d389b 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/linux-testing-bcachefs.nix +++ b/nixpkgs/pkgs/os-specific/linux/kernel/linux-testing-bcachefs.nix @@ -1,24 +1,34 @@ -{ lib, buildPackages, fetchFromGitHub, fetchpatch, perl, buildLinux, ... } @ args: +{ lib +, fetchpatch +, kernel +, date ? "2021-12-26" +, commit ? "b034dfb24fece43a7677b9a29781495aeb62767f" +, diffHash ? "0m7qrnfrcx3dki9lmsq3jk3mcrfm99djh83gwwjh401ql0cycx5p" +, kernelPatches # must always be defined in bcachefs' all-packages.nix entry because it's also a top-level attribute supplied by callPackage +, argsOverride ? {} +, ... +} @ args: -buildLinux (args // { - # NOTE: bcachefs-tools should be updated simultaneously to preserve compatibility - version = "5.13.0-2021.10.01"; - modDirVersion = "5.13.0"; +# NOTE: bcachefs-tools should be updated simultaneously to preserve compatibility +(kernel.override ( args // { + argsOverride = { + version = "${kernel.version}-bcachefs-unstable-${date}"; - src = fetchFromGitHub { - owner = "koverstreet"; - repo = "bcachefs"; - rev = "4114ced1db465b8f4e7f4d6a78aa11416a9ab5d9"; - sha256 = "sha256-viFC3HHIcjUTDPvloSKKsz9PuSLyvxfYnrtkVUB79mQ="; - }; + extraMeta = { + branch = "master"; + maintainers = with lib.maintainers; [ davidak chiiruno ]; + }; + } // argsOverride; - extraConfig = "BCACHEFS_FS m"; + kernelPatches = [ { + name = "bcachefs-${commit}"; - extraMeta = { - branch = "master"; - hydraPlatforms = []; # Should the testing kernels ever be built on Hydra? - maintainers = with lib.maintainers; [ davidak chiiruno ]; - platforms = [ "x86_64-linux" ]; - }; + patch = fetchpatch { + name = "bcachefs-${commit}.diff"; + url = "https://evilpiepirate.org/git/bcachefs.git/rawdiff/?id=${commit}&id2=v${lib.versions.majorMinor kernel.version}"; + sha256 = diffHash; + }; -} // (args.argsOverride or {})) + extraConfig = "BCACHEFS_FS m"; + } ] ++ kernelPatches; +})) diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/linux-testing.nix b/nixpkgs/pkgs/os-specific/linux/kernel/linux-testing.nix index 2caea08416ea..0754ff335bae 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/linux-testing.nix +++ b/nixpkgs/pkgs/os-specific/linux/kernel/linux-testing.nix @@ -3,15 +3,15 @@ with lib; buildLinux (args // rec { - version = "5.13-rc6"; - extraMeta.branch = "5.12"; + version = "5.15-rc6"; + extraMeta.branch = lib.versions.majorMinor version; # modDirVersion needs to be x.y.z, will always add .0 modDirVersion = if (modDirVersionArg == null) then builtins.replaceStrings ["-"] [".0-"] version else modDirVersionArg; src = fetchurl { url = "https://git.kernel.org/torvalds/t/linux-${version}.tar.gz"; - sha256 = "sha256-PunFd6tOsmrsPItp2QX4TEVxHnvvi1BMSwWio/DTlMU="; + sha256 = "1lp3jqwsbd97k3bx4crs8rc2wssyaf0v8x4kl4zv7g7ww2kkg2ii"; }; # Should the testing kernels ever be built on Hydra? diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/linux-xanmod.nix b/nixpkgs/pkgs/os-specific/linux/kernel/linux-xanmod.nix index 08ed46bb0d43..9740615a3311 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/linux-xanmod.nix +++ b/nixpkgs/pkgs/os-specific/linux/kernel/linux-xanmod.nix @@ -1,9 +1,9 @@ { lib, stdenv, buildLinux, fetchFromGitHub, ... } @ args: let - version = "5.14.12"; + version = "5.15.11"; release = "1"; - suffix = "xanmod${release}-cacule"; + suffix = "xanmod${release}-tt"; in buildLinux (args // rec { inherit version; @@ -13,20 +13,33 @@ buildLinux (args // rec { owner = "xanmod"; repo = "linux"; rev = modDirVersion; - sha256 = "sha256-JVTi319BLHM4CgF7KaN3C/92N4uwh59po1AcOinNpww="; + sha256 = "sha256-f5DvjgZQoryCpRcawlmZY6muZdAcQMNm+N18XHEBq4U="; }; structuredExtraConfig = with lib.kernel; { + # removed options + CFS_BANDWIDTH = lib.mkForce (option no); + RT_GROUP_SCHED = lib.mkForce (option no); + SCHED_AUTOGROUP = lib.mkForce (option no); + + # AMD P-state driver + X86_AMD_PSTATE = yes; + + # Linux RNG framework + LRNG = yes; + + # Paragon's NTFS3 driver + NTFS3_FS = module; + NTFS3_LZX_XPRESS = yes; + NTFS3_FS_POSIX_ACL = yes; + # Preemptive Full Tickless Kernel at 500Hz + SCHED_CORE = lib.mkForce (option no); PREEMPT_VOLUNTARY = lib.mkForce no; PREEMPT = lib.mkForce yes; NO_HZ_FULL = yes; HZ_500 = yes; - # Google's Multigenerational LRU Framework - LRU_GEN = yes; - LRU_GEN_ENABLED = yes; - # Google's BBRv2 TCP congestion Control TCP_CONG_BBR2 = yes; DEFAULT_BBR2 = yes; @@ -38,22 +51,16 @@ buildLinux (args // rec { # Graysky's additional CPU optimizations CC_OPTIMIZE_FOR_PERFORMANCE_O3 = yes; - # Android Ashmem and Binder IPC Driver as module for Anbox - ASHMEM = module; - ANDROID = yes; - ANDROID_BINDER_IPC = module; - ANDROID_BINDERFS = module; - ANDROID_BINDER_DEVICES = freeform "binder,hwbinder,vndbinder"; - # Futex WAIT_MULTIPLE implementation for Wine / Proton Fsync. - # Futex2 interface compatible w/ latest Wine / Proton Fsync. FUTEX = yes; - FUTEX2 = yes; FUTEX_PI = yes; + + # WineSync driver for fast kernel-backed Wine + WINESYNC = module; }; extraMeta = { - branch = "5.14-cacule"; + branch = "5.15-tt"; maintainers = with lib.maintainers; [ fortuneteller2k lovesegfault ]; description = "Built with custom settings and new features built to provide a stable, responsive and smooth desktop experience"; broken = stdenv.isAarch64; diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/linux-zen.nix b/nixpkgs/pkgs/os-specific/linux/kernel/linux-zen.nix index df740845b6ff..257485645f46 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/linux-zen.nix +++ b/nixpkgs/pkgs/os-specific/linux/kernel/linux-zen.nix @@ -2,7 +2,7 @@ let # having the full version string here makes it easier to update - modDirVersion = "5.14.8-zen1"; + modDirVersion = "5.15.11-zen1"; parts = lib.splitString "-" modDirVersion; version = lib.elemAt parts 0; suffix = lib.elemAt parts 1; @@ -19,7 +19,7 @@ buildLinux (args // { owner = "zen-kernel"; repo = "zen-kernel"; rev = "v${modDirVersion}"; - sha256 = "sha256-hquMBDjP4fBMNdjxxnJJKx/oVNd2DwBPmVpZQeEQvHQ="; + sha256 = "sha256-KOy1bmNnfa8LtnE+03Y+0pr9r1OCimY0bjGsVmGnPN4="; }; structuredExtraConfig = with lib.kernel; { diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/manual-config.nix b/nixpkgs/pkgs/os-specific/linux/kernel/manual-config.nix index 9c67df13d314..4f12337c893f 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/manual-config.nix +++ b/nixpkgs/pkgs/os-specific/linux/kernel/manual-config.nix @@ -19,6 +19,8 @@ in { stdenv, # The kernel version version, + # Position of the Linux build expression + pos ? null, # Additional kernel make flags extraMakeFlags ? [], # The version of the kernel module directory @@ -95,13 +97,14 @@ let (isModular || (config.isDisabled "FIRMWARE_IN_KERNEL")) && (lib.versionOlder version "4.14"); in (optionalAttrs isModular { outputs = [ "out" "dev" ]; }) // { - passthru = { + passthru = rec { inherit version modDirVersion config kernelPatches configfile moduleBuildDependencies stdenv; inherit isZen isHardened isLibre; isXen = lib.warn "The isXen attribute is deprecated. All Nixpkgs kernels that support it now have Xen enabled." true; - kernelOlder = lib.versionOlder version; - kernelAtLeast = lib.versionAtLeast version; + baseVersion = lib.head (lib.splitString "-rc" version); + kernelOlder = lib.versionOlder baseVersion; + kernelAtLeast = lib.versionAtLeast baseVersion; }; inherit src; @@ -126,7 +129,11 @@ let # See also https://kernelnewbies.org/BuildId sed -i Makefile -e 's|--build-id=[^ ]*|--build-id=none|' - patchShebangs scripts + # Some linux-hardened patches now remove certain files in the scripts directory, so we cannot + # patch all scripts until after patches are applied. + # However, scripts/ld-version.sh is still ran when generating a configfile for a kernel, so it needs + # to be patched prior to patchPhase + patchShebangs scripts/ld-version.sh ''; postPatch = '' @@ -140,6 +147,8 @@ let --replace NIXOS_RANDSTRUCT_SEED \ $(echo ${randstructSeed}${src} ${configfile} | sha256sum | cut -d ' ' -f 1 | tr -d '\n') fi + + patchShebangs scripts ''; configurePhase = '' @@ -293,7 +302,7 @@ let license = lib.licenses.gpl2Only; homepage = "https://www.kernel.org/"; repositories.git = "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git"; - maintainers = [ + maintainers = lib.teams.linux-kernel.members ++ [ maintainers.thoughtpolice ]; platforms = platforms.linux; @@ -333,4 +342,4 @@ stdenv.mkDerivation ((drvAttrs config stdenv.hostPlatform.linux-kernel kernelPat ] ++ extraMakeFlags; karch = stdenv.hostPlatform.linuxArch; -}) +} // (optionalAttrs (pos != null) { inherit pos; })) diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/patches.nix b/nixpkgs/pkgs/os-specific/linux/kernel/patches.nix index f41cedca0f69..f64a0a0ef158 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/patches.nix +++ b/nixpkgs/pkgs/os-specific/linux/kernel/patches.nix @@ -47,12 +47,13 @@ cpu-cgroup-v2 = import ./cpu-cgroup-v2-patches; hardened = let - mkPatch = kernelVersion: src: { + mkPatch = kernelVersion: { version, sha256, patch }: let src = patch; in { name = lib.removeSuffix ".patch" src.name; patch = fetchurl (lib.filterAttrs (k: v: k != "extra") src); extra = src.extra; + inherit version sha256; }; - patches = builtins.fromJSON (builtins.readFile ./hardened/patches.json); + patches = lib.importJSON ./hardened/patches.json; in lib.mapAttrs mkPatch patches; # https://bugzilla.kernel.org/show_bug.cgi?id=197591#c6 diff --git a/nixpkgs/pkgs/os-specific/linux/kexec-tools/default.nix b/nixpkgs/pkgs/os-specific/linux/kexec-tools/default.nix index 6e6eecd49319..0631e1da2b1b 100644 --- a/nixpkgs/pkgs/os-specific/linux/kexec-tools/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/kexec-tools/default.nix @@ -1,15 +1,15 @@ -{ lib, stdenv, buildPackages, fetchurl, zlib, fetchpatch }: +{ lib, stdenv, buildPackages, fetchurl, zlib }: stdenv.mkDerivation rec { pname = "kexec-tools"; - version = "2.0.20"; + version = "2.0.23"; src = fetchurl { urls = [ "mirror://kernel/linux/utils/kernel/kexec/${pname}-${version}.tar.xz" "http://horms.net/projects/kexec/kexec-tools/${pname}-${version}.tar.xz" ]; - sha256 = "1j7qlhxk1rbv9jbj8wd6hb7zl8p2mp29ymrmccgmsi0m0dzhgn6s"; + sha256 = "qmPNbH3ZWwbOumJAp/3GeSeJytp1plXmcUmHF1IkJBs="; }; hardeningDisable = [ "format" "pic" "relro" "pie" ]; @@ -21,23 +21,6 @@ stdenv.mkDerivation rec { depsBuildBuild = [ buildPackages.stdenv.cc ]; buildInputs = [ zlib ]; - patches = [ - # fix build on i686 - # See: https://src.fedoraproject.org/rpms/kexec-tools/c/cb1e5463b5298b064e9b6c86ad6fe3505fec9298 - (fetchpatch { - name = "kexec-tools-2.0.20-fix-broken-multiboot2-buliding-for-i386.patch"; - url = "https://src.fedoraproject.org/rpms/kexec-tools/raw/cb1e5463b5298b064e9b6c86ad6fe3505fec9298/f/kexec-tools-2.0.20-fix-broken-multiboot2-buliding-for-i386.patch"; - sha256 = "1kzmcsbhwfdgxlc5s88ir0n494phww1j16yk0z42x09qlkxxkg0l"; - }) - - (fetchpatch { - # upstream build fix against -fno-common compilers like >=gcc-10 - name = "fno-common.patch"; - url = "https://git.kernel.org/pub/scm/utils/kernel/kexec/kexec-tools.git/patch/?id=cc087b11462af9f971a2c090d07e8d780a867b50"; - sha256 = "043hcsy6m14h64p6b9w25c7a3y0f487322dj81l6mbm6sws6s9lv"; - }) - ]; - meta = with lib; { homepage = "http://horms.net/projects/kexec/kexec-tools"; description = "Tools related to the kexec Linux feature"; diff --git a/nixpkgs/pkgs/os-specific/linux/kmod-blacklist-ubuntu/default.nix b/nixpkgs/pkgs/os-specific/linux/kmod-blacklist-ubuntu/default.nix index 1c7ea22b7584..4002657ad690 100644 --- a/nixpkgs/pkgs/os-specific/linux/kmod-blacklist-ubuntu/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/kmod-blacklist-ubuntu/default.nix @@ -1,7 +1,7 @@ { lib, stdenv, fetchurl, gnugrep, findutils }: let - version = "22-1.1ubuntu1"; # Zesty + version = "28-1ubuntu4"; # impish 2021-06-24 in stdenv.mkDerivation { pname = "kmod-blacklist"; @@ -9,7 +9,7 @@ in stdenv.mkDerivation { src = fetchurl { url = "https://launchpad.net/ubuntu/+archive/primary/+files/kmod_${version}.debian.tar.xz"; - sha256 = "1k749g707ccb82l4xmrkp53khl71f57cpj9fzd1qyzrz147fjyhi"; + sha256 = "sha256-K8tWpaLmCm3Jcxw3OZ+D7Koiug7epooRn1YMfqjGAiw="; }; installPhase = '' @@ -31,7 +31,7 @@ in stdenv.mkDerivation { ''; meta = with lib; { - homepage = "https://packages.ubuntu.com/source/zesty/kmod"; + homepage = "https://launchpad.net/ubuntu/+source/kmod"; description = "Linux kernel module blacklists from Ubuntu"; platforms = platforms.linux; license = with licenses; [ gpl2Plus lgpl21Plus ]; diff --git a/nixpkgs/pkgs/os-specific/linux/kvmfr/default.nix b/nixpkgs/pkgs/os-specific/linux/kvmfr/default.nix index a7949c85c2ee..6b5f31a1d350 100644 --- a/nixpkgs/pkgs/os-specific/linux/kvmfr/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/kvmfr/default.nix @@ -28,5 +28,6 @@ stdenv.mkDerivation rec { license = licenses.gpl2Plus; maintainers = with maintainers; [ j-brn ]; platforms = [ "x86_64-linux" ]; + broken = kernel.kernelOlder "5.3"; }; } diff --git a/nixpkgs/pkgs/os-specific/linux/libbpf/default.nix b/nixpkgs/pkgs/os-specific/linux/libbpf/default.nix index 649ad88a3d18..daee83e61dbc 100644 --- a/nixpkgs/pkgs/os-specific/linux/libbpf/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/libbpf/default.nix @@ -1,19 +1,24 @@ -{ lib, stdenv, fetchFromGitHub, pkg-config -, libelf, zlib +{ fetchFromGitHub , fetchpatch +, libelf +, pkg-config +, stdenv +, zlib +, lib +, nixosTests }: with builtins; stdenv.mkDerivation rec { pname = "libbpf"; - version = "0.4.0"; + version = "0.6.1"; src = fetchFromGitHub { - owner = "libbpf"; - repo = "libbpf"; - rev = "v${version}"; - sha256 = "1by5w7g3i2fc10bi6f0j8jqi2nq0x8r973j2qx7qlfryjxr7b2v3"; + owner = "libbpf"; + repo = "libbpf"; + rev = "v${version}"; + sha256 = "sha256-/MLPflnfooe7Wjy8M3CTowAi5oYpscruSkDsaVzhmYQ="; }; nativeBuildInputs = [ pkg-config ]; @@ -23,6 +28,15 @@ stdenv.mkDerivation rec { enableParallelBuilding = true; makeFlags = [ "PREFIX=$(out)" ]; + passthru.tests = { + bpf = nixosTests.bpf; + }; + + postInstall = '' + # install linux's libbpf-compatible linux/btf.h + install -Dm444 ../include/uapi/linux/btf.h -t $out/include/linux + ''; + # FIXME: Multi-output requires some fixes to the way the pkg-config file is # constructed (it gets put in $out instead of $dev for some reason, with # improper paths embedded). Don't enable it for now. @@ -31,9 +45,9 @@ stdenv.mkDerivation rec { meta = with lib; { description = "Upstream mirror of libbpf"; - homepage = "https://github.com/libbpf/libbpf"; - license = with licenses; [ lgpl21 /* or */ bsd2 ]; - maintainers = with maintainers; [ thoughtpolice vcunat ]; - platforms = platforms.linux; + homepage = "https://github.com/libbpf/libbpf"; + license = with licenses; [ lgpl21 /* or */ bsd2 ]; + maintainers = with maintainers; [ thoughtpolice vcunat saschagrunert martinetd ]; + platforms = platforms.linux; }; } diff --git a/nixpkgs/pkgs/os-specific/linux/libselinux/default.nix b/nixpkgs/pkgs/os-specific/linux/libselinux/default.nix index fbf7e4bd995a..fd697fed7763 100644 --- a/nixpkgs/pkgs/os-specific/linux/libselinux/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/libselinux/default.nix @@ -1,5 +1,5 @@ -{ lib, stdenv, fetchurl, pcre, pkg-config, libsepol -, enablePython ? true, swig ? null, python3 ? null +{ lib, stdenv, fetchurl, fetchpatch, buildPackages, pcre, pkg-config, libsepol +, enablePython ? !stdenv.hostPlatform.isStatic, swig ? null, python3 ? null , fts }: @@ -9,17 +9,38 @@ with lib; stdenv.mkDerivation rec { pname = "libselinux"; - version = "3.0"; - inherit (libsepol) se_release se_url; + version = "3.3"; + inherit (libsepol) se_url; outputs = [ "bin" "out" "dev" "man" ] ++ optional enablePython "py"; src = fetchurl { - url = "${se_url}/${se_release}/libselinux-${version}.tar.gz"; - sha256 = "0cr4p0qkr4qd5z1x677vwhz6mlz55kxyijwi2dmrvbhxcw7v78if"; + url = "${se_url}/${version}/libselinux-${version}.tar.gz"; + sha256 = "0mvh793g7fg6wb6zqhkdyrv80x6k84ypqwi8ii89c91xcckyxzdc"; }; - nativeBuildInputs = [ pkg-config ] ++ optionals enablePython [ swig python3 ]; + patches = [ + # Make it possible to disable shared builds (for pkgsStatic). + # + # We can't use fetchpatch because it processes includes/excludes + # /after/ stripping the prefix, which wouldn't work here because + # there would be no way to distinguish between + # e.g. libselinux/src/Makefile and libsepol/src/Makefile. + # + # This is a static email, so we shouldn't have to worry about + # normalizing the patch. + (fetchurl { + url = "https://lore.kernel.org/selinux/20211113141616.361640-1-hi@alyssa.is/raw"; + sha256 = "16a2s2ji9049892i15yyqgp4r20hi1hij4c1s4s8law9jsx65b3n"; + postFetch = '' + mv "$out" $TMPDIR/patch + ${buildPackages.patchutils_0_3_3}/bin/filterdiff \ + -i 'a/libselinux/*' --strip 1 <$TMPDIR/patch >"$out" + ''; + }) + ]; + + nativeBuildInputs = [ pkg-config python3 ] ++ optionals enablePython [ swig ]; buildInputs = [ libsepol pcre fts ] ++ optionals enablePython [ python3 ]; # drop fortify here since package uses it by default, leading to compile error: @@ -39,6 +60,9 @@ stdenv.mkDerivation rec { "SHLIBDIR=$(out)/lib" "LIBSEPOLA=${lib.getLib libsepol}/lib/libsepol.a" + "ARCH=${stdenv.hostPlatform.linuxArch}" + ] ++ optionals stdenv.hostPlatform.isStatic [ + "DISABLE_SHARED=y" ] ++ optionals enablePython [ "PYTHON=${python3.pythonForBuild.interpreter}" "PYTHONLIBDIR=$(py)/${python3.sitePackages}" diff --git a/nixpkgs/pkgs/os-specific/linux/libsemanage/default.nix b/nixpkgs/pkgs/os-specific/linux/libsemanage/default.nix index 11a6f2755d4c..d828c38be1d9 100644 --- a/nixpkgs/pkgs/os-specific/linux/libsemanage/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/libsemanage/default.nix @@ -6,19 +6,21 @@ with lib; stdenv.mkDerivation rec { pname = "libsemanage"; - version = "2.9"; - inherit (libsepol) se_release se_url; + version = "3.3"; + inherit (libsepol) se_url; src = fetchurl { - url = "${se_url}/${se_release}/libsemanage-${version}.tar.gz"; - sha256 = "075w6y3l9hiy5hicgwrmijyxmhfyd1r7cnc08qxyg4j46jfk8xi5"; + url = "${se_url}/${version}/libsemanage-${version}.tar.gz"; + sha256 = "1s3wb66l47blc15s6lkqs11j9l8pycdqqbb03x3vpfrlz9dfrl44"; }; outputs = [ "out" "dev" "man" ] ++ optional enablePython "py"; - nativeBuildInputs = [ bison flex pkg-config ]; + strictDeps = true; + + nativeBuildInputs = [ bison flex pkg-config ] ++ optional enablePython swig; buildInputs = [ libsepol libselinux bzip2 audit ] - ++ optionals enablePython [ swig python ]; + ++ optional enablePython python; makeFlags = [ "PREFIX=$(out)" @@ -26,6 +28,7 @@ stdenv.mkDerivation rec { "MAN3DIR=$(man)/share/man/man3" "MAN5DIR=$(man)/share/man/man5" "PYTHON=python" + "PYPREFIX=python" "PYTHONLIBDIR=$(py)/${python.sitePackages}" "DEFAULT_SEMANAGE_CONF_LOCATION=$(out)/etc/selinux/semanage.conf" ]; @@ -42,6 +45,8 @@ stdenv.mkDerivation rec { installTargets = [ "install" ] ++ optionals enablePython [ "install-pywrap" ]; + enableParallelBuilding = true; + meta = removeAttrs libsepol.meta ["outputsToInstall"] // { description = "Policy management tools for SELinux"; license = lib.licenses.lgpl21; diff --git a/nixpkgs/pkgs/os-specific/linux/libsepol/default.nix b/nixpkgs/pkgs/os-specific/linux/libsepol/default.nix index e90c08942096..5fa51ac22382 100644 --- a/nixpkgs/pkgs/os-specific/linux/libsepol/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/libsepol/default.nix @@ -2,31 +2,16 @@ stdenv.mkDerivation rec { pname = "libsepol"; - version = "3.0"; - se_release = "20191204"; + version = "3.3"; se_url = "https://github.com/SELinuxProject/selinux/releases/download"; outputs = [ "bin" "out" "dev" "man" ]; src = fetchurl { - url = "${se_url}/${se_release}/libsepol-${version}.tar.gz"; - sha256 = "0ygb6dh5lng91xs6xiqf5v0nxa68qmjc787p0s5h9w89364f2yjv"; + url = "${se_url}/${version}/libsepol-${version}.tar.gz"; + sha256 = "12r39ygn7aa1kz52wibfr4520m0cp75hlrn3i6rnjqa6p0zdz5rd"; }; - patches = [ - # upstream build fix against -fno-common compilers like >=gcc-10 - (fetchpatch { - url = "https://github.com/SELinuxProject/selinux/commit/a96e8c59ecac84096d870b42701a504791a8cc8c.patch"; - sha256 = "0aybv4kzbhx8xq6s82dsh4ib76k59qzh2bgxmk44iq5cjnqn5rd6"; - stripLen = 1; - }) - (fetchpatch { - url = "https://github.com/SELinuxProject/selinux/commit/3d32fc24d6aff360a538c63dad08ca5c957551b0.patch"; - sha256 = "1mphwdlj4d6mwmsp5xkpf6ci4rxhgbi3fm79d08h4jbzxaf4wny4"; - stripLen = 1; - }) - ]; - postPatch = lib.optionalString stdenv.hostPlatform.isStatic '' substituteInPlace src/Makefile --replace 'all: $(LIBA) $(LIBSO)' 'all: $(LIBA)' sed -i $'/^\t.*LIBSO/d' src/Makefile @@ -46,13 +31,13 @@ stdenv.mkDerivation rec { NIX_CFLAGS_COMPILE = "-Wno-error"; - passthru = { inherit se_release se_url; }; + passthru = { inherit se_url; }; meta = with lib; { description = "SELinux binary policy manipulation library"; homepage = "http://userspace.selinuxproject.org"; platforms = platforms.linux; - maintainers = [ maintainers.phreedom ]; + maintainers = [ ]; license = lib.licenses.gpl2Plus; }; } diff --git a/nixpkgs/pkgs/os-specific/linux/libtraceevent/default.nix b/nixpkgs/pkgs/os-specific/linux/libtraceevent/default.nix new file mode 100644 index 000000000000..1278e2598706 --- /dev/null +++ b/nixpkgs/pkgs/os-specific/linux/libtraceevent/default.nix @@ -0,0 +1,37 @@ +{ lib, stdenv, fetchgit, pkg-config, asciidoc, xmlto, docbook_xml_dtd_45, docbook_xsl }: + +stdenv.mkDerivation rec { + pname = "libtraceevent"; + version = "1.5.0"; + + src = fetchgit { + url = "git://git.kernel.org/pub/scm/libs/libtrace/libtraceevent.git"; + rev = "libtraceevent-${version}"; + sha256 = "sha256-ysdsuJ9MvmNY0/XSV+aO7Gh8buWed25DQhBE/5HIASU="; + }; + + # Don't build and install html documentation + postPatch = '' + sed -i -e '/^all:/ s/html//' -e '/^install:/ s/install-html//' Documentation/Makefile + ''; + + outputs = [ "out" "dev" "devman" ]; + enableParallelBuilding = true; + nativeBuildInputs = [ pkg-config asciidoc xmlto docbook_xml_dtd_45 docbook_xsl ]; + makeFlags = [ + "prefix=${placeholder "out"}" + "doc" # build docs + ]; + installFlags = [ + "pkgconfig_dir=${placeholder "out"}/lib/pkgconfig" + "doc-install" + ]; + + meta = with lib; { + description = "Linux kernel trace event library"; + homepage = "https://git.kernel.org/pub/scm/libs/libtrace/libtraceevent.git/"; + license = licenses.lgpl21Only; + platforms = platforms.linux; + maintainers = with maintainers; [ wentasah ]; + }; +} diff --git a/nixpkgs/pkgs/os-specific/linux/libtracefs/default.nix b/nixpkgs/pkgs/os-specific/linux/libtracefs/default.nix new file mode 100644 index 000000000000..f3f1a393973d --- /dev/null +++ b/nixpkgs/pkgs/os-specific/linux/libtracefs/default.nix @@ -0,0 +1,38 @@ +{ lib, stdenv, fetchgit, pkg-config, libtraceevent, asciidoc, xmlto, docbook_xml_dtd_45, docbook_xsl }: + +stdenv.mkDerivation rec { + pname = "libtracefs"; + version = "1.2.5"; + + src = fetchgit { + url = "git://git.kernel.org/pub/scm/libs/libtrace/libtracefs.git"; + rev = "libtracefs-${version}"; + sha256 = "1rva9ysspf1wqd0zf52qwgpaasrn7jcbns4dwldc59ksk0n93qdb"; + }; + + # Don't build and install html documentation + postPatch = '' + sed -i -e '/^all:/ s/html//' -e '/^install:/ s/install-html//' Documentation/Makefile + ''; + + outputs = [ "out" "dev" "devman" ]; + enableParallelBuilding = true; + nativeBuildInputs = [ pkg-config asciidoc xmlto docbook_xml_dtd_45 docbook_xsl ]; + buildInputs = [ libtraceevent ]; + makeFlags = [ + "prefix=${placeholder "out"}" + "doc" # build docs + ]; + installFlags = [ + "pkgconfig_dir=${placeholder "out"}/lib/pkgconfig" + "install_doc" + ]; + + meta = with lib; { + description = "Linux kernel trace file system library"; + homepage = "https://git.kernel.org/pub/scm/libs/libtrace/libtracefs.git/"; + license = licenses.lgpl21Only; + platforms = platforms.linux; + maintainers = with maintainers; [ wentasah ]; + }; +} diff --git a/nixpkgs/pkgs/os-specific/linux/liquidtux/default.nix b/nixpkgs/pkgs/os-specific/linux/liquidtux/default.nix new file mode 100644 index 000000000000..a306135f73b0 --- /dev/null +++ b/nixpkgs/pkgs/os-specific/linux/liquidtux/default.nix @@ -0,0 +1,33 @@ +{ lib, stdenv, fetchFromGitHub, kernel }: + +stdenv.mkDerivation rec { + name = "liquidtux-${version}-${kernel.version}"; + version = "unstable-2021-12-16"; + + src = fetchFromGitHub { + owner = "liquidctl"; + repo = "liquidtux"; + rev = "342defc0e22ea58f8ab2ab0f191ad3fd302c44cb"; + sha256 = "12rc3vzfq8vnq9x9ca6swk5ag0xkpgkzmga8ga7q80mah9kxbaax"; + }; + + hardeningDisable = [ "pic" ]; + + nativeBuildInputs = kernel.moduleBuildDependencies; + + makeFlags = [ + "KDIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" + ]; + + installPhase = '' + install nzxt-grid3.ko nzxt-kraken2.ko nzxt-kraken3.ko nzxt-smart2.ko -Dm444 -t ${placeholder "out"}/lib/modules/${kernel.modDirVersion}/kernel/drivers/hwmon + ''; + + meta = with lib; { + description = "Linux kernel hwmon drivers for AIO liquid coolers and other devices"; + homepage = "https://github.com/liquidctl/liquidtux"; + license = licenses.gpl2; + platforms = [ "x86_64-linux" "i686-linux" ]; + maintainers = with maintainers; [ nickhu ]; + }; +} diff --git a/nixpkgs/pkgs/os-specific/linux/lm-sensors/default.nix b/nixpkgs/pkgs/os-specific/linux/lm-sensors/default.nix index 3590f87e37ad..c40a37940543 100644 --- a/nixpkgs/pkgs/os-specific/linux/lm-sensors/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/lm-sensors/default.nix @@ -44,7 +44,7 @@ stdenv.mkDerivation rec { changelog = "https://raw.githubusercontent.com/lm-sensors/lm-sensors/V${dashedVersion}/CHANGES"; description = "Tools for reading hardware sensors"; license = with licenses; [ lgpl21Plus gpl2Plus ]; - maintainers = with maintainers; [ pengmeiyu ]; + maintainers = with maintainers; [ pmy ]; platforms = platforms.linux; mainProgram = "sensors"; }; diff --git a/nixpkgs/pkgs/os-specific/linux/lvm2/2_02.nix b/nixpkgs/pkgs/os-specific/linux/lvm2/2_02.nix new file mode 100644 index 000000000000..3566a01178b2 --- /dev/null +++ b/nixpkgs/pkgs/os-specific/linux/lvm2/2_02.nix @@ -0,0 +1,4 @@ +import ./common.nix { + version = "2.02.187"; + sha256Hash = "sha256-Dg1SGoY6XbJEDy4edie6grcCc65KsLvhMIUdsNWOWvE="; +} diff --git a/nixpkgs/pkgs/os-specific/linux/lvm2/2_03.nix b/nixpkgs/pkgs/os-specific/linux/lvm2/2_03.nix new file mode 100644 index 000000000000..d6456b46e518 --- /dev/null +++ b/nixpkgs/pkgs/os-specific/linux/lvm2/2_03.nix @@ -0,0 +1,4 @@ +import ./common.nix { + version = "2.03.12"; + sha256Hash = "1shczwfd0888dchjiaqzd48ampm6f8y0ngsqd99fy4nxlbr5q1vn"; +} diff --git a/nixpkgs/pkgs/os-specific/linux/lvm2/default.nix b/nixpkgs/pkgs/os-specific/linux/lvm2/common.nix index fed7152d07ae..2d09c48073d1 100644 --- a/nixpkgs/pkgs/os-specific/linux/lvm2/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/lvm2/common.nix @@ -1,3 +1,5 @@ +{ version, sha256Hash }: + { lib, stdenv , fetchpatch , fetchurl @@ -15,12 +17,12 @@ assert enableDmeventd -> enableCmdlib; stdenv.mkDerivation rec { - pname = "lvm2" + lib.optionalString enableDmeventd "with-dmeventd"; - version = "2.03.12"; + pname = "lvm2" + lib.optionalString enableDmeventd "-with-dmeventd"; + inherit version; src = fetchurl { url = "https://mirrors.kernel.org/sourceware/lvm2/LVM2.${version}.tgz"; - sha256 = "1shczwfd0888dchjiaqzd48ampm6f8y0ngsqd99fy4nxlbr5q1vn"; + sha256 = sha256Hash; }; nativeBuildInputs = [ pkg-config ]; @@ -60,6 +62,7 @@ stdenv.mkDerivation rec { --replace "(BINDIR)/systemd-run" /run/current-system/systemd/bin/systemd-run substituteInPlace make.tmpl.in --replace "@systemdsystemunitdir@" "$out/lib/systemd/system" + '' + lib.optionalString (lib.versionAtLeast version "2.03") '' substituteInPlace libdm/make.tmpl.in --replace "@systemdsystemunitdir@" "$out/lib/systemd/system" ''; diff --git a/nixpkgs/pkgs/os-specific/linux/lxc/default.nix b/nixpkgs/pkgs/os-specific/linux/lxc/default.nix index e10af3abf923..bfe888c6e448 100644 --- a/nixpkgs/pkgs/os-specific/linux/lxc/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/lxc/default.nix @@ -9,11 +9,11 @@ with lib; stdenv.mkDerivation rec { pname = "lxc"; - version = "4.0.10"; + version = "4.0.11"; src = fetchurl { url = "https://linuxcontainers.org/downloads/lxc/lxc-${version}.tar.gz"; - sha256 = "1sgsic9dzj3wv2k5bx2vhcgappivhp1glkqfc2yrgr6jas052351"; + sha256 = "0b7hv4n8b3lndhr0jf9j1gkbzxm8897a1myjsfgwzad9gkhq395g"; }; nativeBuildInputs = [ diff --git a/nixpkgs/pkgs/os-specific/linux/lxcfs/default.nix b/nixpkgs/pkgs/os-specific/linux/lxcfs/default.nix index 3ed80269d3ad..6ae44f3fdb87 100644 --- a/nixpkgs/pkgs/os-specific/linux/lxcfs/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/lxcfs/default.nix @@ -5,13 +5,13 @@ with lib; stdenv.mkDerivation rec { pname = "lxcfs"; - version = "4.0.9"; + version = "4.0.11"; src = fetchFromGitHub { owner = "lxc"; repo = "lxcfs"; rev = "lxcfs-${version}"; - sha256 = "0zx58lair8hwi4bxm5h7i8n1j5fcdgw5cr6f4wk9qhks0sr5dip5"; + sha256 = "sha256-jWOmGV85uTYjBFQZKR3+TgPWZix2vuN8TLA/dhL8jwk="; }; nativeBuildInputs = [ pkg-config help2man autoreconfHook makeWrapper ]; diff --git a/nixpkgs/pkgs/os-specific/linux/mcelog/default.nix b/nixpkgs/pkgs/os-specific/linux/mcelog/default.nix index 85e4065e90a4..916c79a4298d 100644 --- a/nixpkgs/pkgs/os-specific/linux/mcelog/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/mcelog/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "mcelog"; - version = "178"; + version = "180"; src = fetchFromGitHub { owner = "andikleen"; repo = "mcelog"; rev = "v${version}"; - sha256 = "sha256-++R/R3oRw0O0MoDnASdVr9UIiI0yS4UcIO8nV62PLzE="; + sha256 = "1xy1082c67yd48idg5vwvrw7yx74gn6jj2d9c67d0rh6yji091ki"; }; postPatch = '' diff --git a/nixpkgs/pkgs/os-specific/linux/mdevd/default.nix b/nixpkgs/pkgs/os-specific/linux/mdevd/default.nix index fe549e880a4d..9860c3e73021 100644 --- a/nixpkgs/pkgs/os-specific/linux/mdevd/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/mdevd/default.nix @@ -4,8 +4,8 @@ with skawarePackages; buildPackage { pname = "mdevd"; - version = "0.1.5.0"; - sha256 = "01ykxgnbm53wijdrbld10664xy2wkvyzbbs98mfnqnf4h1y064n0"; + version = "0.1.5.1"; + sha256 = "1xch9sk3hklf2v9z3qlw0rfhhmikqp85zkij7qzwbs09g039bkll"; description = "mdev-compatible Linux hotplug manager daemon"; platforms = lib.platforms.linux; diff --git a/nixpkgs/pkgs/os-specific/linux/msr/000-include-sysmacros.patch b/nixpkgs/pkgs/os-specific/linux/msr/000-include-sysmacros.patch new file mode 100644 index 000000000000..5fa96cd14699 --- /dev/null +++ b/nixpkgs/pkgs/os-specific/linux/msr/000-include-sysmacros.patch @@ -0,0 +1,11 @@ +diff -Naur msr-old/msr.c msr-20060208/msr.c +--- msr-old/msr.c 1969-12-31 21:00:01.000000000 -0300 ++++ msr-20060208/msr.c 2021-11-02 21:19:34.576722617 -0300 +@@ -19,6 +19,7 @@ + #include <stdio.h> + #include <sys/types.h> + #include <sys/stat.h> ++#include <sys/sysmacros.h> + #include <fcntl.h> + #include <errno.h> + #include <unistd.h> diff --git a/nixpkgs/pkgs/os-specific/linux/msr/default.nix b/nixpkgs/pkgs/os-specific/linux/msr/default.nix new file mode 100644 index 000000000000..0ffc46012096 --- /dev/null +++ b/nixpkgs/pkgs/os-specific/linux/msr/default.nix @@ -0,0 +1,40 @@ +{ lib +, stdenv +, fetchzip +, installShellFiles +}: + +stdenv.mkDerivation rec { + pname = "msr"; + version = "20060208"; + + src = fetchzip { + name = "${pname}-${version}"; + url = "http://www.etallen.com/msr/${pname}-${version}.src.tar.gz"; + hash = "sha256-e01qYWbOALkXp5NpexuVodMxA3EBySejJ6ZBpZjyT+E="; + }; + + nativeBuildInputs = [ + installShellFiles + ]; + + patches = [ + ./000-include-sysmacros.patch + ]; + + installPhase = '' + runHook preInstall + mkdir -p $out/bin/ + cp msr $out/bin/ + installManPage msr.man + runHook postInstall + ''; + + meta = with lib; { + homepage = "http://www.etallen.com/msr.html"; + description = "Linux tool to display or modify x86 model-specific registers (MSRs)"; + license = licenses.bsd0; + maintainers = with maintainers; [ AndersonTorres ]; + platforms = [ "i686-linux" "x86_64-linux" ]; + }; +} diff --git a/nixpkgs/pkgs/os-specific/linux/multipath-tools/default.nix b/nixpkgs/pkgs/os-specific/linux/multipath-tools/default.nix index 13e989243646..45ffa8896ae7 100644 --- a/nixpkgs/pkgs/os-specific/linux/multipath-tools/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/multipath-tools/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl, pkg-config, perl, lvm2, libaio, gzip, readline, systemd, liburcu, json_c, kmod }: +{ lib, stdenv, fetchurl, fetchpatch, pkg-config, perl, lvm2, libaio, gzip, readline, systemd, liburcu, json_c, kmod }: stdenv.mkDerivation rec { pname = "multipath-tools"; @@ -13,6 +13,13 @@ stdenv.mkDerivation rec { patches = [ # fix build with json-c 0.14 https://www.redhat.com/archives/dm-devel/2020-May/msg00261.html ./json-c-0.14.patch + + # pull upstream fix for -fno-common toolchains like clang-12 + (fetchpatch { + name = "fno-common.patch"; + url = "https://github.com/opensvc/multipath-tools/commit/23a9247fa89cd0c84fe7e0f32468fd698b1caa48.patch"; + sha256 = "10hq0g2jfkfbmwhm4x4q5cgsswj30lm34ib153alqzjzsxc1hqjk"; + }) ]; postPatch = '' diff --git a/nixpkgs/pkgs/os-specific/linux/mwprocapture/default.nix b/nixpkgs/pkgs/os-specific/linux/mwprocapture/default.nix index ca5b82b87858..769bb1e43b44 100644 --- a/nixpkgs/pkgs/os-specific/linux/mwprocapture/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/mwprocapture/default.nix @@ -4,25 +4,25 @@ with lib; let bits = - if stdenv.is64bit then "64" - else "32"; + if stdenv.is64bit then "64" + else "32"; libpath = makeLibraryPath [ stdenv.cc.cc stdenv.glibc alsa-lib ]; in stdenv.mkDerivation rec { - name = "mwprocapture-1.3.0.${version}-${kernel.version}"; - version = "4236"; + pname = "mwprocapture"; + subVersion = "4236"; + version = "1.3.0.${subVersion}-${kernel.version}"; src = fetchurl { - url = "https://www.magewell.com/files/drivers/ProCaptureForLinux_${version}.tar.gz"; + url = "https://www.magewell.com/files/drivers/ProCaptureForLinux_${subVersion}.tar.gz"; sha256 = "1mfgj84km276sq5i8dny1vqp2ycqpvgplrmpbqwnk230d0w3qs74"; }; nativeBuildInputs = kernel.moduleBuildDependencies; - preConfigure = - '' + preConfigure = '' cd ./src export INSTALL_MOD_PATH="$out" ''; diff --git a/nixpkgs/pkgs/os-specific/linux/mxu11x0/default.nix b/nixpkgs/pkgs/os-specific/linux/mxu11x0/default.nix index d5129ca7f73a..ee29180a8d9d 100644 --- a/nixpkgs/pkgs/os-specific/linux/mxu11x0/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/mxu11x0/default.nix @@ -1,13 +1,15 @@ { lib, stdenv, fetchurl, kernel }: -stdenv.mkDerivation { +let + srcs = import (./srcs.nix) { inherit fetchurl; }; +in +stdenv.mkDerivation rec { pname = "mxu11x0"; - version = "1.4-${kernel.version}"; - src = fetchurl { - url = "https://www.moxa.com/Moxa/media/PDIM/S100000385/moxa-uport-1000-series-linux-3.x-and-4.x-for-uport-11x0-series-driver-v1.4.tgz"; - sha256 = "1hz9ygabbp8pv49k1j4qcsr0v3zw9xy0bh1akqgxp5v29gbdgxjl"; - }; + src = if lib.versionAtLeast kernel.version "5.0" then srcs.mxu11x0_5.src else srcs.mxu11x0_4.src; + mxu_version = if lib.versionAtLeast kernel.version "5.0" then srcs.mxu11x0_5.version else srcs.mxu11x0_4.version; + + version = mxu_version + "-${kernel.version}"; preBuild = '' sed -i -e "s/\$(uname -r).*/${kernel.modDirVersion}/g" driver/mxconf @@ -33,6 +35,8 @@ stdenv.mkDerivation { license = licenses.gpl2Plus; maintainers = with maintainers; [ uralbash ]; platforms = platforms.linux; - broken = kernel.kernelAtLeast "5.4"; + # broken due to API change in write_room() > v5.14-rc1 + # https://github.com/torvalds/linux/commit/94cc7aeaf6c0cff0b8aeb7cb3579cee46b923560 + broken = kernel.kernelAtLeast "5.14"; }; } diff --git a/nixpkgs/pkgs/os-specific/linux/mxu11x0/srcs.nix b/nixpkgs/pkgs/os-specific/linux/mxu11x0/srcs.nix new file mode 100644 index 000000000000..5c4e9137c6a6 --- /dev/null +++ b/nixpkgs/pkgs/os-specific/linux/mxu11x0/srcs.nix @@ -0,0 +1,18 @@ +{ fetchurl }: + +{ + mxu11x0_4 = { + version = "4.1"; + src = fetchurl { + url = "https://www.moxa.com/getmedia/b152d8c2-b9d6-4bc7-b0f4-420633b4bc2d/moxa-uport-1100-series-linux-kernel-4.x-driver-v4.1.tgz"; + sha256 = "sha256-sbq5M5FQjrrORtSS07PQHf+MAZArxFcUDN5wszBwbnc="; + }; + }; + mxu11x0_5 = { + version = "5.1"; + src = fetchurl { + url = "https://www.moxa.com/getmedia/57dfa4c1-8a2a-4da6-84c1-a36944ead74d/moxa-uport-1100-series-linux-kernel-5.x-driver-v5.1.tgz"; + sha256 = "sha256-pdFIiD5naSDdYwRz8ww8Mg8z1gDOfZ/OeO6Q5n+kjDQ="; + }; + }; +} diff --git a/nixpkgs/pkgs/os-specific/linux/nftables/default.nix b/nixpkgs/pkgs/os-specific/linux/nftables/default.nix index e0e69adb4b6b..0b6291226bc8 100644 --- a/nixpkgs/pkgs/os-specific/linux/nftables/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/nftables/default.nix @@ -4,18 +4,18 @@ , gmp, jansson, readline , withDebugSymbols ? false , withPython ? false , python3 -, withXtables ? false , iptables +, withXtables ? true , iptables }: with lib; stdenv.mkDerivation rec { - version = "1.0.0"; + version = "1.0.1"; pname = "nftables"; src = fetchurl { url = "https://netfilter.org/projects/nftables/files/${pname}-${version}.tar.bz2"; - sha256 = "1x25zs2czmn14mmq1nqi4zibsvh04vqjbx5lxj42nylnmxym9gsq"; + sha256 = "08x4xw0s5sap3q7jfr91v7mrkxrydi4dvsckw85ims0qb1ibmviw"; }; nativeBuildInputs = [ @@ -35,6 +35,7 @@ stdenv.mkDerivation rec { configureFlags = [ "--with-json" + "--with-cli=readline" # TODO: maybe switch to editline ] ++ optional (!withDebugSymbols) "--disable-debug" ++ optional (!withPython) "--disable-python" ++ optional withPython "--enable-python" @@ -43,8 +44,8 @@ stdenv.mkDerivation rec { meta = { description = "The project that aims to replace the existing {ip,ip6,arp,eb}tables framework"; homepage = "https://netfilter.org/projects/nftables/"; - license = licenses.gpl2; + license = licenses.gpl2Only; platforms = platforms.linux; - maintainers = with maintainers; [ izorkin ]; + maintainers = with maintainers; [ izorkin ajs124 ]; }; } diff --git a/nixpkgs/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh b/nixpkgs/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh index 198a6eae6005..e5e40dca086e 100755 --- a/nixpkgs/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh +++ b/nixpkgs/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh @@ -1,4 +1,5 @@ #! @runtimeShell@ +# shellcheck shell=bash if [ -x "@runtimeShell@" ]; then export SHELL="@runtimeShell@"; fi; @@ -29,7 +30,9 @@ upgrade_all= profile=/nix/var/nix/profiles/system buildHost=localhost targetHost= -maybeSudo=() +remoteSudo= +# comma separated list of vars to preserve when using sudo +preservedSudoVars=NIXOS_INSTALL_BOOTLOADER while [ "$#" -gt 0 ]; do i="$1"; shift 1 @@ -100,7 +103,7 @@ while [ "$#" -gt 0 ]; do shift 1 ;; --use-remote-sudo) - maybeSudo=(sudo --) + remoteSudo=1 ;; --flake) flake="$1" @@ -126,11 +129,11 @@ while [ "$#" -gt 0 ]; do esac done -if [ -n "$SUDO_USER" ]; then - maybeSudo=(sudo --) +if [[ -n "$SUDO_USER" || -n $remoteSudo ]]; then + maybeSudo=(sudo --preserve-env="$preservedSudoVars" --) fi -if [ -z "$buildHost" -a -n "$targetHost" ]; then +if [[ -z "$buildHost" && -n "$targetHost" ]]; then buildHost="$targetHost" fi if [ "$targetHost" = localhost ]; then @@ -215,8 +218,7 @@ nixBuild() { } nixFlakeBuild() { - if [[ -z "$buildHost" && -z "$targetHost" ]] && - ! [ "$action" = switch -o "$action" = boot ] + if [[ -z "$buildHost" && -z "$targetHost" && "$action" != switch && "$action" != boot ]] then nix "${flakeFlags[@]}" build "$@" readlink -f ./result @@ -271,7 +273,7 @@ if [ -z "$action" ]; then showSyntax; fi # executed, so it's safe to run nixos-rebuild against a potentially # untrusted tree. canRun= -if [ "$action" = switch -o "$action" = boot -o "$action" = test ]; then +if [[ "$action" = switch || "$action" = boot || "$action" = test ]]; then canRun=1 fi @@ -375,7 +377,7 @@ trap cleanup EXIT # First build Nix, since NixOS may require a newer version than the # current one. -if [ -n "$rollback" -o "$action" = dry-build ]; then +if [[ -n "$rollback" || "$action" = dry-build ]]; then buildNix= fi @@ -409,7 +411,7 @@ if [[ -n $buildNix && -z $flake ]]; then if ! nixStorePath="$(nix-instantiate --eval '<nixpkgs/nixos/modules/installer/tools/nix-fallback-paths.nix>' -A "$(nixSystem)" | sed -e 's/^"//' -e 's/"$//')"; then nixStorePath="$(prebuiltNix "$(uname -m)")" fi - if ! nix-store -r $nixStorePath --add-root $tmpDir/nix --indirect \ + if ! nix-store -r "$nixStorePath" --add-root "${tmpDir}/nix" --indirect \ --option extra-binary-caches https://cache.nixos.org/; then echo "warning: don't know how to get latest Nix" >&2 fi @@ -462,7 +464,7 @@ fi # current directory (for "build" and "test"). if [ -z "$rollback" ]; then echo "building the system configuration..." >&2 - if [ "$action" = switch -o "$action" = boot ]; then + if [[ "$action" = switch || "$action" = boot ]]; then if [[ -z $flake ]]; then pathToConfig="$(nixBuild '<nixpkgs/nixos>' --no-out-link -A system "${extraBuildFlags[@]}")" else @@ -470,7 +472,7 @@ if [ -z "$rollback" ]; then fi copyToTarget "$pathToConfig" targetHostCmd nix-env -p "$profile" --set "$pathToConfig" - elif [ "$action" = test -o "$action" = build -o "$action" = dry-build -o "$action" = dry-activate ]; then + elif [[ "$action" = test || "$action" = build || "$action" = dry-build || "$action" = dry-activate ]]; then if [[ -z $flake ]]; then pathToConfig="$(nixBuild '<nixpkgs/nixos>' -A system -k "${extraBuildFlags[@]}")" else @@ -492,14 +494,14 @@ if [ -z "$rollback" ]; then showSyntax fi # Copy build to target host if we haven't already done it - if ! [ "$action" = switch -o "$action" = boot ]; then + if ! [[ "$action" = switch || "$action" = boot ]]; then copyToTarget "$pathToConfig" fi else # [ -n "$rollback" ] - if [ "$action" = switch -o "$action" = boot ]; then + if [[ "$action" = switch || "$action" = boot ]]; then targetHostCmd nix-env --rollback -p "$profile" pathToConfig="$profile" - elif [ "$action" = test -o "$action" = build ]; then + elif [[ "$action" = test || "$action" = build ]]; then systemNumber=$( targetHostCmd nix-env -p "$profile" --list-generations | sed -n '/current/ {g; p;}; s/ *\([0-9]*\).*/\1/; h' @@ -516,7 +518,7 @@ fi # If we're not just building, then make the new configuration the boot # default and/or activate it now. -if [ "$action" = switch -o "$action" = boot -o "$action" = test -o "$action" = dry-activate ]; then +if [[ "$action" = switch || "$action" = boot || "$action" = test || "$action" = dry-activate ]]; then if ! targetHostCmd "$pathToConfig/bin/switch-to-configuration" "$action"; then echo "warning: error(s) occurred while switching to the new configuration" >&2 exit 1 @@ -524,9 +526,9 @@ if [ "$action" = switch -o "$action" = boot -o "$action" = test -o "$action" = d fi -if [ "$action" = build-vm -o "$action" = build-vm-with-bootloader ]; then +if [[ "$action" = build-vm || "$action" = build-vm-with-bootloader ]]; then cat >&2 <<EOF -Done. The virtual machine can be started by running $(echo $pathToConfig/bin/run-*-vm) +Done. The virtual machine can be started by running $(echo "${pathToConfig}/bin/"run-*-vm) EOF fi diff --git a/nixpkgs/pkgs/os-specific/linux/nmon/default.nix b/nixpkgs/pkgs/os-specific/linux/nmon/default.nix index 7ec84443cfe8..9372018f5b70 100644 --- a/nixpkgs/pkgs/os-specific/linux/nmon/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/nmon/default.nix @@ -2,16 +2,22 @@ stdenv.mkDerivation rec { pname = "nmon"; - version = "16m"; + version = "16n"; src = fetchurl { url = "mirror://sourceforge/nmon/lmon${version}.c"; - sha256 = "1hazgrq3m01dzv05639yis1mypcp0jf167n9gqwd3wgxzm2lvv9b"; + sha256 = "1wpm2f30414b87kpbr9hbidblr5cmfby5skwqd0fkpi5v712q0f0"; }; buildInputs = [ ncurses ]; dontUnpack = true; - buildPhase = "cc -o nmon ${src} -g -O2 -D JFS -D GETUSER -Wall -D LARGEMEM -lncurses -lm -g -D X86"; + buildPhase = "${stdenv.cc.targetPrefix}cc -o nmon ${src} -g -O2 -D JFS -D GETUSER -Wall -D LARGEMEM -lncurses -lm -g -D ${ + with stdenv.targetPlatform; + if isx86_32 || isx86_64 then "X86" + else if isAarch32 || isAarch64 then "ARM" + else if isPower then "POWER" + else "UNKNOWN" + }"; installPhase = '' mkdir -p $out/bin cp nmon $out/bin diff --git a/nixpkgs/pkgs/os-specific/linux/nvidia-x11/builder.sh b/nixpkgs/pkgs/os-specific/linux/nvidia-x11/builder.sh index 51bd4d725a8b..d108ca0d0060 100755 --- a/nixpkgs/pkgs/os-specific/linux/nvidia-x11/builder.sh +++ b/nixpkgs/pkgs/os-specific/linux/nvidia-x11/builder.sh @@ -106,8 +106,16 @@ installPhase() { sed -E "s#(libEGL_nvidia)#$i/lib/\\1#" 10_nvidia.json > 10_nvidia.json.fixed sed -E "s#(libnvidia-egl-wayland)#$i/lib/\\1#" 10_nvidia_wayland.json > 10_nvidia_wayland.json.fixed - install -Dm644 10_nvidia.json.fixed $i/share/glvnd/egl_vendor.d/nvidia.json - install -Dm644 10_nvidia_wayland.json.fixed $i/share/glvnd/egl_vendor.d/nvidia_wayland.json + install -Dm644 10_nvidia.json.fixed $i/share/glvnd/egl_vendor.d/10_nvidia.json + install -Dm644 10_nvidia_wayland.json.fixed $i/share/egl/egl_external_platform.d/10_nvidia_wayland.json + + if [[ -f "15_nvidia_gbm.json" ]]; then + sed -E "s#(libnvidia-egl-gbm)#$i/lib/\\1#" 15_nvidia_gbm.json > 15_nvidia_gbm.json.fixed + install -Dm644 15_nvidia_gbm.json.fixed $i/share/egl/egl_external_platform.d/15_nvidia_gbm.json + + mkdir -p $i/lib/gbm + ln -s $i/lib/libnvidia-allocator.so $i/lib/gbm/nvidia-drm_gbm.so + fi fi done diff --git a/nixpkgs/pkgs/os-specific/linux/nvidia-x11/default.nix b/nixpkgs/pkgs/os-specific/linux/nvidia-x11/default.nix index a8655596c513..2af6db7faf38 100644 --- a/nixpkgs/pkgs/os-specific/linux/nvidia-x11/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/nvidia-x11/default.nix @@ -19,13 +19,16 @@ rec { # Policy: use the highest stable version as the default (on our master). stable = if stdenv.hostPlatform.system == "x86_64-linux" then generic { - version = "470.74"; - sha256_64bit = "sha256:0snzrb78f283rl92r5cqnr7bdk3yfkqpjac80sqskwi9wgg17r9k"; - settingsSha256 = "sha256:0hd9973l0zd8a0ia1dysfrk30jqxff1rr07b79ggvqd1xnvv0iqn"; - persistencedSha256 = "sha256:0i8wfhz53hdnabdcx9awki3nk6xa6dadzn91iswhmfm4jj6964jf"; + version = "495.46"; + sha256_64bit = "2Dt30X2gxUZnqlsT1uqVpcUTBCV7Hs8vjUo7WuMcYvU="; + settingsSha256 = "vbcZYn+UBBGwjfrJ6SyXt3+JLBeNcXK4h8mjj7qxZPk="; + persistencedSha256 = "ieYqkVxe26cLw1LUgBsFSSowAyfZkTcItIzQCestCXI="; } else legacy_390; + # see https://www.nvidia.com/en-us/drivers/unix/ "Production branch" + production = legacy_470; + beta = generic { version = "495.29.05"; sha256_64bit = "sha256-9yVLl9QAxpJQR5ZJb059j2TpOx4xxCeGCk8hmhhvEl4="; @@ -45,6 +48,18 @@ rec { url = "https://developer.nvidia.com/vulkan-beta-${lib.concatStrings (lib.splitString "." version)}-linux"; }; + # Update note: + # If you add a legacy driver here, also update `top-level/linux-kernels.nix`, + # adding to the `nvidia_x11_legacy*` entries. + + # Last one supporting Kepler architecture + legacy_470 = generic { + version = "470.94"; + sha256_64bit = "lYWqKTMOutm98izjyiusICbIWpoy8D18WfcUp3mFAOs="; + settingsSha256 = "blJNKuFu/Th/ceexkKhTH/eYk8miUlTT+ESrcIyJNn0="; + persistencedSha256 = "xnccQ/EgafwnReBlk5Y7iClAj4hwXyFq9gUmwqyEuwE="; + }; + # Last one supporting x86 legacy_390 = generic { version = "390.143"; diff --git a/nixpkgs/pkgs/os-specific/linux/nvidia-x11/generic.nix b/nixpkgs/pkgs/os-specific/linux/nvidia-x11/generic.nix index 6f58e3e8f1d9..ec83b472085d 100644 --- a/nixpkgs/pkgs/os-specific/linux/nvidia-x11/generic.nix +++ b/nixpkgs/pkgs/os-specific/linux/nvidia-x11/generic.nix @@ -40,8 +40,11 @@ let pkgSuffix = optionalString (versionOlder version "304") "-pkg0"; i686bundled = versionAtLeast version "391" && !disable32Bit; - libPathFor = pkgs: pkgs.lib.makeLibraryPath [ pkgs.libdrm pkgs.xorg.libXext pkgs.xorg.libX11 - pkgs.xorg.libXv pkgs.xorg.libXrandr pkgs.xorg.libxcb pkgs.zlib pkgs.stdenv.cc.cc ]; + libPathFor = pkgs: lib.makeLibraryPath (with pkgs; [ + libdrm xorg.libXext xorg.libX11 + xorg.libXv xorg.libXrandr xorg.libxcb zlib stdenv.cc.cc + wayland mesa libGL + ]); self = stdenv.mkDerivation { name = "nvidia-x11-${version}${nameSuffix}"; diff --git a/nixpkgs/pkgs/os-specific/linux/nvme-cli/default.nix b/nixpkgs/pkgs/os-specific/linux/nvme-cli/default.nix index 57d59c27b6e6..c7819afe3ef4 100644 --- a/nixpkgs/pkgs/os-specific/linux/nvme-cli/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/nvme-cli/default.nix @@ -4,13 +4,13 @@ stdenv.mkDerivation rec { pname = "nvme-cli"; - version = "1.15"; + version = "1.16"; src = fetchFromGitHub { owner = "linux-nvme"; repo = "nvme-cli"; rev = "v${version}"; - sha256 = "0qr1wa163cb7z6g083nl3zcc28mmlbxh1m97pd54bp3gyrhmdhhr"; + sha256 = "sha256-/wDQxsN1sji56zfcvqx02iciYnyxjIbL85bNaRwrHYw="; }; nativeBuildInputs = [ pkg-config ]; diff --git a/nixpkgs/pkgs/os-specific/linux/ocf-resource-agents/default.nix b/nixpkgs/pkgs/os-specific/linux/ocf-resource-agents/default.nix new file mode 100644 index 000000000000..9c9557c7be85 --- /dev/null +++ b/nixpkgs/pkgs/os-specific/linux/ocf-resource-agents/default.nix @@ -0,0 +1,56 @@ +{ stdenv +, lib +, runCommand +, lndir +, fetchFromGitHub +, autoreconfHook +, pkg-config +, python3 +, glib +, drbd +}: + +let + drbdForOCF = drbd.override { + forOCF = true; + }; + + resource-agentsForOCF = stdenv.mkDerivation rec { + pname = "resource-agents"; + version = "4.10.0"; + + src = fetchFromGitHub { + owner = "ClusterLabs"; + repo = pname; + rev = "v${version}"; + sha256 = "0haryi3yrszdfpqnkfnppxj1yiy6ipah6m80snvayc7v0ss0wnir"; + }; + + nativeBuildInputs = [ + autoreconfHook + pkg-config + ]; + + buildInputs = [ + glib + python3 + ]; + + meta = with lib; { + homepage = "https://github.com/ClusterLabs/resource-agents"; + description = "Combined repository of OCF agents from the RHCS and Linux-HA projects"; + license = licenses.gpl2Plus; + platforms = platforms.linux; + maintainers = with maintainers; [ ryantm astro ]; + }; + }; + +in + +# This combines together OCF definitions from other derivations. +# https://github.com/ClusterLabs/resource-agents/blob/master/doc/dev-guides/ra-dev-guide.asc +runCommand "ocf-resource-agents" {} '' + mkdir -p $out/usr/lib/ocf + ${lndir}/bin/lndir -silent "${resource-agentsForOCF}/lib/ocf/" $out/usr/lib/ocf + ${lndir}/bin/lndir -silent "${drbdForOCF}/usr/lib/ocf/" $out/usr/lib/ocf +'' diff --git a/nixpkgs/pkgs/os-specific/linux/pam/default.nix b/nixpkgs/pkgs/os-specific/linux/pam/default.nix index fb993699494f..12ff9f493a37 100644 --- a/nixpkgs/pkgs/os-specific/linux/pam/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/pam/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, buildPackages, fetchurl, flex, cracklib, db4, gettext +{ lib, stdenv, buildPackages, fetchurl, flex, cracklib, db4, gettext, audit , nixosTests , withLibxcrypt ? false, libxcrypt }: @@ -18,7 +18,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ flex ] ++ lib.optional stdenv.buildPlatform.isDarwin gettext; - buildInputs = [ cracklib db4 ] + buildInputs = [ cracklib db4 audit ] ++ lib.optional withLibxcrypt libxcrypt; enableParallelBuilding = true; diff --git a/nixpkgs/pkgs/os-specific/linux/pam_krb5/default.nix b/nixpkgs/pkgs/os-specific/linux/pam_krb5/default.nix index af5fbccff052..157226373db0 100644 --- a/nixpkgs/pkgs/os-specific/linux/pam_krb5/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/pam_krb5/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "pam-krb5"; - version = "4.10"; + version = "4.11"; src = fetchurl { url = "https://archives.eyrie.org/software/kerberos/pam-krb5-${version}.tar.gz"; - sha256 = "09wzxd5zrj5bzqpb01qf148npj5k8hmd2bx2ij1qsy40hdxqyq79"; + sha256 = "sha256-UDy+LLGv9L39o7z3+T+U+2ulLCbXCJNOcDmyGC/hCyA="; }; buildInputs = [ pam libkrb5 ]; diff --git a/nixpkgs/pkgs/os-specific/linux/pam_u2f/default.nix b/nixpkgs/pkgs/os-specific/linux/pam_u2f/default.nix index 30a55f2b9c00..5e4b190c7a32 100644 --- a/nixpkgs/pkgs/os-specific/linux/pam_u2f/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/pam_u2f/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "pam_u2f"; - version = "1.1.1"; + version = "1.2.0"; src = fetchurl { url = "https://developers.yubico.com/pam-u2f/Releases/${pname}-${version}.tar.gz"; - sha256 = "12p3pkrp32vzpg7707cgx8zgvgj8iqwhy39sm761k7plqi027mmp"; + sha256 = "sha256-IwPm+Zsf3o7jw6sopN4tpt3SJclTaT6EXWstg4giH7M="; }; nativeBuildInputs = [ pkg-config ]; diff --git a/nixpkgs/pkgs/os-specific/linux/pax-utils/default.nix b/nixpkgs/pkgs/os-specific/linux/pax-utils/default.nix index db5763029977..b22af8d70838 100644 --- a/nixpkgs/pkgs/os-specific/linux/pax-utils/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/pax-utils/default.nix @@ -1,14 +1,18 @@ -{ stdenv, lib, fetchurl }: +{ stdenv, lib, fetchurl, bash }: stdenv.mkDerivation rec { pname = "pax-utils"; version = "1.3.3"; src = fetchurl { - url = "http://distfiles.gentoo.org/distfiles/${pname}-${version}.tar.xz"; + url = "mirror://gentoo/distfiles/${pname}-${version}.tar.xz"; sha256 = "sha256-7sp/vZi8Zr6tSncADCAl2fF+qCAbhCRYgkBs4AubaxQ="; }; + strictDeps = true; + + buildInputs = [ bash ]; + makeFlags = [ "PREFIX=$(out)" ]; meta = with lib; { diff --git a/nixpkgs/pkgs/os-specific/linux/pcm/default.nix b/nixpkgs/pkgs/os-specific/linux/pcm/default.nix index e3e723399346..a7b26fb6d711 100644 --- a/nixpkgs/pkgs/os-specific/linux/pcm/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/pcm/default.nix @@ -1,16 +1,18 @@ { lib, stdenv, fetchFromGitHub }: stdenv.mkDerivation rec { - version = "202107"; pname = "pcm"; + version = "202110"; src = fetchFromGitHub { owner = "opcm"; repo = "pcm"; rev = version; - sha256 = "sha256-2fN+jS6+BpodjjN+TV67uiNgZ0eblWjzbyU3CDp9ee0="; + sha256 = "sha256-YcTsC1ceCXKALroyZtgRYpqK3ysJhgzRJ8fBiCx7CCM="; }; + enableParallelBuilding = true; + installPhase = '' mkdir -p $out/bin cp pcm*.x $out/bin diff --git a/nixpkgs/pkgs/os-specific/linux/phc-intel/default.nix b/nixpkgs/pkgs/os-specific/linux/phc-intel/default.nix index 34693564e0aa..a0d43b2e0e36 100644 --- a/nixpkgs/pkgs/os-specific/linux/phc-intel/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/phc-intel/default.nix @@ -44,8 +44,7 @@ in stdenv.mkDerivation rec { while noticably reducing fan noise. This driver works only on supported Intel architectures. ''; - homepage = "http://www.linux-phc.org/"; - downloadPage = "http://www.linux-phc.org/forum/viewtopic.php?f=7&t=267"; + homepage = "https://github.com/danielw86dev/phc-intel-dkms"; license = licenses.gpl2; platforms = [ "x86_64-linux" "i686-linux" ]; broken = lib.versionAtLeast kernel.version "4.18"; diff --git a/nixpkgs/pkgs/os-specific/linux/pktgen/default.nix b/nixpkgs/pkgs/os-specific/linux/pktgen/default.nix index 5a1a56ab6919..36dea8ed6e0e 100644 --- a/nixpkgs/pkgs/os-specific/linux/pktgen/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/pktgen/default.nix @@ -5,13 +5,13 @@ stdenv.mkDerivation rec { pname = "pktgen"; - version = "21.05.0"; + version = "21.11.0"; src = fetchFromGitHub { owner = "pktgen"; repo = "Pktgen-DPDK"; rev = "pktgen-${version}"; - sha256 = "sha256-7lLDtbd14olEHO+1BuI6KTEUNRM/zAyRXau/OZbYbGA="; + sha256 = "sha256-3z5DSkggHTwjzsRzRG5zzZTcNsn/5YankJT8CKSN8b4="; }; nativeBuildInputs = [ meson ninja pkg-config ]; @@ -25,7 +25,6 @@ stdenv.mkDerivation rec { RTE_SDK = dpdk; GUI = lib.optionalString withGtk "true"; - NIX_CFLAGS_COMPILE = "-msse3"; # requires symbols from this file NIX_LDFLAGS = "-lrte_net_bond"; @@ -43,7 +42,7 @@ stdenv.mkDerivation rec { description = "Traffic generator powered by DPDK"; homepage = "http://dpdk.org/"; license = licenses.bsdOriginal; - platforms = [ "x86_64-linux" ]; + platforms = platforms.linux; maintainers = [ maintainers.abuibrahim ]; }; } diff --git a/nixpkgs/pkgs/os-specific/linux/plymouth/default.nix b/nixpkgs/pkgs/os-specific/linux/plymouth/default.nix index 8cb2a00987e1..62950b085258 100644 --- a/nixpkgs/pkgs/os-specific/linux/plymouth/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/plymouth/default.nix @@ -15,8 +15,8 @@ }: stdenv.mkDerivation rec { - pname = "plymouth-unstable"; - version = "2020-12-07"; + pname = "plymouth"; + version = "unstable-2021-10-18"; outputs = [ "out" @@ -27,8 +27,8 @@ stdenv.mkDerivation rec { domain = "gitlab.freedesktop.org"; owner = "plymouth"; repo = "plymouth"; - rev = "c4ced2a2d70edea7fbb95274aa1d01d95928df1b"; - sha256 = "7CPuKMA0fTt8DBsaA4Td74kHT/O7PW8N3awP04nUnOI="; + rev = "18363cd887dbfe7e82a2f4cc1a49ef9513919142"; + sha256 = "sha256-+AP4ALOFdYFt/8MDXjMaHptkogCwK1iXKuza1zfMaws="; }; nativeBuildInputs = [ @@ -47,15 +47,6 @@ stdenv.mkDerivation rec { systemd ]; - patches = [ - # KillMode=none is deprecated - # https://gitlab.freedesktop.org/plymouth/plymouth/-/issues/123 - (fetchpatch { - url = "https://gitlab.freedesktop.org/plymouth/plymouth/-/commit/b406b0895a95949db2adfedaeda451f36f2b51c3.patch"; - sha256 = "/UBImNuFO0G/oxlttjGIXon8YXMXlc9XU8uVuR9QuxY="; - }) - ]; - postPatch = '' sed -i \ -e "s#plymouthplugindir=.*#plymouthplugindir=/etc/plymouth/plugins/#" \ diff --git a/nixpkgs/pkgs/os-specific/linux/policycoreutils/default.nix b/nixpkgs/pkgs/os-specific/linux/policycoreutils/default.nix index 7e2ff29325a8..c066dd4c4c5c 100644 --- a/nixpkgs/pkgs/os-specific/linux/policycoreutils/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/policycoreutils/default.nix @@ -2,12 +2,12 @@ stdenv.mkDerivation rec { pname = "policycoreutils"; - version = "2.9"; - inherit (libsepol) se_release se_url; + version = "3.3"; + inherit (libsepol) se_url; src = fetchurl { - url = "${se_url}/${se_release}/policycoreutils-${version}.tar.gz"; - sha256 = "0yqg5ws5gbl1cbn8msxdk1c3ilmmx58qg5dx883kqyq0517k8g65"; + url = "${se_url}/${version}/policycoreutils-${version}.tar.gz"; + sha256 = "0y0hl32b2ks7r0fhbx3k2j1gqqms5aplyasjs3fz50caxl6096a1"; }; postPatch = '' @@ -24,7 +24,7 @@ stdenv.mkDerivation rec { makeFlags = [ "PREFIX=$(out)" - "SBINDIR=$(out)/sbin" + "SBINDIR=$(out)/bin" "ETCDIR=$(out)/etc" "BASHCOMPLETIONDIR=$out/share/bash-completion/completions" "LOCALEDIR=$(out)/share/locale" diff --git a/nixpkgs/pkgs/os-specific/linux/power-calibrate/default.nix b/nixpkgs/pkgs/os-specific/linux/power-calibrate/default.nix index d62990ed4ffd..884b2d0e01cd 100644 --- a/nixpkgs/pkgs/os-specific/linux/power-calibrate/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/power-calibrate/default.nix @@ -1,22 +1,25 @@ -{ stdenv, lib, fetchurl }: +{ stdenv, lib, fetchFromGitHub }: stdenv.mkDerivation rec { pname = "power-calibrate"; - version = "0.01.29"; + version = "0.01.34"; - src = fetchurl { - url = "https://kernel.ubuntu.com/~cking/tarballs/${pname}/${pname}-${version}.tar.gz"; - sha256 = "1v8wvhjqglkvk9cl2b48lkcwhbc6nsdi3hjd7sap4hyvd6703pgs"; + src = fetchFromGitHub { + owner = "ColinIanKing"; + repo = pname; + rev = "V${version}"; + hash = "sha256-T2fCTE+snNt1ylOpVR0JfT2x0lWrgItpfjtUx/zjaQw="; }; installFlags = [ "BINDIR=${placeholder "out"}/bin" "MANDIR=${placeholder "out"}/share/man/man8" + "BASHDIR=${placeholder "out"}/share/bash-completion/completions" ]; meta = with lib; { description = "Tool to calibrate power consumption"; - homepage = "https://kernel.ubuntu.com/~cking/power-calibrate/"; + homepage = "https://github.com/ColinIanKing/power-calibrate"; license = licenses.gpl2; platforms = platforms.linux; maintainers = with maintainers; [ dtzWill ]; diff --git a/nixpkgs/pkgs/os-specific/linux/power-profiles-daemon/default.nix b/nixpkgs/pkgs/os-specific/linux/power-profiles-daemon/default.nix index 03267b8e9ae5..9f96eb2576dc 100644 --- a/nixpkgs/pkgs/os-specific/linux/power-profiles-daemon/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/power-profiles-daemon/default.nix @@ -4,8 +4,10 @@ , meson , ninja , fetchFromGitLab +, fetchpatch , libgudev , glib +, polkit , gobject-introspection , gettext , gtk-doc @@ -14,24 +16,47 @@ , libxml2 , libxslt , upower +, umockdev , systemd , python3 +, wrapGAppsNoGuiHook +, nixosTests }: +let + testPythonPkgs = ps: with ps; [ + pygobject3 + dbus-python + python-dbusmock + ]; + testTypelibPath = lib.makeSearchPathOutput "lib" "lib/girepository-1.0" [ umockdev ]; +in stdenv.mkDerivation rec { pname = "power-profiles-daemon"; - version = "0.8.1"; + version = "0.10.1"; - outputs = [ "out" "devdoc" ]; + outputs = [ "out" "devdoc" "installedTests" ]; src = fetchFromGitLab { domain = "gitlab.freedesktop.org"; owner = "hadess"; repo = "power-profiles-daemon"; rev = version; - sha256 = "sha256-OnCUr7KWVPpYGDseBUcJD/PdOobvFnyNA97NhnKbTKY="; + sha256 = "sha256-sQWiCHc0kEELdmPq9Qdk7OKDUgbM5R44639feC7gjJc="; }; + patches = [ + # Enable installed tests. + # https://gitlab.freedesktop.org/hadess/power-profiles-daemon/-/merge_requests/92 + (fetchpatch { + url = "https://gitlab.freedesktop.org/hadess/power-profiles-daemon/-/commit/3c64d9e1732eb6425e33013c452f1c4aa7a26f7e.patch"; + sha256 = "din5VuZZwARNDInHtl44yJK8pLmlxr5eoD4iMT4a8HA="; + }) + + # Install installed tests to separate output. + ./installed-tests-path.patch + ]; + nativeBuildInputs = [ pkg-config meson @@ -43,6 +68,11 @@ stdenv.mkDerivation rec { libxml2 # for xmllint for stripping GResources libxslt # for xsltproc for building docs gobject-introspection + wrapGAppsNoGuiHook + python3.pkgs.wrapPython + + # For finding tests. + (python3.withPackages testPythonPkgs) ]; buildInputs = [ @@ -50,19 +80,89 @@ stdenv.mkDerivation rec { systemd upower glib - (python3.withPackages (ps: with ps; [ ps.pygobject3 ])) # for cli tool + polkit + python3 # for cli tool + ]; + + strictDeps = true; + + # for cli tool + pythonPath = [ + python3.pkgs.pygobject3 ]; mesonFlags = [ + "-Dinstalled_test_prefix=${placeholder "installedTests"}" "-Dsystemdsystemunitdir=${placeholder "out"}/lib/systemd/system" "-Dgtk_doc=true" ]; + PKG_CONFIG_POLKIT_GOBJECT_1_POLICYDIR = "${placeholder "out"}/share/polkit-1/actions"; + + # Avoid double wrapping + dontWrapGApps = true; + + postPatch = '' + patchShebangs tests/unittest_inspector.py + ''; + + preConfigure = '' + # For finding tests. + GI_TYPELIB_PATH_original=$GI_TYPELIB_PATH + addToSearchPath GI_TYPELIB_PATH "${testTypelibPath}" + ''; + + postConfigure = '' + # Restore the original value to prevent the program from depending on umockdev. + export GI_TYPELIB_PATH=$GI_TYPELIB_PATH_original + unset GI_TYPELIB_PATH_original + ''; + + preInstall = '' + # We have pkexec on PATH so Meson will try to use it when installation fails + # due to being unable to write to e.g. /etc. + # Let’s pretend we already ran pkexec – + # the pkexec on PATH would complain it lacks setuid bit, + # obscuring the underlying error. + # https://github.com/mesonbuild/meson/blob/492cc9bf95d573e037155b588dc5110ded4d9a35/mesonbuild/minstall.py#L558 + export PKEXEC_UID=-1 + ''; + + postFixup = '' + # Avoid double wrapping + makeWrapperArgs+=("''${gappsWrapperArgs[@]}") + # Make Python libraries available + wrapPythonProgramsIn "$out/bin" "$pythonPath" + + # Make Python libraries available for installed tests + makeWrapperArgs+=( + --prefix GI_TYPELIB_PATH : "${testTypelibPath}" + --prefix PATH : "${lib.makeBinPath [ umockdev ]}" + # Vala does not use absolute paths in typelibs + # https://github.com/NixOS/nixpkgs/issues/47226 + # Also umockdev binaries use relative paths for LD_PRELOAD. + --prefix LD_LIBRARY_PATH : "${lib.makeLibraryPath [ umockdev ]}" + # dbusmock calls its templates using exec so our regular patching of Python scripts + # to add package directories to site will not carry over. + # https://github.com/martinpitt/python-dbusmock/blob/2254e69279a02fb3027b500ed7288b77c7a80f2a/dbusmock/mockobject.py#L51 + # https://github.com/martinpitt/python-dbusmock/blob/2254e69279a02fb3027b500ed7288b77c7a80f2a/dbusmock/__main__.py#L60-L62 + --prefix PYTHONPATH : "${lib.makeSearchPath python3.sitePackages (testPythonPkgs python3.pkgs)}" + ) + wrapPythonProgramsIn "$installedTests/libexec/installed-tests" "$pythonPath ${lib.concatStringsSep " " (testPythonPkgs python3.pkgs)}" + ''; + + passthru = { + tests = { + nixos = nixosTests.power-profiles-daemon; + installed-tests = nixosTests.installed-tests.power-profiles-daemon; + }; + }; + meta = with lib; { homepage = "https://gitlab.freedesktop.org/hadess/power-profiles-daemon"; description = "Makes user-selected power profiles handling available over D-Bus"; platforms = platforms.linux; license = licenses.gpl3Plus; - maintainers = with maintainers; [ mvnetbiz ]; + maintainers = with maintainers; [ jtojnar mvnetbiz ]; }; } diff --git a/nixpkgs/pkgs/os-specific/linux/power-profiles-daemon/installed-tests-path.patch b/nixpkgs/pkgs/os-specific/linux/power-profiles-daemon/installed-tests-path.patch new file mode 100644 index 000000000000..63059f3ac73c --- /dev/null +++ b/nixpkgs/pkgs/os-specific/linux/power-profiles-daemon/installed-tests-path.patch @@ -0,0 +1,37 @@ +diff --git a/meson_options.txt b/meson_options.txt +index 7e89619..76497db 100644 +--- a/meson_options.txt ++++ b/meson_options.txt +@@ -1,3 +1,4 @@ ++option('installed_test_prefix', type: 'string', description: 'Prefix for installed tests') + option('systemdsystemunitdir', + description: 'systemd unit directory', + type: 'string', +diff --git a/tests/meson.build b/tests/meson.build +index b306a7f..7670e1b 100644 +--- a/tests/meson.build ++++ b/tests/meson.build +@@ -2,8 +2,8 @@ envs = environment() + envs.set ('top_builddir', meson.build_root()) + envs.set ('top_srcdir', meson.source_root()) + +-installed_test_bindir = libexecdir / 'installed-tests' / meson.project_name() +-installed_test_datadir = datadir / 'installed-tests' / meson.project_name() ++installed_test_bindir = get_option('installed_test_prefix') / 'libexec' / 'installed-tests' / meson.project_name() ++installed_test_datadir = get_option('installed_test_prefix') / 'share' / 'installed-tests' / meson.project_name() + + python3 = find_program('python3') + unittest_inspector = find_program('unittest_inspector.py') +diff --git a/tests/integration-test.py b/tests/integration-test.py +index 22dc42c..0f92b76 100755 +--- a/tests/integration-test.py ++++ b/tests/integration-test.py +@@ -67,7 +67,7 @@ class Tests(dbusmock.DBusTestCase): + print('Testing binaries from JHBuild (%s)' % cls.daemon_path) + else: + cls.daemon_path = None +- with open('/usr/lib/systemd/system/power-profiles-daemon.service') as f: ++ with open('/run/current-system/sw/lib/systemd/system/power-profiles-daemon.service') as f: + for line in f: + if line.startswith('ExecStart='): + cls.daemon_path = line.split('=', 1)[1].strip() diff --git a/nixpkgs/pkgs/os-specific/linux/powercap/default.nix b/nixpkgs/pkgs/os-specific/linux/powercap/default.nix index ad9de9f75d5d..24832e5fdff9 100644 --- a/nixpkgs/pkgs/os-specific/linux/powercap/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/powercap/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "powercap"; - version = "0.3.1"; + version = "0.5.0"; src = fetchFromGitHub { owner = "powercap"; repo = "powercap"; rev = "v${version}"; - sha256 = "0f1sg1zsskcfralg9khwq7lmz25gvnyknza3bb0hmh1a9lw0jhdn"; + sha256 = "sha256-VvepbABc7daRE0/sJqsCb+m2my8O3B1ICXywBqsjSO8="; }; nativeBuildInputs = [ cmake ]; diff --git a/nixpkgs/pkgs/os-specific/linux/powerstat/default.nix b/nixpkgs/pkgs/os-specific/linux/powerstat/default.nix index f80b7425cd48..86f2e124ed29 100644 --- a/nixpkgs/pkgs/os-specific/linux/powerstat/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/powerstat/default.nix @@ -1,24 +1,25 @@ -{ stdenv, lib, fetchurl }: +{ stdenv, lib, fetchFromGitHub }: stdenv.mkDerivation rec { pname = "powerstat"; - version = "0.02.25"; + version = "0.02.27"; - src = fetchurl { - url = "https://kernel.ubuntu.com/~cking/tarballs/${pname}/${pname}-${version}.tar.gz"; - sha256 = "sha256-C6MCOXnElDI69QkLKd2X2SLved8cRCN0Q6BhUvvqsTY="; + src = fetchFromGitHub { + owner = "ColinIanKing"; + repo = pname; + rev = "V${version}"; + hash = "sha256-P6DhsHnB+ak35JpUfD8Q8XbgMhI1QKKe31B8uMT2ZcY="; }; - installFlags = [ "DESTDIR=${placeholder "out"}" ]; - - postInstall = '' - mv $out/usr/* $out - rm -r $out/usr - ''; + installFlags = [ + "BINDIR=${placeholder "out"}/bin" + "MANDIR=${placeholder "out"}/share/man/man8" + "BASHDIR=${placeholder "out"}/share/bash-completion/completions" + ]; meta = with lib; { description = "Laptop power measuring tool"; - homepage = "https://kernel.ubuntu.com/~cking/powerstat/"; + homepage = "https://github.com/ColinIanKing/powerstat"; license = licenses.gpl2; platforms = platforms.linux; maintainers = with maintainers; [ womfoo ]; diff --git a/nixpkgs/pkgs/os-specific/linux/powertop/default.nix b/nixpkgs/pkgs/os-specific/linux/powertop/default.nix index b8a0487bc7e7..2b498d9ddc91 100644 --- a/nixpkgs/pkgs/os-specific/linux/powertop/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/powertop/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchFromGitHub, gettext, libnl, ncurses, pciutils +{ lib, stdenv, fetchFromGitHub, fetchpatch, gettext, libnl, ncurses, pciutils , pkg-config, zlib, autoreconfHook }: stdenv.mkDerivation rec { @@ -12,6 +12,15 @@ stdenv.mkDerivation rec { sha256 = "1zkr2y5nb1nr22nq8a3zli87iyfasfq6489p7h1k428pv8k45w4f"; }; + patches = [ + # Pull upstream patch for ncurses-6.3 compatibility + (fetchpatch { + name = "ncurses-6.3.patch"; + url = "https://github.com/fenrus75/powertop/commit/9ef1559a1582f23d599c149601c3a8e06809296c.patch"; + sha256 = "0qx69f3bwhxgsga9nas8lgrclf1rxvr7fq7fd2n8dv3x4lsb46j1"; + }) + ]; + outputs = [ "out" "man" ]; nativeBuildInputs = [ pkg-config autoreconfHook ]; diff --git a/nixpkgs/pkgs/os-specific/linux/pps-tools/default.nix b/nixpkgs/pkgs/os-specific/linux/pps-tools/default.nix index 146c9457ed34..66754e5148ec 100644 --- a/nixpkgs/pkgs/os-specific/linux/pps-tools/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/pps-tools/default.nix @@ -1,15 +1,14 @@ { lib, stdenv, fetchFromGitHub }: stdenv.mkDerivation rec { - baseName = "pps-tools"; - version = "1.0.2"; - name = "${baseName}-${version}"; + pname = "pps-tools"; + version = "1.0.3"; src = fetchFromGitHub { owner = "redlab-i"; - repo = baseName; + repo = pname; rev = "v${version}"; - sha256 = "1yh9g0l59dkq4ci0wbb03qin3c3cizfngmn9jy1vwm5zm6axlxhf"; + sha256 = "sha256-eLLFHrCgOQzOtVxlAsZ5X91KK+vZiKMGL7zbQFiIZtI="; }; outputs = [ "out" "dev" ]; @@ -24,7 +23,7 @@ stdenv.mkDerivation rec { rm -rf $out/usr/ ''; - meta = with lib;{ + meta = with lib; { description = "User-space tools for LinuxPPS"; homepage = "http://linuxpps.org/"; license = licenses.gpl2Plus; diff --git a/nixpkgs/pkgs/os-specific/linux/prl-tools/default.nix b/nixpkgs/pkgs/os-specific/linux/prl-tools/default.nix index 431e0ed58b1f..e6c246de0d27 100644 --- a/nixpkgs/pkgs/os-specific/linux/prl-tools/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/prl-tools/default.nix @@ -32,7 +32,7 @@ stdenv.mkDerivation rec { inherit libsOnly; unpackPhase = '' - undmg < "${src}" + undmg "${src}" export sourceRoot=prl-tools-build 7z x "Parallels Desktop.app/Contents/Resources/Tools/prl-tools-lin.iso" -o$sourceRoot diff --git a/nixpkgs/pkgs/os-specific/linux/psftools/default.nix b/nixpkgs/pkgs/os-specific/linux/psftools/default.nix index 6d423be738e7..5d8c39bb145c 100644 --- a/nixpkgs/pkgs/os-specific/linux/psftools/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/psftools/default.nix @@ -1,10 +1,10 @@ { lib, stdenv, fetchurl }: stdenv.mkDerivation rec { pname = "psftools"; - version = "1.1.0"; + version = "1.1.1"; src = fetchurl { url = "https://www.seasip.info/Unix/PSF/${pname}-${version}.tar.gz"; - sha256 = "sha256-P9eIHtEXC55C2rXweJ9Vw93tIspjjQ6MCQ44FJDEook="; + sha256 = "sha256-MecY4JsIXTgHdkrFkQ+C3fC6OEFRUgjUgf7qxfKeZtM="; }; outputs = ["out" "man" "dev" "lib"]; diff --git a/nixpkgs/pkgs/os-specific/linux/radeontop/default.nix b/nixpkgs/pkgs/os-specific/linux/radeontop/default.nix index b172fad6adcb..9e9cb5845e4e 100644 --- a/nixpkgs/pkgs/os-specific/linux/radeontop/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/radeontop/default.nix @@ -3,10 +3,10 @@ stdenv.mkDerivation rec { pname = "radeontop"; - version = "1.3"; + version = "1.4"; src = fetchFromGitHub { - sha256 = "sha256-tnIxM0+RfOIt714fEUWRP/4rEPHaOuCZFit9/RPdxis="; + sha256 = "0kwqddidr45s1blp0h8r8h1dd1p50l516yb6mb4s6zsc827xzgg3"; rev = "v${version}"; repo = "radeontop"; owner = "clbr"; @@ -19,12 +19,13 @@ stdenv.mkDerivation rec { patchPhase = '' substituteInPlace getver.sh --replace ver=unknown ver=${version} + substituteInPlace Makefile --replace pkg-config "$PKG_CONFIG" ''; makeFlags = [ "PREFIX=$(out)" ]; postInstall = '' - wrapProgram $out/sbin/radeontop \ + wrapProgram $out/bin/radeontop \ --prefix LD_LIBRARY_PATH : $out/lib ''; diff --git a/nixpkgs/pkgs/os-specific/linux/rasdaemon/default.nix b/nixpkgs/pkgs/os-specific/linux/rasdaemon/default.nix new file mode 100644 index 000000000000..22ca59bff536 --- /dev/null +++ b/nixpkgs/pkgs/os-specific/linux/rasdaemon/default.nix @@ -0,0 +1,111 @@ +{ lib, stdenv, fetchFromGitHub +, autoreconfHook +, glibcLocales, kmod, coreutils, perl +, dmidecode, hwdata, sqlite +, nixosTests +}: + +stdenv.mkDerivation rec { + pname = "rasdaemon"; + version = "0.6.7"; + + src = fetchFromGitHub { + owner = "mchehab"; + repo = "rasdaemon"; + rev = "v${version}"; + sha256 = "sha256-vyUDwqDe+HD4mka6smdQuVSM5U9uMv/TrfHkyqVJMIo="; + }; + + nativeBuildInputs = [ autoreconfHook ]; + + buildInputs = [ + coreutils + glibcLocales + hwdata + kmod + sqlite + (perl.withPackages (ps: with ps; [ DBI DBDSQLite ])) + ] + ++ lib.optionals (!stdenv.isAarch64) [ dmidecode ]; + + configureFlags = [ + "--sysconfdir=/etc" + "--localstatedir=/var" + "--with-sysconfdefdir=${placeholder "out"}/etc/sysconfig" + "--enable-sqlite3" + "--enable-aer" + "--enable-mce" + "--enable-extlog" + "--enable-non-standard" + "--enable-abrt-report" + "--enable-hisi-ns-decode" + "--enable-devlink" + "--enable-diskerror" + "--enable-memory-failure" + "--enable-memory-ce-pfa" + "--enable-amp-ns-decode" + ] + ++ lib.optionals (stdenv.isAarch64) [ "--enable-arm" ]; + + # The installation attempts to create the following directories: + # /var/lib/rasdaemon + # location of the RAS event log generated by rasdaemon -r + # /etc/ras/dimm_labels.d + # location of the DIMM labels generated by ras-mc-ctl + # /etc/sysconfig/rasdaemon + # location of rasdaemon config file, currently only used for CE PFA config + + # these are optional (for logging, DIMM label storage and user config) + # /var/lib/rasdaemon should be created by the NixOS module + # /etc/ras/dimm_labels.d should probably be generated, + # from user supplied content, in the NixOS module + # /etc/sysconfig/rasdaemon should be generated if there is user supplied content + # and default to $out/etc/sysconfig/rasdaemon which should hold the supplied default + + # therefore, stripping these from the generated Makefile + # (needed in the config flags because those set where the tools look for these) + +# easy way out, ends up installing /nix/store/...rasdaemon/bin in $out + + postConfigure = '' + substituteInPlace Makefile \ + --replace '"$(DESTDIR)/etc/ras/dimm_labels.d"' '"$(prefix)/etc/ras/dimm_labels.d"' + ''; + + outputs = [ "out" "dev" "man" "inject" ]; + + postInstall = '' + install -Dm 0755 contrib/edac-fake-inject $inject/bin/edac-fake-inject + install -Dm 0755 contrib/edac-tests $inject/bin/edac-tests + ''; + + postFixup = '' + # Fix dmidecode and modprobe paths + substituteInPlace $out/bin/ras-mc-ctl \ + --replace 'find_prog ("modprobe") or exit (1)' '"${kmod}/bin/modprobe"' + '' + + lib.optionalString (!stdenv.isAarch64) '' + substituteInPlace $out/bin/ras-mc-ctl \ + --replace 'find_prog ("dmidecode")' '"${dmidecode}/bin/dmidecode"' + ''; + + passthru.tests = nixosTests.rasdaemon; + + meta = with lib; { + description = '' + A Reliability, Availability and Serviceability (RAS) logging tool using EDAC kernel tracing events + ''; + longDescription = '' + Rasdaemon is a RAS (Reliability, Availability and Serviceability) logging + tool. It records memory errors, using the EDAC tracing events. EDAC is a + Linux kernel subsystem with handles detection of ECC errors from memory + controllers for most chipsets on i386 and x86_64 architectures. EDAC + drivers for other architectures like arm also exists. + ''; + homepage = "https://github.com/mchehab/rasdaemon"; + license = licenses.gpl2Plus; + platforms = platforms.linux; + changelog = "https://github.com/mchehab/rasdaemon/blob/v${version}/ChangeLog"; + maintainers = with maintainers; [ evils ]; + }; +} diff --git a/nixpkgs/pkgs/os-specific/linux/rdma-core/default.nix b/nixpkgs/pkgs/os-specific/linux/rdma-core/default.nix index ae7fee77309a..710a74d67d8c 100644 --- a/nixpkgs/pkgs/os-specific/linux/rdma-core/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/rdma-core/default.nix @@ -5,17 +5,18 @@ stdenv.mkDerivation rec { pname = "rdma-core"; - version = "37.0"; + version = "38.0"; src = fetchFromGitHub { owner = "linux-rdma"; repo = "rdma-core"; rev = "v${version}"; - sha256 = "0cz6dq34w0zxm1c6xk4pqascvvppa1b0m8jfnpncg5a68day8x65"; + sha256 = "1z9yrkqdknzidg4g1g5rqrs7i0325nmzzw0nf2ki1nzlfwqxy9qv"; }; - nativeBuildInputs = [ cmake pkg-config pandoc docutils ]; - buildInputs = [ libnl ethtool iproute2 udev python3 perl ]; + strictDeps = true; + nativeBuildInputs = [ cmake pkg-config pandoc docutils python3 ]; + buildInputs = [ libnl ethtool iproute2 udev perl ]; cmakeFlags = [ "-DCMAKE_INSTALL_RUNDIR=/run" diff --git a/nixpkgs/pkgs/os-specific/linux/read-edid/default.nix b/nixpkgs/pkgs/os-specific/linux/read-edid/default.nix index 24ad06749766..7f6d224ff4d5 100644 --- a/nixpkgs/pkgs/os-specific/linux/read-edid/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/read-edid/default.nix @@ -10,9 +10,9 @@ stdenv.mkDerivation rec { }; nativeBuildInputs = [ cmake ]; - buildInputs = lib.optional (stdenv.isi686 || stdenv.isx86_64) libx86; + buildInputs = lib.optional stdenv.hostPlatform.isx86 libx86; - cmakeFlags = [ "-DCLASSICBUILD=${if stdenv.isi686 || stdenv.isx86_64 then "ON" else "OFF"}" ]; + cmakeFlags = [ "-DCLASSICBUILD=${if stdenv.hostPlatform.isx86 then "ON" else "OFF"}" ]; patchPhase = '' substituteInPlace CMakeLists.txt --replace 'COPYING' 'LICENSE' diff --git a/nixpkgs/pkgs/os-specific/linux/rtl8188eus-aircrack/default.nix b/nixpkgs/pkgs/os-specific/linux/rtl8188eus-aircrack/default.nix index 100683ed37ba..f9f3ce47cb32 100644 --- a/nixpkgs/pkgs/os-specific/linux/rtl8188eus-aircrack/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/rtl8188eus-aircrack/default.nix @@ -36,6 +36,6 @@ stdenv.mkDerivation { homepage = "https://github.com/aircrack-ng/rtl8188eus"; license = licenses.gpl2Only; maintainers = with maintainers; [ fortuneteller2k ]; - broken = kernel.isHardened; + broken = kernel.kernelAtLeast "5.15" || kernel.isHardened; }; } diff --git a/nixpkgs/pkgs/os-specific/linux/rtl8192eu/default.nix b/nixpkgs/pkgs/os-specific/linux/rtl8192eu/default.nix index b66a56a8f8bf..b33330611b88 100644 --- a/nixpkgs/pkgs/os-specific/linux/rtl8192eu/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/rtl8192eu/default.nix @@ -6,13 +6,13 @@ let modDestDir = "$out/lib/modules/${kernel.modDirVersion}/kernel/drivers/net/wi in stdenv.mkDerivation rec { pname = "rtl8192eu"; - version = "${kernel.version}-4.4.1.20210403"; + version = "${kernel.version}-4.4.1.20211023"; src = fetchFromGitHub { owner = "Mange"; repo = "rtl8192eu-linux-driver"; - rev = "ab35c7e9672f37d75b7559758c99f6d027607687"; - sha256 = "sha256-sTIaye4oWNYEnNuXlrTLobaFKXzBLsfJXdJuc10EdJI="; + rev = "744bbe52976e51895fce2c1d4075f97a98dca2b2"; + sha256 = "1ayb3fljvpljwcgi47h8vj2d2w5imqyjxc7mvmfrvmilzg5d5cj7"; }; hardeningDisable = [ "pic" ]; diff --git a/nixpkgs/pkgs/os-specific/linux/rtl8812au/default.nix b/nixpkgs/pkgs/os-specific/linux/rtl8812au/default.nix index 7fa5ee42670d..b385b9a27da0 100644 --- a/nixpkgs/pkgs/os-specific/linux/rtl8812au/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/rtl8812au/default.nix @@ -28,7 +28,7 @@ stdenv.mkDerivation rec { makeFlags = [ "ARCH=${stdenv.hostPlatform.linuxArch}" "KSRC=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" - ("CONFIG_PLATFORM_I386_PC=" + (if (stdenv.hostPlatform.isi686 || stdenv.hostPlatform.isx86_64) then "y" else "n")) + ("CONFIG_PLATFORM_I386_PC=" + (if stdenv.hostPlatform.isx86 then "y" else "n")) ("CONFIG_PLATFORM_ARM_RPI=" + (if (stdenv.hostPlatform.isAarch32 || stdenv.hostPlatform.isAarch64) then "y" else "n")) ] ++ lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) [ "CROSS_COMPILE=${stdenv.cc.targetPrefix}" @@ -50,6 +50,6 @@ stdenv.mkDerivation rec { license = licenses.gpl2Only; platforms = platforms.linux; maintainers = with maintainers; [ fortuneteller2k ]; - broken = kernel.kernelOlder "4.10" || kernel.isHardened; + broken = kernel.kernelOlder "4.10" || kernel.kernelAtLeast "5.15" || kernel.isHardened; }; } diff --git a/nixpkgs/pkgs/os-specific/linux/rtl8814au/default.nix b/nixpkgs/pkgs/os-specific/linux/rtl8814au/default.nix index f8c74f9d22e2..f9ca60b1112b 100644 --- a/nixpkgs/pkgs/os-specific/linux/rtl8814au/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/rtl8814au/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation { pname = "rtl8814au"; - version = "${kernel.version}-unstable-2021-05-18"; + version = "${kernel.version}-unstable-2021-10-25"; src = fetchFromGitHub { owner = "morrownr"; repo = "8814au"; - rev = "388786c864f9b1437fc4d934b1eccf6d7f1e1355"; - sha256 = "sha256-2EnheODPFWTGN/fz45LWRSOGeV6pTENEUrehahj+PJ4="; + rev = "d36c0874716b0776ac6c7dcd6110598ef0f6dd53"; + sha256 = "0lk3ldff489ggbqmlfi4zvnp1cvxj1b06m0fhpzai82070klzzmj"; }; buildInputs = kernel.moduleBuildDependencies; diff --git a/nixpkgs/pkgs/os-specific/linux/rtl8821au/default.nix b/nixpkgs/pkgs/os-specific/linux/rtl8821au/default.nix index 1f7d07f7326d..5800405f2839 100644 --- a/nixpkgs/pkgs/os-specific/linux/rtl8821au/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/rtl8821au/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "rtl8821au"; - version = "${kernel.version}-unstable-2021-05-18"; + version = "${kernel.version}-unstable-2021-11-05"; src = fetchFromGitHub { owner = "morrownr"; - repo = "8821au"; - rev = "6f6a9d5772bb2b75f18374c01c82c6b3e8e3244d"; - sha256 = "sha256-RqtLR3sNcLXhUrNloSTRKubL1SVwzbVe73AsBYYSXNE="; + repo = "8821au-20210708"; + rev = "dd9f442d86535fb749ab06f38f97160484d9f04b"; + sha256 = "0d90zd45b8934wxy51q1x39lx4n3i28zjm6jcq98wkm4lypgphxv"; }; nativeBuildInputs = [ bc nukeReferences ]; diff --git a/nixpkgs/pkgs/os-specific/linux/rtl8821ce/default.nix b/nixpkgs/pkgs/os-specific/linux/rtl8821ce/default.nix index 27ee57ba7553..75e12a1b7a46 100644 --- a/nixpkgs/pkgs/os-specific/linux/rtl8821ce/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/rtl8821ce/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "rtl8821ce"; - version = "${kernel.version}-unstable-2021-05-28"; + version = "${kernel.version}-unstable-2021-11-19"; src = fetchFromGitHub { owner = "tomaspinho"; repo = "rtl8821ce"; - rev = "f93db734666f75ebf65e44ceb943c19b598b1647"; - sha256 = "sha256-cqXV52U+6Jl9Jje1nEOYDvmH4rgA1QdrwNCfYeul3hU="; + rev = "ca204c60724d23ab10244f920d4e50759ed1affb"; + sha256 = "18ma8a8h1l90dss0k6al7q6plwr57jc9g67p22g9917k1jfbhm97"; }; hardeningDisable = [ "pic" ]; @@ -36,6 +36,6 @@ stdenv.mkDerivation rec { license = licenses.gpl2Only; platforms = platforms.linux; broken = stdenv.isAarch64; - maintainers = with maintainers; [ hhm ]; + maintainers = with maintainers; [ hhm ivar ]; }; } diff --git a/nixpkgs/pkgs/os-specific/linux/rtl8821cu/default.nix b/nixpkgs/pkgs/os-specific/linux/rtl8821cu/default.nix index 2ea555ff0b8a..9229a3c13069 100644 --- a/nixpkgs/pkgs/os-specific/linux/rtl8821cu/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/rtl8821cu/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "rtl8821cu"; - version = "${kernel.version}-unstable-2021-05-19"; + version = "${kernel.version}-unstable-2021-10-21"; src = fetchFromGitHub { owner = "morrownr"; repo = "8821cu"; - rev = "2430c354c9b15fa6193a263c99ce57211d50c66f"; - sha256 = "sha256-PkrpwebZYh/hBukqDQf6pxfbkVyA+CpYtte5pmzgLtw="; + rev = "4e2d84c5e70245f850877f355e8bf293f252f61c"; + sha256 = "1j32psvfgzfs5b1pdff6xk76iz7j8scakji6zm3vgqb2ssbxx1k1"; }; hardeningDisable = [ "pic" ]; diff --git a/nixpkgs/pkgs/os-specific/linux/rtl88x2bu/default.nix b/nixpkgs/pkgs/os-specific/linux/rtl88x2bu/default.nix index cbd604b72ed1..310dac3933f1 100644 --- a/nixpkgs/pkgs/os-specific/linux/rtl88x2bu/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/rtl88x2bu/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "rtl88x2bu"; - version = "${kernel.version}-unstable-2021-05-18"; + version = "${kernel.version}-unstable-2021-11-04"; src = fetchFromGitHub { owner = "morrownr"; repo = "88x2bu"; - rev = "80b03962e33f86f99e898305d8d597140503de03"; - sha256 = "sha256-C7XOpKgwxM9UbfW3wHteInTmAUM3FFqN1MHMKxP8gBA="; + rev = "745d134080b74b92389ffe59c03dcfd6658f8655"; + sha256 = "0f1hsfdw3ar78kqzr4hi04kpp5wnx0hd29f9rm698k0drxaw1g44"; }; hardeningDisable = [ "pic" ]; diff --git a/nixpkgs/pkgs/os-specific/linux/rtl88xxau-aircrack/default.nix b/nixpkgs/pkgs/os-specific/linux/rtl88xxau-aircrack/default.nix index 8d3340e16fb3..1f27c262e673 100644 --- a/nixpkgs/pkgs/os-specific/linux/rtl88xxau-aircrack/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/rtl88xxau-aircrack/default.nix @@ -1,7 +1,7 @@ -{ lib, stdenv, fetchFromGitHub, fetchpatch, kernel }: +{ lib, stdenv, fetchFromGitHub, kernel }: let - rev = "3a64331a1c809bbbc21eca63b825970f213ec5ac"; + rev = "307d694076b056588c652c2bdaa543a89eb255d9"; in stdenv.mkDerivation rec { pname = "rtl88xxau-aircrack"; @@ -11,7 +11,7 @@ stdenv.mkDerivation rec { owner = "aircrack-ng"; repo = "rtl8812au"; inherit rev; - sha256 = "sha256-goaN80imfCeUwiHokJd10CFKskE3iL5BO/xOQk6PtHE="; + sha256 = "sha256-iSJnKWc+LxGHUhb/wbFSMh7w6Oi9v4v5V+R+LI96X7w="; }; buildInputs = kernel.moduleBuildDependencies; @@ -20,14 +20,6 @@ stdenv.mkDerivation rec { NIX_CFLAGS_COMPILE="-Wno-error=incompatible-pointer-types"; - # Fix build for 5.12 kernels - patches = [ - (fetchpatch { - url = "https://github.com/aircrack-ng/rtl8812au/commit/9b4c60a89c2a55f36454b950a86246b6b86a9681.patch"; - sha256 = "sha256-HPhTLstqAePF3H6WeM9Fu4/8UjNL+9xl4L8xq3NOWuM="; - }) - ]; - prePatch = '' substituteInPlace ./Makefile \ --replace /lib/modules/ "${kernel.dev}/lib/modules/" \ @@ -47,6 +39,6 @@ stdenv.mkDerivation rec { homepage = "https://github.com/aircrack-ng/rtl8812au"; license = licenses.gpl2Only; maintainers = [ maintainers.jethro ]; - platforms = [ "x86_64-linux" "i686-linux" ]; + platforms = [ "x86_64-linux" "i686-linux" "aarch64-linux" ]; }; } diff --git a/nixpkgs/pkgs/os-specific/linux/rtw89/default.nix b/nixpkgs/pkgs/os-specific/linux/rtw89/default.nix index 86ca72c537cf..6b0f06c5bdc4 100644 --- a/nixpkgs/pkgs/os-specific/linux/rtw89/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/rtw89/default.nix @@ -5,13 +5,13 @@ let in stdenv.mkDerivation { pname = "rtw89"; - version = "unstable-2021-07-03"; + version = "unstable-2021-10-21"; src = fetchFromGitHub { owner = "lwfinger"; repo = "rtw89"; - rev = "cebafc6dc839e66c725b92c0fabf131bc908f607"; - sha256 = "1vw67a423gajpzd5d51bxnja1qpppx9x5ii2vcfkj6cbnqwr83af"; + rev = "0684157cba90e36bff5bc61a59e7e87c359b5e5c"; + sha256 = "0cvawyi1ksw9xkr8pzwipsl7b8hnmrb17w5cblyicwih8fqaw632"; }; makeFlags = [ "KSRC=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" ]; diff --git a/nixpkgs/pkgs/os-specific/linux/s6-linux-init/default.nix b/nixpkgs/pkgs/os-specific/linux/s6-linux-init/default.nix index 5d579c3ab2ad..ab9843d07f1f 100644 --- a/nixpkgs/pkgs/os-specific/linux/s6-linux-init/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/s6-linux-init/default.nix @@ -4,8 +4,8 @@ with skawarePackages; buildPackage { pname = "s6-linux-init"; - version = "1.0.6.4"; - sha256 = "0grqk111d6aqym1c4l9j26fdqcgra1hvwb9vdgylrfbvn1c3hlpb"; + version = "1.0.7.0"; + sha256 = "16bzijmzxi91ycayhpn398yjgag3c5pnlghs6sqdmzlf2fiirif5"; description = "A set of minimalistic tools used to create a s6-based init system, including a /sbin/init binary, on a Linux kernel"; platforms = lib.platforms.linux; diff --git a/nixpkgs/pkgs/os-specific/linux/s6-linux-utils/default.nix b/nixpkgs/pkgs/os-specific/linux/s6-linux-utils/default.nix index 06a177f1cc62..753a77aa1c72 100644 --- a/nixpkgs/pkgs/os-specific/linux/s6-linux-utils/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/s6-linux-utils/default.nix @@ -4,8 +4,8 @@ with skawarePackages; buildPackage { pname = "s6-linux-utils"; - version = "2.5.1.6"; - sha256 = "0hr49nl0d7a6i5w8cfg43xzvzayb8kpqij9xg7bmw2fyvc2z338z"; + version = "2.5.1.7"; + sha256 = "1n6zmnczbybwcchkhg5zqixz8mdk5bfn0sxq0kxifgpi9ggw5a46"; description = "A set of minimalistic Linux-specific system utilities"; platforms = lib.platforms.linux; diff --git a/nixpkgs/pkgs/os-specific/linux/selinux-python/default.nix b/nixpkgs/pkgs/os-specific/linux/selinux-python/default.nix index 32ed5bc2e7d6..c50f4ffccd0b 100644 --- a/nixpkgs/pkgs/os-specific/linux/selinux-python/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/selinux-python/default.nix @@ -4,22 +4,23 @@ # this is python3 only because setools only supports python3 with lib; -with python3.pkgs; stdenv.mkDerivation rec { pname = "selinux-python"; - version = "2.9"; + version = "3.3"; - inherit (libsepol) se_release se_url; + inherit (libsepol) se_url; src = fetchurl { - url = "${se_url}/${se_release}/selinux-python-${version}.tar.gz"; - sha256 = "1pjzsyay5535cxcjag7y7k193ajry0s0xc3dqv5905qd7cwval1n"; + url = "${se_url}/${version}/selinux-python-${version}.tar.gz"; + sha256 = "1v244hpb45my303793xa4kcn7qnxjgxn4ja7rdn9k1q361hi1nca"; }; - nativeBuildInputs = [ wrapPython ]; - buildInputs = [ libsepol python3 ]; - propagatedBuildInputs = [ libselinux libsemanage setools ipy ]; + strictDeps = true; + + nativeBuildInputs = [ python3 python3.pkgs.wrapPython ]; + buildInputs = [ libsepol ]; + propagatedBuildInputs = [ libselinux libsemanage setools python3.pkgs.ipy ]; postPatch = '' substituteInPlace sepolicy/Makefile --replace "echo --root" "echo --prefix" @@ -32,7 +33,7 @@ stdenv.mkDerivation rec { "LOCALEDIR=$(out)/share/locale" "BASHCOMPLETIONDIR=$(out)/share/bash-completion/completions" "PYTHON=python" - "PYTHONLIBDIR=$(out)/${python.sitePackages}" + "PYTHONLIBDIR=$(out)/${python3.sitePackages}" "LIBSEPOLA=${lib.getLib libsepol}/lib/libsepol.a" ]; @@ -48,4 +49,3 @@ stdenv.mkDerivation rec { platforms = platforms.linux; }; } - diff --git a/nixpkgs/pkgs/os-specific/linux/selinux-sandbox/default.nix b/nixpkgs/pkgs/os-specific/linux/selinux-sandbox/default.nix index a10588bacf11..0d2843d216a4 100644 --- a/nixpkgs/pkgs/os-specific/linux/selinux-sandbox/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/selinux-sandbox/default.nix @@ -9,12 +9,12 @@ with python3.pkgs; stdenv.mkDerivation rec { pname = "selinux-sandbox"; - version = "2.9"; - inherit (policycoreutils) se_release se_url; + version = "3.3"; + inherit (policycoreutils) se_url; src = fetchurl { - url = "${se_url}/${se_release}/selinux-sandbox-${version}.tar.gz"; - sha256 = "0qj20jyi8v1653xdqj5yak3wwbvg5bw8f2jmx8fpahl6y1bmz481"; + url = "${se_url}/${version}/selinux-sandbox-${version}.tar.gz"; + sha256 = "0rw8pxfqhl6ww4w31fbf4hi3zilh1n3b1rfjm7ra76mm78wfyylj"; }; nativeBuildInputs = [ wrapPython ]; diff --git a/nixpkgs/pkgs/os-specific/linux/semodule-utils/default.nix b/nixpkgs/pkgs/os-specific/linux/semodule-utils/default.nix index b76e715dbc26..5c8d83c3f82a 100644 --- a/nixpkgs/pkgs/os-specific/linux/semodule-utils/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/semodule-utils/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "semodule-utils"; - version = "2.9"; + version = "3.3"; - inherit (libsepol) se_release se_url; + inherit (libsepol) se_url; src = fetchurl { - url = "${se_url}/${se_release}/${pname}-${version}.tar.gz"; - sha256 = "01yrwnd3calmw6r8kdh8ld7i7fb250n2yqqqk9p0ymrlwsg6g0w0"; + url = "${se_url}/${version}/${pname}-${version}.tar.gz"; + sha256 = "0qvhl40a6jlm8p719nnlw2ghlxbh8lxbcsd59azxp884bxgfr61h"; }; buildInputs = [ libsepol ]; diff --git a/nixpkgs/pkgs/os-specific/linux/sepolgen/default.nix b/nixpkgs/pkgs/os-specific/linux/sepolgen/default.nix deleted file mode 100644 index f7ef1cb9c3a7..000000000000 --- a/nixpkgs/pkgs/os-specific/linux/sepolgen/default.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ lib, stdenv, fetchurl, libsepol, python }: - -stdenv.mkDerivation rec { - pname = "sepolgen"; - version = "1.2.2"; - inherit (libsepol) se_release se_url; - - src = fetchurl { - url = "${se_url}/${se_release}/sepolgen-${version}.tar.gz"; - sha256 = "09139kspr41zgksayi4dh982p8080lrfl96p4dld51nknbpaigdy"; - }; - - preBuild = '' - makeFlagsArray+=("PREFIX=$out") - makeFlagsArray+=("DESTDIR=$out") - makeFlagsArray+=("PYTHONLIBDIR=lib/${python.libPrefix}/site-packages") - ''; - - meta = with lib; { - inherit (libsepol.meta) homepage platforms maintainers; - description = "SELinux policy generation library"; - license = licenses.gpl2; - }; -} diff --git a/nixpkgs/pkgs/os-specific/linux/service-wrapper/service-wrapper.sh b/nixpkgs/pkgs/os-specific/linux/service-wrapper/service-wrapper.sh index a7c3bc9758b1..2889adc18686 100755 --- a/nixpkgs/pkgs/os-specific/linux/service-wrapper/service-wrapper.sh +++ b/nixpkgs/pkgs/os-specific/linux/service-wrapper/service-wrapper.sh @@ -33,12 +33,12 @@ is_ignored_file() { - case "$1" in - skeleton | README | *.dpkg-dist | *.dpkg-old | rc | rcS | single | reboot | bootclean.sh) - return 0 - ;; - esac - return 1 + case "$1" in + skeleton | README | *.dpkg-dist | *.dpkg-old | rc | rcS | single | reboot | bootclean.sh) + return 0 + ;; + esac + return 1 } VERSION=$(@coreutils@/bin/basename $0)" ver. 19-04" @@ -75,35 +75,35 @@ while [ $# -gt 0 ]; do if [ -z "${SERVICE}" -a $# -eq 1 -a "${1}" = "--status-all" ]; then if [ -d "${SERVICEDIR}" ]; then cd ${SERVICEDIR} - for SERVICE in * ; do - case "${SERVICE}" in - functions | halt | killall | single| linuxconf| kudzu) - ;; - *) - if ! is_ignored_file "${SERVICE}" \ - && [ -x "${SERVICEDIR}/${SERVICE}" ]; then - out=$(env -i LANG="$LANG" LANGUAGE="$LANGUAGE" LC_CTYPE="$LC_CTYPE" LC_NUMERIC="$LC_NUMERIC" LC_TIME="$LC_TIME" LC_COLLATE="$LC_COLLATE" LC_MONETARY="$LC_MONETARY" LC_MESSAGES="$LC_MESSAGES" LC_PAPER="$LC_PAPER" LC_NAME="$LC_NAME" LC_ADDRESS="$LC_ADDRESS" LC_TELEPHONE="$LC_TELEPHONE" LC_MEASUREMENT="$LC_MEASUREMENT" LC_IDENTIFICATION="$LC_IDENTIFICATION" LC_ALL="$LC_ALL" PATH="$PATH" TERM="$TERM" "$SERVICEDIR/$SERVICE" status 2>&1) - retval=$? - if echo "$out" | egrep -iq "usage:"; then - #printf " %s %-60s %s\n" "[?]" "$SERVICE:" "unknown" 1>&2 - echo " [ ? ] $SERVICE" 1>&2 - continue - else - if [ "$retval" = "0" -a -n "$out" ]; then - #printf " %s %-60s %s\n" "[+]" "$SERVICE:" "running" - echo " [ + ] $SERVICE" - continue - else - #printf " %s %-60s %s\n" "[-]" "$SERVICE:" "NOT running" - echo " [ - ] $SERVICE" - continue - fi - fi - #env -i LANG="$LANG" LANGUAGE="$LANGUAGE" LC_CTYPE="$LC_CTYPE" LC_NUMERIC="$LC_NUMERIC" LC_TIME="$LC_TIME" LC_COLLATE="$LC_COLLATE" LC_MONETARY="$LC_MONETARY" LC_MESSAGES="$LC_MESSAGES" LC_PAPER="$LC_PAPER" LC_NAME="$LC_NAME" LC_ADDRESS="$LC_ADDRESS" LC_TELEPHONE="$LC_TELEPHONE" LC_MEASUREMENT="$LC_MEASUREMENT" LC_IDENTIFICATION="$LC_IDENTIFICATION" LC_ALL="$LC_ALL" PATH="$PATH" TERM="$TERM" "$SERVICEDIR/$SERVICE" status - fi - ;; - esac - done + for SERVICE in * ; do + case "${SERVICE}" in + functions | halt | killall | single| linuxconf| kudzu) + ;; + *) + if ! is_ignored_file "${SERVICE}" \ + && [ -x "${SERVICEDIR}/${SERVICE}" ]; then + out=$(env -i LANG="$LANG" LANGUAGE="$LANGUAGE" LC_CTYPE="$LC_CTYPE" LC_NUMERIC="$LC_NUMERIC" LC_TIME="$LC_TIME" LC_COLLATE="$LC_COLLATE" LC_MONETARY="$LC_MONETARY" LC_MESSAGES="$LC_MESSAGES" LC_PAPER="$LC_PAPER" LC_NAME="$LC_NAME" LC_ADDRESS="$LC_ADDRESS" LC_TELEPHONE="$LC_TELEPHONE" LC_MEASUREMENT="$LC_MEASUREMENT" LC_IDENTIFICATION="$LC_IDENTIFICATION" LC_ALL="$LC_ALL" PATH="$PATH" TERM="$TERM" "$SERVICEDIR/$SERVICE" status 2>&1) + retval=$? + if echo "$out" | egrep -iq "usage:"; then + #printf " %s %-60s %s\n" "[?]" "$SERVICE:" "unknown" 1>&2 + echo " [ ? ] $SERVICE" 1>&2 + continue + else + if [ "$retval" = "0" -a -n "$out" ]; then + #printf " %s %-60s %s\n" "[+]" "$SERVICE:" "running" + echo " [ + ] $SERVICE" + continue + else + #printf " %s %-60s %s\n" "[-]" "$SERVICE:" "NOT running" + echo " [ - ] $SERVICE" + continue + fi + fi + #env -i LANG="$LANG" LANGUAGE="$LANGUAGE" LC_CTYPE="$LC_CTYPE" LC_NUMERIC="$LC_NUMERIC" LC_TIME="$LC_TIME" LC_COLLATE="$LC_COLLATE" LC_MONETARY="$LC_MONETARY" LC_MESSAGES="$LC_MESSAGES" LC_PAPER="$LC_PAPER" LC_NAME="$LC_NAME" LC_ADDRESS="$LC_ADDRESS" LC_TELEPHONE="$LC_TELEPHONE" LC_MEASUREMENT="$LC_MEASUREMENT" LC_IDENTIFICATION="$LC_IDENTIFICATION" LC_ALL="$LC_ALL" PATH="$PATH" TERM="$TERM" "$SERVICEDIR/$SERVICE" status + fi + ;; + esac + done else systemctl $sctl_args list-units fi diff --git a/nixpkgs/pkgs/os-specific/linux/setools/default.nix b/nixpkgs/pkgs/os-specific/linux/setools/default.nix index 842a525353d4..9d547d2007ec 100644 --- a/nixpkgs/pkgs/os-specific/linux/setools/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/setools/default.nix @@ -1,6 +1,5 @@ { lib, fetchFromGitHub, python3 , libsepol, libselinux, checkpolicy -, fetchpatch , withGraphics ? false }: @@ -9,22 +8,15 @@ with python3.pkgs; buildPythonApplication rec { pname = "setools"; - version = "4.3.0"; + version = "4.4.0"; src = fetchFromGitHub { owner = "SELinuxProject"; repo = pname; rev = version; - sha256 = "0vr20bi8w147z5lclqz1l0j1b34137zg2r04pkafkgqqk7qbyjk6"; + sha256 = "1qvd5j6zwq4fmlahg45swjplhif2z89x7s6pnp07gvcp2fbqdsh5"; }; - patches = [ - (fetchpatch { # included in 4.4.0 - url = "https://github.com/SELinuxProject/setools/commit/f1b4a5d375be05fbccedb258c940d771bff8e524.diff"; - sha256 = "1r38s6i4i6bdr2zdp5wcg1yifpf3pd018c73a511mgynyg7d11xy"; - }) - ]; - nativeBuildInputs = [ cython ]; buildInputs = [ libsepol ]; propagatedBuildInputs = [ enum34 libselinux networkx ] diff --git a/nixpkgs/pkgs/os-specific/linux/seturgent/default.nix b/nixpkgs/pkgs/os-specific/linux/seturgent/default.nix index 2e9e445eddc5..6d83e322ce8f 100644 --- a/nixpkgs/pkgs/os-specific/linux/seturgent/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/seturgent/default.nix @@ -1,16 +1,18 @@ -{ lib, stdenv, fetchurl, libX11, xorgproto, unzip }: +{ lib, stdenv, fetchgit, libX11, xorgproto }: -stdenv.mkDerivation { - name = "seturgent-2012-08-17"; +stdenv.mkDerivation rec { + pname = "seturgent"; + version = "1.5"; - src = fetchurl { - url = "https://github.com/hiltjo/seturgent/archive/ada70dcb15865391e5cdcab27a0739a304a17e03.zip"; - sha256 = "0q1sr6aljkw2jr9b4xxzbc01qvnd5vk3pxrypif9yd8xjw4wqwri"; + src = fetchgit { + url = "git://git.codemadness.org/seturgent"; + rev = version; + sha256 = "sha256-XW7ms0BVCf1/fuL3PJ970t6sHkmMY1iLYXfS9R60JX0="; }; - nativeBuildInputs = [ unzip ]; buildInputs = [ - libX11 xorgproto + libX11 + xorgproto ]; installPhase = '' @@ -18,11 +20,11 @@ stdenv.mkDerivation { mv seturgent $out/bin ''; - meta = { - platforms = lib.platforms.linux; - description = "Set an application's urgency hint (or not)"; - maintainers = [ lib.maintainers.yarr ]; - homepage = "https://github.com/hiltjo/seturgent"; - license = lib.licenses.mit; + meta = with lib; { + platforms = platforms.linux; + description = "Set an application's urgency hint (or not)"; + maintainers = with maintainers; [ yarr ]; + homepage = "https://codemadness.org/seturgent-set-urgency-hints-for-x-applications.html"; + license = licenses.mit; }; } diff --git a/nixpkgs/pkgs/os-specific/linux/sgx/psw/default.nix b/nixpkgs/pkgs/os-specific/linux/sgx/psw/default.nix new file mode 100644 index 000000000000..b418d5c18225 --- /dev/null +++ b/nixpkgs/pkgs/os-specific/linux/sgx/psw/default.nix @@ -0,0 +1,190 @@ +{ stdenv +, lib +, fetchurl +, cmake +, coreutils +, curl +, file +, glibc +, makeWrapper +, nixosTests +, protobuf +, python3 +, sgx-sdk +, shadow +, systemd +, util-linux +, which +, debug ? false +}: +stdenv.mkDerivation rec { + inherit (sgx-sdk) version versionTag src; + pname = "sgx-psw"; + + postUnpack = + let + ae.prebuilt = fetchurl { + url = "https://download.01.org/intel-sgx/sgx-linux/${versionTag}/prebuilt_ae_${versionTag}.tar.gz"; + hash = "sha256-JriA9UGYFkAPuCtRizk8RMM1YOYGR/eO9ILnx47A40s="; + }; + dcap = rec { + version = "1.12.1"; + filename = "prebuilt_dcap_${version}.tar.gz"; + prebuilt = fetchurl { + url = "https://download.01.org/intel-sgx/sgx-dcap/${version}/linux/${filename}"; + hash = "sha256-V/XHva9Sq3P36xSW+Sd0G6Dnk4H0ANO1Ns/u+FI1eGI="; + }; + }; + in + sgx-sdk.postUnpack + '' + # Make sure we use the correct version of prebuilt DCAP + grep -q 'ae_file_name=${dcap.filename}' "$src/external/dcap_source/QuoteGeneration/download_prebuilt.sh" \ + || (echo "Could not find expected prebuilt DCAP ${dcap.filename} in linux-sgx source" >&2 && exit 1) + + tar -zxf ${ae.prebuilt} -C $sourceRoot/ + tar -zxf ${dcap.prebuilt} -C $sourceRoot/external/dcap_source/QuoteGeneration/ + ''; + + nativeBuildInputs = [ + cmake + file + makeWrapper + python3 + sgx-sdk + which + ]; + + buildInputs = [ + curl + protobuf + ]; + + hardeningDisable = lib.optionals debug [ + "fortify" + ]; + + postPatch = '' + # https://github.com/intel/linux-sgx/pull/730 + substituteInPlace buildenv.mk --replace '/bin/cp' 'cp' + substituteInPlace psw/ae/aesm_service/source/CMakeLists.txt \ + --replace '/usr/bin/getconf' 'getconf' + + # https://github.com/intel/SGXDataCenterAttestationPrimitives/pull/205 + substituteInPlace ./external/dcap_source/QuoteGeneration/buildenv.mk \ + --replace '/bin/cp' 'cp' + substituteInPlace external/dcap_source/tools/SGXPlatformRegistration/Makefile \ + --replace '/bin/cp' 'cp' + substituteInPlace external/dcap_source/tools/SGXPlatformRegistration/buildenv.mk \ + --replace '/bin/cp' 'cp' + + patchShebangs \ + linux/installer/bin/build-installpkg.sh \ + linux/installer/common/psw/createTarball.sh \ + linux/installer/common/psw/install.sh + ''; + + dontUseCmakeConfigure = true; + + # Randomly fails if enabled + enableParallelBuilding = false; + + buildFlags = [ + "psw_install_pkg" + ] ++ lib.optionals debug [ + "DEBUG=1" + ]; + + installFlags = [ + "-C linux/installer/common/psw/output" + "DESTDIR=$(TMPDIR)/install" + ]; + + postInstall = '' + installDir=$TMPDIR/install + sgxPswDir=$installDir/opt/intel/sgxpsw + + mv $installDir/usr/lib64/ $out/lib/ + ln -sr $out/lib $out/lib64 + + # Install udev rules to lib/udev/rules.d + mv $sgxPswDir/udev/ $out/lib/ + + # Install example AESM config + mkdir $out/etc/ + mv $sgxPswDir/aesm/conf/aesmd.conf $out/etc/ + rmdir $sgxPswDir/aesm/conf/ + + # Delete init service + rm $sgxPswDir/aesm/aesmd.conf + + # Move systemd services + mkdir -p $out/lib/systemd/system/ + mv $sgxPswDir/aesm/aesmd.service $out/lib/systemd/system/ + mv $sgxPswDir/remount-dev-exec.service $out/lib/systemd/system/ + + # Move misc files + mkdir $out/share/ + mv $sgxPswDir/licenses $out/share/ + + # Remove unnecessary files + rm $sgxPswDir/{cleanup.sh,startup.sh} + rm -r $sgxPswDir/scripts + + mv $sgxPswDir/aesm/ $out/ + + mkdir $out/bin + makeWrapper $out/aesm/aesm_service $out/bin/aesm_service \ + --prefix LD_LIBRARY_PATH : ${lib.makeLibraryPath [ protobuf ]}:$out/aesm \ + --run "cd $out/aesm" + + # Make sure we didn't forget to handle any files + rmdir $sgxPswDir || (echo "Error: The directory $installDir still contains unhandled files: $(ls -A $installDir)" >&2 && exit 1) + ''; + + # Most—if not all—of those fixups are not relevant for NixOS as we have our own + # NixOS module which is based on those files without relying on them. Still, it + # is helpful to have properly patched versions for non-NixOS distributions. + postFixup = '' + header "Fixing aesmd.service" + substituteInPlace $out/lib/systemd/system/aesmd.service \ + --replace '@aesm_folder@' \ + "$out/aesm" \ + --replace 'Type=forking' \ + 'Type=simple' \ + --replace "ExecStart=$out/aesm/aesm_service" \ + "ExecStart=$out/bin/aesm_service --no-daemon"\ + --replace "/bin/mkdir" \ + "${coreutils}/bin/mkdir" \ + --replace "/bin/chown" \ + "${coreutils}/bin/chown" \ + --replace "/bin/chmod" \ + "${coreutils}/bin/chmod" \ + --replace "/bin/kill" \ + "${coreutils}/bin/kill" + + header "Fixing remount-dev-exec.service" + substituteInPlace $out/lib/systemd/system/remount-dev-exec.service \ + --replace '/bin/mount' \ + "${util-linux}/bin/mount" + + header "Fixing linksgx.sh" + # https://github.com/intel/linux-sgx/pull/736 + substituteInPlace $out/aesm/linksgx.sh \ + --replace '/usr/bin/getent' \ + '${glibc.bin}/bin/getent' \ + --replace '/usr/sbin/usermod' \ + '${shadow}/bin/usermod' + ''; + + passthru.tests = { + service = nixosTests.aesmd; + }; + + meta = with lib; { + description = "Intel SGX Architectural Enclave Service Manager"; + homepage = "https://github.com/intel/linux-sgx"; + maintainers = with maintainers; [ veehaitch citadelcore ]; + platforms = [ "x86_64-linux" ]; + license = with licenses; [ bsd3 ]; + }; +} diff --git a/nixpkgs/pkgs/os-specific/linux/sgx/sdk/default.nix b/nixpkgs/pkgs/os-specific/linux/sgx/sdk/default.nix new file mode 100644 index 000000000000..18876f927e80 --- /dev/null +++ b/nixpkgs/pkgs/os-specific/linux/sgx/sdk/default.nix @@ -0,0 +1,269 @@ +{ lib +, stdenv +, fetchFromGitHub +, fetchpatch +, fetchzip +, callPackage +, autoconf +, automake +, binutils +, cmake +, file +, gdb +, git +, libtool +, nasm +, ocaml +, ocamlPackages +, openssl +, perl +, python3 +, texinfo +, validatePkgConfig +, writeShellScript +, writeText +, debug ? false +}: +stdenv.mkDerivation rec { + pname = "sgx-sdk"; + # Version as given in se_version.h + version = "2.15.101.1"; + # Version as used in the Git tag + versionTag = "2.15.1"; + + src = fetchFromGitHub { + owner = "intel"; + repo = "linux-sgx"; + rev = "sgx_${versionTag}"; + hash = "sha256-e11COTR5eDPMB81aPRKatvIkAOeX+OZgnvn2utiv78M="; + fetchSubmodules = true; + }; + + postUnpack = '' + # Make sure this is the right version of linux-sgx + grep -q '"${version}"' "$src/common/inc/internal/se_version.h" \ + || (echo "Could not find expected version ${version} in linux-sgx source" >&2 && exit 1) + ''; + + patches = [ + # Commit to add missing sgx_ippcp.h not yet part of this release + (fetchpatch { + name = "add-missing-sgx_ippcp-header.patch"; + url = "https://github.com/intel/linux-sgx/commit/51d1087b707a47e18588da7bae23e5f686d44be6.patch"; + sha256 = "sha256-RZC14H1oEuGp0zn8CySDPy1KNqP/POqb+KMYoQt2A7M="; + }) + ]; + + postPatch = '' + # https://github.com/intel/linux-sgx/pull/730 + substituteInPlace buildenv.mk --replace '/bin/cp' 'cp' + + patchShebangs linux/installer/bin/build-installpkg.sh \ + linux/installer/common/sdk/createTarball.sh \ + linux/installer/common/sdk/install.sh + ''; + + # We need `cmake` as a build input but don't use it to kick off the build phase + dontUseCmakeConfigure = true; + + # SDK built with stackprotector produces broken enclaves which crash at runtime. + # Disable all to be safe, SDK build configures compiler mitigations manually. + hardeningDisable = [ "all" ]; + + nativeBuildInputs = [ + autoconf + automake + cmake + file + git + ocaml + ocamlPackages.ocamlbuild + perl + python3 + texinfo + validatePkgConfig + ]; + + buildInputs = [ + libtool + openssl + ]; + + BINUTILS_DIR = "${binutils}/bin"; + + # Build external/ippcp_internal first. The Makefile is rewritten to make the + # build faster by splitting different versions of ipp-crypto builds and to + # avoid patching the Makefile for reproducibility issues. + preBuild = + let + ipp-crypto-no_mitigation = callPackage ./ipp-crypto.nix { }; + + sgx-asm-pp = "python ${src}/build-scripts/sgx-asm-pp.py --assembler=nasm"; + + nasm-load = writeShellScript "nasm-load" "${sgx-asm-pp} --MITIGATION-CVE-2020-0551=LOAD $@"; + ipp-crypto-cve_2020_0551_load = callPackage ./ipp-crypto.nix { + extraCmakeFlags = [ "-DCMAKE_ASM_NASM_COMPILER=${nasm-load}" ]; + }; + + nasm-cf = writeShellScript "nasm-cf" "${sgx-asm-pp} --MITIGATION-CVE-2020-0551=CF $@"; + ipp-crypto-cve_2020_0551_cf = callPackage ./ipp-crypto.nix { + extraCmakeFlags = [ "-DCMAKE_ASM_NASM_COMPILER=${nasm-cf}" ]; + }; + in + '' + header "Setting up IPP crypto build artifacts" + + pushd 'external/ippcp_internal' + + cp -r ${ipp-crypto-no_mitigation}/include/. inc/ + + install -D -m a+rw ${ipp-crypto-no_mitigation}/lib/intel64/libippcp.a \ + lib/linux/intel64/no_mitigation/libippcp.a + install -D -m a+rw ${ipp-crypto-cve_2020_0551_load}/lib/intel64/libippcp.a \ + lib/linux/intel64/cve_2020_0551_load/libippcp.a + install -D -m a+rw ${ipp-crypto-cve_2020_0551_cf}/lib/intel64/libippcp.a \ + lib/linux/intel64/cve_2020_0551_cf/libippcp.a + + rm inc/ippcp.h + patch ${ipp-crypto-no_mitigation}/include/ippcp.h -i inc/ippcp21u3.patch -o inc/ippcp.h + + install -D ${ipp-crypto-no_mitigation.src}/LICENSE license/LICENSE + + popd + ''; + + buildFlags = [ + "sdk_install_pkg" + ] ++ lib.optionals debug [ + "DEBUG=1" + ]; + + enableParallelBuilding = true; + + postBuild = '' + patchShebangs linux/installer/bin/sgx_linux_x64_sdk_${version}.bin + ''; + + installPhase = '' + runHook preInstall + + installDir=$TMPDIR + ./linux/installer/bin/sgx_linux_x64_sdk_${version}.bin -prefix $installDir + installDir=$installDir/sgxsdk + + header "Move files created by installer" + + mkdir -p $out/bin + pushd $out + + mv $installDir/bin/sgx-gdb $out/bin + mkdir $out/bin/x64 + for file in $installDir/bin/x64/*; do + mv $file bin/ + ln -sr bin/$(basename $file) bin/x64/ + done + rmdir $installDir/bin/{x64,} + + # Move `lib64` to `lib` and symlink `lib64` + mv $installDir/lib64 lib + ln -s lib/ lib64 + + mv $installDir/include/ . + + mkdir -p share/ + mv $installDir/{SampleCode,licenses} share/ + + mkdir -p share/bin + mv $installDir/{environment,buildenv.mk} share/bin/ + ln -s share/bin/{environment,buildenv.mk} . + + # pkgconfig should go to lib/ + mv $installDir/pkgconfig lib/ + ln -s lib/pkgconfig/ . + + # Also create the `sdk_libs` for compat. All the files + # link to libraries in `lib64/`, we shouldn't link the entire + # directory, however, as there seems to be some ambiguity between + # SDK and PSW libraries. + mkdir sdk_libs/ + for file in $installDir/sdk_libs/*; do + ln -sr lib/$(basename $file) sdk_libs/ + rm $file + done + rmdir $installDir/sdk_libs + + # No uninstall script required + rm $installDir/uninstall.sh + + # Create an `sgxsdk` symlink which points to `$out` for compat + ln -sr . sgxsdk + + # Make sure we didn't forget any files + rmdir $installDir || (echo "Error: The directory $installDir still contains unhandled files: $(ls -A $installDir)" >&2 && exit 1) + + popd + + runHook postInstall + ''; + + + preFixup = '' + header "Strip sgxsdk prefix" + for path in "$out/share/bin/environment" "$out/bin/sgx-gdb"; do + substituteInPlace $path --replace "$TMPDIR/sgxsdk" "$out" + done + + header "Fixing pkg-config files" + sed -i "s|prefix=.*|prefix=$out|g" $out/lib/pkgconfig/*.pc + + header "Fixing SGX_SDK default in samples" + substituteInPlace $out/share/SampleCode/LocalAttestation/buildenv.mk \ + --replace '/opt/intel/sgxsdk' "$out" + for file in $out/share/SampleCode/*/Makefile; do + substituteInPlace $file \ + --replace '/opt/intel/sgxsdk' "$out" + done + + header "Fixing BINUTILS_DIR in buildenv.mk" + substituteInPlace $out/share/bin/buildenv.mk \ + --replace 'BINUTILS_DIR ?= /usr/local/bin' \ + 'BINUTILS_DIR ?= ${BINUTILS_DIR}' + + header "Fixing GDB path in bin/sgx-gdb" + substituteInPlace $out/bin/sgx-gdb --replace '/usr/local/bin/gdb' '${gdb}/bin/gdb' + ''; + + doInstallCheck = true; + + installCheckPhase = '' + runHook preInstallCheck + + # Make sure all symlinks are valid + output=$(find "$out" -type l -exec test ! -e {} \; -print) + if [[ -n "$output" ]]; then + echo "Broken symlinks:" + echo "$output" + exit 1 + fi + + runHook postInstallCheck + ''; + + setupHook = writeText "setup-hook.sh" '' + sgxsdk() { + export SGX_SDK=@out@ + } + + postHooks+=(sgxsdk) + ''; + + passthru.tests = callPackage ./samples.nix { }; + + meta = with lib; { + description = "Intel SGX SDK for Linux built with IPP Crypto Library"; + homepage = "https://github.com/intel/linux-sgx"; + maintainers = with maintainers; [ sbellem arturcygan veehaitch ]; + platforms = [ "x86_64-linux" ]; + license = with licenses; [ bsd3 ]; + }; +} diff --git a/nixpkgs/pkgs/os-specific/linux/sgx/sdk/ipp-crypto.nix b/nixpkgs/pkgs/os-specific/linux/sgx/sdk/ipp-crypto.nix new file mode 100644 index 000000000000..85fcfc9c554d --- /dev/null +++ b/nixpkgs/pkgs/os-specific/linux/sgx/sdk/ipp-crypto.nix @@ -0,0 +1,36 @@ +{ lib +, stdenv +, fetchFromGitHub +, cmake +, nasm +, openssl +, python3 +, extraCmakeFlags ? [ ] +}: + +stdenv.mkDerivation rec { + pname = "ipp-crypto"; + version = "2021.3"; + + src = fetchFromGitHub { + owner = "intel"; + repo = "ipp-crypto"; + rev = "ippcp_${version}"; + hash = "sha256-QEJXvQ//zhQqibFxXwPMdS1MHewgyb24LRmkycVSGrM="; + }; + + # Fix typo: https://github.com/intel/ipp-crypto/pull/33 + postPatch = '' + substituteInPlace sources/cmake/ippcp-gen-config.cmake \ + --replace 'ippcpo-config.cmake' 'ippcp-config.cmake' + ''; + + cmakeFlags = [ "-DARCH=intel64" ] ++ extraCmakeFlags; + + nativeBuildInputs = [ + cmake + nasm + openssl + python3 + ]; +} diff --git a/nixpkgs/pkgs/os-specific/linux/sgx/sdk/samples.nix b/nixpkgs/pkgs/os-specific/linux/sgx/sdk/samples.nix new file mode 100644 index 000000000000..21b31f824476 --- /dev/null +++ b/nixpkgs/pkgs/os-specific/linux/sgx/sdk/samples.nix @@ -0,0 +1,63 @@ +{ stdenv +, sgx-sdk +, which +}: +let + buildSample = name: stdenv.mkDerivation rec { + inherit name; + + src = sgx-sdk.out; + sourceRoot = "${sgx-sdk.name}/share/SampleCode/${name}"; + + buildInputs = [ + sgx-sdk + ]; + + # The samples don't have proper support for parallel building + # causing them to fail randomly. + enableParallelBuilding = false; + + buildFlags = [ + "SGX_MODE=SIM" + ]; + + installPhase = '' + mkdir $out + install -m 755 app $out/app + install *.so $out/ + ''; + + doInstallCheck = true; + installCheckInputs = [ which ]; + installCheckPhase = '' + pushd $out + ./app + popd + ''; + }; +in +{ + cxx11SGXDemo = buildSample "Cxx11SGXDemo"; + localAttestation = (buildSample "LocalAttestation").overrideAttrs (oldAttrs: { + installPhase = '' + mkdir $out + cp -r bin/. $out/ + ''; + }); + powerTransition = (buildSample "PowerTransition").overrideAttrs (oldAttrs: { + # Requires interaction + doInstallCheck = false; + }); + protobufSGXDemo = buildSample "ProtobufSGXDemo"; + remoteAttestation = (buildSample "RemoteAttestation").overrideAttrs (oldAttrs: { + dontFixup = true; + installCheckPhase = '' + echo "a" | LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$PWD/sample_libcrypto ./app + ''; + }); + sampleEnclave = buildSample "SampleEnclave"; + sampleEnclavePCL = buildSample "SampleEnclavePCL"; + sampleEnclaveGMIPP = buildSample "SampleEnclaveGMIPP"; + sealUnseal = buildSample "SealUnseal"; + switchless = buildSample "Switchless"; +} diff --git a/nixpkgs/pkgs/os-specific/linux/sinit/default.nix b/nixpkgs/pkgs/os-specific/linux/sinit/default.nix index 830087013fe1..f88eca9b4873 100644 --- a/nixpkgs/pkgs/os-specific/linux/sinit/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/sinit/default.nix @@ -3,10 +3,10 @@ let s = # Generated upstream information rec { baseName="sinit"; - version="1.0"; + version="1.1"; name="${baseName}-${version}"; url="https://git.suckless.org/sinit/"; - sha256="0cf8yylgrrj1wxm5v6jdlbnxpx97m38yxrc9nmv1l8hldjqsj9pc"; + sha256="sha256-VtXkgixgElKKOT26uKN9feXDVjjtSgTWvcgk5o5MLmw="; rev = "refs/tags/v${version}"; }; buildInputs = [ diff --git a/nixpkgs/pkgs/os-specific/linux/smemstat/default.nix b/nixpkgs/pkgs/os-specific/linux/smemstat/default.nix index 1510981c1767..5d78a3b30232 100644 --- a/nixpkgs/pkgs/os-specific/linux/smemstat/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/smemstat/default.nix @@ -1,21 +1,26 @@ -{ stdenv, lib, fetchurl, ncurses }: +{ stdenv, lib, fetchFromGitHub, ncurses }: stdenv.mkDerivation rec { pname = "smemstat"; - version = "0.02.10"; - src = fetchurl { - url = "https://kernel.ubuntu.com/~cking/tarballs/smemstat/smemstat-${version}.tar.xz"; - sha256 = "sha256-Vrs1jOg5yHdEffVo769aaxSawo4iZtGrFJ65Nu+RhcU="; + version = "0.02.11"; + + src = fetchFromGitHub { + owner = "ColinIanKing"; + repo = pname; + rev = "V${version}"; + hash = "sha256-RvHBrcyNB/zqxEY27twgMsjHNg8kzJryqnIAM7+vpg8="; }; + buildInputs = [ ncurses ]; - installFlags = [ "DESTDIR=$(out)" ]; - postInstall = '' - mv $out/usr/* $out - rm -r $out/usr - ''; + installFlags = [ + "BINDIR=${placeholder "out"}/bin" + "MANDIR=${placeholder "out"}/share/man/man8" + "BASHDIR=${placeholder "out"}/share/bash-completion/completions" + ]; + meta = with lib; { description = "Memory usage monitoring tool"; - homepage = "https://kernel.ubuntu.com/~cking/smemstat/"; + homepage = "https://github.com/ColinIanKing/smemstat"; license = licenses.gpl2; platforms = platforms.linux; maintainers = with maintainers; [ womfoo ]; diff --git a/nixpkgs/pkgs/os-specific/linux/sssd/default.nix b/nixpkgs/pkgs/os-specific/linux/sssd/default.nix index 94b1a6d799dc..d15838868874 100644 --- a/nixpkgs/pkgs/os-specific/linux/sssd/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/sssd/default.nix @@ -1,10 +1,11 @@ -{ lib, stdenv, fetchFromGitHub, autoreconfHook, fetchpatch, glibc, augeas, dnsutils, c-ares, curl, +{ lib, stdenv, fetchFromGitHub, autoreconfHook, glibc, augeas, dnsutils, c-ares, curl, cyrus_sasl, ding-libs, libnl, libunistring, nss, samba, nfs-utils, doxygen, - python, python3, pam, popt, talloc, tdb, tevent, pkg-config, ldb, openldap, - pcre, libkrb5, cifs-utils, glib, keyutils, dbus, fakeroot, libxslt, libxml2, - libuuid, ldap, systemd, nspr, check, cmocka, uid_wrapper, + python3, pam, popt, talloc, tdb, tevent, pkg-config, ldb, openldap, + pcre2, libkrb5, cifs-utils, glib, keyutils, dbus, fakeroot, libxslt, libxml2, + libuuid, systemd, nspr, check, cmocka, uid_wrapper, p11-kit, nss_wrapper, ncurses, Po4a, http-parser, jansson, docbook_xsl, docbook_xml_dtd_44, + nixosTests, withSudo ? false }: let @@ -12,33 +13,25 @@ let in stdenv.mkDerivation rec { pname = "sssd"; - version = "1.16.5"; + version = "2.6.2"; src = fetchFromGitHub { owner = "SSSD"; repo = pname; - rev = "${pname}-${lib.replaceStrings ["."] ["_"] version}"; - sha256 = "0zbs04lkjbp7y92anmafl7gzamcnq1f147p13hc4byyvjk9rg6f7"; + rev = version; + sha256 = "sha256-qKd6CwjiznoA97G4cnIt4FpVaLQMJYBt3JD2l7h72Z4="; }; - patches = [ - # Fix build failure against samba 4.12.0rc1 - (fetchpatch { - url = "https://github.com/SSSD/sssd/commit/bc56b10aea999284458dcc293b54cf65288e325d.patch"; - sha256 = "0q74sx5n41srq3kdn55l5j1sq4xrjsnl5y4v8yh5mwsijj74yh4g"; - }) - # Fix collision with external nss symbol - (fetchpatch { - url = "https://github.com/SSSD/sssd/commit/fe9eeb51be06059721e873f77092b1e9ba08e6c1.patch"; - sha256 = "0b83b2w0rnvm26pg03a4lpmkmi7n3gqxg7lk751q61q79gnzrpz4"; - }) - ]; + + postPatch = '' + patchShebangs ./sbus_generate.sh.in + ''; # Something is looking for <libxml/foo.h> instead of <libxml2/libxml/foo.h> NIX_CFLAGS_COMPILE = "-I${libxml2.dev}/include/libxml2"; preConfigure = '' export SGML_CATALOG_FILES="${docbookFiles}" - export PYTHONPATH=${ldap}/lib/python2.7/site-packages + export PYTHONPATH=$(find ${python3.pkgs.ldap} -type d -name site-packages) export PATH=$PATH:${openldap}/libexec configureFlagsArray=( @@ -48,7 +41,6 @@ stdenv.mkDerivation rec { --enable-pammoddir=$out/lib/security --with-os=fedora --with-pid-path=/run - --with-python2-bindings --with-python3-bindings --with-syslog=journald --without-selinux @@ -64,10 +56,10 @@ stdenv.mkDerivation rec { enableParallelBuilding = true; nativeBuildInputs = [ autoreconfHook pkg-config doxygen ]; buildInputs = [ augeas dnsutils c-ares curl cyrus_sasl ding-libs libnl libunistring nss - samba nfs-utils python python3 popt - talloc tdb tevent ldb pam openldap pcre libkrb5 + samba nfs-utils p11-kit python3 popt + talloc tdb tevent ldb pam openldap pcre2 libkrb5 cifs-utils glib keyutils dbus fakeroot libxslt libxml2 - libuuid ldap systemd nspr check cmocka uid_wrapper + libuuid python3.pkgs.ldap systemd nspr check cmocka uid_wrapper nss_wrapper ncurses Po4a http-parser jansson ]; makeFlags = [ @@ -96,12 +88,14 @@ stdenv.mkDerivation rec { find "$out" -depth -type d -exec rmdir --ignore-fail-on-non-empty {} \; ''; + passthru.tests = { inherit (nixosTests) sssd sssd-ldap; }; + meta = with lib; { description = "System Security Services Daemon"; homepage = "https://sssd.io/"; changelog = "https://sssd.io/release-notes/sssd-${version}.html"; license = licenses.gpl3Plus; platforms = platforms.linux; - maintainers = [ maintainers.e-user ]; + maintainers = with maintainers; [ e-user illustris ]; }; } diff --git a/nixpkgs/pkgs/os-specific/linux/sysdig/default.nix b/nixpkgs/pkgs/os-specific/linux/sysdig/default.nix index 564fbca37ba8..39c07f48a29a 100644 --- a/nixpkgs/pkgs/os-specific/linux/sysdig/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/sysdig/default.nix @@ -1,26 +1,42 @@ -{ lib, stdenv, fetchFromGitHub, cmake, kernel, installShellFiles +{ lib, stdenv, fetchFromGitHub, fetchpatch, cmake, kernel, installShellFiles, pkg-config , luajit, ncurses, perl, jsoncpp, libb64, openssl, curl, jq, gcc, elfutils, tbb, protobuf, grpc }: with lib; +let + # Compare with https://github.com/draios/sysdig/blob/dev/cmake/modules/falcosecurity-libs.cmake + libsRev = "2160111cd088aea9ae2235d3385ecb0b1ab6623c"; + libsSha256 = "sha256-TOuxXtrxujyAjzAtlX3/eCfM16mwxnmZ6Wg44SG0dTs="; +in stdenv.mkDerivation rec { pname = "sysdig"; - version = "0.27.1"; + version = "0.28.0"; src = fetchFromGitHub { owner = "draios"; repo = "sysdig"; rev = version; - sha256 = "sha256-lYjMvxMIReANNwMr62u881Nugrs9piOaN3EmrvGzRns="; + sha256 = "sha256-oE3vCmOw+gcmvGqj7Xk5injpNC/YThckJMNg5XRFhME="; }; - nativeBuildInputs = [ cmake perl installShellFiles ]; + nativeBuildInputs = [ cmake perl installShellFiles pkg-config ]; buildInputs = [ luajit ncurses jsoncpp libb64 openssl curl jq gcc elfutils tbb protobuf grpc ] ++ optionals (kernel != null) kernel.moduleBuildDependencies; hardeningDisable = [ "pic" ]; + postUnpack = '' + cp -r ${fetchFromGitHub { + owner = "falcosecurity"; + repo = "libs"; + rev = libsRev; + sha256 = libsSha256; + }} libs + chmod -R +w libs + cmakeFlagsArray+=("-DFALCOSECURITY_LIBS_SOURCE_DIR=$(pwd)/libs") + ''; + cmakeFlags = [ "-DUSE_BUNDLED_DEPS=OFF" "-DSYSDIG_VERSION=${version}" @@ -32,9 +48,8 @@ stdenv.mkDerivation rec { preConfigure = '' cmakeFlagsArray+=(-DCMAKE_EXE_LINKER_FLAGS="-ltbb -lcurl -labsl_synchronization") - - export INSTALL_MOD_PATH="$out" '' + optionalString (kernel != null) '' + export INSTALL_MOD_PATH="$out" export KERNELDIR="${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" ''; @@ -51,12 +66,12 @@ stdenv.mkDerivation rec { kernel_dev=${kernel.dev} kernel_dev=''${kernel_dev#/nix/store/} kernel_dev=''${kernel_dev%%-linux*dev*} - if test -f "$out/lib/modules/${kernel.modDirVersion}/extra/sysdig-probe.ko"; then - sed -i "s#$kernel_dev#................................#g" $out/lib/modules/${kernel.modDirVersion}/extra/sysdig-probe.ko + if test -f "$out/lib/modules/${kernel.modDirVersion}/extra/scap.ko"; then + sed -i "s#$kernel_dev#................................#g" $out/lib/modules/${kernel.modDirVersion}/extra/scap.ko else - xz -d $out/lib/modules/${kernel.modDirVersion}/extra/sysdig-probe.ko.xz - sed -i "s#$kernel_dev#................................#g" $out/lib/modules/${kernel.modDirVersion}/extra/sysdig-probe.ko - xz $out/lib/modules/${kernel.modDirVersion}/extra/sysdig-probe.ko + xz -d $out/lib/modules/${kernel.modDirVersion}/extra/scap.ko.xz + sed -i "s#$kernel_dev#................................#g" $out/lib/modules/${kernel.modDirVersion}/extra/scap.ko + xz $out/lib/modules/${kernel.modDirVersion}/extra/scap.ko fi ''; diff --git a/nixpkgs/pkgs/os-specific/linux/system76-power/default.nix b/nixpkgs/pkgs/os-specific/linux/system76-power/default.nix index 8ef0e40312f5..edaf2b5c8144 100644 --- a/nixpkgs/pkgs/os-specific/linux/system76-power/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/system76-power/default.nix @@ -2,19 +2,19 @@ rustPlatform.buildRustPackage rec { pname = "system76-power"; - version = "1.1.18"; + version = "1.1.20"; src = fetchFromGitHub { owner = "pop-os"; repo = "system76-power"; rev = version; - sha256 = "1zm06ywc3siwh2fpb8p7lp3xqjy4c08j8c8lipd6dyy3bakjh4r1"; + sha256 = "sha256-Qk9zHqwFlUTWE+YRt2GASIekbDoBCHPAUUN3+0wpvfw="; }; nativeBuildInputs = [ pkg-config ]; buildInputs = [ dbus libusb1 ]; - cargoSha256 = "0hda8cxa1pjz90bg215qmx5x2scz9mawq7irxbsw6zmcm7wahlii"; + cargoSha256 = "sha256-iG7M9ICFRTFVkbC89DyfR+Iyi7jaT9WmG3PSdBOF7YI="; postInstall = '' install -D -m 0644 data/system76-power.conf $out/etc/dbus-1/system.d/system76-power.conf diff --git a/nixpkgs/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch b/nixpkgs/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch index 8a1cdc1da847..ac95dc745fe1 100644 --- a/nixpkgs/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch +++ b/nixpkgs/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch @@ -1,7 +1,7 @@ -From 57e31a2d4a5d5bd7a9e1cd8a0d8bc6a00624ad68 Mon Sep 17 00:00:00 2001 +From d4ea219a35a09fe02bc9e47e8530644cb4fc4146 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Tue, 8 Jan 2013 15:46:30 +0100 -Subject: [PATCH 01/19] Start device units for uninitialised encrypted devices +Subject: [PATCH 01/21] Start device units for uninitialised encrypted devices This is necessary because the NixOS service that initialises the filesystem depends on the appearance of the device unit. Also, this @@ -28,5 +28,5 @@ index 25b8a590a6..d18999ea87 100644 SUBSYSTEM=="block", ENV{ID_PART_GPT_AUTO_ROOT}=="1", ENV{ID_FS_TYPE}!="crypto_LUKS", SYMLINK+="gpt-auto-root" SUBSYSTEM=="block", ENV{ID_PART_GPT_AUTO_ROOT}=="1", ENV{ID_FS_TYPE}=="crypto_LUKS", SYMLINK+="gpt-auto-root-luks" -- -2.32.0 +2.33.0 diff --git a/nixpkgs/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch b/nixpkgs/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch index 129e0825d9fe..dd351c001006 100644 --- a/nixpkgs/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch +++ b/nixpkgs/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch @@ -1,7 +1,7 @@ -From 43465a392b47238a32f8719f603ed9e2c9bb0363 Mon Sep 17 00:00:00 2001 +From 67abd8f22f70d9348bc9d8e0e93dde4d325627ba Mon Sep 17 00:00:00 2001 From: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri, 12 Apr 2013 13:16:57 +0200 -Subject: [PATCH 02/19] Don't try to unmount /nix or /nix/store +Subject: [PATCH 02/21] Don't try to unmount /nix or /nix/store They'll still be remounted read-only. @@ -38,5 +38,5 @@ index c2a26242c0..9936398f32 100644 || path_equal(path, "/usr") #endif -- -2.32.0 +2.33.0 diff --git a/nixpkgs/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch b/nixpkgs/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch index 91fdebc7ad38..2dd3d87f6ed2 100644 --- a/nixpkgs/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch +++ b/nixpkgs/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch @@ -1,7 +1,7 @@ -From a99666d3d7012c2162fdacf84a57fc0b848fd957 Mon Sep 17 00:00:00 2001 +From 37c9471f59bd57223014a4a645b5f96a71d78787 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Wed, 16 Apr 2014 10:59:28 +0200 -Subject: [PATCH 03/19] Fix NixOS containers +Subject: [PATCH 03/21] Fix NixOS containers In NixOS containers, the init script is bind-mounted into the container, so checking early whether it exists will fail. @@ -10,7 +10,7 @@ container, so checking early whether it exists will fail. 1 file changed, 2 insertions(+) diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c -index 04685fecba..0e5ece5f91 100644 +index 575b9da447..438ca294db 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c @@ -5590,6 +5590,7 @@ static int run(int argc, char *argv[]) { @@ -30,5 +30,5 @@ index 04685fecba..0e5ece5f91 100644 } else { -- -2.32.0 +2.33.0 diff --git a/nixpkgs/pkgs/os-specific/linux/systemd/0004-Look-for-fsck-in-the-right-place.patch b/nixpkgs/pkgs/os-specific/linux/systemd/0004-Look-for-fsck-in-the-right-place.patch index bdd205dd29e8..54d9ff93b43b 100644 --- a/nixpkgs/pkgs/os-specific/linux/systemd/0004-Look-for-fsck-in-the-right-place.patch +++ b/nixpkgs/pkgs/os-specific/linux/systemd/0004-Look-for-fsck-in-the-right-place.patch @@ -1,7 +1,7 @@ -From 3f0780b25bdbe4156a2f761c90083bbba5f4d473 Mon Sep 17 00:00:00 2001 +From 987d6f94dac8e1a75615fd9ddcfb0eb1c2c4c349 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu, 1 May 2014 14:10:10 +0200 -Subject: [PATCH 04/19] Look for fsck in the right place +Subject: [PATCH 04/21] Look for fsck in the right place --- src/fsck/fsck.c | 2 +- @@ -21,5 +21,5 @@ index cd7adfaeb9..68cebdd158 100644 cmdline[i++] = "-T"; -- -2.32.0 +2.33.0 diff --git a/nixpkgs/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch b/nixpkgs/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch index 8680d147ad17..ee878b410f04 100644 --- a/nixpkgs/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch +++ b/nixpkgs/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch @@ -1,7 +1,7 @@ -From 82698c6a5142e710c302f9c38367ed00d8ec94ba Mon Sep 17 00:00:00 2001 +From da4f855044b2babe052ce303cca1de736cf952cd Mon Sep 17 00:00:00 2001 From: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri, 19 Dec 2014 14:46:17 +0100 -Subject: [PATCH 05/19] Add some NixOS-specific unit directories +Subject: [PATCH 05/21] Add some NixOS-specific unit directories Look in `/nix/var/nix/profiles/default/lib/systemd/{system,user}` for units provided by packages installed into the default profile via @@ -92,7 +92,7 @@ index 05eb17d66c..1cd141d012 100644 if (!add) diff --git a/src/core/systemd.pc.in b/src/core/systemd.pc.in -index fc0f8c34fa..ded74ce50a 100644 +index fc0f8c34fa..162432e77f 100644 --- a/src/core/systemd.pc.in +++ b/src/core/systemd.pc.in @@ -38,10 +38,10 @@ systemdsystemconfdir=${systemd_system_conf_dir} @@ -122,5 +122,5 @@ index fc0f8c34fa..ded74ce50a 100644 systemd_sleep_dir=${root_prefix}/lib/systemd/system-sleep -- -2.32.0 +2.33.0 diff --git a/nixpkgs/pkgs/os-specific/linux/systemd/0006-Get-rid-of-a-useless-message-in-user-sessions.patch b/nixpkgs/pkgs/os-specific/linux/systemd/0006-Get-rid-of-a-useless-message-in-user-sessions.patch index f6fa5833518c..482eeacb0218 100644 --- a/nixpkgs/pkgs/os-specific/linux/systemd/0006-Get-rid-of-a-useless-message-in-user-sessions.patch +++ b/nixpkgs/pkgs/os-specific/linux/systemd/0006-Get-rid-of-a-useless-message-in-user-sessions.patch @@ -1,7 +1,7 @@ -From e2a8db60ebfb1e0477ce989f6c3d4a95f2e08120 Mon Sep 17 00:00:00 2001 +From c06abdb631527f56a626b739340d1b275349612c Mon Sep 17 00:00:00 2001 From: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Mon, 11 May 2015 15:39:38 +0200 -Subject: [PATCH 06/19] Get rid of a useless message in user sessions +Subject: [PATCH 06/21] Get rid of a useless message in user sessions Namely lots of variants of @@ -13,7 +13,7 @@ in containers. 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/core/manager.c b/src/core/manager.c -index 8884437347..e23d47b4a4 100644 +index 34891a8754..b9b4789720 100644 --- a/src/core/manager.c +++ b/src/core/manager.c @@ -1375,7 +1375,8 @@ static unsigned manager_dispatch_stop_when_bound_queue(Manager *m) { @@ -27,5 +27,5 @@ index 8884437347..e23d47b4a4 100644 /* If stopping a unit fails continuously we might enter a stop loop here, hence stop acting on the * service being unnecessary after a while. */ -- -2.32.0 +2.33.0 diff --git a/nixpkgs/pkgs/os-specific/linux/systemd/0007-hostnamed-localed-timedated-disable-methods-that-cha.patch b/nixpkgs/pkgs/os-specific/linux/systemd/0007-hostnamed-localed-timedated-disable-methods-that-cha.patch index 17c53e2e5180..22e4c74d08d7 100644 --- a/nixpkgs/pkgs/os-specific/linux/systemd/0007-hostnamed-localed-timedated-disable-methods-that-cha.patch +++ b/nixpkgs/pkgs/os-specific/linux/systemd/0007-hostnamed-localed-timedated-disable-methods-that-cha.patch @@ -1,7 +1,7 @@ -From 56ae06b48c6852071dfc57c1203c04f07309d757 Mon Sep 17 00:00:00 2001 +From 207c69466cdd164c42ed1901deb06f57b12f4363 Mon Sep 17 00:00:00 2001 From: Gabriel Ebner <gebner@gebner.org> Date: Sun, 6 Dec 2015 14:26:36 +0100 -Subject: [PATCH 07/19] hostnamed, localed, timedated: disable methods that +Subject: [PATCH 07/21] hostnamed, localed, timedated: disable methods that change system settings. --- @@ -35,7 +35,7 @@ index 36702f2fb0..669257ea2f 100644 context_read_machine_info(c); diff --git a/src/locale/localed.c b/src/locale/localed.c -index df0eb030d4..d026eae97e 100644 +index c228385d0e..942ccaa038 100644 --- a/src/locale/localed.c +++ b/src/locale/localed.c @@ -360,6 +360,9 @@ static int method_set_locale(sd_bus_message *m, void *userdata, sd_bus_error *er @@ -104,5 +104,5 @@ index 66b454269d..0a8fe25d0f 100644 if (r < 0) return r; -- -2.32.0 +2.33.0 diff --git a/nixpkgs/pkgs/os-specific/linux/systemd/0008-Fix-hwdb-paths.patch b/nixpkgs/pkgs/os-specific/linux/systemd/0008-Fix-hwdb-paths.patch index f272ef23dc01..e5a0bf7d97fa 100644 --- a/nixpkgs/pkgs/os-specific/linux/systemd/0008-Fix-hwdb-paths.patch +++ b/nixpkgs/pkgs/os-specific/linux/systemd/0008-Fix-hwdb-paths.patch @@ -1,7 +1,7 @@ -From b783b2da164482f26ac5e6e347dc41930c072ea5 Mon Sep 17 00:00:00 2001 +From 3ca3855259c3015615983587063fa159cfa7e93c Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov <ab@fmap.me> Date: Thu, 7 Jul 2016 02:47:13 +0300 -Subject: [PATCH 08/19] Fix hwdb paths +Subject: [PATCH 08/21] Fix hwdb paths Patch by vcunat. --- @@ -24,5 +24,5 @@ index 5ddc2211e6..ee621eec46 100644 + "/etc/udev/hwdb.bin\0" + -- -2.32.0 +2.33.0 diff --git a/nixpkgs/pkgs/os-specific/linux/systemd/0009-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch b/nixpkgs/pkgs/os-specific/linux/systemd/0009-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch index 791e47065d6f..9e22ea719e35 100644 --- a/nixpkgs/pkgs/os-specific/linux/systemd/0009-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch +++ b/nixpkgs/pkgs/os-specific/linux/systemd/0009-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch @@ -1,7 +1,7 @@ -From e24c05ef8cfe48c4f0ebdb92e8147ae2151e4c87 Mon Sep 17 00:00:00 2001 +From 717226ad0dc37ceb6c667c1f56396848978b6e83 Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov <ab@fmap.me> Date: Tue, 11 Oct 2016 13:12:08 +0300 -Subject: [PATCH 09/19] Change /usr/share/zoneinfo to /etc/zoneinfo +Subject: [PATCH 09/21] Change /usr/share/zoneinfo to /etc/zoneinfo NixOS uses this path. --- @@ -88,7 +88,7 @@ index 2cb4f80d5d..ebeaeac52f 100644 (void) mkdir_parents(etc_localtime, 0755); if (symlink(e, etc_localtime) < 0) diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c -index 0e5ece5f91..cc46435472 100644 +index 438ca294db..98bd110d92 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c @@ -1887,8 +1887,8 @@ int userns_mkdir(const char *root, const char *path, mode_t mode, uid_t uid, gid @@ -137,5 +137,5 @@ index 0a8fe25d0f..2f02b9a520 100644 return -ENOMEM; -- -2.32.0 +2.33.0 diff --git a/nixpkgs/pkgs/os-specific/linux/systemd/0010-localectl-use-etc-X11-xkb-for-list-x11.patch b/nixpkgs/pkgs/os-specific/linux/systemd/0010-localectl-use-etc-X11-xkb-for-list-x11.patch index d9b048113862..ce0ad7e4ddc3 100644 --- a/nixpkgs/pkgs/os-specific/linux/systemd/0010-localectl-use-etc-X11-xkb-for-list-x11.patch +++ b/nixpkgs/pkgs/os-specific/linux/systemd/0010-localectl-use-etc-X11-xkb-for-list-x11.patch @@ -1,7 +1,7 @@ -From 09f6ca91b4131637038686dafd57b5da642c100e Mon Sep 17 00:00:00 2001 +From 75d12cf65073458f091899d673c613dfc43f60c0 Mon Sep 17 00:00:00 2001 From: Imuli <i@imu.li> Date: Wed, 19 Oct 2016 08:46:47 -0400 -Subject: [PATCH 10/19] localectl: use /etc/X11/xkb for list-x11-* +Subject: [PATCH 10/21] localectl: use /etc/X11/xkb for list-x11-* NixOS has an option to link the xkb data files to /etc/X11, but not to /usr/share/X11. @@ -23,5 +23,5 @@ index 548ac8eb2c..5e372f1566 100644 return log_error_errno(errno, "Failed to open keyboard mapping list. %m"); -- -2.32.0 +2.33.0 diff --git a/nixpkgs/pkgs/os-specific/linux/systemd/0011-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch b/nixpkgs/pkgs/os-specific/linux/systemd/0011-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch index f88b802b2988..a03c5a14ad89 100644 --- a/nixpkgs/pkgs/os-specific/linux/systemd/0011-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch +++ b/nixpkgs/pkgs/os-specific/linux/systemd/0011-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch @@ -1,17 +1,17 @@ -From d5716cd93fdaad16b590a581f39d95954f40748e Mon Sep 17 00:00:00 2001 +From bce75eb4cdeb0b86df6b0a577e886c49a88303f6 Mon Sep 17 00:00:00 2001 From: Franz Pletz <fpletz@fnordicwalking.de> Date: Sun, 11 Feb 2018 04:37:44 +0100 -Subject: [PATCH 11/19] build: don't create statedir and don't touch prefixdir +Subject: [PATCH 11/21] build: don't create statedir and don't touch prefixdir --- meson.build | 3 --- 1 file changed, 3 deletions(-) diff --git a/meson.build b/meson.build -index 738879eb21..453ee4b1c0 100644 +index b5a51b6d0d..99b071542c 100644 --- a/meson.build +++ b/meson.build -@@ -3538,9 +3538,6 @@ install_data('LICENSE.GPL2', +@@ -3540,9 +3540,6 @@ install_data('LICENSE.GPL2', 'docs/GVARIANT-SERIALIZATION.md', install_dir : docdir) @@ -22,5 +22,5 @@ index 738879eb21..453ee4b1c0 100644 # Ensure that changes to the docs/ directory do not break the -- -2.32.0 +2.33.0 diff --git a/nixpkgs/pkgs/os-specific/linux/systemd/0012-inherit-systemd-environment-when-calling-generators.patch b/nixpkgs/pkgs/os-specific/linux/systemd/0012-inherit-systemd-environment-when-calling-generators.patch index f5a6fde26b1f..0576f7a62f2c 100644 --- a/nixpkgs/pkgs/os-specific/linux/systemd/0012-inherit-systemd-environment-when-calling-generators.patch +++ b/nixpkgs/pkgs/os-specific/linux/systemd/0012-inherit-systemd-environment-when-calling-generators.patch @@ -1,7 +1,7 @@ -From 40a5df71e7af5feefacae9fc95bf94e72c6c12f4 Mon Sep 17 00:00:00 2001 +From ecdf0c5d9f88f526521f093cc9ee85f43efab4b7 Mon Sep 17 00:00:00 2001 From: Andreas Rammhold <andreas@rammhold.de> Date: Fri, 2 Nov 2018 21:15:42 +0100 -Subject: [PATCH 12/19] inherit systemd environment when calling generators. +Subject: [PATCH 12/21] inherit systemd environment when calling generators. Systemd generators need access to the environment configured in stage-2-init.sh since it schedules fsck and mkfs executions based on @@ -16,10 +16,10 @@ executables that are being called from managers. 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/src/core/manager.c b/src/core/manager.c -index e23d47b4a4..1047aadebc 100644 +index b9b4789720..79239afe4a 100644 --- a/src/core/manager.c +++ b/src/core/manager.c -@@ -4145,10 +4145,15 @@ static int manager_run_generators(Manager *m) { +@@ -4149,10 +4149,15 @@ static int manager_run_generators(Manager *m) { argv[4] = NULL; RUN_WITH_UMASK(0022) @@ -40,5 +40,5 @@ index e23d47b4a4..1047aadebc 100644 finish: -- -2.32.0 +2.33.0 diff --git a/nixpkgs/pkgs/os-specific/linux/systemd/0013-add-rootprefix-to-lookup-dir-paths.patch b/nixpkgs/pkgs/os-specific/linux/systemd/0013-add-rootprefix-to-lookup-dir-paths.patch index da6aa2627ff8..a424cf1061cc 100644 --- a/nixpkgs/pkgs/os-specific/linux/systemd/0013-add-rootprefix-to-lookup-dir-paths.patch +++ b/nixpkgs/pkgs/os-specific/linux/systemd/0013-add-rootprefix-to-lookup-dir-paths.patch @@ -1,7 +1,7 @@ -From fe3aff271cf127c1484533237fe0a024e07ae7bc Mon Sep 17 00:00:00 2001 +From 39969a1b01d6c223a21c770093209b7f4047aaa4 Mon Sep 17 00:00:00 2001 From: Andreas Rammhold <andreas@rammhold.de> Date: Thu, 9 May 2019 11:15:22 +0200 -Subject: [PATCH 13/19] add rootprefix to lookup dir paths +Subject: [PATCH 13/21] add rootprefix to lookup dir paths systemd does not longer use the UDEVLIBEXEC directory as root for discovery default udev rules. By adding `$out/lib` to the lookup paths @@ -34,5 +34,5 @@ index 2e60abb4f1..732ec51d36 100644 #define CONF_PATHS(n) \ CONF_PATHS_USR(n) \ -- -2.32.0 +2.33.0 diff --git a/nixpkgs/pkgs/os-specific/linux/systemd/0014-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch b/nixpkgs/pkgs/os-specific/linux/systemd/0014-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch index 1ed19358a151..5610d4d3ecc6 100644 --- a/nixpkgs/pkgs/os-specific/linux/systemd/0014-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch +++ b/nixpkgs/pkgs/os-specific/linux/systemd/0014-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch @@ -1,7 +1,7 @@ -From 31732478745f7a200004fb8ec013f54dbc536f2e Mon Sep 17 00:00:00 2001 +From e7c960789b0ca97b24a66e9eeaa56ea645d9c66b Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov <ab@fmap.me> Date: Thu, 25 Jul 2019 20:45:55 +0300 -Subject: [PATCH 14/19] systemd-shutdown: execute scripts in +Subject: [PATCH 14/21] systemd-shutdown: execute scripts in /etc/systemd/system-shutdown This is needed for NixOS to use such scripts as systemd directory is immutable. @@ -23,5 +23,5 @@ index a98cfc4d8a..b0b34edda7 100644 /* The log target defaults to console, but the original systemd process will pass its log target in through a * command line argument, which will override this default. Also, ensure we'll never log to the journal or -- -2.32.0 +2.33.0 diff --git a/nixpkgs/pkgs/os-specific/linux/systemd/0015-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch b/nixpkgs/pkgs/os-specific/linux/systemd/0015-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch index 2777de09fadb..11848a623a32 100644 --- a/nixpkgs/pkgs/os-specific/linux/systemd/0015-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch +++ b/nixpkgs/pkgs/os-specific/linux/systemd/0015-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch @@ -1,7 +1,7 @@ -From 3f2277b86f39cb55936ae11c2365feb283b547cb Mon Sep 17 00:00:00 2001 +From 6124720aa2b9dbc07f2fb898f0db150a44a86041 Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov <ab@fmap.me> Date: Thu, 25 Jul 2019 20:46:58 +0300 -Subject: [PATCH 15/19] systemd-sleep: execute scripts in +Subject: [PATCH 15/21] systemd-sleep: execute scripts in /etc/systemd/system-sleep This is needed for NixOS to use such scripts as systemd directory is immutable. @@ -22,5 +22,5 @@ index a3aeb24633..0ed6a34d79 100644 }; -- -2.32.0 +2.33.0 diff --git a/nixpkgs/pkgs/os-specific/linux/systemd/0016-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch b/nixpkgs/pkgs/os-specific/linux/systemd/0016-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch index 6ef53e95d023..156195d9a900 100644 --- a/nixpkgs/pkgs/os-specific/linux/systemd/0016-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch +++ b/nixpkgs/pkgs/os-specific/linux/systemd/0016-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch @@ -1,7 +1,7 @@ -From 330490aa8a44206bc03205654680913ab01408a1 Mon Sep 17 00:00:00 2001 +From bee1d855d4fb7f2d6f6b9beb1dfd14b1dea31887 Mon Sep 17 00:00:00 2001 From: Florian Klink <flokli@flokli.de> Date: Sat, 7 Mar 2020 22:40:27 +0100 -Subject: [PATCH 16/19] kmod-static-nodes.service: Update ConditionFileNotEmpty +Subject: [PATCH 16/21] kmod-static-nodes.service: Update ConditionFileNotEmpty On NixOS, kernel modules of the currently booted systems are located at /run/booted-system/kernel-modules/lib/modules/%v/, not /lib/modules/%v/. @@ -23,5 +23,5 @@ index 777e82d16b..b6abc2bba0 100644 [Service] Type=oneshot -- -2.32.0 +2.33.0 diff --git a/nixpkgs/pkgs/os-specific/linux/systemd/0017-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch b/nixpkgs/pkgs/os-specific/linux/systemd/0017-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch index 775c8e098479..1f21b628e923 100644 --- a/nixpkgs/pkgs/os-specific/linux/systemd/0017-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch +++ b/nixpkgs/pkgs/os-specific/linux/systemd/0017-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch @@ -1,7 +1,7 @@ -From 216018be7b422586b937dae8fd83f51989479a41 Mon Sep 17 00:00:00 2001 +From 62198599bbc559eeb8e2a3caebce7b9135085270 Mon Sep 17 00:00:00 2001 From: Florian Klink <flokli@flokli.de> Date: Sun, 8 Mar 2020 01:05:54 +0100 -Subject: [PATCH 17/19] path-util.h: add placeholder for DEFAULT_PATH_NORMAL +Subject: [PATCH 17/21] path-util.h: add placeholder for DEFAULT_PATH_NORMAL This will be the $PATH used to lookup ExecStart= etc. options, which systemd itself uses extensively. @@ -29,5 +29,5 @@ index 26e7362d1f..a8f8a863ec 100644 #if HAVE_SPLIT_USR # define DEFAULT_PATH DEFAULT_PATH_SPLIT_USR -- -2.32.0 +2.33.0 diff --git a/nixpkgs/pkgs/os-specific/linux/systemd/0018-logind-seat-debus-show-CanMultiSession-again.patch b/nixpkgs/pkgs/os-specific/linux/systemd/0018-logind-seat-debus-show-CanMultiSession-again.patch deleted file mode 100644 index 21d466b02bb8..000000000000 --- a/nixpkgs/pkgs/os-specific/linux/systemd/0018-logind-seat-debus-show-CanMultiSession-again.patch +++ /dev/null @@ -1,26 +0,0 @@ -From beb594ff3bceb95598ffa8ec47c31bacb2449473 Mon Sep 17 00:00:00 2001 -From: Thomas Tuegel <ttuegel@mailbox.org> -Date: Mon, 26 Oct 2020 21:21:38 +0100 -Subject: [PATCH 18/19] logind-seat-debus: show CanMultiSession again - -Fixes the "switch user" function in Plasma < 5.20. ---- - src/login/logind-seat-dbus.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/login/logind-seat-dbus.c b/src/login/logind-seat-dbus.c -index cceb3b1d2d..94b4723bb9 100644 ---- a/src/login/logind-seat-dbus.c -+++ b/src/login/logind-seat-dbus.c -@@ -419,7 +419,7 @@ static const sd_bus_vtable seat_vtable[] = { - - SD_BUS_PROPERTY("Id", "s", NULL, offsetof(Seat, id), SD_BUS_VTABLE_PROPERTY_CONST), - SD_BUS_PROPERTY("ActiveSession", "(so)", property_get_active_session, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE), -- SD_BUS_PROPERTY("CanMultiSession", "b", property_get_const_true, 0, SD_BUS_VTABLE_PROPERTY_CONST|SD_BUS_VTABLE_HIDDEN), -+ SD_BUS_PROPERTY("CanMultiSession", "b", property_get_const_true, 0, SD_BUS_VTABLE_PROPERTY_CONST), - SD_BUS_PROPERTY("CanTTY", "b", property_get_can_tty, 0, SD_BUS_VTABLE_PROPERTY_CONST), - SD_BUS_PROPERTY("CanGraphical", "b", property_get_can_graphical, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE), - SD_BUS_PROPERTY("Sessions", "a(so)", property_get_sessions, 0, 0), --- -2.32.0 - diff --git a/nixpkgs/pkgs/os-specific/linux/systemd/0019-pkg-config-derive-prefix-from-prefix.patch b/nixpkgs/pkgs/os-specific/linux/systemd/0018-pkg-config-derive-prefix-from-prefix.patch index da071603557a..344b8b3952ff 100644 --- a/nixpkgs/pkgs/os-specific/linux/systemd/0019-pkg-config-derive-prefix-from-prefix.patch +++ b/nixpkgs/pkgs/os-specific/linux/systemd/0018-pkg-config-derive-prefix-from-prefix.patch @@ -1,7 +1,7 @@ -From 2e7477dc29095141a0556ded11f0ee370d82bfbb Mon Sep 17 00:00:00 2001 +From 7654964344ba083529cb232ab229db7c0888f782 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io> Date: Sun, 6 Dec 2020 08:34:19 +0100 -Subject: [PATCH 19/19] pkg-config: derive prefix from --prefix +Subject: [PATCH 18/21] pkg-config: derive prefix from --prefix Point prefix to the one configured, instead of `/usr` `systemd` has limited support for making the pkgconfig prefix overridable, and interpolates those @@ -16,7 +16,7 @@ Co-Authored-By: Florian Klink <flokli@flokli.de> 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/core/systemd.pc.in b/src/core/systemd.pc.in -index ded74ce50a..0262f53154 100644 +index 162432e77f..2fc20daf03 100644 --- a/src/core/systemd.pc.in +++ b/src/core/systemd.pc.in @@ -11,7 +11,7 @@ @@ -29,5 +29,5 @@ index ded74ce50a..0262f53154 100644 rootprefix=${root_prefix} sysconf_dir={{SYSCONF_DIR}} -- -2.32.0 +2.33.0 diff --git a/nixpkgs/pkgs/os-specific/linux/systemd/0022-core-Handle-lookup-paths-being-symlinks.patch b/nixpkgs/pkgs/os-specific/linux/systemd/0019-core-handle-lookup-paths-being-symlinks.patch index c7d022b1ffde..4f950650d320 100644 --- a/nixpkgs/pkgs/os-specific/linux/systemd/0022-core-Handle-lookup-paths-being-symlinks.patch +++ b/nixpkgs/pkgs/os-specific/linux/systemd/0019-core-handle-lookup-paths-being-symlinks.patch @@ -1,7 +1,7 @@ -From 5f17b65d30480e489e135b403a072b38535b2911 Mon Sep 17 00:00:00 2001 +From 4e9b4aa87d299be08cffc77a86d6f473a7a4109a Mon Sep 17 00:00:00 2001 From: Andreas Rammhold <andreas@rammhold.de> Date: Wed, 18 Aug 2021 19:10:08 +0200 -Subject: [PATCH] core: handle lookup paths being symlinks +Subject: [PATCH 19/21] core: handle lookup paths being symlinks With a recent change paths leaving the statically known lookup paths would be treated differently then those that remained within those. That @@ -15,7 +15,7 @@ directory itself is already a symlink. 1 file changed, 31 insertions(+), 2 deletions(-) diff --git a/src/basic/unit-file.c b/src/basic/unit-file.c -index 884a0674a9..3ae2a115d0 100644 +index 0d58b1c4fe..7314f1245f 100644 --- a/src/basic/unit-file.c +++ b/src/basic/unit-file.c @@ -254,6 +254,7 @@ int unit_file_build_name_map( @@ -76,5 +76,5 @@ index 884a0674a9..3ae2a115d0 100644 log_debug("%s: linked unit file: %s → %s", __func__, filename, simplified); -- -2.32.0 +2.33.0 diff --git a/nixpkgs/pkgs/os-specific/linux/systemd/0020-core-respect-install_sysconfdir_samples-in-meson-fil.patch b/nixpkgs/pkgs/os-specific/linux/systemd/0020-core-respect-install_sysconfdir_samples-in-meson-fil.patch deleted file mode 100644 index 4567c2fa3164..000000000000 --- a/nixpkgs/pkgs/os-specific/linux/systemd/0020-core-respect-install_sysconfdir_samples-in-meson-fil.patch +++ /dev/null @@ -1,31 +0,0 @@ -From 1a2d24d210c9329e8b900fdb01576c57374581d8 Mon Sep 17 00:00:00 2001 -From: Andreas Rammhold <andreas@rammhold.de> -Date: Mon, 26 Jul 2021 16:57:43 +0200 -Subject: [PATCH 20/20] core: respect install_sysconfdir_samples in meson file - -The refactoring done in e11a25cadbe caused the configuration files to be -installed into the pkgsysconfdir regardless of the state of the -install_sysconfdir_samples boolean that indicated whether or not the -sample files should be installed. ---- - src/core/meson.build | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/src/core/meson.build b/src/core/meson.build -index f0d2c6f642..4ff7e00e36 100644 ---- a/src/core/meson.build -+++ b/src/core/meson.build -@@ -187,6 +187,10 @@ foreach item : in_files - file = item[0] - dir = item[1] - -+ if not install_sysconfdir_samples and dir == pkgsysconfdir -+ continue -+ endif -+ - custom_target( - file, - input : file + '.in', --- -2.32.0 - diff --git a/nixpkgs/pkgs/os-specific/linux/systemd/0020-sd-boot-Unify-error-handling.patch b/nixpkgs/pkgs/os-specific/linux/systemd/0020-sd-boot-Unify-error-handling.patch new file mode 100644 index 000000000000..5c82cdbd6fab --- /dev/null +++ b/nixpkgs/pkgs/os-specific/linux/systemd/0020-sd-boot-Unify-error-handling.patch @@ -0,0 +1,401 @@ +From 3cf1b5fb6d1dc342e836cf0990df3170d2e9db49 Mon Sep 17 00:00:00 2001 +From: Jan Janssen <medhefgo@web.de> +Date: Wed, 11 Aug 2021 14:59:46 +0200 +Subject: [PATCH 20/21] sd-boot: Unify error handling + +log_error_stall() and log_error_status_stall() will ensure the user has +a chance to catch an error message by stalling and also forcing a +lightred/black color on it. Also, convert several Print() calls to it +since they are actually error messages. + +(cherry picked from commit 8aba0eec499b762657f528988c2f093ac490620d) +--- + src/boot/efi/boot.c | 62 ++++++++++---------------------- + src/boot/efi/random-seed.c | 73 +++++++++++++------------------------- + src/boot/efi/stub.c | 24 ++++--------- + src/boot/efi/util.c | 17 +++++++-- + src/boot/efi/util.h | 9 +++++ + 5 files changed, 75 insertions(+), 110 deletions(-) + +diff --git a/src/boot/efi/boot.c b/src/boot/efi/boot.c +index 13940a6df7..54d704f0d1 100644 +--- a/src/boot/efi/boot.c ++++ b/src/boot/efi/boot.c +@@ -527,7 +527,7 @@ static BOOLEAN menu_run( + err = console_set_mode(&config->console_mode, config->console_mode_change); + if (EFI_ERROR(err)) { + uefi_call_wrapper(ST->ConOut->ClearScreen, 1, ST->ConOut); +- Print(L"Error switching console mode to %ld: %r.\r", (UINT64)config->console_mode, err); ++ log_error_stall(L"Error switching console mode to %lu: %r", (UINT64)config->console_mode, err); + } + } else + uefi_call_wrapper(ST->ConOut->ClearScreen, 1, ST->ConOut); +@@ -1221,8 +1221,7 @@ static VOID config_entry_bump_counters( + break; + + if (r != EFI_BUFFER_TOO_SMALL || file_info_size * 2 < file_info_size) { +- Print(L"\nFailed to get file info for '%s': %r\n", old_path, r); +- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); ++ log_error_stall(L"Failed to get file info for '%s': %r", old_path, r); + return; + } + +@@ -1234,8 +1233,7 @@ static VOID config_entry_bump_counters( + StrCpy(file_info->FileName, entry->next_name); + r = uefi_call_wrapper(handle->SetInfo, 4, handle, &EfiFileInfoGuid, file_info_size, file_info); + if (EFI_ERROR(r)) { +- Print(L"\nFailed to rename '%s' to '%s', ignoring: %r\n", old_path, entry->next_name, r); +- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); ++ log_error_stall(L"Failed to rename '%s' to '%s', ignoring: %r", old_path, entry->next_name, r); + return; + } + +@@ -2165,18 +2163,12 @@ static EFI_STATUS image_start( + EFI_STATUS err; + + path = FileDevicePath(entry->device, entry->loader); +- if (!path) { +- Print(L"Error getting device path."); +- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); +- return EFI_INVALID_PARAMETER; +- } ++ if (!path) ++ return log_error_status_stall(EFI_INVALID_PARAMETER, L"Error getting device path."); + + err = uefi_call_wrapper(BS->LoadImage, 6, FALSE, parent_image, path, NULL, 0, &image); +- if (EFI_ERROR(err)) { +- Print(L"Error loading %s: %r", entry->loader, err); +- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); +- return err; +- } ++ if (EFI_ERROR(err)) ++ return log_error_status_stall(err, L"Error loading %s: %r", entry->loader, err); + + if (config->options_edit) + options = config->options_edit; +@@ -2190,8 +2182,7 @@ static EFI_STATUS image_start( + err = uefi_call_wrapper(BS->OpenProtocol, 6, image, &LoadedImageProtocol, (VOID **)&loaded_image, + parent_image, NULL, EFI_OPEN_PROTOCOL_GET_PROTOCOL); + if (EFI_ERROR(err)) { +- Print(L"Error getting LoadedImageProtocol handle: %r", err); +- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); ++ log_error_stall(L"Error getting LoadedImageProtocol handle: %r", err); + goto out_unload; + } + loaded_image->LoadOptions = options; +@@ -2202,10 +2193,8 @@ static EFI_STATUS image_start( + err = tpm_log_event(SD_TPM_PCR, + (EFI_PHYSICAL_ADDRESS) (UINTN) loaded_image->LoadOptions, + loaded_image->LoadOptionsSize, loaded_image->LoadOptions); +- if (EFI_ERROR(err)) { +- Print(L"Unable to add image options measurement: %r", err); +- uefi_call_wrapper(BS->Stall, 1, 200 * 1000); +- } ++ if (EFI_ERROR(err)) ++ log_error_stall(L"Unable to add image options measurement: %r", err); + #endif + } + +@@ -2231,9 +2220,7 @@ static EFI_STATUS reboot_into_firmware(VOID) { + return err; + + err = uefi_call_wrapper(RT->ResetSystem, 4, EfiResetCold, EFI_SUCCESS, 0, NULL); +- Print(L"Error calling ResetSystem: %r", err); +- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); +- return err; ++ return log_error_status_stall(err, L"Error calling ResetSystem: %r", err); + } + + static VOID config_free(Config *config) { +@@ -2305,30 +2292,21 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) { + + err = uefi_call_wrapper(BS->OpenProtocol, 6, image, &LoadedImageProtocol, (VOID **)&loaded_image, + image, NULL, EFI_OPEN_PROTOCOL_GET_PROTOCOL); +- if (EFI_ERROR(err)) { +- Print(L"Error getting a LoadedImageProtocol handle: %r", err); +- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); +- return err; +- } ++ if (EFI_ERROR(err)) ++ return log_error_status_stall(err, L"Error getting a LoadedImageProtocol handle: %r", err); + + /* export the device path this image is started from */ + if (disk_get_part_uuid(loaded_image->DeviceHandle, uuid) == EFI_SUCCESS) + efivar_set(LOADER_GUID, L"LoaderDevicePartUUID", uuid, 0); + + root_dir = LibOpenRoot(loaded_image->DeviceHandle); +- if (!root_dir) { +- Print(L"Unable to open root directory."); +- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); +- return EFI_LOAD_ERROR; +- } ++ if (!root_dir) ++ return log_error_status_stall(EFI_LOAD_ERROR, L"Unable to open root directory.", EFI_LOAD_ERROR); + + if (secure_boot_enabled() && shim_loaded()) { + err = security_policy_install(); +- if (EFI_ERROR(err)) { +- Print(L"Error installing security policy: %r ", err); +- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); +- return err; +- } ++ if (EFI_ERROR(err)) ++ return log_error_status_stall(err, L"Error installing security policy: %r", err); + } + + /* the filesystem path to this image, to prevent adding ourselves to the menu */ +@@ -2367,8 +2345,7 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) { + } + + if (config.entry_count == 0) { +- Print(L"No loader found. Configuration files in \\loader\\entries\\*.conf are needed."); +- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); ++ log_error_stall(L"No loader found. Configuration files in \\loader\\entries\\*.conf are needed."); + goto out; + } + +@@ -2440,8 +2417,7 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) { + err = image_start(image, &config, entry); + if (EFI_ERROR(err)) { + graphics_mode(FALSE); +- Print(L"\nFailed to execute %s (%s): %r\n", entry->title, entry->loader, err); +- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); ++ log_error_stall(L"Failed to execute %s (%s): %r", entry->title, entry->loader, err); + goto out; + } + +diff --git a/src/boot/efi/random-seed.c b/src/boot/efi/random-seed.c +index 3e179851b0..939daf3e41 100644 +--- a/src/boot/efi/random-seed.c ++++ b/src/boot/efi/random-seed.c +@@ -35,10 +35,8 @@ static EFI_STATUS acquire_rng(UINTN size, VOID **ret) { + return log_oom(); + + err = uefi_call_wrapper(rng->GetRNG, 3, rng, NULL, size, data); +- if (EFI_ERROR(err)) { +- Print(L"Failed to acquire RNG data: %r\n", err); +- return err; +- } ++ if (EFI_ERROR(err)) ++ return log_error_status_stall(err, L"Failed to acquire RNG data: %r", err); + + *ret = TAKE_PTR(data); + return EFI_SUCCESS; +@@ -149,14 +147,12 @@ static EFI_STATUS acquire_system_token(VOID **ret, UINTN *ret_size) { + err = efivar_get_raw(LOADER_GUID, L"LoaderSystemToken", &data, &size); + if (EFI_ERROR(err)) { + if (err != EFI_NOT_FOUND) +- Print(L"Failed to read LoaderSystemToken EFI variable: %r", err); ++ log_error_stall(L"Failed to read LoaderSystemToken EFI variable: %r", err); + return err; + } + +- if (size <= 0) { +- Print(L"System token too short, ignoring."); +- return EFI_NOT_FOUND; +- } ++ if (size <= 0) ++ return log_error_status_stall(EFI_NOT_FOUND, L"System token too short, ignoring."); + + *ret = TAKE_PTR(data); + *ret_size = size; +@@ -209,8 +205,7 @@ static VOID validate_sha256(void) { + sha256_finish_ctx(&hash, result); + + if (CompareMem(result, array[i].hash, HASH_VALUE_SIZE) != 0) { +- Print(L"SHA256 failed validation.\n"); +- uefi_call_wrapper(BS->Stall, 1, 120 * 1000 * 1000); ++ log_error_stall(L"SHA256 failed validation."); + return; + } + } +@@ -246,7 +241,7 @@ EFI_STATUS process_random_seed(EFI_FILE *root_dir, RandomSeedMode mode) { + err = uefi_call_wrapper(root_dir->Open, 5, root_dir, &handle, (CHAR16*) L"\\loader\\random-seed", EFI_FILE_MODE_READ|EFI_FILE_MODE_WRITE, 0ULL); + if (EFI_ERROR(err)) { + if (err != EFI_NOT_FOUND && err != EFI_WRITE_PROTECTED) +- Print(L"Failed to open random seed file: %r\n", err); ++ log_error_stall(L"Failed to open random seed file: %r", err); + return err; + } + +@@ -255,15 +250,11 @@ EFI_STATUS process_random_seed(EFI_FILE *root_dir, RandomSeedMode mode) { + return log_oom(); + + size = info->FileSize; +- if (size < RANDOM_MAX_SIZE_MIN) { +- Print(L"Random seed file is too short?\n"); +- return EFI_INVALID_PARAMETER; +- } ++ if (size < RANDOM_MAX_SIZE_MIN) ++ return log_error_status_stall(EFI_INVALID_PARAMETER, L"Random seed file is too short."); + +- if (size > RANDOM_MAX_SIZE_MAX) { +- Print(L"Random seed file is too large?\n"); +- return EFI_INVALID_PARAMETER; +- } ++ if (size > RANDOM_MAX_SIZE_MAX) ++ return log_error_status_stall(EFI_INVALID_PARAMETER, L"Random seed file is too large."); + + seed = AllocatePool(size); + if (!seed) +@@ -271,20 +262,14 @@ EFI_STATUS process_random_seed(EFI_FILE *root_dir, RandomSeedMode mode) { + + rsize = size; + err = uefi_call_wrapper(handle->Read, 3, handle, &rsize, seed); +- if (EFI_ERROR(err)) { +- Print(L"Failed to read random seed file: %r\n", err); +- return err; +- } +- if (rsize != size) { +- Print(L"Short read on random seed file\n"); +- return EFI_PROTOCOL_ERROR; +- } ++ if (EFI_ERROR(err)) ++ return log_error_status_stall(err, L"Failed to read random seed file: %r", err); ++ if (rsize != size) ++ return log_error_status_stall(EFI_PROTOCOL_ERROR, L"Short read on random seed file."); + + err = uefi_call_wrapper(handle->SetPosition, 2, handle, 0); +- if (EFI_ERROR(err)) { +- Print(L"Failed to seek to beginning of random seed file: %r\n", err); +- return err; +- } ++ if (EFI_ERROR(err)) ++ return log_error_status_stall(err, L"Failed to seek to beginning of random seed file: %r", err); + + /* Request some random data from the UEFI RNG. We don't need this to work safely, but it's a good + * idea to use it because it helps us for cases where users mistakenly include a random seed in +@@ -299,27 +284,19 @@ EFI_STATUS process_random_seed(EFI_FILE *root_dir, RandomSeedMode mode) { + /* Update the random seed on disk before we use it */ + wsize = size; + err = uefi_call_wrapper(handle->Write, 3, handle, &wsize, new_seed); +- if (EFI_ERROR(err)) { +- Print(L"Failed to write random seed file: %r\n", err); +- return err; +- } +- if (wsize != size) { +- Print(L"Short write on random seed file\n"); +- return EFI_PROTOCOL_ERROR; +- } ++ if (EFI_ERROR(err)) ++ return log_error_status_stall(err, L"Failed to write random seed file: %r", err); ++ if (wsize != size) ++ return log_error_status_stall(EFI_PROTOCOL_ERROR, L"Short write on random seed file."); + + err = uefi_call_wrapper(handle->Flush, 1, handle); +- if (EFI_ERROR(err)) { +- Print(L"Failed to flush random seed file: %r\n"); +- return err; +- } ++ if (EFI_ERROR(err)) ++ return log_error_status_stall(err, L"Failed to flush random seed file: %r", err); + + /* We are good to go */ + err = efivar_set_raw(LOADER_GUID, L"LoaderRandomSeed", for_kernel, size, 0); +- if (EFI_ERROR(err)) { +- Print(L"Failed to write random seed to EFI variable: %r\n", err); +- return err; +- } ++ if (EFI_ERROR(err)) ++ return log_error_status_stall(err, L"Failed to write random seed to EFI variable: %r", err); + + return EFI_SUCCESS; + } +diff --git a/src/boot/efi/stub.c b/src/boot/efi/stub.c +index 082fe91c9e..82da1d3ec4 100644 +--- a/src/boot/efi/stub.c ++++ b/src/boot/efi/stub.c +@@ -36,18 +36,12 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) { + + err = uefi_call_wrapper(BS->OpenProtocol, 6, image, &LoadedImageProtocol, (VOID **)&loaded_image, + image, NULL, EFI_OPEN_PROTOCOL_GET_PROTOCOL); +- if (EFI_ERROR(err)) { +- Print(L"Error getting a LoadedImageProtocol handle: %r ", err); +- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); +- return err; +- } ++ if (EFI_ERROR(err)) ++ return log_error_status_stall(err, L"Error getting a LoadedImageProtocol handle: %r", err); + + err = pe_memory_locate_sections(loaded_image->ImageBase, sections, addrs, offs, szs); +- if (EFI_ERROR(err)) { +- Print(L"Unable to locate embedded .linux section: %r ", err); +- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); +- return err; +- } ++ if (EFI_ERROR(err)) ++ return log_error_status_stall(err, L"Unable to locate embedded .linux section: %r", err); + + if (szs[0] > 0) + cmdline = (CHAR8 *)(loaded_image->ImageBase) + addrs[0]; +@@ -72,10 +66,8 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) { + err = tpm_log_event(SD_TPM_PCR, + (EFI_PHYSICAL_ADDRESS) (UINTN) loaded_image->LoadOptions, + loaded_image->LoadOptionsSize, loaded_image->LoadOptions); +- if (EFI_ERROR(err)) { +- Print(L"Unable to add image options measurement: %r", err); +- uefi_call_wrapper(BS->Stall, 1, 200 * 1000); +- } ++ if (EFI_ERROR(err)) ++ log_error_stall(L"Unable to add image options measurement: %r", err); + #endif + } + +@@ -126,7 +118,5 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) { + (UINTN)loaded_image->ImageBase + addrs[2], szs[2]); + + graphics_mode(FALSE); +- Print(L"Execution of embedded linux image failed: %r\n", err); +- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); +- return err; ++ return log_error_status_stall(err, L"Execution of embedded linux image failed: %r", err); + } +diff --git a/src/boot/efi/util.c b/src/boot/efi/util.c +index 6f4e5933d3..aee076060b 100644 +--- a/src/boot/efi/util.c ++++ b/src/boot/efi/util.c +@@ -411,8 +411,21 @@ EFI_STATUS file_read(EFI_FILE_HANDLE dir, const CHAR16 *name, UINTN off, UINTN s + return err; + } + ++VOID log_error_stall(const CHAR16 *fmt, ...) { ++ va_list args; ++ ++ uefi_call_wrapper(ST->ConOut->SetAttribute, 2, ST->ConOut, EFI_LIGHTRED|EFI_BACKGROUND_BLACK); ++ ++ Print(L"\n"); ++ va_start(args, fmt); ++ VPrint(fmt, args); ++ va_end(args); ++ Print(L"\n"); ++ ++ uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); ++} ++ + EFI_STATUS log_oom(void) { +- Print(L"Out of memory."); +- (void) uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); ++ log_error_stall(L"Out of memory."); + return EFI_OUT_OF_RESOURCES; + } +diff --git a/src/boot/efi/util.h b/src/boot/efi/util.h +index 1a42b01033..d3bf848a95 100644 +--- a/src/boot/efi/util.h ++++ b/src/boot/efi/util.h +@@ -74,4 +74,13 @@ static inline void FileHandleClosep(EFI_FILE_HANDLE *handle) { + #define UINT64_MAX ((UINT64) -1) + #endif + ++VOID log_error_stall(const CHAR16 *fmt, ...); + EFI_STATUS log_oom(void); ++ ++/* This works just like log_error_errno() from userspace, but requires you ++ * to provide err a second time if you want to use %r in the message! */ ++#define log_error_status_stall(err, fmt, ...) \ ++ ({ \ ++ log_error_stall(fmt, ##__VA_ARGS__); \ ++ err; \ ++ }) +-- +2.33.0 + diff --git a/nixpkgs/pkgs/os-specific/linux/systemd/0021-login-respect-install_sysconfdir_samples-in-meson-fi.patch b/nixpkgs/pkgs/os-specific/linux/systemd/0021-login-respect-install_sysconfdir_samples-in-meson-fi.patch deleted file mode 100644 index b048249e0519..000000000000 --- a/nixpkgs/pkgs/os-specific/linux/systemd/0021-login-respect-install_sysconfdir_samples-in-meson-fi.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 189ba3af8b21cfc53527453907e800a2917b1bfd Mon Sep 17 00:00:00 2001 -From: Andreas Rammhold <andreas@rammhold.de> -Date: Mon, 26 Jul 2021 17:20:34 +0200 -Subject: [PATCH] login: respect install_sysconfdir_samples in meson file - -The refactoring done in c900d89faa0 caused the configuration files to be -installed into the pkgsysconfdir regardless of the state of the -install_sysconfdir_samples boolean that indicates whether or not the -sample files should be installed. ---- - src/login/meson.build | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/login/meson.build b/src/login/meson.build -index 8c20e6be65..b637adc9a2 100644 ---- a/src/login/meson.build -+++ b/src/login/meson.build -@@ -67,7 +67,7 @@ pam_systemd_c = files('pam_systemd.c') - - enable_logind = conf.get('ENABLE_LOGIND') == 1 - in_files = [ -- ['logind.conf', pkgsysconfdir, enable_logind], -+ ['logind.conf', pkgsysconfdir, enable_logind and install_sysconfdir_samples], - ['70-uaccess.rules', udevrulesdir, enable_logind and conf.get('HAVE_ACL') == 1], - ['71-seat.rules', udevrulesdir, enable_logind], - ['73-seat-late.rules', udevrulesdir, enable_logind], --- -2.32.0 - diff --git a/nixpkgs/pkgs/os-specific/linux/systemd/0021-sd-boot-Rework-console-input-handling.patch b/nixpkgs/pkgs/os-specific/linux/systemd/0021-sd-boot-Rework-console-input-handling.patch new file mode 100644 index 000000000000..7cdc2491fa33 --- /dev/null +++ b/nixpkgs/pkgs/os-specific/linux/systemd/0021-sd-boot-Rework-console-input-handling.patch @@ -0,0 +1,320 @@ +From 2d9fcfcfa38667ada306e095599944f941576e53 Mon Sep 17 00:00:00 2001 +From: Jan Janssen <medhefgo@web.de> +Date: Wed, 11 Aug 2021 14:59:46 +0200 +Subject: [PATCH 21/21] sd-boot: Rework console input handling + +Fixes: #15847 +Probably fixes: #19191 + +(cherry picked from commit e98d271e57f3d0356e444b6ea2d48836ee2769b0) +--- + src/boot/efi/boot.c | 55 +++++++--------------- + src/boot/efi/console.c | 102 +++++++++++++++++++++++++++++------------ + src/boot/efi/console.h | 2 +- + 3 files changed, 91 insertions(+), 68 deletions(-) + +diff --git a/src/boot/efi/boot.c b/src/boot/efi/boot.c +index 54d704f0d1..b4f3b9605a 100644 +--- a/src/boot/efi/boot.c ++++ b/src/boot/efi/boot.c +@@ -134,7 +134,7 @@ static BOOLEAN line_edit( + uefi_call_wrapper(ST->ConOut->OutputString, 2, ST->ConOut, print); + uefi_call_wrapper(ST->ConOut->SetCursorPosition, 3, ST->ConOut, cursor, y_pos); + +- err = console_key_read(&key, TRUE); ++ err = console_key_read(&key, 0); + if (EFI_ERROR(err)) + continue; + +@@ -387,7 +387,7 @@ static VOID print_status(Config *config, CHAR16 *loaded_image_path) { + Print(L"OsIndicationsSupported: %d\n", indvar); + + Print(L"\n--- press key ---\n\n"); +- console_key_read(&key, TRUE); ++ console_key_read(&key, 0); + + Print(L"timeout: %u\n", config->timeout_sec); + if (config->timeout_sec_efivar >= 0) +@@ -432,7 +432,7 @@ static VOID print_status(Config *config, CHAR16 *loaded_image_path) { + Print(L"LoaderEntryDefault: %s\n", defaultstr); + + Print(L"\n--- press key ---\n\n"); +- console_key_read(&key, TRUE); ++ console_key_read(&key, 0); + + for (UINTN i = 0; i < config->entry_count; i++) { + ConfigEntry *entry; +@@ -482,7 +482,7 @@ static VOID print_status(Config *config, CHAR16 *loaded_image_path) { + entry->path, entry->next_name); + + Print(L"\n--- press key ---\n\n"); +- console_key_read(&key, TRUE); ++ console_key_read(&key, 0); + } + + uefi_call_wrapper(ST->ConOut->ClearScreen, 1, ST->ConOut); +@@ -509,11 +509,10 @@ static BOOLEAN menu_run( + UINTN y_max; + CHAR16 *status; + CHAR16 *clearline; +- INTN timeout_remain; ++ UINTN timeout_remain = config->timeout_sec; + INT16 idx; + BOOLEAN exit = FALSE; + BOOLEAN run = TRUE; +- BOOLEAN wait = FALSE; + + graphics_mode(FALSE); + uefi_call_wrapper(ST->ConIn->Reset, 2, ST->ConIn, FALSE); +@@ -538,12 +537,6 @@ static BOOLEAN menu_run( + y_max = 25; + } + +- /* we check 10 times per second for a keystroke */ +- if (config->timeout_sec > 0) +- timeout_remain = config->timeout_sec * 10; +- else +- timeout_remain = -1; +- + idx_highlight = config->idx_default; + idx_highlight_prev = 0; + +@@ -643,7 +636,7 @@ static BOOLEAN menu_run( + + if (timeout_remain > 0) { + FreePool(status); +- status = PoolPrint(L"Boot in %d sec.", (timeout_remain + 5) / 10); ++ status = PoolPrint(L"Boot in %d s.", timeout_remain); + } + + /* print status at last line of screen */ +@@ -664,27 +657,18 @@ static BOOLEAN menu_run( + uefi_call_wrapper(ST->ConOut->OutputString, 2, ST->ConOut, clearline+1 + x + len); + } + +- err = console_key_read(&key, wait); +- if (EFI_ERROR(err)) { +- /* timeout reached */ ++ err = console_key_read(&key, timeout_remain > 0 ? 1000 * 1000 : 0); ++ if (err == EFI_TIMEOUT) { ++ timeout_remain--; + if (timeout_remain == 0) { + exit = TRUE; + break; + } + +- /* sleep and update status */ +- if (timeout_remain > 0) { +- uefi_call_wrapper(BS->Stall, 1, 100 * 1000); +- timeout_remain--; +- continue; +- } +- +- /* timeout disabled, wait for next key */ +- wait = TRUE; ++ /* update status */ + continue; +- } +- +- timeout_remain = -1; ++ } else ++ timeout_remain = 0; + + /* clear status after keystroke */ + if (status) { +@@ -787,7 +771,7 @@ static BOOLEAN menu_run( + config->timeout_sec_efivar, + EFI_VARIABLE_NON_VOLATILE); + if (config->timeout_sec_efivar > 0) +- status = PoolPrint(L"Menu timeout set to %d sec.", config->timeout_sec_efivar); ++ status = PoolPrint(L"Menu timeout set to %d s.", config->timeout_sec_efivar); + else + status = StrDuplicate(L"Menu disabled. Hold down key at bootup to show menu."); + } else if (config->timeout_sec_efivar <= 0){ +@@ -795,7 +779,7 @@ static BOOLEAN menu_run( + efivar_set( + LOADER_GUID, L"LoaderConfigTimeout", NULL, EFI_VARIABLE_NON_VOLATILE); + if (config->timeout_sec_config > 0) +- status = PoolPrint(L"Menu timeout of %d sec is defined by configuration file.", ++ status = PoolPrint(L"Menu timeout of %d s is defined by configuration file.", + config->timeout_sec_config); + else + status = StrDuplicate(L"Menu disabled. Hold down key at bootup to show menu."); +@@ -813,7 +797,7 @@ static BOOLEAN menu_run( + config->timeout_sec_efivar, + EFI_VARIABLE_NON_VOLATILE); + if (config->timeout_sec_efivar > 0) +- status = PoolPrint(L"Menu timeout set to %d sec.", ++ status = PoolPrint(L"Menu timeout set to %d s.", + config->timeout_sec_efivar); + else + status = StrDuplicate(L"Menu disabled. Hold down key at bootup to show menu."); +@@ -2369,13 +2353,8 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) { + else { + UINT64 key; + +- err = console_key_read(&key, FALSE); +- +- if (err == EFI_NOT_READY) { +- uefi_call_wrapper(BS->Stall, 1, 100 * 1000); +- err = console_key_read(&key, FALSE); +- } +- ++ /* Block up to 100ms to give firmware time to get input working. */ ++ err = console_key_read(&key, 100 * 1000); + if (!EFI_ERROR(err)) { + INT16 idx; + +diff --git a/src/boot/efi/console.c b/src/boot/efi/console.c +index 83619d2147..369c549daf 100644 +--- a/src/boot/efi/console.c ++++ b/src/boot/efi/console.c +@@ -11,61 +11,105 @@ + + #define EFI_SIMPLE_TEXT_INPUT_EX_GUID &(EFI_GUID) EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL_GUID + +-EFI_STATUS console_key_read(UINT64 *key, BOOLEAN wait) { ++static inline void EventClosep(EFI_EVENT *event) { ++ if (!*event) ++ return; ++ ++ uefi_call_wrapper(BS->CloseEvent, 1, *event); ++} ++ ++/* ++ * Reading input from the console sounds like an easy task to do, but thanks to broken ++ * firmware it is actually a nightmare. ++ * ++ * There is a ConIn and TextInputEx API for this. Ideally we want to use TextInputEx, ++ * because that gives us Ctrl/Alt/Shift key state information. Unfortunately, it is not ++ * always available and sometimes just non-functional. ++ * ++ * On the other hand we have ConIn, where some firmware likes to just freeze on us ++ * if we call ReadKeyStroke on it. ++ * ++ * Therefore, we use WaitForEvent on both ConIn and TextInputEx (if available) along ++ * with a timer event. The timer ensures there is no need to call into functions ++ * that might freeze on us, while still allowing us to show a timeout counter. ++ */ ++EFI_STATUS console_key_read(UINT64 *key, UINT64 timeout_usec) { + static EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL *TextInputEx; + static BOOLEAN checked; + UINTN index; + EFI_INPUT_KEY k; + EFI_STATUS err; ++ _cleanup_(EventClosep) EFI_EVENT timer = NULL; ++ EFI_EVENT events[3] = { ST->ConIn->WaitForKey }; ++ UINTN n_events = 1; + + if (!checked) { + err = LibLocateProtocol(EFI_SIMPLE_TEXT_INPUT_EX_GUID, (VOID **)&TextInputEx); +- if (EFI_ERROR(err)) ++ if (EFI_ERROR(err) || ++ uefi_call_wrapper(BS->CheckEvent, 1, TextInputEx->WaitForKeyEx) == EFI_INVALID_PARAMETER) ++ /* If WaitForKeyEx fails here, the firmware pretends it talks this ++ * protocol, but it really doesn't. */ + TextInputEx = NULL; ++ else ++ events[n_events++] = TextInputEx->WaitForKeyEx; + + checked = TRUE; + } + +- /* wait until key is pressed */ +- if (wait) +- uefi_call_wrapper(BS->WaitForEvent, 3, 1, &ST->ConIn->WaitForKey, &index); ++ if (timeout_usec > 0) { ++ err = uefi_call_wrapper(BS->CreateEvent, 5, EVT_TIMER, 0, NULL, NULL, &timer); ++ if (EFI_ERROR(err)) ++ return log_error_status_stall(err, L"Error creating timer event: %r", err); ++ ++ /* SetTimer expects 100ns units for some reason. */ ++ err = uefi_call_wrapper(BS->SetTimer, 3, timer, TimerRelative, timeout_usec * 10); ++ if (EFI_ERROR(err)) ++ return log_error_status_stall(err, L"Error arming timer event: %r", err); + +- if (TextInputEx) { ++ events[n_events++] = timer; ++ } ++ ++ err = uefi_call_wrapper(BS->WaitForEvent, 3, n_events, events, &index); ++ if (EFI_ERROR(err)) ++ return log_error_status_stall(err, L"Error waiting for events: %r", err); ++ ++ if (timeout_usec > 0 && timer == events[index]) ++ return EFI_TIMEOUT; ++ ++ /* TextInputEx might be ready too even if ConIn got to signal first. */ ++ if (TextInputEx && !EFI_ERROR(uefi_call_wrapper(BS->CheckEvent, 1, TextInputEx->WaitForKeyEx))) { + EFI_KEY_DATA keydata; + UINT64 keypress; ++ UINT32 shift = 0; + + err = uefi_call_wrapper(TextInputEx->ReadKeyStrokeEx, 2, TextInputEx, &keydata); +- if (!EFI_ERROR(err)) { +- UINT32 shift = 0; +- +- /* do not distinguish between left and right keys */ +- if (keydata.KeyState.KeyShiftState & EFI_SHIFT_STATE_VALID) { +- if (keydata.KeyState.KeyShiftState & (EFI_RIGHT_CONTROL_PRESSED|EFI_LEFT_CONTROL_PRESSED)) +- shift |= EFI_CONTROL_PRESSED; +- if (keydata.KeyState.KeyShiftState & (EFI_RIGHT_ALT_PRESSED|EFI_LEFT_ALT_PRESSED)) +- shift |= EFI_ALT_PRESSED; +- }; +- +- /* 32 bit modifier keys + 16 bit scan code + 16 bit unicode */ +- keypress = KEYPRESS(shift, keydata.Key.ScanCode, keydata.Key.UnicodeChar); +- if (keypress > 0) { +- *key = keypress; +- return 0; +- } ++ if (EFI_ERROR(err)) ++ return err; ++ ++ /* do not distinguish between left and right keys */ ++ if (keydata.KeyState.KeyShiftState & EFI_SHIFT_STATE_VALID) { ++ if (keydata.KeyState.KeyShiftState & (EFI_RIGHT_CONTROL_PRESSED|EFI_LEFT_CONTROL_PRESSED)) ++ shift |= EFI_CONTROL_PRESSED; ++ if (keydata.KeyState.KeyShiftState & (EFI_RIGHT_ALT_PRESSED|EFI_LEFT_ALT_PRESSED)) ++ shift |= EFI_ALT_PRESSED; ++ }; ++ ++ /* 32 bit modifier keys + 16 bit scan code + 16 bit unicode */ ++ keypress = KEYPRESS(shift, keydata.Key.ScanCode, keydata.Key.UnicodeChar); ++ if (keypress > 0) { ++ *key = keypress; ++ return EFI_SUCCESS; + } ++ ++ return EFI_NOT_READY; + } + +- /* fallback for firmware which does not support SimpleTextInputExProtocol +- * +- * This is also called in case ReadKeyStrokeEx did not return a key, because +- * some broken firmwares offer SimpleTextInputExProtocol, but never actually +- * handle any key. */ + err = uefi_call_wrapper(ST->ConIn->ReadKeyStroke, 2, ST->ConIn, &k); + if (EFI_ERROR(err)) + return err; + + *key = KEYPRESS(0, k.ScanCode, k.UnicodeChar); +- return 0; ++ return EFI_SUCCESS; + } + + static EFI_STATUS change_mode(UINTN mode) { +diff --git a/src/boot/efi/console.h b/src/boot/efi/console.h +index 2c69af552a..23848a9c58 100644 +--- a/src/boot/efi/console.h ++++ b/src/boot/efi/console.h +@@ -16,5 +16,5 @@ enum console_mode_change_type { + CONSOLE_MODE_MAX, + }; + +-EFI_STATUS console_key_read(UINT64 *key, BOOLEAN wait); ++EFI_STATUS console_key_read(UINT64 *key, UINT64 timeout_usec); + EFI_STATUS console_set_mode(UINTN *mode, enum console_mode_change_type how); +-- +2.33.0 + diff --git a/nixpkgs/pkgs/os-specific/linux/systemd/0023-path-util-make-find_executable-work-without-proc-mounted.patch b/nixpkgs/pkgs/os-specific/linux/systemd/0023-path-util-make-find_executable-work-without-proc-mounted.patch deleted file mode 100644 index 026d0278797e..000000000000 --- a/nixpkgs/pkgs/os-specific/linux/systemd/0023-path-util-make-find_executable-work-without-proc-mounted.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 93413acd3ef3a637a0f31a1d133b103e1dc81fd6 Mon Sep 17 00:00:00 2001 -From: Yu Watanabe <watanabe.yu+github@gmail.com> -Date: Mon, 23 Aug 2021 06:16:48 +0900 -Subject: [PATCH] path-util: make find_executable() work without /proc mounted - -Follow-up for 888f65ace6296ed61285d31db846babf1c11885e. - -Hopefully fixes #20514. ---- - src/basic/path-util.c | 6 +++++- - 1 file changed, 5 insertions(+), 1 deletion(-) - -diff --git a/src/basic/path-util.c b/src/basic/path-util.c -index d11f254a9f6a..a21981616b59 100644 ---- a/src/basic/path-util.c -+++ b/src/basic/path-util.c -@@ -630,7 +630,11 @@ static int check_x_access(const char *path, int *ret_fd) { - return r; - - r = access_fd(fd, X_OK); -- if (r < 0) -+ if (r == -ENOSYS) { -+ /* /proc is not mounted. Fallback to access(). */ -+ if (access(path, X_OK) < 0) -+ return -errno; -+ } else if (r < 0) - return r; - - if (ret_fd) diff --git a/nixpkgs/pkgs/os-specific/linux/systemd/default.nix b/nixpkgs/pkgs/os-specific/linux/systemd/default.nix index 3af70ff9151c..70036127fc89 100644 --- a/nixpkgs/pkgs/os-specific/linux/systemd/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/systemd/default.nix @@ -2,8 +2,10 @@ { stdenv , lib +, nixosTests , fetchFromGitHub , fetchpatch +, fetchzip , buildPackages , ninja , meson @@ -39,6 +41,7 @@ , gnupg , zlib , xz +, zstd , tpm2-tss , libuuid , libapparmor @@ -46,6 +49,7 @@ , bzip2 , pcre2 , e2fsprogs +, elfutils , linuxHeaders ? stdenv.cc.libc.linuxHeaders , gnu-efi , iptables @@ -66,7 +70,7 @@ , withAnalyze ? true , withApparmor ? true -, withCompression ? true # adds bzip2, lz4 and xz +, withCompression ? true # adds bzip2, lz4, xz and zstd , withCoredump ? true , withCryptsetup ? true , withDocumentation ? true @@ -75,24 +79,24 @@ , withHomed ? false , withHostnamed ? true , withHwdb ? true -, withImportd ? true +, withImportd ? !stdenv.hostPlatform.isMusl , withLibBPF ? false # currently fails while generating BPF objects , withLocaled ? true , withLogind ? true , withMachined ? true , withNetworkd ? true -, withNss ? true +, withNss ? !stdenv.hostPlatform.isMusl , withOomd ? false , withPCRE2 ? true , withPolkit ? true , withPortabled ? false -, withRemote ? true +, withRemote ? !stdenv.hostPlatform.isMusl , withResolved ? true , withShellCompletions ? true , withTimedated ? true , withTimesyncd ? true -, withTpm2Tss ? true -, withUserDb ? true +, withTpm2Tss ? !stdenv.hostPlatform.isMusl +, withUserDb ? !stdenv.hostPlatform.isMusl , libfido2 , p11-kit @@ -119,7 +123,7 @@ assert withHomed -> withCryptsetup; assert withCryptsetup -> (cryptsetup != null); let wantCurl = withRemote || withImportd; - version = "249.4"; + version = "249.5"; in stdenv.mkDerivation { inherit pname version; @@ -130,7 +134,7 @@ stdenv.mkDerivation { owner = "systemd"; repo = "systemd-stable"; rev = "v${version}"; - sha256 = "0pqi9gbk9kgwvd0idf13ybxz7s4h5przn01bwj6fna44jr0wy41c"; + sha256 = "0bir2syy20rdi59sv8xp8nw1c92zl9z0wmv7ggsll8dca7niqwbp"; }; # If these need to be regenerated, `git am path/to/00*.patch` them into a @@ -155,30 +159,56 @@ stdenv.mkDerivation { ./0015-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch ./0016-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch ./0017-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch - ./0018-logind-seat-debus-show-CanMultiSession-again.patch - ./0019-pkg-config-derive-prefix-from-prefix.patch - - # In v249 a bunch of meson files had been touched as part of the migration to - # jinja2 for templating. Unfortunately some of those files lost the `install_sysconfdir_samples` check. - # The following two patches are part of a PR that was filed to fix those cases. - # https://github.com/systemd/systemd/pull/20303 - ./0020-core-respect-install_sysconfdir_samples-in-meson-fil.patch - ./0021-login-respect-install_sysconfdir_samples-in-meson-fi.patch - - # In v248 or v249 we started to get in trouble due to our /etc/systemd/sytem being - # a symlink and thus being treated differently by systemd. With the below - # patch we mitigate that effect by special casing all our root unit dirs - # if they are symlinks. This does exactly what we need (AFAICT). - ./0022-core-Handle-lookup-paths-being-symlinks.patch - - # The way files are being tested for being executable changed in v248/v249 - # which caused our confinement setup to fail as we do not mount /proc by - # default. - # The issue has been reported upstream and this patch carries the upstream - # fix for the same. Upstream now has a test for this scenario. - # https://github.com/systemd/systemd/issues/20514 - ./0023-path-util-make-find_executable-work-without-proc-mounted.patch - ]; + ./0018-pkg-config-derive-prefix-from-prefix.patch + + # In v248 or v249 we started to get in trouble due to our + # /etc/systemd/system being a symlink and thus being treated differently by + # systemd. With the below patch we mitigate that effect by special casing + # all our root unit dirs if they are symlinks. This does exactly what we + # need (AFAICT). + ./0019-core-handle-lookup-paths-being-symlinks.patch + + # In v248 compiler weirdness and refactoring lead to the bootloader + # erroring out handling keyboard input on some systems. See + # https://github.com/systemd/systemd/issues/19191 + # This should be redundant in v249.6 when it offically gets tagged in + # systemd-stable + ./0020-sd-boot-Unify-error-handling.patch + ./0021-sd-boot-Rework-console-input-handling.patch + ] ++ lib.optional stdenv.hostPlatform.isMusl (let + oe-core = fetchzip { + url = "https://git.openembedded.org/openembedded-core/snapshot/openembedded-core-14c6e5a4b72d0e4665279158a0740dd1dc21f72f.tar.bz2"; + sha256 = "1jixya4czkr5p5rdcw3d6ips8zzr82dvnanvzvgjh67730scflya"; + }; + musl-patches = oe-core + "/meta/recipes-core/systemd/systemd"; + in [ + (musl-patches + "/0002-don-t-use-glibc-specific-qsort_r.patch") + (musl-patches + "/0003-missing_type.h-add-__compare_fn_t-and-comparison_fn_.patch") + (musl-patches + "/0004-add-fallback-parse_printf_format-implementation.patch") + (musl-patches + "/0005-src-basic-missing.h-check-for-missing-strndupa.patch") + (musl-patches + "/0006-Include-netinet-if_ether.h.patch") + (musl-patches + "/0007-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch") + (musl-patches + "/0008-add-missing-FTW_-macros-for-musl.patch") + (musl-patches + "/0009-fix-missing-of-__register_atfork-for-non-glibc-build.patch") + (musl-patches + "/0010-Use-uintmax_t-for-handling-rlim_t.patch") + (musl-patches + "/0011-test-sizeof.c-Disable-tests-for-missing-typedefs-in-.patch") + (musl-patches + "/0012-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch") + (musl-patches + "/0013-Define-glibc-compatible-basename-for-non-glibc-syste.patch") + (musl-patches + "/0014-Do-not-disable-buffering-when-writing-to-oom_score_a.patch") + (musl-patches + "/0015-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch") + (musl-patches + "/0016-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch") + (musl-patches + "/0017-missing_type.h-add-__compar_d_fn_t-definition.patch") + (musl-patches + "/0018-avoid-redefinition-of-prctl_mm_map-structure.patch") + (musl-patches + "/0019-Handle-missing-LOCK_EX.patch") + (musl-patches + "/0021-test-json.c-define-M_PIl.patch") + (musl-patches + "/0022-do-not-disable-buffer-in-writing-files.patch") + (musl-patches + "/0025-Handle-__cpu_mask-usage.patch") + (musl-patches + "/0026-Handle-missing-gshadow.patch") + (musl-patches + "/0028-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch") + + # Being discussed upstream: https://lists.openembedded.org/g/openembedded-core/topic/86411771#157056 + ./musl.diff + ]); postPatch = '' substituteInPlace src/basic/path-util.h --replace "@defaultPathNormal@" "${placeholder "out"}/bin/" @@ -251,6 +281,7 @@ stdenv.mkDerivation { { name = "libtss2-esys.so.0"; pkg = opt withTpm2Tss tpm2-tss; } { name = "libtss2-rc.so.0"; pkg = opt withTpm2Tss tpm2-tss; } { name = "libtss2-mu.so.0"; pkg = opt withTpm2Tss tpm2-tss; } + { name = "libtss2-tcti-"; pkg = opt withTpm2Tss tpm2-tss; } { name = "libfido2.so.1"; pkg = opt withFido2 libfido2; } ]; @@ -267,8 +298,12 @@ stdenv.mkDerivation { '' else '' # ensure that the library we provide actually exists if ! [ -e ${library} ]; then - echo 'The shared library `${library}` does not exist but was given as subtitute for `${dl.name}`' - exit 1 + # exceptional case, details: + # https://github.com/systemd/systemd-stable/blob/v249-stable/src/shared/tpm2-util.c#L157 + if ! [[ "${library}" =~ .*libtss2-tcti-$ ]]; then + echo 'The shared library `${library}` does not exist but was given as subtitute for `${dl.name}`' + exit 1 + fi fi # make the path to the dependency explicit for file in $(grep -lr '"${dl.name}"' src); do @@ -340,7 +375,8 @@ stdenv.mkDerivation { ++ lib.optional withApparmor libapparmor ++ lib.optional wantCurl (lib.getDev curl) - ++ lib.optionals withCompression [ bzip2 lz4 xz ] + ++ lib.optionals withCompression [ bzip2 lz4 xz zstd ] + ++ lib.optional withCoredump elfutils ++ lib.optional withCryptsetup (lib.getDev cryptsetup.dev) ++ lib.optional withEfi gnu-efi ++ lib.optional withKexectools kexec-tools @@ -353,6 +389,7 @@ stdenv.mkDerivation { ++ lib.optionals withHomed [ p11-kit ] ++ lib.optionals (withHomed || withCryptsetup) [ libfido2 ] ++ lib.optionals withLibBPF [ libbpf ] + ++ lib.optional withTpm2Tss tpm2-tss ; #dontAddPrefix = true; @@ -452,6 +489,12 @@ stdenv.mkDerivation { "-Dnss-systemd=false" ] ++ lib.optionals withLibBPF [ "-Dbpf-framework=true" + ] ++ lib.optionals withTpm2Tss [ + "-Dtpm2=true" + ] ++ lib.optionals stdenv.hostPlatform.isMusl [ + "-Dgshadow=false" + "-Dutmp=false" + "-Didn=false" ]; preConfigure = '' @@ -514,7 +557,7 @@ stdenv.mkDerivation { --replace "SYSTEMD_CGROUP_AGENT_PATH" "_SYSTEMD_CGROUP_AGENT_PATH" ''; - NIX_CFLAGS_COMPILE = toString [ + NIX_CFLAGS_COMPILE = toString ([ # Can't say ${polkit.bin}/bin/pkttyagent here because that would # lead to a cyclic dependency. "-UPOLKIT_AGENT_BINARY_PATH" @@ -528,7 +571,10 @@ stdenv.mkDerivation { "-USYSTEMD_BINARY_PATH" "-DSYSTEMD_BINARY_PATH=\"/run/current-system/systemd/lib/systemd/systemd\"" - ]; + + ] ++ lib.optionals stdenv.hostPlatform.isMusl [ + "-D__UAPI_DEF_ETHHDR=0" + ]); doCheck = false; # fails a bunch of tests @@ -571,6 +617,10 @@ stdenv.mkDerivation { # runtime; otherwise we can't and we need to reboot. passthru.interfaceVersion = 2; + passthru.tests = { + inherit (nixosTests) switchTest; + }; + meta = with lib; { homepage = "https://www.freedesktop.org/wiki/Software/systemd/"; description = "A system and service manager for Linux"; diff --git a/nixpkgs/pkgs/os-specific/linux/systemd/musl.diff b/nixpkgs/pkgs/os-specific/linux/systemd/musl.diff new file mode 100644 index 000000000000..cab135dd8fc5 --- /dev/null +++ b/nixpkgs/pkgs/os-specific/linux/systemd/musl.diff @@ -0,0 +1,12 @@ +diff --git a/src/shared/mount-setup.c b/src/shared/mount-setup.c +index ef3527e..cc1ba23 100644 +--- a/src/shared/mount-setup.c ++++ b/src/shared/mount-setup.c +@@ -32,6 +32,7 @@ + #include "strv.h" + #include "user-util.h" + #include "virt.h" ++#include "missing_type.h" + + typedef enum MountMode { + MNT_NONE = 0, diff --git a/nixpkgs/pkgs/os-specific/linux/sysvinit/default.nix b/nixpkgs/pkgs/os-specific/linux/sysvinit/default.nix index c783c7924b59..5f4f6069bcc6 100644 --- a/nixpkgs/pkgs/os-specific/linux/sysvinit/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/sysvinit/default.nix @@ -1,13 +1,13 @@ { lib, stdenv, fetchurl, withoutInitTools ? false }: -let version = "3.00"; in +let version = "3.01"; in stdenv.mkDerivation { name = (if withoutInitTools then "sysvtools" else "sysvinit") + "-" + version; src = fetchurl { url = "mirror://savannah/sysvinit/sysvinit-${version}.tar.xz"; - sha256 = "sha256-7WvCCttnNTiYQefT64ZQ+nUMdq8gv07XOxMwpNTBQBc="; + sha256 = "sha256-aLEaR3LNrM5ftlpMvq0ySizjmZ0Ti0/2HcLVnlfvV5M="; }; prePatch = '' diff --git a/nixpkgs/pkgs/os-specific/linux/tiptop/default.nix b/nixpkgs/pkgs/os-specific/linux/tiptop/default.nix index c6870d2a4c44..bb9fa2859824 100644 --- a/nixpkgs/pkgs/os-specific/linux/tiptop/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/tiptop/default.nix @@ -9,11 +9,20 @@ stdenv.mkDerivation rec { sha256 = "10j1138y3cj3hsmfz4w0bmk90523b0prqwi9nhb4z8xvjnf49i2i"; }; - patches = [(fetchpatch { - name = "reproducibility.patch"; - url = "https://salsa.debian.org/debian/tiptop/raw/debian/2.3.1-1/debian/patches/0001-fix-reproducibility-of-build-process.patch"; - sha256 = "116l7n3nl9lj691i7j8x0d0za1i6zpqgghw5d70qfpb17c04cblp"; - })]; + patches = [ + (fetchpatch { + name = "reproducibility.patch"; + url = "https://salsa.debian.org/debian/tiptop/raw/debian/2.3.1-1/debian/patches/0001-fix-reproducibility-of-build-process.patch"; + sha256 = "116l7n3nl9lj691i7j8x0d0za1i6zpqgghw5d70qfpb17c04cblp"; + }) + + # Pull upstream patch for ncurses-6.3 + (fetchpatch { + name = "ncurses-6.3.patch"; + url = "https://gitlab.inria.fr/rohou/tiptop/-/commit/a78234c27fdd62fed09430d998950e49e11a1832.patch"; + sha256 = "1k55agdri7iw3gwm4snj3ps62qzmxlqr6s0868l8qamjw38z9g00"; + }) + ]; postPatch = '' substituteInPlace ./configure --replace -lcurses -lncurses diff --git a/nixpkgs/pkgs/os-specific/linux/trace-cmd/default.nix b/nixpkgs/pkgs/os-specific/linux/trace-cmd/default.nix index 0a7860c0238e..129ec31223c7 100644 --- a/nixpkgs/pkgs/os-specific/linux/trace-cmd/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/trace-cmd/default.nix @@ -1,17 +1,23 @@ -{ lib, stdenv, fetchgit, asciidoc, docbook_xsl, libxslt }: +{ lib, stdenv, fetchgit, pkg-config, asciidoc, xmlto, docbook_xsl, libxslt, libtraceevent, libtracefs }: stdenv.mkDerivation rec { pname = "trace-cmd"; - version = "2.9.1"; + version = "2.9.5"; src = fetchgit { url = "git://git.kernel.org/pub/scm/utils/trace-cmd/trace-cmd.git/"; rev = "trace-cmd-v${version}"; - sha256 = "19c63a0qmcppm1456qf4k6a0d1agcvpa6jnbzrdcyc520yax6khw"; + sha256 = "0kc5cldk5i7q2zr2nyz3mvs5v7w0km6lpx7g39sy3pmhshp0wqlq"; }; - patches = [ ./fix-Makefiles.patch ]; + # Don't build and install html documentation + postPatch = '' + sed -i -e '/^all:/ s/html//' -e '/^install:/ s/install-html//' \ + Documentation{,/trace-cmd,/libtracecmd}/Makefile + ''; - nativeBuildInputs = [ asciidoc libxslt ]; + nativeBuildInputs = [ asciidoc libxslt pkg-config xmlto ]; + + buildInputs = [ libtraceevent libtracefs ]; outputs = [ "out" "lib" "dev" "man" ]; @@ -19,20 +25,28 @@ stdenv.mkDerivation rec { dontConfigure = true; - buildPhase = "make trace-cmd libs doc"; + enableParallelBuilding = true; + makeFlags = [ + "all" "libs" "doc" + # The following values appear in the generated .pc file + "prefix=${placeholder "lib"}" + "libdir=${placeholder "lib"}/lib" + "includedir=${placeholder "dev"}/include" + ]; installTargets = [ "install_cmd" "install_libs" "install_doc" ]; installFlags = [ "bindir=${placeholder "out"}/bin" "man_dir=${placeholder "man"}/share/man" "libdir=${placeholder "lib"}/lib" + "pkgconfig_dir=${placeholder "lib"}/lib/pkgconfig" "includedir=${placeholder "dev"}/include" "BASH_COMPLETE_DIR=${placeholder "out"}/share/bash-completion/completions" ]; meta = with lib; { description = "User-space tools for the Linux kernel ftrace subsystem"; - homepage = "https://kernelshark.org/"; + homepage = "https://www.trace-cmd.org/"; license = licenses.gpl2; platforms = platforms.linux; maintainers = with maintainers; [ thoughtpolice basvandijk ]; diff --git a/nixpkgs/pkgs/os-specific/linux/trace-cmd/fix-Makefiles.patch b/nixpkgs/pkgs/os-specific/linux/trace-cmd/fix-Makefiles.patch deleted file mode 100644 index 1e783999af68..000000000000 --- a/nixpkgs/pkgs/os-specific/linux/trace-cmd/fix-Makefiles.patch +++ /dev/null @@ -1,35 +0,0 @@ -diff --git a/Makefile b/Makefile -index b034042..b8a06bc 100644 ---- a/Makefile -+++ b/Makefile -@@ -338,6 +338,7 @@ libtracefs.a: $(LIBTRACEFS_STATIC) - libtracefs.so: $(LIBTRACEFS_SHARED) - - libs: $(LIBTRACECMD_SHARED) $(LIBTRACEEVENT_SHARED) $(LIBTRACEFS_SHARED) -+libs: $(LIBTRACECMD_STATIC) $(LIBTRACEEVENT_STATIC) $(LIBTRACEFS_STATIC) - - test: force $(LIBTRACEEVENT_STATIC) $(LIBTRACEFS_STATIC) $(LIBTRACECMD_STATIC) - ifneq ($(CUNIT_INSTALLED),1) -@@ -414,6 +415,9 @@ install_libs: libs - $(Q)$(call do_install,$(LIBTRACECMD_SHARED),$(libdir_SQ)/trace-cmd) - $(Q)$(call do_install,$(LIBTRACEEVENT_SHARED),$(libdir_SQ)/traceevent) - $(Q)$(call do_install,$(LIBTRACEFS_SHARED),$(libdir_SQ)/tracefs) -+ $(Q)$(call do_install,$(LIBTRACECMD_STATIC),$(libdir_SQ)/trace-cmd) -+ $(Q)$(call do_install,$(LIBTRACEEVENT_STATIC),$(libdir_SQ)/traceevent) -+ $(Q)$(call do_install,$(LIBTRACEFS_STATIC),$(libdir_SQ)/tracefs) - $(Q)$(call do_install,$(src)/include/traceevent/event-parse.h,$(includedir_SQ)/traceevent) - $(Q)$(call do_install,$(src)/include/traceevent/trace-seq.h,$(includedir_SQ)/traceevent) - $(Q)$(call do_install,$(src)/include/trace-cmd/trace-cmd.h,$(includedir_SQ)/trace-cmd) -diff --git a/kernel-shark/src/CMakeLists.txt b/kernel-shark/src/CMakeLists.txt -index 457c100..687e150 100644 ---- a/kernel-shark/src/CMakeLists.txt -+++ b/kernel-shark/src/CMakeLists.txt -@@ -92,7 +92,7 @@ if (Qt5Widgets_FOUND AND Qt5Network_FOUND) - DESTINATION ${_INSTALL_PREFIX}/share/icons/${KS_APP_NAME}) - - install(FILES "${KS_DIR}/org.freedesktop.kshark-record.policy" -- DESTINATION /usr/share/polkit-1/actions/) -+ DESTINATION ${_INSTALL_PREFIX}/share/polkit-1/actions/) - - install(PROGRAMS "${KS_DIR}/bin/kshark-su-record" - DESTINATION ${_INSTALL_PREFIX}/bin/) diff --git a/nixpkgs/pkgs/os-specific/linux/trace-cmd/kernelshark.nix b/nixpkgs/pkgs/os-specific/linux/trace-cmd/kernelshark.nix index 45d984c78632..4d0412edbeee 100644 --- a/nixpkgs/pkgs/os-specific/linux/trace-cmd/kernelshark.nix +++ b/nixpkgs/pkgs/os-specific/linux/trace-cmd/kernelshark.nix @@ -1,40 +1,31 @@ -{ lib, mkDerivation, fetchgit, qtbase, cmake, asciidoc, docbook_xsl, json_c, mesa_glu, freeglut, trace-cmd, pkg-config }: +{ lib, mkDerivation, fetchgit, qtbase, cmake, asciidoc +, docbook_xsl, json_c, mesa_glu, freeglut, trace-cmd, pkg-config +, libtraceevent, libtracefs, freefont_ttf +}: + mkDerivation rec { pname = "kernelshark"; - version = "1.2"; + version = "2.0.2"; src = fetchgit { - url = "git://git.kernel.org/pub/scm/utils/trace-cmd/trace-cmd.git/"; - rev = "kernelshark-v${version}"; - sha256 = "0wzzm2imk9n94v96v6sbvbff6j47lz4qj0snhiyv3nj3slg0anvh"; + url = "https://git.kernel.org/pub/scm/utils/trace-cmd/kernel-shark.git/"; + rev = "kernelshark-v${version}"; + sha256 = "0vy5wa1kccrxr973l870jy5hl6lac7sk3zyg3hxrwmivin1yf0cv"; }; - patches = [ ./fix-Makefiles.patch ]; - - outputs = [ "out" "doc" ]; + outputs = [ "out" ]; - preConfigure = "pushd kernel-shark"; + nativeBuildInputs = [ pkg-config cmake ]; - nativeBuildInputs = [ pkg-config cmake asciidoc ]; - - buildInputs = [ qtbase json_c mesa_glu freeglut ]; + buildInputs = [ qtbase json_c mesa_glu freeglut libtraceevent libtracefs trace-cmd ]; cmakeFlags = [ "-D_INSTALL_PREFIX=${placeholder "out"}" - "-DTRACECMD_BIN_DIR=${trace-cmd}/bin" - "-DTRACECMD_INCLUDE_DIR=${trace-cmd.dev}/include" - "-DTRACECMD_LIBRARY=${trace-cmd.lib}/lib/trace-cmd/libtracecmd.a" - "-DTRACEEVENT_LIBRARY=${trace-cmd.lib}/lib/traceevent/libtraceevent.a" - "-DTRACEFS_LIBRARY=${trace-cmd.lib}/lib/tracefs/libtracefs.a" + "-D_POLKIT_INSTALL_PREFIX=${placeholder "out"}" + "-DPKG_CONGIG_DIR=${placeholder "out"}/lib/pkgconfig" + "-DTT_FONT_FILE=${freefont_ttf}/share/fonts/truetype/FreeSans.ttf" ]; - preInstall = '' - popd - make install_doc_gui prefix=$doc \ - FIND_MANPAGE_DOCBOOK_XSL=${docbook_xsl}/share/xml/docbook-xsl-nons/manpages/docbook.xsl - pushd kernel-shark/build - ''; - meta = with lib; { description = "GUI for trace-cmd which is an interface for the Linux kernel ftrace subsystem"; homepage = "https://kernelshark.org/"; diff --git a/nixpkgs/pkgs/os-specific/linux/uclibc/default.nix b/nixpkgs/pkgs/os-specific/linux/uclibc/default.nix index a724604c725e..a0b748be2149 100644 --- a/nixpkgs/pkgs/os-specific/linux/uclibc/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/uclibc/default.nix @@ -39,6 +39,8 @@ let UCLIBC_SUSV4_LEGACY y UCLIBC_HAS_THREADS_NATIVE y KERNEL_HEADERS "${linuxHeaders}/include" + '' + lib.optionalString (stdenv.hostPlatform.gcc.float or "" == "soft") '' + UCLIBC_HAS_FPU n '' + lib.optionalString (stdenv.isAarch32 && stdenv.buildPlatform != stdenv.hostPlatform) '' CONFIG_ARM_EABI y ARCH_WANTS_BIG_ENDIAN n @@ -81,7 +83,8 @@ stdenv.mkDerivation { depsBuildBuild = [ buildPackages.stdenv.cc ]; makeFlags = [ - "ARCH=${stdenv.hostPlatform.parsed.cpu.name}" + "ARCH=${stdenv.hostPlatform.linuxArch}" + "TARGET_ARCH=${stdenv.hostPlatform.linuxArch}" "VERBOSE=1" ] ++ lib.optionals (stdenv.buildPlatform != stdenv.hostPlatform) [ "CROSS=${stdenv.cc.targetPrefix}" @@ -93,7 +96,7 @@ stdenv.mkDerivation { installPhase = '' mkdir -p $out - make PREFIX=$out VERBOSE=1 install + make $makeFlags PREFIX=$out VERBOSE=1 install (cd $out/include && ln -s $(ls -d ${linuxHeaders}/include/* | grep -v "scsi$") .) # libpthread.so may not exist, so I do || true sed -i s@/lib/@$out/lib/@g $out/lib/libc.so $out/lib/libpthread.so || true @@ -109,6 +112,7 @@ stdenv.mkDerivation { description = "A small implementation of the C library"; maintainers = with maintainers; [ rasendubi ]; license = licenses.lgpl2; - platforms = intersectLists platforms.linux platforms.x86; # fails to build on ARM + platforms = platforms.linux; + broken = stdenv.hostPlatform.isAarch32 || stdenv.hostPlatform.isAarch64; }; } diff --git a/nixpkgs/pkgs/os-specific/linux/udisks-glue/default.nix b/nixpkgs/pkgs/os-specific/linux/udisks-glue/default.nix index 453df94f8fb5..e51a2b1990c3 100644 --- a/nixpkgs/pkgs/os-specific/linux/udisks-glue/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/udisks-glue/default.nix @@ -1,10 +1,11 @@ { lib, stdenv, fetchurl, pkg-config, automake, autoconf, udisks1, dbus-glib, glib, libconfuse }: -stdenv.mkDerivation { - name = "udisks-glue-1.3.5"; +stdenv.mkDerivation rec { + pname = "udisks-glue"; + version = "1.3.5"; src = fetchurl { - url = "https://github.com/fernandotcl/udisks-glue/archive/release-1.3.5.tar.gz"; + url = "https://github.com/fernandotcl/udisks-glue/archive/release-${version}.tar.gz"; sha256 = "317d25bf249278dc8f6a5dcf18f760512427c772b9afe3cfe34e6e1baa258176"; }; @@ -17,9 +18,9 @@ stdenv.mkDerivation { homepage = "https://github.com/fernandotcl/udisks-glue"; description = "A tool to associate udisks events to user-defined actions"; platforms = lib.platforms.linux; - maintainers = with lib.maintainers; [pSub]; + maintainers = with lib.maintainers; [ pSub ]; license = lib.licenses.bsd2; broken = true; - hydraPlatforms = []; + hydraPlatforms = [ ]; }; } diff --git a/nixpkgs/pkgs/os-specific/linux/udisks/1-default.nix b/nixpkgs/pkgs/os-specific/linux/udisks/1-default.nix index f20dc6b60765..87da3a29d6c0 100644 --- a/nixpkgs/pkgs/os-specific/linux/udisks/1-default.nix +++ b/nixpkgs/pkgs/os-specific/linux/udisks/1-default.nix @@ -1,12 +1,31 @@ -{ lib, stdenv, fetchurl, pkg-config, sg3_utils, udev, glib, dbus, dbus-glib -, polkit, parted, lvm2, libatasmart, intltool, libuuid, mdadm -, libxslt, docbook_xsl, util-linux, libgudev }: +{ lib +, stdenv +, fetchurl +, pkg-config +, sg3_utils +, udev +, glib +, dbus +, dbus-glib +, polkit +, parted +, lvm2 +, libatasmart +, intltool +, libuuid +, mdadm +, libxslt +, docbook_xsl +, util-linux +, libgudev +}: stdenv.mkDerivation rec { - name = "udisks-1.0.5"; + pname = "udisks"; + version = "1.0.5"; src = fetchurl { - url = "https://hal.freedesktop.org/releases/${name}.tar.gz"; + url = "https://hal.freedesktop.org/releases/udisks-${version}.tar.gz"; sha256 = "0wbg3jrv8limdgvcygf4dqin3y6d30y9pcmmk711vq571vmq5v7j"; }; @@ -27,8 +46,21 @@ stdenv.mkDerivation rec { ''; buildInputs = - [ sg3_utils udev glib dbus dbus-glib polkit parted libgudev - lvm2 libatasmart intltool libuuid libxslt docbook_xsl + [ + sg3_utils + udev + glib + dbus + dbus-glib + polkit + parted + libgudev + lvm2 + libatasmart + intltool + libuuid + libxslt + docbook_xsl ]; nativeBuildInputs = [ pkg-config ]; @@ -41,6 +73,6 @@ stdenv.mkDerivation rec { platforms = platforms.linux; license = with licenses; [ gpl2 lgpl2Plus ]; broken = true; - hydraPlatforms = []; + hydraPlatforms = [ ]; }; } diff --git a/nixpkgs/pkgs/os-specific/linux/udisks/2-default.nix b/nixpkgs/pkgs/os-specific/linux/udisks/2-default.nix index 7be729f4ac8d..e5a5ff971a35 100644 --- a/nixpkgs/pkgs/os-specific/linux/udisks/2-default.nix +++ b/nixpkgs/pkgs/os-specific/linux/udisks/2-default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchFromGitHub, fetchpatch, substituteAll, libtool, pkg-config, gettext, gnused +{ lib, stdenv, fetchFromGitHub, substituteAll, libtool, pkg-config, gettext, gnused , gtk-doc, acl, systemd, glib, libatasmart, polkit, coreutils, bash, which , expat, libxslt, docbook_xsl, util-linux, mdadm, libgudev, libblockdev, parted , gobject-introspection, docbook_xml_dtd_412, docbook_xml_dtd_43, autoconf, automake @@ -7,13 +7,13 @@ stdenv.mkDerivation rec { pname = "udisks"; - version = "2.8.4"; + version = "2.9.4"; src = fetchFromGitHub { owner = "storaged-project"; repo = "udisks"; rev = "${pname}-${version}"; - sha256 = "01wx2x8xyal595dhdih7rva2bz7gqzgwdp56gi0ikjdzayx17wcf"; + sha256 = "sha256-MYQztzIyp5kh9t1bCIlj08/gaOmZfuu/ZOwo3F+rZiw="; }; outputs = [ "out" "man" "dev" ] ++ lib.optional (stdenv.hostPlatform == stdenv.buildPlatform) "devdoc"; @@ -37,17 +37,11 @@ stdenv.mkDerivation rec { xfsprogs ntfs3g parted util-linux ]; }) - - # Fix tests: https://github.com/storaged-project/udisks/issues/724 - (fetchpatch { - url = "https://github.com/storaged-project/udisks/commit/60a0c1c967821d317046d9494e45b9a8e4e7a1c1.patch"; - sha256 = "0rlgqsxn7rb074x6ivm0ya5lywc4llifj5br0zr31mwwckv7hsdm"; - }) ]; nativeBuildInputs = [ autoconf automake pkg-config libtool gettext which gobject-introspection - gtk-doc libxslt docbook_xml_dtd_412 docbook_xml_dtd_43 docbook_xsl + gtk-doc libxslt docbook_xml_dtd_412 docbook_xml_dtd_43 docbook_xsl util-linux ]; postPatch = lib.optionalString stdenv.hostPlatform.isMusl '' diff --git a/nixpkgs/pkgs/os-specific/linux/udisks/fix-paths.patch b/nixpkgs/pkgs/os-specific/linux/udisks/fix-paths.patch index c2744c3b42e1..215df565eccd 100644 --- a/nixpkgs/pkgs/os-specific/linux/udisks/fix-paths.patch +++ b/nixpkgs/pkgs/os-specific/linux/udisks/fix-paths.patch @@ -1,16 +1,20 @@ +diff --git a/Makefile.am b/Makefile.am +index 56922b79..697f8c6e 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1,6 +1,6 @@ ## Process this file with automake to produce Makefile.in --SHELL = /bin/bash +-SHELL = @BASH@ +SHELL = @bash@ .SHELLFLAGS = -o pipefail -c PYTHON ?= python3 +diff --git a/data/80-udisks2.rules b/data/80-udisks2.rules +index 39bfa28b..ee1ca90a 100644 --- a/data/80-udisks2.rules +++ b/data/80-udisks2.rules -@@ -17,9 +17,9 @@ +@@ -17,9 +17,9 @@ ENV{DM_UDEV_DISABLE_OTHER_RULES_FLAG}=="?*", GOTO="udisks_probe_end" # # TODO: file bug against mdadm(8) to have --export-prefix option that can be used with e.g. UDISKS_MD_MEMBER # @@ -22,17 +26,37 @@ LABEL="udisks_probe_end" +diff --git a/modules/zram/data/udisks2-zram-setup@.service.in b/modules/zram/data/udisks2-zram-setup@.service.in +index ac868e84..03fdd887 100644 +--- a/modules/zram/data/udisks2-zram-setup@.service.in ++++ b/modules/zram/data/udisks2-zram-setup@.service.in +@@ -8,7 +8,7 @@ Requires=dev-%i.device + Type=oneshot + RemainAfterExit=no + EnvironmentFile=-@zramconfdir@/%i +-ExecStart=-/bin/sh -c 'if [ -n "$ZRAM_NUM_STR" ]; then echo "$ZRAM_NUM_STR" > /sys/class/block/%i/max_comp_streams; fi' +-ExecStart=-/bin/sh -c 'if [ -n "$ZRAM_DEV_SIZE" ]; then echo "$ZRAM_DEV_SIZE" > /sys/class/block/%i/disksize; fi' +-ExecStart=-/bin/sh -c 'if [ "$SWAP" = "y" ]; then mkswap /dev/%i && swapon /dev/%i; fi' +-# ExecStop=-/bin/sh -c 'echo 1 > /sys/class/block/%i/reset' ++ExecStart=-@sh@ -c 'if [ -n "$ZRAM_NUM_STR" ]; then echo "$ZRAM_NUM_STR" > /sys/class/block/%i/max_comp_streams; fi' ++ExecStart=-@sh@ -c 'if [ -n "$ZRAM_DEV_SIZE" ]; then echo "$ZRAM_DEV_SIZE" > /sys/class/block/%i/disksize; fi' ++ExecStart=-@sh@ -c 'if [ "$SWAP" = "y" ]; then @mkswap@ /dev/%i && @swapon@ /dev/%i; fi' ++# ExecStop=-@sh@ -c 'echo 1 > /sys/class/block/%i/reset' +diff --git a/modules/zram/udiskslinuxmanagerzram.c b/modules/zram/udiskslinuxmanagerzram.c +index f647f653..df81e910 100644 --- a/modules/zram/udiskslinuxmanagerzram.c +++ b/modules/zram/udiskslinuxmanagerzram.c -@@ -250,7 +250,7 @@ +@@ -243,7 +243,7 @@ create_conf_files (guint64 num_devices, g_snprintf (tmp, 255, "zram%" G_GUINT64_FORMAT, i); filename = g_build_filename (PACKAGE_ZRAMCONF_DIR, tmp, NULL); -- contents = g_strdup_printf ("#!/bin/bash\n\n" -+ contents = g_strdup_printf ("#!@bash@\n\n" +- contents = g_strdup_printf ("#!/bin/bash\n" ++ contents = g_strdup_printf ("#!@bash@\n" + "# UDisks2 managed ZRAM configuration\n\n" "ZRAM_NUM_STR=%" G_GUINT64_FORMAT "\n" "ZRAM_DEV_SIZE=%" G_GUINT64_FORMAT "\n" - "SWAP=n\n", +diff --git a/src/tests/install-udisks/runtest.sh b/src/tests/install-udisks/runtest.sh +index e7df4ed2..ab4356d9 100644 --- a/src/tests/install-udisks/runtest.sh +++ b/src/tests/install-udisks/runtest.sh @@ -1,4 +1,4 @@ @@ -41,18 +65,11 @@ # vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # +diff --git a/src/tests/integration-test b/src/tests/integration-test +index 4499a6a9..8b711f95 100755 --- a/src/tests/integration-test +++ b/src/tests/integration-test -@@ -414,7 +414,7 @@ - f.write('KERNEL=="sr*", ENV{DISK_EJECT_REQUEST}!="?*", ' - 'ATTRS{model}=="scsi_debug*", ' - 'ENV{ID_CDROM_MEDIA}=="?*", ' -- 'IMPORT{program}="/sbin/blkid -o udev -p -u noraid $tempnode"\n') -+ 'IMPORT{program}="@blkid@ -o udev -p -u noraid $tempnode"\n') - # reload udev - subprocess.call('sync; pkill --signal HUP udevd || ' - 'pkill --signal HUP systemd-udevd', -@@ -1079,7 +1079,7 @@ +@@ -1142,7 +1142,7 @@ class FS(UDisksTestCase): self.assertFalse(os.access(f, os.X_OK)) f = os.path.join(mount_point, 'simple.exe') @@ -61,7 +78,7 @@ self.assertTrue(os.access(f, os.R_OK)) self.assertTrue(os.access(f, os.W_OK)) self.assertTrue(os.access(f, os.X_OK)) -@@ -1092,7 +1092,7 @@ +@@ -1155,7 +1155,7 @@ class FS(UDisksTestCase): self.assertFalse(os.access(f, os.X_OK)) f = os.path.join(mount_point, 'subdir', 'subdir.exe') @@ -70,6 +87,8 @@ self.assertTrue(os.access(f, os.R_OK)) self.assertTrue(os.access(f, os.W_OK)) self.assertTrue(os.access(f, os.X_OK)) +diff --git a/src/tests/storadectl/runtest.sh b/src/tests/storadectl/runtest.sh +index f03885f9..baca6a93 100644 --- a/src/tests/storadectl/runtest.sh +++ b/src/tests/storadectl/runtest.sh @@ -1,4 +1,4 @@ @@ -78,9 +97,11 @@ # vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # +diff --git a/src/tests/test.c b/src/tests/test.c +index 3ddbdf2c..a87f960a 100644 --- a/src/tests/test.c +++ b/src/tests/test.c -@@ -71,7 +71,7 @@ +@@ -71,7 +71,7 @@ test_spawned_job_successful (void) { UDisksSpawnedJob *job; @@ -89,7 +110,7 @@ udisks_spawned_job_start (job); _g_assert_signal_received (job, "completed", G_CALLBACK (on_completed_expect_success), NULL); g_object_unref (job); -@@ -84,10 +84,10 @@ +@@ -84,10 +84,10 @@ test_spawned_job_failure (void) { UDisksSpawnedJob *job; @@ -102,7 +123,7 @@ g_object_unref (job); } -@@ -119,7 +119,7 @@ +@@ -119,7 +119,7 @@ test_spawned_job_cancelled_at_start (void) cancellable = g_cancellable_new (); g_cancellable_cancel (cancellable); @@ -111,7 +132,7 @@ udisks_spawned_job_start (job); _g_assert_signal_received (job, "completed", G_CALLBACK (on_completed_expect_failure), (gpointer) "Operation was cancelled (g-io-error-quark, 19)"); -@@ -145,7 +145,7 @@ +@@ -144,7 +144,7 @@ test_spawned_job_cancelled_midway (void) GCancellable *cancellable; cancellable = g_cancellable_new (); @@ -119,8 +140,8 @@ + job = udisks_spawned_job_new ("@sleep@ 0.5", NULL, getuid (), geteuid (), NULL, cancellable); udisks_spawned_job_start (job); g_timeout_add (10, on_timeout, cancellable); /* 10 msec */ - g_main_loop_run (loop); -@@ -199,7 +199,7 @@ + _g_assert_signal_received (job, "completed", G_CALLBACK (on_completed_expect_failure), +@@ -197,7 +197,7 @@ test_spawned_job_premature_termination (void) { UDisksSpawnedJob *job; @@ -129,3 +150,6 @@ udisks_spawned_job_start (job); g_object_unref (job); } +-- +2.33.1 + diff --git a/nixpkgs/pkgs/os-specific/linux/udisks/force-path.patch b/nixpkgs/pkgs/os-specific/linux/udisks/force-path.patch index 16c7ea5322fa..741f53544bee 100644 --- a/nixpkgs/pkgs/os-specific/linux/udisks/force-path.patch +++ b/nixpkgs/pkgs/os-specific/linux/udisks/force-path.patch @@ -1,8 +1,9 @@ -diff -ruN udisks-2.1.0.orig/src/main.c udisks-2.1.0/src/main.c ---- udisks-2.1.0.orig/src/main.c 2013-04-02 10:43:41.629332135 +0000 -+++ udisks-2.1.0/src/main.c 2013-04-02 11:04:55.635342823 +0000 -@@ -140,8 +140,7 @@ - } +diff --git a/src/main.c b/src/main.c +index b4dbf9e0..3171fa34 100644 +--- a/src/main.c ++++ b/src/main.c +@@ -144,8 +144,7 @@ main (int argc, + g_setenv("G_MESSAGES_DEBUG", "udisks", FALSE); } - if (g_getenv ("PATH") == NULL) @@ -11,3 +12,6 @@ diff -ruN udisks-2.1.0.orig/src/main.c udisks-2.1.0/src/main.c udisks_notice ("udisks daemon version %s starting", PACKAGE_VERSION); +-- +2.33.1 + diff --git a/nixpkgs/pkgs/os-specific/linux/util-linux/default.nix b/nixpkgs/pkgs/os-specific/linux/util-linux/default.nix index 73f321f26318..b3536e038f0b 100644 --- a/nixpkgs/pkgs/os-specific/linux/util-linux/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/util-linux/default.nix @@ -1,20 +1,25 @@ { lib, stdenv, fetchurl, pkg-config, zlib, shadow, libcap_ng -, ncurses ? null, perl ? null, pam, systemd ? null, minimal ? false }: +, ncurses ? null, pam, systemd ? null +, nlsSupport ? true +, audit ? null +}: + +assert stdenv.hostPlatform.isStatic -> audit != null; stdenv.mkDerivation rec { pname = "util-linux"; - version = "2.36.2"; + version = "2.37.2"; src = fetchurl { url = "mirror://kernel/linux/utils/util-linux/v${lib.versions.majorMinor version}/${pname}-${version}.tar.xz"; - sha256 = "0psc0asjp1rmfx1j7468zfnk9nphlphybw2n8dcl74v8v2lnnlgp"; + sha256 = "sha256-agdkwarn+2B++KbdLA9sR9Xl/SeqCIIKuq2ewU4o6dk="; }; patches = [ ./rtcwake-search-PATH-for-shutdown.patch ]; - outputs = [ "bin" "dev" "out" "man" ]; + outputs = [ "bin" "dev" "out" "lib" "man" ]; postPatch = '' patchShebangs tests/run.sh @@ -30,36 +35,44 @@ stdenv.mkDerivation rec { # somewhat risky because we have to consider that mount can setuid # root... configureFlags = [ + "--localstatedir=/var" "--enable-write" - "--enable-last" - "--enable-mesg" "--disable-use-tty-group" "--enable-fs-paths-default=/run/wrappers/bin:/run/current-system/sw/bin:/sbin" "--disable-makeinstall-setuid" "--disable-makeinstall-chown" "--disable-su" # provided by shadow + (lib.enableFeature nlsSupport "nls") (lib.withFeature (ncurses != null) "ncursesw") (lib.withFeature (systemd != null) "systemd") (lib.withFeatureAs (systemd != null) "systemdsystemunitdir" "${placeholder "bin"}/lib/systemd/system/") + "SYSCONFSTATICDIR=${placeholder "lib"}/lib" ] ++ lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) "scanf_cv_type_modifier=ms" ; makeFlags = [ "usrbin_execdir=${placeholder "bin"}/bin" + "usrlib_execdir=${placeholder "lib"}/lib" "usrsbin_execdir=${placeholder "bin"}/sbin" ]; nativeBuildInputs = [ pkg-config ]; buildInputs = [ zlib pam libcap_ng ] - ++ lib.filter (p: p != null) [ ncurses systemd perl ]; + ++ lib.filter (p: p != null) [ ncurses systemd ] + # not sure how util-linux is linking with linux-pam, + # probably just with a simplistic -lpam. + # linux-pam doesn't seem to have a .pc file so I can't + # add -laudit to the Requires.private. + # libaudit is also needed directly anyway cf login-utils/login.c + # and sys-utils/hwclock.c, not sure how we got it working + # without audit on dynamic builds. + ++ lib.optionals stdenv.hostPlatform.isStatic [ audit ]; - doCheck = false; # "For development purpose only. Don't execute on production system!" + NIX_CFLAGS_LINK = lib.optionalString stdenv.hostPlatform.isStatic "-laudit"; - postInstall = lib.optionalString minimal '' - rm -rf $out/share/{locale,doc,bash-completion} - ''; + doCheck = false; # "For development purpose only. Don't execute on production system!" enableParallelBuilding = true; diff --git a/nixpkgs/pkgs/os-specific/linux/v86d/default.nix b/nixpkgs/pkgs/os-specific/linux/v86d/default.nix index 254abb5838e8..dbc98344c5ec 100644 --- a/nixpkgs/pkgs/os-specific/linux/v86d/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/v86d/default.nix @@ -5,14 +5,16 @@ , klibc }: -stdenv.mkDerivation rec { - name = "v86d-${version}-${kernel.version}"; - version = "0.1.10"; +let + pversion = "0.1.10"; +in stdenv.mkDerivation rec { + pname = "v86d"; + version = "${pversion}-${kernel.version}"; src = fetchFromGitHub { owner = "mjanusz"; repo = "v86d"; - rev = "v86d-${version}"; + rev = "v86d-${pversion}"; hash = "sha256-95LRzVbO/DyddmPwQNNQ290tasCGoQk7FDHlst6LkbA="; }; diff --git a/nixpkgs/pkgs/os-specific/linux/vendor-reset/default.nix b/nixpkgs/pkgs/os-specific/linux/vendor-reset/default.nix index 8f1bde7ecbd5..e1395bd33c07 100644 --- a/nixpkgs/pkgs/os-specific/linux/vendor-reset/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/vendor-reset/default.nix @@ -1,8 +1,8 @@ { stdenv, fetchFromGitHub, kernel, lib }: stdenv.mkDerivation rec { - name = "vendor-reset-${version}-${kernel.version}"; - version = "unstable-2021-02-16"; + pname = "vendor-reset"; + version = "unstable-2021-02-16-${kernel.version}"; src = fetchFromGitHub { owner = "gnif"; diff --git a/nixpkgs/pkgs/os-specific/linux/virtualbox/default.nix b/nixpkgs/pkgs/os-specific/linux/virtualbox/default.nix index f795d36207a8..3aae58933c8f 100644 --- a/nixpkgs/pkgs/os-specific/linux/virtualbox/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/virtualbox/default.nix @@ -1,7 +1,8 @@ { stdenv, virtualbox, kernel }: stdenv.mkDerivation { - name = "virtualbox-modules-${virtualbox.version}-${kernel.version}"; + pname = "virtualbox-modules"; + version = "${virtualbox.version}-${kernel.version}"; src = virtualbox.modsrc; hardeningDisable = [ "fortify" "pic" "stackprotector" diff --git a/nixpkgs/pkgs/os-specific/linux/vm-tools/default.nix b/nixpkgs/pkgs/os-specific/linux/vm-tools/default.nix new file mode 100644 index 000000000000..c5981bfc2713 --- /dev/null +++ b/nixpkgs/pkgs/os-specific/linux/vm-tools/default.nix @@ -0,0 +1,16 @@ +{ lib, stdenv, linux }: + +stdenv.mkDerivation { + pname = "vm-tools"; + inherit (linux) version src; + + makeFlags = [ "sbindir=${placeholder "out"}/bin" ]; + + preConfigure = "cd tools/vm"; + + meta = with lib; { + inherit (linux.meta) license platforms; + description = "Set of virtual memory tools"; + maintainers = [ maintainers.evils ]; + }; +} diff --git a/nixpkgs/pkgs/os-specific/linux/waydroid/default.nix b/nixpkgs/pkgs/os-specific/linux/waydroid/default.nix index 708237e5184c..1390077a60d1 100644 --- a/nixpkgs/pkgs/os-specific/linux/waydroid/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/waydroid/default.nix @@ -3,24 +3,31 @@ , fetchFromGitHub , python3Packages , dnsmasq +, getent +, kmod , lxc +, iproute2 +, iptables , nftables -, python +, util-linux +, which +, xclip }: python3Packages.buildPythonApplication rec { pname = "waydroid"; - version = "1.1.1"; + version = "1.2.0"; src = fetchFromGitHub { owner = pname; repo = pname; rev = version; - sha256 = "0cabh7rysh2v15wrxg250370mw26s5d073yxmczxsarbp4ri2pl4"; + sha256 = "03d87sh443kn0j2mpih1g909khkx3wgb04h605f9jhd0znskkbmw"; }; propagatedBuildInputs = with python3Packages; [ gbinder-python + pyclip pygobject3 ]; @@ -36,20 +43,33 @@ python3Packages.buildPythonApplication rec { cp -ra data $out/${python3Packages.python.sitePackages}/data wrapProgram $out/${python3Packages.python.sitePackages}/data/scripts/waydroid-net.sh \ - --prefix PATH ":" ${lib.makeBinPath [ dnsmasq nftables ]} + --prefix PATH ":" ${lib.makeBinPath [ dnsmasq getent iproute2 iptables nftables ]} mkdir -p $out/share/waydroid/gbinder.d cp gbinder/anbox.conf $out/share/waydroid/gbinder.d/anbox.conf + mkdir -p $out/share/applications + ln -s $out/${python3Packages.python.sitePackages}/data/Waydroid.desktop $out/share/applications/Waydroid.desktop + mkdir $out/bin cp -a waydroid.py $out/${python3Packages.python.sitePackages}/waydroid.py ln -s $out/${python3Packages.python.sitePackages}/waydroid.py $out/bin/waydroid - wrapPythonProgramsIn $out/${python3Packages.python.sitePackages} "$out ${python3Packages.gbinder-python} ${python3Packages.pygobject3} ${lxc}" + wrapPythonProgramsIn $out/${python3Packages.python.sitePackages} "${lib.concatStringsSep " " [ + "$out" + python3Packages.gbinder-python + python3Packages.pygobject3 + python3Packages.pyclip + kmod + lxc + util-linux + which + xclip + ]}" ''; meta = with lib; { - description = "Waydroid is a container-based approach to boot a full Android system on a regular GNU/Linux system like Ubuntu."; + description = "Waydroid is a container-based approach to boot a full Android system on a regular GNU/Linux system like Ubuntu"; homepage = "https://github.com/waydroid/waydroid"; license = licenses.gpl3; platforms = platforms.linux; diff --git a/nixpkgs/pkgs/os-specific/linux/wpa_supplicant/gui.nix b/nixpkgs/pkgs/os-specific/linux/wpa_supplicant/gui.nix index d2d59ba21a5e..8ec7519bf1ad 100644 --- a/nixpkgs/pkgs/os-specific/linux/wpa_supplicant/gui.nix +++ b/nixpkgs/pkgs/os-specific/linux/wpa_supplicant/gui.nix @@ -1,7 +1,8 @@ { lib, mkDerivation, fetchpatch, qtbase, qmake, inkscape, imagemagick, wpa_supplicant }: mkDerivation { - name = "wpa_gui-${wpa_supplicant.version}"; + pname = "wpa_gui"; + version = wpa_supplicant.version; inherit (wpa_supplicant) src; diff --git a/nixpkgs/pkgs/os-specific/linux/x86_energy_perf_policy/default.nix b/nixpkgs/pkgs/os-specific/linux/x86_energy_perf_policy/default.nix index 4b57ed4ceae5..d636f928f249 100644 --- a/nixpkgs/pkgs/os-specific/linux/x86_energy_perf_policy/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/x86_energy_perf_policy/default.nix @@ -1,7 +1,8 @@ { lib, stdenv, kernel }: stdenv.mkDerivation { - name = "x86_energy_perf_policy-${kernel.version}"; + pname = "x86_energy_perf_policy"; + version = kernel.version; src = kernel.src; diff --git a/nixpkgs/pkgs/os-specific/linux/xmm7360-pci/default.nix b/nixpkgs/pkgs/os-specific/linux/xmm7360-pci/default.nix index 221bde981b65..6a589ff889c3 100644 --- a/nixpkgs/pkgs/os-specific/linux/xmm7360-pci/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/xmm7360-pci/default.nix @@ -24,6 +24,6 @@ stdenv.mkDerivation rec { license = licenses.isc; maintainers = with maintainers; [ flokli hexa ]; platforms = platforms.linux; - broken = kernel.kernelAtLeast "5.14"; + broken = kernel.kernelOlder "4.10" || kernel.kernelAtLeast "5.14"; }; } diff --git a/nixpkgs/pkgs/os-specific/linux/xsos/default.nix b/nixpkgs/pkgs/os-specific/linux/xsos/default.nix new file mode 100644 index 000000000000..56516aee8b7b --- /dev/null +++ b/nixpkgs/pkgs/os-specific/linux/xsos/default.nix @@ -0,0 +1,52 @@ +{ stdenv +, lib +, fetchFromGitHub +, makeWrapper +, installShellFiles +, dmidecode +, ethtool +, pciutils +, multipath-tools +, iproute2 +, sysvinit +}: +let + binPath = [ + iproute2 + dmidecode + ethtool + pciutils + multipath-tools + iproute2 + sysvinit + ]; +in + +stdenv.mkDerivation rec { + pname = "xsos"; + version = "0.7.19"; + + src = fetchFromGitHub { + owner = "ryran"; + repo = "xsos"; + rev = "v${version}"; + sha256 = "11cc8z3pz4gl0mwl2fc701mn4cgx50fybygx0rvs9bhvb0jnphay"; + }; + + nativeBuildInputs = [ makeWrapper installShellFiles ]; + + installPhase = '' + mkdir -p $out/bin + cp -a xsos $out/bin + wrapProgram "$out/bin/xsos" --prefix PATH : ${lib.makeBinPath binPath} + installShellCompletion --bash --name xsos.bash xsos-bash-completion.bash + ''; + + meta = with lib; { + description = "Summarize system info from sosreports"; + homepage = "https://github.com/ryran/xsos"; + license = licenses.gpl3; + platforms = [ "i686-linux" "x86_64-linux" ]; + maintainers = [ maintainers.nixinator ]; + }; +} diff --git a/nixpkgs/pkgs/os-specific/linux/zfs/default.nix b/nixpkgs/pkgs/os-specific/linux/zfs/default.nix index cd25f0e981bd..7341240f95af 100644 --- a/nixpkgs/pkgs/os-specific/linux/zfs/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/zfs/default.nix @@ -16,7 +16,7 @@ , enablePython ? true # for determining the latest compatible linuxPackages -, linuxPackages_5_14 ? pkgs.linuxKernel.packages.linux_5_14 +, linuxPackages_5_15 ? pkgs.linuxKernel.packages.linux_5_15 }: with lib; @@ -46,7 +46,7 @@ let name = "zfs-${configFile}-${version}${optionalString buildKernel "-${kernel.version}"}"; src = fetchFromGitHub { - owner = "zfsonlinux"; + owner = "openzfs"; repo = "zfs"; inherit rev sha256; }; @@ -144,7 +144,7 @@ let # Since zfs compress kernel modules on installation, our strip hooks skip stripping them. # Hence we strip modules prior to compression. postBuild = optionalString buildKernel '' - find . -name "*.ko" -print0 | xargs -0 -P$NIX_BUILD_CORES strip --strip-debug + find . -name "*.ko" -print0 | xargs -0 -P$NIX_BUILD_CORES ${stdenv.cc.targetPrefix}strip --strip-debug ''; postInstall = optionalString buildKernel '' @@ -202,7 +202,7 @@ let changelog = "https://github.com/openzfs/zfs/releases/tag/zfs-${version}"; license = licenses.cddl; platforms = platforms.linux; - maintainers = with maintainers; [ hmenke jcumming jonringer wizeman fpletz globin mic92 ]; + maintainers = with maintainers; [ hmenke jcumming jonringer wizeman fpletz globin ]; mainProgram = "zfs"; # If your Linux kernel version is not yet supported by zfs, try zfsUnstable. # On NixOS set the option boot.zfs.enableUnstable. @@ -215,28 +215,28 @@ in { # to be adapted zfsStable = common { # check the release notes for compatible kernels - kernelCompatible = kernel.kernelAtLeast "3.10" && kernel.kernelOlder "5.15"; - latestCompatibleLinuxPackages = linuxPackages_5_14; + kernelCompatible = kernel.kernelAtLeast "3.10" && kernel.kernelOlder "5.16"; + latestCompatibleLinuxPackages = linuxPackages_5_15; # this package should point to the latest release. - version = "2.1.1"; + version = "2.1.2"; - sha256 = "sha256-UUuJa5w/GsEvsgH/BnXFsP/dsOt9wwmPqKzDxLPrhiY="; + sha256 = "sha256-7oSFZlmjCr+egImIVf429GrFOKn3L3r4SMnK3LHHmL8="; }; zfsUnstable = common { # check the release notes for compatible kernels - kernelCompatible = kernel.kernelAtLeast "3.10" && kernel.kernelOlder "5.15"; - latestCompatibleLinuxPackages = linuxPackages_5_14; + kernelCompatible = kernel.kernelAtLeast "3.10" && kernel.kernelOlder "5.16"; + latestCompatibleLinuxPackages = linuxPackages_5_15; # this package should point to a version / git revision compatible with the latest kernel release # IMPORTANT: Always use a tagged release candidate or commits from the # zfs-<version>-staging branch, because this is tested by the OpenZFS # maintainers. - version = "2.1.1"; + version = "2.1.2"; # rev = "0000000000000000000000000000000000000000"; - sha256 = "sha256-UUuJa5w/GsEvsgH/BnXFsP/dsOt9wwmPqKzDxLPrhiY="; + sha256 = "sha256-7oSFZlmjCr+egImIVf429GrFOKn3L3r4SMnK3LHHmL8="; isUnstable = true; }; diff --git a/nixpkgs/pkgs/os-specific/linux/zsa-udev-rules/default.nix b/nixpkgs/pkgs/os-specific/linux/zsa-udev-rules/default.nix index ac69dc13b474..3dfc2354fae3 100644 --- a/nixpkgs/pkgs/os-specific/linux/zsa-udev-rules/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/zsa-udev-rules/default.nix @@ -1,18 +1,17 @@ { lib, stdenv, fetchFromGitHub }: -stdenv.mkDerivation { +stdenv.mkDerivation rec { pname = "zsa-udev-rules"; - version = "unstable-2020-12-16"; + version = "2.1.3"; - # TODO: use version and source from nixpkgs/pkgs/development/tools/wally-cli/default.nix after next release src = fetchFromGitHub { owner = "zsa"; repo = "wally"; - rev = "e5dde3c700beab39fb941c6941e55535bf9b2af6"; - sha256 = "0pkybi32r1hrmpa1mc8qlzhv7xy5n5rr5ah25lbr0cipp1bda417"; + rev = "${version}-linux"; + sha256 = "mZzXKFKlO/jAitnqzfvmIHp46A+R3xt2gOhVC3qN6gM="; }; - # it only installs files + # Only copies udevs rules dontConfigure = true; dontBuild = true; dontFixup = true; diff --git a/nixpkgs/pkgs/os-specific/solo5/default.nix b/nixpkgs/pkgs/os-specific/solo5/default.nix index 71584aff7760..d45a2f0665de 100644 --- a/nixpkgs/pkgs/os-specific/solo5/default.nix +++ b/nixpkgs/pkgs/os-specific/solo5/default.nix @@ -1,7 +1,7 @@ { lib, stdenv, fetchurl, pkg-config, libseccomp, util-linux, qemu }: let - version = "0.6.8"; + version = "0.6.9"; # list of all theoretically available targets targets = [ "genode" @@ -19,9 +19,8 @@ in stdenv.mkDerivation { buildInputs = lib.optional (stdenv.hostPlatform.isLinux) libseccomp; src = fetchurl { - url = - "https://github.com/Solo5/solo5/releases/download/v${version}/solo5-v${version}.tar.gz"; - sha256 = "sha256-zrxNCXJIuEbtE3YNRK8Bxu2koHsQkcF+xItoIyhj9Uc="; + url = "https://github.com/Solo5/solo5/releases/download/v${version}/solo5-v${version}.tar.gz"; + sha256 = "03lvk9mab3yxrmi73wrvvhykqcydjrsda0wj6aasnjm5lx9jycpr"; }; hardeningEnable = [ "pie" ]; diff --git a/nixpkgs/pkgs/os-specific/windows/jom/default.nix b/nixpkgs/pkgs/os-specific/windows/jom/default.nix index f3a953576ec9..dfd3f3ff19c3 100644 --- a/nixpkgs/pkgs/os-specific/windows/jom/default.nix +++ b/nixpkgs/pkgs/os-specific/windows/jom/default.nix @@ -4,7 +4,8 @@ # both mingw32 and mingw64. stdenv.mkDerivation { - name = "jom-1.0.11"; + pname = "jom"; + version = "1.0.11"; src = fetchgit { url = "git://gitorious.org/qt-labs/jom.git"; diff --git a/nixpkgs/pkgs/os-specific/windows/mingw-w64/pthreads.nix b/nixpkgs/pkgs/os-specific/windows/mingw-w64/pthreads.nix index bbcb028d3cbb..3b143efed1d7 100644 --- a/nixpkgs/pkgs/os-specific/windows/mingw-w64/pthreads.nix +++ b/nixpkgs/pkgs/os-specific/windows/mingw-w64/pthreads.nix @@ -4,6 +4,12 @@ stdenv.mkDerivation { name = "${mingw_w64.name}-pthreads"; inherit (mingw_w64) src meta; + configureFlags = [ + # Rustc require 'libpthread.a' when targeting 'x86_64-pc-windows-gnu'. + # Enabling this makes it work out of the box instead of failing. + "--enable-static" + ]; + preConfigure = '' cd mingw-w64-libraries/winpthreads ''; diff --git a/nixpkgs/pkgs/os-specific/windows/mingwrt/default.nix b/nixpkgs/pkgs/os-specific/windows/mingwrt/default.nix index 4fb92569a47a..5bf6951cd434 100644 --- a/nixpkgs/pkgs/os-specific/windows/mingwrt/default.nix +++ b/nixpkgs/pkgs/os-specific/windows/mingwrt/default.nix @@ -1,10 +1,11 @@ { stdenv, lib, fetchurl }: stdenv.mkDerivation rec { - name = "mingwrt-5.0.2"; + pname = "mingwrt"; + version = "5.0.2"; src = fetchurl { - url = "mirror://sourceforge/mingw/MinGW/Base/mingwrt/${name}/${name}-mingw32-src.tar.xz"; + url = "mirror://sourceforge/mingw/MinGW/Base/mingwrt/mingwrt-${version}/mingwrt-${version}-mingw32-src.tar.xz"; sha256 = "1vj6f578wcffdmy7zzf7xz1lw57kxjy08j0k1n28f0j4ylrk68vp"; }; diff --git a/nixpkgs/pkgs/os-specific/windows/pthread-w32/default.nix b/nixpkgs/pkgs/os-specific/windows/pthread-w32/default.nix index de909828f7a2..da0fe569a480 100644 --- a/nixpkgs/pkgs/os-specific/windows/pthread-w32/default.nix +++ b/nixpkgs/pkgs/os-specific/windows/pthread-w32/default.nix @@ -23,7 +23,7 @@ stdenv.mkDerivation { description = "POSIX threads library for Windows"; homepage = "https://sourceware.org/pthreads-win32"; license = licenses.lgpl21Plus; - maintainers = with maintainers; [ yegortimoshenko ]; + maintainers = with maintainers; [ yana ]; platforms = platforms.windows; }; } diff --git a/nixpkgs/pkgs/os-specific/windows/w32api/default.nix b/nixpkgs/pkgs/os-specific/windows/w32api/default.nix index ebc95ecaa7a9..99faeeb7a8bf 100644 --- a/nixpkgs/pkgs/os-specific/windows/w32api/default.nix +++ b/nixpkgs/pkgs/os-specific/windows/w32api/default.nix @@ -1,10 +1,11 @@ { stdenv, fetchurl, lib }: stdenv.mkDerivation rec { - name = "w32api-3.17-2"; + pname = "w32api"; + version = "3.17-2"; src = fetchurl { - url = "mirror://sourceforge/mingw/MinGW/Base/w32api/w32api-3.17/${name}-mingw32-src.tar.lzma"; + url = "mirror://sourceforge/mingw/MinGW/Base/w32api/w32api-${lib.versions.majorMinor version}/w32api-${version}-mingw32-src.tar.lzma"; sha256 = "09rhnl6zikmdyb960im55jck0rdy5z9nlg3akx68ixn7khf3j8wb"; }; diff --git a/nixpkgs/pkgs/os-specific/windows/wxMSW-2.8/default.nix b/nixpkgs/pkgs/os-specific/windows/wxMSW-2.8/default.nix index c4fb79933432..bf1e73f67b9a 100644 --- a/nixpkgs/pkgs/os-specific/windows/wxMSW-2.8/default.nix +++ b/nixpkgs/pkgs/os-specific/windows/wxMSW-2.8/default.nix @@ -1,10 +1,11 @@ { lib, stdenv, fetchurl, compat24 ? false, compat26 ? true, unicode ? true }: -stdenv.mkDerivation { - name = "wxMSW-2.8.11"; +stdenv.mkDerivation rec { + pname = "wxMSW"; + version = "2.8.11"; src = fetchurl { - url = "mirror://sourceforge/wxwindows/wxWidgets-2.8.11.tar.gz"; + url = "mirror://sourceforge/wxwindows/wxWidgets-${version}.tar.gz"; sha256 = "0icxd21g18d42n1ygshkpw0jnflm03iqki6r623pb5hhd7fm2ksj"; }; @@ -27,7 +28,7 @@ stdenv.mkDerivation { (cd $out/include && ln -s wx-*/* .) "; - passthru = {inherit compat24 compat26 unicode;}; + passthru = { inherit compat24 compat26 unicode; }; meta = { platforms = lib.platforms.windows; |