Merge branch 'master' into staging

5 files changed, 13 insertions, 8 deletions

diff --git a/pkgs/build-support/build-fhs-userenv/chroot-user.rb b/pkgs/build-support/build-fhs-userenv/chroot-user.rb
index 35608bd3eb60..3e140fac97e2 100755
--- a/pkgs/build-support/build-fhs-userenv/chroot-user.rb
+++ b/pkgs/build-support/build-fhs-userenv/chroot-user.rb
@@ -79,7 +79,11 @@ if $cpid == 0
   $unshare.call CLONE_NEWNS | CLONE_NEWUSER
 
   # Map users and groups to the parent namespace
-  write_file '/proc/self/setgroups', 'deny'
+  begin
+    # setgroups is only available since Linux 3.19
+    write_file '/proc/self/setgroups', 'deny'
+  rescue
+  end
   write_file '/proc/self/uid_map', "#{uid} #{uid} 1"
   write_file '/proc/self/gid_map', "#{gid} #{gid} 1"
 
diff --git a/pkgs/build-support/build-fhs-userenv/default.nix b/pkgs/build-support/build-fhs-userenv/default.nix
index 57864b4934bb..67484857ee16 100644
--- a/pkgs/build-support/build-fhs-userenv/default.nix
+++ b/pkgs/build-support/build-fhs-userenv/default.nix
@@ -22,7 +22,7 @@ in stdenv.mkDerivation {
     mkdir -p $out/bin
     cat > $out/bin/${name} <<EOF
     #! ${stdenv.shell}
-    exec ${chroot-user}/bin/chroot-user ${env} $out/libexec/run
+    exec ${chroot-user}/bin/chroot-user ${env} $out/libexec/run "\$@"
     EOF
     chmod +x $out/bin/${name}
 
@@ -30,7 +30,7 @@ in stdenv.mkDerivation {
     cat > $out/libexec/run <<EOF
     #! ${stdenv.shell}
     source /etc/profile
-    ${runScript}
+    ${runScript} "\$@"
     EOF
     chmod +x $out/libexec/run
   '';
diff --git a/pkgs/build-support/fetchgit/builder.sh b/pkgs/build-support/fetchgit/builder.sh
index 9050cce6ee8f..71374d1f2383 100644
--- a/pkgs/build-support/fetchgit/builder.sh
+++ b/pkgs/build-support/fetchgit/builder.sh
@@ -8,6 +8,7 @@ header "exporting $url (rev $rev) into $out"
 
 $fetcher --builder --url "$url" --out "$out" --rev "$rev" \
   ${leaveDotGit:+--leave-dotGit} \
+  ${deepClone:+--deepClone} \
   ${fetchSubmodules:+--fetch-submodules}
 
 stopNest
diff --git a/pkgs/build-support/fetchgit/default.nix b/pkgs/build-support/fetchgit/default.nix
index 7dd179f4c8b2..bb89a8f55329 100644
--- a/pkgs/build-support/fetchgit/default.nix
+++ b/pkgs/build-support/fetchgit/default.nix
@@ -11,8 +11,8 @@
       else "";
   in "${if matched == null then base else builtins.head matched}${appendShort}";
 in
-{ url, rev ? "HEAD", md5 ? "", sha256 ? "", leaveDotGit ? false
-, fetchSubmodules ? true
+{ url, rev ? "HEAD", md5 ? "", sha256 ? "", leaveDotGit ? deepClone
+, fetchSubmodules ? true, deepClone ? false
 , name ? urlToName url rev
 }:
 
@@ -39,6 +39,7 @@ in
 */
 
 assert md5 != "" || sha256 != "";
+assert deepClone -> leaveDotGit;
 
 stdenv.mkDerivation {
   inherit name;
@@ -50,7 +51,7 @@ stdenv.mkDerivation {
   outputHashMode = "recursive";
   outputHash = if sha256 == "" then md5 else sha256;
 
-  inherit url rev leaveDotGit fetchSubmodules;
+  inherit url rev leaveDotGit fetchSubmodules deepClone;
 
   GIT_SSL_CAINFO = "${cacert}/etc/ca-bundle.crt";
 
@@ -64,4 +65,3 @@ stdenv.mkDerivation {
 
   preferLocalBuild = true;
 }
-
diff --git a/pkgs/build-support/grsecurity/default.nix b/pkgs/build-support/grsecurity/default.nix
index b2bffc781b30..7bafd78d76a3 100644
--- a/pkgs/build-support/grsecurity/default.nix
+++ b/pkgs/build-support/grsecurity/default.nix
@@ -33,7 +33,7 @@ let
 
     grKernel = if cfg.stable
                then mkKernel pkgs.linux_3_14 stable-patch
-               else mkKernel pkgs.linux_3_18 test-patch;
+               else mkKernel pkgs.linux_3_19 test-patch;
 
     ## -- grsecurity configuration ---------------------------------------------