diff options
| author | Vladimír Čunát <vcunat@gmail.com> | 2015-12-05 11:11:51 +0100 |
|---|---|---|
| committer | Vladimír Čunát <vcunat@gmail.com> | 2015-12-05 11:11:51 +0100 |
| commit | 263fd55d4b2d9c17dac87ee7a7a39c951aee1b86 (patch) | |
| tree | 50c30ebb0626be0b3333d90202081e8697a85abf /pkgs | |
| parent | b1dca6ca881e3e5864c60a2ef206579ce4d718b1 (diff) | |
| parent | c20b6846f2ec4b1fe70d62fe99d165476aed65d0 (diff) | |
| download | nixlib-263fd55d4b2d9c17dac87ee7a7a39c951aee1b86.tar nixlib-263fd55d4b2d9c17dac87ee7a7a39c951aee1b86.tar.gz nixlib-263fd55d4b2d9c17dac87ee7a7a39c951aee1b86.tar.bz2 nixlib-263fd55d4b2d9c17dac87ee7a7a39c951aee1b86.tar.lz nixlib-263fd55d4b2d9c17dac87ee7a7a39c951aee1b86.tar.xz nixlib-263fd55d4b2d9c17dac87ee7a7a39c951aee1b86.tar.zst nixlib-263fd55d4b2d9c17dac87ee7a7a39c951aee1b86.zip | |
Merge recent staging built on Hydra
http://hydra.nixos.org/eval/1231884 Only Darwin jobs seem to be queued now, but we can't afford to wait for that single build slave.
Diffstat (limited to 'pkgs')
66 files changed, 616 insertions, 271 deletions
diff --git a/pkgs/applications/editors/emacs-24/default.nix b/pkgs/applications/editors/emacs-24/default.nix index 59f9f7110043..c2956006fb40 100644 --- a/pkgs/applications/editors/emacs-24/default.nix +++ b/pkgs/applications/editors/emacs-24/default.nix @@ -1,7 +1,7 @@ { stdenv, fetchurl, ncurses, xlibsWrapper, libXaw, libXpm, Xaw3d , pkgconfig, gettext, libXft, dbus, libpng, libjpeg, libungif , libtiff, librsvg, texinfo, gconf, libxml2, imagemagick, gnutls -, alsaLib, cairo, acl, gpm, AppKit +, alsaLib, cairo, acl, gpm, AppKit, CoreWLAN, Kerberos, GSS, ImageIO , withX ? !stdenv.isDarwin , withGTK3 ? false, gtk3 ? null , withGTK2 ? true, gtk2 @@ -49,7 +49,7 @@ stdenv.mkDerivation rec { ++ stdenv.lib.optional (withX && withGTK3) gtk3 ++ stdenv.lib.optional (stdenv.isDarwin && withX) cairo; - propagatedBuildInputs = stdenv.lib.optional stdenv.isDarwin AppKit; + propagatedBuildInputs = stdenv.lib.optionals stdenv.isDarwin [ AppKit GSS ImageIO ]; configureFlags = if stdenv.isDarwin diff --git a/pkgs/applications/editors/vim/default.nix b/pkgs/applications/editors/vim/default.nix index ab7b08d8186a..a09eb846e500 100644 --- a/pkgs/applications/editors/vim/default.nix +++ b/pkgs/applications/editors/vim/default.nix @@ -43,6 +43,8 @@ stdenv.mkDerivation rec { ]; }; + __impureHostDeps = [ "/dev/ptmx" ]; + # To fix the trouble in vim73, that it cannot cross-build with this patch # to bypass a configure script check that cannot be done cross-building. # http://groups.google.com/group/vim_dev/browse_thread/thread/66c02efd1523554b?pli=1 diff --git a/pkgs/applications/networking/browsers/w3m/default.nix b/pkgs/applications/networking/browsers/w3m/default.nix index d8c421af46a8..e71a733970ee 100644 --- a/pkgs/applications/networking/browsers/w3m/default.nix +++ b/pkgs/applications/networking/browsers/w3m/default.nix @@ -1,16 +1,18 @@ { stdenv, fetchurl -, sslSupport ? true -, graphicsSupport ? false -, mouseSupport ? false -, ncurses, openssl ? null, boehmgc, gettext, zlib -, imlib2 ? null, xlibsWrapper ? null, fbcon ? null -, gpm-ncurses ? null +, ncurses, boehmgc, gettext, zlib +, sslSupport ? true, openssl ? null +, graphicsSupport ? true, imlib2 ? null +, x11Support ? graphicsSupport, libX11 ? null +, mouseSupport ? true, gpm-ncurses ? null }: assert sslSupport -> openssl != null; -assert graphicsSupport -> imlib2 != null && (xlibsWrapper != null || fbcon != null); +assert graphicsSupport -> imlib2 != null; +assert x11Support -> graphicsSupport && libX11 != null; assert mouseSupport -> gpm-ncurses != null; +with stdenv.lib; + stdenv.mkDerivation rec { name = "w3m-0.5.3"; @@ -19,19 +21,24 @@ stdenv.mkDerivation rec { sha256 = "1qx9f0kprf92r1wxl3sacykla0g04qsi0idypzz24b7xy9ix5579"; }; + NIX_LDFLAGS = stdenv.lib.optionalString stdenv.isSunOS "-lsocket -lnsl"; + patches = [ ./glibc214.patch ] # Patch for the newer unstable boehm-gc 7.2alpha. Not all platforms use that # alpha. At the time of writing this, boehm-gc-7.1 is the last stable. - ++ stdenv.lib.optional (boehmgc.name != "boehm-gc-7.1") [ ./newgc.patch ] - ++ stdenv.lib.optional stdenv.isCygwin ./cygwin.patch; + ++ optional (boehmgc.name != "boehm-gc-7.1") [ ./newgc.patch ] + ++ optional stdenv.isCygwin ./cygwin.patch + # for frame buffer only version + ++ optional (graphicsSupport && !x11Support) [ ./no-x11.patch ]; buildInputs = [ncurses boehmgc gettext zlib] - ++ stdenv.lib.optional sslSupport openssl - ++ stdenv.lib.optional mouseSupport gpm-ncurses - ++ stdenv.lib.optionals graphicsSupport [imlib2 xlibsWrapper fbcon]; + ++ optional sslSupport openssl + ++ optional mouseSupport gpm-ncurses + ++ optional graphicsSupport imlib2 + ++ optional x11Support libX11; configureFlags = "--with-ssl=${openssl} --with-gc=${boehmgc}" - + stdenv.lib.optionalString graphicsSupport " --enable-image=x11,fb"; + + optionalString graphicsSupport " --enable-image=${optionalString x11Support "x11,"}fb"; preConfigure = '' substituteInPlace ./configure --replace "/lib /usr/lib /usr/local/lib /usr/ucblib /usr/ccslib /usr/ccs/lib /lib64 /usr/lib64" /no-such-path @@ -40,7 +47,10 @@ stdenv.mkDerivation rec { enableParallelBuilding = false; - meta = with stdenv.lib; { + # for w3mimgdisplay + LIBS = optionalString x11Support "-lX11"; + + meta = { homepage = http://w3m.sourceforge.net/; description = "A text-mode web browser"; maintainers = [ maintainers.mornfall ]; diff --git a/pkgs/applications/networking/browsers/w3m/no-x11.patch b/pkgs/applications/networking/browsers/w3m/no-x11.patch new file mode 100644 index 000000000000..83b3e96821f5 --- /dev/null +++ b/pkgs/applications/networking/browsers/w3m/no-x11.patch @@ -0,0 +1,15 @@ +Forget about X11 in fb module. +This breaks w3mimgdisplay under X11, but removes X11 dependency it in pure fb. +diff --git a/w3mimg/fb/fb_imlib2.c b/w3mimg/fb/fb_imlib2.c +index ea36637..d3d7bc3 100644 +--- a/w3mimg/fb/fb_imlib2.c ++++ b/w3mimg/fb/fb_imlib2.c +@@ -3,7 +3,7 @@ + fb_imlib2.c 0.3 Copyright (C) 2002, hito + **************************************************************************/ + +-#include <X11/Xlib.h> ++#define X_DISPLAY_MISSING + #include <Imlib2.h> + #include "fb.h" + #include "fb_img.h" diff --git a/pkgs/applications/version-management/git-and-tools/git/default.nix b/pkgs/applications/version-management/git-and-tools/git/default.nix index 0f0793149594..d060acef53ed 100644 --- a/pkgs/applications/version-management/git-and-tools/git/default.nix +++ b/pkgs/applications/version-management/git-and-tools/git/default.nix @@ -36,6 +36,9 @@ stdenv.mkDerivation { # required to support pthread_cancel() NIX_LDFLAGS = stdenv.lib.optionalString (!stdenv.isDarwin) "-lgcc_s"; + # without this, git fails when trying to check for /etc/gitconfig existence + propagatedSandboxProfile = stdenv.lib.sandbox.allowDirectoryList "/etc"; + makeFlags = "prefix=\${out} sysconfdir=/etc/ PERL_PATH=${perl}/bin/perl SHELL_PATH=${stdenv.shell} " + (if pythonSupport then "PYTHON_PATH=${python}/bin/python" else "NO_PYTHON=1") + (if stdenv.isSunOS then " INSTALL=install NO_INET_NTOP= NO_INET_PTON=" else "") diff --git a/pkgs/build-support/cc-wrapper/default.nix b/pkgs/build-support/cc-wrapper/default.nix index 9822b1a026a1..bea7e07a2029 100644 --- a/pkgs/build-support/cc-wrapper/default.nix +++ b/pkgs/build-support/cc-wrapper/default.nix @@ -145,7 +145,7 @@ stdenv.mkDerivation { + optionalString (stdenv.isSunOS && nativePrefix != "") '' # Solaris needs an additional ld wrapper. ldPath="${nativePrefix}/bin" - ld="$out/bin/ld-solaris" + exec="$ldPath/ld" wrap ld-solaris ${./ld-solaris-wrapper.sh} '') diff --git a/pkgs/build-support/cc-wrapper/ld-solaris-wrapper.sh b/pkgs/build-support/cc-wrapper/ld-solaris-wrapper.sh index 9216ea3198dd..5a7b92b5ad7d 100644 --- a/pkgs/build-support/cc-wrapper/ld-solaris-wrapper.sh +++ b/pkgs/build-support/cc-wrapper/ld-solaris-wrapper.sh @@ -6,7 +6,7 @@ set -u # I've also tried adding -z direct and -z lazyload, but it gave too many problems with C++ exceptions :'( # Also made sure libgcc would not be lazy-loaded, as suggested here: https://www.illumos.org/issues/2534#note-3 # but still no success. -cmd="@prog@ -z ignore" +cmd="@ld@ -z ignore" args=("$@"); diff --git a/pkgs/build-support/fetchgit/builder.sh b/pkgs/build-support/fetchgit/builder.sh index 64eea4ae1000..4bbef1d6e62a 100644 --- a/pkgs/build-support/fetchgit/builder.sh +++ b/pkgs/build-support/fetchgit/builder.sh @@ -6,7 +6,7 @@ source $stdenv/setup header "exporting $url (rev $rev) into $out" -$fetcher --builder --url "$url" --out "$out" --rev "$rev" \ +$SHELL $fetcher --builder --url "$url" --out "$out" --rev "$rev" \ ${leaveDotGit:+--leave-dotGit} \ ${deepClone:+--deepClone} \ ${fetchSubmodules:+--fetch-submodules} \ diff --git a/pkgs/build-support/gcc-wrapper-old/utils.sh b/pkgs/build-support/gcc-wrapper-old/utils.sh index 753b3772e956..fa19f91bf5d2 100644 --- a/pkgs/build-support/gcc-wrapper-old/utils.sh +++ b/pkgs/build-support/gcc-wrapper-old/utils.sh @@ -14,6 +14,8 @@ badPath() { # the temporary build directory). if test "${p:0:1}" != "/"; then return 1; fi + @extraPathTests@ + # Otherwise, the path should refer to the store or some temporary # directory (including the build directory). test \ diff --git a/pkgs/build-support/setup-hooks/patch-shebangs.sh b/pkgs/build-support/setup-hooks/patch-shebangs.sh index 9d8cd0217a53..38660718d0e2 100644 --- a/pkgs/build-support/setup-hooks/patch-shebangs.sh +++ b/pkgs/build-support/setup-hooks/patch-shebangs.sh @@ -19,12 +19,12 @@ patchShebangs() { local newInterpreterLine find "$dir" -type f -perm -0100 | while read f; do - if [ "$(head -1 "$f" | head -c +2)" != '#!' ]; then + if [ "$(head -1 "$f" | head -c+2)" != '#!' ]; then # missing shebang => not a script continue fi - oldInterpreterLine=$(head -1 "$f" | tail -c +3) + oldInterpreterLine=$(head -1 "$f" | tail -c+3) read -r oldPath arg0 args <<< "$oldInterpreterLine" if $(echo "$oldPath" | grep -q "/bin/env$"); then diff --git a/pkgs/development/compilers/gcc/4.8/default.nix b/pkgs/development/compilers/gcc/4.8/default.nix index ff1d388b6e23..fd80f4ec8c5f 100644 --- a/pkgs/development/compilers/gcc/4.8/default.nix +++ b/pkgs/development/compilers/gcc/4.8/default.nix @@ -294,7 +294,6 @@ stdenv.mkDerivation ({ ++ (optional stdenv.isDarwin gnused) ; - NIX_LDFLAGS = stdenv.lib.optionalString stdenv.isSunOS "-lm -ldl"; preConfigure = stdenv.lib.optionalString (stdenv.isSunOS && stdenv.is64bit) '' export NIX_LDFLAGS=`echo $NIX_LDFLAGS | sed -e s~$prefix/lib~$prefix/lib/amd64~g` @@ -519,6 +518,7 @@ stdenv.mkDerivation ({ platforms = stdenv.lib.platforms.linux ++ stdenv.lib.platforms.freebsd ++ + stdenv.lib.platforms.illumos ++ optionals (langAda == false) stdenv.lib.platforms.darwin; }; } diff --git a/pkgs/development/compilers/gcc/4.9/default.nix b/pkgs/development/compilers/gcc/4.9/default.nix index 13154ddd27a6..fecdd85cd415 100644 --- a/pkgs/development/compilers/gcc/4.9/default.nix +++ b/pkgs/development/compilers/gcc/4.9/default.nix @@ -293,9 +293,8 @@ stdenv.mkDerivation ({ ++ (optional stdenv.isDarwin gnused) ; - NIX_LDFLAGS = stdenv.lib.optionalString stdenv.isSunOS "-lm -ldl"; - preConfigure = stdenv.lib.optionalString (stdenv.isSunOS && stdenv.is64bit) '' + sed -i -e "s/-lrt//g" libstdc++-v3/configure export NIX_LDFLAGS=`echo $NIX_LDFLAGS | sed -e s~$prefix/lib~$prefix/lib/amd64~g` export LDFLAGS_FOR_TARGET="-Wl,-rpath,$prefix/lib/amd64 $LDFLAGS_FOR_TARGET" export CXXFLAGS_FOR_TARGET="-Wl,-rpath,$prefix/lib/amd64 $CXXFLAGS_FOR_TARGET" @@ -518,6 +517,7 @@ stdenv.mkDerivation ({ platforms = stdenv.lib.platforms.linux ++ stdenv.lib.platforms.freebsd ++ + stdenv.lib.platforms.illumos ++ optionals (langAda == false) stdenv.lib.platforms.darwin; }; } diff --git a/pkgs/development/compilers/llvm/3.7/llvm.nix b/pkgs/development/compilers/llvm/3.7/llvm.nix index ff038024d10f..060c0f3e8676 100644 --- a/pkgs/development/compilers/llvm/3.7/llvm.nix +++ b/pkgs/development/compilers/llvm/3.7/llvm.nix @@ -14,6 +14,7 @@ , compiler-rt_src , libcxxabi , debugVersion ? false +, enableSharedLibraries ? !stdenv.isDarwin }: let @@ -46,10 +47,11 @@ in stdenv.mkDerivation rec { "-DLLVM_BUILD_TESTS=ON" "-DLLVM_ENABLE_FFI=ON" "-DLLVM_ENABLE_RTTI=ON" - ] ++ stdenv.lib.optionals (!isDarwin) [ + ] ++ stdenv.lib.optional enableSharedLibraries "-DBUILD_SHARED_LIBS=ON" + ++ stdenv.lib.optional (!isDarwin) "-DLLVM_BINUTILS_INCDIR=${binutils}/include" - ] ++ stdenv.lib.optionals ( isDarwin) [ + ++ stdenv.lib.optionals ( isDarwin) [ "-DLLVM_ENABLE_LIBCXX=ON" "-DCAN_TARGET_i386=false" ]; diff --git a/pkgs/development/compilers/rustc/generic.nix b/pkgs/development/compilers/rustc/generic.nix index 9b3dca42b628..d578facad698 100644 --- a/pkgs/development/compilers/rustc/generic.nix +++ b/pkgs/development/compilers/rustc/generic.nix @@ -37,6 +37,8 @@ let version = if isRelease then name = "rustc-${version}"; + llvmShared = llvmPackages_37.llvm.override { enableSharedLibraries = true; }; + platform = if stdenv.system == "i686-linux" then "linux-i386" else if stdenv.system == "x86_64-linux" @@ -84,6 +86,8 @@ with stdenv.lib; stdenv.mkDerivation { __impureHostDeps = [ "/usr/lib/libedit.3.dylib" ]; + NIX_LDFLAGS = stdenv.lib.optionalString stdenv.isDarwin "-rpath ${llvmShared}/lib"; + src = if isRelease then fetchzip { url = "http://static.rust-lang.org/dist/rustc-${version}-src.tar.gz"; @@ -119,7 +123,7 @@ with stdenv.lib; stdenv.mkDerivation { # ++ [ "--jemalloc-root=${jemalloc}/lib" ++ [ "--default-linker=${stdenv.cc}/bin/cc" "--default-ar=${stdenv.cc.binutils}/bin/ar" ] ++ optional (stdenv.cc.cc ? isClang) "--enable-clang" - ++ optional (!forceBundledLLVM) "--llvm-root=${llvmPackages_37.llvm}"; + ++ optional (!forceBundledLLVM) "--llvm-root=${llvmShared}"; inherit patches; @@ -155,11 +159,10 @@ with stdenv.lib; stdenv.mkDerivation { configureFlagsArray+=("--infodir=$out/share/info") ''; - # Procps is needed for one of the test cases - nativeBuildInputs = [ file python2 ] - ++ optionals stdenv.isLinux [ procps ]; + # ps is needed for one of the test cases + nativeBuildInputs = [ file python2 procps ]; buildInputs = [ ncurses ] - ++ optional (!forceBundledLLVM) llvmPackages_37.llvm; + ++ optional (!forceBundledLLVM) llvmShared; enableParallelBuilding = true; diff --git a/pkgs/development/compilers/sbcl/bootstrap.nix b/pkgs/development/compilers/sbcl/bootstrap.nix index d95e3e0cd897..0114f014a51e 100644 --- a/pkgs/development/compilers/sbcl/bootstrap.nix +++ b/pkgs/development/compilers/sbcl/bootstrap.nix @@ -23,6 +23,7 @@ let sha256 = "0sp5445rbvms6qvzhld0kwwvydw51vq5iaf4kdqsf2d9jvaz3yx5"; }; armv6l-linux = armv7l-linux; + x86_64-solaris = x86_64-linux; }; cfg = options.${stdenv.system}; in diff --git a/pkgs/development/haskell-modules/configuration-common.nix b/pkgs/development/haskell-modules/configuration-common.nix index f94d2397284c..7bfae6b2cda1 100644 --- a/pkgs/development/haskell-modules/configuration-common.nix +++ b/pkgs/development/haskell-modules/configuration-common.nix @@ -926,5 +926,4 @@ self: super: { # https://github.com/mainland/language-c-quote/issues/57 language-c-quote = super.language-c-quote.override { alex = self.alex_3_1_4; }; - } diff --git a/pkgs/development/interpreters/perl/5.20/default.nix b/pkgs/development/interpreters/perl/5.20/default.nix index 141484814ea3..05d64e9c511e 100644 --- a/pkgs/development/interpreters/perl/5.20/default.nix +++ b/pkgs/development/interpreters/perl/5.20/default.nix @@ -44,12 +44,14 @@ stdenv.mkDerivation rec { # while at the same time erasing the PATH environment variable so it unconditionally # fails. The code in question is guarded by a check for Mac OS, but the patch below # doesn't have any runtime effect on other platforms. - postPatch = stdenv.lib.optional (stdenv.isDarwin && !stdenv.cc.nativeLibc) '' + postPatch = stdenv.lib.optional stdenv.isDarwin '' pwd="$(type -P pwd)" substituteInPlace dist/PathTools/Cwd.pm \ - --replace "pwd_cmd = 'pwd'" "pwd_cmd = '$pwd'" + --replace "/bin/pwd" "$pwd" ''; + sandboxProfile = stdenv.lib.sandbox.allow "ipc-sysv-sem"; + # Build a thread-safe Perl with a dynamic libperls.o. We need the # "installstyle" option to ensure that modules are put under # $out/lib/perl5 - this is the general default, but because $out @@ -64,6 +66,7 @@ stdenv.mkDerivation rec { "-Dlocincpth=${libc}/include" "-Dloclibpth=${libc}/lib" ] + ++ optional stdenv.isSunOS "-Dcc=gcc" ++ optional enableThreading "-Dusethreads"; configureScript = "${stdenv.shell} ./Configure"; diff --git a/pkgs/development/interpreters/perl/5.20/ld-shared.patch b/pkgs/development/interpreters/perl/5.20/ld-shared.patch index be45230c8a73..9f92368df687 100644 --- a/pkgs/development/interpreters/perl/5.20/ld-shared.patch +++ b/pkgs/development/interpreters/perl/5.20/ld-shared.patch @@ -1,11 +1,24 @@ ---- perl-5.16.2/hints/solaris_2.sh.orig 2013-02-14 19:29:49.453988140 +0000 -+++ perl-5.16.2/hints/solaris_2.sh 2013-02-14 19:30:31.681631019 +0000 -@@ -568,7 +568,7 @@ - # ccflags="$ccflags -Wa,`getconf XBS5_LP64_OFF64_CFLAGS 2>/dev/null`" - # fi - ldflags="$ldflags -m64" -- lddlflags="$lddlflags -G -m64" -+ lddlflags="$lddlflags -shared -m64" +$NetBSD: patch-hints_solaris__2.sh,v 1.2 2015/10/27 09:10:44 jperkin Exp $ + +Redo PR pkg/44999. + +--- perl-5.20.2/hints/solaris_2.sh.orig 2015-05-13 20:19:29.000000000 +0000 ++++ perl-5.20.2/hints/solaris_2.sh +@@ -585,7 +585,7 @@ EOM + fi + fi + case "${cc:-cc} -v 2>/dev/null" in +- *gcc*) ++ *gcc*|clang*) + echo 'int main() { return 0; }' > try.c + case "`${cc:-cc} $ccflags -mcpu=v9 -m64 -S try.c 2>&1 | grep 'm64 is not supported by this configuration'`" in + *"m64 is not supported"*) +@@ -622,7 +622,7 @@ EOM + # use that with Solaris 11 and later, but keep + # the old behavior for older Solaris versions. + case "$osvers" in +- 2.?|2.10) lddlflags="$lddlflags -G -m64" ;; ++ 2.?|2.10) lddlflags="$lddlflags -shared -m64" ;; + *) lddlflags="$lddlflags -shared -m64" ;; + esac ;; - *) - getconfccflags="`getconf XBS5_LP64_OFF64_CFLAGS 2>/dev/null`" diff --git a/pkgs/development/interpreters/perl/5.22/default.nix b/pkgs/development/interpreters/perl/5.22/default.nix index 4b0f4364ea22..53e777c19a11 100644 --- a/pkgs/development/interpreters/perl/5.22/default.nix +++ b/pkgs/development/interpreters/perl/5.22/default.nix @@ -51,6 +51,7 @@ stdenv.mkDerivation rec { "-Dlocincpth=${libc}/include" "-Dloclibpth=${libc}/lib" ] + ++ optional stdenv.isSunOS "-Dcc=gcc" ++ optional enableThreading "-Dusethreads"; configureScript = "${stdenv.shell} ./Configure"; diff --git a/pkgs/development/interpreters/perl/5.22/ld-shared.patch b/pkgs/development/interpreters/perl/5.22/ld-shared.patch index be45230c8a73..140af9af40ed 100644 --- a/pkgs/development/interpreters/perl/5.22/ld-shared.patch +++ b/pkgs/development/interpreters/perl/5.22/ld-shared.patch @@ -1,11 +1,24 @@ ---- perl-5.16.2/hints/solaris_2.sh.orig 2013-02-14 19:29:49.453988140 +0000 -+++ perl-5.16.2/hints/solaris_2.sh 2013-02-14 19:30:31.681631019 +0000 -@@ -568,7 +568,7 @@ - # ccflags="$ccflags -Wa,`getconf XBS5_LP64_OFF64_CFLAGS 2>/dev/null`" - # fi - ldflags="$ldflags -m64" -- lddlflags="$lddlflags -G -m64" -+ lddlflags="$lddlflags -shared -m64" +$NetBSD: patch-hints_solaris__2.sh,v 1.2 2015/10/27 09:10:44 jperkin Exp $ + +Redo PR pkg/44999. + +--- perl-5.22.0/hints/solaris_2.sh.orig 2015-05-13 20:19:29.000000000 +0000 ++++ perl-5.22.0/hints/solaris_2.sh +@@ -585,7 +585,7 @@ EOM + fi + fi + case "${cc:-cc} -v 2>/dev/null" in +- *gcc*) ++ *gcc*|clang*) + echo 'int main() { return 0; }' > try.c + case "`${cc:-cc} $ccflags -mcpu=v9 -m64 -S try.c 2>&1 | grep 'm64 is not supported by this configuration'`" in + *"m64 is not supported"*) +@@ -622,7 +622,7 @@ EOM + # use that with Solaris 11 and later, but keep + # the old behavior for older Solaris versions. + case "$osvers" in +- 2.?|2.10) lddlflags="$lddlflags -G -m64" ;; ++ 2.?|2.10) lddlflags="$lddlflags -shared -m64" ;; + *) lddlflags="$lddlflags -shared -m64" ;; + esac ;; - *) - getconfccflags="`getconf XBS5_LP64_OFF64_CFLAGS 2>/dev/null`" diff --git a/pkgs/development/interpreters/python/2.7/default.nix b/pkgs/development/interpreters/python/2.7/default.nix index e08fde3c8bfc..f624bd5d85e2 100644 --- a/pkgs/development/interpreters/python/2.7/default.nix +++ b/pkgs/development/interpreters/python/2.7/default.nix @@ -97,7 +97,9 @@ let ] ++ optionals x11Support [ tcl tk xlibsWrapper libX11 ] ) ++ optional zlibSupport zlib - ++ optionals stdenv.isDarwin [ CF configd ]; + ++ optional stdenv.isDarwin CF; + + propagatedBuildInputs = optional stdenv.isDarwin configd; # Build the basic Python interpreter without modules that have # external dependencies. @@ -105,8 +107,8 @@ let name = "python-${version}"; pythonVersion = majorVersion; - inherit majorVersion version src patches buildInputs preConfigure - configureFlags; + inherit majorVersion version src patches buildInputs propagatedBuildInputs + preConfigure configureFlags; LDFLAGS = stdenv.lib.optionalString (!stdenv.isDarwin) "-lgcc_s"; C_INCLUDE_PATH = concatStringsSep ":" (map (p: "${p}/include") buildInputs); diff --git a/pkgs/development/libraries/dbus/default.nix b/pkgs/development/libraries/dbus/default.nix index 4a0f98d262a0..97eecf78a1a1 100644 --- a/pkgs/development/libraries/dbus/default.nix +++ b/pkgs/development/libraries/dbus/default.nix @@ -93,7 +93,7 @@ let preBuild = makeInternalLib; buildInputs = buildInputsX ++ systemdOrEmpty ++ [ libs ]; NIX_CFLAGS_LINK = - stdenv.lib.optionalString (!stdenv.isDarwin) "-Wl,--as-needed " + stdenv.lib.optionalString (!stdenv.isDarwin && !stdenv.isSunOS) "-Wl,--as-needed " + "-ldbus-1"; # don't provide another dbus-1.pc (with incorrect include and link dirs), diff --git a/pkgs/development/libraries/glib/default.nix b/pkgs/development/libraries/glib/default.nix index bafe8949e93c..e53775464e03 100644 --- a/pkgs/development/libraries/glib/default.nix +++ b/pkgs/development/libraries/glib/default.nix @@ -65,7 +65,7 @@ stdenv.mkDerivation rec { configureFlags = optional stdenv.isDarwin "--disable-compile-warnings" - ++ optional stdenv.isSunOS "--disable-modular-tests"; + ++ optional stdenv.isSunOS ["--disable-modular-tests" "--with-libiconv"]; NIX_CFLAGS_COMPILE = optionalString stdenv.isDarwin " -lintl" + optionalString stdenv.isSunOS " -DBSD_COMP"; diff --git a/pkgs/development/libraries/gtk+/3.x.nix b/pkgs/development/libraries/gtk+/3.x.nix index 174f12fc68ca..248c4fa385e1 100644 --- a/pkgs/development/libraries/gtk+/3.x.nix +++ b/pkgs/development/libraries/gtk+/3.x.nix @@ -10,7 +10,7 @@ assert cupsSupport -> cups != null; let ver_maj = "3.18"; - ver_min = "4"; + ver_min = "5"; version = "${ver_maj}.${ver_min}"; in stdenv.mkDerivation rec { @@ -18,7 +18,7 @@ stdenv.mkDerivation rec { src = fetchurl { url = "mirror://gnome/sources/gtk+/${ver_maj}/gtk+-${version}.tar.xz"; - sha256 = "5400dcf280d28d24606f33d59ed48c717f7d3db425d4b6fb52e8002f0c76c7eb"; + sha256 = "107aeb9a4244ce3c044becdd6dffc32d83202595181597180d4c736302a71852"; }; nativeBuildInputs = [ pkgconfig gettext gobjectIntrospection perl ]; diff --git a/pkgs/development/libraries/libelf/default.nix b/pkgs/development/libraries/libelf/default.nix index 4a34ac6bdec7..048902f4fc49 100644 --- a/pkgs/development/libraries/libelf/default.nix +++ b/pkgs/development/libraries/libelf/default.nix @@ -15,6 +15,8 @@ stdenv.mkDerivation (rec { nativeBuildInputs = [ glibc ]; }; + buildInputs = [ gettext ]; + meta = { description = "ELF object file access library"; diff --git a/pkgs/development/libraries/libevent/default.nix b/pkgs/development/libraries/libevent/default.nix index 284a09bc9275..bddda9f3eadd 100644 --- a/pkgs/development/libraries/libevent/default.nix +++ b/pkgs/development/libraries/libevent/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, autoreconfHook, python, findutils }: +{ stdenv, fetchurl, autoreconfHook, openssl, python, findutils }: let version = "2.0.22"; in stdenv.mkDerivation { @@ -10,7 +10,7 @@ stdenv.mkDerivation { }; nativeBuildInputs = [ autoreconfHook ]; - buildInputs = [ python ] ++ stdenv.lib.optional stdenv.isCygwin findutils; + buildInputs = [ openssl python ] ++ stdenv.lib.optional stdenv.isCygwin findutils; patchPhase = '' patchShebangs event_rpcgen.py diff --git a/pkgs/development/libraries/libevhtp/default.nix b/pkgs/development/libraries/libevhtp/default.nix index f909d6d8ff2f..4765f0b7d9af 100644 --- a/pkgs/development/libraries/libevhtp/default.nix +++ b/pkgs/development/libraries/libevhtp/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { name = "libevhtp-${version}"; - version = "1.2.10"; + version = "1.2.11"; src = fetchFromGitHub { owner = "ellzey"; repo = "libevhtp"; rev = version; - sha256 = "0z5cxa65zp89vkaj286gp6fpmc5fylr8bmd17g3j1rgc42nysm6a"; + sha256 = "1rlxdp8w4alcy5ryr7pmw5wi6hv7d64885wwbk1zxhvi64s4x4rg"; }; buildInputs = [ cmake openssl libevent ]; diff --git a/pkgs/development/libraries/libinput/default.nix b/pkgs/development/libraries/libinput/default.nix index ed97952940a9..430743af96ad 100644 --- a/pkgs/development/libraries/libinput/default.nix +++ b/pkgs/development/libraries/libinput/default.nix @@ -15,11 +15,11 @@ in with stdenv.lib; stdenv.mkDerivation rec { - name = "libinput-1.0.2"; + name = "libinput-1.1.1"; src = fetchurl { url = "http://www.freedesktop.org/software/libinput/${name}.tar.xz"; - sha256 = "1fggbi8w8r7mayyk7zwqrqf3ni95y2703vcpggxqq7yjdgw0bld3"; + sha256 = "05yxz3cds65zmzj98yhsrwvnkv8c7n3zs2fksjzs2fy7vlrv9qid"; }; configureFlags = [ diff --git a/pkgs/development/libraries/libpng/default.nix b/pkgs/development/libraries/libpng/default.nix index 53777a0c56f0..a2454aa02f04 100644 --- a/pkgs/development/libraries/libpng/default.nix +++ b/pkgs/development/libraries/libpng/default.nix @@ -3,11 +3,11 @@ assert zlib != null; let - version = "1.6.18"; - sha256 = "0qq96rf31483kxz32h6l6921hy6p2v2pfqfvc74km229g4xw241f"; + version = "1.6.19"; + sha256 = "1s1mmkl79ghiczi2x2rbnp6y70v4c5pr8g3icxn9h5imymbmc71i"; patch_src = fetchurl { url = "mirror://sourceforge/libpng-apng/libpng-${version}-apng.patch.gz"; - sha256 = "0g2ljh2vhclas1hacys1c4gk6l6hyy6sngb2yvdsnjz50nyq16kv"; + sha256 = "0bgqkac16yhl0zwjzq2zwkixg2l2x3a6blbk3k0wqz0lza2a6jrh"; }; whenPatched = stdenv.lib.optionalString apngSupport; diff --git a/pkgs/development/libraries/mpfr/default.nix b/pkgs/development/libraries/mpfr/default.nix index e1809d544d1f..581f956b0afd 100644 --- a/pkgs/development/libraries/mpfr/default.nix +++ b/pkgs/development/libraries/mpfr/default.nix @@ -14,6 +14,7 @@ stdenv.mkDerivation rec { propagatedBuildInputs = [ gmp ]; configureFlags = + stdenv.lib.optional stdenv.isSunOS "--disable-thread-safe" ++ stdenv.lib.optional stdenv.is64bit "--with-pic"; doCheck = true; diff --git a/pkgs/development/libraries/ncurses/default.nix b/pkgs/development/libraries/ncurses/default.nix index c505d89a6d8f..8817e2c5523b 100644 --- a/pkgs/development/libraries/ncurses/default.nix +++ b/pkgs/development/libraries/ncurses/default.nix @@ -27,12 +27,21 @@ stdenv.mkDerivation rec { "--enable-symlinks" ] ++ lib.optional unicode "--enable-widec"; + # Only the C compiler, and explicitly not C++ compiler needs this flag on solaris: + CFLAGS = lib.optionalString stdenv.isSunOS "-D_XOPEN_SOURCE_EXTENDED"; + buildInputs = lib.optional (mouseSupport && stdenv.isLinux) gpm; preConfigure = '' configureFlagsArray+=("--includedir=$out/include") export PKG_CONFIG_LIBDIR="$out/lib/pkgconfig" mkdir -p "$PKG_CONFIG_LIBDIR" + '' + + lib.optionalString stdenv.isSunOS '' + sed -i -e '/-D__EXTENSIONS__/ s/-D_XOPEN_SOURCE=\$cf_XOPEN_SOURCE//' \ + -e '/CPPFLAGS="$CPPFLAGS/s/ -D_XOPEN_SOURCE_EXTENDED//' \ + configure + CFLAGS=-D_XOPEN_SOURCE_EXTENDED '' + lib.optionalString stdenv.isCygwin '' sed -i -e 's,LIB_SUFFIX="t,LIB_SUFFIX=",' configure ''; diff --git a/pkgs/development/tools/documentation/doxygen/default.nix b/pkgs/development/tools/documentation/doxygen/default.nix index 78669dfdce7a..82bbab5ff87e 100644 --- a/pkgs/development/tools/documentation/doxygen/default.nix +++ b/pkgs/development/tools/documentation/doxygen/default.nix @@ -20,12 +20,14 @@ stdenv.mkDerivation { buildInputs = [ perl python flex bison ] ++ stdenv.lib.optional (qt4 != null) qt4 + ++ stdenv.lib.optional stdenv.isSunOS libiconv ++ stdenv.lib.optionals stdenv.isDarwin [ CoreServices libiconv ]; prefixKey = "--prefix "; configureFlags = [ "--dot dot" ] + ++ stdenv.lib.optional stdenv.isSunOS "--install install" ++ stdenv.lib.optional (qt4 != null) "--with-doxywizard"; preConfigure = diff --git a/pkgs/development/tools/misc/help2man/default.nix b/pkgs/development/tools/misc/help2man/default.nix index 4386e7eaf741..8f687908017f 100644 --- a/pkgs/development/tools/misc/help2man/default.nix +++ b/pkgs/development/tools/misc/help2man/default.nix @@ -1,11 +1,11 @@ { stdenv, fetchurl, perl, gettext, LocaleGettext, makeWrapper }: stdenv.mkDerivation rec { - name = "help2man-1.47.2"; + name = "help2man-1.47.3"; src = fetchurl { url = "mirror://gnu/help2man/${name}.tar.xz"; - sha256 = "0z1zgw6k1fba59fii6ksfi1g2gci6i4ysa3kdfh3j475fdkn1if4"; + sha256 = "0miqq77ssk5rgsc9xlv7k5n2wk2c5wv2m1kh4zhbwrggfmjaycn2"; }; buildInputs = [ makeWrapper perl gettext LocaleGettext ]; diff --git a/pkgs/development/tools/misc/pkgconfig/default.nix b/pkgs/development/tools/misc/pkgconfig/default.nix index 6eea0a6d5d6b..c82a626336f6 100644 --- a/pkgs/development/tools/misc/pkgconfig/default.nix +++ b/pkgs/development/tools/misc/pkgconfig/default.nix @@ -10,9 +10,10 @@ stdenv.mkDerivation (rec { sha256 = "0sq09a39wj4cxf8l2jvkq067g08ywfma4v6nhprnf351s82pfl68"; }; - buildInputs = stdenv.lib.optional (stdenv.isCygwin || stdenv.isDarwin) libiconv; + buildInputs = stdenv.lib.optional (stdenv.isCygwin || stdenv.isDarwin || stdenv.isSunOS) libiconv; - configureFlags = [ "--with-internal-glib" ]; + configureFlags = [ "--with-internal-glib" ] + ++ stdenv.lib.optional (stdenv.isSunOS) [ "--with-libiconv=gnu" "--with-system-library-path" "--with-system-include-path" "CFLAGS=-DENABLE_NLS" ]; patches = (if vanilla then [] else [ # Process Requires.private properly, see diff --git a/pkgs/development/tools/misc/texinfo/6.0.nix b/pkgs/development/tools/misc/texinfo/6.0.nix index 5099676f32ba..11e822291e8d 100644 --- a/pkgs/development/tools/misc/texinfo/6.0.nix +++ b/pkgs/development/tools/misc/texinfo/6.0.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, ncurses, perl, xz, interactive ? false }: +{ stdenv, fetchurl, ncurses, perl, xz, libiconv, gawk, interactive ? false }: stdenv.mkDerivation rec { name = "texinfo-6.0"; @@ -9,14 +9,17 @@ stdenv.mkDerivation rec { }; buildInputs = [ perl xz ] + ++ stdenv.lib.optionals stdenv.isSunOS [ libiconv gawk ] ++ stdenv.lib.optional interactive ncurses; + configureFlags = stdenv.lib.optionalString stdenv.isSunOS "AWK=${gawk}/bin/awk"; + preInstall = '' installFlags="TEXMF=$out/texmf-dist"; installTargets="install install-tex"; ''; - doCheck = !stdenv.isDarwin && !interactive; + doCheck = !stdenv.isDarwin && !interactive && !stdenv.isSunOS/*flaky*/; meta = { homepage = "http://www.gnu.org/software/texinfo/"; diff --git a/pkgs/development/tools/parsing/bison/3.x.nix b/pkgs/development/tools/parsing/bison/3.x.nix index b38751ba99e4..ee0074140178 100644 --- a/pkgs/development/tools/parsing/bison/3.x.nix +++ b/pkgs/development/tools/parsing/bison/3.x.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, m4, perl }: +{ stdenv, fetchurl, m4, perl, help2man }: stdenv.mkDerivation rec { name = "bison-3.0.4"; @@ -8,7 +8,7 @@ stdenv.mkDerivation rec { sha256 = "b67fd2daae7a64b5ba862c66c07c1addb9e6b1b05c5f2049392cfd8a2172952e"; }; - nativeBuildInputs = [ m4 perl ]; + nativeBuildInputs = [ m4 perl ] ++ stdenv.lib.optional stdenv.isSunOS help2man; propagatedBuildInputs = [ m4 ]; meta = { diff --git a/pkgs/development/tools/parsing/flex/2.5.39.nix b/pkgs/development/tools/parsing/flex/default.nix index 93d54803e7c7..57ce29f51753 100644 --- a/pkgs/development/tools/parsing/flex/2.5.39.nix +++ b/pkgs/development/tools/parsing/flex/default.nix @@ -1,11 +1,11 @@ { stdenv, fetchurl, bison, m4 }: -stdenv.mkDerivation { - name = "flex-2.5.39"; +stdenv.mkDerivation rec { + name = "flex-2.6.0"; src = fetchurl { - url = mirror://sourceforge/flex/flex-2.5.39.tar.bz2; - sha256 = "0zv15giw3gma03y2bzw78hjfy49vyir7vbcgnh9bb3637dgvblmd"; + url = "mirror://sourceforge/flex/${name}.tar.bz2"; + sha256 = "1sdqx63yadindzafrq1w31ajblf9gl1c301g068s20s7bbpi3ri4"; }; buildInputs = [ bison ]; diff --git a/pkgs/os-specific/darwin/apple-sdk/default.nix b/pkgs/os-specific/darwin/apple-sdk/default.nix index 24083060e546..c18d3f6cc6d3 100644 --- a/pkgs/os-specific/darwin/apple-sdk/default.nix +++ b/pkgs/os-specific/darwin/apple-sdk/default.nix @@ -95,8 +95,10 @@ let propagatedBuildInputs = deps; - # Not going to bother being more precise than this... - __propagatedImpureHostDeps = (import ./impure-deps.nix).${name}; + # allows building the symlink tree + __impureHostDeps = [ "/System/Library/Frameworks/${name}.framework" ]; + + __propagatedImpureHostDeps = stdenv.lib.optional (name != "Kernel") "/System/Library/Frameworks/${name}.framework/${name}"; meta = with stdenv.lib; { description = "Apple SDK framework ${name}"; @@ -159,6 +161,12 @@ in rec { ''; }); + CoreServices = stdenv.lib.overrideDerivation super.CoreServices (drv: { + __propagatedSandboxProfile = drv.__propagatedSandboxProfile ++ ['' + (allow mach-lookup (global-name "com.apple.CoreServices.coreservicesd")) + '']; + }); + Security = stdenv.lib.overrideDerivation super.Security (drv: { setupHook = ./security-setup-hook.sh; }); diff --git a/pkgs/os-specific/darwin/apple-source-releases/CF/default.nix b/pkgs/os-specific/darwin/apple-source-releases/CF/default.nix index 55c8279340b7..3993a360156a 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/CF/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/CF/default.nix @@ -8,13 +8,7 @@ appleDerivation { patches = [ ./add-cf-initialize.patch ./add-cfmachport.patch ./cf-bridging.patch ]; - __propagatedImpureHostDeps = [ - "/System/Library/Frameworks/CoreFoundation.framework" - "/usr/lib/libc++.1.dylib" - "/usr/lib/libc++abi.dylib" - "/usr/lib/libicucore.A.dylib" - "/usr/lib/libz.1.dylib" - ]; + __propagatedImpureHostDeps = [ "/System/Library/Frameworks/CoreFoundation.framework/CoreFoundation" ]; preBuild = '' substituteInPlace Makefile \ @@ -52,5 +46,7 @@ appleDerivation { postInstall = '' mv $out/System/* $out rmdir $out/System + mv $out/Library/Frameworks/CoreFoundation.framework/Versions/A/PrivateHeaders/* \ + $out/Library/Frameworks/CoreFoundation.framework/Versions/A/Headers ''; } diff --git a/pkgs/os-specific/darwin/apple-source-releases/CoreOSMakefiles/default.nix b/pkgs/os-specific/darwin/apple-source-releases/CoreOSMakefiles/default.nix index 9f6031771c2d..203ca010d62a 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/CoreOSMakefiles/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/CoreOSMakefiles/default.nix @@ -1,7 +1,7 @@ { stdenv, appleDerivation, unifdef }: appleDerivation { - buildinputs = [ unifdef ]; + buildInputs = [ unifdef ]; phases = [ "unpackPhase" "installPhase" ]; diff --git a/pkgs/os-specific/darwin/apple-source-releases/adv_cmds/default.nix b/pkgs/os-specific/darwin/apple-source-releases/adv_cmds/default.nix index 4bc3a7a7fa42..a0261875c102 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/adv_cmds/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/adv_cmds/default.nix @@ -1,32 +1,87 @@ -{ stdenv, appleDerivation, version }: +{ stdenv, appleDerivation, fetchzip, version, bsdmake, perl, flex, yacc, writeScriptBin +}: -appleDerivation { - # Will override the name until we provide all of adv_cmds - buildPhase = '' - pushd ps - cc -Os -Wall -I. -c -o fmt.o fmt.c - cc -Os -Wall -I. -c -o keyword.o keyword.c - cc -Os -Wall -I. -c -o nlist.o nlist.c - cc -Os -Wall -I. -c -o print.o print.c - cc -Os -Wall -I. -c -o ps.o ps.c - cc -Os -Wall -I. -c -o tasks.o tasks.c - cc -o ps fmt.o keyword.o nlist.o print.o ps.o tasks.o +# this derivation sucks +# locale data was removed after adv_cmds-118, so our base is that because it's easier than +# replicating the bizarre bsdmake file structure +# +# sadly adv_cmds-118 builds a mklocale and colldef that generate files that our libc can no +# longer understand +# +# the more recent adv_cmds release is used for everything else in this package + +let recentAdvCmds = fetchzip { + url = "http://opensource.apple.com/tarballs/adv_cmds/adv_cmds-158.tar.gz"; + sha256 = "0z081kcprzg5jcvqivfnwvvv6wfxzkjg2jc2lagsf8c7j7vgm8nn"; +}; + +in appleDerivation { + buildInputs = [ bsdmake perl yacc flex ]; + + patchPhase = '' + substituteInPlace BSDMakefile \ + --replace chgrp true \ + --replace /Developer/Makefiles/bin/compress-man-pages.pl true \ + --replace "ps.tproj" "" --replace "gencat.tproj" "" --replace "md.tproj" "" \ + --replace "tabs.tproj" "" --replace "cap_mkdb.tproj" "" \ + --replace "!= tconf --test TARGET_OS_EMBEDDED" "= NO" + + substituteInPlace Makefile --replace perl true + + for subproject in colldef mklocale monetdef msgdef numericdef timedef; do + substituteInPlace usr-share-locale.tproj/$subproject/BSDmakefile \ + --replace /usr/share/locale "" \ + --replace '-o ''${BINOWN} -g ''${BINGRP}' "" \ + --replace "rsync -a" "cp -r" + done + ''; + + preBuild = '' + cp -r --no-preserve=all ${recentAdvCmds}/colldef . + pushd colldef + mv locale/collate.h . + flex -t -8 -i scan.l > scan.c + yacc -d parse.y + clang *.c -o colldef -lfl popd + mv colldef/colldef colldef.tproj/colldef - pushd locale - c++ -o locale locale.cc + cp -r --no-preserve=all ${recentAdvCmds}/mklocale . + pushd mklocale + flex -t -8 -i lex.l > lex.c + yacc -d yacc.y + clang *.c -o mklocale -lfl popd + mv mklocale/mklocale mklocale.tproj/mklocale + ''; + + buildPhase = '' + runHook preBuild + + bsdmake -C usr-share-locale.tproj + + clang ${recentAdvCmds}/ps/*.c -o ps ''; installPhase = '' - mkdir -p $out/bin $out/share/man/man1 + bsdmake -C usr-share-locale.tproj install DESTDIR="$locale/share/locale" + + # need to get rid of runtime dependency on flex + # install -d 0755 $locale/bin + # install -m 0755 colldef.tproj/colldef $locale/bin + # install -m 0755 mklocale.tproj/mklocale $locale/bin - cp ps/ps $out/bin/ps - cp ps/ps.1 $out/share/man/man1 - cp locale/locale $out/bin/locale - cp locale/locale.1 $out/share/man/man1 + install -d 0755 $ps/bin + install ps $ps/bin/ps ''; + outputs = [ + "ps" + "locale" + ]; + + # ps uses this syscall to get process info + propagatedSandboxProfile = stdenv.lib.sandbox.allow "mach-priv-task-port"; meta = { platforms = stdenv.lib.platforms.darwin; diff --git a/pkgs/os-specific/darwin/apple-source-releases/bsdmake/default.nix b/pkgs/os-specific/darwin/apple-source-releases/bsdmake/default.nix new file mode 100644 index 000000000000..dcbf8b433088 --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/bsdmake/default.nix @@ -0,0 +1,45 @@ +{ stdenv, appleDerivation, fetchurl, fetchpatch, makeWrapper }: + +appleDerivation { + buildInputs = [ makeWrapper ]; + + patchPhase = '' + substituteInPlace mk/bsd.prog.mk \ + --replace '-o ''${BINOWN} -g ''${BINGRP}' "" \ + --replace '-o ''${SCRIPTSOWN_''${.ALLSRC:T}}' "" \ + --replace '-g ''${SCRIPTSGRP_''${.ALLSRC:T}}' "" + substituteInPlace mk/bsd.lib.mk --replace '-o ''${LIBOWN} -g ''${LIBGRP}' "" + substituteInPlace mk/bsd.info.mk --replace '-o ''${INFOOWN} -g ''${INFOGRP}' "" + substituteInPlace mk/bsd.doc.mk --replace '-o ''${BINOWN} -g ''${BINGRP}' "" + substituteInPlace mk/bsd.man.mk --replace '-o ''${MANOWN} -g ''${MANGRP}' "" + substituteInPlace mk/bsd.files.mk \ + --replace '-o ''${''${group}OWN_''${.ALLSRC:T}}' "" \ + --replace '-g ''${''${group}GRP_''${.ALLSRC:T}}' "" \ + --replace '-o ''${''${group}OWN} -g ''${''${group}GRP}' "" + substituteInPlace mk/bsd.incs.mk \ + --replace '-o ''${''${group}OWN_''${.ALLSRC:T}}' "" \ + --replace '-g ''${''${group}GRP_''${.ALLSRC:T}}' "" \ + --replace '-o ''${''${group}OWN} -g ''${''${group}GRP}' "" + ''; + + buildPhase = '' + objs=() + for file in $(find . -name '*.c'); do + obj="$(basename "$file" .c).o" + objs+=("$obj") + cc -c "$file" -o "$obj" -DDEFSHELLNAME='"sh"' -D__FBSDID=__RCSID -mdynamic-no-pic -g + done + cc "''${objs[@]}" -o bsdmake + ''; + + installPhase = '' + install -d 0644 $out/bin + install -m 0755 bsdmake $out/bin + install -d 0644 $out/share/mk + install -m 0755 mk/* $out/share/mk + ''; + + preFixup = '' + wrapProgram "$out/bin/bsdmake" --add-flags "-m $out/share/mk" + ''; +} diff --git a/pkgs/os-specific/darwin/apple-source-releases/configd/default.nix b/pkgs/os-specific/darwin/apple-source-releases/configd/default.nix index 8687f3fe532e..1fbacfb92845 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/configd/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/configd/default.nix @@ -7,6 +7,10 @@ appleDerivation { propagatedBuildInputs = [ Security ]; + propagatedSandboxProfile = '' + (allow mach-lookup (global-name "com.apple.SystemConfiguration.configd")) + ''; + patchPhase = '' substituteInPlace SystemConfiguration.fproj/SCNetworkReachabilityInternal.h \ --replace '#include <xpc/xpc.h>' "" diff --git a/pkgs/os-specific/darwin/apple-source-releases/default.nix b/pkgs/os-specific/darwin/apple-source-releases/default.nix index 906e0ad2d544..f1b72b4123ff 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/default.nix @@ -48,16 +48,19 @@ let IOKitSrcs = stdenv.lib.mapAttrs (name: value: if builtins.isFunction value then value name else value) IOKitSpecs; + adv_cmds = applePackage "adv_cmds" "119" "102ssayxbg9wb35mdmhswbnw0bg7js3pfd8fcbic83c5q3bqa6c6" {}; + packages = { - adv_cmds = applePackage "adv_cmds" "153" "174v6a4zkcm2pafzgdm6kvs48z5f911zl7k49hv7kjq6gm58w99v" {}; + inherit (adv_cmds) ps locale; architecture = applePackage "architecture" "265" "05wz8wmxlqssfp29x203fwfb8pgbdjj1mpz12v508658166yzqj8" {}; bootstrap_cmds = applePackage "bootstrap_cmds" "86" "0xr0296jm1r3q7kbam98h85g23qlfi763z54ahj563n636kyk2wb" {}; + bsdmake = applePackage "bsdmake" "24" "11a9kkhz5bfgi1i8kpdkis78lhc6b5vxmhd598fcdgra1jw4iac2" {}; CarbonHeaders = applePackage "CarbonHeaders" "9A581" "1hc0yijlpwq39x5bic6nnywqp2m1wj1f11j33m2q7p505h1h740c" {}; CF = applePackage "CF" "855.17" "1sadmxi9fsvsmdyxvg2133sdzvkzwil5fvyyidxsyk1iyfzqsvln" {}; CommonCrypto = applePackage "CommonCrypto" "60049" "1azin6w7cnzl0iv8kd2qzgwcp6a45zy64y5z1i6jysjcl6xmlw2h" {}; configd = applePackage "configd" "453.19" "1gxakahk8gallf16xmhxhprdxkh3prrmzxnmxfvj0slr0939mmr2" {}; copyfile = applePackage "copyfile" "103.92.1" "15i2hw5aqx0fklvmq6avin5s00adacvzqc740vviwc2y742vrdcd" {}; - CoreOSMakefiles = applePackage "CoreOSMakefiles" "76" "0sw3w3sjil0kvxz8y86b81sz82rcd1nijayki1a1bsnsf0hz6qbf" {}; + CoreOSMakefiles = applePackage "CoreOSMakefiles" "40" "0kxp53spbn7109l7cvhi88pmfsi81lwmbws819b6wr3hm16v84f4" {}; Csu = applePackage "Csu" "79" "1hif4dz23isgx85sgh11yg8amvp2ksvvhz3y5v07zppml7df2lnh" {}; dtrace = applePackage "dtrace" "118.1" "0pp5x8dgvzmg9vvg32hpy2brm17dpmbwrcr4prsmdmfvd4767wcf" {}; dyld = applePackage "dyld" "239.4" "07z7lyv6x0f6gllb5hymccl31zisrdhz4gqp722xcs9nhsqaqvn7" {}; diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_generic/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_generic/default.nix index 4a739032e2ae..ccce7448e5db 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_generic/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_generic/default.nix @@ -30,6 +30,9 @@ name: version: sha256: args: let ''; buildInputs = [ pkgs.gnustep-make + pkgs.darwin.apple_sdk.frameworks.AppKit + pkgs.darwin.apple_sdk.frameworks.Foundation + pkgs.darwin.cf-private ]; makeFlags = [ "-f${makeFile}" diff --git a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_utilities/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_utilities/default.nix index 23ac246b4afa..9de1d120cc94 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/libsecurity_utilities/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/libsecurity_utilities/default.nix @@ -14,6 +14,9 @@ appleDerivation { substituteInPlace lib/debugging.cpp --replace PATH_MAX 1024 substituteInPlace lib/superblob.h --replace 'result->at' 'result->template at' substituteInPlace lib/ccaudit.cpp --replace '<bsm/libbsm.h>' '"bsm/libbsm.h"' + substituteInPlace lib/powerwatch.h --replace \ + '<IOKit/pwr_mgt/IOPMLibPrivate.h>' \ + '"${osx_private_sdk}/PrivateSDK10.9.sparse.sdk/System/Library/Frameworks/IOKit.framework/Versions/A/PrivateHeaders/pwr_mgt/IOPMLibPrivate.h"' cp ${osx_private_sdk}/PrivateSDK10.9.sparse.sdk/usr/include/security_utilities/utilities_dtrace.h lib cp -R ${osx_private_sdk}/PrivateSDK10.9.sparse.sdk/usr/local/include/bsm lib diff --git a/pkgs/os-specific/darwin/cf-private/setup-hook.sh b/pkgs/os-specific/darwin/cf-private/setup-hook.sh index a83a1323bf83..7594c07977b9 100644 --- a/pkgs/os-specific/darwin/cf-private/setup-hook.sh +++ b/pkgs/os-specific/darwin/cf-private/setup-hook.sh @@ -6,7 +6,7 @@ linkWithRealCF() { # gross! many symbols (such as _OBJC_CLASS_$_NSArray) are defined in system CF, but not # in the opensource release # if the package needs private headers, we assume they also want to link with system CF - NIX_LDFLAGS+=" /System/Library/Frameworks/CoreFoundation.framework/CoreFoundation" + NIX_LDFLAGS+=" /System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation" } preConfigureHooks+=(prependSearchPath linkWithRealCF) diff --git a/pkgs/servers/certificate-transparency/default.nix b/pkgs/servers/certificate-transparency/default.nix new file mode 100644 index 000000000000..ebfa7427fc00 --- /dev/null +++ b/pkgs/servers/certificate-transparency/default.nix @@ -0,0 +1,57 @@ +{ stdenv, pkgs, ...}: + +stdenv.mkDerivation rec { + name = "certificate-transparency-${version}"; + + version = "2015-11-27"; + rev = "dc5a51e55af989ff5871a6647166d00d0de478ab"; + + meta = with stdenv.lib; { + homepage = https://www.certificate-transparency.org/; + description = "Auditing for TLS certificates."; + license = licenses.asl20; + platforms = platforms.unix; + maintainers = with maintainers; [ philandstuff ]; + }; + + src = pkgs.fetchFromGitHub { + owner = "google"; + repo = "certificate-transparency"; + rev = rev; + sha256 = "14sgc2kcjjsnrykwcjin21h1f3v4kg83w6jqiq9qdm1ha165yhvx"; + }; + + # need to disable regex support in evhtp or building will fail + libevhtp_without_regex = stdenv.lib.overrideDerivation pkgs.libevhtp + (oldAttrs: { + cmakeFlags="-DEVHTP_DISABLE_REGEX:STRING=ON -DCMAKE_C_FLAGS:STRING=-fPIC"; + }); + + buildInputs = with pkgs; [ + autoconf automake clang_34 pkgconfig + glog gmock google-gflags gperftools gtest json_c leveldb + libevent libevhtp_without_regex openssl protobuf sqlite + ]; + + patches = [ + ./protobuf-include-from-env.patch + ]; + + doCheck = false; + + preConfigure = '' + ./autogen.sh + configureFlagsArray=( + CC=clang + CXX=clang++ + GMOCK_DIR=${pkgs.gmock} + GTEST_DIR=${pkgs.gtest} + ) + ''; + + # the default Makefile constructs BUILD_VERSION from `git describe` + # which isn't available in the nix build environment + makeFlags = "BUILD_VERSION=${version}-${rev}"; + + protocFlags = "-I ${pkgs.protobuf}/include"; +} diff --git a/pkgs/servers/certificate-transparency/protobuf-include-from-env.patch b/pkgs/servers/certificate-transparency/protobuf-include-from-env.patch new file mode 100644 index 000000000000..a1f9a1849b63 --- /dev/null +++ b/pkgs/servers/certificate-transparency/protobuf-include-from-env.patch @@ -0,0 +1,14 @@ +Get protobuf include path from environment + +--- a/python/Makefile ++++ b/python/Makefile +@@ -5,7 +5,7 @@ all: ct/proto/client_pb2.py ct/proto/ct_pb2.py ct/proto/tls_options_pb2.py \ + ct/proto/test_message_pb2.py ct/proto/certificate_pb2.py + + ct/proto/%_pb2.py: ct/proto/%.proto +- $(PROTOC) $^ -I/usr/include/ -I/usr/local/include -I$(INSTALL_DIR)/include -I. --python_out=. ++ $(PROTOC) $^ $(protocFlags) -I. --python_out=. + + ct/proto/ct_pb2.py: ../proto/ct.proto + $(PROTOC) --python_out=ct/proto -I../proto ../proto/ct.proto + diff --git a/pkgs/servers/x11/xorg/default.nix b/pkgs/servers/x11/xorg/default.nix index d1764108e4ad..75feb46a7fa0 100644 --- a/pkgs/servers/x11/xorg/default.nix +++ b/pkgs/servers/x11/xorg/default.nix @@ -2108,11 +2108,11 @@ let }) // {inherit ;}; xorgserver = (mkDerivation "xorgserver" { - name = "xorg-server-1.17.2"; + name = "xorg-server-1.17.4"; builder = ./builder.sh; src = fetchurl { - url = mirror://xorg/individual/xserver/xorg-server-1.17.2.tar.bz2; - sha256 = "14vr4mm0x94a9bd3sfx9mdh8qhvk48zcml3i8q1wbwi84xhj04gn"; + url = mirror://xorg/individual/xserver/xorg-server-1.17.4.tar.bz2; + sha256 = "0mv4ilpqi5hpg182mzqn766frhi6rw48aba3xfbaj4m82v0lajqc"; }; buildInputs = [pkgconfig dri2proto dri3proto renderproto libdrm openssl libX11 libXau libXaw libxcb xcbutil xcbutilwm xcbutilimage xcbutilkeysyms xcbutilrenderutil libXdmcp libXfixes libxkbfile libXmu libXpm libXrender libXres libXt ]; }) // {inherit dri2proto dri3proto renderproto libdrm openssl libX11 libXau libXaw libxcb xcbutil xcbutilwm xcbutilimage xcbutilkeysyms xcbutilrenderutil libXdmcp libXfixes libxkbfile libXmu libXpm libXrender libXres libXt ;}; diff --git a/pkgs/servers/x11/xorg/fix_segfault.patch b/pkgs/servers/x11/xorg/fix_segfault.patch deleted file mode 100644 index b3a7d2ed5e00..000000000000 --- a/pkgs/servers/x11/xorg/fix_segfault.patch +++ /dev/null @@ -1,63 +0,0 @@ -From 7cc7ffd25d5e50b54cb942d07d4cb160f20ff9c5 Mon Sep 17 00:00:00 2001 -From: Martin Peres <martin.peres@linux.intel.com> -Date: Fri, 17 Jul 2015 17:21:26 +0300 -Subject: [PATCH] os: make sure the clientsWritable fd_set is initialized - before use - -In WaitForSomething(), the fd_set clientsWritable may be used unitialized when -the boolean AnyClientsWriteBlocked is set in the WakeupHandler(). This leads to -a crash in FlushAllOutput() after x11proto's commit -2c94cdb453bc641246cc8b9a876da9799bee1ce7. - -The problem did not manifest before because both the XFD_SIZE and the maximum -number of clients were set to 256. As the connectionTranslation table was -initalized for the 256 clients to 0, the test on the index not being 0 was -aborting before dereferencing the client #0. - -As of commit 2c94cdb453bc641246cc8b9a876da9799bee1ce7 in x11proto, the XFD_SIZE -got bumped to 512. This lead the OutputPending fd_set to have any fd above 256 -to be uninitialized which in turns lead to reading an index after the end of -the ConnectionTranslation table. This index would then be used to find the -client corresponding to the fd marked as pending writes and would also result -to an out-of-bound access which would usually be the fatal one. - -Fix this by zeroing the clientsWritable fd_set at the beginning of -WaitForSomething(). In this case, the bottom part of the loop, which would -indirectly call FlushAllOutput, will not do any work but the next call to -select will result in the execution of the right codepath. This is exactly what -we want because we need to know the writable clients before handling them. In -the end, it also makes sure that the fds above MaxClient are initialized, -preventing the crash in FlushAllOutput(). - -Thanks to everyone involved in tracking this one down! - -Reported-by: Karol Herbst <freedesktop@karolherbst.de> -Reported-by: Tobias Klausmann <tobias.klausmann@mni.thm.de> -Signed-off-by: Martin Peres <martin.peres@linux.intel.com> -Tested-by: Martin Peres <martin.peres@linux.intel.com> -Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=91316 -Cc: Ilia Mirkin <imirkin@alum.mit.edu> -Cc: Martin Peres <martin.peres@linux.intel.com> -Cc: Olivier Fourdan <ofourdan@redhat.com -Cc: Adam Jackson <ajax@redhat.com> -Cc: Alan Coopersmith <alan.coopersmith@oracle.com -Cc: Chris Wilson <chris@chris-wilson.co.uk> ---- - os/WaitFor.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/os/WaitFor.c b/os/WaitFor.c -index 431f1a6..993c14e 100644 ---- a/os/WaitFor.c -+++ b/os/WaitFor.c -@@ -158,6 +158,7 @@ WaitForSomething(int *pClientsReady) - Bool someReady = FALSE; - - FD_ZERO(&clientsReadable); -+ FD_ZERO(&clientsWritable); - - if (nready) - SmartScheduleStopTimer(); --- -2.4.5 - diff --git a/pkgs/servers/x11/xorg/overrides.nix b/pkgs/servers/x11/xorg/overrides.nix index 1339e51eb232..78be046366db 100644 --- a/pkgs/servers/x11/xorg/overrides.nix +++ b/pkgs/servers/x11/xorg/overrides.nix @@ -291,7 +291,7 @@ in dri2proto dri3proto kbproto xineramaproto resourceproto scrnsaverproto videoproto ]; # fix_segfault: https://bugs.freedesktop.org/show_bug.cgi?id=91316 - commonPatches = [ ./xorgserver-xkbcomp-path.patch ./fix_segfault.patch ]; + commonPatches = [ ./xorgserver-xkbcomp-path.patch ]; # XQuartz requires two compilations: the first to get X / XQuartz, # and the second to get Xvfb, Xnest, etc. darwinOtherX = overrideDerivation xorgserver (oldAttrs: { diff --git a/pkgs/stdenv/generic/default.nix b/pkgs/stdenv/generic/default.nix index 1a2ca5038b20..8e6bf2be63f6 100644 --- a/pkgs/stdenv/generic/default.nix +++ b/pkgs/stdenv/generic/default.nix @@ -12,6 +12,8 @@ let lib = import ../../../lib; in lib.makeOverridable ( , extraBuildInputs ? [] , __stdenvImpureHostDeps ? [] , __extraImpureHostDeps ? [] +, stdenvSandboxProfile ? "" +, extraSandboxProfile ? "" }: let @@ -100,6 +102,8 @@ let , outputs ? [ "out" ] , __impureHostDeps ? [] , __propagatedImpureHostDeps ? [] + , sandboxProfile ? "" + , propagatedSandboxProfile ? "" , ... } @ attrs: let pos' = @@ -165,9 +169,13 @@ let lib.addPassthru (derivation ( (removeAttrs attrs ["meta" "passthru" "crossAttrs" "pos" - "__impureHostDeps" "__propagatedImpureHostDeps"]) + "__impureHostDeps" "__propagatedImpureHostDeps" + "sandboxProfile" "propagatedSandboxProfile"]) // (let - # TODO: remove lib.unique once nix has a list canonicalization primitive + computedSandboxProfile = + lib.concatMap (input: input.__propagatedSandboxProfile or []) (extraBuildInputs ++ buildInputs ++ nativeBuildInputs); + computedPropagatedSandboxProfile = + lib.concatMap (input: input.__propagatedSandboxProfile or []) (propagatedBuildInputs ++ propagatedNativeBuildInputs); computedImpureHostDeps = lib.unique (lib.concatMap (input: input.__propagatedImpureHostDeps or []) (extraBuildInputs ++ buildInputs ++ nativeBuildInputs)); computedPropagatedImpureHostDeps = @@ -189,6 +197,12 @@ let propagatedNativeBuildInputs = propagatedNativeBuildInputs ++ (if crossConfig == null then propagatedBuildInputs else []); } // ifDarwin { + # TODO: remove lib.unique once nix has a list canonicalization primitive + __sandboxProfile = + let profiles = [ extraSandboxProfile ] ++ computedSandboxProfile ++ computedPropagatedSandboxProfile ++ [ propagatedSandboxProfile sandboxProfile ]; + final = lib.concatStringsSep "\n" (lib.filter (x: x != "") (lib.unique profiles)); + in final; + __propagatedSandboxProfile = lib.unique (computedPropagatedSandboxProfile ++ [ propagatedSandboxProfile ]); __impureHostDeps = computedImpureHostDeps ++ computedPropagatedImpureHostDeps ++ __propagatedImpureHostDeps ++ __impureHostDeps ++ __extraImpureHostDeps ++ [ "/dev/zero" "/dev/random" @@ -232,6 +246,7 @@ let inherit preHook initialPath shell defaultNativeBuildInputs; } // ifDarwin { + __sandboxProfile = stdenvSandboxProfile; __impureHostDeps = __stdenvImpureHostDeps; }) diff --git a/pkgs/stdenv/pure-darwin/default.nix b/pkgs/stdenv/pure-darwin/default.nix index d13dc98cd742..bc3b433e9226 100644 --- a/pkgs/stdenv/pure-darwin/default.nix +++ b/pkgs/stdenv/pure-darwin/default.nix @@ -5,18 +5,9 @@ }: let - # libSystem and its transitive dependencies. Get used to this; it's a recurring theme in darwin land - libSystemClosure = [ - "/usr/lib/libSystem.dylib" - "/usr/lib/libSystem.B.dylib" - "/usr/lib/libobjc.A.dylib" - "/usr/lib/libobjc.dylib" - "/usr/lib/libauto.dylib" - "/usr/lib/libc++abi.dylib" - "/usr/lib/libc++.1.dylib" - "/usr/lib/libDiagnosticMessagesClient.dylib" - "/usr/lib/system" - ]; + libSystemProfile = '' + (import "${./standard-sandbox.sb}") + ''; fetch = { file, sha256, executable ? true }: import <nix/fetchurl.nix> { url = "http://tarballs.nixos.org/stdenv-darwin/x86_64/4f07c88d467216d9692fefc951deb5cd3c4cc722/${file}"; @@ -46,7 +37,9 @@ in rec { ''; # The one dependency of /bin/sh :( - binShClosure = [ "/usr/lib/libncurses.5.4.dylib" ]; + binShClosure = '' + (allow file-read* (literal "/usr/lib/libncurses.5.4.dylib")) + ''; bootstrapTools = derivation rec { inherit system tarball; @@ -57,7 +50,7 @@ in rec { inherit (bootstrapFiles) mkdir bzip2 cpio; - __impureHostDeps = binShClosure ++ libSystemClosure; + __sandboxProfile = binShClosure + libSystemProfile; }; stageFun = step: last: {shell ? "${bootstrapTools}/bin/sh", @@ -100,8 +93,8 @@ in rec { }; # The stdenvs themselves don't use mkDerivation, so I need to specify this here - __stdenvImpureHostDeps = binShClosure ++ libSystemClosure; - __extraImpureHostDeps = binShClosure ++ libSystemClosure; + stdenvSandboxProfile = binShClosure + libSystemProfile; + extraSandboxProfile = binShClosure + libSystemProfile; extraAttrs = { inherit platform; }; overrides = pkgs: (overrides pkgs) // { fetchurl = thisStdenv.fetchurlBoot; }; @@ -178,10 +171,14 @@ in rec { }; stage2 = with stage1; stageFun 2 stage1 { + extraPreHook = '' + export PATH_LOCALE=${pkgs.darwin.locale}/share/locale + ''; + allowedRequisites = [ bootstrapTools ] ++ (with pkgs; [ xz libcxx libcxxabi icu ]) ++ - (with pkgs.darwin; [ dyld Libsystem CF ]); + (with pkgs.darwin; [ dyld Libsystem CF locale ]); overrides = persistent1; }; @@ -196,7 +193,7 @@ in rec { darwin = orig.darwin // { inherit (darwin) - dyld Libsystem xnu configd libdispatch libclosure launchd libiconv; + dyld Libsystem xnu configd libdispatch libclosure launchd libiconv locale; }; }; @@ -209,10 +206,14 @@ in rec { # patches our shebangs back to point at bootstrapTools. This makes sure bash comes first. extraInitialPath = [ pkgs.bash ]; + extraPreHook = '' + export PATH_LOCALE=${pkgs.darwin.locale}/share/locale + ''; + allowedRequisites = [ bootstrapTools ] ++ (with pkgs; [ icu bash libcxx libcxxabi ]) ++ - (with pkgs.darwin; [ dyld Libsystem ]); + (with pkgs.darwin; [ dyld Libsystem locale ]); overrides = persistent2; }; @@ -230,13 +231,16 @@ in rec { }; darwin = orig.darwin // { - inherit (darwin) dyld Libsystem libiconv; + inherit (darwin) dyld Libsystem libiconv locale; }; }; stage4 = with stage3; stageFun 4 stage3 { shell = "${pkgs.bash}/bin/bash"; extraInitialPath = [ pkgs.bash ]; + extraPreHook = '' + export PATH_LOCALE=${pkgs.darwin.locale}/share/locale + ''; overrides = persistent3; }; @@ -251,7 +255,7 @@ in rec { }; darwin = orig.darwin // { - inherit (darwin) dyld Libsystem cctools CF libiconv; + inherit (darwin) dyld Libsystem cctools libiconv; }; }; @@ -261,10 +265,12 @@ in rec { name = "stdenv-darwin"; - preHook = commonPreHook; + preHook = commonPreHook + '' + export PATH_LOCALE=${pkgs.darwin.locale}/share/locale + ''; - __stdenvImpureHostDeps = binShClosure ++ libSystemClosure; - __extraImpureHostDeps = binShClosure ++ libSystemClosure; + stdenvSandboxProfile = binShClosure + libSystemProfile; + extraSandboxProfile = binShClosure + libSystemProfile; initialPath = import ../common-path.nix { inherit pkgs; }; shell = "${pkgs.bash}/bin/bash"; @@ -292,7 +298,7 @@ in rec { coreutils ed diffutils gnutar gzip ncurses gnused bash gawk gnugrep llvmPackages.clang-unwrapped patch pcre binutils-raw binutils gettext ]) ++ (with pkgs.darwin; [ - dyld Libsystem CF cctools libiconv + dyld Libsystem CF cctools libiconv locale ]); overrides = orig: persistent4 orig // { diff --git a/pkgs/stdenv/pure-darwin/standard-sandbox.sb b/pkgs/stdenv/pure-darwin/standard-sandbox.sb new file mode 100644 index 000000000000..b87be89f35f2 --- /dev/null +++ b/pkgs/stdenv/pure-darwin/standard-sandbox.sb @@ -0,0 +1,72 @@ +(define TMPDIR (param "_GLOBAL_TMP_DIR")) + +; obvious +(allow process-fork) + +; allow reading system information like #CPUs, etc. +(allow sysctl-read) + +; IPC +(allow ipc-posix*) + +; Unix sockets +(allow system-socket) + +; all runtime dependencies of libSystem.dylib +(allow file-read* + (literal "/usr/lib/libSystem.dylib") + (literal "/usr/lib/libSystem.B.dylib") + (literal "/usr/lib/libobjc.A.dylib") + (literal "/usr/lib/libobjc.dylib") + (literal "/usr/lib/libauto.dylib") + (literal "/usr/lib/libc++abi.dylib") + (literal "/usr/lib/libc++.1.dylib") + (literal "/usr/lib/libDiagnosticMessagesClient.dylib") + (subpath "/usr/lib/system")) + +; tmp +(allow file* process-exec (literal "/tmp") (subpath TMPDIR)) + +; clang likes to read the system version +(allow file-read* (literal "/System/Library/CoreServices/SystemVersion.plist")) + +; used for bootstrap builders +(allow process-exec* (literal "/bin/sh")) + +; without this line clang cannot write to /dev/null, breaking some configure tests +(allow file-read-metadata (literal "/dev")) + +; standard devices +(allow file* + (literal "/dev/null") + (literal "/dev/random") + (literal "/dev/stdin") + (literal "/dev/stdout") + (literal "/dev/tty") + (literal "/dev/urandom") + (literal "/dev/zero") + (subpath "/dev/fd")) + +; does nothing, but reduces build noise +(allow file* (literal "/dev/dtracehelper")) + +; ICU data and zoneinfo data are hardcoded +; both are in libicucore and zoneinfo is in libsystem_c as well +(allow file-read* (subpath "/usr/share/icu") (subpath "/usr/share/zoneinfo")) + +; no idea what this is +(allow file-read-data (literal "/dev/autofs_nowait")) + +; lots of autoconf projects want to list this directory +(allow file-read-metadata (literal "/var") (literal "/private/var/tmp")) + +; send signals +(allow signal (target same-sandbox)) + +; allow getpwuid (for git and other packages) +(allow mach-lookup + (global-name "com.apple.system.notification_center") + (global-name "com.apple.system.opendirectoryd.libinfo")) + +; allow networking on localhost +(allow network* (local ip) (remote unix-socket)) diff --git a/pkgs/tools/compression/bzip2/builder.sh b/pkgs/tools/compression/bzip2/builder.sh deleted file mode 100644 index a598dfcf808c..000000000000 --- a/pkgs/tools/compression/bzip2/builder.sh +++ /dev/null @@ -1,24 +0,0 @@ -source $stdenv/setup -installFlags="PREFIX=$out" - -if test -n "$sharedLibrary"; then - - preBuild() { - make -f Makefile-libbz2_so - } - - preInstall() { - mkdir -p $out/lib - mv libbz2.so* $out/lib - (cd $out/lib && ln -s libbz2.so.1.0.? libbz2.so && ln -s libbz2.so.1.0.? libbz2.so.1); - } - -fi - -postInstall() { - rm $out/bin/bunzip2* $out/bin/bzcat* - ln -s bzip2 $out/bin/bunzip2 - ln -s bzip2 $out/bin/bzcat -} - -genericBuild diff --git a/pkgs/tools/compression/bzip2/default.nix b/pkgs/tools/compression/bzip2/default.nix index 74da91431a43..3e835c30e3d7 100644 --- a/pkgs/tools/compression/bzip2/default.nix +++ b/pkgs/tools/compression/bzip2/default.nix @@ -1,11 +1,13 @@ -{ stdenv, fetchurl, linkStatic ? false }: +{ stdenv, fetchurl, libtool, autoconf, automake, gnum4, linkStatic ? false }: -let version = "1.0.6"; in +let + version = "1.0.6"; -stdenv.mkDerivation { - name = "bzip2-${version}"; + sharedLibrary = !stdenv.isDarwin && !(stdenv ? isStatic) + && stdenv.system != "i686-cygwin" && !linkStatic; - builder = ./builder.sh; +in stdenv.mkDerivation { + name = "bzip2-${version}"; src = fetchurl { url = "http://www.bzip.org/${version}/bzip2-${version}.tar.gz"; @@ -13,24 +15,58 @@ stdenv.mkDerivation { }; crossAttrs = { - patchPhase = '' + buildInputs = [ libtool autoconf automake gnum4 ]; + patches = [ + # original upstream for the autoconf patch is here: + # http://ftp.suse.com/pub/people/sbrabec/bzip2/for_downstream/bzip2-1.0.6-autoconfiscated.patch + # but we get the mingw-builds version of the patch, which fixes + # a few more issues + (fetchurl { + url = "https://raw.githubusercontent.com/niXman/mingw-builds/17ae841dcf6e72badad7941a06d631edaf687436/patches/bzip2/bzip2-1.0.6-autoconfiscated.patch"; + sha256 = "1flbd3i8vg9kzq0a712qcg9j2c4ymnqvgd0ldyafpzvbqj1iicnp"; + }) + ]; + patchFlags = "-p0"; + postPatch = '' sed -i -e '/<sys\\stat\.h>/s|\\|/|' bzip2.c - sed -i -e 's/CC=gcc/CC=${stdenv.cross.config}-gcc/' \ - -e 's/AR=ar/AR=${stdenv.cross.config}-ar/' \ - -e 's/RANLIB=ranlib/RANLIB=${stdenv.cross.config}-ranlib/' \ - -e 's/bzip2recover test/bzip2recover/' \ - Makefile* ''; + preConfigure = "sh ./autogen.sh"; + # clear native hooks that are not needed with autoconf + preBuild = ""; + preInstall = ""; + postInstall = ""; }; - sharedLibrary = - !stdenv.isDarwin && !(stdenv ? isStatic) && stdenv.system != "i686-cygwin" && !linkStatic; + preBuild = stdenv.lib.optionalString sharedLibrary '' + make -f Makefile-libbz2_so + ''; + + preInstall = stdenv.lib.optionalString sharedLibrary '' + mkdir -p $out/lib + mv libbz2.so* $out/lib + ( cd $out/lib && + ln -s libbz2.so.1.0.? libbz2.so && + ln -s libbz2.so.1.0.? libbz2.so.1 + ) + ''; + + installFlags = [ "PREFIX=$(out)" ]; + + postInstall = '' + rm $out/bin/bunzip2* $out/bin/bzcat* + ln -s bzip2 $out/bin/bunzip2 + ln -s bzip2 $out/bin/bzcat + ''; - patchPhase = stdenv.lib.optionalString stdenv.isDarwin "substituteInPlace Makefile --replace 'CC=gcc' 'CC=clang'"; + patchPhase = stdenv.lib.optionalString stdenv.isDarwin '' + substituteInPlace Makefile --replace 'CC=gcc' 'CC=clang' + ''; - preConfigure = "substituteInPlace Makefile --replace '$(PREFIX)/man' '$(PREFIX)/share/man'"; + preConfigure = '' + substituteInPlace Makefile --replace '$(PREFIX)/man' '$(PREFIX)/share/man' + ''; - makeFlags = if linkStatic then "LDFLAGS=-static" else ""; + makeFlags = stdenv.lib.optional linkStatic "LDFLAGS=-static"; inherit linkStatic; diff --git a/pkgs/tools/misc/coreutils/default.nix b/pkgs/tools/misc/coreutils/default.nix index 6463d8f89440..baa3900ad97a 100644 --- a/pkgs/tools/misc/coreutils/default.nix +++ b/pkgs/tools/misc/coreutils/default.nix @@ -37,6 +37,8 @@ let touch -r src/stat.c src/tail.c ''; + configureFlags = optionalString stdenv.isSunOS "ac_cv_func_inotify_init=no"; + nativeBuildInputs = [ perl ]; buildInputs = [ gmp ] ++ optional aclSupport acl @@ -81,6 +83,7 @@ let enableParallelBuilding = false; NIX_LDFLAGS = optionalString selinuxSupport "-lsepol"; + FORCE_UNSAFE_CONFIGURE = stdenv.lib.optionalString (stdenv.system == "armv7l-linux" || stdenv.isSunOS) "1"; makeFlags = optionalString stdenv.isDarwin "CFLAGS=-D_FORTIFY_SOURCE=0"; @@ -115,6 +118,3 @@ let }; in self - // stdenv.lib.optionalAttrs (stdenv.system == "armv7l-linux" || stdenv.isSunOS) { - FORCE_UNSAFE_CONFIGURE = 1; - } diff --git a/pkgs/tools/misc/less/default.nix b/pkgs/tools/misc/less/default.nix index af8a0dd7d81b..75e00635320a 100644 --- a/pkgs/tools/misc/less/default.nix +++ b/pkgs/tools/misc/less/default.nix @@ -18,7 +18,7 @@ stdenv.mkDerivation rec { meta = { homepage = http://www.greenwoodsoftware.com/less/; description = "A more advanced file pager than ‘more’"; - platforms = stdenv.lib.platforms.linux ++ stdenv.lib.platforms.darwin; + platforms = stdenv.lib.platforms.unix; maintainers = [ stdenv.lib.maintainers.eelco ]; }; } diff --git a/pkgs/tools/networking/curl/default.nix b/pkgs/tools/networking/curl/default.nix index 14687817835a..3c77d2a6c8d6 100644 --- a/pkgs/tools/networking/curl/default.nix +++ b/pkgs/tools/networking/curl/default.nix @@ -47,6 +47,7 @@ stdenv.mkDerivation rec { ''; configureFlags = [ + "--disable-manual" ( if sslSupport then "--with-ssl=${openssl}" else "--without-ssl" ) ( if scpSupport then "--with-libssh2=${libssh2}" else "--without-libssh2" ) ( if ldapSupport then "--enable-ldap" else "--disable-ldap" ) diff --git a/pkgs/tools/networking/haproxy/default.nix b/pkgs/tools/networking/haproxy/default.nix index de8488ab3a8e..f6201b44b3ea 100644 --- a/pkgs/tools/networking/haproxy/default.nix +++ b/pkgs/tools/networking/haproxy/default.nix @@ -1,4 +1,4 @@ -{ stdenv, pkgs, fetchurl, openssl }: +{ stdenv, pkgs, fetchurl, openssl, zlib }: stdenv.mkDerivation rec { majorVersion = "1.5"; @@ -10,11 +10,11 @@ stdenv.mkDerivation rec { sha256 = "16cg1jmy2d8mq2ypwifsvhbyp4pyrj0zm0r818sx0r4hchwdsrcm"; }; - buildInputs = [ openssl ]; + buildInputs = [ openssl zlib ]; # TODO: make it work on darwin/bsd as well preConfigure = '' - export makeFlags="TARGET=linux2628 PREFIX=$out USE_OPENSSL=yes" + export makeFlags="TARGET=${if stdenv.isSunOS then "solaris" else "linux2628"} PREFIX=$out USE_OPENSSL=yes USE_ZLIB=yes" ''; meta = { diff --git a/pkgs/tools/text/gawk/default.nix b/pkgs/tools/text/gawk/default.nix index 001a50458e29..f865b69cfeda 100644 --- a/pkgs/tools/text/gawk/default.nix +++ b/pkgs/tools/text/gawk/default.nix @@ -12,6 +12,7 @@ stdenv.mkDerivation rec { doCheck = !( stdenv.isCygwin # XXX: `test-dup2' segfaults on Cygwin 6.1 || stdenv.isDarwin # XXX: `locale' segfaults + || stdenv.isSunOS # XXX: `_backsmalls1' fails, locale stuff? ); buildInputs = stdenv.lib.optional (stdenv.system != "x86_64-cygwin") libsigsegv diff --git a/pkgs/tools/text/gnugrep/default.nix b/pkgs/tools/text/gnugrep/default.nix index e8352e318b9b..242ce36780d1 100644 --- a/pkgs/tools/text/gnugrep/default.nix +++ b/pkgs/tools/text/gnugrep/default.nix @@ -15,7 +15,7 @@ stdenv.mkDerivation { buildInputs = [ pcre libiconv ]; # cygwin: FAIL: multibyte-white-space - doCheck = !stdenv.isDarwin && !stdenv.isCygwin; + doCheck = !stdenv.isDarwin && !stdenv.isSunOS && !stdenv.isCygwin; # On Mac OS X, force use of mkdir -p, since Grep's fallback # (./install-sh) is broken. diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index fe50da49b0ec..7b93fc27f675 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -16,6 +16,7 @@ # outside of the store. Thus, GCC, GFortran, & co. must always look for # files in standard system directories (/usr/include, etc.) noSysDirs ? (system != "x86_64-freebsd" && system != "i686-freebsd" + && system != "x86_64-solaris" && system != "x86_64-kfreebsd-gnu") # More flags for the bootstrapping of stdenv. @@ -761,6 +762,8 @@ let gcdemu = callPackage ../misc/emulators/cdemu/gui.nix { }; + certificate-transparency = callPackage ../servers/certificate-transparency { }; + image-analyzer = callPackage ../misc/emulators/cdemu/analyzer.nix { }; ccnet = callPackage ../tools/networking/ccnet { }; @@ -929,6 +932,7 @@ let asciidoc = callPackage ../tools/typesetting/asciidoc { inherit (pythonPackages) matplotlib numpy aafigure recursivePthLoader; + w3m = w3m-batch; enableStandardFeatures = false; }; @@ -1565,7 +1569,7 @@ let garmintools = callPackage ../development/libraries/garmintools {}; gawk = callPackage ../tools/text/gawk { - locale = darwin.adv_cmds; + inherit (darwin) locale; }; gawkInteractive = appendToName "interactive" @@ -3155,7 +3159,9 @@ let stricat = callPackage ../tools/security/stricat { }; - privoxy = callPackage ../tools/networking/privoxy { }; + privoxy = callPackage ../tools/networking/privoxy { + w3m = w3m-batch; + }; swaks = callPackage ../tools/networking/swaks { }; @@ -3607,7 +3613,7 @@ let xmlstarlet = callPackage ../tools/text/xml/xmlstarlet { }; xmlto = callPackage ../tools/typesetting/xmlto { - w3m = w3m.override { graphicsSupport = false; }; + w3m = w3m-batch; }; xmltv = callPackage ../tools/misc/xmltv { }; @@ -3920,7 +3926,7 @@ let inherit noSysDirs; # PGO seems to speed up compilation by gcc by ~10%, see #445 discussion - profiledCompiler = with stdenv; (!isDarwin && (isi686 || isx86_64)); + profiledCompiler = with stdenv; (!isSunOS && !isDarwin && (isi686 || isx86_64)); # When building `gcc.crossDrv' (a "Canadian cross", with host == target # and host != build), `cross' must be null but the cross-libc must still @@ -4786,7 +4792,11 @@ let rtags = callPackage ../development/tools/rtags/default.nix {}; rustcMaster = callPackage ../development/compilers/rustc/head.nix {}; - rustc = callPackage ../development/compilers/rustc {}; + rustc = callPackage ../development/compilers/rustc { + callPackage = newScope ({ + procps = if stdenv.isDarwin then darwin.ps else procps; + }); + }; rustPlatform = rustStable; @@ -5506,12 +5516,12 @@ let cmake-2_8 = callPackage ../development/tools/build-managers/cmake/2.8.nix { wantPS = stdenv.isDarwin; - ps = if stdenv.isDarwin then darwin.adv_cmds else null; + inherit (darwin) ps; }; cmake = callPackage ../development/tools/build-managers/cmake { wantPS = stdenv.isDarwin; - ps = if stdenv.isDarwin then darwin.adv_cmds else null; + inherit (darwin) ps; }; cmakeCurses = cmake.override { useNcurses = true; }; @@ -5632,8 +5642,7 @@ let jdepend = callPackage ../development/tools/analysis/jdepend { }; flex_2_5_35 = callPackage ../development/tools/parsing/flex/2.5.35.nix { }; - flex_2_5_39 = callPackage ../development/tools/parsing/flex/2.5.39.nix { }; - flex = flex_2_5_39; + flex = callPackage ../development/tools/parsing/flex/default.nix { }; flexcpp = callPackage ../development/tools/parsing/flexc++ { }; @@ -11399,7 +11408,7 @@ let imagemagick = null; acl = null; gpm = null; - inherit (darwin.apple_sdk.frameworks) AppKit; + inherit (darwin.apple_sdk.frameworks) AppKit CoreWLAN GSS Kerberos ImageIO; }; emacs24-nox = lowPrio (appendToName "nox" (emacs24.override { @@ -13437,8 +13446,21 @@ let vym = callPackage ../applications/misc/vym { }; - w3m = callPackage ../applications/networking/browsers/w3m { + w3m = callPackage ../applications/networking/browsers/w3m { }; + + # Should always be the version with the most features + w3m-full = w3m; + + # Version without X11 + w3m-nox = w3m.override { + x11Support = false; + }; + + # Version for batch text processing, not a good browser + w3m-batch = w3m.override { graphicsSupport = false; + x11Support = false; + mouseSupport = false; }; weechat = callPackage ../applications/networking/irc/weechat { @@ -13643,7 +13665,9 @@ let xdg-user-dirs = callPackage ../tools/X11/xdg-user-dirs { }; - xdg_utils = callPackage ../tools/X11/xdg-utils { }; + xdg_utils = callPackage ../tools/X11/xdg-utils { + w3m = w3m-batch; + }; xdotool = callPackage ../tools/X11/xdotool { }; diff --git a/pkgs/top-level/perl-packages.nix b/pkgs/top-level/perl-packages.nix index aa42b736e128..711ac37970e1 100644 --- a/pkgs/top-level/perl-packages.nix +++ b/pkgs/top-level/perl-packages.nix @@ -6552,7 +6552,7 @@ let self = _self // overrides; _self = with self; { meta = { description = "The World-Wide Web library for Perl"; license = with stdenv.lib.licenses; [ artistic1 gpl1Plus ]; - platforms = stdenv.lib.platforms.linux ++ stdenv.lib.platforms.darwin; + platforms = stdenv.lib.platforms.linux ++ stdenv.lib.platforms.darwin ++ stdenv.lib.platforms.illumos; }; }; diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index b9247fc44049..0280bf366e8c 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -10190,6 +10190,8 @@ in modules // { monotonic = buildPythonPackage rec { name = "monotonic-0.4"; + __propagatedImpureHostDeps = stdenv.lib.optional stdenv.isDarwin "/usr/lib/libc.dylib"; + src = pkgs.fetchurl { url = "http://pypi.python.org/packages/source/m/monotonic/${name}.tar.gz"; sha256 = "1diab6hfh3jpa1f0scpqaqrawk4g97ss4v7gkn2yw8znvdm6abw5"; @@ -12338,9 +12340,9 @@ in modules // { }; propagatedBuildInputs = with self; [ - pbr Babel six iso8601 debtcollector pyinotify + pbr Babel six iso8601 debtcollector oslo-utils oslo-i18n oslo-config oslo-serialization oslo-context - ]; + ] ++ stdenv.lib.optional stdenv.isLinux pyinotify; buildInputs = with self; [ oslotest oslosphinx ]; patchPhase = '' sed -i 's@python@${python.interpreter}@' .testr.conf |