diff options
Diffstat (limited to 'nixpkgs/pkgs/os-specific')
51 files changed, 446 insertions, 356 deletions
diff --git a/nixpkgs/pkgs/os-specific/bsd/netbsd/compat-setup-hook.sh b/nixpkgs/pkgs/os-specific/bsd/netbsd/compat-setup-hook.sh index 81df09eba176..3c49337a937c 100644 --- a/nixpkgs/pkgs/os-specific/bsd/netbsd/compat-setup-hook.sh +++ b/nixpkgs/pkgs/os-specific/bsd/netbsd/compat-setup-hook.sh @@ -1,6 +1,6 @@ # See pkgs/build-support/setup-hooks/role.bash getHostRole -export NIX_${role_pre}LDFLAGS+=" -lnbcompat" -export NIX_${role_pre}CFLAGS_COMPILE+=" -DHAVE_NBTOOL_CONFIG_H" -export NIX_${role_pre}CFLAGS_COMPILE+=" -include nbtool_config.h" +export NIX_LDFLAGS${role_post}+=" -lnbcompat" +export NIX_CFLAGS_COMPILE${role_post}+=" -DHAVE_NBTOOL_CONFIG_H" +export NIX_CFLAGS_COMPILE${role_post}+=" -include nbtool_config.h" diff --git a/nixpkgs/pkgs/os-specific/bsd/netbsd/fts-setup-hook.sh b/nixpkgs/pkgs/os-specific/bsd/netbsd/fts-setup-hook.sh index 5cf8c753aec3..b6cb5aaca05b 100644 --- a/nixpkgs/pkgs/os-specific/bsd/netbsd/fts-setup-hook.sh +++ b/nixpkgs/pkgs/os-specific/bsd/netbsd/fts-setup-hook.sh @@ -1,4 +1,4 @@ # See pkgs/build-support/setup-hooks/role.bash getHostRole -export NIX_${role_pre}LDFLAGS+=" -lfts" +export NIX_LDFLAGS${role_post}+=" -lfts" diff --git a/nixpkgs/pkgs/os-specific/darwin/yabai/default.nix b/nixpkgs/pkgs/os-specific/darwin/yabai/default.nix index 0f07fc83e482..5d8c8f60aec6 100644 --- a/nixpkgs/pkgs/os-specific/darwin/yabai/default.nix +++ b/nixpkgs/pkgs/os-specific/darwin/yabai/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "yabai"; - version = "3.0.2"; + version = "3.2.0"; src = fetchFromGitHub { owner = "koekeishiya"; repo = pname; rev = "v${version}"; - sha256 = "16y719384f9bx8zwfsjk5v2nyjyf43m154idsfzxpx0bbl8w5bpj"; + sha256 = "1iq5p4k6klffglxfhmzc2jvlilwn0w97vb5v4b91spiyp39nqcfw"; }; buildInputs = [ Carbon Cocoa ScriptingBridge ]; diff --git a/nixpkgs/pkgs/os-specific/linux/alsa-utils/default.nix b/nixpkgs/pkgs/os-specific/linux/alsa-utils/default.nix index f05bb6a0d59c..470536db4b7b 100644 --- a/nixpkgs/pkgs/os-specific/linux/alsa-utils/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/alsa-utils/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "alsa-utils"; - version = "1.2.2"; + version = "1.2.3"; src = fetchurl { url = "mirror://alsa/utils/${pname}-${version}.tar.bz2"; - sha256 = "1wz460by17rmxrcydn583rd4lhj6wlvqs6x1j5pdzxn5g3app024"; + sha256 = "1ai1z4kf91b1m3qrpwqkc1af5vm2fkdkknqv95xdwf19q94aw6gz"; }; patchPhase = '' diff --git a/nixpkgs/pkgs/os-specific/linux/batman-adv/alfred.nix b/nixpkgs/pkgs/os-specific/linux/batman-adv/alfred.nix index c1fb3ef5ee1a..04217b8989bc 100644 --- a/nixpkgs/pkgs/os-specific/linux/batman-adv/alfred.nix +++ b/nixpkgs/pkgs/os-specific/linux/batman-adv/alfred.nix @@ -15,7 +15,7 @@ stdenv.mkDerivation rec { buildInputs = [ gpsd libcap libnl ]; preBuild = '' - makeFlags="PREFIX=$out PKG_CONFIG=${pkgconfig}/bin/pkg-config" + makeFlags="PREFIX=$out PKG_CONFIG=${pkgconfig}/bin/${pkgconfig.targetPrefix}pkg-config" ''; meta = { diff --git a/nixpkgs/pkgs/os-specific/linux/batman-adv/batctl.nix b/nixpkgs/pkgs/os-specific/linux/batman-adv/batctl.nix index 5767c4aa72c4..3b1cf183e08e 100644 --- a/nixpkgs/pkgs/os-specific/linux/batman-adv/batctl.nix +++ b/nixpkgs/pkgs/os-specific/linux/batman-adv/batctl.nix @@ -15,7 +15,7 @@ stdenv.mkDerivation rec { buildInputs = [ libnl ]; preBuild = '' - makeFlags="PREFIX=$out PKG_CONFIG=${pkgconfig}/bin/pkg-config" + makeFlags="PREFIX=$out PKG_CONFIG=${pkgconfig}/bin/${pkgconfig.targetPrefix}pkg-config" ''; meta = { diff --git a/nixpkgs/pkgs/os-specific/linux/cgmanager/default.nix b/nixpkgs/pkgs/os-specific/linux/cgmanager/default.nix deleted file mode 100644 index d890ef44f745..000000000000 --- a/nixpkgs/pkgs/os-specific/linux/cgmanager/default.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ stdenv, fetchurl, pkgconfig, libnih, dbus, pam, popt }: - -stdenv.mkDerivation rec { - pname = "cgmanager"; - version = "0.42"; - - src = fetchurl { - url = "https://linuxcontainers.org/downloads/${pname}/${pname}-${version}.tar.gz"; - sha256 = "15np08h9jrvc1y1iafr8v654mzgsv5hshzc0n4p3pbf0rkra3h7c"; - }; - - nativeBuildInputs = [ pkgconfig ]; - buildInputs = [ libnih dbus pam popt ]; - - configureFlags = [ - "--with-init-script=systemd" - "--sysconfdir=/etc" - "--localstatedir=/var" - ]; - - meta = with stdenv.lib; { - homepage = "https://linuxcontainers.org/cgmanager/introduction/"; - description = "A central privileged daemon that manages all your cgroups"; - license = licenses.lgpl21; - platforms = platforms.linux; - }; -} diff --git a/nixpkgs/pkgs/os-specific/linux/facetimehd/default.nix b/nixpkgs/pkgs/os-specific/linux/facetimehd/default.nix index 223f766aa228..941e71c3bfc7 100644 --- a/nixpkgs/pkgs/os-specific/linux/facetimehd/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/facetimehd/default.nix @@ -16,9 +16,9 @@ let # still works. srcParams = if (stdenv.lib.versionAtLeast kernel.version "4.8") then { # Use mainline branch - version = "unstable-2019-12-10"; - rev = "ea832ac486afb6dac9ef59aa37e90f332ab7f05a"; - sha256 = "1dg2i558hjnjnyk53xyg0ayykqaial9bm420v22s9a3khzzjnwq3"; + version = "unstable-2020-04-16"; + rev = "82626d4892eeb9eb704538bf0dc49a00725ff451"; + sha256 = "118z6vjvhhcwvs4n3sgwwdagys9w718b8nkh6l9ic93732vv7cqx"; } else { # Use master branch (broken on 4.8) @@ -47,11 +47,6 @@ stdenv.mkDerivation rec { nativeBuildInputs = kernel.moduleBuildDependencies; - preBuild = lib.optionalString (stdenv.lib.versionAtLeast kernel.version "5.6") - '' - sed -i 's/ioremap_nocache/ioremap_cache/g' fthd_drv.c - ''; - makeFlags = [ "KDIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" ]; diff --git a/nixpkgs/pkgs/os-specific/linux/ffado/default.nix b/nixpkgs/pkgs/os-specific/linux/ffado/default.nix index 5dc5086a8c61..e814091d59e2 100644 --- a/nixpkgs/pkgs/os-specific/linux/ffado/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/ffado/default.nix @@ -24,11 +24,11 @@ let in mkDerivation rec { pname = "ffado"; - version = "2.4.2"; + version = "2.4.3"; src = fetchurl { url = "http://www.ffado.org/files/libffado-${version}.tgz"; - sha256 = "09dxy6fkfnvzk45lpr74hkqymii8a45jzlq6054f3jz65m8qvj3d"; + sha256 = "08bygzv1k6ai0572gv66h7gfir5zxd9klfy74z2pxqp6s5hms58r"; }; prePatch = '' diff --git a/nixpkgs/pkgs/os-specific/linux/firmware/fwupd/default.nix b/nixpkgs/pkgs/os-specific/linux/firmware/fwupd/default.nix index 9fe40cb60f70..af9237d1d833 100644 --- a/nixpkgs/pkgs/os-specific/linux/firmware/fwupd/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/firmware/fwupd/default.nix @@ -51,6 +51,7 @@ , flashrom , tpm2-tools , nixosTests +, runCommand }: let @@ -83,202 +84,232 @@ let # Experimental haveFlashrom = false; -in + runPythonCommand = name: buildCommandPython: runCommand name { + nativeBuildInputs = [ python3 ]; + inherit buildCommandPython; + } '' + exec python3 -c "$buildCommandPython" + ''; -stdenv.mkDerivation rec { - pname = "fwupd"; - version = "1.4.2"; + self = stdenv.mkDerivation rec { + pname = "fwupd"; + version = "1.4.4"; - src = fetchurl { - url = "https://people.freedesktop.org/~hughsient/releases/fwupd-${version}.tar.xz"; - sha256 = "1wch1n0z89ymfxx7ganiab4h64rdxr54rcg37n5nshw35bc3f390"; - }; + src = fetchurl { + url = "https://people.freedesktop.org/~hughsient/releases/fwupd-${version}.tar.xz"; + sha256 = "03yn96kxs53vxcbza17y99rdhbjlybv44gkc90vaj6301grxahnp"; + }; - # libfwupd goes to lib - # daemon, plug-ins and libfwupdplugin go to out - # CLI programs go to out - outputs = [ "out" "lib" "dev" "devdoc" "man" "installedTests" ]; - - nativeBuildInputs = [ - meson - ninja - gtk-doc - pkgconfig - gobject-introspection - intltool - shared-mime-info - valgrind - gcab - docbook_xml_dtd_43 - docbook_xsl - help2man - libxslt - python - wrapGAppsHook - vala - ]; - - buildInputs = [ - polkit - libxmlb - gusb - sqlite - libarchive - libsoup - elfutils - gnu-efi - libyaml - libgudev - colord - libjcat - libuuid - glib-networking - json-glib - umockdev - bash-completion - cairo - freetype - fontconfig - pango - tpm2-tss - efivar - ] ++ stdenv.lib.optionals haveDell [ - libsmbios - ]; - - patches = [ - ./fix-paths.patch - ./add-option-for-installation-sysconfdir.patch - - # Install plug-ins and libfwupdplugin to out, - # they are not really part of the library. - ./install-fwupdplugin-to-out.patch - - # Installed tests are installed to different output - # we also cannot have fwupd-tests.conf in $out/etc since it would form a cycle. - (substituteAll { - src = ./installed-tests-path.patch; - # Needs a different set of modules than po/make-images. - inherit installedTestsPython; - }) - ]; - - postPatch = '' - patchShebangs \ - contrib/get-version.py \ - contrib/generate-version-script.py \ - meson_post_install.sh \ - po/make-images \ - po/make-images.sh \ - po/test-deps - ''; + # libfwupd goes to lib + # daemon, plug-ins and libfwupdplugin go to out + # CLI programs go to out + outputs = [ "out" "lib" "dev" "devdoc" "man" "installedTests" ]; - # /etc/os-release not available in sandbox - # doCheck = true; - - preFixup = let - binPath = [ - efibootmgr - bubblewrap - tpm2-tools - ] ++ stdenv.lib.optional haveFlashrom flashrom; - in '' - gappsWrapperArgs+=( - --prefix XDG_DATA_DIRS : "${shared-mime-info}/share" - # See programs reached with fu_common_find_program_in_path in source - --prefix PATH : "${stdenv.lib.makeBinPath binPath}" - ) - ''; + nativeBuildInputs = [ + meson + ninja + gtk-doc + pkgconfig + gobject-introspection + intltool + shared-mime-info + valgrind + gcab + docbook_xml_dtd_43 + docbook_xsl + help2man + libxslt + python + wrapGAppsHook + vala + ]; - mesonFlags = [ - "-Dgtkdoc=true" - "-Dplugin_dummy=true" - "-Dudevdir=lib/udev" - "-Dsystemd_root_prefix=${placeholder "out"}" - "-Dinstalled_test_prefix=${placeholder "installedTests"}" - "-Defi-libdir=${gnu-efi}/lib" - "-Defi-ldsdir=${gnu-efi}/lib" - "-Defi-includedir=${gnu-efi}/include/efi" - "--localstatedir=/var" - "--sysconfdir=/etc" - "-Dsysconfdir_install=${placeholder "out"}/etc" - - # We do not want to place the daemon into lib (cyclic reference) - "--libexecdir=${placeholder "out"}/libexec" - # Our builder only adds $lib/lib to rpath but some things link - # against libfwupdplugin which is in $out/lib. - "-Dc_link_args=-Wl,-rpath,${placeholder "out"}/lib" - ] ++ stdenv.lib.optionals (!haveDell) [ - "-Dplugin_dell=false" - "-Dplugin_synaptics=false" - ] ++ stdenv.lib.optionals (!haveRedfish) [ - "-Dplugin_redfish=false" - ] ++ stdenv.lib.optionals haveFlashrom [ - "-Dplugin_flashrom=true" - ]; - - FONTCONFIG_FILE = fontsConf; # Fontconfig error: Cannot load default config file - - # error: “PolicyKit files are missing” - # https://github.com/NixOS/nixpkgs/pull/67625#issuecomment-525788428 - PKG_CONFIG_POLKIT_GOBJECT_1_ACTIONDIR = "/run/current-system/sw/share/polkit-1/actions"; - - # TODO: wrapGAppsHook wraps efi capsule even though it is not elf - dontWrapGApps = true; - - preCheck = '' - addToSearchPath XDG_DATA_DIRS "${shared-mime-info}/share" - ''; + buildInputs = [ + polkit + libxmlb + gusb + sqlite + libarchive + libsoup + elfutils + gnu-efi + libyaml + libgudev + colord + libjcat + libuuid + glib-networking + json-glib + umockdev + bash-completion + cairo + freetype + fontconfig + pango + tpm2-tss + efivar + ] ++ stdenv.lib.optionals haveDell [ + libsmbios + ]; - # so we need to wrap the executables manually - postFixup = '' - find -L "$out/bin" "$out/libexec" -type f -executable -print0 \ - | while IFS= read -r -d ''' file; do - if [[ "$file" != *.efi ]]; then - echo "Wrapping program $file" - wrapGApp "$file" - fi - done - ''; + patches = [ + ./fix-paths.patch + ./add-option-for-installation-sysconfdir.patch - # /etc/fwupd/uefi.conf is created by the services.hardware.fwupd NixOS module - passthru = { - filesInstalledToEtc = [ - "fwupd/ata.conf" - # "fwupd/daemon.conf" # already created by the module - "fwupd/redfish.conf" - "fwupd/remotes.d/dell-esrt.conf" - "fwupd/remotes.d/lvfs-testing.conf" - "fwupd/remotes.d/lvfs.conf" - "fwupd/remotes.d/vendor.conf" - "fwupd/remotes.d/vendor-directory.conf" - "fwupd/thunderbolt.conf" - "fwupd/upower.conf" - # "fwupd/uefi.conf" # already created by the module - "pki/fwupd/GPG-KEY-Hughski-Limited" - "pki/fwupd/GPG-KEY-Linux-Foundation-Firmware" - "pki/fwupd/GPG-KEY-Linux-Vendor-Firmware-Service" - "pki/fwupd/LVFS-CA.pem" - "pki/fwupd-metadata/GPG-KEY-Linux-Foundation-Metadata" - "pki/fwupd-metadata/GPG-KEY-Linux-Vendor-Firmware-Service" - "pki/fwupd-metadata/LVFS-CA.pem" + # Install plug-ins and libfwupdplugin to out, + # they are not really part of the library. + ./install-fwupdplugin-to-out.patch + + # Installed tests are installed to different output + # we also cannot have fwupd-tests.conf in $out/etc since it would form a cycle. + (substituteAll { + src = ./installed-tests-path.patch; + # Needs a different set of modules than po/make-images. + inherit installedTestsPython; + }) ]; - # BlacklistPlugins key in fwupd/daemon.conf - defaultBlacklistedPlugins = [ - "test" - "invalid" + postPatch = '' + patchShebangs \ + contrib/get-version.py \ + contrib/generate-version-script.py \ + meson_post_install.sh \ + po/make-images \ + po/make-images.sh \ + po/test-deps + ''; + + # /etc/os-release not available in sandbox + # doCheck = true; + + preFixup = let + binPath = [ + efibootmgr + bubblewrap + tpm2-tools + ] ++ stdenv.lib.optional haveFlashrom flashrom; + in '' + gappsWrapperArgs+=( + --prefix XDG_DATA_DIRS : "${shared-mime-info}/share" + # See programs reached with fu_common_find_program_in_path in source + --prefix PATH : "${stdenv.lib.makeBinPath binPath}" + ) + ''; + + mesonFlags = [ + "-Dgtkdoc=true" + "-Dplugin_dummy=true" + "-Dudevdir=lib/udev" + "-Dsystemd_root_prefix=${placeholder "out"}" + "-Dinstalled_test_prefix=${placeholder "installedTests"}" + "-Defi-libdir=${gnu-efi}/lib" + "-Defi-ldsdir=${gnu-efi}/lib" + "-Defi-includedir=${gnu-efi}/include/efi" + "--localstatedir=/var" + "--sysconfdir=/etc" + "-Dsysconfdir_install=${placeholder "out"}/etc" + + # We do not want to place the daemon into lib (cyclic reference) + "--libexecdir=${placeholder "out"}/libexec" + # Our builder only adds $lib/lib to rpath but some things link + # against libfwupdplugin which is in $out/lib. + "-Dc_link_args=-Wl,-rpath,${placeholder "out"}/lib" + ] ++ stdenv.lib.optionals (!haveDell) [ + "-Dplugin_dell=false" + "-Dplugin_synaptics=false" + ] ++ stdenv.lib.optionals (!haveRedfish) [ + "-Dplugin_redfish=false" + ] ++ stdenv.lib.optionals haveFlashrom [ + "-Dplugin_flashrom=true" ]; - tests = { - installedTests = nixosTests.installed-tests.fwupd; + FONTCONFIG_FILE = fontsConf; # Fontconfig error: Cannot load default config file + + # error: “PolicyKit files are missing” + # https://github.com/NixOS/nixpkgs/pull/67625#issuecomment-525788428 + PKG_CONFIG_POLKIT_GOBJECT_1_ACTIONDIR = "/run/current-system/sw/share/polkit-1/actions"; + + # TODO: wrapGAppsHook wraps efi capsule even though it is not elf + dontWrapGApps = true; + + preCheck = '' + addToSearchPath XDG_DATA_DIRS "${shared-mime-info}/share" + ''; + + # so we need to wrap the executables manually + postFixup = '' + find -L "$out/bin" "$out/libexec" -type f -executable -print0 \ + | while IFS= read -r -d ''' file; do + if [[ "$file" != *.efi ]]; then + echo "Wrapping program $file" + wrapGApp "$file" + fi + done + ''; + + passthru = { + filesInstalledToEtc = [ + "fwupd/ata.conf" + "fwupd/daemon.conf" + "fwupd/redfish.conf" + "fwupd/remotes.d/lvfs-testing.conf" + "fwupd/remotes.d/lvfs.conf" + "fwupd/remotes.d/vendor.conf" + "fwupd/remotes.d/vendor-directory.conf" + "fwupd/thunderbolt.conf" + "fwupd/upower.conf" + "fwupd/uefi.conf" + "pki/fwupd/GPG-KEY-Hughski-Limited" + "pki/fwupd/GPG-KEY-Linux-Foundation-Firmware" + "pki/fwupd/GPG-KEY-Linux-Vendor-Firmware-Service" + "pki/fwupd/LVFS-CA.pem" + "pki/fwupd-metadata/GPG-KEY-Linux-Foundation-Metadata" + "pki/fwupd-metadata/GPG-KEY-Linux-Vendor-Firmware-Service" + "pki/fwupd-metadata/LVFS-CA.pem" + ] ++ stdenv.lib.optionals haveDell [ + "fwupd/remotes.d/dell-esrt.conf" + ]; + + # BlacklistPlugins key in fwupd/daemon.conf + defaultBlacklistedPlugins = [ + "test" + "invalid" + ]; + + tests = let + listToPy = list: "[${stdenv.lib.concatMapStringsSep ", " (f: "'${f}'") list}]"; + in { + installedTests = nixosTests.installed-tests.fwupd; + + passthruMatches = runPythonCommand "fwupd-test-passthru-matches" '' + import itertools + import configparser + import os + import pathlib + + etc = '${self}/etc' + package_etc = set(itertools.chain.from_iterable([[os.path.relpath(os.path.join(prefix, file), etc) for file in files] for (prefix, dirs, files) in os.walk(etc)])) + passthru_etc = set(${listToPy passthru.filesInstalledToEtc}) + assert len(package_etc - passthru_etc) == 0, f'fwupd package contains the following paths in /etc that are not listed in passthru.filesInstalledToEtc: {package_etc - passthru_etc}' + assert len(passthru_etc - package_etc) == 0, f'fwupd package lists the following paths in passthru.filesInstalledToEtc that are not contained in /etc: {passthru_etc - package_etc}' + + config = configparser.RawConfigParser() + config.read('${self}/etc/fwupd/daemon.conf') + package_blacklisted_plugins = config.get('fwupd', 'BlacklistPlugins').rstrip(';').split(';') + passthru_blacklisted_plugins = ${listToPy passthru.defaultBlacklistedPlugins} + assert package_blacklisted_plugins == passthru_blacklisted_plugins, f'Default blacklisted plug-ins in the package {package_blacklisted_plugins} do not match those listed in passthru.defaultBlacklistedPlugins {passthru_blacklisted_plugins}' + + pathlib.Path(os.getenv('out')).touch() + ''; + }; }; - }; - meta = with stdenv.lib; { - homepage = "https://fwupd.org/"; - maintainers = with maintainers; [ jtojnar ]; - license = [ licenses.gpl2 ]; - platforms = platforms.linux; + meta = with stdenv.lib; { + homepage = "https://fwupd.org/"; + maintainers = with maintainers; [ jtojnar ]; + license = [ licenses.gpl2 ]; + platforms = platforms.linux; + }; }; -} + +in self diff --git a/nixpkgs/pkgs/os-specific/linux/firmware/raspberrypi/default.nix b/nixpkgs/pkgs/os-specific/linux/firmware/raspberrypi/default.nix index bd9c58d33c9c..77a284446366 100644 --- a/nixpkgs/pkgs/os-specific/linux/firmware/raspberrypi/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/firmware/raspberrypi/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "raspberrypi-firmware"; - version = "1.20190925"; + version = "1.20200601"; src = fetchFromGitHub { owner = "raspberrypi"; repo = "firmware"; rev = version; - sha256 = "0xyj3f04dcfnl9hp8hakgwcb1msqh7934n0pclcmzy47xjkz7ris"; + sha256 = "1vm038f9digwg8gdxl2bypzlip3ycjb6bl56274gh5i9abl6wjvf"; }; installPhase = '' diff --git a/nixpkgs/pkgs/os-specific/linux/firmware/raspberrypi/tools-dont-install-sysv-init-scripts.patch b/nixpkgs/pkgs/os-specific/linux/firmware/raspberrypi/tools-dont-install-sysv-init-scripts.patch deleted file mode 100644 index e12aeeb0cdb8..000000000000 --- a/nixpkgs/pkgs/os-specific/linux/firmware/raspberrypi/tools-dont-install-sysv-init-scripts.patch +++ /dev/null @@ -1,20 +0,0 @@ -diff --git a/interface/vmcs_host/linux/vcfiled/CMakeLists.txt b/interface/vmcs_host/linux/vcfiled/CMakeLists.txt -index aed0e83..b325676 100644 ---- a/interface/vmcs_host/linux/vcfiled/CMakeLists.txt -+++ b/interface/vmcs_host/linux/vcfiled/CMakeLists.txt -@@ -17,15 +17,6 @@ target_link_libraries(vcfiled - install(TARGETS vcfiled - RUNTIME DESTINATION sbin) - --configure_file (etc/init.d/vcfiled ${PROJECT_BINARY_DIR}/etc/init.d/vcfiled) -- --# script to start up vcfiled at start of day --install(PROGRAMS ${PROJECT_BINARY_DIR}/etc/init.d/vcfiled -- DESTINATION /etc/init.d) --# install locally to the installation directory too --install(PROGRAMS ${PROJECT_BINARY_DIR}/etc/init.d/vcfiled -- DESTINATION ${VMCS_INSTALL_PREFIX}/share/install) -- - # test program for vcfiled_check library - add_executable(vcfiled_lock_test vcfiled_lock_test.c) - target_link_libraries(vcfiled_lock_test vcfiled_check) diff --git a/nixpkgs/pkgs/os-specific/linux/firmware/raspberrypi/tools.nix b/nixpkgs/pkgs/os-specific/linux/firmware/raspberrypi/tools.nix index e3fa90ac388d..6c4d49e4e240 100644 --- a/nixpkgs/pkgs/os-specific/linux/firmware/raspberrypi/tools.nix +++ b/nixpkgs/pkgs/os-specific/linux/firmware/raspberrypi/tools.nix @@ -2,17 +2,15 @@ stdenv.mkDerivation { pname = "raspberrypi-tools"; - version = "2018-10-03"; + version = "2020-05-28"; src = fetchFromGitHub { owner = "raspberrypi"; repo = "userland"; - rev = "de4a7f2e3c391e2d3bc76af31864270e7802d9ac"; - sha256 = "0w96xa98ngdk9m6wv185w8waa7wm2hkn2bhxz52zd477hchzrxlg"; + rev = "f97b1af1b3e653f9da2c1a3643479bfd469e3b74"; + sha256 = "1r7n05rv96hqjq0rn0qzchmfqs0j7vh3p8jalgh66s6l0vms5mwy"; }; - patches = [ ./tools-dont-install-sysv-init-scripts.patch ]; - nativeBuildInputs = [ cmake pkgconfig ]; preConfigure = '' diff --git a/nixpkgs/pkgs/os-specific/linux/firmware/sof-firmware/default.nix b/nixpkgs/pkgs/os-specific/linux/firmware/sof-firmware/default.nix index 73ab46b3c8a6..a9fc44e48cc8 100644 --- a/nixpkgs/pkgs/os-specific/linux/firmware/sof-firmware/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/firmware/sof-firmware/default.nix @@ -1,28 +1,33 @@ -{ stdenv, fetchurl }: +{ stdenv, fetchFromGitHub }: with stdenv.lib; stdenv.mkDerivation rec { pname = "sof-firmware"; - version = "1.4.2"; + version = "1.5.1"; - src = fetchurl { - url = "https://www.alsa-project.org/files/pub/misc/sof/${pname}-${version}.tar.bz2"; - sha256 = "1nkh020gjm45vxd6fvmz63hj16ilff2nl5avvsklajjs6xci1sf5"; + src = fetchFromGitHub { + owner = "thesofproject"; + repo = "sof-bin"; + rev = "ae61d2778b0a0f47461a52da0d1f191f651e0763"; + sha256 = "0j6bpwz49skvdvian46valjw4anwlrnkq703n0snkbngmq78prba"; }; phases = [ "unpackPhase" "installPhase" ]; installPhase = '' - rm lib/firmware/intel/{sof/LICENCE,sof-tplg/LICENCE} - mkdir $out - cp -r lib $out/lib + mkdir -p $out/lib/firmware/intel + + sed -i 's/ROOT=.*$/ROOT=$out/g' go.sh + sed -i 's/VERSION=.*$/VERSION=v${version}/g' go.sh + + ./go.sh ''; meta = with stdenv.lib; { description = "Sound Open Firmware"; homepage = "https://www.sofproject.org/"; license = with licenses; [ bsd3 isc ]; - maintainers = with maintainers; [ lblasc ]; + maintainers = with maintainers; [ lblasc evenbrenden ]; platforms = with platforms; linux; }; } diff --git a/nixpkgs/pkgs/os-specific/linux/fscrypt/default.nix b/nixpkgs/pkgs/os-specific/linux/fscrypt/default.nix index 608a6d5fa70a..aee406b03f0c 100644 --- a/nixpkgs/pkgs/os-specific/linux/fscrypt/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/fscrypt/default.nix @@ -4,13 +4,13 @@ buildGoModule rec { pname = "fscrypt"; - version = "0.2.8"; + version = "0.2.9"; src = fetchFromGitHub { owner = "google"; repo = "fscrypt"; rev = "v${version}"; - sha256 = "0433f9kx43842ic8dydxhz8plyyrrxvqqwg7kd5ghn599ix28avy"; + sha256 = "020hhdarbn3bwlc2j2g89868v8nfx8562z1a778ihpvvsa4ykr31"; }; postPatch = '' diff --git a/nixpkgs/pkgs/os-specific/linux/fuse/default.nix b/nixpkgs/pkgs/os-specific/linux/fuse/default.nix index 415226509b7b..4d2e12367de7 100644 --- a/nixpkgs/pkgs/os-specific/linux/fuse/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/fuse/default.nix @@ -11,7 +11,7 @@ in { }; fuse_3 = mkFuse { - version = "3.9.1"; - sha256Hash = "1i3f4h3vnjxls8hdi6w2n2ksrgbs7brbzj65rvxginyxicykh857"; + version = "3.9.2"; + sha256Hash = "10xsbly7rv895c9zv4fqmnrxbdc0kd1qhlk75x4m9cv95f93k843"; }; } diff --git a/nixpkgs/pkgs/os-specific/linux/google-authenticator/default.nix b/nixpkgs/pkgs/os-specific/linux/google-authenticator/default.nix index e04b83143507..ce90a1d432f7 100644 --- a/nixpkgs/pkgs/os-specific/linux/google-authenticator/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/google-authenticator/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "google-authenticator-libpam"; - version = "1.08"; + version = "1.09"; src = fetchurl { url = "https://github.com/google/google-authenticator-libpam/archive/${version}.tar.gz"; - sha256 = "1432sfgjv7xlas1saa0whnvqim2pb12g2522x3nf5a8v4qq7avbg"; + sha256 = "0dyhgizl2jcrnfn5sxipxawqrbr6qgjh7aggw8fz3hix861pj7db"; }; nativeBuildInputs = [ autoreconfHook ]; diff --git a/nixpkgs/pkgs/os-specific/linux/guvcview/default.nix b/nixpkgs/pkgs/os-specific/linux/guvcview/default.nix index d780cade7865..41c21502e0b3 100644 --- a/nixpkgs/pkgs/os-specific/linux/guvcview/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/guvcview/default.nix @@ -5,7 +5,7 @@ , pkgconfig , portaudio , SDL2 -, ffmpeg +, ffmpeg_3 , udev , libusb1 , libv4l @@ -46,7 +46,7 @@ stdenv.mkDerivation rec { buildInputs = [ SDL2 alsaLib - ffmpeg + ffmpeg_3 libusb1 libv4l portaudio diff --git a/nixpkgs/pkgs/os-specific/linux/hostapd/default.nix b/nixpkgs/pkgs/os-specific/linux/hostapd/default.nix index 8152655d457d..991dcbe26152 100644 --- a/nixpkgs/pkgs/os-specific/linux/hostapd/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/hostapd/default.nix @@ -19,11 +19,30 @@ stdenv.mkDerivation rec { url = "https://raw.githubusercontent.com/openwrt/openwrt/master/package/network/services/hostapd/patches/300-noscan.patch"; sha256 = "04wg4yjc19wmwk6gia067z99gzzk9jacnwxh5wyia7k5wg71yj5k"; }) + # AP mode PMF disconnection protection bypass (CVE.2019-16275), can be removed >= 2.10 + # https://w1.fi/security/2019-7/ (fetchurl { name = "CVE-2019-16275.patch"; url = "https://w1.fi/security/2019-7/0001-AP-Silently-ignore-management-frame-from-unexpected-.patch"; sha256 = "15xjyy7crb557wxpx898b5lnyblxghlij0xby5lmj9hpwwss34dz"; }) + # Fixes for UPnP SUBSCRIBE misbehavior in hostapd WPS AP (CVE-2020-12695), can be removed >= 2.10 + # https://w1.fi/security/2020-1/ + (fetchurl { + name = "CVE-2020-12695_0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch"; + url = "https://w1.fi/security/2020-1/0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch"; + sha256 = "1mrbhicqb34jlw1nid5hk2vnjbvfhvp7r5iblaj4l6vgc6fmp6id"; + }) + (fetchurl { + name = "CVE-2020-12695_0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch"; + url = "https://w1.fi/security/2020-1/0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch"; + sha256 = "1pk08b06b24is50bis3rr56xjd3b5kxdcdk8bx39n9vna9db7zj9"; + }) + (fetchurl { + name = "CVE-2020-12695_0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch"; + url = "https://w1.fi/security/2020-1/0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch"; + sha256 = "12npqp2skgrj934wwkqicgqksma0fxz09di29n1b5fm5i4njl8d8"; + }) ]; outputs = [ "out" "man" ]; @@ -80,7 +99,7 @@ stdenv.mkDerivation rec { repositories.git = "git://w1.fi/hostap.git"; description = "A user space daemon for access point and authentication servers"; license = licenses.gpl2; - maintainers = with maintainers; [ phreedom ninjatrappeur ]; + maintainers = with maintainers; [ phreedom ninjatrappeur hexa ]; platforms = platforms.linux; }; } diff --git a/nixpkgs/pkgs/os-specific/linux/input-utils/default.nix b/nixpkgs/pkgs/os-specific/linux/input-utils/default.nix index 97c7b8b23f2b..0fc2130d102a 100644 --- a/nixpkgs/pkgs/os-specific/linux/input-utils/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/input-utils/default.nix @@ -17,7 +17,7 @@ stdenv.mkDerivation rec { makeFlags = [ "prefix=$(out)" - "STRIP=-s" + "STRIP=" ]; meta = with stdenv.lib; { diff --git a/nixpkgs/pkgs/os-specific/linux/iproute/default.nix b/nixpkgs/pkgs/os-specific/linux/iproute/default.nix index 46312a637dab..3ac79464ac4b 100644 --- a/nixpkgs/pkgs/os-specific/linux/iproute/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/iproute/default.nix @@ -5,11 +5,11 @@ stdenv.mkDerivation rec { pname = "iproute2"; - version = "5.6.0"; + version = "5.7.0"; src = fetchurl { url = "mirror://kernel/linux/utils/net/${pname}/${pname}-${version}.tar.xz"; - sha256 = "14j6n1bc09xhq8lxs40vfsx8bb8lx12a07ga4rsxl8vfrqjhwnqv"; + sha256 = "088gs56iqhdlpw1iqjwrss4zxd4zbl2wl8s2implrrdajjxcfpbj"; }; preConfigure = '' diff --git a/nixpkgs/pkgs/os-specific/linux/kernel-headers/default.nix b/nixpkgs/pkgs/os-specific/linux/kernel-headers/default.nix index 52b280c30261..59656f54db28 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel-headers/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/kernel-headers/default.nix @@ -29,8 +29,8 @@ let "cc-version:=9999" "cc-fullversion:=999999" # `$(..)` expanded by make alone - "HOSTCC:=$(BUILD_CC)" - "HOSTCXX:=$(BUILD_CXX)" + "HOSTCC:=$(CC_FOR_BUILD)" + "HOSTCXX:=$(CXX_FOR_BUILD)" ]; # Skip clean on darwin, case-sensitivity issues. diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/common-config.nix b/nixpkgs/pkgs/os-specific/linux/kernel/common-config.nix index c715c7baf787..5a2fb8cf7aab 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/common-config.nix +++ b/nixpkgs/pkgs/os-specific/linux/kernel/common-config.nix @@ -42,7 +42,7 @@ let TIMER_STATS = whenOlder "4.11" yes; DEBUG_NX_TEST = whenOlder "4.11" no; DEBUG_STACK_USAGE = no; - DEBUG_STACKOVERFLOW = mkIf (!features.grsecurity) no; + DEBUG_STACKOVERFLOW = mkIf (!features.grsecurity) (option no); RCU_TORTURE_TEST = no; SCHEDSTATS = no; DETECT_HUNG_TASK = yes; @@ -63,7 +63,7 @@ let PM_WAKELOCKS = yes; # Power-capping framework and support for INTEL RAPL POWERCAP = yes; - INTEL_RAPL = module; + INTEL_RAPL = whenAtLeast "5.3" module; }; external-firmware = { @@ -116,11 +116,11 @@ let CLS_U32_PERF = yes; CLS_U32_MARK = yes; BPF_JIT = whenPlatformHasEBPFJit yes; - BPF_JIT_ALWAYS_ON = no; # whenPlatformHasEBPFJit yes; # see https://github.com/NixOS/nixpkgs/issues/79304 + BPF_JIT_ALWAYS_ON = whenPlatformHasEBPFJit no; # whenPlatformHasEBPFJit yes; # see https://github.com/NixOS/nixpkgs/issues/79304 HAVE_EBPF_JIT = whenPlatformHasEBPFJit yes; BPF_STREAM_PARSER = whenAtLeast "4.19" yes; XDP_SOCKETS = whenAtLeast "4.19" yes; - XDP_SOCKETS_DIAG = whenAtLeast "4.19" yes; + XDP_SOCKETS_DIAG = whenAtLeast "5.1" yes; WAN = yes; TCP_CONG_CUBIC = yes; # This is the default congestion control algorithm since 2.6.19 # Required by systemd per-cgroup firewalling @@ -167,13 +167,18 @@ let NF_CONNTRACK_TIMEOUT = yes; NF_CONNTRACK_TIMESTAMP = yes; NETFILTER_NETLINK_GLUE_CT = yes; - NF_TABLES_INET = whenAtLeast "4.19" yes; - NF_TABLES_NETDEV = whenAtLeast "4.19" yes; + NF_TABLES_INET = mkMerge [ (whenOlder "4.17" module) + (whenAtLeast "4.17" yes) ]; + NF_TABLES_NETDEV = mkMerge [ (whenOlder "4.17" module) + (whenAtLeast "4.17" yes) ]; # IP: Netfilter Configuration - NF_TABLES_IPV4 = yes; - NF_TABLES_ARP = whenAtLeast "4.19" yes; + NF_TABLES_IPV4 = mkMerge [ (whenOlder "4.17" module) + (whenAtLeast "4.17" yes) ]; + NF_TABLES_ARP = mkMerge [ (whenOlder "4.17" module) + (whenAtLeast "4.17" yes) ]; # IPv6: Netfilter Configuration - NF_TABLES_IPV6 = yes; + NF_TABLES_IPV6 = mkMerge [ (whenOlder "4.17" module) + (whenAtLeast "4.17" yes) ]; # Bridge Netfilter Configuration NF_TABLES_BRIDGE = mkMerge [ (whenBetween "4.19" "5.3" yes) (whenAtLeast "5.3" module) ]; @@ -183,7 +188,7 @@ let NET_DROP_MONITOR = yes; # needed for ss - INET_DIAG = yes; + INET_DIAG = module; INET_TCP_DIAG = module; INET_UDP_DIAG = module; INET_RAW_DIAG = whenAtLeast "4.14" module; @@ -201,8 +206,8 @@ let B43_PHY_HT = option yes; BCMA_HOST_PCI = option yes; RTW88 = whenAtLeast "5.2" module; - RTW88_8822BE = whenAtLeast "5.2" yes; - RTW88_8822CE = whenAtLeast "5.2" yes; + RTW88_8822BE = mkMerge [ (whenBetween "5.2" "5.8" yes) (whenAtLeast "5.8" module) ]; + RTW88_8822CE = mkMerge [ (whenBetween "5.2" "5.8" yes) (whenAtLeast "5.8" module) ]; }; fb = { @@ -269,7 +274,7 @@ let SND_SOC_SOF_ELKHARTLAKE_SUPPORT = yes; SND_SOC_SOF_GEMINILAKE_SUPPORT = yes; SND_SOC_SOF_HDA_AUDIO_CODEC = yes; - SND_SOC_SOF_HDA_COMMON_HDMI_CODEC = yes; + SND_SOC_SOF_HDA_COMMON_HDMI_CODEC = whenOlder "5.7" yes; SND_SOC_SOF_HDA_LINK = yes; SND_SOC_SOF_ICELAKE_SUPPORT = yes; SND_SOC_SOF_INTEL_TOPLEVEL = yes; @@ -365,7 +370,7 @@ let CIFS_STATS = whenOlder "4.19" yes; CIFS_WEAK_PW_HASH = yes; CIFS_UPCALL = yes; - CIFS_ACL = yes; + CIFS_ACL = whenOlder "5.3" yes; CIFS_DFS_UPCALL = yes; CIFS_SMB2 = whenOlder "4.13" yes; @@ -396,7 +401,7 @@ let DEBUG_SET_MODULE_RONX = { optional = true; tristate = whenOlder "4.11" "y"; }; RANDOMIZE_BASE = option yes; STRICT_DEVMEM = option yes; # Filter access to /dev/mem - SECURITY_SELINUX_BOOTPARAM_VALUE = freeform "0"; # Disable SELinux by default + SECURITY_SELINUX_BOOTPARAM_VALUE = whenOlder "5.1" (freeform "0"); # Disable SELinux by default # Prevent processes from ptracing non-children processes SECURITY_YAMA = option yes; DEVKMEM = mkIf (!features.grsecurity) no; # Disable /dev/kmem @@ -640,6 +645,8 @@ let SYSVIPC = yes; # System-V IPC + AIO = yes; # POSIX asynchronous I/O + UNIX = yes; # Unix domain sockets. MD = yes; # Device mapper (RAID, LVM, etc.) @@ -708,6 +715,7 @@ let KEXEC_FILE = option yes; KEXEC_JUMP = option yes; + PARTITION_ADVANCED = yes; # Needed for LDM_PARTITION # Windows Logical Disk Manager (Dynamic Disk) support LDM_PARTITION = yes; LOGIRUMBLEPAD2_FF = yes; # Logitech Rumblepad 2 force feedback @@ -721,6 +729,7 @@ let PSI = whenAtLeast "4.20" yes; MODVERSIONS = whenOlder "4.9" yes; + MOUSE_ELAN_I2C_SMBUS = yes; MOUSE_PS2_ELANTECH = yes; # Elantech PS/2 protocol extension MTRR_SANITIZER = yes; NET_FC = yes; # Fibre Channel driver support @@ -765,8 +774,8 @@ let HOTPLUG_PCI_PCIE = yes; # PCI-Expresscard hotplug support # Enable AMD's ROCm GPU compute stack - HSA_AMD = whenAtLeast "4.20" yes; - ZONE_DEVICE = whenAtLeast "5.3" yes; + HSA_AMD = mkIf stdenv.hostPlatform.is64bit (whenAtLeast "4.20" yes); + ZONE_DEVICE = mkIf stdenv.hostPlatform.is64bit (whenAtLeast "5.3" yes); HMM_MIRROR = whenAtLeast "5.3" yes; DRM_AMDGPU_USERPTR = whenAtLeast "5.3" yes; @@ -794,7 +803,7 @@ let SUN8I_DE2_CCU = whenAtLeast "4.13" yes; # See comments on https://github.com/NixOS/nixpkgs/commit/9b67ea9106102d882f53d62890468071900b9647 - CRYPTO_AEGIS128_SIMD = no; + CRYPTO_AEGIS128_SIMD = whenAtLeast "5.4" no; }; }; in diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/generic.nix b/nixpkgs/pkgs/os-specific/linux/kernel/generic.nix index e6e1bd842363..a9d0cf451688 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/generic.nix +++ b/nixpkgs/pkgs/os-specific/linux/kernel/generic.nix @@ -158,11 +158,8 @@ let ; }).config; - # structuredConfig = moduleStructuredConfig.settings; }; - - }; # end of configfile derivation kernel = (callPackage ./manual-config.nix {}) { diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/hardened/config.nix b/nixpkgs/pkgs/os-specific/linux/kernel/hardened/config.nix index 95510fe218e3..c817f1044271 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/hardened/config.nix +++ b/nixpkgs/pkgs/os-specific/linux/kernel/hardened/config.nix @@ -40,11 +40,12 @@ assert (versionAtLeast version "4.9"); # Perform additional validation of commonly targeted structures. DEBUG_CREDENTIALS = yes; DEBUG_NOTIFIERS = yes; - DEBUG_PI_LIST = yes; # doesn't BUG() + DEBUG_PI_LIST = whenOlder "5.2" yes; # doesn't BUG() + DEBUG_PLIST = whenAtLeast "5.2" yes; DEBUG_SG = yes; SCHED_STACK_END_CHECK = yes; - REFCOUNT_FULL = whenAtLeast "4.13" yes; + REFCOUNT_FULL = whenBetween "4.13" "5.5" yes; # Randomize page allocator when page_alloc.shuffle=1 SHUFFLE_PAGE_ALLOCATOR = whenAtLeast "5.2" yes; diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/hardened/patches.json b/nixpkgs/pkgs/os-specific/linux/kernel/hardened/patches.json index 59e6e768a4b2..654615ebe500 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/nixpkgs/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -1,22 +1,22 @@ { "4.14": { - "name": "linux-hardened-4.14.182.a.patch", - "sha256": "1kkchcv3qkm41rgscm12ii852q2846crbpvafywz31qg62lb6qig", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.182.a/linux-hardened-4.14.182.a.patch" + "name": "linux-hardened-4.14.184.a.patch", + "sha256": "1g12kz6ikdwp6b7000pfy3myga90mvxyl04b9267fk88jwih6yhk", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.184.a/linux-hardened-4.14.184.a.patch" }, "4.19": { - "name": "linux-hardened-4.19.125.a.patch", - "sha256": "1dhb8syp4j7hc4mx3s7c2x0gxil5dw7jh0swfqzjm02npbwpp19r", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.125.a/linux-hardened-4.19.125.a.patch" + "name": "linux-hardened-4.19.128.a.patch", + "sha256": "19ayzx9rf4j31ypavxwamd290lm95wmi7v165avxslahnx6pdsxs", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.128.a/linux-hardened-4.19.128.a.patch" }, "5.4": { - "name": "linux-hardened-5.4.43.a.patch", - "sha256": "14d9sg1f2a0fnr2q9z6ck5biip1kbzqqwlg4xzpwv83vaycq4i3b", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.43.a/linux-hardened-5.4.43.a.patch" + "name": "linux-hardened-5.4.46.a.patch", + "sha256": "0f2d53na7g6dhiba2ym09lm4fp3hwm6kw6mpm5jk46jmb6j7iwk5", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.46.a/linux-hardened-5.4.46.a.patch" }, "5.6": { - "name": "linux-hardened-5.6.15.a.patch", - "sha256": "0gvp4mra07aj22mrjj8gzd3k7z1zafvak461iajrxfjhzh1z3bdf", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.6.15.a/linux-hardened-5.6.15.a.patch" + "name": "linux-hardened-5.6.18.a.patch", + "sha256": "0idvgjg7kji4w3341acfqywi0qqn3pvxcmiz70cd7inhlqaqrw63", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.6.18.a/linux-hardened-5.6.18.a.patch" } } diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/linux-4.14.nix b/nixpkgs/pkgs/os-specific/linux/kernel/linux-4.14.nix index ca48ed48558b..7ee05ed47ded 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/linux-4.14.nix +++ b/nixpkgs/pkgs/os-specific/linux/kernel/linux-4.14.nix @@ -3,7 +3,7 @@ with stdenv.lib; buildLinux (args // rec { - version = "4.14.182"; + version = "4.14.184"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "142v7qnfska86jqzilwq00kxdrq08iaaaw7f47xp9bnhb8fiy7b7"; + sha256 = "0h6r06c1d7amkfglsr66ic89p0zxpmk7jkq1ylcbknmkiwkixx9g"; }; } // (args.argsOverride or {})) diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/linux-4.19.nix b/nixpkgs/pkgs/os-specific/linux/kernel/linux-4.19.nix index 20aced02a86b..92281ffdd3e6 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/linux-4.19.nix +++ b/nixpkgs/pkgs/os-specific/linux/kernel/linux-4.19.nix @@ -3,7 +3,7 @@ with stdenv.lib; buildLinux (args // rec { - version = "4.19.125"; + version = "4.19.128"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "0zmxs6q2rgssvsh76xq9xgcax7bps19x2448d1q1fj9pzc7g8hwq"; + sha256 = "0g31ad3wziy4xqna0yvwjcnza3jhd93syjpfvmwh0b4pkj2adar9"; }; } // (args.argsOverride or {})) diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/linux-4.4.nix b/nixpkgs/pkgs/os-specific/linux/kernel/linux-4.4.nix index a9d45bcdea76..fe0406233169 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/linux-4.4.nix +++ b/nixpkgs/pkgs/os-specific/linux/kernel/linux-4.4.nix @@ -1,11 +1,11 @@ { stdenv, buildPackages, fetchurl, perl, buildLinux, ... } @ args: buildLinux (args // rec { - version = "4.4.225"; + version = "4.4.227"; extraMeta.branch = "4.4"; src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "0pn66hf9yrjg15skq1inscr5m0slvgsd2qm8rg5id70llrb4jis9"; + sha256 = "196x57w740firg8zchypq4vq6a83ymmwn9amqrscym9zr0pcgm40"; }; } // (args.argsOverride or {})) diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/linux-4.9.nix b/nixpkgs/pkgs/os-specific/linux/kernel/linux-4.9.nix index b13ed0e8fc56..5be2d7ac9bd9 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/linux-4.9.nix +++ b/nixpkgs/pkgs/os-specific/linux/kernel/linux-4.9.nix @@ -1,11 +1,11 @@ { stdenv, buildPackages, fetchurl, perl, buildLinux, ... } @ args: buildLinux (args // rec { - version = "4.9.225"; + version = "4.9.227"; extraMeta.branch = "4.9"; src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "1s63aymgsc4lsysy9d972ps9cyrf6bncyy5wcpv5a3wbaj678iz5"; + sha256 = "0pqc0wld4s4zjas95xm54mrkk00l9zkc59b6i9gq4km126s8bi1q"; }; } // (args.argsOverride or {})) diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/linux-5.4.nix b/nixpkgs/pkgs/os-specific/linux/kernel/linux-5.4.nix index 801003dc4f59..1c5bfad41681 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/linux-5.4.nix +++ b/nixpkgs/pkgs/os-specific/linux/kernel/linux-5.4.nix @@ -3,7 +3,7 @@ with stdenv.lib; buildLinux (args // rec { - version = "5.4.43"; + version = "5.4.46"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "0i07g72138xdf1l8x593jndq0waf3fx7plz3m6n5f9fl885bjrr6"; + sha256 = "13hvnfdcbcb9a21zizq8d90mc8maxz03zmzsj6iqsjd2y7r4y1rh"; }; } // (args.argsOverride or {})) diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/linux-5.6.nix b/nixpkgs/pkgs/os-specific/linux/kernel/linux-5.6.nix index d19fe9cbc6a0..bf245442ecef 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/linux-5.6.nix +++ b/nixpkgs/pkgs/os-specific/linux/kernel/linux-5.6.nix @@ -3,7 +3,7 @@ with stdenv.lib; buildLinux (args // rec { - version = "5.6.15"; + version = "5.6.18"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "0kh34f9vdfsi9g83fa1i1926djyzfi466w02c4y4d46ljf9pkav5"; + sha256 = "0cpiyzr62sv2yz0mla7skalb04pnr4nlkpi1zfcfzyjf1gjz8h8h"; }; } // (args.argsOverride or {})) diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/linux-5.7.nix b/nixpkgs/pkgs/os-specific/linux/kernel/linux-5.7.nix new file mode 100644 index 000000000000..c7f1389f1128 --- /dev/null +++ b/nixpkgs/pkgs/os-specific/linux/kernel/linux-5.7.nix @@ -0,0 +1,18 @@ +{ stdenv, buildPackages, fetchurl, perl, buildLinux, modDirVersionArg ? null, ... } @ args: + +with stdenv.lib; + +buildLinux (args // rec { + version = "5.7.2"; + + # modDirVersion needs to be x.y.z, will automatically add .0 if needed + modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; + + # branchVersion needs to be x.y + extraMeta.branch = versions.majorMinor version; + + src = fetchurl { + url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; + sha256 = "02brxm78n0kg4mh48acvjsr7mpvaqd279ycyaixaflid1s1awrb0"; + }; +} // (args.argsOverride or {})) diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/linux-libre.nix b/nixpkgs/pkgs/os-specific/linux/kernel/linux-libre.nix index bcea8bed7531..e531f878d029 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/linux-libre.nix +++ b/nixpkgs/pkgs/os-specific/linux/kernel/linux-libre.nix @@ -1,8 +1,8 @@ { stdenv, lib, fetchsvn, linux , scripts ? fetchsvn { url = "https://www.fsfla.org/svn/fsfla/software/linux-libre/releases/branches/"; - rev = "17506"; - sha256 = "0yial2fib8bvv31ihzlxn80xlnpx8f0z6ml9md5xj3zxzslsy5iq"; + rev = "17537"; + sha256 = "15fj5ba28jw515fzfp4pbrkpq5xyvxvx7r9yh1l0qsxjzs2zml8b"; } , ... }: diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/linux-rpi.nix b/nixpkgs/pkgs/os-specific/linux/kernel/linux-rpi.nix index 31a2cc2aa157..a3d2bfd4836c 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/linux-rpi.nix +++ b/nixpkgs/pkgs/os-specific/linux/kernel/linux-rpi.nix @@ -1,8 +1,8 @@ { stdenv, lib, buildPackages, fetchFromGitHub, perl, buildLinux, rpiVersion, ... } @ args: let - modDirVersion = "4.19.75"; - tag = "1.20190925"; + modDirVersion = "4.19.118"; + tag = "1.20200601"; in lib.overrideDerivation (buildLinux (args // { version = "${modDirVersion}-${tag}"; @@ -12,7 +12,7 @@ lib.overrideDerivation (buildLinux (args // { owner = "raspberrypi"; repo = "linux"; rev = "raspberrypi-kernel_${tag}-1"; - sha256 = "0l91kb4jjxg4fcp7d2aqm1fj34ns137rys93k907mdgnarcliafs"; + sha256 = "11jzsmnd1qry2ir9vmsv0nfdzjpgkn5yab5ylxcz406plc073anp"; }; defconfig = { diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/linux-testing.nix b/nixpkgs/pkgs/os-specific/linux/kernel/linux-testing.nix index f2f0fac3b7dd..2a7a1fa93425 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/linux-testing.nix +++ b/nixpkgs/pkgs/os-specific/linux/kernel/linux-testing.nix @@ -3,15 +3,15 @@ with stdenv.lib; buildLinux (args // rec { - version = "5.7-rc6"; - extraMeta.branch = "5.7"; + version = "5.8-rc1"; + extraMeta.branch = "5.1"; # modDirVersion needs to be x.y.z, will always add .0 modDirVersion = if (modDirVersionArg == null) then builtins.replaceStrings ["-"] [".0-"] version else modDirVersionArg; src = fetchurl { url = "https://git.kernel.org/torvalds/t/linux-${version}.tar.gz"; - sha256 = "0g04zwdxks7pa5q6shl5xl2rml1w95rxq7sqkkadj11mpk2k89w4"; + sha256 = "1gb7g2vrgg0zz281lv1ir1r0535spc40j65p0azmdxlk24fkfxfc"; }; # Should the testing kernels ever be built on Hydra? diff --git a/nixpkgs/pkgs/os-specific/linux/kexectools/default.nix b/nixpkgs/pkgs/os-specific/linux/kexectools/default.nix index b1abf50f5f1f..a70cb2e087fc 100644 --- a/nixpkgs/pkgs/os-specific/linux/kexectools/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/kexectools/default.nix @@ -14,6 +14,9 @@ stdenv.mkDerivation rec { hardeningDisable = [ "format" "pic" "relro" "pie" ]; + # Prevent kexec-tools from using uname to detect target, which is wrong in + # cases like compiling for aarch32 on aarch64 + configurePlatforms = [ "build" "host" ]; configureFlags = [ "BUILD_CC=${buildPackages.stdenv.cc.targetPrefix}cc" ]; depsBuildBuild = [ buildPackages.stdenv.cc ]; buildInputs = [ zlib ]; diff --git a/nixpkgs/pkgs/os-specific/linux/lxcfs/default.nix b/nixpkgs/pkgs/os-specific/linux/lxcfs/default.nix index 68d05f0be65d..4011b3885625 100644 --- a/nixpkgs/pkgs/os-specific/linux/lxcfs/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/lxcfs/default.nix @@ -1,4 +1,5 @@ { config, stdenv, fetchFromGitHub, autoreconfHook, pkgconfig, help2man, fuse +, utillinux, makeWrapper , enableDebugBuild ? config.lxcfs.enableDebugBuild or false }: with stdenv.lib; @@ -13,7 +14,7 @@ stdenv.mkDerivation rec { }; nativeBuildInputs = [ pkgconfig help2man autoreconfHook ]; - buildInputs = [ fuse ]; + buildInputs = [ fuse makeWrapper ]; preConfigure = stdenv.lib.optionalString enableDebugBuild '' sed -i 's,#AM_CFLAGS += -DDEBUG,AM_CFLAGS += -DDEBUG,' Makefile.am @@ -27,6 +28,12 @@ stdenv.mkDerivation rec { installFlags = [ "SYSTEMD_UNIT_DIR=\${out}/lib/systemd" ]; + postInstall = '' + # `mount` hook requires access to the `mount` command from `utillinux`: + wrapProgram "$out/share/lxcfs/lxc.mount.hook" \ + --prefix PATH : "${utillinux}/bin" + ''; + postFixup = '' # liblxcfs.so is reloaded with dlopen() patchelf --set-rpath "$(patchelf --print-rpath "$out/bin/lxcfs"):$out/lib" "$out/bin/lxcfs" diff --git a/nixpkgs/pkgs/os-specific/linux/microcode/intel.nix b/nixpkgs/pkgs/os-specific/linux/microcode/intel.nix index c0201fb01fd4..475288a0b6f6 100644 --- a/nixpkgs/pkgs/os-specific/linux/microcode/intel.nix +++ b/nixpkgs/pkgs/os-specific/linux/microcode/intel.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "microcode-intel"; - version = "20200520"; + version = "20200616"; src = fetchFromGitHub { owner = "intel"; repo = "Intel-Linux-Processor-Microcode-Data-Files"; rev = "microcode-${version}"; - sha256 = "1cs4b7q9j2lw2y09rfa82aijbfmy4lddahz8qlz9gwajf2ziqns8"; + sha256 = "13jrs8hwh7dhjjb9kncb8lk199afaxglkh1cfisl6zca1h36g563"; }; nativeBuildInputs = [ iucode-tool libarchive ]; diff --git a/nixpkgs/pkgs/os-specific/linux/musl/default.nix b/nixpkgs/pkgs/os-specific/linux/musl/default.nix index 51dcf4cfca33..422ad5c1cb50 100644 --- a/nixpkgs/pkgs/os-specific/linux/musl/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/musl/default.nix @@ -26,6 +26,12 @@ let sha256 = "1mzxnc2ncq8lw9x6n7p00fvfklc9p3wfv28m68j0dfz5l8q2k6pp"; }; + arch = if stdenv.hostPlatform.isx86_64 + then "x86_64" + else if stdenv.hostPlatform.isx86_32 + then "i386" + else null; + in stdenv.mkDerivation rec { pname = "musl"; @@ -102,6 +108,9 @@ stdenv.mkDerivation rec { -lc \ -B $out/lib \ -Wl,-dynamic-linker=$(ls $out/lib/ld-*) + '' + lib.optionalString (arch != null) '' + # Create 'libc.musl-$arch' symlink + ln -rs $out/lib/libc.so $out/lib/libc.musl-${arch}.so.1 '' + lib.optionalString useBSDCompatHeaders '' install -D ${queue_h} $dev/include/sys/queue.h install -D ${cdefs_h} $dev/include/sys/cdefs.h diff --git a/nixpkgs/pkgs/os-specific/linux/nvme-cli/default.nix b/nixpkgs/pkgs/os-specific/linux/nvme-cli/default.nix index c05adb33eca1..80a00082b81a 100644 --- a/nixpkgs/pkgs/os-specific/linux/nvme-cli/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/nvme-cli/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "nvme-cli"; - version = "1.11.2"; + version = "1.12"; src = fetchFromGitHub { owner = "linux-nvme"; repo = "nvme-cli"; rev = "v${version}"; - sha256 = "0ngh7zffjf6ac8b22hdi4ry7hjlafih172hrbpw8j17r7c0wjy9i"; + sha256 = "0ldky34sn0m5c4hgiip0fkzm465nca69bhxicpd5dg8wxhzxqrp3"; }; nativeBuildInputs = [ pkg-config ]; diff --git a/nixpkgs/pkgs/os-specific/linux/pcm/default.nix b/nixpkgs/pkgs/os-specific/linux/pcm/default.nix index cc5c2efd46e6..f8f0d165d74b 100644 --- a/nixpkgs/pkgs/os-specific/linux/pcm/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/pcm/default.nix @@ -1,14 +1,14 @@ { stdenv, fetchFromGitHub }: stdenv.mkDerivation rec { - version = "202003"; + version = "202005"; pname = "pcm"; src = fetchFromGitHub { owner = "opcm"; repo = "pcm"; rev = version; - sha256 = "1f83dhzrzgcyv5j5xxibvywvpg8sgf1g72f5x40cdb4149nwbfra"; + sha256 = "10dyjgbxb263i64p4zfvy6xjb2hp7wg2k6ygsr8ikjawllxp8m01"; }; installPhase = '' diff --git a/nixpkgs/pkgs/os-specific/linux/piper/default.nix b/nixpkgs/pkgs/os-specific/linux/piper/default.nix index f097f3e5465c..0da972316788 100644 --- a/nixpkgs/pkgs/os-specific/linux/piper/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/piper/default.nix @@ -4,7 +4,7 @@ python3.pkgs.buildPythonApplication rec { pname = "piper"; - version = "0.4"; + version = "0.5"; format = "other"; @@ -12,7 +12,7 @@ python3.pkgs.buildPythonApplication rec { owner = "libratbag"; repo = "piper"; rev = version; - sha256 = "17h06j8lxpbfygq8fzycl7lml4vv7r05bsyhh3gga2hp0zms4mvg"; + sha256 = "00vrcsbsv2477l1ncpyzc61lhxgac84dsgr3sjs8qxw3nh1gaasv"; }; nativeBuildInputs = [ meson ninja gettext pkgconfig wrapGAppsHook desktop-file-utils appstream-glib gobject-introspection ]; diff --git a/nixpkgs/pkgs/os-specific/linux/rtl88x2bu/default.nix b/nixpkgs/pkgs/os-specific/linux/rtl88x2bu/default.nix new file mode 100644 index 000000000000..3d461d525567 --- /dev/null +++ b/nixpkgs/pkgs/os-specific/linux/rtl88x2bu/default.nix @@ -0,0 +1,38 @@ +{ stdenv, fetchFromGitHub, kernel, bc }: + +stdenv.mkDerivation rec { + name = "rtl88x2bu-${kernel.version}-${version}"; + version = "unstable-2020-05-19"; + + src = fetchFromGitHub { + owner = "cilynx"; + repo = "rtl88x2BU"; + rev = "0f159d7cd937a12b818121cb1f1c4910bd1adc72"; + sha256 = "0flqnvzfdb4wsiiqv9vf5gfwd5fgpjvhs9zhqknnv1cmp8msgw6y"; + }; + + hardeningDisable = [ "pic" ]; + + nativeBuildInputs = [ bc ]; + buildInputs = kernel.moduleBuildDependencies; + + prePatch = '' + substituteInPlace ./Makefile \ + --replace /lib/modules/ "${kernel.dev}/lib/modules/" \ + --replace '$(shell uname -r)' "${kernel.modDirVersion}" \ + --replace /sbin/depmod \# \ + --replace '$(MODDESTDIR)' "$out/lib/modules/${kernel.modDirVersion}/kernel/net/wireless/" + ''; + + preInstall = '' + mkdir -p "$out/lib/modules/${kernel.modDirVersion}/kernel/net/wireless/" + ''; + + meta = with stdenv.lib; { + description = "Realtek rtl88x2bu driver"; + homepage = "https://github.com/cilynx/rtl88x2bu"; + license = licenses.gpl2; + platforms = platforms.linux; + maintainers = [ maintainers.ralith ]; + }; +} diff --git a/nixpkgs/pkgs/os-specific/linux/sysstat/default.nix b/nixpkgs/pkgs/os-specific/linux/sysstat/default.nix index a27f65852023..258da07c40b6 100644 --- a/nixpkgs/pkgs/os-specific/linux/sysstat/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/sysstat/default.nix @@ -1,11 +1,11 @@ { stdenv, fetchurl, gettext, bzip2 }: stdenv.mkDerivation rec { - name = "sysstat-12.3.1"; + name = "sysstat-12.3.2"; src = fetchurl { url = "http://pagesperso-orange.fr/sebastien.godard/${name}.tar.xz"; - sha256 = "1hf1sy7akribmgavadqccxpy49yv0zfb3m81d2bj6jf8pyzwcrbq"; + sha256 = "0gaas16q2f7qmrv4sbqk2l2mrc7yr64s33bzw4094p59fkylm7k4"; }; buildInputs = [ gettext ]; diff --git a/nixpkgs/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch b/nixpkgs/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch index 23aa893362b5..a9b60cbb2e20 100644 --- a/nixpkgs/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch +++ b/nixpkgs/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch @@ -24,8 +24,8 @@ index 8331832c7a..bedb97115d 100644 systemduserconfdir=${sysconfdir}/systemd/user -systemdsystemunitpath=${systemdsystemconfdir}:/etc/systemd/system:/run/systemd/system:/usr/local/lib/systemd/system:${systemdsystemunitdir}:/usr/lib/systemd/system:/lib/systemd/system -systemduserunitpath=${systemduserconfdir}:/etc/systemd/user:/run/systemd/user:/usr/local/lib/systemd/user:/usr/local/share/systemd/user:${systemduserunitdir}:/usr/lib/systemd/user:/usr/share/systemd/user -+systemdsystemunitpath=${systemdsystemconfdir}:/etc/systemd/system:/etc/systemd-mutable/system:/nix/var/nix/profiles/default/lib/systemd/user:/run/systemd/system:${systemdsystemunitdir} -+systemduserunitpath=${systemduserconfdir}:/etc/systemd/user:/etc/systemd-mutable/user:/nix/var/nix/profiles/default/lib/systemd/system:/run/systemd/user:${systemduserunitdir} ++systemdsystemunitpath=${systemdsystemconfdir}:/etc/systemd/system:/etc/systemd-mutable/system:/nix/var/nix/profiles/default/lib/systemd/system:/run/systemd/system:${systemdsystemunitdir} ++systemduserunitpath=${systemduserconfdir}:/etc/systemd/user:/etc/systemd-mutable/user:/nix/var/nix/profiles/default/lib/systemd/user:/run/systemd/user:${systemduserunitdir} systemdsystemgeneratordir=${rootprefix}/lib/systemd/system-generators systemdusergeneratordir=${prefix}/lib/systemd/user-generators systemdsystemgeneratorpath=/run/systemd/system-generators:/etc/systemd/system-generators:/usr/local/lib/systemd/system-generators:${systemdsystemgeneratordir} diff --git a/nixpkgs/pkgs/os-specific/linux/systemd/default.nix b/nixpkgs/pkgs/os-specific/linux/systemd/default.nix index 00a545ed3f54..3235fb3b95cd 100644 --- a/nixpkgs/pkgs/os-specific/linux/systemd/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/systemd/default.nix @@ -66,6 +66,13 @@ in stdenv.mkDerivation { postPatch = '' substituteInPlace src/basic/path-util.h --replace "@defaultPathNormal@" "${placeholder "out"}/bin/" + substituteInPlace src/boot/efi/meson.build \ + --replace \ + "find_program('ld'" \ + "find_program('${stdenv.cc.bintools.targetPrefix}ld'" \ + --replace \ + "find_program('objcopy'" \ + "find_program('${stdenv.cc.bintools.targetPrefix}objcopy'" ''; outputs = [ "out" "lib" "man" "dev" ]; diff --git a/nixpkgs/pkgs/os-specific/linux/udisks/2-default.nix b/nixpkgs/pkgs/os-specific/linux/udisks/2-default.nix index 526def78bb2c..3b502dbe48f5 100644 --- a/nixpkgs/pkgs/os-specific/linux/udisks/2-default.nix +++ b/nixpkgs/pkgs/os-specific/linux/udisks/2-default.nix @@ -41,7 +41,7 @@ stdenv.mkDerivation rec { # Fix tests: https://github.com/storaged-project/udisks/issues/724 (fetchpatch { url = "https://github.com/storaged-project/udisks/commit/60a0c1c967821d317046d9494e45b9a8e4e7a1c1.patch"; - sha256 = "tWl49mSc1zDyB3kV6SKlhHFPi/Kg7mg6OWDlY7vGj2Y="; + sha256 = "0rlgqsxn7rb074x6ivm0ya5lywc4llifj5br0zr31mwwckv7hsdm"; }) ]; diff --git a/nixpkgs/pkgs/os-specific/linux/v4l-utils/default.nix b/nixpkgs/pkgs/os-specific/linux/v4l-utils/default.nix index 73944bd6eb70..c23c37aa56d0 100644 --- a/nixpkgs/pkgs/os-specific/linux/v4l-utils/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/v4l-utils/default.nix @@ -12,11 +12,11 @@ let # we need to use stdenv.mkDerivation in order not to pollute the libv4l’s closure with Qt in stdenv.mkDerivation rec { pname = "v4l-utils"; - version = "1.18.0"; + version = "1.18.1"; src = fetchurl { url = "https://linuxtv.org/downloads/${pname}/${pname}-${version}.tar.bz2"; - sha256 = "03c80acbv2znfxs1l32yx30znmjrqq7kxhiwl2309lpf5s10vdkc"; + sha256 = "0hpkqm2bpg1ma2shjzcf6xsrpyjd8h5cakgh8a3iyh126wjl5z15"; }; outputs = [ "out" ] ++ lib.optional withUtils "lib" ++ [ "dev" ]; diff --git a/nixpkgs/pkgs/os-specific/linux/wireguard/default.nix b/nixpkgs/pkgs/os-specific/linux/wireguard/default.nix index 4617db5e7671..6af465da4731 100644 --- a/nixpkgs/pkgs/os-specific/linux/wireguard/default.nix +++ b/nixpkgs/pkgs/os-specific/linux/wireguard/default.nix @@ -7,11 +7,11 @@ assert stdenv.lib.versionOlder kernel.version "5.6"; stdenv.mkDerivation rec { pname = "wireguard"; - version = "1.0.20200520"; + version = "1.0.20200611"; src = fetchzip { url = "https://git.zx2c4.com/wireguard-linux-compat/snapshot/wireguard-linux-compat-${version}.tar.xz"; - sha256 = "1zggpm0zh6m30b9mchj3bg3z721k346r5m5a130inp779s4xm0sm"; + sha256 = "0a8xsjxp8krmm2px07x9qw8nhvp5ispf4mnc6k59p0qp26qbva5d"; }; hardeningDisable = [ "pic" ]; diff --git a/nixpkgs/pkgs/os-specific/linux/wpa_supplicant/gui.nix b/nixpkgs/pkgs/os-specific/linux/wpa_supplicant/gui.nix index 911b0331f4cd..132cad4b6d29 100644 --- a/nixpkgs/pkgs/os-specific/linux/wpa_supplicant/gui.nix +++ b/nixpkgs/pkgs/os-specific/linux/wpa_supplicant/gui.nix @@ -10,7 +10,7 @@ mkDerivation { # https://github.com/NixOS/nixpkgs/issues/86930 (fetchpatch { url = "https://w1.fi/cgit/hostap/patch/?id=0388992905a5c2be5cba9497504eaea346474754"; - sha256 = "YDSY7l/qEco+aZYcYHLf/rxCKvPw35ibGoMorjA5GhY="; + sha256 = "05hs74qawa433adripzhycm45g7yvxr6074nd4zcl4gabzp9hd30"; }) ]; |