about summary refs log tree commit diff
path: root/pkgs/build-support
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/build-support')
-rw-r--r--pkgs/build-support/cc-wrapper/default.nix4
-rw-r--r--pkgs/build-support/docker/default.nix2
-rw-r--r--pkgs/build-support/fetchfile/builder.sh11
-rw-r--r--pkgs/build-support/fetchfile/default.nix11
-rw-r--r--pkgs/build-support/fetchgx/default.nix30
-rw-r--r--pkgs/build-support/gcc-cross-wrapper/builder.sh2
-rw-r--r--pkgs/build-support/grsecurity/default.nix2
-rw-r--r--pkgs/build-support/kernel/modules-closure.nix4
8 files changed, 37 insertions, 29 deletions
diff --git a/pkgs/build-support/cc-wrapper/default.nix b/pkgs/build-support/cc-wrapper/default.nix
index 8a9bd3ecb4d5..c8e3d8b4cc82 100644
--- a/pkgs/build-support/cc-wrapper/default.nix
+++ b/pkgs/build-support/cc-wrapper/default.nix
@@ -252,10 +252,10 @@ stdenv.mkDerivation {
 
       # some linkers on some platforms don't support specific -z flags
       hardening_unsupported_flags=""
-      if [[ "$($ldPath/ld -z now 2>&1 || true)" =~ "unknown option" ]]; then
+      if [[ "$($ldPath/ld -z now 2>&1 || true)" =~ un(recognized|known)\ option ]]; then
         hardening_unsupported_flags+=" bindnow"
       fi
-      if [[ "$($ldPath/ld -z relro 2>&1 || true)" =~ "unknown option" ]]; then
+      if [[ "$($ldPath/ld -z relro 2>&1 || true)" =~ un(recognized|known)\ option ]]; then
         hardening_unsupported_flags+=" relro"
       fi
 
diff --git a/pkgs/build-support/docker/default.nix b/pkgs/build-support/docker/default.nix
index 7fc4000cb300..21e0d2b5128a 100644
--- a/pkgs/build-support/docker/default.nix
+++ b/pkgs/build-support/docker/default.nix
@@ -442,7 +442,7 @@ rec {
                      < image/repositories)
 
           for l in image/*/layer.tar; do
-            ls_tar image/*/layer.tar >> baseFiles
+            ls_tar $l >> baseFiles
           done
         fi
 
diff --git a/pkgs/build-support/fetchfile/builder.sh b/pkgs/build-support/fetchfile/builder.sh
deleted file mode 100644
index b849491fc5ab..000000000000
--- a/pkgs/build-support/fetchfile/builder.sh
+++ /dev/null
@@ -1,11 +0,0 @@
-source $stdenv/setup
-
-echo "copying $pathname into $out..."
-
-cp "$pathname" "$out" || exit 1
-
-actual=$(md5sum -b $out | cut -c1-32)
-if test "$actual" != "$md5"; then
-    echo "hash is $actual, expected $md5"
-    exit 1
-fi
diff --git a/pkgs/build-support/fetchfile/default.nix b/pkgs/build-support/fetchfile/default.nix
deleted file mode 100644
index 685c1e69520a..000000000000
--- a/pkgs/build-support/fetchfile/default.nix
+++ /dev/null
@@ -1,11 +0,0 @@
-{stdenv}: {pathname, md5 ? "", sha256 ? ""}: stdenv.mkDerivation {
-  name = baseNameOf (toString pathname);
-  builder = ./builder.sh;
-  pathname = pathname;
-} // if (sha256 == "") then {
-  md5 = (stdenv.lib.fetchMD5warn "fetchfile" pathname md5);
-  id = md5;
-} else {
-  sha256 = sha256;
-  id = sha256;
-}
diff --git a/pkgs/build-support/fetchgx/default.nix b/pkgs/build-support/fetchgx/default.nix
new file mode 100644
index 000000000000..c72bbec66321
--- /dev/null
+++ b/pkgs/build-support/fetchgx/default.nix
@@ -0,0 +1,30 @@
+{ stdenv, gx, gx-go, go, cacert }:
+
+{ name, src, sha256 }:
+
+stdenv.mkDerivation {
+  name = "${name}-gxdeps";
+  inherit src;
+
+  buildInputs = [ go gx gx-go ];
+
+  outputHashAlgo = "sha256";
+  outputHashMode = "recursive";
+  outputHash = sha256;
+
+  phases = [ "unpackPhase" "buildPhase" "installPhase" ];
+
+  SSL_CERT_FILE = "${cacert}/etc/ssl/certs/ca-bundle.crt";
+
+  buildPhase = ''
+    export GOPATH=$(pwd)/vendor
+    mkdir vendor
+    gx install
+  '';
+
+  installPhase = ''
+    mv vendor $out
+  '';
+
+  preferLocalBuild = true;
+}
diff --git a/pkgs/build-support/gcc-cross-wrapper/builder.sh b/pkgs/build-support/gcc-cross-wrapper/builder.sh
index 1bdda9696536..b729144b8601 100644
--- a/pkgs/build-support/gcc-cross-wrapper/builder.sh
+++ b/pkgs/build-support/gcc-cross-wrapper/builder.sh
@@ -8,7 +8,7 @@ mkdir $out/nix-support
 cflagsCompile="-B$out/bin/"
 
 if test -z "$nativeLibc" -a -n "$libc"; then
-    cflagsCompile="$cflagsCompile -B$gccLibs/lib -B$libc/lib/ -isystem $libc/include"
+    cflagsCompile="$cflagsCompile -B$gccLibs/lib -B$libc/lib/ -isystem $libc_dev/include"
     ldflags="$ldflags -L$libc/lib"
     # Get the proper dynamic linker for glibc and uclibc. 
     dlinker=`eval 'echo $libc/lib/ld*.so.?'`
diff --git a/pkgs/build-support/grsecurity/default.nix b/pkgs/build-support/grsecurity/default.nix
index 4379b1997ae2..ccd46e20654f 100644
--- a/pkgs/build-support/grsecurity/default.nix
+++ b/pkgs/build-support/grsecurity/default.nix
@@ -21,7 +21,7 @@ assert (kernel.version == grsecPatch.kver);
 
 overrideDerivation (kernel.override {
   inherit modDirVersion;
-  kernelPatches = [ grsecPatch ] ++ kernelPatches ++ (kernel.kernelPatches or []);
+  kernelPatches = lib.unique ([ grsecPatch ] ++ kernelPatches ++ (kernel.kernelPatches or []));
   extraConfig = ''
     GRKERNSEC y
     PAX y
diff --git a/pkgs/build-support/kernel/modules-closure.nix b/pkgs/build-support/kernel/modules-closure.nix
index 6ae844a62463..9940e611124c 100644
--- a/pkgs/build-support/kernel/modules-closure.nix
+++ b/pkgs/build-support/kernel/modules-closure.nix
@@ -3,10 +3,10 @@
 # the modules identified by `rootModules', plus their dependencies.
 # Also generate an appropriate modules.dep.
 
-{ stdenv, kernel, nukeReferences, rootModules
+{ stdenvNoCC, kernel, nukeReferences, rootModules
 , kmod, allowMissing ? false }:
 
-stdenv.mkDerivation {
+stdenvNoCC.mkDerivation {
   name = kernel.name + "-shrunk";
   builder = ./modules-closure.sh;
   buildInputs = [ nukeReferences kmod ];
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-26 02:25:22 +0000