diff options
Diffstat (limited to 'pkgs/os-specific/linux')
34 files changed, 402 insertions, 192 deletions
diff --git a/pkgs/os-specific/linux/anbox/0001-NixOS-Use-anbox-from-PATH-in-desktop-files.patch b/pkgs/os-specific/linux/anbox/0001-NixOS-Use-anbox-from-PATH-in-desktop-files.patch new file mode 100644 index 000000000000..1c3450238c7f --- /dev/null +++ b/pkgs/os-specific/linux/anbox/0001-NixOS-Use-anbox-from-PATH-in-desktop-files.patch @@ -0,0 +1,34 @@ +From cb61e856c4357d9787f7a2313bacb1c3b2133d36 Mon Sep 17 00:00:00 2001 +From: Samuel Dionne-Riel <samuel@dionne-riel.com> +Date: Fri, 4 Jun 2021 19:05:53 -0400 +Subject: [PATCH] [NixOS] Use `anbox` from PATH in desktop files + +--- + src/anbox/application/launcher_storage.cpp | 6 ++---- + 1 file changed, 2 insertions(+), 4 deletions(-) + +diff --git a/src/anbox/application/launcher_storage.cpp b/src/anbox/application/launcher_storage.cpp +index d5053cf..a4be719 100644 +--- a/src/anbox/application/launcher_storage.cpp ++++ b/src/anbox/application/launcher_storage.cpp +@@ -69,9 +69,7 @@ void LauncherStorage::add_or_update(const Database::Item &item) { + auto package_name = item.package; + std::replace(package_name.begin(), package_name.end(), '.', '-'); + +- auto exe_path = utils::process_get_exe_path(getpid()); +- if (utils::get_env_value("SNAP").length() > 0) +- exe_path = snap_exe_path; ++ auto exe_path = "anbox"; + + std::string exec = utils::string_format("%s launch ", exe_path); + +@@ -121,4 +119,4 @@ void LauncherStorage::remove(const Database::Item &item) { + fs::remove(item_icon_path); + } + +-} +\ No newline at end of file ++} +-- +2.29.2 + diff --git a/pkgs/os-specific/linux/anbox/anbox-image.nix b/pkgs/os-specific/linux/anbox/anbox-image.nix new file mode 100644 index 000000000000..77bcd8a09f78 --- /dev/null +++ b/pkgs/os-specific/linux/anbox/anbox-image.nix @@ -0,0 +1,19 @@ +{ stdenv, fetchurl }: + +let + imgroot = "https://build.anbox.io/android-images"; +in + { + armv7l-linux = fetchurl { + url = imgroot + "/2017/06/12/android_1_armhf.img"; + sha256 = "1za4q6vnj8wgphcqpvyq1r8jg6khz7v6b7h6ws1qkd5ljangf1w5"; + }; + aarch64-linux = fetchurl { + url = imgroot + "/2017/08/04/android_1_arm64.img"; + sha256 = "02yvgpx7n0w0ya64y5c7bdxilaiqj9z3s682l5s54vzfnm5a2bg5"; + }; + x86_64-linux = fetchurl { + url = imgroot + "/2018/07/19/android_amd64.img"; + sha256 = "1jlcda4q20w30cm9ikm6bjq01p547nigik1dz7m4v0aps4rws13b"; + }; + }.${stdenv.system} or (throw "Unsupported platform ${stdenv.system}") diff --git a/pkgs/os-specific/linux/anbox/default.nix b/pkgs/os-specific/linux/anbox/default.nix index 7329dc7df2ce..7368079510d6 100644 --- a/pkgs/os-specific/linux/anbox/default.nix +++ b/pkgs/os-specific/linux/anbox/default.nix @@ -1,4 +1,6 @@ { lib, stdenv, fetchFromGitHub, fetchurl +, callPackage +, fetchpatch , cmake, pkg-config, dbus, makeWrapper , boost , elfutils # for libdw @@ -22,7 +24,8 @@ , SDL2_image , systemd , writeText -, writeScript +, writeShellScript +, nixosTests }: let @@ -33,28 +36,20 @@ let Exec=@out@/libexec/anbox-session-manager ''; - anbox-application-manager = writeScript "anbox-application-manager" '' - #!${runtimeShell} - - ${systemd}/bin/busctl --user call \ - org.freedesktop.DBus \ - /org/freedesktop/DBus \ - org.freedesktop.DBus \ - StartServiceByName "su" org.anbox 0 - - @out@/bin/anbox launch --package=org.anbox.appmgr --component=org.anbox.appmgr.AppViewActivity + anbox-application-manager = writeShellScript "anbox-application-manager" '' + exec @out@/bin/anbox launch --package=org.anbox.appmgr --component=org.anbox.appmgr.AppViewActivity ''; in stdenv.mkDerivation rec { pname = "anbox"; - version = "unstable-2021-10-20"; + version = "unstable-2023-02-03"; src = fetchFromGitHub { owner = pname; repo = pname; - rev = "84f0268012cbe322ad858d76613f4182074510ac"; + rev = "ddf4c57ebbe3a2e46099087570898ab5c1e1f279"; sha256 = "sha256-QXWhatewiUDQ93cH1UZsYgbjUxpgB1ajtGFYZnKmabc="; fetchSubmodules = true; }; @@ -90,7 +85,7 @@ stdenv.mkDerivation rec { "-Wno-error=mismatched-new-delete" ]); - patchPhase = '' + prePatch = '' patchShebangs scripts cat >cmake/FindGMock.cmake <<'EOF' @@ -118,8 +113,30 @@ stdenv.mkDerivation rec { EOF ''; + patches = [ + # Fixes compatibility with lxc 4 + (fetchpatch { + url = "https://git.alpinelinux.org/aports/plain/community/anbox/lxc4.patch?id=64243590a16aee8d4e72061886fc1b15256492c3"; + sha256 = "1da5xyzyjza1g2q9nbxb4p3njj2sf3q71vkpvmmdphia5qnb0gk5"; + }) + # Wait 10× more time when starting + # Not *strictly* needed, but helps a lot on slower hardware + (fetchpatch { + url = "https://git.alpinelinux.org/aports/plain/community/anbox/give-more-time-to-start.patch?id=058b56d4b332ef3379551b343bf31e0f2004321a"; + sha256 = "0iiz3c7fgfgl0dvx8sf5hv7a961xqnihwpz6j8r0ib9v8piwxh9a"; + }) + # Ensures generated desktop files work on store path change + ./0001-NixOS-Use-anbox-from-PATH-in-desktop-files.patch + # Provide window icons + (fetchpatch { + url = "https://github.com/samueldr/anbox/commit/2387f4fcffc0e19e52e58fb6f8264fbe87aafe4d.patch"; + sha256 = "12lmr0kxw1n68g3abh1ak5awmpczfh75c26f53jc8qpvdvv1ywha"; + }) + ]; + postInstall = '' wrapProgram $out/bin/anbox \ + --set SDL_VIDEO_X11_WMCLASS "anbox" \ --prefix LD_LIBRARY_PATH : ${lib.makeLibraryPath [libGL libglvnd]} \ --prefix PATH : ${git}/bin @@ -133,25 +150,13 @@ stdenv.mkDerivation rec { substitute ${anbox-application-manager} $out/bin/anbox-application-manager \ --subst-var out + chmod +x $out/bin/anbox-application-manager ''; - passthru.image = let - imgroot = "https://build.anbox.io/android-images"; - in - { - armv7l-linux = fetchurl { - url = imgroot + "/2017/06/12/android_1_armhf.img"; - sha256 = "1za4q6vnj8wgphcqpvyq1r8jg6khz7v6b7h6ws1qkd5ljangf1w5"; - }; - aarch64-linux = fetchurl { - url = imgroot + "/2017/08/04/android_1_arm64.img"; - sha256 = "02yvgpx7n0w0ya64y5c7bdxilaiqj9z3s682l5s54vzfnm5a2bg5"; - }; - x86_64-linux = fetchurl { - url = imgroot + "/2018/07/19/android_amd64.img"; - sha256 = "1jlcda4q20w30cm9ikm6bjq01p547nigik1dz7m4v0aps4rws13b"; - }; - }.${stdenv.system} or null; + passthru.tests = { inherit (nixosTests) anbox; }; + + passthru.image = callPackage ./postmarketos-image.nix { }; + passthru.postmarketos-image = callPackage ./anbox-image.nix { }; meta = with lib; { homepage = "https://anbox.io"; diff --git a/pkgs/os-specific/linux/anbox/postmarketos-image.nix b/pkgs/os-specific/linux/anbox/postmarketos-image.nix new file mode 100644 index 000000000000..648a1a5ea9a0 --- /dev/null +++ b/pkgs/os-specific/linux/anbox/postmarketos-image.nix @@ -0,0 +1,19 @@ +{ stdenv, fetchurl }: + +let + imgroot = "https://web.archive.org/web/20211027150924/https://anbox.postmarketos.org"; +in + { + armv7l-linux = fetchurl { + url = imgroot + "/android-7.1.2_r39.1-anbox_armv7a_neon-userdebug.img"; + sha256 = "1bgzqw4yp52a2q40dr1jlay1nh73jl5mx6wqsxvpb09xghxsng0a"; + }; + aarch64-linux = fetchurl { + url = imgroot + "/android-7.1.2_r39-anbox_arm64-userdebug.img"; + sha256 = "0dx8mhfcjbkak982zfh65bvy35slz5jk31yl4ara50ryrxsp32nx"; + }; + x86_64-linux = fetchurl { + url = imgroot + "/android-7.1.2_r39-anbox_x86_64-userdebug.img"; + sha256 = "16vmiz5al2r19wjpd44nagvz7d901ljxdms8gjp2w4xz1d91vzpm"; + }; + }.${stdenv.system} or (throw "Unsupported platform ${stdenv.system}") diff --git a/pkgs/os-specific/linux/audit/000-fix-static-attribute-malloc.diff b/pkgs/os-specific/linux/audit/000-fix-static-attribute-malloc.diff deleted file mode 100644 index ce76fc3b87a5..000000000000 --- a/pkgs/os-specific/linux/audit/000-fix-static-attribute-malloc.diff +++ /dev/null @@ -1,12 +0,0 @@ ---- a/auparse/auparse.h -+++ b/auparse/auparse.h -@@ -32,6 +32,9 @@ - # define __attr_dealloc(dealloc, argno) - # define __attr_dealloc_free - #endif -+#ifndef __attribute_malloc__ -+# define __attribute_malloc__ __attribute__ ((__malloc__)) -+#endif - - #ifdef __cplusplus - extern "C" { \ No newline at end of file diff --git a/pkgs/os-specific/linux/audit/001-ignore-flexible-array.patch b/pkgs/os-specific/linux/audit/001-ignore-flexible-array.patch deleted file mode 100644 index e072cc942cfb..000000000000 --- a/pkgs/os-specific/linux/audit/001-ignore-flexible-array.patch +++ /dev/null @@ -1,35 +0,0 @@ -From beed138222421a2eb4212d83cb889404bd7efc49 Mon Sep 17 00:00:00 2001 -From: Sergei Trofimovich <slyich@gmail.com> -Date: Wed, 23 Mar 2022 07:27:05 +0000 -Subject: [PATCH] auditswig.i: avoid setter generation for audit_rule_data::buf - -As it's a flexible array generated code was never safe to use. -With kernel's https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ed98ea2128b6fd83bce13716edf8f5fe6c47f574 -change it's a build failure now: - - audit> audit_wrap.c:5010:15: error: invalid use of flexible array member - audit> 5010 | arg1->buf = (char [])(char *)memcpy(malloc((size)*sizeof(char)), (const char *)(arg2), sizeof(char)*(size)); - audit> | ^ - -Let's avoid setter generation entirely. - -Closes: https://github.com/linux-audit/audit-userspace/issues/252 ---- - bindings/swig/src/auditswig.i | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/bindings/swig/src/auditswig.i b/bindings/swig/src/auditswig.i -index 21aafca31..9a2c5661d 100644 ---- a/bindings/swig/src/auditswig.i -+++ b/bindings/swig/src/auditswig.i -@@ -39,6 +39,10 @@ signed - #define __attribute(X) /*nothing*/ - typedef unsigned __u32; - typedef unsigned uid_t; -+/* Sidestep SWIG's limitation of handling c99 Flexible arrays by not: -+ * generating setters against them: https://github.com/swig/swig/issues/1699 -+ */ -+%ignore audit_rule_data::buf; - %include "/usr/include/linux/audit.h" - #define __extension__ /*nothing*/ - %include <stdint.i> diff --git a/pkgs/os-specific/linux/audit/default.nix b/pkgs/os-specific/linux/audit/default.nix index 0fd96892013d..1e941a13767e 100644 --- a/pkgs/os-specific/linux/audit/default.nix +++ b/pkgs/os-specific/linux/audit/default.nix @@ -18,20 +18,14 @@ stdenv.mkDerivation (finalAttrs: { pname = "audit"; - version = "3.1.1"; + version = "3.1.2"; src = fetchurl { url = "https://people.redhat.com/sgrubb/audit/audit-${finalAttrs.version}.tar.gz"; - hash = "sha256-RuRrN2I8zgnm7hNOeNZor8NPThyHDIU+8S5BkweM/oc="; + hash = "sha256-wLF5LR8KiMbxgocQUJy7mHBZ/GhxLJdmnKkOrhA9KH0="; }; - patches = [ - ./000-fix-static-attribute-malloc.diff - ./001-ignore-flexible-array.patch - ]; - postPatch = '' - sed -i 's,#include <sys/poll.h>,#include <poll.h>\n#include <limits.h>,' audisp/audispd.c substituteInPlace bindings/swig/src/auditswig.i \ --replace "/usr/include/linux/audit.h" \ "${linuxHeaders}/include/linux/audit.h" diff --git a/pkgs/os-specific/linux/bpftrace/default.nix b/pkgs/os-specific/linux/bpftrace/default.nix index 7dca9eee7a0e..044d0509b50b 100644 --- a/pkgs/os-specific/linux/bpftrace/default.nix +++ b/pkgs/os-specific/linux/bpftrace/default.nix @@ -9,23 +9,15 @@ stdenv.mkDerivation rec { pname = "bpftrace"; - version = "0.18.0"; + version = "0.18.1"; src = fetchFromGitHub { owner = "iovisor"; repo = "bpftrace"; rev = "v${version}"; - hash = "sha256-+SBLcMyOf1gZN8dG5xkNLsqIcK1eVlswjY1GRXepFVg="; + hash = "sha256-hwxArrTdjJoab7Twf57PRmRhghV/9EcjRXI0lKRQC0k="; }; - patches = [ - # fails to build - https://github.com/iovisor/bpftrace/issues/2598 - (fetchpatch { - name = "link-binaries-against-zlib"; - url = "https://github.com/iovisor/bpftrace/commit/a60b171eb288250c3f1d6f065b05d8a87aff3cdd.patch"; - hash = "sha256-b/0pKDjolo2RQ/UGjEfmWdG0tnIiFX8PJHhRCXvzyxA="; - }) - ]; buildInputs = with llvmPackages; [ llvm libclang @@ -67,7 +59,9 @@ stdenv.mkDerivation rec { meta = with lib; { description = "High-level tracing language for Linux eBPF"; homepage = "https://github.com/iovisor/bpftrace"; + changelog = "https://github.com/iovisor/bpftrace/releases/tag/v${version}"; + mainProgram = "bpftrace"; license = licenses.asl20; - maintainers = with maintainers; [ rvl thoughtpolice martinetd ]; + maintainers = with maintainers; [ rvl thoughtpolice martinetd mfrw ]; }; } diff --git a/pkgs/os-specific/linux/cryptsetup/default.nix b/pkgs/os-specific/linux/cryptsetup/default.nix index 153719c8b841..5e9e6eca2694 100644 --- a/pkgs/os-specific/linux/cryptsetup/default.nix +++ b/pkgs/os-specific/linux/cryptsetup/default.nix @@ -78,6 +78,7 @@ stdenv.mkDerivation rec { description = "LUKS for dm-crypt"; changelog = "https://gitlab.com/cryptsetup/cryptsetup/-/raw/v${version}/docs/v${version}-ReleaseNotes"; license = lib.licenses.gpl2; + mainProgram = "cryptsetup"; maintainers = with lib.maintainers; [ raitobezarius ]; platforms = with lib.platforms; linux; }; diff --git a/pkgs/os-specific/linux/decklink/default.nix b/pkgs/os-specific/linux/decklink/default.nix new file mode 100644 index 000000000000..63bfe4a63af2 --- /dev/null +++ b/pkgs/os-specific/linux/decklink/default.nix @@ -0,0 +1,52 @@ +{ stdenv +, lib +, blackmagic-desktop-video +, kernel +}: + +stdenv.mkDerivation rec { + pname = "decklink"; + + # the download is a horrible curl mess. we reuse it between the kernel module + # and desktop service, since the version of the two have to match anyways. + # See pkgs/tools/video/blackmagic-desktop-video/default.nix for more. + inherit (blackmagic-desktop-video) src version; + + KERNELDIR = "${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"; + INSTALL_MOD_PATH = placeholder "out"; + + nativeBuildInputs = kernel.moduleBuildDependencies; + + postUnpack = '' + tar xf Blackmagic_Desktop_Video_Linux_${lib.versions.majorMinor version}/other/${stdenv.hostPlatform.uname.processor}/desktopvideo-${version}-${stdenv.hostPlatform.uname.processor}.tar.gz + moduleRoot=$NIX_BUILD_TOP/desktopvideo-${version}-${stdenv.hostPlatform.uname.processor}/usr/src + ''; + + + buildPhase = '' + runHook preBuild + + make -C $moduleRoot/blackmagic-${version} -j$NIX_BUILD_CORES + make -C $moduleRoot/blackmagic-io-${version} -j$NIX_BUILD_CORES + + runHook postBuild + ''; + + installPhase = '' + runHook preInstall + + make -C $KERNELDIR M=$moduleRoot/blackmagic-${version} modules_install + make -C $KERNELDIR M=$moduleRoot/blackmagic-io-${version} modules_install + + runHook postInstall + ''; + + meta = with lib; { + homepage = "https://www.blackmagicdesign.com/support/family/capture-and-playback"; + maintainers = [ maintainers.hexchen ]; + license = licenses.unfree; + description = "Kernel module for the Blackmagic Design Decklink cards"; + sourceProvenance = with lib.sourceTypes; [ binaryFirmware ]; + platforms = platforms.linux; + }; +} diff --git a/pkgs/os-specific/linux/ena/default.nix b/pkgs/os-specific/linux/ena/default.nix index abc116efdcb2..b6ed869a71f5 100644 --- a/pkgs/os-specific/linux/ena/default.nix +++ b/pkgs/os-specific/linux/ena/default.nix @@ -1,33 +1,16 @@ -{ lib, stdenv, fetchFromGitHub, fetchpatch, kernel }: +{ lib, stdenv, fetchFromGitHub, kernel }: stdenv.mkDerivation rec { - version = "2.8.6"; + version = "2.8.9"; name = "ena-${version}-${kernel.version}"; src = fetchFromGitHub { owner = "amzn"; repo = "amzn-drivers"; rev = "ena_linux_${version}"; - hash = "sha256-clRu+ecK/Je0kvlAAm6qCJqMyvZv0C88YIGDImhRhKA="; + hash = "sha256-9Csrq9wM7Q99qPj7+NlnQgP6KcciNHMbAAb+Wg7eYAU="; }; - patches = - [ # https://github.com/amzn/amzn-drivers/issues/269#issuecomment-1552483792 - (fetchpatch { - url = "https://github.com/amzn/amzn-drivers/files/11504862/phc_kernel_6_2_fix.patch"; - hash = "sha256-/EBkISwXMd7t4WZjsG9KVP6vncFwcZq1QBsxQLXyWsY="; - }) - # https://github.com/amzn/amzn-drivers/issues/270#issuecomment-1561924754 - (fetchpatch { - url = "https://github.com/amzn/amzn-drivers/files/11559312/devlink_6_2_fix.patch"; - hash = "sha256-Nc71u91G0dL+ld6ovqjHaE6X2TxduWeQYr5K0KdoA3Q="; - }) - (fetchpatch { - url = "https://github.com/amzn/amzn-drivers/files/11559314/devlink_6_3_fix.patch"; - hash = "sha256-aEQTbwHC1DcDrtj188eoGzi3GU9MXnwIxuJW4L7qb/I="; - }) - ]; - hardeningDisable = [ "pic" ]; nativeBuildInputs = kernel.moduleBuildDependencies; diff --git a/pkgs/os-specific/linux/fw-ectool/default.nix b/pkgs/os-specific/linux/fw-ectool/default.nix new file mode 100644 index 000000000000..a73cc1896ecd --- /dev/null +++ b/pkgs/os-specific/linux/fw-ectool/default.nix @@ -0,0 +1,41 @@ +{ stdenv +, lib +, fetchFromGitHub +, pkg-config +, hostname +}: + +stdenv.mkDerivation { + pname = "fw-ectool"; + version = "unstable-2022-12-03"; + + src = fetchFromGitHub { + owner = "DHowett"; + repo = "fw-ectool"; + rev = "54c140399bbc3e6a3dce6c9f842727c4128367be"; + hash = "sha256-2teJFz4zcA+USpbVPXMEIHLdmMLem8ik7YrmrSxr/n0="; + }; + + nativeBuildInputs = [ + pkg-config + hostname + ]; + + buildPhase = '' + patchShebangs util + make out=out utils + ''; + + installPhase = '' + install -D out/util/ectool $out/bin/ectool + ''; + + meta = with lib; { + description = "EC-Tool adjusted for usage with framework embedded controller"; + homepage = "https://github.com/DHowett/framework-ec"; + license = licenses.bsd3; + maintainers = [ maintainers.mkg20001 ]; + platforms = platforms.linux; + mainProgram = "ectool"; + }; +} diff --git a/pkgs/os-specific/linux/intel-cmt-cat/default.nix b/pkgs/os-specific/linux/intel-cmt-cat/default.nix index e110d201a2db..9429bd28306d 100644 --- a/pkgs/os-specific/linux/intel-cmt-cat/default.nix +++ b/pkgs/os-specific/linux/intel-cmt-cat/default.nix @@ -1,14 +1,14 @@ { lib, stdenv, fetchFromGitHub }: stdenv.mkDerivation rec { - version = "4.6.0"; + version = "23.08"; pname = "intel-cmt-cat"; src = fetchFromGitHub { owner = "intel"; repo = "intel-cmt-cat"; rev = "v${version}"; - sha256 = "sha256-Bw/WY30ytvwBo+OZ27WG2aY3YN9xczdjs4jcHR/Tv/w="; + sha256 = "sha256-T97cTJLGSJgOoQFgL/lI+AldqsCEcHilhTTDZy+pmU8="; }; enableParallelBuilding = true; diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index f3ffbde6f1d9..ab62028af7bc 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -2,71 +2,71 @@ "4.14": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-4.14.323-hardened1.patch", - "sha256": "0id59byd331mz8ga02gbs3g1q0y4n2wz6mi9s0dmp1yjagjd9m70", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.323-hardened1/linux-hardened-4.14.323-hardened1.patch" + "name": "linux-hardened-4.14.325-hardened1.patch", + "sha256": "1mc1pyjjksg2f4189wyas55ax8czzhai2i3jc6n7l9jmfwj7xr9q", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.325-hardened1/linux-hardened-4.14.325-hardened1.patch" }, - "sha256": "1g2fh0mn1sv0kq2hh3pynmx2fjai7hdwhf4fnaspl7j5n88902kg", - "version": "4.14.323" + "sha256": "117p1mdha57f6d3kdwac9jrbmib7g77q4xhir8ghl6fmrs1f2sav", + "version": "4.14.325" }, "4.19": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-4.19.292-hardened1.patch", - "sha256": "1na729sricp347jqp3y2j4yxxg84haa62mwmj9zq0pa1k6f037ph", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.292-hardened1/linux-hardened-4.19.292-hardened1.patch" + "name": "linux-hardened-4.19.294-hardened1.patch", + "sha256": "1s70vz8rai1z440rmwzipwpq7wa7p2bvri43zmkbisrfggm1lz2r", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.294-hardened1/linux-hardened-4.19.294-hardened1.patch" }, - "sha256": "0dr12v4jqmzxcqdghqqjny5zp3g4dx9lxqrl9d4fxz23s79ji5rl", - "version": "4.19.292" + "sha256": "03x0xsb8a369zdr81hg6xdl5n5v48k6iwnhj6r29725777lvvbfc", + "version": "4.19.294" }, "5.10": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-5.10.191-hardened1.patch", - "sha256": "02949v0qrr4b76g9rl1z8lkdfv3mc1pfb4h14z9bd0dqg5shlz0j", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.191-hardened1/linux-hardened-5.10.191-hardened1.patch" + "name": "linux-hardened-5.10.194-hardened1.patch", + "sha256": "1ba8ridhjz9y8ap1wgp7z41jmwzx8j0bxkyp1zjfls1z7mqq4vpf", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.194-hardened1/linux-hardened-5.10.194-hardened1.patch" }, - "sha256": "1hk2x5dgvfq9v6161v25wz5qpzgyvqbx34xbm7ww8z4ish76cm6b", - "version": "5.10.191" + "sha256": "15fr7krhpmqz0xqjg78m2xvfllbni3xh8xyhxh9ni31ppd3mw394", + "version": "5.10.194" }, "5.15": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-5.15.127-hardened1.patch", - "sha256": "13z0x45jig81f3vhb5w3lvb554b78888grp7w60sqgglx7bckspb", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.15.127-hardened1/linux-hardened-5.15.127-hardened1.patch" + "name": "linux-hardened-5.15.130-hardened1.patch", + "sha256": "12wm6kyg63rg1lk1w9208vpcm71cjy236rjp9gf8mfx7iraqssl7", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.15.130-hardened1/linux-hardened-5.15.130-hardened1.patch" }, - "sha256": "09lgj9hs1cjxg84hb7avras4rlsx18igr69mx433l9hv6issbl5d", - "version": "5.15.127" + "sha256": "0qix62jsn3z9yccakac7fvqnip19zi05qn0w5wkgb7rj0x0lwimb", + "version": "5.15.130" }, "5.4": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-5.4.254-hardened1.patch", - "sha256": "0yh5kb23lp89qnk90lz73j101bg20npr7clx0y8zmg6dihls764z", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.254-hardened1/linux-hardened-5.4.254-hardened1.patch" + "name": "linux-hardened-5.4.256-hardened1.patch", + "sha256": "1rsp30g5xry5y95mz0i6walkcxj6abyrsaq3fwhz0ka6nq6g7w82", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.256-hardened1/linux-hardened-5.4.256-hardened1.patch" }, - "sha256": "1iyrm2xql15ifhy2b939ywrrc44yd41b79sjjim4vqxmc6lqsq2i", - "version": "5.4.254" + "sha256": "0fim5q9xakwnjfg48bpsic9r2r8dvrjlalqqkm9vh1rml9mhi967", + "version": "5.4.256" }, "6.1": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-6.1.47-hardened1.patch", - "sha256": "0wgsjb05m9f0fgv4vj0m0ll9bx22z894qlpwb45b33mq66fvbgwn", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.1.47-hardened1/linux-hardened-6.1.47-hardened1.patch" + "name": "linux-hardened-6.1.51-hardened1.patch", + "sha256": "0nbf7j3hwlsvh8f4mmc9w2gqdcj8lyx1hxrz91y2hwlqlqjx7w4p", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.1.51-hardened1/linux-hardened-6.1.51-hardened1.patch" }, - "sha256": "1azwvlzyp1s2adm17ic0jfmv3ph70wqzycb8s96z9987y1m8pmck", - "version": "6.1.47" + "sha256": "0fqhmb6v28rssd44z7jw57mwvvskpl4kabjylck0pg54irnl9c2q", + "version": "6.1.51" }, "6.4": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-6.4.12-hardened1.patch", - "sha256": "0xkcvyy2ii5wfdw8h21svcsz3s3q0qk4yx7dxzbrisap10d79l51", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.4.12-hardened1/linux-hardened-6.4.12-hardened1.patch" + "name": "linux-hardened-6.4.14-hardened1.patch", + "sha256": "1cw0zyjxbfprb2m2kjrpz8s56axbzhnwj8hg9b0486nsqz5s66bs", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.4.14-hardened1/linux-hardened-6.4.14-hardened1.patch" }, - "sha256": "0x56b4hslm730ghvggz41fjkbzlnxp6k8857dn7iy27yavlipafc", - "version": "6.4.12" + "sha256": "1rjh0jrn5qvxwzmyg478n08vckkld8r52nkc102ppqvsfhiy7skm", + "version": "6.4.14" } } diff --git a/pkgs/os-specific/linux/kernel/linux-5.15.nix b/pkgs/os-specific/linux/kernel/linux-5.15.nix index 905ce00cfc43..e189e7201088 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.15.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.15.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.15.130"; + version = "5.15.131"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = versions.pad 3 version; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "0qix62jsn3z9yccakac7fvqnip19zi05qn0w5wkgb7rj0x0lwimb"; + sha256 = "0sacnbw48lblnqaj56nybh588sq4k84gwf0r5zinzyrryj8k6z4r"; }; } // (args.argsOverride or { })) diff --git a/pkgs/os-specific/linux/kernel/linux-6.1.nix b/pkgs/os-specific/linux/kernel/linux-6.1.nix index 75e3abd118e6..9e14c7a6117e 100644 --- a/pkgs/os-specific/linux/kernel/linux-6.1.nix +++ b/pkgs/os-specific/linux/kernel/linux-6.1.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "6.1.51"; + version = "6.1.52"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = versions.pad 3 version; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v6.x/linux-${version}.tar.xz"; - sha256 = "0fqhmb6v28rssd44z7jw57mwvvskpl4kabjylck0pg54irnl9c2q"; + sha256 = "0lis73mxnl7hxz8lyja6sfgmbym944l3k1h7dab6b4mw1nckfxsn"; }; } // (args.argsOverride or { })) diff --git a/pkgs/os-specific/linux/kernel/linux-6.4.nix b/pkgs/os-specific/linux/kernel/linux-6.4.nix index 1cf9f26ba8ae..b5d9d6451324 100644 --- a/pkgs/os-specific/linux/kernel/linux-6.4.nix +++ b/pkgs/os-specific/linux/kernel/linux-6.4.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "6.4.14"; + version = "6.4.15"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = versions.pad 3 version; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v6.x/linux-${version}.tar.xz"; - sha256 = "1rjh0jrn5qvxwzmyg478n08vckkld8r52nkc102ppqvsfhiy7skm"; + sha256 = "1phlx375ln5pslw5vjqm029cdv6pzf4ang10xlrf90x5sb4fgy93"; }; } // (args.argsOverride or { })) diff --git a/pkgs/os-specific/linux/kernel/linux-6.5.nix b/pkgs/os-specific/linux/kernel/linux-6.5.nix index 3c2badfc6272..341cc84be74d 100644 --- a/pkgs/os-specific/linux/kernel/linux-6.5.nix +++ b/pkgs/os-specific/linux/kernel/linux-6.5.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "6.5.1"; + version = "6.5.2"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = versions.pad 3 version; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v6.x/linux-${version}.tar.xz"; - hash = "sha256-I3Zd1EQlRizZKtvuUmcGCP1/P9GDqDslunp7SIPQRRs="; + hash = "sha256-ICfhQFfVaK093BANrfTIhTpJsDEnBHimHYj2ARVyZQ8="; }; } // (args.argsOverride or { })) diff --git a/pkgs/os-specific/linux/kernel/manual-config.nix b/pkgs/os-specific/linux/kernel/manual-config.nix index 61013ef090af..8dd92c99db4a 100644 --- a/pkgs/os-specific/linux/kernel/manual-config.nix +++ b/pkgs/os-specific/linux/kernel/manual-config.nix @@ -352,6 +352,9 @@ let maintainers.thoughtpolice ]; platforms = platforms.linux; + badPlatforms = + lib.optionals (lib.versionOlder version "4.15") [ "riscv32-linux" "riscv64-linux" ] ++ + lib.optional (lib.versionOlder version "5.19") "loongarch64-linux"; timeout = 14400; # 4 hours } // extraMeta; }; diff --git a/pkgs/os-specific/linux/kernel/zen-kernels.nix b/pkgs/os-specific/linux/kernel/zen-kernels.nix index 7c32a5dae5c4..3db9dcf31016 100644 --- a/pkgs/os-specific/linux/kernel/zen-kernels.nix +++ b/pkgs/os-specific/linux/kernel/zen-kernels.nix @@ -4,16 +4,16 @@ let # comments with variant added for update script # ./update-zen.py zen zenVariant = { - version = "6.4.7"; #zen + version = "6.5.2"; #zen suffix = "zen1"; #zen - sha256 = "1xxznqkgn17sh134c4szjhk8im342zh7z6200k3csnqd9fink2r7"; #zen + sha256 = "0rvf07i80cfrlpd7mfbba6dhzznh47zjw1pmiw04104z9lm84faq"; #zen isLqx = false; }; # ./update-zen.py lqx lqxVariant = { - version = "6.4.7"; #lqx + version = "6.4.14"; #lqx suffix = "lqx1"; #lqx - sha256 = "055l8l83368858ap1pslxcs76hkms8ik627v7d7wczm9f1vldbln"; #lqx + sha256 = "1f85g081ijv2f1yclnhyci69ad8n1amcv9ccg3ma6mkf1n3qw6kk"; #lqx isLqx = true; }; zenKernelsFor = { version, suffix, sha256, isLqx }: buildLinux (args // { diff --git a/pkgs/os-specific/linux/libnvme/default.nix b/pkgs/os-specific/linux/libnvme/default.nix index 029deb0b48a2..fa7af44298a0 100644 --- a/pkgs/os-specific/linux/libnvme/default.nix +++ b/pkgs/os-specific/linux/libnvme/default.nix @@ -65,7 +65,7 @@ stdenv.mkDerivation rec { meta = with lib; { description = "C Library for NVM Express on Linux"; homepage = "https://github.com/linux-nvme/libnvme"; - maintainers = with maintainers; [ zseri ]; + maintainers = [ maintainers.fogti ]; license = with licenses; [ lgpl21Plus ]; platforms = platforms.linux; }; diff --git a/pkgs/os-specific/linux/libzbc/default.nix b/pkgs/os-specific/linux/libzbc/default.nix index 9c70d9a19b0a..94f5c93f949b 100644 --- a/pkgs/os-specific/linux/libzbc/default.nix +++ b/pkgs/os-specific/linux/libzbc/default.nix @@ -31,7 +31,7 @@ stdenv.mkDerivation rec { meta = with lib; { description = "ZBC device manipulation library"; homepage = "https://github.com/westerndigitalcorporation/libzbc"; - maintainers = with maintainers; [ zseri ]; + maintainers = [ maintainers.fogti ]; license = with licenses; [ bsd2 lgpl3Plus ]; platforms = platforms.linux; }; diff --git a/pkgs/os-specific/linux/libzbd/default.nix b/pkgs/os-specific/linux/libzbd/default.nix index c5d8e9cf80a4..0c77f73cf2fc 100644 --- a/pkgs/os-specific/linux/libzbd/default.nix +++ b/pkgs/os-specific/linux/libzbd/default.nix @@ -33,7 +33,7 @@ stdenv.mkDerivation rec { meta = with lib; { description = "Zoned block device manipulation library and tools"; homepage = "https://github.com/westerndigitalcorporation/libzbd"; - maintainers = with maintainers; [ zseri ]; + maintainers = [ maintainers.fogti ]; license = with licenses; [ lgpl3Plus gpl3Plus ]; platforms = platforms.linux; }; diff --git a/pkgs/os-specific/linux/linuxptp/default.nix b/pkgs/os-specific/linux/linuxptp/default.nix index fb7f410db8dc..e5a1443d3225 100644 --- a/pkgs/os-specific/linux/linuxptp/default.nix +++ b/pkgs/os-specific/linux/linuxptp/default.nix @@ -3,11 +3,11 @@ stdenv.mkDerivation rec { pname = "linuxptp"; - version = "4.0"; + version = "4.1"; src = fetchurl { url = "mirror://sourceforge/linuxptp/${pname}-${version}.tgz"; - hash = "sha256-0n1e8pa7PSheIuafda4CO0tCovRlUTDW05DYr8vD2TM="; + hash = "sha256-4XQ9RPggiJfjCJXaNXnmcP+Rm5FP60talJ8+Qh3d5TU="; }; postPatch = '' diff --git a/pkgs/os-specific/linux/lvm2/2_03.nix b/pkgs/os-specific/linux/lvm2/2_03.nix index e054d3dbfc9c..b2f6b0aa8a23 100644 --- a/pkgs/os-specific/linux/lvm2/2_03.nix +++ b/pkgs/os-specific/linux/lvm2/2_03.nix @@ -1,4 +1,4 @@ import ./common.nix { - version = "2.03.21"; - hash = "sha256-HiYZIdYhmYrcN5YMYV3nhMYUXH9zeoC3gfMQj77Gen4="; + version = "2.03.22"; + hash = "sha256-TFppI70aznzgRHRgioSTfOBTupGxrOnwsAFyaOcy3Hw="; } diff --git a/pkgs/os-specific/linux/nixos-rebuild/default.nix b/pkgs/os-specific/linux/nixos-rebuild/default.nix index b871c63e36d3..c6ec0866791e 100644 --- a/pkgs/os-specific/linux/nixos-rebuild/default.nix +++ b/pkgs/os-specific/linux/nixos-rebuild/default.nix @@ -3,6 +3,8 @@ , coreutils , gnused , gnugrep +, jq +, util-linux , nix , lib , nixosTests @@ -20,7 +22,7 @@ substituteAll { nix_x86_64_linux = fallback.x86_64-linux; nix_i686_linux = fallback.i686-linux; nix_aarch64_linux = fallback.aarch64-linux; - path = lib.makeBinPath [ coreutils gnused gnugrep ]; + path = lib.makeBinPath [ coreutils gnused gnugrep jq util-linux ]; nativeBuildInputs = [ installShellFiles ]; diff --git a/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.8 b/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.8 index 64bbbee411d7..b0ff5b0a672f 100644 --- a/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.8 +++ b/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.8 @@ -10,7 +10,7 @@ .Sh SYNOPSIS .Nm .Bro -.Cm switch | boot | test | build | dry-build | dry-activate | edit | build-vm | build-vm-with-bootloader +.Cm switch | boot | test | build | dry-build | dry-activate | edit | build-vm | build-vm-with-bootloader | list-generations Op Fl -json .Brc .br .Op Fl -upgrade | -upgrade-all @@ -196,6 +196,14 @@ The boot loader is installed on an automatically generated virtual disk containing a .Pa /boot partition. +. +.It Cm list-generations Op Fl -json +List the available generations in a similar manner to the boot loader +menu. It shows the generation number, build date and time, NixOS version, +kernel version and the configuration revision. This is useful to get +information e.g. for which generation to roll back to with +.Ic nixos-rebuild switch Fl -generation Ar N +There is also a json version of output available. .El . . diff --git a/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh b/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh index 89871056c482..2f89642845e2 100755 --- a/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh +++ b/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh @@ -36,6 +36,7 @@ verboseScript= noFlake= # comma separated list of vars to preserve when using sudo preservedSudoVars=NIXOS_INSTALL_BOOTLOADER +json= # log the given argument to stderr log() { @@ -48,7 +49,7 @@ while [ "$#" -gt 0 ]; do --help) showSyntax ;; - switch|boot|test|build|edit|dry-build|dry-run|dry-activate|build-vm|build-vm-with-bootloader) + switch|boot|test|build|edit|dry-build|dry-run|dry-activate|build-vm|build-vm-with-bootloader|list-generations) if [ "$i" = dry-run ]; then i=dry-build; fi # exactly one action mandatory, bail out if multiple are given if [ -n "$action" ]; then showSyntax; fi @@ -146,6 +147,9 @@ while [ "$#" -gt 0 ]; do k="$1"; shift 1 lockFlags+=("$i" "$j" "$k") ;; + --json) + json=1 + ;; *) log "$0: unknown option \`$i'" exit 1 @@ -507,6 +511,87 @@ if [ "$action" = dry-build ]; then extraBuildFlags+=(--dry-run) fi +if [ "$action" = list-generations ]; then + if [ ! -L "$profile" ]; then + log "No profile \`$(basename "$profile")' found" + exit 1 + fi + + generation_from_dir() { + generation_dir="$1" + generation_base="$(basename "$generation_dir")" # Has the format "system-123-link" for generation 123 + no_link_gen="${generation_base%-link}" # remove the "-link" + echo "${no_link_gen##*-}" # remove everything before the last dash + } + describe_generation(){ + generation_dir="$1" + generation_number="$(generation_from_dir "$generation_dir")" + nixos_version="$(cat "$generation_dir/nixos-version" 2> /dev/null || echo "Unknown")" + + kernel_dir="$(dirname "$(realpath "$generation_dir/kernel")")" + kernel_version="$(ls "$kernel_dir/lib/modules" || echo "Unknown")" + + configurationRevision="$("$generation_dir/sw/bin/nixos-version" --configuration-revision 2> /dev/null || true)" + + # Old nixos-version output ignored unknown flags and just printed the version + # therefore the following workaround is done not to show the default output + nixos_version_default="$("$generation_dir/sw/bin/nixos-version")" + if [ "$configurationRevision" == "$nixos_version_default" ]; then + configurationRevision="" + fi + + # jq automatically quotes the output => don't try to quote it in output! + build_date="$(stat "$generation_dir" --format=%W | jq 'todate')" + + pushd "$generation_dir/specialisation/" > /dev/null || : + specialisation_list=(*) + popd > /dev/null || : + + specialisations="$(jq --compact-output --null-input '$ARGS.positional' --args -- "${specialisation_list[@]}")" + + if [ "$(basename "$generation_dir")" = "$(readlink "$profile")" ]; then + current_generation_tag="true" + else + current_generation_tag="false" + fi + + # Escape userdefined strings + nixos_version="$(jq -aR <<< "$nixos_version")" + kernel_version="$(jq -aR <<< "$kernel_version")" + configurationRevision="$(jq -aR <<< "$configurationRevision")" + cat << EOF +{ + "generation": $generation_number, + "date": $build_date, + "nixosVersion": $nixos_version, + "kernelVersion": $kernel_version, + "configurationRevision": $configurationRevision, + "specialisations": $specialisations, + "current": $current_generation_tag +} +EOF + } + + find "$(dirname "$profile")" -regex "$profile-[0-9]+-link" | + sort -Vr | + while read -r generation_dir; do + describe_generation "$generation_dir" + done | + if [ -z "$json" ]; then + jq --slurp -r '.[] | [ + ([.generation, (if .current == true then "current" else "" end)] | join(" ")), + (.date | fromdate | strflocaltime("%Y-%m-%d %H:%M:%S")), + .nixosVersion, .kernelVersion, .configurationRevision, + (.specialisations | join(" ")) + ] | @tsv' | + column --separator $'\t' --table --table-columns "Generation,Build-date,NixOS version,Kernel,Configuration Revision,Specialisation" | + ${PAGER:cat} + else + jq --slurp . + fi + exit 0 +fi + # Either upgrade the configuration in the system profile (for "switch" # or "boot"), or just build it and create a symlink "result" in the diff --git a/pkgs/os-specific/linux/pam_mount/default.nix b/pkgs/os-specific/linux/pam_mount/default.nix index 1613e11e0280..2ed6829f3614 100644 --- a/pkgs/os-specific/linux/pam_mount/default.nix +++ b/pkgs/os-specific/linux/pam_mount/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "pam_mount"; - version = "2.19"; + version = "2.20"; src = fetchurl { - url = "mirror://sourceforge/pam-mount/pam_mount/${pname}-${version}.tar.xz"; - sha256 = "02m6w04xhgv2yx69yxph8giw0sp39s9lvvlffslyna46fnr64qvb"; + url = "https://inai.de/files/pam_mount/${pname}-${version}.tar.xz"; + hash = "sha256-VCYgekhWgPjhdkukBbs4w5pODIMGvIJxkQ8bgZozbO0="; }; patches = [ diff --git a/pkgs/os-specific/linux/pax-utils/default.nix b/pkgs/os-specific/linux/pax-utils/default.nix index 1c1edc5abce0..1d27cf80e4da 100644 --- a/pkgs/os-specific/linux/pax-utils/default.nix +++ b/pkgs/os-specific/linux/pax-utils/default.nix @@ -4,7 +4,7 @@ , buildPackages , docbook_xml_dtd_44 , docbook_xsl -, libcap +, withLibcap ? stdenv.isLinux, libcap , pkg-config , meson , ninja @@ -25,9 +25,13 @@ stdenv.mkDerivation rec { strictDeps = true; + mesonFlags = [ + (lib.mesonEnable "use_libcap" withLibcap) + ]; + depsBuildBuild = [ buildPackages.stdenv.cc ]; nativeBuildInputs = [ docbook_xml_dtd_44 docbook_xsl meson ninja pkg-config xmlto ]; - buildInputs = [ libcap ]; + buildInputs = lib.optionals withLibcap [ libcap ]; # Needed for lddtree propagatedBuildInputs = [ (python3.withPackages (p: with p; [ pyelftools ])) ]; diff --git a/pkgs/os-specific/linux/pflask/default.nix b/pkgs/os-specific/linux/pflask/default.nix index 1270a9b9494f..9d7eac8bee1e 100644 --- a/pkgs/os-specific/linux/pflask/default.nix +++ b/pkgs/os-specific/linux/pflask/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchFromGitHub, fetchpatch, python3, wafHook }: +{ lib, stdenv, fetchFromGitHub, fetchpatch, python3, waf }: stdenv.mkDerivation rec { pname = "pflask"; @@ -21,7 +21,7 @@ stdenv.mkDerivation rec { }) ]; - nativeBuildInputs = [ python3 wafHook ]; + nativeBuildInputs = [ python3 waf.hook ]; postInstall = '' mkdir -p $out/bin diff --git a/pkgs/os-specific/linux/sysstat/default.nix b/pkgs/os-specific/linux/sysstat/default.nix index ce7aa5f753f2..303935d8adb4 100644 --- a/pkgs/os-specific/linux/sysstat/default.nix +++ b/pkgs/os-specific/linux/sysstat/default.nix @@ -1,12 +1,19 @@ -{ lib, stdenv, fetchurl, gettext, bzip2 }: +{ lib +, stdenv +, fetchFromGitHub +, gettext +, bzip2 +}: stdenv.mkDerivation rec { pname = "sysstat"; - version = "12.6.2"; + version = "12.7.4"; - src = fetchurl { - url = "http://pagesperso-orange.fr/sebastien.godard/sysstat-${version}.tar.xz"; - hash = "sha256-PncTSu2qb8V9l0XaZ+39iZDhmt7nGsRxliKSYcVj+0g="; + src = fetchFromGitHub { + owner = pname; + repo = pname; + rev = "refs/tags/v${version}"; + hash = "sha256-ELmSzWnJ8vGwGPwY/5MFp/2gQhMXMjNG4bHtCplfQSc="; }; buildInputs = [ gettext ]; diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index ed4204b9d11a..338f0c7463c0 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -95,6 +95,7 @@ , withDocumentation ? true , withEfi ? stdenv.hostPlatform.isEfi , withFido2 ? true +, withFirstboot ? false # conflicts with the NixOS /etc management , withHomed ? !stdenv.hostPlatform.isMusl , withHostnamed ? true , withHwdb ? true @@ -121,6 +122,7 @@ , withRemote ? !stdenv.hostPlatform.isMusl , withResolved ? true , withShellCompletions ? true +, withSysusers ? false # conflicts with the NixOS user management , withTimedated ? true , withTimesyncd ? true , withTpm2Tss ? true @@ -494,6 +496,8 @@ stdenv.mkDerivation (finalAttrs: { "-Dlibcurl=${lib.boolToString wantCurl}" "-Dlibidn=false" "-Dlibidn2=${lib.boolToString withLibidn2}" + "-Dfirstboot=${lib.boolToString withFirstboot}" + "-Dsysusers=${lib.boolToString withSysusers}" "-Dquotacheck=false" "-Dldconfig=false" "-Dsmack=true" diff --git a/pkgs/os-specific/linux/vmware/default.nix b/pkgs/os-specific/linux/vmware/default.nix index 73c579288bca..aeb6afec24af 100644 --- a/pkgs/os-specific/linux/vmware/default.nix +++ b/pkgs/os-specific/linux/vmware/default.nix @@ -1,14 +1,16 @@ -{ lib, stdenv, fetchFromGitHub, kernel, kmod, gnugrep, vmware-workstation }: +{ lib, stdenv, fetchFromGitHub, kernel, kmod, gnugrep }: stdenv.mkDerivation rec { pname = "vmware-modules"; - version = "${vmware-workstation.version}-${kernel.version}"; + version = "workstation-17.0.2-2023-08-12-${kernel.version}"; src = fetchFromGitHub { owner = "mkubecek"; repo = "vmware-host-modules"; - rev = "w${vmware-workstation.version}"; - sha256 = "sha256-EHMiSmljpUjYuZH6r/0Vk5OVGeyQyNngy0AVJO/48a0="; + # Developer no longer provides tags for kernel compatibility fixes + # Commit hash for branch workstation-17.0.2 as of 2023-08-12 + rev = "8b2d31498a8df9b1215f407c989b065953b73455"; + sha256 = "sha256-R0nY4O3ASQkOop+ddU4k72HiIJU/aJz0l3lkJN/kuHc="; }; hardeningDisable = [ "pic" ]; |