diff options
Diffstat (limited to 'pkgs/os-specific')
29 files changed, 243 insertions, 148 deletions
diff --git a/pkgs/os-specific/linux/bluez/bluez-5.37-obexd_without_systemd-1.patch b/pkgs/os-specific/linux/bluez/bluez-5.37-obexd_without_systemd-1.patch new file mode 100644 index 000000000000..749787c5b3a7 --- /dev/null +++ b/pkgs/os-specific/linux/bluez/bluez-5.37-obexd_without_systemd-1.patch @@ -0,0 +1,61 @@ +Submitted By: Armin K. <krejzi at email dot com> +Date: 2013-04-29 +Initial Package Version: 5.17 +Upstream Status: unknown +Origin: Arch Linux (Giovanni Campagna) +Description: Allow using obexd without systemd in the user session + +Not all sessions run systemd --user (actually, the majority +doesn't), so the dbus daemon must be able to spawn obexd +directly, and to do so it needs the full path of the daemon. +--- + Makefile.obexd | 4 ++-- + obexd/src/org.bluez.obex.service | 4 ---- + obexd/src/org.bluez.obex.service.in | 4 ++++ + 3 files changed, 6 insertions(+), 6 deletions(-) + delete mode 100644 obexd/src/org.bluez.obex.service + create mode 100644 obexd/src/org.bluez.obex.service.in + +diff --git a/Makefile.obexd b/Makefile.obexd +index 3760867..142e7c3 100644 +--- a/Makefile.obexd ++++ b/Makefile.obexd +@@ -2,12 +2,12 @@ + if SYSTEMD + systemduserunitdir = @SYSTEMD_USERUNITDIR@ + systemduserunit_DATA = obexd/src/obex.service ++endif + + dbussessionbusdir = @DBUS_SESSIONBUSDIR@ + dbussessionbus_DATA = obexd/src/org.bluez.obex.service +-endif + +-EXTRA_DIST += obexd/src/obex.service.in obexd/src/org.bluez.obex.service ++EXTRA_DIST += obexd/src/obex.service.in obexd/src/org.bluez.obex.service.in + + obex_plugindir = $(libdir)/obex/plugins + +diff --git a/obexd/src/org.bluez.obex.service b/obexd/src/org.bluez.obex.service +deleted file mode 100644 +index a538088..0000000 +--- a/obexd/src/org.bluez.obex.service ++++ /dev/null +@@ -1,4 +0,0 @@ +-[D-BUS Service] +-Name=org.bluez.obex +-Exec=/bin/false +-SystemdService=dbus-org.bluez.obex.service +diff --git a/obexd/src/org.bluez.obex.service.in b/obexd/src/org.bluez.obex.service.in +new file mode 100644 +index 0000000..9c815f2 +--- /dev/null ++++ b/obexd/src/org.bluez.obex.service.in +@@ -0,0 +1,4 @@ ++[D-BUS Service] ++Name=org.bluez.obex ++Exec=@libexecdir@/obexd ++SystemdService=dbus-org.bluez.obex.service +-- +1.8.3.1 + + diff --git a/pkgs/os-specific/linux/bluez/bluez5.nix b/pkgs/os-specific/linux/bluez/bluez5.nix index 20fa830e3201..90ff4e280211 100644 --- a/pkgs/os-specific/linux/bluez/bluez5.nix +++ b/pkgs/os-specific/linux/bluez/bluez5.nix @@ -23,6 +23,8 @@ stdenv.mkDerivation rec { # gstreamer gst_plugins_base ]; + patches = [ ./bluez-5.37-obexd_without_systemd-1.patch ]; + preConfigure = '' substituteInPlace tools/hid2hci.rules --replace /sbin/udevadm ${systemd}/bin/udevadm substituteInPlace tools/hid2hci.rules --replace "hid2hci " "$out/lib/udev/hid2hci " @@ -68,6 +70,7 @@ stdenv.mkDerivation rec { # for bluez4 compatibility for NixOS mkdir $out/sbin ln -s ../libexec/bluetooth/bluetoothd $out/sbin/bluetoothd + ln -s ../libexec/bluetooth/obexd $out/sbin/obexd ''; meta = with stdenv.lib; { diff --git a/pkgs/os-specific/linux/bluez/bluez5_28.nix b/pkgs/os-specific/linux/bluez/bluez5_28.nix index ba3f478ddc22..68db9345bd0e 100644 --- a/pkgs/os-specific/linux/bluez/bluez5_28.nix +++ b/pkgs/os-specific/linux/bluez/bluez5_28.nix @@ -68,6 +68,7 @@ stdenv.mkDerivation rec { # for bluez4 compatibility for NixOS mkdir $out/sbin ln -s ../libexec/bluetooth/bluetoothd $out/sbin/bluetoothd + ln -s ../libexec/bluetooth/obexd $out/sbin/obexd ''; meta = with stdenv.lib; { diff --git a/pkgs/os-specific/linux/drbd/default.nix b/pkgs/os-specific/linux/drbd/default.nix index 95c851da30f8..60615fb1e5be 100644 --- a/pkgs/os-specific/linux/drbd/default.nix +++ b/pkgs/os-specific/linux/drbd/default.nix @@ -29,7 +29,7 @@ stdenv.mkDerivation rec { makeFlags = "SHELL=${stdenv.shell}"; - installFlags = "localstatedir=$(TMPDIR)/var sysconfdir=$(out)/etc INITDIR=$(out)/etc/init.d"; + installFlags = "localstatedir=$(TMPDIR)/var sysconfdir=$(out)/etc INITDIR=$(out)/etc/init.d DESTDIR=$(out)"; meta = { homepage = http://www.drbd.org/; diff --git a/pkgs/os-specific/linux/facetimehd/default.nix b/pkgs/os-specific/linux/facetimehd/default.nix new file mode 100644 index 000000000000..06e6abfe4177 --- /dev/null +++ b/pkgs/os-specific/linux/facetimehd/default.nix @@ -0,0 +1,34 @@ +{ stdenv, fetchFromGitHub, kernel }: + +# facetimehd is not supported for kernels older than 3.19"; +assert stdenv.lib.versionAtLeast kernel.version "3.19"; + +stdenv.mkDerivation rec { + + name = "facetimehd-${version}-${kernel.version}"; + version = "git-20160127"; + + src = fetchFromGitHub { + owner = "patjak"; + repo = "bcwc_pcie"; + rev = "186e9f9101ed9bbd7cc8d470f840d4a74c585ca7"; + sha256 = "1frsf6z6v94cz9fww9rbnk926jzl36fp3w2d1aw6djhzwm80a5gs"; + }; + + preConfigure = '' + export INSTALL_MOD_PATH="$out" + ''; + + makeFlags = [ + "KDIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" + ]; + + meta = with stdenv.lib; { + homepage = https://github.com/patjak/bcwc_pcie; + description = "Linux driver for the Facetime HD (Broadcom 1570) PCIe webcam"; + license = licenses.gpl2; + maintainers = [ maintainers.womfoo ]; + platforms = platforms.linux; + }; + +} diff --git a/pkgs/os-specific/linux/firmware/facetimehd-firmware/default.nix b/pkgs/os-specific/linux/firmware/facetimehd-firmware/default.nix new file mode 100644 index 000000000000..05a293083b7f --- /dev/null +++ b/pkgs/os-specific/linux/firmware/facetimehd-firmware/default.nix @@ -0,0 +1,51 @@ +{ stdenv, fetchurl, cpio, xz, pkgs }: + +let + + version = "1.43"; + + dmgRange = "420107885-421933300"; # the whole download is 1.3GB, this cuts it down to 2MB + + firmwareIn = "./System/Library/Extensions/AppleCameraInterface.kext/Contents/MacOS/AppleCameraInterface"; + firmwareOut = "firmware.bin"; + firmwareOffset = "81920"; + firmwareSize = "603715"; + + # separated this here as the script will fail without the 'exit 0' + unpack = pkgs.writeScriptBin "unpack" '' + xzcat -Q $src | cpio --format odc -i -d ${firmwareIn} + exit 0 + ''; + +in + +stdenv.mkDerivation { + + name = "facetimehd-firmware-${version}"; + + src = fetchurl { + url = "https://support.apple.com/downloads/DL1849/en_US/osxupd10.11.2.dmg"; + sha256 = "1jw6sy9vj27amfak83cs2c7q856y4mk1wix3rl4q10yvd9bl4k9x"; + curlOpts = "-r ${dmgRange}"; + }; + + phases = [ "buildPhase" ]; + + buildInputs = [ cpio xz ]; + + buildPhase = '' + ${unpack}/bin/unpack + dd bs=1 skip=${firmwareOffset} count=${firmwareSize} if=${firmwareIn} of=${firmwareOut}.gz &> /dev/null + mkdir -p $out/lib/firmware/facetimehd + gunzip -c ${firmwareOut}.gz > $out/lib/firmware/facetimehd/${firmwareOut} + ''; + + meta = with stdenv.lib; { + description = "facetimehd firmware"; + homepage = https://support.apple.com/downloads/DL1849; + license = licenses.unfree; + maintainers = [ maintainers.womfoo ]; + platforms = platforms.linux; + }; + +} diff --git a/pkgs/os-specific/linux/firmware/firmware-linux-nonfree/default.nix b/pkgs/os-specific/linux/firmware/firmware-linux-nonfree/default.nix index 455088d8f5e9..61ea6c0c18cd 100644 --- a/pkgs/os-specific/linux/firmware/firmware-linux-nonfree/default.nix +++ b/pkgs/os-specific/linux/firmware/firmware-linux-nonfree/default.nix @@ -2,7 +2,7 @@ stdenv.mkDerivation rec { name = "firmware-linux-nonfree-${version}"; - version = "2015-10-18"; + version = "2015-12-04"; # This repo is built by merging the latest versions of # http://git.kernel.org/cgit/linux/kernel/git/firmware/linux-firmware.git/ @@ -14,8 +14,8 @@ stdenv.mkDerivation rec { src = fetchFromGitHub { owner = "wkennington"; repo = "linux-firmware"; - rev = "f7694d34655a7f688033d0582f306b3f287b785d"; - sha256 = "0pb6pq48hfcny34l3anln9g4dy1f4n8gzmfib9pk4l64648sylnl"; + rev = "bbe4917c054eb0a73e250c6363341e3bf6725839"; + sha256 = "1p9c74p8j8zmddljaan5i29h8wsbz8911dv2sykpnahg9r939ykd"; }; preInstall = '' diff --git a/pkgs/os-specific/linux/htop/default.nix b/pkgs/os-specific/linux/htop/default.nix index da41c95dda27..b722815f2954 100644 --- a/pkgs/os-specific/linux/htop/default.nix +++ b/pkgs/os-specific/linux/htop/default.nix @@ -1,11 +1,11 @@ { fetchFromGitHub, stdenv, autoreconfHook, ncurses }: stdenv.mkDerivation rec { - name = "htop-1.0.3-239-229d0058"; + name = "htop-2.0.0"; src = fetchFromGitHub { - sha256 = "1bym6ligd8db4iyv2m1y7aylh7f9fmk71v67rkhird05hx1xb80r"; - rev = "229d005851af8dca595b3df8e385375fb9c382b4"; + sha256 = "1z8rzf3ndswk3090qypl0bqzq9f32w0ik2k5x4zd7jg4hkx66k7z"; + rev = "2.0.0"; repo = "htop"; owner = "hishamhm"; }; diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix index 90b4a6a48244..fc54715ea7b8 100644 --- a/pkgs/os-specific/linux/kernel/common-config.nix +++ b/pkgs/os-specific/linux/kernel/common-config.nix @@ -21,6 +21,12 @@ with stdenv.lib; '' + # Compress kernel modules for a sizable disk space savings. + ${optionalString (versionAtLeast version "3.18") '' + MODULE_COMPRESS y + MODULE_COMPRESS_XZ y + ''} + # Debugging. DEBUG_KERNEL y TIMER_STATS y @@ -355,6 +361,9 @@ with stdenv.lib; X86_CHECK_BIOS_CORRUPTION y X86_MCE y + # PCI-Expresscard hotplug support + HOTPLUG_PCI_PCIE y + # Linux containers. NAMESPACES? y # Required by 'unshare' used by 'nixos-install' RT_GROUP_SCHED? y diff --git a/pkgs/os-specific/linux/kernel/cve-2016-0728.patch b/pkgs/os-specific/linux/kernel/cve-2016-0728.patch deleted file mode 100644 index 5eec95c62930..000000000000 --- a/pkgs/os-specific/linux/kernel/cve-2016-0728.patch +++ /dev/null @@ -1,78 +0,0 @@ -From 05fd13592b60c3e9873f56705f80ff934e98b046 Mon Sep 17 00:00:00 2001 -From: David Howells <dhowells@redhat.com> -Date: Mon, 18 Jan 2016 10:53:31 +0000 -Subject: [PATCH] KEYS: Fix keyring ref leak in join_session_keyring() - -This fixes CVE-2016-0728. - -If a thread is asked to join as a session keyring the keyring that's already -set as its session, we leak a keyring reference. - -This can be tested with the following program: - - #include <stddef.h> - #include <stdio.h> - #include <sys/types.h> - #include <keyutils.h> - - int main(int argc, const char *argv[]) - { - int i = 0; - key_serial_t serial; - - serial = keyctl(KEYCTL_JOIN_SESSION_KEYRING, - "leaked-keyring"); - if (serial < 0) { - perror("keyctl"); - return -1; - } - - if (keyctl(KEYCTL_SETPERM, serial, - KEY_POS_ALL | KEY_USR_ALL) < 0) { - perror("keyctl"); - return -1; - } - - for (i = 0; i < 100; i++) { - serial = keyctl(KEYCTL_JOIN_SESSION_KEYRING, - "leaked-keyring"); - if (serial < 0) { - perror("keyctl"); - return -1; - } - } - - return 0; - } - -If, after the program has run, there something like the following line in -/proc/keys: - -3f3d898f I--Q--- 100 perm 3f3f0000 0 0 keyring leaked-keyring: empty - -with a usage count of 100 * the number of times the program has been run, -then the kernel is malfunctioning. If leaked-keyring has zero usages or -has been garbage collected, then the problem is fixed. - -Reported-by: Yevgeny Pats <yevgeny@perception-point.io> -Signed-off-by: David Howells <dhowells@redhat.com> -RH-bugzilla: 1298036 ---- - security/keys/process_keys.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c -index 43b4cddbf2b3..7877e5cd4e23 100644 ---- a/security/keys/process_keys.c -+++ b/security/keys/process_keys.c -@@ -794,6 +794,7 @@ long join_session_keyring(const char *name) - ret = PTR_ERR(keyring); - goto error2; - } else if (keyring == new->session_keyring) { -+ key_put(keyring); - ret = 0; - goto error2; - } --- -2.5.0 - diff --git a/pkgs/os-specific/linux/kernel/generic.nix b/pkgs/os-specific/linux/kernel/generic.nix index 59d3642e6227..af14434b08f2 100644 --- a/pkgs/os-specific/linux/kernel/generic.nix +++ b/pkgs/os-specific/linux/kernel/generic.nix @@ -57,10 +57,6 @@ let autoModules = stdenv.platform.kernelAutoModules; arch = stdenv.platform.kernelArch; - preConfigure = '' - buildFlagsArray+=("KBUILD_BUILD_TIMESTAMP=Thu Jan 1 00:00:01 UTC 1970") - ''; - crossAttrs = let cp = stdenv.cross.platform; in { diff --git a/pkgs/os-specific/linux/kernel/linux-3.10.nix b/pkgs/os-specific/linux/kernel/linux-3.10.nix index 6a4531d9deb4..afca9b9c35e4 100644 --- a/pkgs/os-specific/linux/kernel/linux-3.10.nix +++ b/pkgs/os-specific/linux/kernel/linux-3.10.nix @@ -1,15 +1,15 @@ { stdenv, fetchurl, perl, buildLinux, ... } @ args: import ./generic.nix (args // rec { - version = "3.10.92"; + version = "3.10.96"; extraMeta.branch = "3.10"; src = fetchurl { url = "mirror://kernel/linux/kernel/v3.x/linux-${version}.tar.xz"; - sha256 = "0z0jdix1mfpnnc8cxw7rzpnhxdayckpnrasvxi1qf0dwhcqgk92d"; + sha256 = "0wnlvbyg92q48kz5cn3bznjkkzpsik8z51dqhcxdpddy1k6iqb3k"; }; - kernelPatches = args.kernelPatches ++ [ { name = "cve-2016-0728"; patch = ./cve-2016-0728.patch; } ]; + kernelPatches = args.kernelPatches; features.iwlwifi = true; features.efiBootStub = true; diff --git a/pkgs/os-specific/linux/kernel/linux-3.12.nix b/pkgs/os-specific/linux/kernel/linux-3.12.nix index 1e58d4e50291..378a2b854f9e 100644 --- a/pkgs/os-specific/linux/kernel/linux-3.12.nix +++ b/pkgs/os-specific/linux/kernel/linux-3.12.nix @@ -1,15 +1,15 @@ { stdenv, fetchurl, perl, buildLinux, ... } @ args: import ./generic.nix (args // rec { - version = "3.12.50"; + version = "3.12.53"; extraMeta.branch = "3.12"; src = fetchurl { url = "mirror://kernel/linux/kernel/v3.x/linux-${version}.tar.xz"; - sha256 = "1bn07wsrcbg4qgqd4v2810c3qc0ifbcza0fyj8s54yd78g9qj4lj"; + sha256 = "1f2h4z8lk1s0h5lw7n3yb47dhpbr7gzma7ifsslwhyjg7s44cb27"; }; - kernelPatches = args.kernelPatches ++ [ { name = "cve-2016-0728"; patch = ./cve-2016-0728.patch; } ]; + kernelPatches = args.kernelPatches; features.iwlwifi = true; features.efiBootStub = true; diff --git a/pkgs/os-specific/linux/kernel/linux-3.14.nix b/pkgs/os-specific/linux/kernel/linux-3.14.nix index 62f1be8b92b1..9ad5a336de3b 100644 --- a/pkgs/os-specific/linux/kernel/linux-3.14.nix +++ b/pkgs/os-specific/linux/kernel/linux-3.14.nix @@ -1,16 +1,15 @@ { stdenv, fetchurl, perl, buildLinux, ... } @ args: import ./generic.nix (args // rec { - version = "3.14.58"; - # Remember to update grsecurity! + version = "3.14.60"; extraMeta.branch = "3.14"; src = fetchurl { url = "mirror://kernel/linux/kernel/v3.x/linux-${version}.tar.xz"; - sha256 = "0jw1023cpn4bjmi0db86lrxri9xj75cj8p2iqs44jabvh35idl7l"; + sha256 = "1zwq0j4slqg33z4yyk5s35hdzrq0g7jk1bd2kvgvkyqn1dkkvh0j"; }; - kernelPatches = args.kernelPatches ++ [ { name = "cve-2016-0728"; patch = ./cve-2016-0728.patch; } ]; + kernelPatches = args.kernelPatches; features.iwlwifi = true; features.efiBootStub = true; diff --git a/pkgs/os-specific/linux/kernel/linux-3.18.nix b/pkgs/os-specific/linux/kernel/linux-3.18.nix index 86258308c1e0..9b90ea3556b1 100644 --- a/pkgs/os-specific/linux/kernel/linux-3.18.nix +++ b/pkgs/os-specific/linux/kernel/linux-3.18.nix @@ -1,15 +1,15 @@ { stdenv, fetchurl, perl, buildLinux, ... } @ args: import ./generic.nix (args // rec { - version = "3.18.25"; + version = "3.18.26"; extraMeta.branch = "3.18"; src = fetchurl { url = "mirror://kernel/linux/kernel/v3.x/linux-${version}.tar.xz"; - sha256 = "14pz8mvk48i2y1ffkhczjcm2icpb2g9xlpzyrvvis42n5178fjf6"; + sha256 = "0bhf8x1h5crc9kimprjs7q74p86gsqsdr8nz54nv33c6zmryqsic"; }; - kernelPatches = args.kernelPatches ++ [ { name = "cve-2016-0728"; patch = ./cve-2016-0728.patch; } ]; + kernelPatches = args.kernelPatches; features.iwlwifi = true; features.efiBootStub = true; diff --git a/pkgs/os-specific/linux/kernel/linux-4.1.nix b/pkgs/os-specific/linux/kernel/linux-4.1.nix index 29d4870597a3..fbcfa17a8bc7 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.1.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.1.nix @@ -1,15 +1,15 @@ { stdenv, fetchurl, perl, buildLinux, ... } @ args: import ./generic.nix (args // rec { - version = "4.1.15"; + version = "4.1.17"; extraMeta.branch = "4.1"; src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "18sr0dl5ax6pcx6nqp9drb4l6a38g07vxihiqpbwb231jv68h8j7"; + sha256 = "084ij19vgm27ljrjabqqmlqn27p168nsm9grhr6rajid4n79h6ab"; }; - kernelPatches = args.kernelPatches ++ [ { name = "cve-2016-0728"; patch = ./cve-2016-0728.patch; } ]; + kernelPatches = args.kernelPatches; features.iwlwifi = true; features.efiBootStub = true; diff --git a/pkgs/os-specific/linux/kernel/linux-4.4.nix b/pkgs/os-specific/linux/kernel/linux-4.4.nix index cf17e915f8bf..18bc11926214 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.4.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.4.nix @@ -1,16 +1,15 @@ { stdenv, fetchurl, perl, buildLinux, ... } @ args: import ./generic.nix (args // rec { - version = "4.4"; - modDirVersion = "4.4.0"; + version = "4.4.1"; extraMeta.branch = "4.4"; src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "401d7c8fef594999a460d10c72c5a94e9c2e1022f16795ec51746b0d165418b2"; + sha256 = "0mwaqvl7dkasidciah1al57a1djnsk46ha5mjy4psq2inj71klky"; }; - kernelPatches = args.kernelPatches ++ [ { name = "cve-2016-0728"; patch = ./cve-2016-0728.patch; } ]; + kernelPatches = args.kernelPatches; features.iwlwifi = true; features.efiBootStub = true; diff --git a/pkgs/os-specific/linux/kernel/linux-mptcp.nix b/pkgs/os-specific/linux/kernel/linux-mptcp.nix index 2b0e3017979f..6a1d8da5a92b 100644 --- a/pkgs/os-specific/linux/kernel/linux-mptcp.nix +++ b/pkgs/os-specific/linux/kernel/linux-mptcp.nix @@ -7,7 +7,7 @@ import ./generic.nix (args // rec { extraMeta = { branch = "3.18"; - maintainer = stdenv.lib.maintainers.layus; + maintainers = stdenv.lib.maintainers.layus; }; src = fetchurl { diff --git a/pkgs/os-specific/linux/kernel/linux-testing.nix b/pkgs/os-specific/linux/kernel/linux-testing.nix index c70d6f79f38b..8dc55f6e6a84 100644 --- a/pkgs/os-specific/linux/kernel/linux-testing.nix +++ b/pkgs/os-specific/linux/kernel/linux-testing.nix @@ -1,13 +1,13 @@ { stdenv, fetchurl, perl, buildLinux, ... } @ args: import ./generic.nix (args // rec { - version = "4.4-rc8"; - modDirVersion = "4.4.0-rc8"; - extraMeta.branch = "4.4"; + version = "4.5-rc3"; + modDirVersion = "4.5.0-rc3"; + extraMeta.branch = "4.5"; src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/testing/linux-${version}.tar.xz"; - sha256 = "0cwf80lryzhdajd3r97b33ym5njjpf5rbcbjzz7lja0w9xs1dvwj"; + sha256 = "fae5b3b318d6ca7d142b2947e8df3e4091e2330dc509ba19503abf4b9c314986"; }; features.iwlwifi = true; diff --git a/pkgs/os-specific/linux/kernel/linux.upstream.template b/pkgs/os-specific/linux/kernel/linux.upstream.template deleted file mode 100644 index 624b83d45b33..000000000000 --- a/pkgs/os-specific/linux/kernel/linux.upstream.template +++ /dev/null @@ -1,13 +0,0 @@ -url "http://www.kernel.org/pub/linux/kernel/v3.x/${LINUX_VERSION_RC:+testing/}" -version_link "linux-${LINUX_VERSION}.*tar[.]xz\$" -version '.*linux-([0-9.]+(-rc[0-9]+)?)[.]tar.*' '\1' -target "linux-${LINUX_VERSION}.nix" -name "linux_${LINUX_VERSION/./_}" - -do_overwrite() { - ensure_hash - set_var_value version "$CURRENT_VERSION" - set_var_value sha256 "$CURRENT_HASH" - [ -n "$LINUX_VERSION_RC" ] && set_var_value testing true '' '' 1 - [ -z "$LINUX_VERSION_RC" ] && set_var_value testing false '' '' 1 -} diff --git a/pkgs/os-specific/linux/kernel/manual-config.nix b/pkgs/os-specific/linux/kernel/manual-config.nix index 3882638ee954..cc98430a843f 100644 --- a/pkgs/os-specific/linux/kernel/manual-config.nix +++ b/pkgs/os-specific/linux/kernel/manual-config.nix @@ -102,7 +102,8 @@ let make $makeFlags "''${makeFlagsArray[@]}" oldconfig runHook postConfigure - buildFlagsArray+=("KBUILD_BUILD_TIMESTAMP=Thu Jan 1 00:00:01 UTC 1970") + # Note: we can get rid of this once http://permalink.gmane.org/gmane.linux.kbuild.devel/13800 is merged. + buildFlagsArray+=("KBUILD_BUILD_TIMESTAMP=$(date -u -d @$SOURCE_DATE_EPOCH)") ''; buildFlags = [ @@ -128,6 +129,9 @@ let mkdir -p $out/dtbs cp $buildRoot/arch/$karch/boot/dts/*.dtb $out/dtbs '' else "") + (if isModular then '' + if [ -z "$dontStrip" ]; then + installFlagsArray+=("INSTALL_MOD_STRIP=1") + fi make modules_install $makeFlags "''${makeFlagsArray[@]}" \ $installFlags "''${installFlagsArray[@]}" unlink $out/lib/modules/${modDirVersion}/build @@ -189,9 +193,6 @@ let # !!! This leaves references to gcc in $dev # that we might be able to avoid postFixup = if isModular then '' - if [ -z "$dontStrip" ]; then - find $out -name "*.ko" -print0 | xargs -0 -r ''${crossConfig+$crossConfig-}strip -S - fi # !!! Should this be part of stdenv? Also patchELF should take an argument... prefix=$dev patchELF diff --git a/pkgs/os-specific/linux/kernel/patches.nix b/pkgs/os-specific/linux/kernel/patches.nix index 7e95f1dedb1a..3f7afd903226 100644 --- a/pkgs/os-specific/linux/kernel/patches.nix +++ b/pkgs/os-specific/linux/kernel/patches.nix @@ -22,7 +22,7 @@ let { name = "grsecurity-${grversion}-${kversion}"; inherit grversion kversion revision; patch = fetchurl { - url = "http://grsecurity.net/${branch}/grsecurity-${grversion}-${kversion}-${revision}.patch"; + url = "https://github.com/slashbeast/grsecurity-scrape/blob/master/${branch}/grsecurity-${grversion}-${kversion}-${revision}.patch?raw=true"; inherit sha256; }; features.grsecurity = true; diff --git a/pkgs/os-specific/linux/kmod/default.nix b/pkgs/os-specific/linux/kmod/default.nix index 1b12a0076b45..12449a0a7dda 100644 --- a/pkgs/os-specific/linux/kmod/default.nix +++ b/pkgs/os-specific/linux/kmod/default.nix @@ -8,11 +8,9 @@ stdenv.mkDerivation rec { sha256 = "10lzfkmnpq6a43a3gkx7x633njh216w0bjwz31rv8a1jlgg1sfxs"; }; - # Disable xz/zlib support to prevent needing them in the initrd. - - buildInputs = [ pkgconfig libxslt /* xz zlib */ ]; + buildInputs = [ pkgconfig libxslt xz /* zlib */ ]; - configureFlags = [ "--sysconfdir=/etc" /* "--with-xz" "--with-zlib" */ ]; + configureFlags = [ "--sysconfdir=/etc" "--with-xz" /* "--with-zlib" */ ]; patches = [ ./module-dir.patch ]; diff --git a/pkgs/os-specific/linux/mcelog/default.nix b/pkgs/os-specific/linux/mcelog/default.nix index 113d59d641dc..c185d69c5540 100644 --- a/pkgs/os-specific/linux/mcelog/default.nix +++ b/pkgs/os-specific/linux/mcelog/default.nix @@ -2,10 +2,10 @@ stdenv.mkDerivation rec { name = "mcelog-${version}"; - version = "129"; + version = "131"; src = fetchFromGitHub { - sha256 = "143xh5zvgax88yhg6mg6img64nrda85yybf76fgsk7a8gc57ghyk"; + sha256 = "1hqb06gdx5bw4jh6xix0z5qhi4956asykf43zk1m1mjsj8lkzaps"; rev = "v${version}"; repo = "mcelog"; owner = "andikleen"; diff --git a/pkgs/os-specific/linux/pagemon/default.nix b/pkgs/os-specific/linux/pagemon/default.nix index 3c94362b820c..4246e5123217 100644 --- a/pkgs/os-specific/linux/pagemon/default.nix +++ b/pkgs/os-specific/linux/pagemon/default.nix @@ -2,10 +2,10 @@ stdenv.mkDerivation rec { name = "pagemon-${version}"; - version = "0.01.06"; + version = "0.01.08"; src = fetchFromGitHub { - sha256 = "0p6mzmyjn5dq1ma9ld47gnrszyf0yph76dd5k7hl60a5zq5741aa"; + sha256 = "079x8ah33nh4faqcy0jy24x30l40j5m00d57aawaayaq18smqs3f"; rev = "V${version}"; repo = "pagemon"; owner = "ColinIanKing"; diff --git a/pkgs/os-specific/linux/pam_u2f/default.nix b/pkgs/os-specific/linux/pam_u2f/default.nix index ecffa7bec59a..f58dadfd10ce 100644 --- a/pkgs/os-specific/linux/pam_u2f/default.nix +++ b/pkgs/os-specific/linux/pam_u2f/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { name = "pam_u2f-${version}"; - version = "1.0.1"; + version = "1.0.4"; src = fetchurl { url = "https://developers.yubico.com/pam-u2f/Releases/${name}.tar.gz"; - sha256 = "08lmc2il877k7djkjmza3k0n6ij8b4hx4x9dl6wwfdjqsr8d2zfp"; + sha256 = "189j0wgx6fs146vfp88djqpl1flpfb3962l1a2marlp6d12jwm3i"; }; nativeBuildInputs = [ pkgconfig ]; diff --git a/pkgs/os-specific/linux/pflask/default.nix b/pkgs/os-specific/linux/pflask/default.nix new file mode 100644 index 000000000000..b4f93e9de3fb --- /dev/null +++ b/pkgs/os-specific/linux/pflask/default.nix @@ -0,0 +1,33 @@ +{ lib, stdenv, fetchurl, python, waf }: + +stdenv.mkDerivation rec { + name = "pflask-${version}"; + version = "git-2015-12-17"; + rev = "599418bb6453eaa0ccab493f9411f13726c1a636"; + + src = fetchurl { + url = "https://github.com/ghedo/pflask/archive/${rev}.tar.gz"; + sha256 = "2545fca37f9da484b46b6fb5e3a9bbba6526a9725189fe4af5227ef6e6fca440"; + }; + + buildInputs = [ python ]; + + configurePhase = '' + ln -s ${waf} waf + python waf configure --prefix=$out + ''; + buildPhase = '' + python waf build + ''; + installPhase = '' + python waf install + ''; + + meta = { + description = "Lightweight process containers for Linux"; + homepage = "https://ghedo.github.io/pflask/"; + license = lib.licenses.bsd2; + platforms = lib.platforms.linux; + maintainers = with lib.maintainers; [ ]; + }; +} diff --git a/pkgs/os-specific/linux/powertop/default.nix b/pkgs/os-specific/linux/powertop/default.nix index ef1dbf00b52c..59083a8b040e 100644 --- a/pkgs/os-specific/linux/powertop/default.nix +++ b/pkgs/os-specific/linux/powertop/default.nix @@ -12,6 +12,7 @@ stdenv.mkDerivation rec { postPatch = '' substituteInPlace src/main.cpp --replace "/sbin/modprobe" "modprobe" + substituteInPlace src/calibrate/calibrate.cpp --replace "/usr/bin/xset" "xset" ''; meta = { diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index b164693612df..0f066e380c1b 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -1,6 +1,6 @@ { stdenv, fetchFromGitHub, pkgconfig, intltool, gperf, libcap, kmod , zlib, xz, pam, acl, cryptsetup, libuuid, m4, utillinux, libffi -, glib, kbd, libxslt, coreutils, libgcrypt, libapparmor, audit, lz4 +, glib, kbd, libxslt, coreutils, libgcrypt, libgpgerror, libapparmor, audit, lz4 , kexectools, libmicrohttpd, linuxHeaders, libseccomp , autoreconfHook, gettext, docbook_xsl, docbook_xml_dtd_42, docbook_xml_dtd_45 , enableKDbus ? false @@ -9,14 +9,14 @@ assert stdenv.isLinux; stdenv.mkDerivation rec { - version = "228"; + version = "229"; name = "systemd-${version}"; src = fetchFromGitHub { owner = "NixOS"; repo = "systemd"; - rev = "b737c07cc0234acfa87282786025d556bca91c3f"; - sha256 = "0wca8zkn39914c232andvf3v0ni6ylv154kz3s9fcvg47rhpd5n1"; + rev = "4936f6e6c05162516a685ebd227b55816cf2b670"; + sha256 = "1q0pyrljmq73qcan9rfqsiw66l1g159m5in5qgb8zwlwhl928670"; }; patches = [ ./hwdb-location.diff ]; @@ -31,7 +31,7 @@ stdenv.mkDerivation rec { buildInputs = [ linuxHeaders pkgconfig intltool gperf libcap kmod xz pam acl - /* cryptsetup */ libuuid m4 glib libxslt libgcrypt + /* cryptsetup */ libuuid m4 glib libxslt libgcrypt libgpgerror libmicrohttpd kexectools libseccomp libffi audit lz4 libapparmor /* FIXME: we may be able to prevent the following dependencies by generating an autoconf'd tarball, but that's probably not @@ -73,7 +73,7 @@ stdenv.mkDerivation rec { "--with-sysvinit-path=" "--with-sysvrcnd-path=" "--with-rc-local-script-path-stop=/etc/halt.local" - ] ++ stdenv.lib.optional enableKDbus "--enable-kdbus"; + ] ++ (if enableKDbus then [ "--enable-kdbus" ] else [ "--disable-kdbus" ]); preConfigure = '' |