From 69e5da17c602b5fdf3e1d0f3068886a283b828d1 Mon Sep 17 00:00:00 2001 From: Yann Hodique Date: Sun, 7 May 2017 09:43:55 -0700 Subject: go_1_8: use llvm 4.0 --- pkgs/top-level/all-packages.nix | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'pkgs/top-level/all-packages.nix') diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index b6fcaba70d3e..f62854d58a19 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -5340,11 +5340,9 @@ with pkgs; stdenv = stdenvAdapters.overrideCC pkgs.stdenv pkgs.clang_38; }); - go_1_8 = callPackage ../development/compilers/go/1.8.nix ({ + go_1_8 = callPackage ../development/compilers/go/1.8.nix { inherit (darwin.apple_sdk.frameworks) Security Foundation; - } // stdenv.lib.optionalAttrs stdenv.isDarwin { - stdenv = stdenvAdapters.overrideCC pkgs.stdenv pkgs.clang_38; - }); + }; go = go_1_8; -- cgit 1.4.1 From 7c185d4af921516f5836d3487f8d4455443afc73 Mon Sep 17 00:00:00 2001 From: Christopher League Date: Thu, 4 May 2017 21:00:40 -0400 Subject: zsh-git-prompt: Init at 0.5 This is a plugin of sorts for your `.zshrc` that can add status information about the current git repository to your prompt. By default it uses a python script and is thus easy on the dependencies and not really worth packaging. But there's also a Haskell implementation. I set it up sometime back, but then it died when the libgmp version it was compiled with disappeared in a garbage collection. So I decided that the Haskell version of zsh-git-prompt might be worth packaging after all. --- pkgs/shells/zsh-git-prompt/default.nix | 70 ++++++++++++++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 + 2 files changed, 72 insertions(+) create mode 100644 pkgs/shells/zsh-git-prompt/default.nix (limited to 'pkgs/top-level/all-packages.nix') diff --git a/pkgs/shells/zsh-git-prompt/default.nix b/pkgs/shells/zsh-git-prompt/default.nix new file mode 100644 index 000000000000..7318da83d176 --- /dev/null +++ b/pkgs/shells/zsh-git-prompt/default.nix @@ -0,0 +1,70 @@ +# zsh-git-prompt -- Informative git prompt for zsh +# +# Usage: to enable this plugin for all users, you could +# add it to configuration.nix like this: +# +# programs.zsh.interactiveShellInit = '' +# source ${pkgs.zsh-git-prompt}/share/zsh-git-prompt/zshrc.sh +# ''; +# +# Or you can install it globally but only enable it in individual +# users' ~/.zshrc files: +# +# source /run/current-system/sw/share/zsh-git-prompt/zshrc.sh +# +# Or if installed locally: +# +# source ~/.nix-profile/share/zsh-git-prompt/zshrc.sh +# +# Either way, you then have to set a prompt that incorporates +# git_super_status, for example: +# +# PROMPT='%B%m%~%b$(git_super_status) %# ' +# +# More details are in share/doc/zsh-git-prompt/README.md, once +# installed. +# +{ fetchgit +, haskell +, python +, git +, lib +, ghcVersion ? "ghc802" +}: + +haskell.packages.${ghcVersion}.callPackage + ({ mkDerivation, base, HUnit, parsec, process, QuickCheck, stdenv }: + mkDerivation rec { + pname = "zsh-git-prompt"; + version = "0.5"; + src = fetchgit { + url = "https://github.com/olivierverdier/zsh-git-prompt.git"; + rev = "0a6c8b610e799040b612db8888945f502a2ddd9d"; + sha256 = "19x1gf1r6l7r6i7vhhsgzcbdlnr648jx8j84nk2zv1b8igh205hw"; + }; + prePatch = '' + substituteInPlace zshrc.sh \ + --replace ':-"python"' ':-"haskell"' \ + --replace 'python ' '${python.interpreter} ' \ + --replace 'git ' '${git}/bin/git ' + ''; + preCompileBuildDriver = "cd src"; + postInstall = '' + cd .. + gpshare=$out/share/${pname} + gpdoc=$out/share/doc/${pname} + mkdir -p $gpshare/src $gpdoc + cp README.md $gpdoc + cp zshrc.sh gitstatus.py $gpshare + mv $out/bin $gpshare/src/.bin + ''; + isLibrary = false; + isExecutable = true; + libraryHaskellDepends = [ base parsec process QuickCheck ]; + executableHaskellDepends = libraryHaskellDepends; + testHaskellDepends = [HUnit] ++ libraryHaskellDepends; + homepage = "http://github.com/olivierverdier/zsh-git-prompt#readme"; + description = "Informative git prompt for zsh"; + license = stdenv.lib.licenses.mit; + maintainers = [lib.maintainers.league]; + }) {} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 5b5af2587d26..f5ba485235d3 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -4801,6 +4801,8 @@ with pkgs; zpaq = callPackage ../tools/archivers/zpaq { }; zpaqd = callPackage ../tools/archivers/zpaq/zpaqd.nix { }; + zsh-git-prompt = callPackage ../shells/zsh-git-prompt { }; + zsh-navigation-tools = callPackage ../tools/misc/zsh-navigation-tools { }; zsh-syntax-highlighting = callPackage ../shells/zsh-syntax-highlighting { }; -- cgit 1.4.1 From 7cf29e13058c187df99c7b7dec23e78d50664abf Mon Sep 17 00:00:00 2001 From: c74d <8573dd@gmail.com> Date: Mon, 8 May 2017 07:03:10 +0000 Subject: staccato: init at 0.1.6 Add the package `staccato`, "a command line program that lets you compute statistics from values from a file or standard input". I have tested this change per nixpkgs manual section 13.1 ("Making patches"). --- pkgs/tools/text/staccato/default.nix | 29 +++++++++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 2 files changed, 31 insertions(+) create mode 100644 pkgs/tools/text/staccato/default.nix (limited to 'pkgs/top-level/all-packages.nix') diff --git a/pkgs/tools/text/staccato/default.nix b/pkgs/tools/text/staccato/default.nix new file mode 100644 index 000000000000..bfddff938f95 --- /dev/null +++ b/pkgs/tools/text/staccato/default.nix @@ -0,0 +1,29 @@ +{ stdenv, fetchFromGitHub, rustPlatform }: + +rustPlatform.buildRustPackage rec { + name = "staccato-${version}"; + version = "0.1.6"; + + src = fetchFromGitHub { + owner = "tshlabs"; + repo = "staccato"; + rev = version; + sha256 = "1zbd1gx0ik2r7bavcid776j37g6rzd3f6cs94kq1qar4gyf1gqjm"; + }; + + depsSha256 = "1gwfkh3ck8n3zcy43ch2mnc28a6y10p3srhnx9dh8gwnwbpb733c"; + + meta = { + description = "A command line program that lets you compute statistics from values from a file or standard input"; + longDescription = '' + Staccato (`st` for short) is a command line program that lets you + compute statistics from values from a file or standard input. It + computes things about the stream of numbers like min, max, mean, median, + and standard deviation. It can also compute these things about some + subset of the stream, for example the lower 95% of values. + ''; + homepage = "https://docs.rs/crate/staccato"; + license = stdenv.lib.licenses.gpl3; + platforms = stdenv.lib.platforms.all; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index bebd1058e975..0e73ae02b5ac 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -1028,6 +1028,8 @@ with pkgs; socklog = callPackage ../tools/system/socklog { }; + staccato = callPackage ../tools/text/staccato { }; + syscall_limiter = callPackage ../os-specific/linux/syscall_limiter {}; syslogng = callPackage ../tools/system/syslog-ng { }; -- cgit 1.4.1 From 6d598fccce0d4df5f3fc01c31027a739534f535a Mon Sep 17 00:00:00 2001 From: Bo Bakker Date: Mon, 8 May 2017 01:31:56 +0200 Subject: hpx: init at 1.0.0 --- pkgs/development/libraries/hpx/default.nix | 26 ++++++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 4 +++- 2 files changed, 29 insertions(+), 1 deletion(-) create mode 100644 pkgs/development/libraries/hpx/default.nix (limited to 'pkgs/top-level/all-packages.nix') diff --git a/pkgs/development/libraries/hpx/default.nix b/pkgs/development/libraries/hpx/default.nix new file mode 100644 index 000000000000..b4f6c32d16f5 --- /dev/null +++ b/pkgs/development/libraries/hpx/default.nix @@ -0,0 +1,26 @@ +{ stdenv, fetchFromGitHub, boost, cmake, hwloc, gperftools, pkgconfig, python }: + +stdenv.mkDerivation rec { + name = "hpx-${version}"; + version = "1.0.0"; + + src = fetchFromGitHub { + owner = "STEllAR-GROUP"; + repo = "hpx"; + rev = "${version}"; + sha256 = "0k79gw4c0v4i7ps1hw6x4m7svxbfml5xm6ly7p00dvg7z9521zsk"; + }; + + buildInputs = [ boost hwloc gperftools ]; + nativeBuildInputs = [ cmake pkgconfig python ]; + + enableParallelBuilding = true; + + meta = { + description = "C++ standard library for concurrency and parallelism"; + homepage = "https://github.com/STEllAR-GROUP/hpx"; + license = stdenv.lib.licenses.boost; + platforms = stdenv.lib.platforms.linux; + maintainers = with stdenv.lib.maintainers; [ bobakker ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index bebd1058e975..27139adc7a44 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -8012,6 +8012,8 @@ with pkgs; hound = callPackage ../development/tools/misc/hound { }; + hpx = callPackage ../development/libraries/hpx { }; + hspell = callPackage ../development/libraries/hspell { }; hspellDicts = callPackage ../development/libraries/hspell/dicts.nix { }; @@ -17011,7 +17013,7 @@ with pkgs; quake3pointrelease = callPackage ../games/quake3/content/pointrelease.nix { }; quakespasm = callPackage ../games/quakespasm { }; - + ioquake3 = callPackage ../games/quake3/ioquake { }; quantumminigolf = callPackage ../games/quantumminigolf {}; -- cgit 1.4.1 From 19ebff1d95dae17cff81f8e9c133d82827317ed2 Mon Sep 17 00:00:00 2001 From: Yann Hodique Date: Sun, 7 May 2017 14:09:24 -0700 Subject: go: 1.7.4 -> 1.7.5 --- pkgs/development/compilers/go/1.7.nix | 6 +- pkgs/development/compilers/go/1.8.nix | 2 +- .../compilers/go/ssl-cert-file-1.7.patch | 78 --------------------- .../compilers/go/ssl-cert-file-1.8.patch | 80 ---------------------- pkgs/development/compilers/go/ssl-cert-file.patch | 80 ++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 6 +- 6 files changed, 86 insertions(+), 166 deletions(-) delete mode 100644 pkgs/development/compilers/go/ssl-cert-file-1.7.patch delete mode 100644 pkgs/development/compilers/go/ssl-cert-file-1.8.patch create mode 100644 pkgs/development/compilers/go/ssl-cert-file.patch (limited to 'pkgs/top-level/all-packages.nix') diff --git a/pkgs/development/compilers/go/1.7.nix b/pkgs/development/compilers/go/1.7.nix index 76f6141e2e34..7ecae36a4d5a 100644 --- a/pkgs/development/compilers/go/1.7.nix +++ b/pkgs/development/compilers/go/1.7.nix @@ -24,13 +24,13 @@ in stdenv.mkDerivation rec { name = "go-${version}"; - version = "1.7.4"; + version = "1.7.5"; src = fetchFromGitHub { owner = "golang"; repo = "go"; rev = "go${version}"; - sha256 = "1ks3xph20afrfp3vqs1sjnkpjb0lgxblv8706wa3iiyg7rka4axv"; + sha256 = "00radlwbrssn0x3naamb33cfx7ap2jv7s51bqr705nmn2j5yyblk"; }; # perl is used for testing go vet @@ -105,7 +105,7 @@ stdenv.mkDerivation rec { patches = [ ./remove-tools-1.7.patch - ./ssl-cert-file-1.7.patch + ./ssl-cert-file.patch ./creds-test.patch # This test checks for the wrong thing with recent tzdata. It's been fixed in master but the patch diff --git a/pkgs/development/compilers/go/1.8.nix b/pkgs/development/compilers/go/1.8.nix index 60125b2e22a9..48948430cb20 100644 --- a/pkgs/development/compilers/go/1.8.nix +++ b/pkgs/development/compilers/go/1.8.nix @@ -107,7 +107,7 @@ stdenv.mkDerivation rec { patches = [ ./remove-tools-1.8.patch - ./ssl-cert-file-1.8.patch + ./ssl-cert-file.patch ./creds-test.patch ./remove-test-pie-1.8.patch diff --git a/pkgs/development/compilers/go/ssl-cert-file-1.7.patch b/pkgs/development/compilers/go/ssl-cert-file-1.7.patch deleted file mode 100644 index e35ad9e4b759..000000000000 --- a/pkgs/development/compilers/go/ssl-cert-file-1.7.patch +++ /dev/null @@ -1,78 +0,0 @@ -diff --git a/src/crypto/x509/root_cgo_darwin.go b/src/crypto/x509/root_cgo_darwin.go -index a4b33c7..9700b75 100644 ---- a/src/crypto/x509/root_cgo_darwin.go -+++ b/src/crypto/x509/root_cgo_darwin.go -@@ -151,11 +151,20 @@ int FetchPEMRoots(CFDataRef *pemRoots) { - import "C" - import ( - "errors" -+ "io/ioutil" -+ "os" - "unsafe" - ) - - func loadSystemRoots() (*CertPool, error) { - roots := NewCertPool() -+ if file := os.Getenv("NIX_SSL_CERT_FILE"); file != "" { -+ data, err := ioutil.ReadFile(file) -+ if err == nil { -+ roots.AppendCertsFromPEM(data) -+ return roots, nil -+ } -+ } - - var data C.CFDataRef = nil - err := C.FetchPEMRoots(&data) -diff --git a/src/crypto/x509/root_darwin.go b/src/crypto/x509/root_darwin.go -index 59b303d..d4a34ac 100644 ---- a/src/crypto/x509/root_darwin.go -+++ b/src/crypto/x509/root_darwin.go -@@ -28,16 +28,25 @@ func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate - // The linker will not include these unused functions in binaries built with cgo enabled. - - func execSecurityRoots() (*CertPool, error) { -+ var ( -+ mu sync.Mutex -+ roots = NewCertPool() -+ ) -+ -+ if file := os.Getenv("NIX_SSL_CERT_FILE"); file != "" { -+ data, err := ioutil.ReadFile(file) -+ if err == nil { -+ roots.AppendCertsFromPEM(data) -+ return roots, nil -+ } -+ } -+ - cmd := exec.Command("/usr/bin/security", "find-certificate", "-a", "-p", "/System/Library/Keychains/SystemRootCertificates.keychain") - data, err := cmd.Output() - if err != nil { - return nil, err - } - -- var ( -- mu sync.Mutex -- roots = NewCertPool() -- ) - add := func(cert *Certificate) { - mu.Lock() - defer mu.Unlock() -diff --git a/src/crypto/x509/root_unix.go b/src/crypto/x509/root_unix.go -index 7bcb3d6..3986e1a 100644 ---- a/src/crypto/x509/root_unix.go -+++ b/src/crypto/x509/root_unix.go -@@ -24,6 +24,14 @@ func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate - - func loadSystemRoots() (*CertPool, error) { - roots := NewCertPool() -+ if file := os.Getenv("NIX_SSL_CERT_FILE"); file != "" { -+ data, err := ioutil.ReadFile(file) -+ if err == nil { -+ roots.AppendCertsFromPEM(data) -+ return roots, nil -+ } -+ } -+ - var firstErr error - for _, file := range certFiles { - data, err := ioutil.ReadFile(file) diff --git a/pkgs/development/compilers/go/ssl-cert-file-1.8.patch b/pkgs/development/compilers/go/ssl-cert-file-1.8.patch deleted file mode 100644 index 052655eed52c..000000000000 --- a/pkgs/development/compilers/go/ssl-cert-file-1.8.patch +++ /dev/null @@ -1,80 +0,0 @@ -diff --git a/src/crypto/x509/root_cgo_darwin.go b/src/crypto/x509/root_cgo_darwin.go -index a4b33c7..9700b75 100644 ---- a/src/crypto/x509/root_cgo_darwin.go -+++ b/src/crypto/x509/root_cgo_darwin.go -@@ -151,11 +151,20 @@ int FetchPEMRoots(CFDataRef *pemRoots) { - import "C" - import ( - "errors" -+ "io/ioutil" -+ "os" - "unsafe" - ) - - func loadSystemRoots() (*CertPool, error) { - roots := NewCertPool() -+ if file := os.Getenv("NIX_SSL_CERT_FILE"); file != "" { -+ data, err := ioutil.ReadFile(file) -+ if err == nil { -+ roots.AppendCertsFromPEM(data) -+ return roots, nil -+ } -+ } - - var data C.CFDataRef = nil - err := C.FetchPEMRoots(&data) -diff --git a/src/crypto/x509/root_darwin.go b/src/crypto/x509/root_darwin.go -index 66cdb5e..bb28036 100644 ---- a/src/crypto/x509/root_darwin.go -+++ b/src/crypto/x509/root_darwin.go -@@ -61,17 +61,25 @@ func execSecurityRoots() (*CertPool, error) { - println(fmt.Sprintf("crypto/x509: %d certs have a trust policy", len(hasPolicy))) - } - -- cmd := exec.Command("/usr/bin/security", "find-certificate", "-a", "-p", "/System/Library/Keychains/SystemRootCertificates.keychain") -- data, err := cmd.Output() -- if err != nil { -- return nil, err -- } -- - var ( - mu sync.Mutex - roots = NewCertPool() - numVerified int // number of execs of 'security verify-cert', for debug stats - ) - -+ if file := os.Getenv("NIX_SSL_CERT_FILE"); file != "" { -+ data, err := ioutil.ReadFile(file) -+ if err == nil { -+ roots.AppendCertsFromPEM(data) -+ return roots, nil -+ } -+ } -+ -+ cmd := exec.Command("/usr/bin/security", "find-certificate", "-a", "-p", "/System/Library/Keychains/SystemRootCertificates.keychain") -+ data, err := cmd.Output() -+ if err != nil { -+ return nil, err -+ } -+ - blockCh := make(chan *pem.Block) - var wg sync.WaitGroup -diff --git a/src/crypto/x509/root_unix.go b/src/crypto/x509/root_unix.go -index 7bcb3d6..3986e1a 100644 ---- a/src/crypto/x509/root_unix.go -+++ b/src/crypto/x509/root_unix.go -@@ -24,6 +24,14 @@ func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate - - func loadSystemRoots() (*CertPool, error) { - roots := NewCertPool() -+ if file := os.Getenv("NIX_SSL_CERT_FILE"); file != "" { -+ data, err := ioutil.ReadFile(file) -+ if err == nil { -+ roots.AppendCertsFromPEM(data) -+ return roots, nil -+ } -+ } -+ - var firstErr error - for _, file := range certFiles { - data, err := ioutil.ReadFile(file) diff --git a/pkgs/development/compilers/go/ssl-cert-file.patch b/pkgs/development/compilers/go/ssl-cert-file.patch new file mode 100644 index 000000000000..052655eed52c --- /dev/null +++ b/pkgs/development/compilers/go/ssl-cert-file.patch @@ -0,0 +1,80 @@ +diff --git a/src/crypto/x509/root_cgo_darwin.go b/src/crypto/x509/root_cgo_darwin.go +index a4b33c7..9700b75 100644 +--- a/src/crypto/x509/root_cgo_darwin.go ++++ b/src/crypto/x509/root_cgo_darwin.go +@@ -151,11 +151,20 @@ int FetchPEMRoots(CFDataRef *pemRoots) { + import "C" + import ( + "errors" ++ "io/ioutil" ++ "os" + "unsafe" + ) + + func loadSystemRoots() (*CertPool, error) { + roots := NewCertPool() ++ if file := os.Getenv("NIX_SSL_CERT_FILE"); file != "" { ++ data, err := ioutil.ReadFile(file) ++ if err == nil { ++ roots.AppendCertsFromPEM(data) ++ return roots, nil ++ } ++ } + + var data C.CFDataRef = nil + err := C.FetchPEMRoots(&data) +diff --git a/src/crypto/x509/root_darwin.go b/src/crypto/x509/root_darwin.go +index 66cdb5e..bb28036 100644 +--- a/src/crypto/x509/root_darwin.go ++++ b/src/crypto/x509/root_darwin.go +@@ -61,17 +61,25 @@ func execSecurityRoots() (*CertPool, error) { + println(fmt.Sprintf("crypto/x509: %d certs have a trust policy", len(hasPolicy))) + } + +- cmd := exec.Command("/usr/bin/security", "find-certificate", "-a", "-p", "/System/Library/Keychains/SystemRootCertificates.keychain") +- data, err := cmd.Output() +- if err != nil { +- return nil, err +- } +- + var ( + mu sync.Mutex + roots = NewCertPool() + numVerified int // number of execs of 'security verify-cert', for debug stats + ) + ++ if file := os.Getenv("NIX_SSL_CERT_FILE"); file != "" { ++ data, err := ioutil.ReadFile(file) ++ if err == nil { ++ roots.AppendCertsFromPEM(data) ++ return roots, nil ++ } ++ } ++ ++ cmd := exec.Command("/usr/bin/security", "find-certificate", "-a", "-p", "/System/Library/Keychains/SystemRootCertificates.keychain") ++ data, err := cmd.Output() ++ if err != nil { ++ return nil, err ++ } ++ + blockCh := make(chan *pem.Block) + var wg sync.WaitGroup +diff --git a/src/crypto/x509/root_unix.go b/src/crypto/x509/root_unix.go +index 7bcb3d6..3986e1a 100644 +--- a/src/crypto/x509/root_unix.go ++++ b/src/crypto/x509/root_unix.go +@@ -24,6 +24,14 @@ func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate + + func loadSystemRoots() (*CertPool, error) { + roots := NewCertPool() ++ if file := os.Getenv("NIX_SSL_CERT_FILE"); file != "" { ++ data, err := ioutil.ReadFile(file) ++ if err == nil { ++ roots.AppendCertsFromPEM(data) ++ return roots, nil ++ } ++ } ++ + var firstErr error + for _, file := range certFiles { + data, err := ioutil.ReadFile(file) diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 27139adc7a44..b2540cbe2060 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -5348,11 +5348,9 @@ with pkgs; inherit (darwin.apple_sdk.frameworks) Security Foundation; }; - go_1_7 = callPackage ../development/compilers/go/1.7.nix ({ + go_1_7 = callPackage ../development/compilers/go/1.7.nix { inherit (darwin.apple_sdk.frameworks) Security Foundation; - } // stdenv.lib.optionalAttrs stdenv.isDarwin { - stdenv = stdenvAdapters.overrideCC pkgs.stdenv pkgs.clang_38; - }); + }; go_1_8 = callPackage ../development/compilers/go/1.8.nix ({ inherit (darwin.apple_sdk.frameworks) Security Foundation; -- cgit 1.4.1 From a7ecdffc281f847e8addabee216a1b424998b130 Mon Sep 17 00:00:00 2001 From: Joachim Fasting Date: Sat, 6 May 2017 19:02:16 +0200 Subject: linux_hardened: move to 4.11 Note that DEBUG_RODATA has been split into STRICT_KERNEL_RWX & STRICT_MODULE_RWX, which are on by default (non-optional). --- pkgs/os-specific/linux/kernel/hardened-config.nix | 9 +++------ pkgs/top-level/all-packages.nix | 3 ++- 2 files changed, 5 insertions(+), 7 deletions(-) (limited to 'pkgs/top-level/all-packages.nix') diff --git a/pkgs/os-specific/linux/kernel/hardened-config.nix b/pkgs/os-specific/linux/kernel/hardened-config.nix index c54ee0e5aff1..78fb1e368be7 100644 --- a/pkgs/os-specific/linux/kernel/hardened-config.nix +++ b/pkgs/os-specific/linux/kernel/hardened-config.nix @@ -2,22 +2,19 @@ # http://kernsec.org/wiki/index.php/Kernel_Self_Protection_Project#Recommended_settings # https://wiki.gentoo.org/wiki/Hardened/Hardened_Kernel_Project # -# The base kernel is assumed to be at least 4.9 or whatever the toplevel -# linux_hardened package expression uses. -# # Dangerous features that can be permanently (for the boot session) disabled at # boot via sysctl or kernel cmdline are left enabled here, for improved # flexibility. -{ stdenv }: +{ stdenv, version }: with stdenv.lib; +assert (versionAtLeast version "4.9"); + '' GCC_PLUGINS y # Enable gcc plugin options -DEBUG_KERNEL y -DEBUG_RODATA y # Make kernel text & rodata read-only DEBUG_WX y # A one-time check for W+X mappings at boot; doesn't do anything beyond printing a warning # Additional validation of commonly targetted structures diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index b2540cbe2060..e9741abcb5fa 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -11995,9 +11995,10 @@ with pkgs; linuxPackages_latest_xen_dom0 = recurseIntoAttrs (linuxPackagesFor (pkgs.linux_latest.override { features.xen_dom0=true; })); # Hardened linux - linux_hardened = linux_4_9.override { + linux_hardened = let linux = pkgs.linux_4_11; in linux.override { extraConfig = import ../os-specific/linux/kernel/hardened-config.nix { inherit stdenv; + inherit (linux) version; }; }; -- cgit 1.4.1 From bd03033b498f738419a3c18108c61896c8ac3eb3 Mon Sep 17 00:00:00 2001 From: Eric Sagnes Date: Tue, 9 May 2017 14:10:29 +0900 Subject: gnu-cobol: init at 2.0rc-2 --- pkgs/development/compilers/gnu-cobol/default.nix | 35 ++++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 2 files changed, 37 insertions(+) create mode 100644 pkgs/development/compilers/gnu-cobol/default.nix (limited to 'pkgs/top-level/all-packages.nix') diff --git a/pkgs/development/compilers/gnu-cobol/default.nix b/pkgs/development/compilers/gnu-cobol/default.nix new file mode 100644 index 000000000000..e5ec3659f0b5 --- /dev/null +++ b/pkgs/development/compilers/gnu-cobol/default.nix @@ -0,0 +1,35 @@ +{ stdenv, fetchurl, gcc, makeWrapper +, db, gmp, ncurses }: + +let version = { + maj = "2.0"; + min = "rc-2"; +}; +in +stdenv.mkDerivation rec { + name = "gnu-cobol-${version.maj}${version.min}"; + + src = fetchurl { + url = "https://sourceforge.com/projects/open-cobol/files/gnu-cobol/${version.maj}/gnu-cobol-${version.maj}_${version.min}.tar.gz"; + sha256 = "1pj7mjnp3l76zvzrh1xa6d4kw3jkvzqh39sbf02kiinq4y65s7zj"; + }; + + nativeBuildInputs = [ makeWrapper ]; + + buildInputs = [ db gmp ncurses ]; + + postInstall = with stdenv.lib; '' + wrapProgram "$out/bin/cobc" \ + --prefix PATH ':' "${gcc}/bin" \ + --prefix NIX_LDFLAGS ' ' "'$NIX_LDFLAGS'" \ + --prefix NIX_CFLAGS_COMPILE ' ' "'$NIX_CFLAGS_COMPILE'" + ''; + + meta = with stdenv.lib; { + description = "An open-source COBOL compiler"; + homepage = http://sourceforge.net/projects/open-cobol/; + license = licenses.gpl3; + maintainers = with maintainers; [ ericsagnes ]; + platforms = platforms.linux; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index bebd1058e975..e17559bb9c1a 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -2039,6 +2039,8 @@ with pkgs; gnuapl = callPackage ../development/interpreters/gnu-apl { }; + gnu-cobol = callPackage ../development/compilers/gnu-cobol { }; + gnufdisk = callPackage ../tools/system/fdisk { guile = guile_1_8; }; -- cgit 1.4.1