diff options
Diffstat (limited to 'pkgs/os-specific/linux')
113 files changed, 1313 insertions, 543 deletions
diff --git a/pkgs/os-specific/linux/anbox/kmod.nix b/pkgs/os-specific/linux/anbox/kmod.nix index 9ce65cd87261c..553712d21a7fe 100644 --- a/pkgs/os-specific/linux/anbox/kmod.nix +++ b/pkgs/os-specific/linux/anbox/kmod.nix @@ -36,7 +36,7 @@ stdenv.mkDerivation { homepage = "https://github.com/anbox/anbox-modules"; license = licenses.gpl2Only; platforms = platforms.linux; - broken = kernel.kernelOlder "4.4" || kernel.kernelAtLeast "5.5"; + broken = kernel.kernelAtLeast "5.5"; maintainers = with maintainers; [ edwtjo ]; }; } diff --git a/pkgs/os-specific/linux/apfs/default.nix b/pkgs/os-specific/linux/apfs/default.nix index 98fd83ed5d518..eedaa9ef96872 100644 --- a/pkgs/os-specific/linux/apfs/default.nix +++ b/pkgs/os-specific/linux/apfs/default.nix @@ -6,13 +6,13 @@ stdenv.mkDerivation { pname = "apfs"; - version = "unstable-2021-09-21-${kernel.version}"; + version = "unstable-2022-02-03-${kernel.version}"; src = fetchFromGitHub { owner = "linux-apfs"; repo = "linux-apfs-rw"; - rev = "362c4e32ab585b9234a26aa3e49f29b605612a31"; - sha256 = "sha256-Y8/PGPLirNrICF+Bum60v/DBPa1xpox5VBvt64myZzs="; + rev = "a0d6a4dca69b6eab3cabaaee4d4284807828a266"; + sha256 = "sha256-3T1BNc6g3SDTxb0VrronLUIp/CWbwnzXTsc8Qk5c4jY="; }; hardeningDisable = [ "pic" ]; diff --git a/pkgs/os-specific/linux/apparmor/default.nix b/pkgs/os-specific/linux/apparmor/default.nix index 5c1cf272e0e79..a7afd83862457 100644 --- a/pkgs/os-specific/linux/apparmor/default.nix +++ b/pkgs/os-specific/linux/apparmor/default.nix @@ -1,4 +1,4 @@ -{ stdenv, lib, fetchurl, fetchpatch, makeWrapper, autoreconfHook +{ stdenv, lib, fetchFromGitLab, fetchpatch, makeWrapper, autoreconfHook , pkg-config, which , flex, bison , linuxHeaders ? stdenv.cc.libc.linuxHeaders @@ -21,7 +21,7 @@ }: let - apparmor-version = "3.0.3"; + apparmor-version = "3.0.4"; apparmor-meta = component: with lib; { homepage = "https://apparmor.net/"; @@ -31,9 +31,11 @@ let platforms = platforms.linux; }; - apparmor-sources = fetchurl { - url = "https://launchpad.net/apparmor/${lib.versions.majorMinor apparmor-version}/${apparmor-version}/+download/apparmor-${apparmor-version}.tar.gz"; - sha256 = "0nasq8pdmzkrf856yg1v8z5hcs0nn6gw2qr60ab0a7j9ixfv0g8m"; + apparmor-sources = fetchFromGitLab { + owner = "apparmor"; + repo = "apparmor"; + rev = "v${apparmor-version}"; + sha256 = "1a217j28rgfq4lsmpn0wv1xgmdr9ba8iysv9i6q477kj6z77zrb9"; }; aa-teardown = writeShellScript "aa-teardown" '' @@ -48,8 +50,9 @@ let substituteInPlace ./common/Make.rules \ --replace "/usr/bin/pod2man" "${buildPackages.perl}/bin/pod2man" \ --replace "/usr/bin/pod2html" "${buildPackages.perl}/bin/pod2html" \ - --replace "/usr/include/linux/capability.h" "${linuxHeaders}/include/linux/capability.h" \ --replace "/usr/share/man" "share/man" + substituteInPlace ./utils/Makefile \ + --replace "/usr/include/linux/capability.h" "${linuxHeaders}/include/linux/capability.h" ''; patches = lib.optionals stdenv.hostPlatform.isMusl [ @@ -60,6 +63,8 @@ let }) ]; + python = python3.withPackages (ps: with ps; [ setuptools ]); + # Set to `true` after the next FIXME gets fixed or this gets some # common derivation infra. Too much copy-paste to fix one by one. doCheck = false; @@ -86,19 +91,16 @@ let ncurses which perl - ] ++ lib.optional withPython python3; + ] ++ lib.optional withPython python; buildInputs = lib.optional withPerl perl - ++ lib.optional withPython python3; + ++ lib.optional withPython python; # required to build apparmor-parser dontDisableStatic = true; prePatch = prePatchCommon + '' substituteInPlace ./libraries/libapparmor/swig/perl/Makefile.am --replace install_vendor install_site - substituteInPlace ./libraries/libapparmor/swig/perl/Makefile.in --replace install_vendor install_site - substituteInPlace ./libraries/libapparmor/src/Makefile.am --replace "/usr/include/netinet/in.h" "${lib.getDev stdenv.cc.libc}/include/netinet/in.h" - substituteInPlace ./libraries/libapparmor/src/Makefile.in --replace "/usr/include/netinet/in.h" "${lib.getDev stdenv.cc.libc}/include/netinet/in.h" ''; inherit patches; @@ -132,12 +134,12 @@ let strictDeps = true; - nativeBuildInputs = [ makeWrapper which python3 ]; + nativeBuildInputs = [ makeWrapper which python ]; buildInputs = [ bash perl - python3 + python libapparmor libapparmor.python ]; @@ -159,7 +161,7 @@ let postInstall = '' sed -i $out/bin/aa-unconfined -e "/my_env\['PATH'\]/d" for prog in aa-audit aa-autodep aa-cleanprof aa-complain aa-disable aa-enforce aa-genprof aa-logprof aa-mergeprof aa-unconfined ; do - wrapProgram $out/bin/$prog --prefix PYTHONPATH : "$out/lib/${python3.libPrefix}/site-packages:$PYTHONPATH" + wrapProgram $out/bin/$prog --prefix PYTHONPATH : "$out/lib/${python.sitePackages}:$PYTHONPATH" done substituteInPlace $out/bin/aa-notify \ diff --git a/pkgs/os-specific/linux/audit/default.nix b/pkgs/os-specific/linux/audit/default.nix index e9762f44dcdca..6d14a3293fca4 100644 --- a/pkgs/os-specific/linux/audit/default.nix +++ b/pkgs/os-specific/linux/audit/default.nix @@ -69,6 +69,13 @@ stdenv.mkDerivation rec { sha256 = "0qjq41ridyamajz9v9nyplgq7f8nn3fxw375s9sa5a0igsrx9pm0"; excludes = [ "ChangeLog" ]; }) + # Fix pending upstream inclusion for linux-headers-5.17 support: + # https://github.com/linux-audit/audit-userspace/pull/253 + (fetchpatch { + name = "ignore-flexible-array.patch"; + url = "https://github.com/linux-audit/audit-userspace/commit/beed138222421a2eb4212d83cb889404bd7efc49.patch"; + sha256 = "1hf02zaxv6x0wmn4ca9fj48y2shks7vfna43i1zz58xw9jq7sza0"; + }) ]; postPatch = '' diff --git a/pkgs/os-specific/linux/autofs/default.nix b/pkgs/os-specific/linux/autofs/default.nix index 7b29f5a0e5cfe..5e552301fe48e 100644 --- a/pkgs/os-specific/linux/autofs/default.nix +++ b/pkgs/os-specific/linux/autofs/default.nix @@ -1,5 +1,7 @@ { lib, stdenv, fetchurl, flex, bison, linuxHeaders, libtirpc, mount, umount, nfs-utils, e2fsprogs -, libxml2, libkrb5, kmod, openldap, sssd, cyrus_sasl, openssl, rpcsvc-proto }: +, libxml2, libkrb5, kmod, openldap, sssd, cyrus_sasl, openssl, rpcsvc-proto +, fetchpatch +}: stdenv.mkDerivation rec { version = "5.1.6"; @@ -10,6 +12,15 @@ stdenv.mkDerivation rec { sha256 = "1vya21mb4izj3khcr3flibv7xc15vvx2v0rjfk5yd31qnzcy7pnx"; }; + patches = [ + # glibc 2.34 compat + (fetchpatch { + url = "https://src.fedoraproject.org/rpms/autofs/raw/cc745af5e42396d540d5b3b92fae486e232bf6bd/f/autofs-5.1.7-use-default-stack-size-for-threads.patch"; + sha256 = "sha256-6ETDFbW7EhHR03xFWF+6OJBgn9NX3WW3bGhTNGodaOc="; + excludes = [ "CHANGELOG" ]; + }) + ]; + preConfigure = '' configureFlags="--enable-force-shutdown --enable-ignore-busy --with-path=$PATH" export sssldir="${sssd}/lib/sssd/modules" diff --git a/pkgs/os-specific/linux/batman-adv/default.nix b/pkgs/os-specific/linux/batman-adv/default.nix index 123c42e839712..79dc48a6ea9c9 100644 --- a/pkgs/os-specific/linux/batman-adv/default.nix +++ b/pkgs/os-specific/linux/batman-adv/default.nix @@ -1,4 +1,9 @@ -{ lib, stdenv, fetchurl, kernel }: +{ lib +, stdenv +, fetchurl +, fetchpatch +, kernel +}: let cfg = import ./version.nix; in @@ -11,6 +16,19 @@ stdenv.mkDerivation rec { sha256 = cfg.sha256.${pname}; }; + patches = [ + # batman-adv: make mc_forwarding atomic + (fetchpatch { + url = "https://git.open-mesh.org/batman-adv.git/blobdiff_plain/c142c00f6b1a2ad5f5d74202fb1249e6a6575407..56db7c0540e733a1f063ccd6bab1b537a80857eb:/net/batman-adv/multicast.c"; + hash = "sha256-2zXg8mZ3/iK9E/kyn+wHSrlLq87HuK72xuXojQ9KjkI="; + }) + # batman-adv: compat: Add atomic mc_fowarding support for stable kernels + (fetchpatch { + url = "https://git.open-mesh.org/batman-adv.git/blobdiff_plain/f07a0c37ab278fb6a9e95cad89429b1282f1ab59..350adcaec82fbaa358a2406343b6130ac8dad126:/net/batman-adv/multicast.c"; + hash = "sha256-r/Xp5bmDo9GVfAF6bn2Xq+cOq5ddQe+D5s/h37uI6bM="; + }) + ]; + nativeBuildInputs = kernel.moduleBuildDependencies; makeFlags = kernel.makeFlags ++ [ "KERNELPATH=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" diff --git a/pkgs/os-specific/linux/batman-adv/version.nix b/pkgs/os-specific/linux/batman-adv/version.nix index 048318e3e33a1..12a7f26a336ef 100644 --- a/pkgs/os-specific/linux/batman-adv/version.nix +++ b/pkgs/os-specific/linux/batman-adv/version.nix @@ -1,9 +1,9 @@ { - version = "2021.4"; + version = "2022.0"; sha256 = { - batman-adv = "06zbyf8s7njn6wdm1fdq3kl8kx1vx4spxkgiy7dx0pq4c3qs5xyg"; - alfred = "15fbw80ix95zy8i4c6acm1631vxlz2hakjv4zv5wig74bp2bcyac"; - batctl = "1ryqz90av2p5pgmmpi1afmycd18zhpwz1i4f7r0s359jis86xndn"; + batman-adv = "sha256-STOHBbwgdwmshNdmaI5wJXEAnIJ8CjIHiOpR+4h3FKo="; + alfred = "sha256-q7odrGHsz81jKeczHQVV/syTd2D7NsbPVc5sHXUc/Zg="; + batctl = "sha256-iTlm+aLWpQch3hJM5i2l096cIOBVdspIK8VwTMWm9z0="; }; } diff --git a/pkgs/os-specific/linux/bluez/default.nix b/pkgs/os-specific/linux/bluez/default.nix index ab9b7055fdda4..1f6fb31d93db7 100644 --- a/pkgs/os-specific/linux/bluez/default.nix +++ b/pkgs/os-specific/linux/bluez/default.nix @@ -22,11 +22,11 @@ ]; in stdenv.mkDerivation rec { pname = "bluez"; - version = "5.63"; + version = "5.64"; src = fetchurl { url = "mirror://kernel/linux/bluetooth/${pname}-${version}.tar.xz"; - sha256 = "sha256-k0nhHoFguz1yCDXScSUNinQk02kPUonm22/gfMZsbXY="; + sha256 = "sha256-rkN+ZbazBwwZi8WwEJ/pzeueqjhzgOIHL53mX+ih3jQ="; }; buildInputs = [ diff --git a/pkgs/os-specific/linux/broadcom-sta/default.nix b/pkgs/os-specific/linux/broadcom-sta/default.nix index 5d86c2311f1fa..b15c61488cbb0 100644 --- a/pkgs/os-specific/linux/broadcom-sta/default.nix +++ b/pkgs/os-specific/linux/broadcom-sta/default.nix @@ -39,6 +39,8 @@ stdenv.mkDerivation { ./linux-5.6.patch # source: https://gist.github.com/joanbm/5c640ac074d27fd1d82c74a5b67a1290 ./linux-5.9.patch + # source: https://github.com/archlinux/svntogit-community/blob/5ec5b248976f84fcd7e3d7fae49ee91289912d12/trunk/012-linux517.patch + ./linux-5.17.patch ./null-pointer-fix.patch ./gcc.patch ]; diff --git a/pkgs/os-specific/linux/broadcom-sta/linux-5.17.patch b/pkgs/os-specific/linux/broadcom-sta/linux-5.17.patch new file mode 100644 index 0000000000000..74847cb6bb407 --- /dev/null +++ b/pkgs/os-specific/linux/broadcom-sta/linux-5.17.patch @@ -0,0 +1,39 @@ +diff -u -r a/src/wl/sys/wl_linux.c b/src/wl/sys/wl_linux.c +--- a/src/wl/sys/wl_linux.c 2022-03-23 00:35:42.930416350 +0000 ++++ b/src/wl/sys/wl_linux.c 2022-03-23 00:40:12.903771013 +0000 +@@ -2980,7 +2980,11 @@ + else + dev->type = ARPHRD_IEEE80211_RADIOTAP; + ++#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 17, 0) + bcopy(wl->dev->dev_addr, dev->dev_addr, ETHER_ADDR_LEN); ++#else ++ eth_hw_addr_set(wl->dev, dev->dev_addr); ++#endif + + #if defined(WL_USE_NETDEV_OPS) + dev->netdev_ops = &wl_netdev_monitor_ops; +@@ -3261,7 +3265,11 @@ + static ssize_t + wl_proc_read(struct file *filp, char __user *buffer, size_t length, loff_t *offp) + { ++#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 17, 0) + wl_info_t * wl = PDE_DATA(file_inode(filp)); ++#else ++ wl_info_t * wl = pde_data(file_inode(filp)); ++#endif + #endif + int bcmerror, len; + int to_user = 0; +@@ -3318,7 +3326,11 @@ + static ssize_t + wl_proc_write(struct file *filp, const char __user *buff, size_t length, loff_t *offp) + { ++#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 17, 0) + wl_info_t * wl = PDE_DATA(file_inode(filp)); ++#else ++ wl_info_t * wl = pde_data(file_inode(filp)); ++#endif + #endif + int from_user = 0; + int bcmerror; diff --git a/pkgs/os-specific/linux/busybox/default.nix b/pkgs/os-specific/linux/busybox/default.nix index 7aaedb5b1acdc..636a07edddfd8 100644 --- a/pkgs/os-specific/linux/busybox/default.nix +++ b/pkgs/os-specific/linux/busybox/default.nix @@ -50,14 +50,14 @@ in stdenv.mkDerivation rec { pname = "busybox"; - version = "1.34.1"; + version = "1.35.0"; # Note to whoever is updating busybox: please verify that: # nix-build pkgs/stdenv/linux/make-bootstrap-tools.nix -A test # still builds after the update. src = fetchurl { url = "https://busybox.net/downloads/${pname}-${version}.tar.bz2"; - sha256 = "0jfm9fik7nv4w21zqdg830pddgkdjmplmna9yjn9ck1lwn4vsps1"; + sha256 = "sha256-+u6yRMNaNIozT0pZ5EYm7ocPsHtohNaMEK6LwZ+DppQ="; }; hardeningDisable = [ "format" "pie" ] @@ -65,6 +65,16 @@ stdenv.mkDerivation rec { patches = [ ./busybox-in-store.patch + (fetchurl { + name = "CVE-2022-28391.patch"; + url = "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch?id=ed92963eb55bbc8d938097b9ccb3e221a94653f4"; + sha256 = "sha256-yviw1GV+t9tbHbY7YNxEqPi7xEreiXVqbeRyf8c6Awo="; + }) + (fetchurl { + name = "CVE-2022-28391.patch"; + url = "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch?id=ed92963eb55bbc8d938097b9ccb3e221a94653f4"; + sha256 = "sha256-vl1wPbsHtXY9naajjnTicQ7Uj3N+EQ8pRNnrdsiow+w="; + }) ] ++ lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) ./clang-cross.patch; separateDebugInfo = true; diff --git a/pkgs/os-specific/linux/conky/default.nix b/pkgs/os-specific/linux/conky/default.nix index 9bd8890e71348..87f5bb052f488 100644 --- a/pkgs/os-specific/linux/conky/default.nix +++ b/pkgs/os-specific/linux/conky/default.nix @@ -1,7 +1,7 @@ { config, lib, stdenv, fetchFromGitHub, pkg-config, cmake # dependencies -, glib, libXinerama +, glib, libXinerama, catch2 # optional features without extra dependencies , mpdSupport ? true @@ -85,6 +85,8 @@ stdenv.mkDerivation rec { sed -i 's/ Example: .*$//' doc/config_settings.xml substituteInPlace cmake/Conky.cmake --replace "# set(RELEASE true)" "set(RELEASE true)" + + cp ${catch2}/include/catch2/catch.hpp tests/catch2/catch.hpp ''; NIX_LDFLAGS = "-lgcc_s"; @@ -133,6 +135,8 @@ stdenv.mkDerivation rec { # src/conky.cc:137:23: fatal error: defconfig.h: No such file or directory enableParallelBuilding = false; + doCheck = true; + meta = with lib; { homepage = "http://conky.sourceforge.net/"; description = "Advanced, highly configurable system monitor based on torsmo"; diff --git a/pkgs/os-specific/linux/cryptsetup/default.nix b/pkgs/os-specific/linux/cryptsetup/default.nix index a9bd508d16ecd..be819802394e5 100644 --- a/pkgs/os-specific/linux/cryptsetup/default.nix +++ b/pkgs/os-specific/linux/cryptsetup/default.nix @@ -5,7 +5,7 @@ stdenv.mkDerivation rec { pname = "cryptsetup"; version = "2.4.3"; - outputs = [ "out" "dev" "man" ]; + outputs = [ "bin" "out" "dev" "man" ]; separateDebugInfo = true; src = fetchurl { @@ -31,6 +31,12 @@ stdenv.mkDerivation rec { "--enable-cryptsetup-reencrypt" "--with-crypto_backend=openssl" "--disable-ssh-token" + ] ++ lib.optionals stdenv.hostPlatform.isStatic [ + "--disable-external-tokens" + # We have to override this even though we're removing token + # support, because the path still gets included in the binary even + # though it isn't used. + "--with-luks2-external-tokens-path=/" ]; nativeBuildInputs = [ pkg-config ]; diff --git a/pkgs/os-specific/linux/digimend/default.nix b/pkgs/os-specific/linux/digimend/default.nix index e26509d3a7cb4..b0ae7cc85088d 100644 --- a/pkgs/os-specific/linux/digimend/default.nix +++ b/pkgs/os-specific/linux/digimend/default.nix @@ -1,7 +1,5 @@ { lib, stdenv, fetchFromGitHub, fetchpatch, kernel }: -assert lib.versionAtLeast kernel.version "3.5"; - stdenv.mkDerivation rec { pname = "digimend"; version = "unstable-2019-06-18"; diff --git a/pkgs/os-specific/linux/displaylink/default.nix b/pkgs/os-specific/linux/displaylink/default.nix index e7e572ce18e14..1823613a58a48 100644 --- a/pkgs/os-specific/linux/displaylink/default.nix +++ b/pkgs/os-specific/linux/displaylink/default.nix @@ -58,7 +58,7 @@ stdenv.mkDerivation rec { --set-rpath ${libPath} \ $out/bin/DisplayLinkManager wrapProgram $out/bin/DisplayLinkManager \ - --run "cd $out/lib/displaylink" + --chdir "$out/lib/displaylink" # We introduce a dependency on the source file so that it need not be redownloaded everytime echo $src >> "$out/share/workspace_dependencies.pin" diff --git a/pkgs/os-specific/linux/ell/default.nix b/pkgs/os-specific/linux/ell/default.nix index aa8e3f15aab27..d79201cc4cd18 100644 --- a/pkgs/os-specific/linux/ell/default.nix +++ b/pkgs/os-specific/linux/ell/default.nix @@ -7,14 +7,14 @@ stdenv.mkDerivation rec { pname = "ell"; - version = "0.46"; + version = "0.49"; outputs = [ "out" "dev" ]; src = fetchgit { url = "https://git.kernel.org/pub/scm/libs/ell/ell.git"; rev = version; - sha256 = "sha256-Am1PNFFfSzII4Iaeq0wgfuVHSeMDjiDzYkNQWlnEHJY="; + sha256 = "sha256-/5ivelqRDvJuPVJqMs27VJUIq7/Dw6ROt/cmjSo309s="; }; nativeBuildInputs = [ diff --git a/pkgs/os-specific/linux/ena/default.nix b/pkgs/os-specific/linux/ena/default.nix index 5873a2fe2c1d4..9f2f8682078d7 100644 --- a/pkgs/os-specific/linux/ena/default.nix +++ b/pkgs/os-specific/linux/ena/default.nix @@ -42,6 +42,6 @@ stdenv.mkDerivation rec { license = licenses.gpl2Only; maintainers = [ maintainers.eelco ]; platforms = platforms.linux; - broken = kernel.kernelOlder "4.5" || kernel.kernelAtLeast "5.15"; + broken = kernel.kernelAtLeast "5.15"; }; } diff --git a/pkgs/os-specific/linux/facetimehd/default.nix b/pkgs/os-specific/linux/facetimehd/default.nix index 163001638cda7..27bbfcc67671d 100644 --- a/pkgs/os-specific/linux/facetimehd/default.nix +++ b/pkgs/os-specific/linux/facetimehd/default.nix @@ -1,9 +1,9 @@ { stdenv, lib, fetchFromGitHub, kernel }: -# facetimehd is not supported for kernels older than 3.19"; -assert lib.versionAtLeast kernel.version "3.19"; +stdenv.mkDerivation rec { + name = "facetimehd-${version}-${kernel.version}"; + version = "unstable-2020-04-16"; -let # Note: When updating this revision: # 1. Also update pkgs/os-specific/linux/firmware/facetimehd-firmware/ # 2. Test the module and firmware change via: @@ -14,29 +14,11 @@ let # e. see if the module loads back (apps using the camera won't # recover and will have to be restarted) and the camera # still works. - srcParams = if (lib.versionAtLeast kernel.version "4.8") then - { # Use mainline branch - version = "unstable-2020-04-16"; - rev = "82626d4892eeb9eb704538bf0dc49a00725ff451"; - sha256 = "118z6vjvhhcwvs4n3sgwwdagys9w718b8nkh6l9ic93732vv7cqx"; - } - else - { # Use master branch (broken on 4.8) - version = "unstable-2016-05-02"; - rev = "5a7083bd98b38ef3bd223f7ee531d58f4fb0fe7c"; - sha256 = "0d455kajvn5xav9iilqy7s1qvsy4yb8vzjjxx7bvcgp7aj9ljvdp"; - } - ; -in - -stdenv.mkDerivation rec { - name = "facetimehd-${version}-${kernel.version}"; - version = srcParams.version; - src = fetchFromGitHub { owner = "patjak"; repo = "bcwc_pcie"; - inherit (srcParams) rev sha256; + rev = "82626d4892eeb9eb704538bf0dc49a00725ff451"; + sha256 = "118z6vjvhhcwvs4n3sgwwdagys9w718b8nkh6l9ic93732vv7cqx"; }; preConfigure = '' diff --git a/pkgs/os-specific/linux/firmware/fwupd/default.nix b/pkgs/os-specific/linux/firmware/fwupd/default.nix index 272bd6dbe8fc0..12a99b7231377 100644 --- a/pkgs/os-specific/linux/firmware/fwupd/default.nix +++ b/pkgs/os-specific/linux/firmware/fwupd/default.nix @@ -116,7 +116,7 @@ let self = stdenv.mkDerivation rec { pname = "fwupd"; - version = "1.7.6"; + version = "1.7.7"; # libfwupd goes to lib # daemon, plug-ins and libfwupdplugin go to out @@ -125,7 +125,7 @@ let src = fetchurl { url = "https://people.freedesktop.org/~hughsient/releases/fwupd-${version}.tar.xz"; - sha256 = "sha256-fr4VFKy2iNJknOzDktuSkJTaPwPPyYqcD6zKuwhJEvo="; + sha256 = "sha256-QUmU06zfZ0qQ9wotoW2k4XalrRH+Y25qs/DhpJ4GKWk="; }; patches = [ @@ -153,13 +153,6 @@ let # EFI capsule is located in fwupd-efi now. ./efi-app-path.patch - - # Drop hard-coded FHS path - # https://github.com/fwupd/fwupd/issues/4360 - (fetchpatch { - url = "https://github.com/fwupd/fwupd/commit/14cc2e7ee471b66ee2ef54741f4bec1f92204620.patch"; - sha256 = "47682oqE66Y6QKPtN2mYpnb2+TIJFqBgsgx60LmC3FM="; - }) ]; nativeBuildInputs = [ @@ -323,7 +316,6 @@ let passthru = { filesInstalledToEtc = [ "fwupd/daemon.conf" - "fwupd/msr.conf" "fwupd/remotes.d/lvfs-testing.conf" "fwupd/remotes.d/lvfs.conf" "fwupd/remotes.d/vendor.conf" @@ -341,6 +333,8 @@ let "fwupd/remotes.d/dell-esrt.conf" ] ++ lib.optionals haveRedfish [ "fwupd/redfish.conf" + ] ++ lib.optionals haveMSR [ + "fwupd/msr.conf" ]; # DisabledPlugins key in fwupd/daemon.conf diff --git a/pkgs/os-specific/linux/firmware/raspberrypi-wireless/default.nix b/pkgs/os-specific/linux/firmware/raspberrypi-wireless/default.nix index 4ade35845ecbf..72ae31c4b2dc6 100644 --- a/pkgs/os-specific/linux/firmware/raspberrypi-wireless/default.nix +++ b/pkgs/os-specific/linux/firmware/raspberrypi-wireless/default.nix @@ -2,7 +2,7 @@ stdenv.mkDerivation { pname = "raspberrypi-wireless-firmware"; - version = "2021-11-02"; + version = "2021-12-06"; srcs = [ (fetchFromGitHub { @@ -10,14 +10,14 @@ stdenv.mkDerivation { owner = "RPi-Distro"; repo = "bluez-firmware"; rev = "e7fd166981ab4bb9a36c2d1500205a078a35714d"; - sha256 = "1dkg8mzn7n4afi50ibrda2s33nw2qj52jjjdv9w560q601gms47b"; + hash = "sha256-6xBdXwAGA1N42k1KKYrEgtsxtFAtrwhKdIrYY39Fb7Y="; }) (fetchFromGitHub { name = "firmware-nonfree"; owner = "RPi-Distro"; repo = "firmware-nonfree"; - rev = "54ffdd6e2ea6055d46656b78e148fe7def3ec9d8"; - sha256 = "4WTrs/tUyOugufRrrh0qsEmhPclQD64ypYysxsnOyS8="; + rev = "99d5c588e95ec9c9b86d7e88d3cf85b4f729d2bc"; + hash = "sha256-xg6fYQvg7t2ikyLI8/XfpiNaNTf7CNFQlAzpTldTz10="; }) ]; @@ -44,7 +44,7 @@ stdenv.mkDerivation { outputHashMode = "recursive"; outputHashAlgo = "sha256"; - outputHash = "l+7VOq7CV5QA8/FWjMBGDcxq8Qe7NFf6E2Y42htZEgE="; + outputHash = "sha256-Fw8EC1jzszWg9rNH01oaOIHnSYDuF6ov6ulmIAPuNz4="; meta = with lib; { description = "Firmware for builtin Wifi/Bluetooth devices in the Raspberry Pi 3+ and Zero W"; diff --git a/pkgs/os-specific/linux/firmware/raspberrypi/default.nix b/pkgs/os-specific/linux/firmware/raspberrypi/default.nix index 7f0eef05dc4ee..9181a94dcb66a 100644 --- a/pkgs/os-specific/linux/firmware/raspberrypi/default.nix +++ b/pkgs/os-specific/linux/firmware/raspberrypi/default.nix @@ -1,17 +1,17 @@ -{ lib, stdenvNoCC, fetchurl, unzip }: +{ lib, stdenvNoCC, fetchFromGitHub }: stdenvNoCC.mkDerivation rec { # NOTE: this should be updated with linux_rpi pname = "raspberrypi-firmware"; - version = "1.20220118"; + version = "1.20220331"; - src = fetchurl { - url = "https://github.com/raspberrypi/firmware/archive/${version}.zip"; - sha256 = "sha256-98rbwKIuB7vb4MWbFCr7TYsvJB0HzPdH8Tw0+bktK/M="; + src = fetchFromGitHub { + owner = "raspberrypi"; + repo = "firmware"; + rev = version; + hash = "sha256-TxlpHPEJAtVJTtDghuJpx2mLjEPiKkcAr7S9Cd/cocE="; }; - nativeBuildInputs = [ unzip ]; - installPhase = '' mkdir -p $out/share/raspberrypi/ mv boot "$out/share/raspberrypi/" @@ -26,5 +26,6 @@ stdenvNoCC.mkDerivation rec { homepage = "https://github.com/raspberrypi/firmware"; license = licenses.unfreeRedistributableFirmware; # See https://github.com/raspberrypi/firmware/blob/master/boot/LICENCE.broadcom maintainers = with maintainers; [ dezgeg ]; + broken = stdenvNoCC.isDarwin; # Hash mismatch on source, mystery. }; } diff --git a/pkgs/os-specific/linux/firmware/sof-firmware/default.nix b/pkgs/os-specific/linux/firmware/sof-firmware/default.nix index 841e73cfc8bae..7192fbac47851 100644 --- a/pkgs/os-specific/linux/firmware/sof-firmware/default.nix +++ b/pkgs/os-specific/linux/firmware/sof-firmware/default.nix @@ -5,13 +5,13 @@ stdenvNoCC.mkDerivation rec { pname = "sof-firmware"; - version = "2.0"; + version = "2.1.1"; src = fetchFromGitHub { owner = "thesofproject"; repo = "sof-bin"; rev = "v${version}"; - sha256 = "sha256-pDxNcDe/l1foFYuHB0w3YZidKIeH6h0IuwRmMzeMteE="; + sha256 = "sha256-/OYYfIJWMT+rBBhSCtHaSWvwRMlReEQ5y4FuMfk5zUg="; }; dontFixup = true; # binaries must not be stripped or patchelfed diff --git a/pkgs/os-specific/linux/fuse/common.nix b/pkgs/os-specific/linux/fuse/common.nix index 7b9b35614a459..ac4deb19f51ce 100644 --- a/pkgs/os-specific/linux/fuse/common.nix +++ b/pkgs/os-specific/linux/fuse/common.nix @@ -31,7 +31,13 @@ in stdenv.mkDerivation rec { }) ++ (if isFuse3 then [ ./fuse3-install.patch ./fuse3-Do-not-set-FUSERMOUNT_DIR.patch ] - else [ ./fuse2-Do-not-set-FUSERMOUNT_DIR.patch ]); + else [ + ./fuse2-Do-not-set-FUSERMOUNT_DIR.patch + (fetchpatch { + url = "https://gitweb.gentoo.org/repo/gentoo.git/plain/sys-fs/fuse/files/fuse-2.9.9-closefrom-glibc-2-34.patch?id=8a970396fca7aca2d5a761b8e7a8242f1eef14c9"; + sha256 = "sha256-ELYBW/wxRcSMssv7ejCObrpsJHtOPJcGq33B9yHQII4="; + }) + ]); nativeBuildInputs = if isFuse3 then [ meson ninja pkg-config ] diff --git a/pkgs/os-specific/linux/iproute/default.nix b/pkgs/os-specific/linux/iproute/default.nix index 74003ff83b831..64c54306333a3 100644 --- a/pkgs/os-specific/linux/iproute/default.nix +++ b/pkgs/os-specific/linux/iproute/default.nix @@ -1,15 +1,16 @@ { lib, stdenv, fetchurl, fetchpatch , buildPackages, bison, flex, pkg-config , db, iptables, libelf, libmnl +, gitUpdater }: stdenv.mkDerivation rec { pname = "iproute2"; - version = "5.14.0"; + version = "5.17.0"; src = fetchurl { url = "mirror://kernel/linux/utils/net/${pname}/${pname}-${version}.tar.xz"; - sha256 = "1m4ifnxq7lxnm95l5354z8dk3xj6w9isxmbz53266drgln2sf3r1"; + sha256 = "bjhPG0LHXhqdqsV4Zto33P+QkJC6huslpudk2niTZg4="; }; patches = [ @@ -48,6 +49,13 @@ stdenv.mkDerivation rec { enableParallelBuilding = true; + passthru.updateScript = gitUpdater { + inherit pname version; + # No nicer place to find latest release. + url = "https://git.kernel.org/pub/scm/network/iproute2/iproute2.git"; + rev-prefix = "v"; + }; + meta = with lib; { homepage = "https://wiki.linuxfoundation.org/networking/iproute2"; description = "A collection of utilities for controlling TCP/IP networking and traffic control in Linux"; diff --git a/pkgs/os-specific/linux/iwd/default.nix b/pkgs/os-specific/linux/iwd/default.nix index 72ecaffe5f50f..bc5811942a591 100644 --- a/pkgs/os-specific/linux/iwd/default.nix +++ b/pkgs/os-specific/linux/iwd/default.nix @@ -12,12 +12,12 @@ stdenv.mkDerivation rec { pname = "iwd"; - version = "1.20"; + version = "1.26"; src = fetchgit { url = "https://git.kernel.org/pub/scm/network/wireless/iwd.git"; rev = version; - sha256 = "sha256-GcqmMqrZSgvSrsY8FJbPynNWTzSi5A6kmyq+xJ+2i3Y="; + sha256 = "sha256-+BciYfb9++u9Ux4AdvPFFIFVq8j+TVoTLKqxzmn5p3o="; }; outputs = [ "out" "man" "doc" ] @@ -59,6 +59,7 @@ stdenv.mkDerivation rec { postUnpack = '' mkdir -p iwd/ell ln -s ${ell.src}/ell/useful.h iwd/ell/useful.h + ln -s ${ell.src}/ell/asn1-private.h iwd/ell/asn1-private.h patchShebangs . ''; diff --git a/pkgs/os-specific/linux/kbd/default.nix b/pkgs/os-specific/linux/kbd/default.nix index 23a523b15d727..4c89d8c821972 100644 --- a/pkgs/os-specific/linux/kbd/default.nix +++ b/pkgs/os-specific/linux/kbd/default.nix @@ -68,6 +68,7 @@ stdenv.mkDerivation rec { passthru.tests = { inherit (nixosTests) keymap kbd-setfont-decompress kbd-update-search-paths-patch; }; + passthru.gzip = gzip; meta = with lib; { homepage = "https://kbd-project.org/"; diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix index 153b41194b859..fdf54d302bf20 100644 --- a/pkgs/os-specific/linux/kernel/common-config.nix +++ b/pkgs/os-specific/linux/kernel/common-config.nix @@ -448,6 +448,9 @@ let NLS_CODEPAGE_437 = module; # VFAT default for the codepage= mount option NLS_ISO8859_1 = module; # VFAT default for the iocharset= mount option + # Needed to use the installation iso image. Not included in all defconfigs (e.g. arm64) + ISO9660_FS = module; + DEVTMPFS = yes; UNICODE = whenAtLeast "5.2" yes; # Casefolding support for filesystems @@ -906,6 +909,11 @@ let ANDROID_BINDER_IPC = { optional = true; tristate = whenAtLeast "5.0" "y";}; ANDROID_BINDERFS = { optional = true; tristate = whenAtLeast "5.0" "y";}; ANDROID_BINDER_DEVICES = { optional = true; freeform = whenAtLeast "5.0" "binder,hwbinder,vndbinder";}; + + TASKSTATS = yes; + TASK_DELAY_ACCT = yes; + TASK_XACCT = yes; + TASK_IO_ACCOUNTING = yes; } // optionalAttrs (stdenv.hostPlatform.system == "x86_64-linux" || stdenv.hostPlatform.system == "aarch64-linux") { # Enable CPU/memory hotplug support # Allows you to dynamically add & remove CPUs/memory to a VM client running NixOS without requiring a reboot diff --git a/pkgs/os-specific/linux/kernel/generate-config.pl b/pkgs/os-specific/linux/kernel/generate-config.pl index df807188f14f9..7e12ca5d96a95 100644 --- a/pkgs/os-specific/linux/kernel/generate-config.pl +++ b/pkgs/os-specific/linux/kernel/generate-config.pl @@ -81,7 +81,7 @@ sub runConfig { my $question = $1; my $name = $2; my $alts = $3; my $answer = ""; # Build everything as a module if possible. - $answer = "m" if $autoModules && $alts =~ /\/m/ && !($preferBuiltin && $alts =~ /Y/); + $answer = "m" if $autoModules && $alts =~ qr{\A(\w/)+m/(\w/)*\?\z} && !($preferBuiltin && $alts =~ /Y/); $answer = $answers{$name} if defined $answers{$name}; print STDERR "QUESTION: $question, NAME: $name, ALTS: $alts, ANSWER: $answer\n" if $debug; print OUT "$answer\n"; diff --git a/pkgs/os-specific/linux/kernel/gpio-utils.nix b/pkgs/os-specific/linux/kernel/gpio-utils.nix index 9c7386f61c1d2..40e282bbf541d 100644 --- a/pkgs/os-specific/linux/kernel/gpio-utils.nix +++ b/pkgs/os-specific/linux/kernel/gpio-utils.nix @@ -2,8 +2,6 @@ with lib; -assert versionAtLeast linux.version "4.6"; - stdenv.mkDerivation { pname = "gpio-utils"; version = linux.version; diff --git a/pkgs/os-specific/linux/kernel/linux-4.14.nix b/pkgs/os-specific/linux/kernel/linux-4.14.nix index 0683e7d6ad4d0..edf274aa85cbe 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.14.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.14.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "4.14.274"; + version = "4.14.275"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "1bbz1w5l7im7dspq6g6iy5vahsxcaa1b2ykrw49m3pw8rf7m6hib"; + sha256 = "1yaq5qhl694ygx17x998syg79yx72l3n9vzfkyf0g3idzdh9j2hh"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-4.9.nix b/pkgs/os-specific/linux/kernel/linux-4.9.nix index ad58c3ef64138..5786079a47dea 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.9.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.9.nix @@ -1,12 +1,12 @@ { buildPackages, fetchurl, perl, buildLinux, nixosTests, stdenv, ... } @ args: buildLinux (args // rec { - version = "4.9.309"; + version = "4.9.310"; extraMeta.branch = "4.9"; extraMeta.broken = stdenv.isAarch64; src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "05468rk4hlz9ag1zb7shngn5rl42npw7haqbi5mpaa0yksl5asp8"; + sha256 = "17d3isb1i52v8360vspnywjpsy9vvkc54k5kwdddj0plawvxklw5"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-5.10.nix b/pkgs/os-specific/linux/kernel/linux-5.10.nix index 7b5c9cba1444f..f13ec02408e35 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.10.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.10.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.10.109"; + version = "5.10.111"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "1p0k46isy2wzzms801lrnb59f1nb9mhywjj7fnkrwrj9nbn25yqq"; + sha256 = "06mbl327bin8pv1073f7x37np3whklbvnh8lwn8wx4jmfvcb6c8q"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-5.15.nix b/pkgs/os-specific/linux/kernel/linux-5.15.nix index dab27c119aa57..2286dd9ef75a1 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.15.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.15.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.15.32"; + version = "5.15.34"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -15,6 +15,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "11nz2w6hgwy6va6sxf4ic1s4kv24zbpssgjxsq6n321h4bxcsqql"; + sha256 = "0sfviwwp7qy8b5h15lg84dyskih4l082l9gs6yrqj3rg762lcld7"; }; } // (args.argsOverride or { })) diff --git a/pkgs/os-specific/linux/kernel/linux-5.16.nix b/pkgs/os-specific/linux/kernel/linux-5.16.nix index 4dcb71c4f5cdd..e68e76597e3e7 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.16.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.16.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.16.18"; + version = "5.16.20"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "096f80m2czj8khvil7s037pqdf1s6pklqn5d9419jqkz7v70piry"; + sha256 = "09dz8zp8cxvsc5amrswqqrkxd3i92ay2samlcspalaw6iz40s1nq"; }; } // (args.argsOverride or { })) diff --git a/pkgs/os-specific/linux/kernel/linux-5.17.nix b/pkgs/os-specific/linux/kernel/linux-5.17.nix index edd5339e103db..ae1ac1400d9e9 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.17.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.17.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.17.1"; + version = "5.17.3"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "092cx18va108lb27kxx2b00ma3l9g22nmkk81034apx26bacbmbw"; + sha256 = "0b0nb807r2pwrifc7yk0p9q6cm472ahggfaix6yiqzmqcvisil1j"; }; } // (args.argsOverride or { })) diff --git a/pkgs/os-specific/linux/kernel/linux-rpi.nix b/pkgs/os-specific/linux/kernel/linux-rpi.nix index 99b966ac5cdea..8654bc432ceb3 100644 --- a/pkgs/os-specific/linux/kernel/linux-rpi.nix +++ b/pkgs/os-specific/linux/kernel/linux-rpi.nix @@ -2,9 +2,8 @@ let # NOTE: raspberrypifw & raspberryPiWirelessFirmware should be updated with this - modDirVersion = "5.10.92"; - tag = "1.20220118"; - rev = "650082a559a570d6c9d2739ecc62843d6f951059"; + modDirVersion = "5.15.32"; + tag = "1.20220331"; in lib.overrideDerivation (buildLinux (args // { version = "${modDirVersion}-${tag}"; @@ -13,8 +12,8 @@ lib.overrideDerivation (buildLinux (args // { src = fetchFromGitHub { owner = "raspberrypi"; repo = "linux"; - inherit rev; - sha256 = "sha256-OSDx9dzqm8JnLUvdiv1aKqhRz80uWqfjXLd7m6ycXME="; + rev = tag; + hash = "sha256-dJtOXe4yvZz/iu0Ly5F9/E/2GbpTJF/9ZMU3rC1nKMw="; }; defconfig = { diff --git a/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix b/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix index cf0744bce6818..7162fe8ac198e 100644 --- a/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix +++ b/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix @@ -6,7 +6,7 @@ , ... } @ args: let - version = "5.10.106-rt64"; # updated by ./update-rt.sh + version = "5.10.109-rt65"; # updated by ./update-rt.sh branch = lib.versions.majorMinor version; kversion = builtins.elemAt (lib.splitString "-" version) 0; in buildLinux (args // { @@ -18,14 +18,14 @@ in buildLinux (args // { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${kversion}.tar.xz"; - sha256 = "0yjrlghcxw3lhd6nc2m4zy4gk536w3a3w6mxdsml690fqz4531n6"; + sha256 = "1p0k46isy2wzzms801lrnb59f1nb9mhywjj7fnkrwrj9nbn25yqq"; }; kernelPatches = let rt-patch = { name = "rt"; patch = fetchurl { url = "mirror://kernel/linux/kernel/projects/rt/${branch}/older/patch-${version}.patch.xz"; - sha256 = "0z5gyi1vyjyd05vyccmk9yfgvm5v1lc8vbfywahx495xzpp9i8xb"; + sha256 = "0w7bs5kmwvbyfy5js218ys42s8i51m8v0mbkfhiynlpm3iph357q"; }; }; in [ rt-patch ] ++ kernelPatches; diff --git a/pkgs/os-specific/linux/kernel/linux-rt-5.4.nix b/pkgs/os-specific/linux/kernel/linux-rt-5.4.nix index 747563e3c01f9..bb404fc59e982 100644 --- a/pkgs/os-specific/linux/kernel/linux-rt-5.4.nix +++ b/pkgs/os-specific/linux/kernel/linux-rt-5.4.nix @@ -6,7 +6,7 @@ , ... } @ args: let - version = "5.4.182-rt71"; # updated by ./update-rt.sh + version = "5.4.188-rt73"; # updated by ./update-rt.sh branch = lib.versions.majorMinor version; kversion = builtins.elemAt (lib.splitString "-" version) 0; in buildLinux (args // { @@ -14,14 +14,14 @@ in buildLinux (args // { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${kversion}.tar.xz"; - sha256 = "03gly4ivsdahixmshi021al48ycsalx30vsxr3iyj47hchgj1wdj"; + sha256 = "1g7xf2jx1hx580f42yirfgv9v0f9f88wzxxx0wiwx7wcqbyqpg4z"; }; kernelPatches = let rt-patch = { name = "rt"; patch = fetchurl { url = "mirror://kernel/linux/kernel/projects/rt/${branch}/older/patch-${version}.patch.xz"; - sha256 = "1lxj63v37bhdgynr8ffyd5g8vp5a79dnzi6fng7jsjapfriywzqh"; + sha256 = "17qx5xrchgss7zxg9lg91mqh0v3irx355003g7rj12h8y5r16l58"; }; }; in [ rt-patch ] ++ kernelPatches; diff --git a/pkgs/os-specific/linux/kernel/linux-testing-bcachefs.nix b/pkgs/os-specific/linux/kernel/linux-testing-bcachefs.nix index e86f6fced569a..327da3e0f3449 100644 --- a/pkgs/os-specific/linux/kernel/linux-testing-bcachefs.nix +++ b/pkgs/os-specific/linux/kernel/linux-testing-bcachefs.nix @@ -1,9 +1,9 @@ { lib , fetchpatch , kernel -, date ? "2022-03-21" -, commit ? "c38b7167aa5f3b1b91dcc93ade57f30e95064590" -, diffHash ? "04lgwnng7p2rlz9sxn74n22750kh524xwfws3agqs12pcrvfsm0j" +, date ? "2022-04-08" +, commit ? "6ddf061e68560a2bb263b126af7e894a6c1afb5f" +, diffHash ? "1nkrr1cxavw0rqxlyiz7pf9igvqay0d5kk7194v9ph3fcp9rz5kc" , kernelPatches # must always be defined in bcachefs' all-packages.nix entry because it's also a top-level attribute supplied by callPackage , argsOverride ? {} , ... diff --git a/pkgs/os-specific/linux/kernel/linux-xanmod.nix b/pkgs/os-specific/linux/kernel/linux-xanmod.nix deleted file mode 100644 index b170ec044b05e..0000000000000 --- a/pkgs/os-specific/linux/kernel/linux-xanmod.nix +++ /dev/null @@ -1,68 +0,0 @@ -{ lib, stdenv, buildLinux, fetchFromGitHub, ... } @ args: - -let - version = "5.15.27"; - release = "1"; - suffix = "xanmod${release}-tt"; -in -buildLinux (args // rec { - inherit version; - modDirVersion = "${version}-${suffix}"; - - src = fetchFromGitHub { - owner = "xanmod"; - repo = "linux"; - rev = modDirVersion; - sha256 = "sha256-ycUvTXDKnffxs8FKZJurX2bDr85gMQlSIFD0nST2Q98="; - }; - - structuredExtraConfig = with lib.kernel; { - # removed options - CFS_BANDWIDTH = lib.mkForce (option no); - RT_GROUP_SCHED = lib.mkForce (option no); - SCHED_AUTOGROUP = lib.mkForce (option no); - - # AMD P-state driver - X86_AMD_PSTATE = yes; - - # Linux RNG framework - LRNG = yes; - - # Paragon's NTFS3 driver - NTFS3_FS = module; - NTFS3_LZX_XPRESS = yes; - NTFS3_FS_POSIX_ACL = yes; - - # Preemptive Full Tickless Kernel at 500Hz - SCHED_CORE = lib.mkForce (option no); - PREEMPT_VOLUNTARY = lib.mkForce no; - PREEMPT = lib.mkForce yes; - NO_HZ_FULL = yes; - HZ_500 = yes; - - # Google's BBRv2 TCP congestion Control - TCP_CONG_BBR2 = yes; - DEFAULT_BBR2 = yes; - - # FQ-PIE Packet Scheduling - NET_SCH_DEFAULT = yes; - DEFAULT_FQ_PIE = yes; - - # Graysky's additional CPU optimizations - CC_OPTIMIZE_FOR_PERFORMANCE_O3 = yes; - - # Futex WAIT_MULTIPLE implementation for Wine / Proton Fsync. - FUTEX = yes; - FUTEX_PI = yes; - - # WineSync driver for fast kernel-backed Wine - WINESYNC = module; - }; - - extraMeta = { - branch = "5.15-tt"; - maintainers = with lib.maintainers; [ fortuneteller2k lovesegfault ]; - description = "Built with custom settings and new features built to provide a stable, responsive and smooth desktop experience"; - broken = stdenv.isAarch64; - }; -} // (args.argsOverride or { })) diff --git a/pkgs/os-specific/linux/kernel/linux-zen.nix b/pkgs/os-specific/linux/kernel/linux-zen.nix index 0e6cc394a5497..0d9d34588a9e8 100644 --- a/pkgs/os-specific/linux/kernel/linux-zen.nix +++ b/pkgs/os-specific/linux/kernel/linux-zen.nix @@ -2,7 +2,7 @@ let # having the full version string here makes it easier to update - modDirVersion = "5.17.0-zen1"; + modDirVersion = "5.17.2-zen3"; parts = lib.splitString "-" modDirVersion; version = lib.elemAt parts 0; suffix = lib.elemAt parts 1; @@ -20,7 +20,7 @@ buildLinux (args // { owner = "zen-kernel"; repo = "zen-kernel"; inherit rev; - sha256 = "sha256-8DCcO2oPnwXjjm3PW7vNZKbB3S7XsEB/svAMhbPRJIo="; + sha256 = "sha256-q6Cc3wQHDXzyt2hx3+CS8N74myC6ra/Y+8IHQxTkoLo="; }; structuredExtraConfig = with lib.kernel; { diff --git a/pkgs/os-specific/linux/kernel/perf.nix b/pkgs/os-specific/linux/kernel/perf.nix index 6d1763a0d0fd1..0183e9ffa3fdd 100644 --- a/pkgs/os-specific/linux/kernel/perf.nix +++ b/pkgs/os-specific/linux/kernel/perf.nix @@ -9,8 +9,6 @@ with lib; -assert versionAtLeast kernel.version "3.12"; - stdenv.mkDerivation { pname = "perf-linux"; version = kernel.version; diff --git a/pkgs/os-specific/linux/kernel/xanmod-kernels.nix b/pkgs/os-specific/linux/kernel/xanmod-kernels.nix new file mode 100644 index 0000000000000..8464b9ad25f82 --- /dev/null +++ b/pkgs/os-specific/linux/kernel/xanmod-kernels.nix @@ -0,0 +1,81 @@ +{ lib, stdenv, fetchFromGitHub, buildLinux, ... } @ args: + +let + stableVariant = { + version = "5.15.34"; + suffix = "xanmod1"; + hash = "sha256-sfrcaFhrdvupygXvajGyl6ruuBu+vFsAKjLyINyV3pw="; + }; + + edgeVariant = { + version = "5.17.2"; + suffix = "xanmod1"; + hash = "sha256-DK6yFZewqmr/BXFW5tqKXtWb1OLfqokZRQLOQxvBg6Q="; + }; + + xanmodKernelFor = { version, suffix, hash }: buildLinux (args // rec { + inherit version; + modDirVersion = "${version}-${suffix}"; + + src = fetchFromGitHub { + owner = "xanmod"; + repo = "linux"; + rev = modDirVersion; + inherit hash; + }; + + structuredExtraConfig = with lib.kernel; { + # removed options + CFS_BANDWIDTH = lib.mkForce (option no); + RT_GROUP_SCHED = lib.mkForce (option no); + SCHED_AUTOGROUP = lib.mkForce (option no); + + # AMD P-state driver + X86_AMD_PSTATE = yes; + + # Linux RNG framework + LRNG = yes; + + # Paragon's NTFS3 driver + NTFS3_FS = module; + NTFS3_LZX_XPRESS = yes; + NTFS3_FS_POSIX_ACL = yes; + + # Preemptive Full Tickless Kernel at 500Hz + SCHED_CORE = lib.mkForce (option no); + PREEMPT_VOLUNTARY = lib.mkForce no; + PREEMPT = lib.mkForce yes; + NO_HZ_FULL = yes; + HZ_500 = yes; + + # Google's BBRv2 TCP congestion Control + TCP_CONG_BBR2 = yes; + DEFAULT_BBR2 = yes; + + # FQ-PIE Packet Scheduling + NET_SCH_DEFAULT = yes; + DEFAULT_FQ_PIE = yes; + + # Graysky's additional CPU optimizations + CC_OPTIMIZE_FOR_PERFORMANCE_O3 = yes; + + # Futex WAIT_MULTIPLE implementation for Wine / Proton Fsync. + FUTEX = yes; + FUTEX_PI = yes; + + # WineSync driver for fast kernel-backed Wine + WINESYNC = module; + }; + + extraMeta = { + branch = lib.versions.majorMinor version; + maintainers = with lib.maintainers; [ fortuneteller2k lovesegfault ]; + description = "Built with custom settings and new features built to provide a stable, responsive and smooth desktop experience"; + broken = stdenv.isAarch64; + }; + } // (args.argsOverride or { })); +in +{ + stable = xanmodKernelFor stableVariant; + edge = xanmodKernelFor edgeVariant; +} diff --git a/pkgs/os-specific/linux/keyutils/default.nix b/pkgs/os-specific/linux/keyutils/default.nix index f307bd56d1cff..88410654f3b3a 100644 --- a/pkgs/os-specific/linux/keyutils/default.nix +++ b/pkgs/os-specific/linux/keyutils/default.nix @@ -15,11 +15,6 @@ stdenv.mkDerivation rec { }; patches = [ - (fetchurl { - # improve reproducibility - url = "https://salsa.debian.org/debian/keyutils/raw/4cecffcb8e2a2aa4ef41777ed40e4e4bcfb2e5bf/debian/patches/Make-build-reproducible.patch"; - sha256 = "0wnvbjfrbk7rghd032z684l7vk7mhy3bd41zvhkrhgp3cd5id0bm"; - }) ./conf-symlink.patch # This patch solves a duplicate symbol error when building with a clang stdenv # Before removing this patch, please ensure the package still builds by running eg. @@ -29,9 +24,16 @@ stdenv.mkDerivation rec { makeFlags = lib.optionals stdenv.hostPlatform.isStatic "NO_SOLIB=1"; - BUILDDATE = "1970-01-01"; outputs = [ "out" "lib" "dev" ]; + postPatch = '' + # https://github.com/archlinux/svntogit-packages/blob/packages/keyutils/trunk/reproducible.patch + substituteInPlace Makefile \ + --replace \ + 'VCPPFLAGS := -DPKGBUILD="\"$(shell date -u +%F)\""' \ + 'VCPPFLAGS := -DPKGBUILD="\"$(date -ud "@$SOURCE_DATE_EPOCH" +%F)\""' + ''; + enableParallelBuilding = true; installFlags = [ diff --git a/pkgs/os-specific/linux/kmod/default.nix b/pkgs/os-specific/linux/kmod/default.nix index a1a1906ba9cea..0411bae2060c7 100644 --- a/pkgs/os-specific/linux/kmod/default.nix +++ b/pkgs/os-specific/linux/kmod/default.nix @@ -16,6 +16,8 @@ in stdenv.mkDerivation rec { sha256 = "0am54mi5rk72g5q7k6l6f36gw3r9vwgjmyna43ywcjhqmakyx00b"; }; + outputs = [ "out" "dev" "lib" ]; + nativeBuildInputs = [ autoreconfHook pkg-config libxslt ]; buildInputs = [ xz zstd ] ++ lib.optional stdenv.isDarwin elf-header; diff --git a/pkgs/os-specific/linux/kvdo/default.nix b/pkgs/os-specific/linux/kvdo/default.nix new file mode 100644 index 0000000000000..74895e11bd5aa --- /dev/null +++ b/pkgs/os-specific/linux/kvdo/default.nix @@ -0,0 +1,31 @@ +{ stdenv, lib, fetchFromGitHub, vdo, kernel }: + +stdenv.mkDerivation rec { + inherit (vdo) version; + pname = "kvdo"; + + src = fetchFromGitHub { + owner = "dm-vdo"; + repo = "kvdo"; + rev = version; + sha256 = "1xl7dwcqx00w1gbpb6vlkn8nchyfj1fsc8c06vgda0sgxp7qs5gn"; + }; + + dontConfigure = true; + enableParallelBuilding = true; + + KSRC = "${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"; + INSTALL_MOD_PATH = placeholder "out"; + + preBuild = '' + makeFlags="$makeFlags -C ${KSRC} M=$(pwd)" +''; + installTargets = [ "modules_install" ]; + + meta = with lib; { + inherit (vdo.meta) license maintainers; + homepage = "https://github.com/dm-vdo/kvdo"; + description = "A pair of kernel modules which provide pools of deduplicated and/or compressed block storage"; + platforms = platforms.linux; + }; +} diff --git a/pkgs/os-specific/linux/ledger-udev-rules/default.nix b/pkgs/os-specific/linux/ledger-udev-rules/default.nix index 7b23719c791c3..3a6bf9e5d51c0 100644 --- a/pkgs/os-specific/linux/ledger-udev-rules/default.nix +++ b/pkgs/os-specific/linux/ledger-udev-rules/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation { pname = "ledger-udev-rules"; - version = "unstable-2019-05-30"; + version = "unstable-2021-09-10"; src = fetchFromGitHub { owner = "LedgerHQ"; repo = "udev-rules"; - rev = "765b7fdf57b20fd9326cedf48ee52e905024ab4f"; - sha256 = "10a42al020zpkx918y6b1l9az45vk3921b2l1mx87w3m0ad9qvif"; + rev = "2776324af6df36c2af4d2e8e92a1c98c281117c9"; + sha256 = "sha256-yTYI81PXMc32lMfI5uhD14nP20zAI7ZF33V1LRDWg2Y="; }; dontBuild = true; diff --git a/pkgs/os-specific/linux/libbpf/default.nix b/pkgs/os-specific/linux/libbpf/default.nix index 8e6b9fa0663a3..cb2f4611fde06 100644 --- a/pkgs/os-specific/linux/libbpf/default.nix +++ b/pkgs/os-specific/linux/libbpf/default.nix @@ -8,8 +8,6 @@ , nixosTests }: -with builtins; - stdenv.mkDerivation rec { pname = "libbpf"; version = "0.7.0"; diff --git a/pkgs/os-specific/linux/libcap/default.nix b/pkgs/os-specific/linux/libcap/default.nix index 2f12d2fea38c8..1fa887dd2a3ce 100644 --- a/pkgs/os-specific/linux/libcap/default.nix +++ b/pkgs/os-specific/linux/libcap/default.nix @@ -1,4 +1,4 @@ -{ stdenv, lib, buildPackages, fetchurl, attr, perl, runtimeShell +{ stdenv, lib, buildPackages, fetchurl, attr, runtimeShell , usePam ? !isStatic, pam ? null , isStatic ? stdenv.hostPlatform.isStatic }: @@ -7,18 +7,17 @@ assert usePam -> pam != null; stdenv.mkDerivation rec { pname = "libcap"; - version = "2.49"; + version = "2.63"; src = fetchurl { url = "mirror://kernel/linux/libs/security/linux-privs/libcap2/${pname}-${version}.tar.xz"; - sha256 = "sha256-6YvE2TZFCC7Hh3MLD9GnErOIgkZcUFd33hfDOIMe4YE="; + sha256 = "sha256-DGN7j0T8fYYneH6c9X8VrAbB3cy1PkH+7FSWvjRm938="; }; outputs = [ "out" "dev" "lib" "man" "doc" ] ++ lib.optional usePam "pam"; depsBuildBuild = [ buildPackages.stdenv.cc ]; - nativeBuildInputs = [ perl ]; buildInputs = lib.optional usePam pam; @@ -29,9 +28,12 @@ stdenv.mkDerivation rec { "PAM_CAP=${if usePam then "yes" else "no"}" "BUILD_CC=$(CC_FOR_BUILD)" "CC:=$(CC)" + "CROSS_COMPILE=${stdenv.cc.targetPrefix}" ] ++ lib.optional isStatic "SHARED=no"; - prePatch = '' + postPatch = '' + patchShebangs ./progs/mkcapshdoc.sh + # use full path to bash substituteInPlace progs/capsh.c --replace "/bin/bash" "${runtimeShell}" diff --git a/pkgs/os-specific/linux/linux-wifi-hotspot/default.nix b/pkgs/os-specific/linux/linux-wifi-hotspot/default.nix new file mode 100644 index 0000000000000..a29fe923f60d0 --- /dev/null +++ b/pkgs/os-specific/linux/linux-wifi-hotspot/default.nix @@ -0,0 +1,79 @@ +{ lib +, stdenv +, fetchFromGitHub +, which +, pkg-config +, glib +, gtk3 +, iw +, makeWrapper +, qrencode +, hostapd +, getopt +, dnsmasq +, iproute2 +, flock +, iptables +, gawk }: + +stdenv.mkDerivation rec { + pname = "linux-wifi-hotspot"; + version = "4.4.0"; + + src = fetchFromGitHub { + owner = "lakinduakash"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-XCgYWOX7QSdANG6DqYk0yZZqnvZGDl3GaF9KtYRmpJ0="; + }; + + nativeBuildInputs = [ + which + pkg-config + makeWrapper + qrencode + hostapd + ]; + + buildInputs = [ + glib + gtk3 + ]; + + outputs = [ "out" ]; + + postPatch = '' + substituteInPlace ./src/scripts/Makefile \ + --replace "etc" "$out/etc" + substituteInPlace ./src/scripts/wihotspot \ + --replace "/usr" "$out" + ''; + + makeFlags = [ + "PREFIX=${placeholder "out"}" + ]; + + postInstall = '' + wrapProgram $out/bin/create_ap \ + --prefix PATH : ${lib.makeBinPath [ + hostapd getopt iw which dnsmasq iproute2 flock iptables gawk + ]} + + wrapProgram $out/bin/wihotspot-gui \ + --prefix PATH : ${lib.makeBinPath [ iw ]} \ + --prefix PATH : "${placeholder "out"}/bin" + + wrapProgram $out/bin/wihotspot \ + --prefix PATH : ${lib.makeBinPath [ iw ]} \ + --prefix PATH : "${placeholder "out"}/bin" + ''; + + meta = with lib; { + description = "Feature-rich wifi hotspot creator for Linux which provides both GUI and command-line interface"; + homepage = "https://github.com/lakinduakash/linux-wifi-hotspot"; + license = licenses.bsd2; + maintainers = with maintainers; [ onny ]; + platforms = platforms.unix; + }; + +} diff --git a/pkgs/os-specific/linux/lvm2/common.nix b/pkgs/os-specific/linux/lvm2/common.nix index 07e8c9cb02da2..4cb86bf3d8b93 100644 --- a/pkgs/os-specific/linux/lvm2/common.nix +++ b/pkgs/os-specific/linux/lvm2/common.nix @@ -4,13 +4,19 @@ , fetchpatch , fetchurl , pkg-config -, util-linux +, coreutils , libuuid , libaio +, substituteAll , enableCmdlib ? false , enableDmeventd ? false -, udevSupport ? !stdenv.hostPlatform.isStatic, udev ? null +, udevSupport ? !stdenv.hostPlatform.isStatic, udev , onlyLib ? stdenv.hostPlatform.isStatic + # Otherwise we have a infinity recursion during static compilation +, enableUtilLinux ? !stdenv.hostPlatform.isStatic, util-linux +, enableVDO ? false, vdo +, enableMdadm ? false, mdadm +, enableMultipath ? false, multipath-tools , nixosTests }: @@ -18,7 +24,7 @@ assert enableDmeventd -> enableCmdlib; stdenv.mkDerivation rec { - pname = "lvm2" + lib.optionalString enableDmeventd "-with-dmeventd"; + pname = "lvm2" + lib.optionalString enableDmeventd "-with-dmeventd" + lib.optionalString enableVDO "-with-vdo"; inherit version; src = fetchurl { @@ -33,6 +39,8 @@ stdenv.mkDerivation rec { udev ] ++ lib.optionals (!onlyLib) [ libuuid + ] ++ lib.optionals enableVDO [ + vdo ]; configureFlags = [ @@ -58,6 +66,8 @@ stdenv.mkDerivation rec { "--enable-udev_sync" ] ++ lib.optionals stdenv.hostPlatform.isStatic [ "--enable-static_link" + ] ++ lib.optionals enableVDO [ + "--enable-vdo" ]; preConfigure = '' @@ -77,13 +87,29 @@ stdenv.mkDerivation rec { substituteInPlace make.tmpl.in --replace "@systemdsystemunitdir@" "$out/lib/systemd/system" '' + lib.optionalString (lib.versionAtLeast version "2.03") '' substituteInPlace libdm/make.tmpl.in --replace "@systemdsystemunitdir@" "$out/lib/systemd/system" + + substituteInPlace scripts/blk_availability_systemd_red_hat.service.in \ + --replace '/usr/bin/true' '${coreutils}/bin/true' ''; postConfigure = '' sed -i 's|^#define LVM_CONFIGURE_LINE.*$|#define LVM_CONFIGURE_LINE "<removed>"|g' ./include/configure.h ''; - patches = lib.optionals (lib.versionOlder version "2.03.15") [ + patches = lib.optionals (lib.versionAtLeast version "2.03.15") [ + # fixes paths to and checks for tools + # TODO: needs backport to LVM 2.02 used by static/musl + (substituteAll (let + optionalTool = cond: pkg: if cond then pkg else "/run/current-system/sw"; + in { + src = ./fix-blkdeactivate.patch; + inherit coreutils; + util_linux = optionalTool enableUtilLinux util-linux; + mdadm = optionalTool enableMdadm mdadm; + multipath_tools = optionalTool enableMultipath multipath-tools; + vdo = optionalTool enableVDO vdo; + })) + ] ++ lib.optionals (lib.versionOlder version "2.03.15") [ # Musl fixes from Alpine. ./fix-stdio-usage.patch (fetchpatch { diff --git a/pkgs/os-specific/linux/lvm2/fix-blkdeactivate.patch b/pkgs/os-specific/linux/lvm2/fix-blkdeactivate.patch new file mode 100644 index 0000000000000..db8cfaeae9e3a --- /dev/null +++ b/pkgs/os-specific/linux/lvm2/fix-blkdeactivate.patch @@ -0,0 +1,51 @@ +diff --git a/scripts/blkdeactivate.sh.in b/scripts/blkdeactivate.sh.in +index 7c517b87b..e51a33778 100644 +--- a/scripts/blkdeactivate.sh.in ++++ b/scripts/blkdeactivate.sh.in +@@ -34,11 +34,11 @@ TOOL=blkdeactivate + DEV_DIR="/dev" + SYS_BLK_DIR="/sys/block" + +-MDADM="/sbin/mdadm" +-MOUNTPOINT="/bin/mountpoint" +-MPATHD="/sbin/multipathd" +-UMOUNT="/bin/umount" +-VDO="/bin/vdo" ++MDADM="@mdadm@/bin/mdadm" ++MOUNTPOINT="@util_linux@/bin/mountpoint" ++MPATHD="@multipath_tools@/bin/multipathd" ++UMOUNT="@util_linux@/bin/umount" ++VDO="@vdo@/bin/vdo" + + sbindir="@SBINDIR@" + DMSETUP="$sbindir/dmsetup" +@@ -48,7 +48,7 @@ if "$UMOUNT" --help | grep -- "--all-targets" >"$DEV_DIR/null"; then + UMOUNT_OPTS="--all-targets " + else + UMOUNT_OPTS="" +- FINDMNT="/bin/findmnt -r --noheadings -u -o TARGET" ++ FINDMNT="@util_linux@/bin/findmnt -r --noheadings -u -o TARGET" + FINDMNT_READ="read -r mnt" + fi + DMSETUP_OPTS="" +@@ -57,10 +57,10 @@ MDADM_OPTS="" + MPATHD_OPTS="" + VDO_OPTS="" + +-LSBLK="/bin/lsblk -r --noheadings -o TYPE,KNAME,NAME,MOUNTPOINT" ++LSBLK="@util_linux@/bin/lsblk -r --noheadings -o TYPE,KNAME,NAME,MOUNTPOINT" + LSBLK_VARS="local devtype local kname local name local mnt" + LSBLK_READ="read -r devtype kname name mnt" +-SORT_MNT="/bin/sort -r -u -k 4" ++SORT_MNT="@coreutils@/bin/sort -r -u -k 4" + + # Do not show tool errors by default (only done/skipping summary + # message provided by this script) and no verbose mode by default. +@@ -102,6 +102,7 @@ declare -A SKIP_VG_LIST=() + # (list is an associative array!) + # + declare -A SKIP_UMOUNT_LIST=(["/"]=1 \ ++ ["/nix"]=1 ["/nix/store"]=1 \ + ["/lib"]=1 ["/lib64"]=1 \ + ["/bin"]=1 ["/sbin"]=1 \ + ["/var"]=1 ["/var/log"]=1 \ diff --git a/pkgs/os-specific/linux/mbpfan/default.nix b/pkgs/os-specific/linux/mbpfan/default.nix index 675d9417a01af..26c3d07364ce2 100644 --- a/pkgs/os-specific/linux/mbpfan/default.nix +++ b/pkgs/os-specific/linux/mbpfan/default.nix @@ -2,12 +2,12 @@ stdenv.mkDerivation rec { pname = "mbpfan"; - version = "2.2.1"; + version = "2.3.0"; src = fetchFromGitHub { owner = "dgraziotin"; repo = "mbpfan"; rev = "v${version}"; - sha256 = "0gc9ypxi55vxs77nx8ihhh9zk7fr9v0m0zfm76q7x0bi6jz11mbr"; + sha256 = "sha256-jIYg9b0c/7mMRS5WF+mOH6t9SCWEP32lsdbCgpWpg24="; }; installPhase = '' mkdir -p $out/bin $out/etc diff --git a/pkgs/os-specific/linux/microcode/amd.nix b/pkgs/os-specific/linux/microcode/amd.nix index 0f3d0f18186a0..051ad131be93c 100644 --- a/pkgs/os-specific/linux/microcode/amd.nix +++ b/pkgs/os-specific/linux/microcode/amd.nix @@ -12,13 +12,14 @@ stdenv.mkDerivation { buildPhase = '' mkdir -p kernel/x86/microcode - find ${linux-firmware}/lib/firmware/amd-ucode -name \*.bin \ - -exec sh -c 'cat {} >> kernel/x86/microcode/AuthenticAMD.bin' \; + find ${linux-firmware}/lib/firmware/amd-ucode -name \*.bin -print0 | sort -z |\ + xargs -0 -I{} sh -c 'cat {} >> kernel/x86/microcode/AuthenticAMD.bin' ''; installPhase = '' mkdir -p $out - echo kernel/x86/microcode/AuthenticAMD.bin | bsdcpio -o -H newc -R 0:0 > $out/amd-ucode.img + touch -d @$SOURCE_DATE_EPOCH kernel/x86/microcode/AuthenticAMD.bin + echo kernel/x86/microcode/AuthenticAMD.bin | bsdtar --uid 0 --gid 0 -cnf - -T - | bsdtar --null -cf - --format=newc @- > $out/amd-ucode.img ''; meta = with lib; { diff --git a/pkgs/os-specific/linux/microcode/intel.nix b/pkgs/os-specific/linux/microcode/intel.nix index 923047ead11ad..f239cb307c74c 100644 --- a/pkgs/os-specific/linux/microcode/intel.nix +++ b/pkgs/os-specific/linux/microcode/intel.nix @@ -18,7 +18,8 @@ stdenv.mkDerivation rec { mkdir -p $out kernel/x86/microcode iucode_tool -w kernel/x86/microcode/GenuineIntel.bin intel-ucode/ - echo kernel/x86/microcode/GenuineIntel.bin | bsdcpio -o -H newc -R 0:0 > $out/intel-ucode.img + touch -d @$SOURCE_DATE_EPOCH kernel/x86/microcode/GenuineIntel.bin + echo kernel/x86/microcode/GenuineIntel.bin | bsdtar --uid 0 --gid 0 -cnf - -T - | bsdtar --null -cf - --format=newc @- > $out/intel-ucode.img runHook postInstall ''; diff --git a/pkgs/os-specific/linux/musl/default.nix b/pkgs/os-specific/linux/musl/default.nix index f19c7ea7a44ba..fb0d19115da38 100644 --- a/pkgs/os-specific/linux/musl/default.nix +++ b/pkgs/os-specific/linux/musl/default.nix @@ -40,11 +40,11 @@ let in stdenv.mkDerivation rec { pname = "musl"; - version = "1.2.2"; + version = "1.2.3"; src = fetchurl { url = "https://musl.libc.org/releases/${pname}-${version}.tar.gz"; - sha256 = "1p8r6bac64y98ln0wzmnixysckq3crca69ys7p16sy9d04i975lv"; + sha256 = "sha256-fVsLYGJSHkYn4JnkydyCSNMqMChelZt+7Kp4DPjP1KQ="; }; enableParallelBuilding = true; diff --git a/pkgs/os-specific/linux/nftables/default.nix b/pkgs/os-specific/linux/nftables/default.nix index 0b6291226bc84..8485a868d8a59 100644 --- a/pkgs/os-specific/linux/nftables/default.nix +++ b/pkgs/os-specific/linux/nftables/default.nix @@ -1,7 +1,8 @@ { lib, stdenv, fetchurl, pkg-config, bison, file, flex , asciidoc, libxslt, findXMLCatalogs, docbook_xml_dtd_45, docbook_xsl , libmnl, libnftnl, libpcap -, gmp, jansson, readline +, gmp, jansson, libedit +, autoreconfHook, fetchpatch , withDebugSymbols ? false , withPython ? false , python3 , withXtables ? true , iptables @@ -10,22 +11,23 @@ with lib; stdenv.mkDerivation rec { - version = "1.0.1"; + version = "1.0.2"; pname = "nftables"; src = fetchurl { url = "https://netfilter.org/projects/nftables/files/${pname}-${version}.tar.bz2"; - sha256 = "08x4xw0s5sap3q7jfr91v7mrkxrydi4dvsckw85ims0qb1ibmviw"; + sha256 = "00jcjn1pl7qyqpg8pd4yhlkys7wbj4vkzgg73n27nmplzips6a0b"; }; nativeBuildInputs = [ + autoreconfHook pkg-config bison file flex asciidoc docbook_xml_dtd_45 docbook_xsl findXMLCatalogs libxslt ]; buildInputs = [ libmnl libnftnl libpcap - gmp jansson readline + gmp jansson libedit ] ++ optional withXtables iptables ++ optional withPython python3; @@ -33,9 +35,17 @@ stdenv.mkDerivation rec { substituteInPlace ./configure --replace /usr/bin/file ${file}/bin/file ''; + patches = [ + # fix build after 1.0.2 release, drop when updating to a newer release + (fetchpatch { + url = "https://git.netfilter.org/nftables/patch/?id=18a08fb7f0443f8bde83393bd6f69e23a04246b3"; + sha256 = "03dzhd7fhg0d20ly4rffk4ra7wlxp731892dhp8zw67jwhys9ywz"; + }) + ]; + configureFlags = [ "--with-json" - "--with-cli=readline" # TODO: maybe switch to editline + "--with-cli=editline" ] ++ optional (!withDebugSymbols) "--disable-debug" ++ optional (!withPython) "--disable-python" ++ optional withPython "--enable-python" diff --git a/pkgs/os-specific/linux/nvidia-x11/default.nix b/pkgs/os-specific/linux/nvidia-x11/default.nix index a5695dc981f85..100ca403f621b 100644 --- a/pkgs/os-specific/linux/nvidia-x11/default.nix +++ b/pkgs/os-specific/linux/nvidia-x11/default.nix @@ -3,8 +3,8 @@ let generic = args: let imported = import ./generic.nix args; - in if ((!lib.versionOlder args.version "391") - && stdenv.hostPlatform.system != "x86_64-linux") then null + in if lib.versionAtLeast args.version "391" + && stdenv.hostPlatform.system != "x86_64-linux" then null else callPackage imported { lib32 = (pkgsi686Linux.callPackage imported { libsOnly = true; @@ -39,12 +39,12 @@ rec { # Vulkan developer beta driver # See here for more information: https://developer.nvidia.com/vulkan-driver vulkan_beta = generic rec { - version = "455.46.04"; - persistencedVersion = "455.45.01"; - settingsVersion = "455.45.01"; - sha256_64bit = "1iv42w3x1vc00bgn6y4w1hnfsvnh6bvj3vcrq8hw47760sqwa4xa"; - settingsSha256 = "09v86y2c8xas9ql0bqr7vrjxx3if6javccwjzyly11dzffm02h7g"; - persistencedSha256 = "13s4b73il0lq2hs81q03176n16mng737bfsp3bxnxgnrv3whrayz"; + version = "470.62.13"; + persistencedVersion = "470.86"; + settingsVersion = "470.86"; + sha256_64bit = "sha256-itBFNPMy+Nn0g8V8qdkRb+ELHj57GRso1lXhPHUxKVI="; + settingsSha256 = "sha256-fq6RlD6g3uylvvTjE4MmaQwxPJYU0u6IMfpPVzks0tI="; + persistencedSha256 = "sha256-eHvauvh8Wd+b8DK6B3ZWNjoWGztupWrR8iog9ok58io="; url = "https://developer.nvidia.com/vulkan-beta-${lib.concatStrings (lib.splitString "." version)}-linux"; }; diff --git a/pkgs/os-specific/linux/nvidia-x11/generic.nix b/pkgs/os-specific/linux/nvidia-x11/generic.nix index c7e062534a4d4..bc867d8b82b9e 100644 --- a/pkgs/os-specific/linux/nvidia-x11/generic.nix +++ b/pkgs/os-specific/linux/nvidia-x11/generic.nix @@ -33,7 +33,7 @@ with lib; assert !libsOnly -> kernel != null; assert versionOlder version "391" -> sha256_32bit != null; -assert ! versionOlder version "391" -> stdenv.hostPlatform.system == "x86_64-linux"; +assert versionAtLeast version "391" -> stdenv.hostPlatform.system == "x86_64-linux"; let nameSuffix = optionalString (!libsOnly) "-${kernel.version}"; diff --git a/pkgs/os-specific/linux/pam_u2f/default.nix b/pkgs/os-specific/linux/pam_u2f/default.nix index 5e4b190c7a32e..1b95067bab5e6 100644 --- a/pkgs/os-specific/linux/pam_u2f/default.nix +++ b/pkgs/os-specific/linux/pam_u2f/default.nix @@ -30,5 +30,6 @@ stdenv.mkDerivation rec { license = licenses.bsd2; platforms = platforms.unix; maintainers = with maintainers; [ philandstuff ]; + mainProgram = "pamu2fcfg"; }; } diff --git a/pkgs/os-specific/linux/pam_usb/default.nix b/pkgs/os-specific/linux/pam_usb/default.nix index 0091accd57a7a..ebd45246ae8d1 100644 --- a/pkgs/os-specific/linux/pam_usb/default.nix +++ b/pkgs/os-specific/linux/pam_usb/default.nix @@ -41,8 +41,12 @@ stdenv.mkDerivation rec { sha256 = "1g1w0s9d8mfld8abrn405ll5grv3xgs0b0hsganrz6qafdq9j7q1"; }; - buildInputs = [ + nativeBuildInputs = [ makeWrapper + pkg-config + ]; + + buildInputs = [ # pam_usb dependencies dbus libxml2 pam pmount pkg-config # pam_usb's tools dependencies diff --git a/pkgs/os-specific/linux/pam_ussh/default.nix b/pkgs/os-specific/linux/pam_ussh/default.nix new file mode 100644 index 0000000000000..889c8bc6f57cf --- /dev/null +++ b/pkgs/os-specific/linux/pam_ussh/default.nix @@ -0,0 +1,67 @@ +{ buildGoModule +, fetchFromGitHub +, pam +, lib +, nixosTests +}: + +buildGoModule rec { + pname = "pam_ussh"; + version = "unstable-20210615"; + + src = fetchFromGitHub { + owner = "uber"; + repo = "pam-ussh"; + rev = "e9524bda90ba19d3b9eb24f49cb63a6a56a19193"; # HEAD as of 2022-03-13 + sha256 = "0nb9hpqbghgi3zvq41kabydzyc6ffaaw9b4jkc5jrwn1klpw1xk8"; + }; + + prePatch = '' + cp ${./go.mod} go.mod + ''; + overrideModAttrs = (_: { + inherit prePatch; + }); + + vendorSha256 = "0hjifc3kbwmx7kjn858vi05cwwra6q19cqjfd94k726pwhk37qkw"; + + buildInputs = [ + pam + ]; + + buildPhase = '' + runHook preBuild + + if [ -z "$enableParallelBuilding" ]; then + export NIX_BUILD_CORES=1 + fi + go build -buildmode=c-shared -o pam_ussh.so -v -p $NIX_BUILD_CORES . + + runHook postBuild + ''; + checkPhase = '' + runHook preCheck + + go test -v -p $NIX_BUILD_CORES . + + runHook postCheck + ''; + installPhase = '' + runHook preInstall + + mkdir -p $out/lib/security + cp pam_ussh.so $out/lib/security + + runHook postInstall + ''; + + passthru.tests = { inherit (nixosTests) pam-ussh; }; + + meta = with lib; { + homepage = "https://github.com/uber/pam-ussh"; + description = "PAM module to authenticate using SSH certificates"; + license = licenses.mit; + platforms = platforms.linux; + maintainers = with maintainers; [ lukegb ]; + }; +} diff --git a/pkgs/os-specific/linux/pam_ussh/go.mod b/pkgs/os-specific/linux/pam_ussh/go.mod new file mode 100644 index 0000000000000..9adc453560a43 --- /dev/null +++ b/pkgs/os-specific/linux/pam_ussh/go.mod @@ -0,0 +1,15 @@ +module github.com/uber/pam-ussh + +go 1.17 + +require ( + github.com/stretchr/testify v1.7.0 + golang.org/x/crypto v0.0.0-20220313003712-b769efc7c000 +) + +require ( + github.com/davecgh/go-spew v1.1.0 // indirect + github.com/pmezard/go-difflib v1.0.0 // indirect + golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1 // indirect + gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c // indirect +) diff --git a/pkgs/os-specific/linux/pipework/default.nix b/pkgs/os-specific/linux/pipework/default.nix index 33192392888ae..ea274377ced97 100644 --- a/pkgs/os-specific/linux/pipework/default.nix +++ b/pkgs/os-specific/linux/pipework/default.nix @@ -1,5 +1,5 @@ { stdenv, lib, fetchFromGitHub, makeWrapper -, bridge-utils, iproute2, lxc, openvswitch, docker, busybox, dhcpcd, dhcp +, bridge-utils, iproute2, lxc, openvswitch, docker, busybox, dhcpcd }: stdenv.mkDerivation { @@ -15,7 +15,7 @@ stdenv.mkDerivation { installPhase = '' install -D pipework $out/bin/pipework wrapProgram $out/bin/pipework --prefix PATH : \ - ${lib.makeBinPath [ bridge-utils iproute2 lxc openvswitch docker busybox dhcpcd dhcp ]}; + ${lib.makeBinPath [ bridge-utils iproute2 lxc openvswitch docker busybox dhcpcd ]}; ''; meta = with lib; { description = "Software-Defined Networking tools for LXC"; diff --git a/pkgs/os-specific/linux/ply/default.nix b/pkgs/os-specific/linux/ply/default.nix index 916aa39eee22d..dbd8925a5cb33 100644 --- a/pkgs/os-specific/linux/ply/default.nix +++ b/pkgs/os-specific/linux/ply/default.nix @@ -35,6 +35,5 @@ stdenv.mkDerivation rec { homepage = "https://wkz.github.io/ply/"; license = [ licenses.gpl2Only ]; maintainers = with maintainers; [ mic92 mbbx6spp ]; - broken = lib.versionOlder kernel.version "4.0"; }; } diff --git a/pkgs/os-specific/linux/plymouth/default.nix b/pkgs/os-specific/linux/plymouth/default.nix index 62950b0852580..4e755a28db8bd 100644 --- a/pkgs/os-specific/linux/plymouth/default.nix +++ b/pkgs/os-specific/linux/plymouth/default.nix @@ -96,7 +96,7 @@ stdenv.mkDerivation rec { homepage = "https://www.freedesktop.org/wiki/Software/Plymouth/"; description = "Boot splash and boot logger"; license = licenses.gpl2Plus; - maintainers = [ maintainers.goibhniu teams.gnome.members ]; + maintainers = [ maintainers.goibhniu ] ++ teams.gnome.members; platforms = platforms.linux; }; } diff --git a/pkgs/os-specific/linux/pscircle/default.nix b/pkgs/os-specific/linux/pscircle/default.nix index ef7dbc55a9ab9..a293790cc97cc 100644 --- a/pkgs/os-specific/linux/pscircle/default.nix +++ b/pkgs/os-specific/linux/pscircle/default.nix @@ -11,11 +11,14 @@ stdenv.mkDerivation rec { sha256 = "1sm99423hh90kr4wdjqi9sdrrpk65j2vz2hzj65zcxfxyr6khjci"; }; + nativeBuildInputs = [ + meson + pkg-config + ninja + ]; + buildInputs = [ - meson - pkg-config - cairo - ninja + cairo ]; meta = with lib; { diff --git a/pkgs/os-specific/linux/rasdaemon/default.nix b/pkgs/os-specific/linux/rasdaemon/default.nix index 22ca59bff536a..cccd91fff8e16 100644 --- a/pkgs/os-specific/linux/rasdaemon/default.nix +++ b/pkgs/os-specific/linux/rasdaemon/default.nix @@ -7,13 +7,13 @@ stdenv.mkDerivation rec { pname = "rasdaemon"; - version = "0.6.7"; + version = "0.6.8"; src = fetchFromGitHub { owner = "mchehab"; repo = "rasdaemon"; rev = "v${version}"; - sha256 = "sha256-vyUDwqDe+HD4mka6smdQuVSM5U9uMv/TrfHkyqVJMIo="; + sha256 = "sha256-gcwoc9lIJyqUiCSAHf1U8geLG58CxzjMFYFl8moaA2Q="; }; nativeBuildInputs = [ autoreconfHook ]; diff --git a/pkgs/os-specific/linux/raspberrypi-eeprom/default.nix b/pkgs/os-specific/linux/raspberrypi-eeprom/default.nix index c68d40583968e..c2ce195faf1c7 100644 --- a/pkgs/os-specific/linux/raspberrypi-eeprom/default.nix +++ b/pkgs/os-specific/linux/raspberrypi-eeprom/default.nix @@ -3,18 +3,13 @@ }: stdenvNoCC.mkDerivation rec { pname = "raspberrypi-eeprom"; - version = "2021.12.02"; - # From 3fdf703f3f7bbe57eacceada3b558031229a34b0 Mon Sep 17 00:00:00 2001 - # From: Peter Harper <peter.harper@raspberrypi.com> - # Date: Mon, 13 Dec 2021 11:56:11 +0000 - # Subject: [PATCH] 2021-12-02: Promote the 2021-12-02 beta release to LATEST/STABLE - commit = "3fdf703f3f7bbe57eacceada3b558031229a34b0"; + version = "unstable-2022-03-10"; src = fetchFromGitHub { owner = "raspberrypi"; repo = "rpi-eeprom"; - rev = commit; - sha256 = "sha256-JTL2ziOkT0tnOrOS08ttNtxj3qegsacP73xZBVur7xM="; + rev = "e8927007e3800db3a72100ee6cd38b0d9b687c16"; + hash = "sha256-/hn6l5gheh6E3zoANwU1SXYgdry2IjOT9Muw2jkrtCU="; }; buildInputs = [ python3 ]; diff --git a/pkgs/os-specific/linux/rdma-core/default.nix b/pkgs/os-specific/linux/rdma-core/default.nix index d9f6196d931da..44308d8a89d75 100644 --- a/pkgs/os-specific/linux/rdma-core/default.nix +++ b/pkgs/os-specific/linux/rdma-core/default.nix @@ -5,13 +5,13 @@ stdenv.mkDerivation rec { pname = "rdma-core"; - version = "39.1"; + version = "40.0"; src = fetchFromGitHub { owner = "linux-rdma"; repo = "rdma-core"; rev = "v${version}"; - sha256 = "19jfrb0jv050abxswzh34nx2zr8if3rb2k5a7n5ydvi3x9r8827w"; + sha256 = "0pcpbri50y5gzrmdqx90wngfd6cfas3m7zlfhz9lqr583fp08vfw"; }; strictDeps = true; @@ -23,12 +23,6 @@ stdenv.mkDerivation rec { "-DCMAKE_INSTALL_SHAREDSTATEDIR=/var/lib" ]; - patches = [ - # this has been fixed in master. As soon as it gets into a release, this - # patch won't apply anymore and can be removed. - ./pkg-config-template.patch - ]; - postPatch = '' substituteInPlace srp_daemon/srp_daemon.sh.in \ --replace /bin/rm rm diff --git a/pkgs/os-specific/linux/rdma-core/pkg-config-template.patch b/pkgs/os-specific/linux/rdma-core/pkg-config-template.patch deleted file mode 100644 index 22898bc75282e..0000000000000 --- a/pkgs/os-specific/linux/rdma-core/pkg-config-template.patch +++ /dev/null @@ -1,14 +0,0 @@ -diff -ru source/buildlib/template.pc.in source-fixed/buildlib/template.pc.in ---- source/buildlib/template.pc.in 1970-01-01 01:00:01.000000000 +0100 -+++ source-fixed/buildlib/template.pc.in 2022-03-30 22:29:12.988625941 +0200 -@@ -1,7 +1,6 @@ --prefix=@CMAKE_INSTALL_PREFIX@ --exec_prefix=${prefix} --libdir=${prefix}/@CMAKE_INSTALL_LIBDIR@ --includedir=${prefix}/@CMAKE_INSTALL_INCLUDEDIR@ -+exec_prefix=@CMAKE_INSTALL_PREFIX@ -+libdir=@CMAKE_INSTALL_LIBDIR@ -+includedir=@CMAKE_INSTALL_INCLUDEDIR@ - - Name: lib@PC_LIB_NAME@ - Description: RDMA Core Userspace Library diff --git a/pkgs/os-specific/linux/rtl8723bs/default.nix b/pkgs/os-specific/linux/rtl8723bs/default.nix index a862b35171604..b6ab883ca7511 100644 --- a/pkgs/os-specific/linux/rtl8723bs/default.nix +++ b/pkgs/os-specific/linux/rtl8723bs/default.nix @@ -35,7 +35,7 @@ stdenv.mkDerivation rec { homepage = "https://github.com/hadess/rtl8723bs"; license = lib.licenses.gpl2; platforms = lib.platforms.linux; - broken = (! versionOlder kernel.version "4.12"); # Now in kernel staging drivers + broken = versionAtLeast kernel.version "4.12"; # Now in kernel staging drivers maintainers = with maintainers; [ elitak ]; }; } diff --git a/pkgs/os-specific/linux/sasutils/default.nix b/pkgs/os-specific/linux/sasutils/default.nix new file mode 100644 index 0000000000000..4298e003a00f3 --- /dev/null +++ b/pkgs/os-specific/linux/sasutils/default.nix @@ -0,0 +1,22 @@ +{ lib, python3Packages, fetchFromGitHub, sg3_utils }: + +python3Packages.buildPythonApplication rec { + pname = "sasutils"; + version = "0.3.12"; + + src = fetchFromGitHub { + owner = "stanford-rc"; + repo = pname; + rev = "v${version}"; + sha256 = "0kh5pcc2shdmrvqqi2y1zamzsfvk56pqgwqgqhjfz4r6yfpm04wl"; + }; + + propagatedBuildInputs = [ sg3_utils ]; + + meta = with lib; { + homepage = "https://github.com/stanford-rc/sasutils"; + description = "A set of command-line tools to ease the administration of Serial Attached SCSI (SAS) fabrics"; + license = licenses.asl20; + maintainers = with maintainers; [ aij ]; + }; +} diff --git a/pkgs/os-specific/linux/sch_cake/default.nix b/pkgs/os-specific/linux/sch_cake/default.nix index facf690a9bd41..f93713344efb0 100644 --- a/pkgs/os-specific/linux/sch_cake/default.nix +++ b/pkgs/os-specific/linux/sch_cake/default.nix @@ -1,7 +1,5 @@ { stdenv, lib, fetchFromGitHub, kernel }: -assert lib.versionAtLeast kernel.version "4.4"; - stdenv.mkDerivation { pname = "sch_cake"; version = "unstable-2017-07-16"; @@ -31,6 +29,6 @@ stdenv.mkDerivation { license = with licenses; [ bsd3 gpl2 ]; maintainers = with maintainers; [ fpletz ]; platforms = platforms.linux; - broken = !lib.versionOlder kernel.version "4.13"; + broken = lib.versionAtLeast kernel.version "4.13"; }; } diff --git a/pkgs/os-specific/linux/sgx/psw/default.nix b/pkgs/os-specific/linux/sgx/psw/default.nix index b418d5c18225c..f6564f1560c1e 100644 --- a/pkgs/os-specific/linux/sgx/psw/default.nix +++ b/pkgs/os-specific/linux/sgx/psw/default.nix @@ -135,7 +135,7 @@ stdenv.mkDerivation rec { mkdir $out/bin makeWrapper $out/aesm/aesm_service $out/bin/aesm_service \ --prefix LD_LIBRARY_PATH : ${lib.makeLibraryPath [ protobuf ]}:$out/aesm \ - --run "cd $out/aesm" + --chdir "$out/aesm" # Make sure we didn't forget to handle any files rmdir $sgxPswDir || (echo "Error: The directory $installDir still contains unhandled files: $(ls -A $installDir)" >&2 && exit 1) diff --git a/pkgs/os-specific/linux/sgx/samples/default.nix b/pkgs/os-specific/linux/sgx/samples/default.nix index f9c5ae4505450..2afd62de75d49 100644 --- a/pkgs/os-specific/linux/sgx/samples/default.nix +++ b/pkgs/os-specific/linux/sgx/samples/default.nix @@ -41,7 +41,7 @@ let install *.so $out/lib wrapProgram "$out/bin/app" \ - --run "cd $out/lib" \ + --chdir "$out/lib" \ ${lib.optionalString (!isSimulation) ''--prefix LD_LIBRARY_PATH : "${lib.makeLibraryPath [ sgx-psw ]}"''} @@ -76,7 +76,7 @@ in for bin in $out/bin/*; do wrapProgram $bin \ - --run "cd $out/lib" \ + --chdir "$out/lib" \ ${lib.optionalString (!isSimulation) ''--prefix LD_LIBRARY_PATH : "${lib.makeLibraryPath [ sgx-psw ]}"''} done diff --git a/pkgs/os-specific/linux/shadow/default.nix b/pkgs/os-specific/linux/shadow/default.nix index 2e4ae1649ea86..5537f9f6aacb0 100644 --- a/pkgs/os-specific/linux/shadow/default.nix +++ b/pkgs/os-specific/linux/shadow/default.nix @@ -19,13 +19,13 @@ in stdenv.mkDerivation rec { pname = "shadow"; - version = "4.8.1"; + version = "4.11.1"; src = fetchFromGitHub { owner = "shadow-maint"; repo = "shadow"; - rev = version; - sha256 = "13407r6qwss00504qy740jghb2dzd561la7dhp47rg8w3g8jarpn"; + rev = "v${version}"; + sha256 = "sha256-PxLX5V0t18JftT5wT41krNv18Ew7Kz3MfZkOi/80ODA="; }; buildInputs = lib.optional (pam != null && stdenv.isLinux) pam; diff --git a/pkgs/os-specific/linux/speedometer/default.nix b/pkgs/os-specific/linux/speedometer/default.nix deleted file mode 100644 index 2802fddf8ce55..0000000000000 --- a/pkgs/os-specific/linux/speedometer/default.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ lib, fetchurl, python2Packages }: - -python2Packages.buildPythonApplication rec { - pname = "speedometer"; - version = "2.8"; - - src = fetchurl { - url = "https://excess.org/speedometer/speedometer-${version}.tar.gz"; - sha256 = "060bikv3gwr203jbdmvawsfhc0yq0bg1m42dk8czx1nqvwvgv6fm"; - }; - - propagatedBuildInputs = [ python2Packages.urwid ]; - - postPatch = '' - sed -i "/'entry_points': {/d" setup.py - sed -i "/'console_scripts': \['speedometer = speedometer:console'\],},/d" setup.py - ''; - - meta = with lib; { - description = "Measure and display the rate of data across a network connection or data being stored in a file"; - homepage = "https://excess.org/speedometer/"; - license = licenses.lgpl21Plus; - platforms = platforms.linux; - maintainers = with maintainers; [ Baughn ]; - }; -} diff --git a/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch b/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch index a87c59558e01c..404b0d2ee6f30 100644 --- a/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch +++ b/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch @@ -1,4 +1,4 @@ -From 93b2d29de784c68d1b4d70d7f214b19432aec6a8 Mon Sep 17 00:00:00 2001 +From 8622539fe2ce67934ed2e60626a2303ef8191e40 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Tue, 8 Jan 2013 15:46:30 +0100 Subject: [PATCH 01/19] Start device units for uninitialised encrypted devices @@ -28,5 +28,5 @@ index 25b8a590a6..d18999ea87 100644 SUBSYSTEM=="block", ENV{ID_PART_GPT_AUTO_ROOT}=="1", ENV{ID_FS_TYPE}!="crypto_LUKS", SYMLINK+="gpt-auto-root" SUBSYSTEM=="block", ENV{ID_PART_GPT_AUTO_ROOT}=="1", ENV{ID_FS_TYPE}=="crypto_LUKS", SYMLINK+="gpt-auto-root-luks" -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch b/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch index e9fedd239f473..d37ace3250c23 100644 --- a/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch +++ b/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch @@ -1,4 +1,4 @@ -From 41edb381df0326e216b3c569d2cd5764591267d9 Mon Sep 17 00:00:00 2001 +From a845786195182c376b72a85433e278c35243676d Mon Sep 17 00:00:00 2001 From: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri, 12 Apr 2013 13:16:57 +0200 Subject: [PATCH 02/19] Don't try to unmount /nix or /nix/store @@ -25,10 +25,10 @@ index f683f05981..5a04c2c2a6 100644 "/etc")) return true; diff --git a/src/shutdown/umount.c b/src/shutdown/umount.c -index 1f945b7875..6df9d383ba 100644 +index f5a2cb20c1..51608d24c0 100644 --- a/src/shutdown/umount.c +++ b/src/shutdown/umount.c -@@ -508,6 +508,8 @@ static int delete_md(MountPoint *m) { +@@ -502,6 +502,8 @@ static int delete_md(MountPoint *m) { static bool nonunmountable_path(const char *path) { return path_equal(path, "/") @@ -38,5 +38,5 @@ index 1f945b7875..6df9d383ba 100644 || path_equal(path, "/usr") #endif -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch b/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch index 217629f7d6ac7..56c6238b81f26 100644 --- a/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch +++ b/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch @@ -1,4 +1,4 @@ -From 43620479f6bfbbc4c3eed28947e0676c817acb7c Mon Sep 17 00:00:00 2001 +From d33f3461fa2202ef9b0d6cdf2137c510c59fb052 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Wed, 16 Apr 2014 10:59:28 +0200 Subject: [PATCH 03/19] Fix NixOS containers @@ -10,10 +10,10 @@ container, so checking early whether it exists will fail. 1 file changed, 2 insertions(+) diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c -index 575b9da447..438ca294db 100644 +index 8f17ab8810..197e5aa252 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c -@@ -5590,6 +5590,7 @@ static int run(int argc, char *argv[]) { +@@ -5625,6 +5625,7 @@ static int run(int argc, char *argv[]) { goto finish; } } else { @@ -21,7 +21,7 @@ index 575b9da447..438ca294db 100644 const char *p, *q; if (arg_pivot_root_new) -@@ -5604,6 +5605,7 @@ static int run(int argc, char *argv[]) { +@@ -5639,6 +5640,7 @@ static int run(int argc, char *argv[]) { r = -EINVAL; goto finish; } @@ -30,5 +30,5 @@ index 575b9da447..438ca294db 100644 } else { -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0004-Look-for-fsck-in-the-right-place.patch b/pkgs/os-specific/linux/systemd/0004-Look-for-fsck-in-the-right-place.patch index f7b768af515f2..36d0ee0cde24f 100644 --- a/pkgs/os-specific/linux/systemd/0004-Look-for-fsck-in-the-right-place.patch +++ b/pkgs/os-specific/linux/systemd/0004-Look-for-fsck-in-the-right-place.patch @@ -1,4 +1,4 @@ -From a08ed6697974d7f7dabe60d42bbc9e31a10f7e23 Mon Sep 17 00:00:00 2001 +From 8fd5968163f3a1cb5f196d934756ba08ccaa5b1e Mon Sep 17 00:00:00 2001 From: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu, 1 May 2014 14:10:10 +0200 Subject: [PATCH 04/19] Look for fsck in the right place @@ -8,7 +8,7 @@ Subject: [PATCH 04/19] Look for fsck in the right place 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/fsck/fsck.c b/src/fsck/fsck.c -index cd7adfaeb9..68cebdd158 100644 +index 745d01ff50..dd4eef45c3 100644 --- a/src/fsck/fsck.c +++ b/src/fsck/fsck.c @@ -368,7 +368,7 @@ static int run(int argc, char *argv[]) { @@ -21,5 +21,5 @@ index cd7adfaeb9..68cebdd158 100644 cmdline[i++] = "-T"; -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch b/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch index 7ebf07d0a82b7..6acac84a9d28b 100644 --- a/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch +++ b/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch @@ -1,4 +1,4 @@ -From ddcfae6de8c460903c5db8c536ffeb5771e976f8 Mon Sep 17 00:00:00 2001 +From 90d1a90d3147e9c8db5caec8befabda270e755d4 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri, 19 Dec 2014 14:46:17 +0100 Subject: [PATCH 05/19] Add some NixOS-specific unit directories @@ -14,10 +14,10 @@ Also, remove /usr and /lib as these don't exist on NixOS. 2 files changed, 6 insertions(+), 19 deletions(-) diff --git a/src/basic/path-lookup.c b/src/basic/path-lookup.c -index 05eb17d66c..1cd141d012 100644 +index 6fb8c40e7a..142ecdecec 100644 --- a/src/basic/path-lookup.c +++ b/src/basic/path-lookup.c -@@ -91,11 +91,7 @@ int xdg_user_data_dir(char **ret, const char *suffix) { +@@ -92,11 +92,7 @@ int xdg_user_data_dir(char **ret, const char *suffix) { } static const char* const user_data_unit_paths[] = { @@ -29,7 +29,7 @@ index 05eb17d66c..1cd141d012 100644 NULL }; -@@ -613,15 +609,13 @@ int lookup_paths_init( +@@ -614,15 +610,13 @@ int lookup_paths_init( persistent_config, SYSTEM_CONFIG_UNIT_DIR, "/etc/systemd/system", @@ -46,7 +46,7 @@ index 05eb17d66c..1cd141d012 100644 STRV_IFNOTNULL(generator_late)); break; -@@ -637,14 +631,11 @@ int lookup_paths_init( +@@ -638,14 +632,11 @@ int lookup_paths_init( persistent_config, USER_CONFIG_UNIT_DIR, "/etc/systemd/user", @@ -62,7 +62,7 @@ index 05eb17d66c..1cd141d012 100644 STRV_IFNOTNULL(generator_late)); break; -@@ -794,7 +785,6 @@ char **generator_binary_paths(UnitFileScope scope) { +@@ -795,7 +786,6 @@ char **generator_binary_paths(UnitFileScope scope) { case UNIT_FILE_SYSTEM: add = strv_new("/run/systemd/system-generators", "/etc/systemd/system-generators", @@ -70,7 +70,7 @@ index 05eb17d66c..1cd141d012 100644 SYSTEM_GENERATOR_DIR); break; -@@ -802,7 +792,6 @@ char **generator_binary_paths(UnitFileScope scope) { +@@ -803,7 +793,6 @@ char **generator_binary_paths(UnitFileScope scope) { case UNIT_FILE_USER: add = strv_new("/run/systemd/user-generators", "/etc/systemd/user-generators", @@ -78,7 +78,7 @@ index 05eb17d66c..1cd141d012 100644 USER_GENERATOR_DIR); break; -@@ -841,12 +830,10 @@ char **env_generator_binary_paths(bool is_system) { +@@ -842,12 +831,10 @@ char **env_generator_binary_paths(bool is_system) { if (is_system) add = strv_new("/run/systemd/system-environment-generators", "/etc/systemd/system-environment-generators", @@ -122,5 +122,5 @@ index fc0f8c34fa..162432e77f 100644 systemd_sleep_dir=${root_prefix}/lib/systemd/system-sleep -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0006-Get-rid-of-a-useless-message-in-user-sessions.patch b/pkgs/os-specific/linux/systemd/0006-Get-rid-of-a-useless-message-in-user-sessions.patch index 0c09107c5ef22..438d841bb1c7a 100644 --- a/pkgs/os-specific/linux/systemd/0006-Get-rid-of-a-useless-message-in-user-sessions.patch +++ b/pkgs/os-specific/linux/systemd/0006-Get-rid-of-a-useless-message-in-user-sessions.patch @@ -1,4 +1,4 @@ -From b39b8871bcaa07280d6b0cf2226b1a3be31232b8 Mon Sep 17 00:00:00 2001 +From 213279752124dc4a57a4189df9b5b2e96feaa0b3 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Mon, 11 May 2015 15:39:38 +0200 Subject: [PATCH 06/19] Get rid of a useless message in user sessions @@ -13,10 +13,10 @@ in containers. 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/core/manager.c b/src/core/manager.c -index 34891a8754..b9b4789720 100644 +index 9368a1dfa1..5b0bdb1bc7 100644 --- a/src/core/manager.c +++ b/src/core/manager.c -@@ -1375,7 +1375,8 @@ static unsigned manager_dispatch_stop_when_bound_queue(Manager *m) { +@@ -1408,7 +1408,8 @@ static unsigned manager_dispatch_stop_when_bound_queue(Manager *m) { if (!unit_is_bound_by_inactive(u, &culprit)) continue; @@ -27,5 +27,5 @@ index 34891a8754..b9b4789720 100644 /* If stopping a unit fails continuously we might enter a stop loop here, hence stop acting on the * service being unnecessary after a while. */ -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0007-hostnamed-localed-timedated-disable-methods-that-cha.patch b/pkgs/os-specific/linux/systemd/0007-hostnamed-localed-timedated-disable-methods-that-cha.patch index d7649b5e44a76..a93488afbf92a 100644 --- a/pkgs/os-specific/linux/systemd/0007-hostnamed-localed-timedated-disable-methods-that-cha.patch +++ b/pkgs/os-specific/linux/systemd/0007-hostnamed-localed-timedated-disable-methods-that-cha.patch @@ -1,4 +1,4 @@ -From 566208aea81057789218b959f4d0e898eec54fc9 Mon Sep 17 00:00:00 2001 +From 14474d5e116609ce4fac60d779b08fa3eab840c3 Mon Sep 17 00:00:00 2001 From: Gabriel Ebner <gebner@gebner.org> Date: Sun, 6 Dec 2015 14:26:36 +0100 Subject: [PATCH 07/19] hostnamed, localed, timedated: disable methods that @@ -11,10 +11,10 @@ Subject: [PATCH 07/19] hostnamed, localed, timedated: disable methods that 3 files changed, 25 insertions(+) diff --git a/src/hostname/hostnamed.c b/src/hostname/hostnamed.c -index 36702f2fb0..669257ea2f 100644 +index b20a93ad81..6292fca4fc 100644 --- a/src/hostname/hostnamed.c +++ b/src/hostname/hostnamed.c -@@ -797,6 +797,9 @@ static int method_set_static_hostname(sd_bus_message *m, void *userdata, sd_bus_ +@@ -813,6 +813,9 @@ static int method_set_static_hostname(sd_bus_message *m, void *userdata, sd_bus_ if (r < 0) return r; @@ -24,7 +24,7 @@ index 36702f2fb0..669257ea2f 100644 name = empty_to_null(name); context_read_etc_hostname(c); -@@ -860,6 +863,9 @@ static int set_machine_info(Context *c, sd_bus_message *m, int prop, sd_bus_mess +@@ -876,6 +879,9 @@ static int set_machine_info(Context *c, sd_bus_message *m, int prop, sd_bus_mess if (r < 0) return r; @@ -104,5 +104,5 @@ index 66b454269d..0a8fe25d0f 100644 if (r < 0) return r; -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0008-Fix-hwdb-paths.patch b/pkgs/os-specific/linux/systemd/0008-Fix-hwdb-paths.patch index f938b553c9f52..e1bc44a148ea0 100644 --- a/pkgs/os-specific/linux/systemd/0008-Fix-hwdb-paths.patch +++ b/pkgs/os-specific/linux/systemd/0008-Fix-hwdb-paths.patch @@ -1,4 +1,4 @@ -From 3b9983969de2a86929768f6362ed41c20dd13bd3 Mon Sep 17 00:00:00 2001 +From d668df39728c992ec0c691ef6e76664e7121f5bd Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov <ab@fmap.me> Date: Thu, 7 Jul 2016 02:47:13 +0300 Subject: [PATCH 08/19] Fix hwdb paths @@ -24,5 +24,5 @@ index 5ddc2211e6..ee621eec46 100644 + "/etc/udev/hwdb.bin\0" + -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0009-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch b/pkgs/os-specific/linux/systemd/0009-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch index 87cf1afc7d22b..68d40980ab169 100644 --- a/pkgs/os-specific/linux/systemd/0009-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch +++ b/pkgs/os-specific/linux/systemd/0009-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch @@ -1,4 +1,4 @@ -From b5966b6abb9696798618367cab33d1fed317734f Mon Sep 17 00:00:00 2001 +From dd59ce5f1bbdafb0b92f8aeacc68b000ec347a61 Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov <ab@fmap.me> Date: Tue, 11 Oct 2016 13:12:08 +0300 Subject: [PATCH 09/19] Change /usr/share/zoneinfo to /etc/zoneinfo @@ -35,10 +35,10 @@ index e486474c44..5f373d0723 100644 <literal>Etc/UTC</literal>. The resulting link should lead to the corresponding binary diff --git a/src/basic/time-util.c b/src/basic/time-util.c -index 5d162e8ffe..1bec83e555 100644 +index b659d6905d..660b1c6fed 100644 --- a/src/basic/time-util.c +++ b/src/basic/time-util.c -@@ -1269,7 +1269,7 @@ static int get_timezones_from_zone1970_tab(char ***ret) { +@@ -1267,7 +1267,7 @@ static int get_timezones_from_zone1970_tab(char ***ret) { assert(ret); @@ -47,7 +47,7 @@ index 5d162e8ffe..1bec83e555 100644 if (!f) return -errno; -@@ -1308,7 +1308,7 @@ static int get_timezones_from_tzdata_zi(char ***ret) { +@@ -1306,7 +1306,7 @@ static int get_timezones_from_tzdata_zi(char ***ret) { _cleanup_strv_free_ char **zones = NULL; int r; @@ -56,7 +56,7 @@ index 5d162e8ffe..1bec83e555 100644 if (!f) return -errno; -@@ -1421,7 +1421,7 @@ int verify_timezone(const char *name, int log_level) { +@@ -1419,7 +1419,7 @@ int verify_timezone(const char *name, int log_level) { if (p - name >= PATH_MAX) return -ENAMETOOLONG; @@ -65,7 +65,7 @@ index 5d162e8ffe..1bec83e555 100644 fd = open(t, O_RDONLY|O_CLOEXEC); if (fd < 0) -@@ -1512,7 +1512,7 @@ int get_timezone(char **ret) { +@@ -1510,7 +1510,7 @@ int get_timezone(char **ret) { if (r < 0) return r; /* returns EINVAL if not a symlink */ @@ -75,10 +75,10 @@ index 5d162e8ffe..1bec83e555 100644 return -EINVAL; diff --git a/src/firstboot/firstboot.c b/src/firstboot/firstboot.c -index 2cb4f80d5d..ebeaeac52f 100644 +index d28a416e5d..c7c215731d 100644 --- a/src/firstboot/firstboot.c +++ b/src/firstboot/firstboot.c -@@ -491,7 +491,7 @@ static int process_timezone(void) { +@@ -494,7 +494,7 @@ static int process_timezone(void) { if (isempty(arg_timezone)) return 0; @@ -88,10 +88,10 @@ index 2cb4f80d5d..ebeaeac52f 100644 (void) mkdir_parents(etc_localtime, 0755); if (symlink(e, etc_localtime) < 0) diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c -index 438ca294db..98bd110d92 100644 +index 197e5aa252..c674fa61d5 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c -@@ -1887,8 +1887,8 @@ int userns_mkdir(const char *root, const char *path, mode_t mode, uid_t uid, gid +@@ -1899,8 +1899,8 @@ int userns_mkdir(const char *root, const char *path, mode_t mode, uid_t uid, gid static const char *timezone_from_path(const char *path) { return PATH_STARTSWITH_SET( path, @@ -137,5 +137,5 @@ index 0a8fe25d0f..2f02b9a520 100644 return -ENOMEM; -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0010-localectl-use-etc-X11-xkb-for-list-x11.patch b/pkgs/os-specific/linux/systemd/0010-localectl-use-etc-X11-xkb-for-list-x11.patch index 6e36bbdc34065..f2514de6c6629 100644 --- a/pkgs/os-specific/linux/systemd/0010-localectl-use-etc-X11-xkb-for-list-x11.patch +++ b/pkgs/os-specific/linux/systemd/0010-localectl-use-etc-X11-xkb-for-list-x11.patch @@ -1,4 +1,4 @@ -From f4e9304560ad42eeb8d42be583cc55eb2e5b4bb1 Mon Sep 17 00:00:00 2001 +From a93da270bed88972f4d60a1fa08f24e00712d7fb Mon Sep 17 00:00:00 2001 From: Imuli <i@imu.li> Date: Wed, 19 Oct 2016 08:46:47 -0400 Subject: [PATCH 10/19] localectl: use /etc/X11/xkb for list-x11-* @@ -10,10 +10,10 @@ NixOS has an option to link the xkb data files to /etc/X11, but not to 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/locale/localectl.c b/src/locale/localectl.c -index 548ac8eb2c..5e372f1566 100644 +index b5624209dc..4ab7adfdb6 100644 --- a/src/locale/localectl.c +++ b/src/locale/localectl.c -@@ -280,7 +280,7 @@ static int list_x11_keymaps(int argc, char **argv, void *userdata) { +@@ -279,7 +279,7 @@ static int list_x11_keymaps(int argc, char **argv, void *userdata) { } state = NONE, look_for; int r; @@ -23,5 +23,5 @@ index 548ac8eb2c..5e372f1566 100644 return log_error_errno(errno, "Failed to open keyboard mapping list. %m"); -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0011-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch b/pkgs/os-specific/linux/systemd/0011-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch index 5aa22d988952d..c21a1bda41226 100644 --- a/pkgs/os-specific/linux/systemd/0011-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch +++ b/pkgs/os-specific/linux/systemd/0011-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch @@ -1,4 +1,4 @@ -From 43a363f30b6012d600cfb62a3851c4ac7af4d1d5 Mon Sep 17 00:00:00 2001 +From 3bc3462165cd72de93a1c71f03e6c4150726b159 Mon Sep 17 00:00:00 2001 From: Franz Pletz <fpletz@fnordicwalking.de> Date: Sun, 11 Feb 2018 04:37:44 +0100 Subject: [PATCH 11/19] build: don't create statedir and don't touch prefixdir @@ -8,12 +8,12 @@ Subject: [PATCH 11/19] build: don't create statedir and don't touch prefixdir 1 file changed, 3 deletions(-) diff --git a/meson.build b/meson.build -index 5bdfd9753d..5bf6afc7b7 100644 +index c0cbadecb1..8266bf57de 100644 --- a/meson.build +++ b/meson.build -@@ -3539,9 +3539,6 @@ install_data('LICENSE.GPL2', - 'docs/GVARIANT-SERIALIZATION.md', - install_dir : docdir) +@@ -3729,9 +3729,6 @@ install_data('LICENSE.GPL2', + install_subdir('LICENSES', + install_dir : docdir) -meson.add_install_script('sh', '-c', mkdir_p.format(systemdstatedir)) -meson.add_install_script('sh', '-c', 'touch $DESTDIR@0@'.format(prefixdir)) @@ -22,5 +22,5 @@ index 5bdfd9753d..5bf6afc7b7 100644 # Ensure that changes to the docs/ directory do not break the -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0012-inherit-systemd-environment-when-calling-generators.patch b/pkgs/os-specific/linux/systemd/0012-inherit-systemd-environment-when-calling-generators.patch index a2bdfcf8ec3fd..5f27e41752328 100644 --- a/pkgs/os-specific/linux/systemd/0012-inherit-systemd-environment-when-calling-generators.patch +++ b/pkgs/os-specific/linux/systemd/0012-inherit-systemd-environment-when-calling-generators.patch @@ -1,4 +1,4 @@ -From 7ea935a5ac4f31106ce9347227d4eb59b77b02cd Mon Sep 17 00:00:00 2001 +From 85f0ad0cb7b4f0cfd482c9611f9cbc2dacbba33a Mon Sep 17 00:00:00 2001 From: Andreas Rammhold <andreas@rammhold.de> Date: Fri, 2 Nov 2018 21:15:42 +0100 Subject: [PATCH 12/19] inherit systemd environment when calling generators. @@ -16,10 +16,10 @@ executables that are being called from managers. 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/src/core/manager.c b/src/core/manager.c -index b9b4789720..79239afe4a 100644 +index 5b0bdb1bc7..1538a5200a 100644 --- a/src/core/manager.c +++ b/src/core/manager.c -@@ -4149,10 +4149,15 @@ static int manager_run_generators(Manager *m) { +@@ -3653,10 +3653,15 @@ static int manager_run_generators(Manager *m) { argv[4] = NULL; RUN_WITH_UMASK(0022) @@ -40,5 +40,5 @@ index b9b4789720..79239afe4a 100644 finish: -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0013-add-rootprefix-to-lookup-dir-paths.patch b/pkgs/os-specific/linux/systemd/0013-add-rootprefix-to-lookup-dir-paths.patch index 20372a5dbad58..d008cf2821c7a 100644 --- a/pkgs/os-specific/linux/systemd/0013-add-rootprefix-to-lookup-dir-paths.patch +++ b/pkgs/os-specific/linux/systemd/0013-add-rootprefix-to-lookup-dir-paths.patch @@ -1,4 +1,4 @@ -From eb93778af78a127e8e20d6ed7fd9f91fd22dc7c9 Mon Sep 17 00:00:00 2001 +From b30d2273d3ce1480b0c4c27c25211f84e04172e9 Mon Sep 17 00:00:00 2001 From: Andreas Rammhold <andreas@rammhold.de> Date: Thu, 9 May 2019 11:15:22 +0200 Subject: [PATCH 13/19] add rootprefix to lookup dir paths @@ -12,7 +12,7 @@ files that I might have missed. 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/basic/def.h b/src/basic/def.h -index 2e60abb4f1..732ec51d36 100644 +index eccee3d3fa..e94a2c8bd0 100644 --- a/src/basic/def.h +++ b/src/basic/def.h @@ -39,13 +39,15 @@ @@ -34,5 +34,5 @@ index 2e60abb4f1..732ec51d36 100644 #define CONF_PATHS(n) \ CONF_PATHS_USR(n) \ -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0014-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch b/pkgs/os-specific/linux/systemd/0014-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch index a22566eb4cc30..49c6651c0edff 100644 --- a/pkgs/os-specific/linux/systemd/0014-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch +++ b/pkgs/os-specific/linux/systemd/0014-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch @@ -1,4 +1,4 @@ -From 1d623def80a3532ac1445499c9d4673e21ae8195 Mon Sep 17 00:00:00 2001 +From 76da27ff77e5db07e502d4d8d26286d69c3f0319 Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov <ab@fmap.me> Date: Thu, 25 Jul 2019 20:45:55 +0300 Subject: [PATCH 14/19] systemd-shutdown: execute scripts in @@ -10,12 +10,12 @@ This is needed for NixOS to use such scripts as systemd directory is immutable. 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/shutdown/shutdown.c b/src/shutdown/shutdown.c -index a98cfc4d8a..b0b34edda7 100644 +index 7ad9930677..fdb03a2e1a 100644 --- a/src/shutdown/shutdown.c +++ b/src/shutdown/shutdown.c -@@ -312,7 +312,7 @@ int main(int argc, char *argv[]) { +@@ -335,7 +335,7 @@ int main(int argc, char *argv[]) { _cleanup_free_ char *cgroup = NULL; - char *arguments[3], *watchdog_device; + char *arguments[3]; int cmd, r, umount_log_level = LOG_INFO; - static const char* const dirs[] = {SYSTEM_SHUTDOWN_PATH, NULL}; + static const char* const dirs[] = {SYSTEM_SHUTDOWN_PATH, "/etc/systemd/system-shutdown", NULL}; @@ -23,5 +23,5 @@ index a98cfc4d8a..b0b34edda7 100644 /* The log target defaults to console, but the original systemd process will pass its log target in through a * command line argument, which will override this default. Also, ensure we'll never log to the journal or -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0015-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch b/pkgs/os-specific/linux/systemd/0015-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch index 1a21d1005ee04..78d77c0058229 100644 --- a/pkgs/os-specific/linux/systemd/0015-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch +++ b/pkgs/os-specific/linux/systemd/0015-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch @@ -1,4 +1,4 @@ -From 5a96c4a98be971d84a12ae04e42bc3cb889d5191 Mon Sep 17 00:00:00 2001 +From 47c651f97acae814d4ff679ae04d78d4532cbca6 Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov <ab@fmap.me> Date: Thu, 25 Jul 2019 20:46:58 +0300 Subject: [PATCH 15/19] systemd-sleep: execute scripts in @@ -10,7 +10,7 @@ This is needed for NixOS to use such scripts as systemd directory is immutable. 1 file changed, 1 insertion(+) diff --git a/src/sleep/sleep.c b/src/sleep/sleep.c -index a3aeb24633..0ed6a34d79 100644 +index 7064f3a905..b60ced9d9b 100644 --- a/src/sleep/sleep.c +++ b/src/sleep/sleep.c @@ -182,6 +182,7 @@ static int execute( @@ -22,5 +22,5 @@ index a3aeb24633..0ed6a34d79 100644 }; -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0016-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch b/pkgs/os-specific/linux/systemd/0016-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch index 12624cb5548fc..3c1643e0f1ab8 100644 --- a/pkgs/os-specific/linux/systemd/0016-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch +++ b/pkgs/os-specific/linux/systemd/0016-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch @@ -1,32 +1,27 @@ -From 775a2a8940c07f4af33a2a11bfa17e0257b427cb Mon Sep 17 00:00:00 2001 +From df0fec7ac2f33bcca60ba9a2396af33397ba42cc Mon Sep 17 00:00:00 2001 From: Florian Klink <flokli@flokli.de> Date: Sat, 7 Mar 2020 22:40:27 +0100 Subject: [PATCH 16/19] kmod-static-nodes.service: Update ConditionFileNotEmpty -kmod loads modules from not only /lib/modules but also from -/run/booted-system/kernel-modules/lib/modules and -/run/current-system/kernel-modules/lib/module - -Co-authored-by: Arian van Putten <arian.vanputten@gmail.com> +On NixOS, kernel modules of the currently booted systems are located at +/run/booted-system/kernel-modules/lib/modules/%v/, not /lib/modules/%v/. --- - units/kmod-static-nodes.service.in | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) + units/kmod-static-nodes.service.in | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/units/kmod-static-nodes.service.in b/units/kmod-static-nodes.service.in -index 777e82d16b..9a5e05a1cc 100644 +index 777e82d16b..b6abc2bba0 100644 --- a/units/kmod-static-nodes.service.in +++ b/units/kmod-static-nodes.service.in -@@ -12,7 +12,9 @@ Description=Create List of Static Device Nodes +@@ -12,7 +12,7 @@ Description=Create List of Static Device Nodes DefaultDependencies=no Before=sysinit.target systemd-tmpfiles-setup-dev.service ConditionCapability=CAP_SYS_MODULE -ConditionFileNotEmpty=/lib/modules/%v/modules.devname -+ConditionFileNotEmpty=|/lib/modules/%v/modules.devname -+ConditionFileNotEmpty=|/run/booted-system/kernel-modules/lib/modules/%v/modules.devname -+ConditionFileNotEmpty=|/run/current-system/kernel-modules/lib/modules/%v/modules.devname ++ConditionFileNotEmpty=/run/booted-system/kernel-modules/lib/modules/%v/modules.devname [Service] Type=oneshot -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0017-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch b/pkgs/os-specific/linux/systemd/0017-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch index 52b74284fe26d..882690ad9140f 100644 --- a/pkgs/os-specific/linux/systemd/0017-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch +++ b/pkgs/os-specific/linux/systemd/0017-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch @@ -1,4 +1,4 @@ -From 6ddb2011b379f3232374327517af874b68c434b5 Mon Sep 17 00:00:00 2001 +From f21722ac0f51b0b59a5c030af3db5fe4e6397f7c Mon Sep 17 00:00:00 2001 From: Florian Klink <flokli@flokli.de> Date: Sun, 8 Mar 2020 01:05:54 +0100 Subject: [PATCH 17/19] path-util.h: add placeholder for DEFAULT_PATH_NORMAL @@ -10,7 +10,7 @@ systemd itself uses extensively. 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/basic/path-util.h b/src/basic/path-util.h -index 26e7362d1f..a8f8a863ec 100644 +index 518f3340bf..18e826ea0b 100644 --- a/src/basic/path-util.h +++ b/src/basic/path-util.h @@ -24,11 +24,11 @@ @@ -29,5 +29,5 @@ index 26e7362d1f..a8f8a863ec 100644 #if HAVE_SPLIT_USR # define DEFAULT_PATH DEFAULT_PATH_SPLIT_USR -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0018-pkg-config-derive-prefix-from-prefix.patch b/pkgs/os-specific/linux/systemd/0018-pkg-config-derive-prefix-from-prefix.patch index 58eb7f96e642c..e602bef9c3d7f 100644 --- a/pkgs/os-specific/linux/systemd/0018-pkg-config-derive-prefix-from-prefix.patch +++ b/pkgs/os-specific/linux/systemd/0018-pkg-config-derive-prefix-from-prefix.patch @@ -1,4 +1,4 @@ -From 50f2ada6cbfafa75b628410e8834f29581854e6f Mon Sep 17 00:00:00 2001 +From 968bd0c7bc058a4b05b6457f9ff20d02b70c9852 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io> Date: Sun, 6 Dec 2020 08:34:19 +0100 Subject: [PATCH 18/19] pkg-config: derive prefix from --prefix @@ -29,5 +29,5 @@ index 162432e77f..2fc20daf03 100644 rootprefix=${root_prefix} sysconf_dir={{SYSCONF_DIR}} -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0019-core-handle-lookup-paths-being-symlinks.patch b/pkgs/os-specific/linux/systemd/0019-core-handle-lookup-paths-being-symlinks.patch index 54e5c32aeb446..916f95e194ac6 100644 --- a/pkgs/os-specific/linux/systemd/0019-core-handle-lookup-paths-being-symlinks.patch +++ b/pkgs/os-specific/linux/systemd/0019-core-handle-lookup-paths-being-symlinks.patch @@ -1,4 +1,4 @@ -From 2ab388cf0be320879e668a6206cb15d002b55f98 Mon Sep 17 00:00:00 2001 +From 169fc6f270ff3e3903a7a31550c964152f9751ec Mon Sep 17 00:00:00 2001 From: Andreas Rammhold <andreas@rammhold.de> Date: Wed, 18 Aug 2021 19:10:08 +0200 Subject: [PATCH 19/19] core: handle lookup paths being symlinks @@ -15,10 +15,10 @@ directory itself is already a symlink. 1 file changed, 31 insertions(+), 2 deletions(-) diff --git a/src/basic/unit-file.c b/src/basic/unit-file.c -index 0d58b1c4fe..7314f1245f 100644 +index 30c632dfce..6179100126 100644 --- a/src/basic/unit-file.c +++ b/src/basic/unit-file.c -@@ -254,6 +254,7 @@ int unit_file_build_name_map( +@@ -255,6 +255,7 @@ int unit_file_build_name_map( _cleanup_hashmap_free_ Hashmap *ids = NULL, *names = NULL; _cleanup_set_free_free_ Set *paths = NULL; @@ -26,7 +26,7 @@ index 0d58b1c4fe..7314f1245f 100644 uint64_t timestamp_hash; char **dir; int r; -@@ -273,6 +274,34 @@ int unit_file_build_name_map( +@@ -274,6 +275,34 @@ int unit_file_build_name_map( return log_oom(); } @@ -59,9 +59,9 @@ index 0d58b1c4fe..7314f1245f 100644 + } + STRV_FOREACH(dir, (char**) lp->search_path) { - struct dirent *de; _cleanup_closedir_ DIR *d = NULL; -@@ -351,11 +380,11 @@ int unit_file_build_name_map( + +@@ -386,11 +415,11 @@ int unit_file_build_name_map( continue; } @@ -76,5 +76,5 @@ index 0d58b1c4fe..7314f1245f 100644 log_debug("%s: linked unit file: %s → %s", __func__, filename, simplified); -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index 4cbed9b7cbf10..e130abbf27ff3 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -15,6 +15,8 @@ , gperf , getent , glibcLocales + + # glib is only used during tests (test-bus-gvariant, test-bus-marshal) , glib , substituteAll , gettext @@ -29,7 +31,6 @@ # Optional dependencies , pam , cryptsetup -, lvm2 , audit , acl , lz4 @@ -61,8 +62,10 @@ , kexec-tools , bashInteractive , libmicrohttpd +, libfido2 +, p11-kit - # the (optional) BPF feature requires bpftool, libbpf, clang and llmv-strip to be avilable during build time. + # the (optional) BPF feature requires bpftool, libbpf, clang and llvm-strip to be available during build time. # Only libbpf should be a runtime dependency. , bpftools , libbpf @@ -97,8 +100,8 @@ , withTimesyncd ? true , withTpm2Tss ? !stdenv.hostPlatform.isMusl , withUserDb ? !stdenv.hostPlatform.isMusl -, libfido2 -, p11-kit + # tests assume too much system access for them to be feasible for us right now +, withTests ? false # name argument , pname ? "systemd" @@ -123,7 +126,14 @@ assert withHomed -> withCryptsetup; assert withCryptsetup -> (cryptsetup != null); let wantCurl = withRemote || withImportd; - version = "249.7"; + wantGcrypt = withResolved || withImportd; + version = "250.4"; + + # Bump this variable on every (major) version change. See below (in the meson options list) for why. + # command: + # $ curl -s https://api.github.com/repos/systemd/systemd/releases/latest | \ + # jq '.created_at|strptime("%Y-%m-%dT%H:%M:%SZ")|mktime' + releaseTimestamp = "1640290180"; in stdenv.mkDerivation { inherit pname version; @@ -134,12 +144,12 @@ stdenv.mkDerivation { owner = "systemd"; repo = "systemd-stable"; rev = "v${version}"; - sha256 = "sha256-y33/BvvI+JyhsvuT1Cbm6J2Z72j71oXgLw6X9NwCMPE="; + sha256 = "sha256-AdzPh7dGVrGbbjL9+PqytQOpRzNDUUEftmKZAbFH3L4="; }; - # If these need to be regenerated, `git am path/to/00*.patch` them into a - # systemd worktree, rebase to the more recent systemd version, and export the - # patches again via `git -c format.signoff=false format-patch v${version}`. + # On major changes, or when otherwise required, you *must* reformat the patches, + # `git am path/to/00*.patch` them into a systemd worktree, rebase to the more recent + # systemd version, and export the patches again via `git -c format.signoff=false format-patch v${version}`. # Use `find . -name "*.patch" | sort` to get an up-to-date listing of all patches patches = [ ./0001-Start-device-units-for-uninitialised-encrypted-devic.patch @@ -166,42 +176,44 @@ stdenv.mkDerivation { # systemd. With the below patch we mitigate that effect by special casing # all our root unit dirs if they are symlinks. This does exactly what we # need (AFAICT). - # See https://github.com/systemd/systemd/pull/20479 for upsteam discussion. + # See https://github.com/systemd/systemd/pull/20479 for upstream discussion. ./0019-core-handle-lookup-paths-being-symlinks.patch - ] ++ lib.optional stdenv.hostPlatform.isMusl (let - oe-core = fetchzip { - url = "https://git.openembedded.org/openembedded-core/snapshot/openembedded-core-14c6e5a4b72d0e4665279158a0740dd1dc21f72f.tar.bz2"; - sha256 = "1jixya4czkr5p5rdcw3d6ips8zzr82dvnanvzvgjh67730scflya"; - }; - musl-patches = oe-core + "/meta/recipes-core/systemd/systemd"; - in [ - (musl-patches + "/0002-don-t-use-glibc-specific-qsort_r.patch") - (musl-patches + "/0003-missing_type.h-add-__compare_fn_t-and-comparison_fn_.patch") - (musl-patches + "/0004-add-fallback-parse_printf_format-implementation.patch") - (musl-patches + "/0005-src-basic-missing.h-check-for-missing-strndupa.patch") - (musl-patches + "/0006-Include-netinet-if_ether.h.patch") - (musl-patches + "/0007-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch") - (musl-patches + "/0008-add-missing-FTW_-macros-for-musl.patch") - (musl-patches + "/0009-fix-missing-of-__register_atfork-for-non-glibc-build.patch") - (musl-patches + "/0010-Use-uintmax_t-for-handling-rlim_t.patch") - (musl-patches + "/0011-test-sizeof.c-Disable-tests-for-missing-typedefs-in-.patch") - (musl-patches + "/0012-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch") - (musl-patches + "/0013-Define-glibc-compatible-basename-for-non-glibc-syste.patch") - (musl-patches + "/0014-Do-not-disable-buffering-when-writing-to-oom_score_a.patch") - (musl-patches + "/0015-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch") - (musl-patches + "/0016-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch") - (musl-patches + "/0017-missing_type.h-add-__compar_d_fn_t-definition.patch") - (musl-patches + "/0018-avoid-redefinition-of-prctl_mm_map-structure.patch") - (musl-patches + "/0019-Handle-missing-LOCK_EX.patch") - (musl-patches + "/0021-test-json.c-define-M_PIl.patch") - (musl-patches + "/0022-do-not-disable-buffer-in-writing-files.patch") - (musl-patches + "/0025-Handle-__cpu_mask-usage.patch") - (musl-patches + "/0026-Handle-missing-gshadow.patch") - (musl-patches + "/0028-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch") - - # Being discussed upstream: https://lists.openembedded.org/g/openembedded-core/topic/86411771#157056 - ./musl.diff - ]); + ] ++ lib.optional stdenv.hostPlatform.isMusl ( + let + oe-core = fetchzip { + url = "https://git.openembedded.org/openembedded-core/snapshot/openembedded-core-7e35a575ef09a85e625a81e0b4d80b020e3e3a92.tar.bz2"; + sha256 = "0dvz4685nk0y7nnq3sr2q8ab3wfx0bi8ilwcgn0h6kagwcnav2n8"; + }; + musl-patches = oe-core + "/meta/recipes-core/systemd/systemd"; + in + [ + (musl-patches + "/0002-don-t-use-glibc-specific-qsort_r.patch") + (musl-patches + "/0003-missing_type.h-add-__compare_fn_t-and-comparison_fn_.patch") + (musl-patches + "/0004-add-fallback-parse_printf_format-implementation.patch") + (musl-patches + "/0005-src-basic-missing.h-check-for-missing-strndupa.patch") + (musl-patches + "/0007-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch") + (musl-patches + "/0008-add-missing-FTW_-macros-for-musl.patch") + (musl-patches + "/0009-fix-missing-of-__register_atfork-for-non-glibc-build.patch") + (musl-patches + "/0010-Use-uintmax_t-for-handling-rlim_t.patch") + (musl-patches + "/0011-test-sizeof.c-Disable-tests-for-missing-typedefs-in-.patch") + (musl-patches + "/0012-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch") + (musl-patches + "/0013-Define-glibc-compatible-basename-for-non-glibc-syste.patch") + (musl-patches + "/0014-Do-not-disable-buffering-when-writing-to-oom_score_a.patch") + (musl-patches + "/0015-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch") + (musl-patches + "/0016-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch") + (musl-patches + "/0017-missing_type.h-add-__compar_d_fn_t-definition.patch") + (musl-patches + "/0018-avoid-redefinition-of-prctl_mm_map-structure.patch") + (musl-patches + "/0019-Handle-missing-LOCK_EX.patch") + (musl-patches + "/0021-test-json.c-define-M_PIl.patch") + (musl-patches + "/0022-do-not-disable-buffer-in-writing-files.patch") + (musl-patches + "/0025-Handle-__cpu_mask-usage.patch") + (musl-patches + "/0026-Handle-missing-gshadow.patch") + (musl-patches + "/0028-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch") + (musl-patches + "/0001-pass-correct-parameters-to-getdents64.patch") + (musl-patches + "/0002-Add-sys-stat.h-for-S_IFDIR.patch") + (musl-patches + "/0001-Adjust-for-musl-headers.patch") + ] + ); postPatch = '' substituteInPlace src/basic/path-util.h --replace "@defaultPathNormal@" "${placeholder "out"}/bin/" @@ -211,7 +223,7 @@ stdenv.mkDerivation { "find_program('${stdenv.cc.bintools.targetPrefix}objcopy'" '' + ( let - # The folllowing patches references to dynamic libraries to ensure that + # The following patches references to dynamic libraries to ensure that # all the features that are implemented via dlopen(3) are available (or # explicitly deactivated) by pointing dlopen to the absolute store path # instead of relying on the linkers runtime lookup code. @@ -267,7 +279,7 @@ stdenv.mkDerivation { { name = "libidn.so.12"; pkg = null; } { name = "libidn.so.11"; pkg = null; } - # journalctl --grep requires libpcre so lets provide it + # journalctl --grep requires libpcre so let's provide it { name = "libpcre2-8.so.0"; pkg = pcre2; } # Support for TPM2 in systemd-cryptsetup, systemd-repart and systemd-cryptenroll @@ -276,6 +288,10 @@ stdenv.mkDerivation { { name = "libtss2-mu.so.0"; pkg = opt withTpm2Tss tpm2-tss; } { name = "libtss2-tcti-"; pkg = opt withTpm2Tss tpm2-tss; } { name = "libfido2.so.1"; pkg = opt withFido2 libfido2; } + + # inspect-elf support + { name = "libelf.so.1"; pkg = opt withCoredump elfutils; } + { name = "libdw.so.1"; pkg = opt withCoredump elfutils; } ]; patchDlOpen = dl: @@ -294,7 +310,7 @@ stdenv.mkDerivation { # exceptional case, details: # https://github.com/systemd/systemd-stable/blob/v249-stable/src/shared/tpm2-util.c#L157 if ! [[ "${library}" =~ .*libtss2-tcti-$ ]]; then - echo 'The shared library `${library}` does not exist but was given as subtitute for `${dl.name}`' + echo 'The shared library `${library}` does not exist but was given as substitute for `${dl.name}`' exit 1 fi fi @@ -318,8 +334,8 @@ stdenv.mkDerivation { fi '' # Finally patch shebangs that might need patching. - # Should no longer be necessary with v250. - # https://github.com/systemd/systemd/pull/19638 + # Should no longer be necessary with v251. + # https://github.com/systemd/systemd/pull/21749 + '' patchShebangs . ''; @@ -356,16 +372,16 @@ stdenv.mkDerivation { [ acl audit - glib kmod libcap - libgcrypt libidn2 libuuid linuxHeaders pam ] + ++ lib.optional wantGcrypt libgcrypt + ++ lib.optional withTests glib ++ lib.optional withApparmor libapparmor ++ lib.optional wantCurl (lib.getDev curl) ++ lib.optionals withCompression [ bzip2 lz4 xz zstd ] @@ -389,6 +405,14 @@ stdenv.mkDerivation { mesonFlags = [ "-Dversion-tag=${version}" + # We bump this variable on every (major) version change to ensure + # that we have known-good value for a timestamp that is in the (not so distant) past. + # This serves as a lower bound for valid system timestamps during startup. Systemd will + # reset the system timestamp if this date is +- 15 years from the system time. + # See the systemd v250 release notes for further details: + # https://github.com/systemd/systemd/blob/60e930fc3e6eb8a36fbc184773119eb8d2f30364/NEWS#L258-L266 + "-Dtime-epoch=${releaseTimestamp}" + "-Ddbuspolicydir=${placeholder "out"}/share/dbus-1/system.d" "-Ddbussessionservicedir=${placeholder "out"}/share/dbus-1/services" "-Ddbussystemservicedir=${placeholder "out"}/share/dbus-1/system-services" @@ -400,11 +424,11 @@ stdenv.mkDerivation { "-Dsetfont-path=${kbd}/bin/setfont" "-Dtty-gid=3" # tty in NixOS has gid 3 "-Ddebug-shell=${bashInteractive}/bin/bash" - "-Dglib=${lib.boolToString (glib != null)}" + "-Dglib=${lib.boolToString withTests}" # while we do not run tests we should also not build them. Removes about 600 targets "-Dtests=false" "-Danalyze=${lib.boolToString withAnalyze}" - "-Dgcrypt=${lib.boolToString (libgcrypt != null)}" + "-Dgcrypt=${lib.boolToString wantGcrypt}" "-Dimportd=${lib.boolToString withImportd}" "-Dlz4=${lib.boolToString withCompression}" "-Dhomed=${lib.boolToString withHomed}" @@ -435,7 +459,11 @@ stdenv.mkDerivation { "-Dsmack=true" "-Db_pie=true" "-Dinstall-sysconfdir=false" - "-Defi-ld=${stdenv.cc.bintools.targetPrefix}ld" + "-Dsbat-distro=nixos" + "-Dsbat-distro-summary=NixOS" + "-Dsbat-distro-url=https://nixos.org/" + "-Dsbat-distro-pkgname=${pname}" + "-Dsbat-distro-version=${version}" /* As of now, systemd doesn't allow runtime configuration of these values. So the settings in /etc/login.defs have no effect on it. Many people think this @@ -448,7 +476,6 @@ stdenv.mkDerivation { */ "-Dsystem-uid-max=999" "-Dsystem-gid-max=999" - # "-Dtime-epoch=1" "-Dsysvinit-path=" "-Dsysvrcnd-path=" @@ -487,57 +514,96 @@ stdenv.mkDerivation { "-Dutmp=false" "-Didn=false" ]; + preConfigure = + let + # A list of all the runtime binaries that the systemd exectuables, tests and libraries are referencing in their source code, scripts and unit files. + # As soon as a dependency isn't required anymore we should remove it from the list. The `where` attribute for each of the replacement patterns must be exhaustive. If another (unhandled) case is found in the source code the build fails with an error message. + binaryReplacements = [ + { search = "/usr/bin/getent"; replacement = "${getent}/bin/getent"; where = [ "src/nspawn/nspawn-setuid.c" ]; } + + { + search = "/sbin/mkswap"; + replacement = "${lib.getBin util-linux}/sbin/mkswap"; + where = [ + "man/systemd-makefs@.service.xml" + ]; + } + { search = "/sbin/swapon"; replacement = "${lib.getBin util-linux}/sbin/swapon"; where = [ "src/core/swap.c" "src/basic/unit-def.h" ]; } + { search = "/sbin/swapoff"; replacement = "${lib.getBin util-linux}/sbin/swapoff"; where = [ "src/core/swap.c" ]; } + { + search = "/bin/echo"; + replacement = "${coreutils}/bin/echo"; + where = [ + "man/systemd-analyze.xml" + "man/systemd.service.xml" + "src/analyze/test-verify.c" + "src/test/test-env-file.c" + "src/test/test-fileio.c" + ]; + } + { + search = "/bin/cat"; + replacement = "${coreutils}/bin/cat"; + where = [ "test/create-busybox-container" "test/test-execute/exec-noexecpaths-simple.service" "src/journal/cat.c" ]; + } + { search = "/sbin/modprobe"; replacement = "${lib.getBin kmod}/sbin/modprobe"; where = [ "units/modprobe@.service" ]; } + { + search = "/usr/lib/systemd/systemd-fsck"; + replacement = "$out/lib/systemd/systemd-fsck"; + where = [ + "man/systemd-fsck@.service.xml" + ]; + } + ] ++ lib.optionals withImportd [ + { + search = "\"gpg\""; + replacement = "\\\"${gnupg}/bin/gpg\\\""; + where = [ "src/import/pull-common.c" ]; + } + { + search = "\"tar\""; + replacement = "\\\"${gnutar}/bin/tar\\\""; + where = [ + "src/import/export-tar.c" + "src/import/export.c" + "src/import/import-common.c" + "src/import/import-tar.c" + "src/import/import.c" + "src/import/importd.c" + "src/import/pull-tar.c" + "src/import/pull.c" + ]; + } + ]; + + # { replacement, search, where } -> List[str] + mkSubstitute = { replacement, search, where }: + map (path: "substituteInPlace ${path} --replace '${search}' \"${replacement}\"") where; + mkEnsureSubstituted = { replacement, search, where }: + '' + if [[ $(grep -r '${search}' | grep -v "${replacement}" | grep -Ev 'NEWS|^test/' | wc -l) -gt 0 ]]; then + echo "Not all references to '${search}' have been replaced. Found the following matches:" + grep '${search}' -r | grep -v "${replacement}" | grep -Ev 'NEWS|^test/' + exit 1 + fi + ''; - preConfigure = '' - mesonFlagsArray+=(-Dntp-servers="0.nixos.pool.ntp.org 1.nixos.pool.ntp.org 2.nixos.pool.ntp.org 3.nixos.pool.ntp.org") - export LC_ALL="en_US.UTF-8"; - # FIXME: patch this in systemd properly (and send upstream). - # already fixed in f00929ad622c978f8ad83590a15a765b4beecac9: (u)mount - for i in \ - src/core/mount.c \ - src/core/swap.c \ - src/cryptsetup/cryptsetup-generator.c \ - src/journal/cat.c \ - src/nspawn/nspawn.c \ - src/remount-fs/remount-fs.c \ - src/shared/generator.c \ - src/shutdown/shutdown.c \ - units/emergency.service.in \ - units/modprobe@.service \ - units/rescue.service.in \ - units/systemd-logind.service.in \ - units/systemd-nspawn@.service.in; \ - do - test -e $i - substituteInPlace $i \ - --replace /usr/bin/getent ${getent}/bin/getent \ - --replace /sbin/mkswap ${lib.getBin util-linux}/sbin/mkswap \ - --replace /sbin/swapon ${lib.getBin util-linux}/sbin/swapon \ - --replace /sbin/swapoff ${lib.getBin util-linux}/sbin/swapoff \ - --replace /bin/echo ${coreutils}/bin/echo \ - --replace /bin/cat ${coreutils}/bin/cat \ - --replace /sbin/sulogin ${lib.getBin util-linux}/sbin/sulogin \ - --replace /sbin/modprobe ${lib.getBin kmod}/sbin/modprobe \ - --replace /usr/lib/systemd/systemd-fsck $out/lib/systemd/systemd-fsck \ - --replace /bin/plymouth /run/current-system/sw/bin/plymouth # To avoid dependency - done + in + '' + mesonFlagsArray+=(-Dntp-servers="0.nixos.pool.ntp.org 1.nixos.pool.ntp.org 2.nixos.pool.ntp.org 3.nixos.pool.ntp.org") + export LC_ALL="en_US.UTF-8"; - for dir in tools src/resolve test src/test src/shared; do - patchShebangs $dir - done + ${lib.concatStringsSep "\n" (lib.flatten (map mkSubstitute binaryReplacements))} + ${lib.concatMapStringsSep "\n" mkEnsureSubstituted binaryReplacements} - # absolute paths to gpg & tar - substituteInPlace src/import/pull-common.c \ - --replace '"gpg"' '"${gnupg}/bin/gpg"' - for file in src/import/{{export,import,pull}-tar,import-common}.c; do - substituteInPlace $file \ - --replace '"tar"' '"${gnutar}/bin/tar"' - done + for dir in tools src/resolve test src/test src/shared; do + patchShebangs $dir + done - substituteInPlace src/libsystemd/sd-journal/catalog.c \ - --replace /usr/lib/systemd/catalog/ $out/lib/systemd/catalog/ - ''; + substituteInPlace src/libsystemd/sd-journal/catalog.c \ + --replace /usr/lib/systemd/catalog/ $out/lib/systemd/catalog/ + ''; # These defines are overridden by CFLAGS and would trigger annoying # warning messages @@ -545,7 +611,7 @@ stdenv.mkDerivation { substituteInPlace config.h \ --replace "POLKIT_AGENT_BINARY_PATH" "_POLKIT_AGENT_BINARY_PATH" \ --replace "SYSTEMD_BINARY_PATH" "_SYSTEMD_BINARY_PATH" \ - --replace "SYSTEMD_CGROUP_AGENT_PATH" "_SYSTEMD_CGROUP_AGENT_PATH" + --replace "SYSTEMD_CGROUP_AGENTS_PATH" "_SYSTEMD_CGROUP_AGENT_PATH" ''; NIX_CFLAGS_COMPILE = toString ([ @@ -557,8 +623,8 @@ stdenv.mkDerivation { # Set the release_agent on /sys/fs/cgroup/systemd to the # currently running systemd (/run/current-system/systemd) so # that we don't use an obsolete/garbage-collected release agent. - "-USYSTEMD_CGROUP_AGENT_PATH" - "-DSYSTEMD_CGROUP_AGENT_PATH=\"/run/current-system/systemd/lib/systemd/systemd-cgroups-agent\"" + "-USYSTEMD_CGROUP_AGENTS_PATH" + "-DSYSTEMD_CGROUP_AGENTS_PATH=\"/run/current-system/systemd/lib/systemd/systemd-cgroups-agent\"" "-USYSTEMD_BINARY_PATH" "-DSYSTEMD_BINARY_PATH=\"/run/current-system/systemd/lib/systemd/systemd\"" @@ -575,6 +641,12 @@ stdenv.mkDerivation { ''; postInstall = '' + # sysinit.target: Don't depend on + # systemd-tmpfiles-setup.service. This interferes with NixOps's + # send-keys feature (since sshd.service depends indirectly on + # sysinit.target). + mv $out/lib/systemd/system/sysinit.target.wants/systemd-tmpfiles-setup-dev.service $out/lib/systemd/system/multi-user.target.wants/ + mkdir -p $out/example/systemd mv $out/lib/{modules-load.d,binfmt.d,sysctl.d,tmpfiles.d} $out/example mv $out/lib/systemd/{system,user} $out/example/systemd @@ -603,7 +675,7 @@ stdenv.mkDerivation { # runtime; otherwise we can't and we need to reboot. interfaceVersion = 2; - inherit withCryptsetup util-linux; + inherit withCryptsetup util-linux kmod kbd; tests = { inherit (nixosTests) switchTest; diff --git a/pkgs/os-specific/linux/systemd/musl.diff b/pkgs/os-specific/linux/systemd/musl.diff deleted file mode 100644 index cab135dd8fc53..0000000000000 --- a/pkgs/os-specific/linux/systemd/musl.diff +++ /dev/null @@ -1,12 +0,0 @@ -diff --git a/src/shared/mount-setup.c b/src/shared/mount-setup.c -index ef3527e..cc1ba23 100644 ---- a/src/shared/mount-setup.c -+++ b/src/shared/mount-setup.c -@@ -32,6 +32,7 @@ - #include "strv.h" - #include "user-util.h" - #include "virt.h" -+#include "missing_type.h" - - typedef enum MountMode { - MNT_NONE = 0, diff --git a/pkgs/os-specific/linux/tiscamera/default.nix b/pkgs/os-specific/linux/tiscamera/default.nix index 38bc7c3eaff31..1182aead36bed 100644 --- a/pkgs/os-specific/linux/tiscamera/default.nix +++ b/pkgs/os-specific/linux/tiscamera/default.nix @@ -17,6 +17,7 @@ , python3Packages , libuuid , wrapGAppsHook +, catch2 }: stdenv.mkDerivation rec { @@ -30,6 +31,10 @@ stdenv.mkDerivation rec { sha256 = "0hpy9yhc4mn6w8gvzwif703smmcys0j2jqbz2xfghqxcyb0ykplj"; }; + postPatch = '' + cp ${catch2}/include/catch2/catch.hpp external/catch/catch.hpp + ''; + nativeBuildInputs = [ cmake pkg-config diff --git a/pkgs/os-specific/linux/udisks/2-default.nix b/pkgs/os-specific/linux/udisks/2-default.nix index 427e19ac92151..5aff6e9697058 100644 --- a/pkgs/os-specific/linux/udisks/2-default.nix +++ b/pkgs/os-specific/linux/udisks/2-default.nix @@ -1,8 +1,9 @@ -{ lib, stdenv, fetchFromGitHub, substituteAll, libtool, pkg-config, gettext, gnused +{ lib, stdenv, fetchFromGitHub, substituteAll, pkg-config, gnused, autoreconfHook , gtk-doc, acl, systemd, glib, libatasmart, polkit, coreutils, bash, which , expat, libxslt, docbook_xsl, util-linux, mdadm, libgudev, libblockdev, parted -, gobject-introspection, docbook_xml_dtd_412, docbook_xml_dtd_43, autoconf, automake +, gobject-introspection, docbook_xml_dtd_412, docbook_xml_dtd_43 , xfsprogs, f2fs-tools, dosfstools, e2fsprogs, btrfs-progs, exfat, nilfs-utils, ntfs3g +, nixosTests }: stdenv.mkDerivation rec { @@ -41,8 +42,11 @@ stdenv.mkDerivation rec { }) ]; + strictDeps = true; + # pkg-config had to be in both to find gtk-doc and gobject-introspection + depsBuildBuild = [ pkg-config ]; nativeBuildInputs = [ - autoconf automake pkg-config libtool gettext which gobject-introspection + autoreconfHook which gobject-introspection pkg-config gtk-doc libxslt docbook_xml_dtd_412 docbook_xml_dtd_43 docbook_xsl ]; @@ -60,6 +64,7 @@ stdenv.mkDerivation rec { configureFlags = [ (lib.enableFeature (stdenv.buildPlatform == stdenv.hostPlatform) "gtk-doc") + "--sysconfdir=/etc" "--localstatedir=/var" "--with-systemdsystemunitdir=$(out)/etc/systemd/system" "--with-udevdir=$(out)/lib/udev" @@ -71,10 +76,16 @@ stdenv.mkDerivation rec { "INTROSPECTION_TYPELIBDIR=$(out)/lib/girepository-1.0" ]; + installFlags = [ + "sysconfdir=${placeholder "out"}/etc" + ]; + enableParallelBuilding = true; doCheck = true; + passthru.tests.vm = nixosTests.udisks2; + meta = with lib; { description = "A daemon, tools and libraries to access and manipulate disks, storage devices and technologies"; homepage = "https://www.freedesktop.org/wiki/Software/udisks/"; diff --git a/pkgs/os-specific/linux/unscd/0001-adjust-socket-paths-for-nixos.patch b/pkgs/os-specific/linux/unscd/0001-adjust-socket-paths-for-nixos.patch new file mode 100644 index 0000000000000..941b5c90a6240 --- /dev/null +++ b/pkgs/os-specific/linux/unscd/0001-adjust-socket-paths-for-nixos.patch @@ -0,0 +1,41 @@ +From 9d76d183a97cb667a1ab6d95af69d6db745215df Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Milan=20P=C3=A4ssler?= <milan@petabyte.dev> +Date: Tue, 1 Jun 2021 16:55:45 +0200 +Subject: [PATCH] adjust socket paths for nixos + +The original unscd would crash, because it is not allowed to create its +legacy socket at /var/run/.nscd_socket. + +This socket is only required for very old glibc versions, but removing it +is currently non-trivial, so we just move it somewhere, where it is +allowed to be created. A patch has been submitted upstream to make this +hack unnecessary. + +Also change /var/run to /run, since we shouldn't be using /var/run +anymore. +--- + nscd.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/nscd.c b/nscd.c +index a71e474..0cd7106 100644 +--- a/nscd.c ++++ b/nscd.c +@@ -2100,10 +2100,10 @@ static void main_loop(void) + ** Initialization + */ + +-#define NSCD_PIDFILE "/var/run/nscd/nscd.pid" +-#define NSCD_DIR "/var/run/nscd" +-#define NSCD_SOCKET "/var/run/nscd/socket" +-#define NSCD_SOCKET_OLD "/var/run/.nscd_socket" ++#define NSCD_PIDFILE "/run/nscd/nscd.pid" ++#define NSCD_DIR "/run/nscd" ++#define NSCD_SOCKET "/run/nscd/socket" ++#define NSCD_SOCKET_OLD "/run/nscd/socket_legacy" + + static smallint wrote_pidfile; + +-- +2.31.1 + diff --git a/pkgs/os-specific/linux/unscd/default.nix b/pkgs/os-specific/linux/unscd/default.nix new file mode 100644 index 0000000000000..1f974029b0174 --- /dev/null +++ b/pkgs/os-specific/linux/unscd/default.nix @@ -0,0 +1,76 @@ +{ fetchurl, fetchpatch, stdenv, systemd, lib }: + +stdenv.mkDerivation rec { + pname = "unscd"; + version = "0.54"; + + src = fetchurl { + url = "https://busybox.net/~vda/unscd/nscd-${version}.c"; + sha256 = "0iv4iwgs3sjnqnwd7dpcw6s7i4ar9q89vgsms32clx14fdqjrqch"; + }; + + unpackPhase = '' + runHook preUnpack + cp $src nscd.c + chmod u+w nscd.c + runHook postUnpack + ''; + + patches = [ + # Patches from Debian that have not (yet) been included upstream, but are useful to us + (fetchpatch { + url = "https://sources.debian.org/data/main/u/${pname}/${version}-1/debian/patches/change_invalidate_request_info_output"; + sha256 = "17whakazpisiq9nnw3zybaf7v3lqkww7n6jkx0igxv4z2r3mby6l"; + }) + (fetchpatch { + url = "https://sources.debian.org/data/main/u/${pname}/${version}-1/debian/patches/support_large_numbers_in_config"; + sha256 = "0jrqb4cwclwirpqfb6cvnmiff3sm2jhxnjwxa7h0wx78sg0y3bpp"; + }) + (fetchpatch { + url = "https://sources.debian.org/data/main/u/${pname}/${version}-1/debian/patches/no_debug_on_invalidate"; + sha256 = "0znwzb522zgikb0mm7awzpvvmy0wf5z7l3jgjlkdpgj0scxgz86w"; + }) + (fetchpatch { + url = "https://sources.debian.org/data/main/u/${pname}/${version}-1/debian/patches/notify_systemd_about_successful_startup"; + sha256 = "1ipwmbfwm65yisy74nig9960vxpjx683l3skgxfgssfx1jb9z2mc"; + }) + + # The original unscd would crash, because it is not allowed to create its + # legacy socket at /var/run/.nscd_socket. + # This socket is only required for very old glibc versions, but removing it + # is currently non-trivial, so we just move it somewhere, where it is + # allowed to be created. A patch has been submitted upstream to make this + # hack unnecessary. + # Also change /var/run to /run, since we shouldn't be using /var/run + # anymore. + # See also: http://lists.busybox.net/pipermail/busybox/2021-June/088866.html + ./0001-adjust-socket-paths-for-nixos.patch + ]; + + buildInputs = [ systemd ]; + + buildPhase = '' + runHook preBuild + gcc -Wall \ + -Wl,--sort-section -Wl,alignment \ + -Wl,--sort-common \ + -fomit-frame-pointer \ + -lsystemd \ + -o nscd nscd.c + runHook postBuild + ''; + + installPhase = '' + runHook preInstall + install -Dm755 -t $out/bin nscd + runHook postInstall + ''; + + meta = with lib; { + homepage = "https://busybox.net/~vda/unscd/"; + description = "Less buggy replacement for the glibc name service cache daemon"; + license = licenses.gpl2Only; + platforms = platforms.linux; + maintainers = with maintainers; [ petabyteboy ]; + }; +} diff --git a/pkgs/os-specific/linux/upower/default.nix b/pkgs/os-specific/linux/upower/default.nix index aff9125c236de..f083184a1145c 100644 --- a/pkgs/os-specific/linux/upower/default.nix +++ b/pkgs/os-specific/linux/upower/default.nix @@ -18,13 +18,15 @@ , systemd , useIMobileDevice ? true , libimobiledevice +, withDocs ? (stdenv.buildPlatform == stdenv.hostPlatform) }: stdenv.mkDerivation rec { pname = "upower"; version = "0.99.17"; - outputs = [ "out" "dev" "devdoc" ]; + outputs = [ "out" "dev" ] + ++ lib.optionals withDocs [ "devdoc" ]; src = fetchFromGitLab { domain = "gitlab.freedesktop.org"; @@ -34,6 +36,12 @@ stdenv.mkDerivation rec { sha256 = "xvvqzGxgkuGcvnO12jnLURNJUoSlnMw2g/mnII+i6Bs="; }; + strictDeps = true; + + depsBuildBuild = [ + pkg-config + ]; + nativeBuildInputs = [ meson ninja @@ -66,6 +74,8 @@ stdenv.mkDerivation rec { "-Dos_backend=linux" "-Dsystemdsystemunitdir=${placeholder "out"}/etc/systemd/system" "-Dudevrulesdir=${placeholder "out"}/lib/udev/rules.d" + "-Dintrospection=${if (stdenv.buildPlatform == stdenv.hostPlatform) then "auto" else "disabled"}" + "-Dgtk-doc=${lib.boolToString withDocs}" ]; doCheck = false; # fails with "env: './linux/integration-test': No such file or directory" diff --git a/pkgs/os-specific/linux/usbrelay/daemon.nix b/pkgs/os-specific/linux/usbrelay/daemon.nix new file mode 100644 index 0000000000000..5f8d23e5201d2 --- /dev/null +++ b/pkgs/os-specific/linux/usbrelay/daemon.nix @@ -0,0 +1,36 @@ +{ stdenv, usbrelay, python3 }: +let + python = python3.withPackages (ps: with ps; [ usbrelay-py paho-mqtt ]); +in +# This is a separate derivation, not just an additional output of +# usbrelay, because otherwise, we have a cyclic dependency between +# usbrelay (default.nix) and the python module (python.nix). +stdenv.mkDerivation rec { + pname = "usbrelayd"; + + inherit (usbrelay) src version; + + postPatch = '' + substituteInPlace 'usbrelayd.service' \ + --replace '/usr/bin/python3' "${python}/bin/python3" \ + --replace '/usr/sbin/usbrelayd' "$out/bin/usbrelayd" + ''; + + buildInputs = [ python ]; + + dontBuild = true; + + installPhase = '' + runHook preInstall; + install -m 644 -D usbrelayd $out/bin/usbrelayd + install -m 644 -D usbrelayd.service $out/lib/systemd/system/usbrelayd.service + install -m 644 -D 50-usbrelay.rules $out/lib/udev/rules.d/50-usbrelay.rules + runHook postInstall + ''; + # TODO for later releases: install -D usbrelayd.conf $out/etc/usbrelayd.conf # include this as an example + + meta = { + description = "USB Relay MQTT service"; + inherit (usbrelay.meta) homepage license maintainers platforms; + }; +} diff --git a/pkgs/os-specific/linux/usbrelay/default.nix b/pkgs/os-specific/linux/usbrelay/default.nix new file mode 100644 index 0000000000000..ebbb1dd79228e --- /dev/null +++ b/pkgs/os-specific/linux/usbrelay/default.nix @@ -0,0 +1,29 @@ +{ stdenv, lib, fetchFromGitHub, hidapi }: +stdenv.mkDerivation rec { + pname = "usbrelay"; + version = "0.9"; + + src = fetchFromGitHub { + owner = "darrylb123"; + repo = "usbrelay"; + rev = version; + sha256 = "sha256-bxME4r5W5bZKxMZ/Svi1EenqHKVWIjU6iiKaM8U6lmA="; + }; + + buildInputs = [ + hidapi + ]; + + makeFlags = [ + "DIR_VERSION=${version}" + "PREFIX=${placeholder "out"}" + ]; + + meta = with lib; { + description = "Tool to control USB HID relays"; + homepage = "https://github.com/darrylb123/usbrelay"; + license = licenses.gpl2Plus; + maintainers = with maintainers; [ wentasah ]; + platforms = platforms.linux; + }; +} diff --git a/pkgs/os-specific/linux/usbrelay/python.nix b/pkgs/os-specific/linux/usbrelay/python.nix new file mode 100644 index 0000000000000..02d5ac284eda9 --- /dev/null +++ b/pkgs/os-specific/linux/usbrelay/python.nix @@ -0,0 +1,12 @@ +{ buildPythonPackage, usbrelay }: + +buildPythonPackage rec { + pname = "usbrelay_py"; + inherit (usbrelay) version src; + + buildInputs = [ usbrelay ]; + + pythonImportsCheck = [ "usbrelay_py" ]; + + inherit (usbrelay) meta; +} diff --git a/pkgs/os-specific/linux/usbrelay/test.nix b/pkgs/os-specific/linux/usbrelay/test.nix new file mode 100644 index 0000000000000..dc5847558a691 --- /dev/null +++ b/pkgs/os-specific/linux/usbrelay/test.nix @@ -0,0 +1,63 @@ +# NixOS test for usbrelayd +# +# It is not stored in nixos/tests directory, because it requires the +# USB relay connected to the host computer and as such, it cannot be +# run automatically. +# +# Run this test as: +# +# nix-build test.nix -A driverInteractive && ./result/bin/nixos-test-driver --no-interactive +# +# The interactive driver is required because the default +# (non-interactive) driver uses qemu without support for passing USB +# devices to the guest (see +# https://discourse.nixos.org/t/hardware-dependent-nixos-tests/18564 +# for discussion of other alternatives). + +import ../../../../nixos/tests/make-test-python.nix ({ pkgs, ... }: { + name = "usbrelayd"; + + nodes.machine = { + virtualisation.qemu.options = [ + "-device qemu-xhci" + "-device usb-host,vendorid=0x16c0,productid=0x05df" + ]; + services.usbrelayd.enable = true; + systemd.services.usbrelayd = { + after = [ "mosquitto.service" ]; + }; + services.mosquitto = { + enable = true; + listeners = [{ + acl = [ "pattern readwrite #" ]; + omitPasswordAuth = true; + settings.allow_anonymous = true; + }]; + }; + environment.systemPackages = [ + pkgs.usbrelay + pkgs.mosquitto + ]; + documentation.nixos.enable = false; # building nixos manual takes long time + }; + + testScript = '' + if os.waitstatus_to_exitcode(os.system("lsusb -d 16c0:05df")) != 0: + print("No USB relay detected, skipping test") + import sys + sys.exit(2) + machine.start() + # usbrelayd is started by udev when an relay is detected + machine.wait_for_unit("usbrelayd.service") + + stdout = machine.succeed("usbrelay") + relay_id = stdout.split(sep="_")[0] + assert relay_id != "" + import time + time.sleep(1) + machine.succeed(f"mosquitto_pub -h localhost -t cmnd/{relay_id}/1 -m ON") + time.sleep(1) + machine.succeed(f"mosquitto_pub -h localhost -t cmnd/{relay_id}/1 -m OFF") + print("Did you see the relay switching on and off?") + ''; +}) diff --git a/pkgs/os-specific/linux/util-linux/default.nix b/pkgs/os-specific/linux/util-linux/default.nix index bedd2417e7ead..3efb3914b85e5 100644 --- a/pkgs/os-specific/linux/util-linux/default.nix +++ b/pkgs/os-specific/linux/util-linux/default.nix @@ -1,14 +1,17 @@ { lib, stdenv, fetchurl, pkg-config, zlib, shadow, libcap_ng -, ncurses ? null, pam, systemd ? null +, ncursesSupport ? true +, ncurses, pam +, systemdSupport ? stdenv.isLinux +, systemd , nlsSupport ? true }: stdenv.mkDerivation rec { - pname = "util-linux"; + pname = "util-linux" + lib.optionalString (!nlsSupport && !ncursesSupport && !systemdSupport) "-minimal"; version = "2.37.4"; src = fetchurl { - url = "mirror://kernel/linux/utils/util-linux/v${lib.versions.majorMinor version}/${pname}-${version}.tar.xz"; + url = "mirror://kernel/linux/utils/util-linux/v${lib.versions.majorMinor version}/util-linux-${version}.tar.xz"; sha256 = "sha256-Y05pFq2RM2bDU2tkaOeER2lUm5mnsr+AMU3nirVlW4M="; }; @@ -40,9 +43,9 @@ stdenv.mkDerivation rec { "--disable-makeinstall-setuid" "--disable-makeinstall-chown" "--disable-su" # provided by shadow (lib.enableFeature nlsSupport "nls") - (lib.withFeature (ncurses != null) "ncursesw") - (lib.withFeature (systemd != null) "systemd") - (lib.withFeatureAs (systemd != null) + (lib.withFeature ncursesSupport "ncursesw") + (lib.withFeature systemdSupport "systemd") + (lib.withFeatureAs systemdSupport "systemdsystemunitdir" "${placeholder "bin"}/lib/systemd/system/") "SYSCONFSTATICDIR=${placeholder "lib"}/lib" ] ++ lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) @@ -56,9 +59,9 @@ stdenv.mkDerivation rec { ]; nativeBuildInputs = [ pkg-config ]; - buildInputs = - [ zlib pam libcap_ng ] - ++ lib.filter (p: p != null) [ ncurses systemd ]; + buildInputs = [ zlib pam libcap_ng ] + ++ lib.optionals ncursesSupport [ ncurses ] + ++ lib.optionals systemdSupport [ systemd ]; doCheck = false; # "For development purpose only. Don't execute on production system!" diff --git a/pkgs/os-specific/linux/vdo/default.nix b/pkgs/os-specific/linux/vdo/default.nix new file mode 100644 index 0000000000000..1904445d4c2c5 --- /dev/null +++ b/pkgs/os-specific/linux/vdo/default.nix @@ -0,0 +1,64 @@ +{ lib, stdenv +, fetchFromGitHub +, installShellFiles +, libuuid +, lvm2_dmeventd # <libdevmapper-event.h> +, zlib +, python3 +}: + +stdenv.mkDerivation rec { + pname = "vdo"; + version = "8.1.1.360"; # kvdo uses this! + + src = fetchFromGitHub { + owner = "dm-vdo"; + repo = pname; + rev = version; + sha256 = "1zp8aaw0diramnlx5z96jcpbm6x0r204xf1vwq6k21rzcazczkwv"; + }; + + nativeBuildInputs = [ + installShellFiles + ]; + + buildInputs = [ + libuuid + lvm2_dmeventd + zlib + python3.pkgs.wrapPython + ]; + + propagatedBuildInputs = with python3.pkgs; [ + pyyaml + ]; + + pythonPath = propagatedBuildInputs; + + makeFlags = [ + "DESTDIR=${placeholder "out"}" + "INSTALLOWNER=" + # all of these paths are relative to DESTDIR and have defaults that don't work for us + "bindir=/bin" + "defaultdocdir=/share/doc" + "mandir=/share/man" + "python3_sitelib=${python3.sitePackages}" + ]; + + enableParallelBuilding = true; + + postInstall = '' + installShellCompletion --bash $out/bash_completion.d/* + rm -r $out/bash_completion.d + + wrapPythonPrograms + ''; + + meta = with lib; { + homepage = "https://github.com/dm-vdo/vdo"; + description = "A set of userspace tools for managing pools of deduplicated and/or compressed block storage"; + platforms = platforms.linux; + license = with licenses; [ gpl2Plus ]; + maintainers = with maintainers; [ ajs124 ]; + }; +} diff --git a/pkgs/os-specific/linux/wireguard/default.nix b/pkgs/os-specific/linux/wireguard/default.nix index 32389d27369c4..a47fb30c1b396 100644 --- a/pkgs/os-specific/linux/wireguard/default.nix +++ b/pkgs/os-specific/linux/wireguard/default.nix @@ -1,17 +1,15 @@ { lib, stdenv, fetchzip, kernel, perl, wireguard-tools, bc }: -# module requires Linux >= 3.10 https://www.wireguard.io/install/#kernel-requirements -assert lib.versionAtLeast kernel.version "3.10"; # wireguard upstreamed since 5.6 https://lists.zx2c4.com/pipermail/wireguard/2019-December/004704.html assert lib.versionOlder kernel.version "5.6"; stdenv.mkDerivation rec { pname = "wireguard"; - version = "1.0.20210606"; + version = "1.0.20211208"; src = fetchzip { url = "https://git.zx2c4.com/wireguard-linux-compat/snapshot/wireguard-linux-compat-${version}.tar.xz"; - sha256 = "sha256-ha7x6+41oPRRhuRwEb1ojRWLF1dlEMoJtqXrzRKQ408="; + sha256 = "sha256-MHC4ojhRD8IGwTUE8oEew8IVof9hQCC7CPgVQIBfBRQ="; }; hardeningDisable = [ "pic" ]; diff --git a/pkgs/os-specific/linux/wpa_supplicant/default.nix b/pkgs/os-specific/linux/wpa_supplicant/default.nix index 925ec71d3fa1f..1d58d47cf6635 100644 --- a/pkgs/os-specific/linux/wpa_supplicant/default.nix +++ b/pkgs/os-specific/linux/wpa_supplicant/default.nix @@ -1,6 +1,6 @@ { lib, stdenv, fetchurl, openssl, pkg-config, libnl , nixosTests, wpa_supplicant_gui -, withDbus ? true, dbus +, dbusSupport ? true, dbus , withReadline ? true, readline , withPcsclite ? true, pcsclite , readOnlyModeSSIDs ? false @@ -68,7 +68,7 @@ stdenv.mkDerivation rec { CONFIG_EAP_AKA=y CONFIG_EAP_AKA_PRIME=y CONFIG_PCSC=y - '' + optionalString withDbus '' + '' + optionalString dbusSupport '' CONFIG_CTRL_IFACE_DBUS=y CONFIG_CTRL_IFACE_DBUS_NEW=y CONFIG_CTRL_IFACE_DBUS_INTRO=y @@ -93,7 +93,7 @@ stdenv.mkDerivation rec { ''; buildInputs = [ openssl libnl ] - ++ optional withDbus dbus + ++ optional dbusSupport dbus ++ optional withReadline readline ++ optional withPcsclite pcsclite; diff --git a/pkgs/os-specific/linux/zfs/default.nix b/pkgs/os-specific/linux/zfs/default.nix index 6747d511694bb..5a5fd2d19a8a2 100644 --- a/pkgs/os-specific/linux/zfs/default.nix +++ b/pkgs/os-specific/linux/zfs/default.nix @@ -216,7 +216,7 @@ in { # to be adapted zfsStable = common { # check the release notes for compatible kernels - kernelCompatible = kernel.kernelAtLeast "3.10" && kernel.kernelOlder "5.18"; + kernelCompatible = kernel.kernelOlder "5.18"; latestCompatibleLinuxPackages = linuxPackages_5_17; # this package should point to the latest release. @@ -227,7 +227,7 @@ in { zfsUnstable = common { # check the release notes for compatible kernels - kernelCompatible = kernel.kernelAtLeast "3.10" && kernel.kernelOlder "5.18"; + kernelCompatible = kernel.kernelOlder "5.18"; latestCompatibleLinuxPackages = linuxPackages_5_17; # this package should point to a version / git revision compatible with the latest kernel release |