diff options
Diffstat (limited to 'pkgs')
15 files changed, 350 insertions, 59 deletions
diff --git a/pkgs/development/interpreters/python/hooks/pytest-check-hook.sh b/pkgs/development/interpreters/python/hooks/pytest-check-hook.sh index c2079fa84f901..85811a374755d 100644 --- a/pkgs/development/interpreters/python/hooks/pytest-check-hook.sh +++ b/pkgs/development/interpreters/python/hooks/pytest-check-hook.sh @@ -37,12 +37,12 @@ function pytestCheckPhase() { disabledTestsString=$(_pytestComputeDisabledTestsString "${disabledTests[@]}") args+=" -k \""$disabledTestsString"\"" fi - for file in "${disabledTestFiles[@]}"; do + for file in ${disabledTestFiles[@]}; do if [ ! -f "$file" ]; then echo "Disabled test file \"$file\" does not exist. Aborting" exit 1 fi - args+=" --ignore=$file" + args+=" --ignore=\"$file\"" done args+=" ${pytestFlagsArray[@]}" eval "@pythonCheckInterpreter@ $args" diff --git a/pkgs/development/libraries/libxkbcommon/default.nix b/pkgs/development/libraries/libxkbcommon/default.nix index c0785b34e891b..70dd9cb7bbf80 100644 --- a/pkgs/development/libraries/libxkbcommon/default.nix +++ b/pkgs/development/libraries/libxkbcommon/default.nix @@ -2,6 +2,8 @@ , xkeyboard_config, libxcb, libxml2 , python3 , libX11 +# To enable the "interactive-wayland" subcommand of xkbcli: +, withWaylandSupport ? false, wayland, wayland-protocols }: stdenv.mkDerivation rec { @@ -13,18 +15,23 @@ stdenv.mkDerivation rec { sha256 = "0lmwglj16anhpaq0h830xsl1ivknv75i4lir9bk88aq73s2jy852"; }; + patches = [ + ./fix-cross-compilation.patch + ]; + outputs = [ "out" "dev" "doc" ]; - nativeBuildInputs = [ meson ninja pkg-config yacc doxygen ]; - buildInputs = [ xkeyboard_config libxcb libxml2 ]; + nativeBuildInputs = [ meson ninja pkg-config yacc doxygen ] + ++ lib.optional withWaylandSupport wayland; + buildInputs = [ xkeyboard_config libxcb libxml2 ] + ++ lib.optionals withWaylandSupport [ wayland wayland-protocols ]; checkInputs = [ python3 ]; mesonFlags = [ "-Dxkb-config-root=${xkeyboard_config}/etc/X11/xkb" "-Dxkb-config-extra-path=/etc/xkb" # default=$sysconfdir/xkb ($out/etc) "-Dx-locale-root=${libX11.out}/share/X11/locale" - "-Denable-wayland=false" - "-Denable-xkbregistry=false" # Optional, separate library (TODO: Install into extra output) + "-Denable-wayland=${lib.boolToString withWaylandSupport}" ]; doCheck = true; diff --git a/pkgs/development/libraries/libxkbcommon/fix-cross-compilation.patch b/pkgs/development/libraries/libxkbcommon/fix-cross-compilation.patch new file mode 100644 index 0000000000000..55730554a90f6 --- /dev/null +++ b/pkgs/development/libraries/libxkbcommon/fix-cross-compilation.patch @@ -0,0 +1,20 @@ +diff --git a/meson.build b/meson.build +index 47c436f..536c60b 100644 +--- a/meson.build ++++ b/meson.build +@@ -440,13 +440,12 @@ if build_tools + if get_option('enable-wayland') + wayland_client_dep = dependency('wayland-client', version: '>=1.2.0', required: false) + wayland_protocols_dep = dependency('wayland-protocols', version: '>=1.12', required: false) +- wayland_scanner_dep = dependency('wayland-scanner', required: false, native: true) +- if not wayland_client_dep.found() or not wayland_protocols_dep.found() or not wayland_scanner_dep.found() ++ if not wayland_client_dep.found() or not wayland_protocols_dep.found() + error('''The Wayland xkbcli programs require wayland-client >= 1.2.0, wayland-protocols >= 1.7 which were not found. + You can disable the Wayland xkbcli programs with -Denable-wayland=false.''') + endif + +- wayland_scanner = find_program(wayland_scanner_dep.get_pkgconfig_variable('wayland_scanner')) ++ wayland_scanner = find_program('wayland-scanner', native: true) + wayland_scanner_code_gen = generator( + wayland_scanner, + output: '@BASENAME@-protocol.c', diff --git a/pkgs/development/libraries/libzip/default.nix b/pkgs/development/libraries/libzip/default.nix index c65a9b6f583a9..ddefa16c2c1d8 100644 --- a/pkgs/development/libraries/libzip/default.nix +++ b/pkgs/development/libraries/libzip/default.nix @@ -1,20 +1,27 @@ -{ lib, stdenv, fetchurl, cmake, perl, zlib }: +{ lib, stdenv +, cmake +, fetchpatch +, fetchurl +, perl +, zlib +}: stdenv.mkDerivation rec { pname = "libzip"; - version = "1.6.1"; + version = "1.7.3"; src = fetchurl { url = "https://www.nih.at/libzip/${pname}-${version}.tar.gz"; - sha256 = "120xgf7cgjmz9d3yp10lks6lhkgxqb4skbmbiiwf46gx868qxsq6"; + sha256 = "1k5rihiz7m1ahhjzcbq759hb9crzqkgw78pkxga118y5a32pc8hf"; }; - # Fix pkg-config file paths - postPatch = '' - sed -i CMakeLists.txt \ - -e 's#\\''${exec_prefix}/''${CMAKE_INSTALL_LIBDIR}#''${CMAKE_INSTALL_FULL_LIBDIR}#' \ - -e 's#\\''${prefix}/''${CMAKE_INSTALL_INCLUDEDIR}#''${CMAKE_INSTALL_FULL_INCLUDEDIR}#' - ''; + # Remove in next release + patches = [ + (fetchpatch { + url = "https://github.com/nih-at/libzip/commit/351201419d79b958783c0cfc7c370243165523ac.patch"; + sha256 = "0d93z98ki0yiaza93268cxkl35y1r7ll9f7l8sivx3nfxj2c1n8a"; + }) + ]; outputs = [ "out" "dev" ]; diff --git a/pkgs/development/libraries/nss/default.nix b/pkgs/development/libraries/nss/default.nix index 8c98d7ae9bbdb..aa691092f85c3 100644 --- a/pkgs/development/libraries/nss/default.nix +++ b/pkgs/development/libraries/nss/default.nix @@ -1,4 +1,7 @@ -{ lib, stdenv, fetchurl, nspr, perl, zlib, sqlite, darwin, fixDarwinDylibNames, buildPackages, ninja +{ lib, stdenv, fetchurl, nspr, perl, zlib +, sqlite, ninja +, darwin, fixDarwinDylibNames, buildPackages +, useP11kit ? true, p11-kit , # allow FIPS mode. Note that this makes the output non-reproducible. # https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_Tech_Notes/nss_tech_note6 enableFIPS ? false @@ -139,6 +142,11 @@ in stdenv.mkDerivation rec { chmod 0755 $out/bin/nss-config ''; + postInstall = stdenv.lib.optionalString useP11kit '' + # Replace built-in trust with p11-kit connection + ln -sf ${p11-kit}/lib/pkcs11/p11-kit-trust.so $out/lib/libnssckbi.so + ''; + postFixup = let isCross = stdenv.hostPlatform != stdenv.buildPlatform; nss = if isCross then buildPackages.nss.tools else "$out"; diff --git a/pkgs/development/libraries/poppler/default.nix b/pkgs/development/libraries/poppler/default.nix index 3f2b8453d7f01..f75c8c1474fe3 100644 --- a/pkgs/development/libraries/poppler/default.nix +++ b/pkgs/development/libraries/poppler/default.nix @@ -12,11 +12,11 @@ let in stdenv.mkDerivation rec { name = "poppler-${suffix}-${version}"; - version = "20.12.1"; # beware: updates often break cups-filters build, check texlive and scribusUnstable too! + version = "21.01.0"; # beware: updates often break cups-filters build, check texlive and scribusUnstable too! src = fetchurl { url = "${meta.homepage}/poppler-${version}.tar.xz"; - sha256 = "0dbv1y9i5ahg6namz6gw2d0njnmrigr4a80dbxvnqad4q232banh"; + sha256 = "sha256-AW3eNOX4aOqYoyypm2QzJaloIoFQCUK3ET9OyI0g4vM="; }; outputs = [ "out" "dev" ]; diff --git a/pkgs/os-specific/darwin/apple-source-releases/default.nix b/pkgs/os-specific/darwin/apple-source-releases/default.nix index 12176fd526c82..014904ca24d61 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/default.nix @@ -1,6 +1,9 @@ { lib, stdenv, fetchurl, fetchzip, pkgs }: let + macosPackages_11_0_1 = import ./macos-11.0.1.nix { inherit applePackage'; }; + developerToolsPackages_11_3_1 = import ./developer-tools-11.3.1.nix { inherit applePackage'; }; + # This attrset can in theory be computed automatically, but for that to work nicely we need # import-from-derivation to work properly. Currently it's rather ugly when we try to bootstrap # a stdenv out of something like this. With some care we can probably get rid of this, but for @@ -57,6 +60,9 @@ let libplatform = "125"; mDNSResponder = "625.41.2"; + # IOKit contains a set of packages with different versions, so we don't have a general version + IOKit = ""; + libutil = "43"; libunwind = "35.3"; Librpcsvc = "26"; @@ -135,35 +141,47 @@ let }; }; - fetchApple = version: sha256: name: let + fetchApple' = pname: version: sha256: let # When cross-compiling, fetchurl depends on libiconv, resulting # in an infinite recursion without this. It's not clear why this # worked fine when not cross-compiling - fetch = if name == "libiconv" + fetch = if pname == "libiconv" then stdenv.fetchurlBoot else fetchurl; in fetch { - url = "http://www.opensource.apple.com/tarballs/${name}/${name}-${versions.${version}.${name}}.tar.gz"; + url = "http://www.opensource.apple.com/tarballs/${pname}/${pname}-${version}.tar.gz"; inherit sha256; }; - appleDerivation_ = name: version: sha256: attrs: stdenv.mkDerivation ({ - inherit version; - name = "${name}-${version}"; + fetchApple = sdkName: sha256: pname: let + version = versions.${sdkName}.${pname}; + in fetchApple' pname version sha256; + + appleDerivation' = pname: version: sdkName: sha256: attrs: stdenv.mkDerivation ({ + inherit pname; + version = "${version}-${sdkName}"; + + src = if attrs ? srcs then null else (fetchApple' pname version sha256); + enableParallelBuilding = true; - meta = { - platforms = lib.platforms.darwin; - }; - } // (if attrs ? srcs then {} else { - src = fetchApple version sha256 name; - }) // attrs); - applePackage = namePath: version: sha256: - let - name = builtins.elemAt (lib.splitString "/" namePath) 0; - appleDerivation = appleDerivation_ name version sha256; - callPackage = pkgs.newScope (packages // pkgs.darwin // { inherit appleDerivation name version; }); - in callPackage (./. + "/${namePath}"); + } // attrs // { + meta = (with lib; { + platforms = platforms.darwin; + license = licenses.apsl20; + }) // (attrs.meta or {}); + }); + + applePackage' = namePath: version: sdkName: sha256: let + pname = builtins.head (lib.splitString "/" namePath); + appleDerivation = appleDerivation' pname version sdkName sha256; + callPackage = pkgs.newScope (packages // pkgs.darwin // { inherit appleDerivation; }); + in callPackage (./. + "/${namePath}"); + + applePackage = namePath: sdkName: sha256: let + pname = builtins.head (lib.splitString "/" namePath); + version = versions.${sdkName}.${pname}; + in applePackage' namePath version sdkName sha256; IOKitSpecs = { IOAudioFamily = fetchApple "osx-10.10.5" "0ggq7za3iq8g02j16rj67prqhrw828jsw3ah3bxq8a1cvr55aqnq"; @@ -192,7 +210,8 @@ let # Only used for bootstrapping. It’s convenient because it was the last version to come with a real makefile. adv_cmds-boot = applePackage "adv_cmds/boot.nix" "osx-10.5.8" "102ssayxbg9wb35mdmhswbnw0bg7js3pfd8fcbic83c5q3bqa6c6" {}; - packages = { + # TODO: shorten this list, we should cut down to a minimum set of bootstrap or necessary packages here. + stubPackages = { inherit (adv_cmds-boot) ps locale; architecture = applePackage "architecture" "osx-10.11.6" "1pbpjcd7is69hn8y29i98ci0byik826if8gnp824ha92h90w0fq3" {}; bootstrap_cmds = applePackage "bootstrap_cmds" "dev-tools-7.0" "1v5dv2q3af1xwj5kz0a5g54fd5dm6j4c9dd2g66n4kc44ixyrhp3" {}; @@ -254,6 +273,8 @@ let # TODO(matthewbauer): # To be removed, once I figure out how to build a newer Security version. - Security = applePackage "Security/boot.nix" "osx-10.9.5" "1nv0dczf67dhk17hscx52izgdcyacgyy12ag0jh6nl5hmfzsn8yy" {}; + Security = applePackage "Security/boot.nix" "osx-10.9.5" "1nv0dczf67dhk17hscx52izgdcyacgyy12ag0jh6nl5hmfzsn8yy" {}; }; + + packages = developerToolsPackages_11_3_1 // macosPackages_11_0_1 // stubPackages; in packages diff --git a/pkgs/os-specific/darwin/apple-source-releases/developer-tools-11.3.1.nix b/pkgs/os-specific/darwin/apple-source-releases/developer-tools-11.3.1.nix new file mode 100644 index 0000000000000..f57d224615f4b --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/developer-tools-11.3.1.nix @@ -0,0 +1,8 @@ +# Generated using: ./generate-sdk-packages.sh developer-tools 11.3.1 + +{ applePackage' }: + +{ +bootstrap_cmds = applePackage' "bootstrap_cmds" "116" "developer-tools-11.3.1" "148xpqkf5xzpslqxch5l8h6vsz7sys8sdzk4ghbg9mkcivp8qa03" {}; +developer_cmds = applePackage' "developer_cmds" "66" "developer-tools-11.3.1" "0q08m4cxxwph7gxqravmx13l418p1i050bd46zwksn9j9zpw9mlr" {}; +} diff --git a/pkgs/os-specific/darwin/apple-source-releases/generate-sdk-packages.sh b/pkgs/os-specific/darwin/apple-source-releases/generate-sdk-packages.sh new file mode 100755 index 0000000000000..d7c3fc89c525b --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/generate-sdk-packages.sh @@ -0,0 +1,29 @@ +#!/usr/bin/env nix-shell +#!nix-shell -i bash -p curl + +# usage: +# generate-sdk-packages.sh macos 11.0.1 + +cd $(dirname "$0") + +sdkName="$1-$2" +outfile="$sdkName.nix" + +>$outfile echo "# Generated using: ./$(basename "$0") $1 $2 + +{ applePackage' }: + +{" + +parse_line() { + readarray -t -d$'\t' package <<<$2 + local pname=${package[0]} version=${package[1]} + + if [ -d $pname ]; then + sha256=$(nix-prefetch-url "https://opensource.apple.com/tarballs/$pname/$pname-$version.tar.gz") + >>$outfile echo "$pname = applePackage' \"$pname\" \"$version\" \"$sdkName\" \"$sha256\" {};" + fi +} +readarray -s1 -c1 -C parse_line < <(curl -sS "https://opensource.apple.com/text/${sdkName//./}.txt") + +>>$outfile echo '}' diff --git a/pkgs/os-specific/darwin/apple-source-releases/macos-11.0.1.nix b/pkgs/os-specific/darwin/apple-source-releases/macos-11.0.1.nix new file mode 100644 index 0000000000000..517f53e9435da --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/macos-11.0.1.nix @@ -0,0 +1,46 @@ +# Generated using: ./generate-sdk-packages.sh macos 11.0.1 + +{ applePackage' }: + +{ +adv_cmds = applePackage' "adv_cmds" "176" "macos-11.0.1" "0x8c25rh6fnzndbc26vcb65vcxilvqyfvm2klfyci1wr4bh3ixgk" {}; +architecture = applePackage' "architecture" "279" "macos-11.0.1" "1cgp33ywa30max6cyp69kvii299hx2vgwvmy3ms8n4gaq2mkpaky" {}; +basic_cmds = applePackage' "basic_cmds" "55" "macos-11.0.1" "0hvab4b1v5q2x134hdkal0rmz5gsdqyki1vb0dbw4py1bqf0yaw9" {}; +bootstrap_cmds = applePackage' "bootstrap_cmds" "121" "macos-11.0.1" "09bwclws6adxb1ky9q35f4ikddk4mbalmgds0cmqaf7j23qxl3fv" {}; +CommonCrypto = applePackage' "CommonCrypto" "60178.40.2" "macos-11.0.1" "0r3b1mlfmbdzpwn6pbsbfaga3k63gpwcwbhkbi4r09aq82skl02v" {}; +configd = applePackage' "configd" "1109.40.9" "macos-11.0.1" "173i55wfzli9pg2x2rw437hs68h6l4ngss5jfgf18g26zjkjzv5v" {}; +copyfile = applePackage' "copyfile" "173.40.2" "macos-11.0.1" "0qyp15qj3fdb7yx033n57l7s61d70mv17f43yiwcbhx09mmlrp07" {}; +Csu = applePackage' "Csu" "88" "macos-11.0.1" "029lgcyj0i16036h2lcx6fd6r1yf1bkj5dnvz905rh6ncl8skgdr" {}; +diskdev_cmds = applePackage' "diskdev_cmds" "667.40.1" "macos-11.0.1" "1bqwkwkwd556rba5000ap77xrhaf4xnmy83mszd7a0yvl2xlma7j" {}; +dtrace = applePackage' "dtrace" "370.40.1" "macos-11.0.1" "1941yczmn94ng5zlnhf0i5mjw2f4g7znisgvhkhn5f86gxmd98wl" {}; +dyld = applePackage' "dyld" "832.7.1" "macos-11.0.1" "1s77ca6jg20z91qlph59da8j61m97y23vrw48xs4rywdzh4915n0" {}; +eap8021x = applePackage' "eap8021x" "304.40.1" "macos-11.0.1" "1ph3kcpf527s0jqsi60j2sgg3m8h128spf292d8kyc08siz9mf9c" {}; +file_cmds = applePackage' "file_cmds" "321.40.3" "macos-11.0.1" "04789vn1wghclfr3ma3ncg716xdsxfj66hrcxi5h3h1ryag2ycfz" {}; +hfs = applePackage' "hfs" "556.41.1" "macos-11.0.1" "1rhkmn2yj5p4wmi4aajy5hj2h0gxk63s8j4qz4ziy4g4bjpdgwmy" {}; +ICU = applePackage' "ICU" "66108" "macos-11.0.1" "1d76cyyqpwkzjlxfajm4nsglxmfrcafbnjwnjxc3j5w3nw67pqhx" {}; +Libc = applePackage' "Libc" "1439.40.11" "macos-11.0.1" "0d5xlnks4lc9391wg31c9126vflb40lc5ffkgxmf2kpyglac1280" {}; +libclosure = applePackage' "libclosure" "78" "macos-11.0.1" "089i2bl4agpnfplrg23xbzma1674g0w05988nxdps6ghxl4kz66f" {}; +libdispatch = applePackage' "libdispatch" "1271.40.12" "macos-11.0.1" "0z7r42zfb8y48f0nrw0qw7fanfvimycimgnrg3jig101kjvjar98" {}; +libiconv = applePackage' "libiconv" "59" "macos-11.0.1" "0hqbsqggjrr0sv6h70lcr3gabgk9inyc8aq1b30wibgjm6crjwpp" {}; +Libinfo = applePackage' "Libinfo" "542.40.3" "macos-11.0.1" "0y5x6wxd3mwn6my1jdp8qrak3y7x7sgjdmwyw9cvvbn3kg9v6z1p" {}; +Libnotify = applePackage' "Libnotify" "279.40.4" "macos-11.0.1" "0aswflxki877izp6sacv35sydn6a3639cflv3zhs3i7vkfbsvbf5" {}; +libplatform = applePackage' "libplatform" "254.40.4" "macos-11.0.1" "1mhi8n66864y98dr3n0pkqad3aqim800kn9bxzp6h5jf2jni3aql" {}; +libpthread = applePackage' "libpthread" "454.40.3" "macos-11.0.1" "18rb4dqjdf3krzi4hdj5i310gy49ipf01klbkp9g51i02a55gphq" {}; +libresolv = applePackage' "libresolv" "68" "macos-11.0.1" "1ysvg6d28xyaky9sn7giglnsflhjsbj17h3h3i6knlzxnzznpkql" {}; +Librpcsvc = applePackage' "Librpcsvc" "26" "macos-11.0.1" "1zwfwcl9irxl1dlnf2b4v30vdybp0p0r6n6g1pd14zbdci1jcg2k" {}; +Libsystem = applePackage' "Libsystem" "1292.50.1" "macos-11.0.1" "0w16zaigq18jfsnw15pfyz2mkfqdkn0cc16q617kmgw2khld8j7j" {}; +libunwind = applePackage' "libunwind" "200.10" "macos-11.0.1" "1pmymcqpfk7lfxh6zqch429vfpvmd2m1dlg898170pkx5zhxisl2" {}; +libutil = applePackage' "libutil" "58.40.2" "macos-11.0.1" "1hhgashfj9g4vjv02070c5pn818a5n0bh5l81l2pflmvb2rrqs3f" {}; +mDNSResponder = applePackage' "mDNSResponder" "1310.40.42" "macos-11.0.1" "0d0b9wwah9rg7rwrr29dxd6iy0y4rlmss3wcz2wcqmnd2qb9x8my" {}; +network_cmds = applePackage' "network_cmds" "606.40.2" "macos-11.0.1" "1dlslk67npvmxx5m50385kmn3ysxih2iv220hhzkin11f8abdjv7" {}; +objc4 = applePackage' "objc4" "818.2" "macos-11.0.1" "177gmh9m9ajy6mvcd2sf7gqydgljy44n3iih0yqsn1b13j784azx" {}; +PowerManagement = applePackage' "PowerManagement" "1132.50.3" "macos-11.0.1" "1n5yn6sc8w67g8iism6ilkyl33j46gcnlqcaq6k16zkngx6lprba" {}; +ppp = applePackage' "ppp" "877.40.2" "macos-11.0.1" "1z506z8ndvb1lfr4pypfy2bnig6qimhmq3yhjvqwfnliv91965iq" {}; +removefile = applePackage' "removefile" "49.40.3" "macos-11.0.1" "1fhp47awi15f02385r25qgw1ag5z0kr1v3kvgqm3r8i8yysfqvwp" {}; +Security = applePackage' "Security" "59754.41.1" "macos-11.0.1" "00kqgg7k80ba70ar2c02f0q9yrdgqcb56nb9z5g0bxwkvi40ryph" {}; +shell_cmds = applePackage' "shell_cmds" "216.40.4" "macos-11.0.1" "1mvp1fp34kkm4mi85fdn3i0l0gig4c0w09zg2mvkpxcf68cq2f69" {}; +system_cmds = applePackage' "system_cmds" "880.40.5" "macos-11.0.1" "1kys4vwfz4559sspdsfhmxc238nd8qgylqypza3zdzaqhfh7lx2x" {}; +text_cmds = applePackage' "text_cmds" "106" "macos-11.0.1" "0cpnfpllwpx20hbxzg5i5488gcjyi9adnbac1sd5hpv3bq6z1hs5" {}; +top = applePackage' "top" "129" "macos-11.0.1" "1nyz5mvq7js3zhsi3dwxl5fslg6m7nhlgc6p2hr889xgyl5prw8f" {}; +xnu = applePackage' "xnu" "7195.50.7.100.1" "macos-11.0.1" "14wqkqp3lcxgpm1sjnsysybrc4ppzkghwv3mb5nr5v8ml37prkib" {}; +} diff --git a/pkgs/os-specific/linux/audit/default.nix b/pkgs/os-specific/linux/audit/default.nix index 7d72b0eec56ba..0adc5f7aeb2bc 100644 --- a/pkgs/os-specific/linux/audit/default.nix +++ b/pkgs/os-specific/linux/audit/default.nix @@ -36,7 +36,8 @@ stdenv.mkDerivation rec { # TODO: Remove the musl patches when # https://github.com/linux-audit/audit-userspace/pull/25 # is available with the next release. - patches = lib.optional stdenv.hostPlatform.isMusl [ + patches = [ ./patches/weak-symbols.patch ] + ++ lib.optional stdenv.hostPlatform.isMusl [ ( let patch = fetchpatch { url = "https://github.com/linux-audit/audit-userspace/commit/d579a08bb1cde71f939c13ac6b2261052ae9f77e.patch"; @@ -55,6 +56,13 @@ stdenv.mkDerivation rec { prePatch = '' sed -i 's,#include <sys/poll.h>,#include <poll.h>\n#include <limits.h>,' audisp/audispd.c + '' + # According to https://stackoverflow.com/questions/13089166 + # --whole-archive linker flag is required to be sure that linker + # correctly chooses strong version of symbol regardless of order of + # object files at command line. + + stdenv.lib.optionalString stdenv.targetPlatform.isStatic '' + export LDFLAGS=-Wl,--whole-archive ''; meta = { description = "Audit Library"; diff --git a/pkgs/os-specific/linux/audit/patches/weak-symbols.patch b/pkgs/os-specific/linux/audit/patches/weak-symbols.patch new file mode 100644 index 0000000000000..301ea9a5476ce --- /dev/null +++ b/pkgs/os-specific/linux/audit/patches/weak-symbols.patch @@ -0,0 +1,147 @@ +Executables in src/ directory are built from source files in src/ +and are linked to libauparse, with both src/auditd-config.c and +auparse/auditd-config.c defining "free_config" function. + +It is known (although obscure) behaviour of shared libraries that +symbol defined in binary itself overrides symbol in shared library; +with static linkage it expectedly results in multiple definition +error. + +This set of fixes explicitly marks libauparse versions of +conflicting functions as weak to have behaviour coherent with +dynamic linkage version -- definitions in src/ overriding definition +in auparse/. + +Still, this architecture is very strange and confusing. + +diff -r -U5 audit-2.8.5-orig/auparse/auditd-config.c audit-2.8.5/auparse/auditd-config.c +--- audit-2.8.5-orig/auparse/auditd-config.c 2019-03-01 20:19:13.000000000 +0000 ++++ audit-2.8.5/auparse/auditd-config.c 2021-01-13 11:36:12.716226498 +0000 +@@ -68,10 +68,11 @@ + }; + + /* + * Set everything to its default value + */ ++#pragma weak clear_config + void clear_config(struct daemon_conf *config) + { + config->local_events = 1; + config->qos = QOS_NON_BLOCKING; + config->sender_uid = 0; +@@ -322,10 +323,11 @@ + if (config->log_file == NULL) + return 1; + return 0; + } + ++#pragma weak free_config + void free_config(struct daemon_conf *config) + { + free((void*)config->log_file); + } + +diff -r -U5 audit-2.8.5-orig/auparse/interpret.c audit-2.8.5/auparse/interpret.c +--- audit-2.8.5-orig/auparse/interpret.c 2019-03-01 20:19:13.000000000 +0000 ++++ audit-2.8.5/auparse/interpret.c 2021-01-13 11:39:42.107217224 +0000 +@@ -545,10 +545,11 @@ + else + snprintf(buf, size, "unknown(%d)", uid); + return buf; + } + ++#pragma weak aulookup_destroy_uid_list + void aulookup_destroy_uid_list(void) + { + if (uid_cache_created == 0) + return; + +@@ -2810,10 +2811,11 @@ + + /* + * This is the main entry point for the auparse library. Call chain is: + * auparse_interpret_field -> nvlist_interp_cur_val -> interpret + */ ++#pragma weak interpret + const char *interpret(const rnode *r, auparse_esc_t escape_mode) + { + const nvlist *nv = &r->nv; + int type; + idata id; +diff -r -U5 audit-2.8.5-orig/auparse/nvlist.c audit-2.8.5/auparse/nvlist.c +--- audit-2.8.5-orig/auparse/nvlist.c 2019-02-04 14:26:52.000000000 +0000 ++++ audit-2.8.5/auparse/nvlist.c 2021-01-13 11:37:37.190222757 +0000 +@@ -27,10 +27,11 @@ + #include "nvlist.h" + #include "interpret.h" + #include "auparse-idata.h" + + ++#pragma weak nvlist_create + void nvlist_create(nvlist *l) + { + l->head = NULL; + l->cur = NULL; + l->cnt = 0; +@@ -47,17 +48,19 @@ + while (node->next) + node = node->next; + l->cur = node; + } + ++#pragma weak nvlist_next + nvnode *nvlist_next(nvlist *l) + { + if (l->cur) + l->cur = l->cur->next; + return l->cur; + } + ++#pragma weak nvlist_append + void nvlist_append(nvlist *l, nvnode *node) + { + nvnode* newnode = malloc(sizeof(nvnode)); + + newnode->name = node->name; +@@ -141,10 +144,11 @@ + if (l->cur->interp_val) + return l->cur->interp_val; + return interpret(r, escape_mode); + } + ++#pragma weak nvlist_clear + void nvlist_clear(nvlist* l) + { + nvnode* nextnode; + register nvnode* current; + +diff -r -U5 audit-2.8.5-orig/auparse/strsplit.c audit-2.8.5/auparse/strsplit.c +--- audit-2.8.5-orig/auparse/strsplit.c 2019-03-01 21:15:30.000000000 +0000 ++++ audit-2.8.5/auparse/strsplit.c 2021-01-13 11:38:04.306221556 +0000 +@@ -54,10 +54,11 @@ + return NULL; + return s; + } + } + ++#pragma weak audit_strsplit + char *audit_strsplit(char *s) + { + static char *str = NULL; + char *ptr; + +diff -r -U5 audit-2.8.5-orig/lib/strsplit.c audit-2.8.5/lib/strsplit.c +--- audit-2.8.5-orig/lib/strsplit.c 2019-03-01 20:19:13.000000000 +0000 ++++ audit-2.8.5/lib/strsplit.c 2021-01-13 11:38:29.444220443 +0000 +@@ -23,10 +23,11 @@ + + #include <string.h> + #include "libaudit.h" + #include "private.h" + ++#pragma weak audit_strsplit_r + char *audit_strsplit_r(char *s, char **savedpp) + { + char *ptr; + + if (s) diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix index b8bb91b3b72cf..b1abbb67abb64 100644 --- a/pkgs/os-specific/linux/kernel/common-config.nix +++ b/pkgs/os-specific/linux/kernel/common-config.nix @@ -358,6 +358,7 @@ let F2FS_FS = module; F2FS_FS_SECURITY = option yes; F2FS_FS_ENCRYPTION = option yes; + F2FS_FS_COMPRESSION = whenAtLeast "5.6" yes; UDF_FS = module; NFSD_PNFS = whenBetween "4.0" "4.6" yes; diff --git a/pkgs/tools/misc/fontforge/default.nix b/pkgs/tools/misc/fontforge/default.nix index 2140e405ff4ab..ffee232172c0d 100644 --- a/pkgs/tools/misc/fontforge/default.nix +++ b/pkgs/tools/misc/fontforge/default.nix @@ -1,5 +1,4 @@ -{ stdenv, fetchurl, lib -, fetchpatch +{ stdenv, fetchFromGitHub, lib , cmake, perl, uthash, pkg-config, gettext , python, freetype, zlib, glib, libungif, libpng, libjpeg, libtiff, libxml2, cairo, pango , readline, woff2, zeromq, libuninameslist @@ -15,25 +14,15 @@ assert withGTK -> withGUI; stdenv.mkDerivation rec { pname = "fontforge"; - version = "20200314"; + version = "20201107"; - src = fetchurl { - url = "https://github.com/${pname}/${pname}/releases/download/${version}/${pname}-${version}.tar.xz"; - sha256 = "0qf88wd6riycq56d24brybyc93ns74s0nyyavm43zp2kfcihn6fd"; + src = fetchFromGitHub { + owner = pname; + repo = pname; + rev = version; + sha256 = "sha256-Rl/5lbXaPgIndANaD0IakaDus6T53FjiBb45FIuGrvc="; }; - patches = [ - # Unreleased fix for https://github.com/fontforge/fontforge/issues/4229 - # which is required to fix an uninterposated `${CMAKE_INSTALL_PREFIX}/lib`, see - # see https://github.com/nh2/static-haskell-nix/pull/98#issuecomment-665395399 - # TODO: Remove https://github.com/fontforge/fontforge/pull/4232 is in a release. - (fetchpatch { - name = "fontforge-cmake-set-rpath-to-the-configure-time-CMAKE_INSTALL_PREFIX"; - url = "https://github.com/fontforge/fontforge/commit/297ee9b5d6db5970ca17ebe5305189e79a1520a1.patch"; - sha256 = "14qfp8pwh0vzzib4hq2nc6xhn8lc1cal1sb0lqwb2q5dijqx5kqk"; - }) - ]; - # use $SOURCE_DATE_EPOCH instead of non-deterministic timestamps postPatch = '' find . -type f -name '*.c' -exec sed -r -i 's#\btime\(&(.+)\)#if (getenv("SOURCE_DATE_EPOCH")) \1=atol(getenv("SOURCE_DATE_EPOCH")); else &#g' {} \; diff --git a/pkgs/tools/misc/pspg/default.nix b/pkgs/tools/misc/pspg/default.nix index 9159de9fd8c2d..04f1c5ec33e55 100644 --- a/pkgs/tools/misc/pspg/default.nix +++ b/pkgs/tools/misc/pspg/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "pspg"; - version = "3.1.5"; + version = "4.0.1"; src = fetchFromGitHub { owner = "okbob"; repo = pname; rev = version; - sha256 = "000h4yiaym7i5bcm268rvsjbs2brz2is9lhm6vm3dx0q7k1pcx45"; + sha256 = "sha256-YQrANrCd0nFdn98LfHH/Ishm+fDb12cUAkxlwtZ1ng8="; }; nativeBuildInputs = [ pkg-config ]; |