Age | Commit message (Collapse) | Author | Files | Lines |
|
- add update script
- remove openssl hash verification logic since the hash is computed
automatically now in the update script
|
|
Patch toolchain rpath manually instead of using autoPatchelfHook
Workaround for #333710
Fixes #332533
|
|
previous update accidentally removed the tests
|
|
- Update to 5.12.2
- Switch to the upstream supported osquery-toolchain
- Upstream binaries for the toolchain were used. Efforts to reproduce
the upstream toolchain from source were unsuccessful. Future work
could involve building this from source.
- Efforts to use a newer toolchain provided by nixpkgs were
unsuccessful. osquery assumes that osquery-toolchain and its included
LLVM 9 compiler and libraries are available. LLVM 9 is no longer present
in nixpkgs.
- Remove patches that are no longer necessary
- Use the exact version of openssl provided by upstream. This was
necessary due to build errors when using the nixpkgs openssl package.
- Add code that will fail the build if the openssl hashes from the
fetcher do not match what upstream expects
|
|
|
|
on aarch64
The patch file fixes a build issue due to a missing `xlocale.h` header,
but *only* for x86. aarch64 actually has the same issue, so expanding
it hopefully also fixes that build, too.
|
|
osquery uses vendored boost libraries that still rely on old
standard types like `std::unary_function` (deprecated since
C++11, removed in C++17) which breaks the build with Clang 16.
Upstream already contains a fix [1] that hasn't been released yet.
[1]: https://github.com/osquery/osquery/commit/222991a15b4ae0a0fb919e4965603616536e1b0a
|
|
It seems bothersome having to update it on every openssl_1_1 update.
|
|
|
|
The package has been removed in #74081.
|
|
osquery was marked as broken since April.
If somebody steps up to fix it, we can always revive it from the
histroy, but there's not much value in shipping completely broken things
in current master.
cc @ma27
|
|
google-gflags were renamed to gflags in 2012:
https://github.com/gflags/gflags/#25-january-2012
gflags.name will be updated in staging.
|
|
- mark osquery as broken
- mark ceph as broken
both osquery and ceph packages are outdated. furthermore, ceph has its
own inline rocksdb source tree which isn't use in the current nixpkg.
this needs to be fixed.
|
|
* treewide: remove unused variables
* making ofborg happy
|
|
Although there's already a windows-only 3.4[1], the latest release for
Unix systems is 3.3.2[2] with the following changes:
* SELinux event recording[3]
* SMART drive information[4]
* ELF parsing to monitor compiler-level protections for binaries[5]
The diff became rather big in the end due to the following changes:
* The SMART information feature uses a custom fork of smartmontools to
retrieve SMART data programatically[6].
* Replaced the old, bloated `misc.patch` by a simpler patch that only
fixes two (actual) issues in the CMake build, unnecessary link targets
and an invalid compiler flag.
* I tried to clean the derivation's code up a little bit by
simplifying the `preConfigure` hook and adding only one build-input
per line (that makes merging of several changes to the derivation
easier as well).
[1] https://github.com/facebook/osquery/releases/tag/3.4.0
[2] https://github.com/facebook/osquery/releases/tag/3.3.2
[3] https://github.com/facebook/osquery/pull/4224
[4] https://github.com/facebook/osquery/pull/4133
[5] https://github.com/facebook/osquery/pull/4708
[6] https://github.com/allanliu/smartmontools
|
|
isNull "is deprecated; just write e == null instead" says the Nix manual
|
|
We use `dpkg` 1.19.2 since 23661254e45d6eb47acad16a174637803637917a.
This version dropped pkg_db_reset` in `<dpkg/dpkg_db.h>` which broke compilation with the
following errors:
```
/build/source/osquery/tables/system/linux/deb_packages.cpp: In function 'void osquery::tables::dpkg_setup(pkg_array*)':
/build/source/osquery/tables/system/linux/deb_packages.cpp:83:3: error: 'pkg_array_init_from_db' was not declared in this scope
pkg_array_init_from_db(packages);
^~~~~~~~~~~~~~~~~~~~~~
/build/source/osquery/tables/system/linux/deb_packages.cpp:83:3: note: suggested alternative: 'pkg_array_init_from_hash'
pkg_array_init_from_db(packages);
^~~~~~~~~~~~~~~~~~~~~~
pkg_array_init_from_hash
/build/source/osquery/tables/system/linux/deb_packages.cpp: In function 'void osquery::tables::dpkg_teardown(pkg_array*)':
/build/source/osquery/tables/system/linux/deb_packages.cpp:93:3: error: 'pkg_db_reset' was not declared in this scope
pkg_db_reset();
^~~~~~~~~~~~
/build/source/osquery/tables/system/linux/deb_packages.cpp:93:3: note: suggested alternative: 'pkg_hash_reset'
pkg_db_reset();
^~~~~~~~~~~~
pkg_hash_reset
make[2]: *** [osquery/tables/CMakeFiles/osquery_system_tables.dir/build.make:115: osquery/tables/CMakeFiles/osquery_system_tables.dir/system/linux/deb_packages.cpp.o] Error 1
```
As there's currently no upstream fix, it's better to use an older
version of `dpkg` for now.
|
|
It seems as without the appropriate linker flag `-lcrypto` the
`libcrypto.sh` can't be found by `ld` which broke one of the linker
processes during compilation.
See also https://hydra.nixos.org/build/87208819
|
|
As discussed in #51756, recently packaged versions of `lvm2` miss the
`lvm2app.h` header which breaks the osquery build.
Please note that this simply fixes the build and is not an upgrade. The
CMake patches are fairly diverged in constrast to the current upstream
packaging which requires a lot more effort I can't provide ATM.
cc @markuskowa @hedning
|
|
|
|
|
|
Latest bugfix release with the following notable changes:
* Memory leak resolve for dispatcher
(https://github.com/facebook/osquery/commit/06d48654456e2b56091f0d35f55c234cc054d378)
* Fix include path on status.h
(https://github.com/facebook/osquery/commit/5bd4984f2a5a38c4dd09e9271b162bbacff796ac)
Additionally the patch had to be rebased onto the 3.2.9 branch as it
added XCode support including some CLang flags (namely `-fno-limit-debug-info`)
which are unsupported on GCC.
(see https://github.com/facebook/osquery/commit/bccc28dd9851997b45b69c1dcb11a161763653f9)
|
|
The 3.2.2 build fails ATM on Hydra: https://hydra.nixos.org/build/75998362
Bumping to 3.2.8 and rebasing `osquery/CMakeLists.txt` with `misc.patch`
fixes the issue. Additionally the NixOS test remains functional.
|
|
As suggested in https://github.com/NixOS/nixpkgs/pull/39416#discussion_r183845745
the versioning attributes in `lib` should be consistent to
`nixos/version` which implicates the following changes:
* `lib.trivial.version` -> `lib.trivial.release`
* `lib.trivial.suffix` -> `lib.trivial.versionSuffix`
* `lib.nixpkgsVersion` -> `lib.version`
As `lib.nixpkgsVersion` is referenced several times in `NixOS/nixpkgs`,
`NixOS/nix` and probably several user's setups. As the rename will cause
a notable impact it's better to keep `lib.nixpkgsVersion` as alias with
a warning yielded by `builtins.trace`.
|
|
This way easier to understand and the officially recommended approach.
/cc @dezgeg @fpletz
|
|
The package was originally broken as reported in #38940 and
facebook/osquery#4257. The latest version (3.x) contains several
important fixes for GCC 7, so now we can compile without a much less
complicated patches.
The following changes were needed to fix the derivation:
* Upgrade `osquery/third-party` to the latest rev to be compliant with
osquery 3.
* Keep using an override for the AWS SDK (for a lower closure size and
less compile time), but make the `ec2` API available.
* Added the dependencies `fpm`, `zstd`, `rdkafka`, `rapidjson` to the
build. `linenoise-ng` is obsolete as it's directly bundled with
`osquery/third-party`.
* Fixed the linking issue with `gflags` as recommended in the mailing
list: https://groups.google.com/d/msg/nix-devel/l1blj-mWxtI/J3CwPATBCAAJ
* Dropped the obsolete dependencies `cpp-netlib`, `lz4`, `apt` and
`devicemapper` (thanks @Infinisil).
* Override `OSQUERY_PLATFORM` to provide `nixos:version`
for sandbox and non-NixOS based builds. The `platform-nixos.patch`
file is now obsolete (thanks @flokli).
The patch was rebased against the 3.x branch of `osquery` and contains
mostly old changes. Additionally several testing targets were skipped as
they broke the build.
The functionality has been testing using the following command:
```
mkdir /tmp/osq.log/
./result/bin/osqueryd --pidfile /tmp/osq.pid \
--database_path /tmp/test.db --logger_path /tmp/osq.log
```
With the daemon running the database can be queried easily using
`./result/bin/osqueryi`.
Fixes ticket #38940
See ticket #36453
Further reference can be gathered from the affected Hydra logs for
the master branch: https://hydra.nixos.org/job/nixos/trunk-combined/nixpkgs.osquery.x86_64-linux
|
|
|
|
* pkgs: refactor needless quoting of homepage meta attribute
A lot of packages are needlessly quoting the homepage meta attribute
(about 1400, 22%), this commit refactors all of those instances.
* pkgs: Fixing some links that were wrongfully unquoted in the previous
commit
* Fixed some instances
|
|
|
|
|