From 21babd5d529aae112c473ad438d93686a0df2149 Mon Sep 17 00:00:00 2001 From: Daniel Fullmer Date: Thu, 17 Feb 2022 17:26:55 -0800 Subject: linux: enable ISO9660_FS module --- pkgs/os-specific/linux/kernel/common-config.nix | 3 +++ 1 file changed, 3 insertions(+) (limited to 'pkgs/os-specific/linux') diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix index 34e1b10b32a8d..fe1da91d9860d 100644 --- a/pkgs/os-specific/linux/kernel/common-config.nix +++ b/pkgs/os-specific/linux/kernel/common-config.nix @@ -446,6 +446,9 @@ let NLS_CODEPAGE_437 = module; # VFAT default for the codepage= mount option NLS_ISO8859_1 = module; # VFAT default for the iocharset= mount option + # Needed to use the installation iso image. Not included in all defconfigs (e.g. arm64) + ISO9660_FS = module; + DEVTMPFS = yes; UNICODE = whenAtLeast "5.2" yes; # Casefolding support for filesystems -- cgit 1.4.1 From 4322a397635c4a9cb5b4c14fcee973ffd4f01b27 Mon Sep 17 00:00:00 2001 From: ajs124 Date: Tue, 15 Feb 2022 01:02:33 +0100 Subject: apparmor: 3.0.3 -> 3.0.4 --- pkgs/os-specific/linux/apparmor/default.nix | 30 +++++++++++++++-------------- 1 file changed, 16 insertions(+), 14 deletions(-) (limited to 'pkgs/os-specific/linux') diff --git a/pkgs/os-specific/linux/apparmor/default.nix b/pkgs/os-specific/linux/apparmor/default.nix index 5c1cf272e0e79..f588395e4e1ae 100644 --- a/pkgs/os-specific/linux/apparmor/default.nix +++ b/pkgs/os-specific/linux/apparmor/default.nix @@ -1,4 +1,4 @@ -{ stdenv, lib, fetchurl, fetchpatch, makeWrapper, autoreconfHook +{ stdenv, lib, fetchFromGitLab, fetchpatch, makeWrapper, autoreconfHook , pkg-config, which , flex, bison , linuxHeaders ? stdenv.cc.libc.linuxHeaders @@ -21,7 +21,7 @@ }: let - apparmor-version = "3.0.3"; + apparmor-version = "3.0.4"; apparmor-meta = component: with lib; { homepage = "https://apparmor.net/"; @@ -31,9 +31,11 @@ let platforms = platforms.linux; }; - apparmor-sources = fetchurl { - url = "https://launchpad.net/apparmor/${lib.versions.majorMinor apparmor-version}/${apparmor-version}/+download/apparmor-${apparmor-version}.tar.gz"; - sha256 = "0nasq8pdmzkrf856yg1v8z5hcs0nn6gw2qr60ab0a7j9ixfv0g8m"; + apparmor-sources = fetchFromGitLab { + owner = "apparmor"; + repo = "apparmor"; + rev = "v${apparmor-version}"; + sha256 = "1a217j28rgfq4lsmpn0wv1xgmdr9ba8iysv9i6q477kj6z77zrb9"; }; aa-teardown = writeShellScript "aa-teardown" '' @@ -48,8 +50,9 @@ let substituteInPlace ./common/Make.rules \ --replace "/usr/bin/pod2man" "${buildPackages.perl}/bin/pod2man" \ --replace "/usr/bin/pod2html" "${buildPackages.perl}/bin/pod2html" \ - --replace "/usr/include/linux/capability.h" "${linuxHeaders}/include/linux/capability.h" \ --replace "/usr/share/man" "share/man" + substituteInPlace ./utils/Makefile \ + --replace "/usr/include/linux/capability.h" "${linuxHeaders}/include/linux/capability.h" ''; patches = lib.optionals stdenv.hostPlatform.isMusl [ @@ -60,6 +63,8 @@ let }) ]; + python = python3.withPackages (ps: with ps; [ setuptools ]); + # Set to `true` after the next FIXME gets fixed or this gets some # common derivation infra. Too much copy-paste to fix one by one. doCheck = false; @@ -86,19 +91,16 @@ let ncurses which perl - ] ++ lib.optional withPython python3; + ] ++ lib.optional withPython python; buildInputs = lib.optional withPerl perl - ++ lib.optional withPython python3; + ++ lib.optional withPython python; # required to build apparmor-parser dontDisableStatic = true; prePatch = prePatchCommon + '' substituteInPlace ./libraries/libapparmor/swig/perl/Makefile.am --replace install_vendor install_site - substituteInPlace ./libraries/libapparmor/swig/perl/Makefile.in --replace install_vendor install_site - substituteInPlace ./libraries/libapparmor/src/Makefile.am --replace "/usr/include/netinet/in.h" "${lib.getDev stdenv.cc.libc}/include/netinet/in.h" - substituteInPlace ./libraries/libapparmor/src/Makefile.in --replace "/usr/include/netinet/in.h" "${lib.getDev stdenv.cc.libc}/include/netinet/in.h" ''; inherit patches; @@ -132,12 +134,12 @@ let strictDeps = true; - nativeBuildInputs = [ makeWrapper which python3 ]; + nativeBuildInputs = [ makeWrapper which python ]; buildInputs = [ bash perl - python3 + python libapparmor libapparmor.python ]; @@ -159,7 +161,7 @@ let postInstall = '' sed -i $out/bin/aa-unconfined -e "/my_env\['PATH'\]/d" for prog in aa-audit aa-autodep aa-cleanprof aa-complain aa-disable aa-enforce aa-genprof aa-logprof aa-mergeprof aa-unconfined ; do - wrapProgram $out/bin/$prog --prefix PYTHONPATH : "$out/lib/${python3.libPrefix}/site-packages:$PYTHONPATH" + wrapProgram $out/bin/$prog --prefix PYTHONPATH : "$out/lib/${python.libPrefix}/site-packages:$PYTHONPATH" done substituteInPlace $out/bin/aa-notify \ -- cgit 1.4.1 From 68cf28cec7f7984609db006912fc104c00eef6d9 Mon Sep 17 00:00:00 2001 From: ajs124 Date: Fri, 25 Feb 2022 01:42:59 +0100 Subject: apparmor: clean-up python path --- pkgs/os-specific/linux/apparmor/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pkgs/os-specific/linux') diff --git a/pkgs/os-specific/linux/apparmor/default.nix b/pkgs/os-specific/linux/apparmor/default.nix index f588395e4e1ae..a7afd83862457 100644 --- a/pkgs/os-specific/linux/apparmor/default.nix +++ b/pkgs/os-specific/linux/apparmor/default.nix @@ -161,7 +161,7 @@ let postInstall = '' sed -i $out/bin/aa-unconfined -e "/my_env\['PATH'\]/d" for prog in aa-audit aa-autodep aa-cleanprof aa-complain aa-disable aa-enforce aa-genprof aa-logprof aa-mergeprof aa-unconfined ; do - wrapProgram $out/bin/$prog --prefix PYTHONPATH : "$out/lib/${python.libPrefix}/site-packages:$PYTHONPATH" + wrapProgram $out/bin/$prog --prefix PYTHONPATH : "$out/lib/${python.sitePackages}:$PYTHONPATH" done substituteInPlace $out/bin/aa-notify \ -- cgit 1.4.1 From 8631ba18eee7fe48dc17244fa8b6425b3d84201e Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Thu, 16 Sep 2021 23:04:56 +0200 Subject: fuse: fix build w/glibc-2.34 `closefrom` is now a part of `glibc-2.34`[1]: > * The function closefrom has been added. It closes all file descriptors > greater than or equal to a given integer. This function is a GNU extension, > although it is also present in other systems. Failing Hydra build: https://hydra.nixos.org/build/152456339 [1] https://sourceware.org/pipermail/libc-alpha/2021-August/129718.html --- pkgs/os-specific/linux/fuse/common.nix | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'pkgs/os-specific/linux') diff --git a/pkgs/os-specific/linux/fuse/common.nix b/pkgs/os-specific/linux/fuse/common.nix index 5adb1b5355ad4..88035cf60c805 100644 --- a/pkgs/os-specific/linux/fuse/common.nix +++ b/pkgs/os-specific/linux/fuse/common.nix @@ -31,7 +31,13 @@ in stdenv.mkDerivation rec { }) ++ (if isFuse3 then [ ./fuse3-install.patch ./fuse3-Do-not-set-FUSERMOUNT_DIR.patch ] - else [ ./fuse2-Do-not-set-FUSERMOUNT_DIR.patch ]); + else [ + ./fuse2-Do-not-set-FUSERMOUNT_DIR.patch + (fetchpatch { + url = "https://gitweb.gentoo.org/repo/gentoo.git/plain/sys-fs/fuse/files/fuse-2.9.9-closefrom-glibc-2-34.patch?id=8a970396fca7aca2d5a761b8e7a8242f1eef14c9"; + sha256 = "sha256-ELYBW/wxRcSMssv7ejCObrpsJHtOPJcGq33B9yHQII4="; + }) + ]); nativeBuildInputs = if isFuse3 then [ meson ninja pkg-config ] -- cgit 1.4.1 From f81f59dfce012b9835980e2865e1c107fca009c8 Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Fri, 17 Sep 2021 22:25:19 +0200 Subject: autofs: fix build w/glibc-2.34 This build was also broken by a libc const that isn't a number anymore and thus can't be used at places where a constant value is needed: automount.c:86:37: error: initializer element is not constant Failing Hydra build: https://hydra.nixos.org/build/153253104 --- pkgs/os-specific/linux/autofs/default.nix | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) (limited to 'pkgs/os-specific/linux') diff --git a/pkgs/os-specific/linux/autofs/default.nix b/pkgs/os-specific/linux/autofs/default.nix index 7b29f5a0e5cfe..5e552301fe48e 100644 --- a/pkgs/os-specific/linux/autofs/default.nix +++ b/pkgs/os-specific/linux/autofs/default.nix @@ -1,5 +1,7 @@ { lib, stdenv, fetchurl, flex, bison, linuxHeaders, libtirpc, mount, umount, nfs-utils, e2fsprogs -, libxml2, libkrb5, kmod, openldap, sssd, cyrus_sasl, openssl, rpcsvc-proto }: +, libxml2, libkrb5, kmod, openldap, sssd, cyrus_sasl, openssl, rpcsvc-proto +, fetchpatch +}: stdenv.mkDerivation rec { version = "5.1.6"; @@ -10,6 +12,15 @@ stdenv.mkDerivation rec { sha256 = "1vya21mb4izj3khcr3flibv7xc15vvx2v0rjfk5yd31qnzcy7pnx"; }; + patches = [ + # glibc 2.34 compat + (fetchpatch { + url = "https://src.fedoraproject.org/rpms/autofs/raw/cc745af5e42396d540d5b3b92fae486e232bf6bd/f/autofs-5.1.7-use-default-stack-size-for-threads.patch"; + sha256 = "sha256-6ETDFbW7EhHR03xFWF+6OJBgn9NX3WW3bGhTNGodaOc="; + excludes = [ "CHANGELOG" ]; + }) + ]; + preConfigure = '' configureFlags="--enable-force-shutdown --enable-ignore-busy --with-path=$PATH" export sssldir="${sssd}/lib/sssd/modules" -- cgit 1.4.1 From 0bdcc484855b74fc50f2f821e81ee9518550a4cb Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Thu, 14 Oct 2021 15:16:18 +0200 Subject: conky: fix build w/glibc-2.34 Failing Hydra build: https://hydra.nixos.org/build/155171697 --- pkgs/os-specific/linux/conky/default.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'pkgs/os-specific/linux') diff --git a/pkgs/os-specific/linux/conky/default.nix b/pkgs/os-specific/linux/conky/default.nix index 9bd8890e71348..87f5bb052f488 100644 --- a/pkgs/os-specific/linux/conky/default.nix +++ b/pkgs/os-specific/linux/conky/default.nix @@ -1,7 +1,7 @@ { config, lib, stdenv, fetchFromGitHub, pkg-config, cmake # dependencies -, glib, libXinerama +, glib, libXinerama, catch2 # optional features without extra dependencies , mpdSupport ? true @@ -85,6 +85,8 @@ stdenv.mkDerivation rec { sed -i 's/ Example: .*$//' doc/config_settings.xml substituteInPlace cmake/Conky.cmake --replace "# set(RELEASE true)" "set(RELEASE true)" + + cp ${catch2}/include/catch2/catch.hpp tests/catch2/catch.hpp ''; NIX_LDFLAGS = "-lgcc_s"; @@ -133,6 +135,8 @@ stdenv.mkDerivation rec { # src/conky.cc:137:23: fatal error: defconfig.h: No such file or directory enableParallelBuilding = false; + doCheck = true; + meta = with lib; { homepage = "http://conky.sourceforge.net/"; description = "Advanced, highly configurable system monitor based on torsmo"; -- cgit 1.4.1 From 5f56cd54061d9d79aa387ad1df677cfac7eaf55f Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Sun, 31 Oct 2021 14:09:41 +0100 Subject: tiscamera: fix build w/glibc-2.34 Failing Hydra build: https://hydra.nixos.org/build/156249703 --- pkgs/os-specific/linux/tiscamera/default.nix | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'pkgs/os-specific/linux') diff --git a/pkgs/os-specific/linux/tiscamera/default.nix b/pkgs/os-specific/linux/tiscamera/default.nix index 38bc7c3eaff31..1182aead36bed 100644 --- a/pkgs/os-specific/linux/tiscamera/default.nix +++ b/pkgs/os-specific/linux/tiscamera/default.nix @@ -17,6 +17,7 @@ , python3Packages , libuuid , wrapGAppsHook +, catch2 }: stdenv.mkDerivation rec { @@ -30,6 +31,10 @@ stdenv.mkDerivation rec { sha256 = "0hpy9yhc4mn6w8gvzwif703smmcys0j2jqbz2xfghqxcyb0ykplj"; }; + postPatch = '' + cp ${catch2}/include/catch2/catch.hpp external/catch/catch.hpp + ''; + nativeBuildInputs = [ cmake pkg-config -- cgit 1.4.1 From 18c72c223a65a6bbe26f974f04976a279dce01e4 Mon Sep 17 00:00:00 2001 From: ajs124 Date: Mon, 21 Feb 2022 18:46:50 +0100 Subject: nftables: 1.0.1 -> 1.0.2 --- pkgs/os-specific/linux/nftables/default.nix | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) (limited to 'pkgs/os-specific/linux') diff --git a/pkgs/os-specific/linux/nftables/default.nix b/pkgs/os-specific/linux/nftables/default.nix index 0b6291226bc84..8485a868d8a59 100644 --- a/pkgs/os-specific/linux/nftables/default.nix +++ b/pkgs/os-specific/linux/nftables/default.nix @@ -1,7 +1,8 @@ { lib, stdenv, fetchurl, pkg-config, bison, file, flex , asciidoc, libxslt, findXMLCatalogs, docbook_xml_dtd_45, docbook_xsl , libmnl, libnftnl, libpcap -, gmp, jansson, readline +, gmp, jansson, libedit +, autoreconfHook, fetchpatch , withDebugSymbols ? false , withPython ? false , python3 , withXtables ? true , iptables @@ -10,22 +11,23 @@ with lib; stdenv.mkDerivation rec { - version = "1.0.1"; + version = "1.0.2"; pname = "nftables"; src = fetchurl { url = "https://netfilter.org/projects/nftables/files/${pname}-${version}.tar.bz2"; - sha256 = "08x4xw0s5sap3q7jfr91v7mrkxrydi4dvsckw85ims0qb1ibmviw"; + sha256 = "00jcjn1pl7qyqpg8pd4yhlkys7wbj4vkzgg73n27nmplzips6a0b"; }; nativeBuildInputs = [ + autoreconfHook pkg-config bison file flex asciidoc docbook_xml_dtd_45 docbook_xsl findXMLCatalogs libxslt ]; buildInputs = [ libmnl libnftnl libpcap - gmp jansson readline + gmp jansson libedit ] ++ optional withXtables iptables ++ optional withPython python3; @@ -33,9 +35,17 @@ stdenv.mkDerivation rec { substituteInPlace ./configure --replace /usr/bin/file ${file}/bin/file ''; + patches = [ + # fix build after 1.0.2 release, drop when updating to a newer release + (fetchpatch { + url = "https://git.netfilter.org/nftables/patch/?id=18a08fb7f0443f8bde83393bd6f69e23a04246b3"; + sha256 = "03dzhd7fhg0d20ly4rffk4ra7wlxp731892dhp8zw67jwhys9ywz"; + }) + ]; + configureFlags = [ "--with-json" - "--with-cli=readline" # TODO: maybe switch to editline + "--with-cli=editline" ] ++ optional (!withDebugSymbols) "--disable-debug" ++ optional (!withPython) "--disable-python" ++ optional withPython "--enable-python" -- cgit 1.4.1 From bcad3669e8b2b32bdaeace0618f02393121a41bf Mon Sep 17 00:00:00 2001 From: Felix Buehler Date: Tue, 1 Mar 2022 14:21:26 +0100 Subject: util-linuxMinimal: remove appendToName to have a consistent package name for repology --- pkgs/os-specific/linux/util-linux/default.nix | 4 ++-- pkgs/top-level/all-packages.nix | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) (limited to 'pkgs/os-specific/linux') diff --git a/pkgs/os-specific/linux/util-linux/default.nix b/pkgs/os-specific/linux/util-linux/default.nix index bedd2417e7ead..d54f577def3e0 100644 --- a/pkgs/os-specific/linux/util-linux/default.nix +++ b/pkgs/os-specific/linux/util-linux/default.nix @@ -4,11 +4,11 @@ }: stdenv.mkDerivation rec { - pname = "util-linux"; + pname = "util-linux" + lib.optionalString ( !nlsSupport && ncurses == null && systemd == null ) "-minimal"; version = "2.37.4"; src = fetchurl { - url = "mirror://kernel/linux/utils/util-linux/v${lib.versions.majorMinor version}/${pname}-${version}.tar.xz"; + url = "mirror://kernel/linux/utils/util-linux/v${lib.versions.majorMinor version}/util-linux-${version}.tar.xz"; sha256 = "sha256-Y05pFq2RM2bDU2tkaOeER2lUm5mnsr+AMU3nirVlW4M="; }; diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 1b88233d08263..4b39ceb8fb075 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -23333,11 +23333,11 @@ with pkgs; util-linuxCurses = util-linux; - util-linuxMinimal = if stdenv.isLinux then appendToName "minimal" (util-linux.override { + util-linuxMinimal = if stdenv.isLinux then util-linux.override { nlsSupport = false; ncurses = null; systemd = null; - }) else util-linux; + } else util-linux; v4l-utils = qt5.callPackage ../os-specific/linux/v4l-utils { }; -- cgit 1.4.1 From 0423158e106ec4a838f0d8f956faecfacf4396f3 Mon Sep 17 00:00:00 2001 From: Andreas Rammhold Date: Sun, 12 Dec 2021 03:57:53 +0100 Subject: systemd: reformat code with nixpkgs-fmt --- pkgs/os-specific/linux/systemd/default.nix | 85 ++++++++++++++++++------------ 1 file changed, 51 insertions(+), 34 deletions(-) (limited to 'pkgs/os-specific/linux') diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index 3a3a419093b75..c29bd637bf4c3 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -168,40 +168,51 @@ stdenv.mkDerivation { # need (AFAICT). # See https://github.com/systemd/systemd/pull/20479 for upsteam discussion. ./0019-core-handle-lookup-paths-being-symlinks.patch - ] ++ lib.optional stdenv.hostPlatform.isMusl (let - oe-core = fetchzip { - url = "https://git.openembedded.org/openembedded-core/snapshot/openembedded-core-14c6e5a4b72d0e4665279158a0740dd1dc21f72f.tar.bz2"; - sha256 = "1jixya4czkr5p5rdcw3d6ips8zzr82dvnanvzvgjh67730scflya"; - }; - musl-patches = oe-core + "/meta/recipes-core/systemd/systemd"; - in [ - (musl-patches + "/0002-don-t-use-glibc-specific-qsort_r.patch") - (musl-patches + "/0003-missing_type.h-add-__compare_fn_t-and-comparison_fn_.patch") - (musl-patches + "/0004-add-fallback-parse_printf_format-implementation.patch") - (musl-patches + "/0005-src-basic-missing.h-check-for-missing-strndupa.patch") - (musl-patches + "/0006-Include-netinet-if_ether.h.patch") - (musl-patches + "/0007-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch") - (musl-patches + "/0008-add-missing-FTW_-macros-for-musl.patch") - (musl-patches + "/0009-fix-missing-of-__register_atfork-for-non-glibc-build.patch") - (musl-patches + "/0010-Use-uintmax_t-for-handling-rlim_t.patch") - (musl-patches + "/0011-test-sizeof.c-Disable-tests-for-missing-typedefs-in-.patch") - (musl-patches + "/0012-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch") - (musl-patches + "/0013-Define-glibc-compatible-basename-for-non-glibc-syste.patch") - (musl-patches + "/0014-Do-not-disable-buffering-when-writing-to-oom_score_a.patch") - (musl-patches + "/0015-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch") - (musl-patches + "/0016-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch") - (musl-patches + "/0017-missing_type.h-add-__compar_d_fn_t-definition.patch") - (musl-patches + "/0018-avoid-redefinition-of-prctl_mm_map-structure.patch") - (musl-patches + "/0019-Handle-missing-LOCK_EX.patch") - (musl-patches + "/0021-test-json.c-define-M_PIl.patch") - (musl-patches + "/0022-do-not-disable-buffer-in-writing-files.patch") - (musl-patches + "/0025-Handle-__cpu_mask-usage.patch") - (musl-patches + "/0026-Handle-missing-gshadow.patch") - (musl-patches + "/0028-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch") - - # Being discussed upstream: https://lists.openembedded.org/g/openembedded-core/topic/86411771#157056 - ./musl.diff - ]); + + # In v248 compiler weirdness and refactoring lead to the bootloader + # erroring out handling keyboard input on some systems. See + # https://github.com/systemd/systemd/issues/19191 + # This should be redundant in v249.6 when it offically gets tagged in + # systemd-stable + ./0020-sd-boot-Unify-error-handling.patch + ./0021-sd-boot-Rework-console-input-handling.patch + ] ++ lib.optional stdenv.hostPlatform.isMusl ( + let + oe-core = fetchzip { + url = "https://git.openembedded.org/openembedded-core/snapshot/openembedded-core-14c6e5a4b72d0e4665279158a0740dd1dc21f72f.tar.bz2"; + sha256 = "1jixya4czkr5p5rdcw3d6ips8zzr82dvnanvzvgjh67730scflya"; + }; + musl-patches = oe-core + "/meta/recipes-core/systemd/systemd"; + in + [ + (musl-patches + "/0002-don-t-use-glibc-specific-qsort_r.patch") + (musl-patches + "/0003-missing_type.h-add-__compare_fn_t-and-comparison_fn_.patch") + (musl-patches + "/0004-add-fallback-parse_printf_format-implementation.patch") + (musl-patches + "/0005-src-basic-missing.h-check-for-missing-strndupa.patch") + (musl-patches + "/0006-Include-netinet-if_ether.h.patch") + (musl-patches + "/0007-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch") + (musl-patches + "/0008-add-missing-FTW_-macros-for-musl.patch") + (musl-patches + "/0009-fix-missing-of-__register_atfork-for-non-glibc-build.patch") + (musl-patches + "/0010-Use-uintmax_t-for-handling-rlim_t.patch") + (musl-patches + "/0011-test-sizeof.c-Disable-tests-for-missing-typedefs-in-.patch") + (musl-patches + "/0012-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch") + (musl-patches + "/0013-Define-glibc-compatible-basename-for-non-glibc-syste.patch") + (musl-patches + "/0014-Do-not-disable-buffering-when-writing-to-oom_score_a.patch") + (musl-patches + "/0015-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch") + (musl-patches + "/0016-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch") + (musl-patches + "/0017-missing_type.h-add-__compar_d_fn_t-definition.patch") + (musl-patches + "/0018-avoid-redefinition-of-prctl_mm_map-structure.patch") + (musl-patches + "/0019-Handle-missing-LOCK_EX.patch") + (musl-patches + "/0021-test-json.c-define-M_PIl.patch") + (musl-patches + "/0022-do-not-disable-buffer-in-writing-files.patch") + (musl-patches + "/0025-Handle-__cpu_mask-usage.patch") + (musl-patches + "/0026-Handle-missing-gshadow.patch") + (musl-patches + "/0028-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch") + + # Being discussed upstream: https://lists.openembedded.org/g/openembedded-core/topic/86411771#157056 + ./musl.diff + ] + ); postPatch = '' substituteInPlace src/basic/path-util.h --replace "@defaultPathNormal@" "${placeholder "out"}/bin/" @@ -575,6 +586,12 @@ stdenv.mkDerivation { ''; postInstall = '' + # sysinit.target: Don't depend on + # systemd-tmpfiles-setup.service. This interferes with NixOps's + # send-keys feature (since sshd.service depends indirectly on + # sysinit.target). + mv $out/lib/systemd/system/sysinit.target.wants/systemd-tmpfiles-setup-dev.service $out/lib/systemd/system/multi-user.target.wants/ + mkdir -p $out/example/systemd mv $out/lib/{modules-load.d,binfmt.d,sysctl.d,tmpfiles.d} $out/example mv $out/lib/systemd/{system,user} $out/example/systemd -- cgit 1.4.1 From 3869ce784e80445cc6037999b087e7ca61ebf60f Mon Sep 17 00:00:00 2001 From: Andreas Rammhold Date: Sun, 12 Dec 2021 03:56:45 +0100 Subject: systemd: 249.7 -> 250.3 --- .../from_md/release-notes/rl-2205.section.xml | 5 + nixos/doc/manual/release-notes/rl-2205.section.md | 2 + ...e-units-for-uninitialised-encrypted-devic.patch | 4 +- ...002-Don-t-try-to-unmount-nix-or-nix-store.patch | 8 +- .../linux/systemd/0003-Fix-NixOS-containers.patch | 10 +- .../0004-Look-for-fsck-in-the-right-place.patch | 6 +- ...-Add-some-NixOS-specific-unit-directories.patch | 18 +- ...rid-of-a-useless-message-in-user-sessions.patch | 8 +- ...ocaled-timedated-disable-methods-that-cha.patch | 10 +- .../linux/systemd/0008-Fix-hwdb-paths.patch | 4 +- ...Change-usr-share-zoneinfo-to-etc-zoneinfo.patch | 22 +-- ...10-localectl-use-etc-X11-xkb-for-list-x11.patch | 8 +- ...-create-statedir-and-don-t-touch-prefixdi.patch | 12 +- ...stemd-environment-when-calling-generators.patch | 8 +- .../0013-add-rootprefix-to-lookup-dir-paths.patch | 6 +- ...tdown-execute-scripts-in-etc-systemd-syst.patch | 10 +- ...ep-execute-scripts-in-etc-systemd-system-.patch | 6 +- ...-nodes.service-Update-ConditionFileNotEmp.patch | 23 +-- ...h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch | 6 +- ...0018-pkg-config-derive-prefix-from-prefix.patch | 4 +- ...9-core-handle-lookup-paths-being-symlinks.patch | 14 +- pkgs/os-specific/linux/systemd/default.nix | 189 ++++++++++++++------- 22 files changed, 224 insertions(+), 159 deletions(-) (limited to 'pkgs/os-specific/linux') diff --git a/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml index f134295fa3e50..7fecf5d66f03f 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml @@ -50,6 +50,11 @@ granular distinction between reloads and restarts. + + + Systemd has been upgraded to the version 250. + + kops diff --git a/nixos/doc/manual/release-notes/rl-2205.section.md b/nixos/doc/manual/release-notes/rl-2205.section.md index b089044db05b2..461b0e88db1f5 100644 --- a/nixos/doc/manual/release-notes/rl-2205.section.md +++ b/nixos/doc/manual/release-notes/rl-2205.section.md @@ -19,6 +19,8 @@ In addition to numerous new and upgraded packages, this release has the followin - systemd services can now set [systemd.services.\.reloadTriggers](#opt-systemd.services) instead of `reloadIfChanged` for a more granular distinction between reloads and restarts. +- Systemd has been upgraded to the version 250. + - [`kops`](https://kops.sigs.k8s.io) defaults to 1.22.4, which will enable [Instance Metadata Service Version 2](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html) and require tokens on new clusters with Kubernetes 1.22. This will increase security by default, but may break some types of workloads. See the [release notes](https://kops.sigs.k8s.io/releases/1.22-notes/) for details. ## New Services {#sec-release-22.05-new-services} diff --git a/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch b/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch index a87c59558e01c..404b0d2ee6f30 100644 --- a/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch +++ b/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch @@ -1,4 +1,4 @@ -From 93b2d29de784c68d1b4d70d7f214b19432aec6a8 Mon Sep 17 00:00:00 2001 +From 8622539fe2ce67934ed2e60626a2303ef8191e40 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 8 Jan 2013 15:46:30 +0100 Subject: [PATCH 01/19] Start device units for uninitialised encrypted devices @@ -28,5 +28,5 @@ index 25b8a590a6..d18999ea87 100644 SUBSYSTEM=="block", ENV{ID_PART_GPT_AUTO_ROOT}=="1", ENV{ID_FS_TYPE}!="crypto_LUKS", SYMLINK+="gpt-auto-root" SUBSYSTEM=="block", ENV{ID_PART_GPT_AUTO_ROOT}=="1", ENV{ID_FS_TYPE}=="crypto_LUKS", SYMLINK+="gpt-auto-root-luks" -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch b/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch index e9fedd239f473..d37ace3250c23 100644 --- a/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch +++ b/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch @@ -1,4 +1,4 @@ -From 41edb381df0326e216b3c569d2cd5764591267d9 Mon Sep 17 00:00:00 2001 +From a845786195182c376b72a85433e278c35243676d Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 12 Apr 2013 13:16:57 +0200 Subject: [PATCH 02/19] Don't try to unmount /nix or /nix/store @@ -25,10 +25,10 @@ index f683f05981..5a04c2c2a6 100644 "/etc")) return true; diff --git a/src/shutdown/umount.c b/src/shutdown/umount.c -index 1f945b7875..6df9d383ba 100644 +index f5a2cb20c1..51608d24c0 100644 --- a/src/shutdown/umount.c +++ b/src/shutdown/umount.c -@@ -508,6 +508,8 @@ static int delete_md(MountPoint *m) { +@@ -502,6 +502,8 @@ static int delete_md(MountPoint *m) { static bool nonunmountable_path(const char *path) { return path_equal(path, "/") @@ -38,5 +38,5 @@ index 1f945b7875..6df9d383ba 100644 || path_equal(path, "/usr") #endif -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch b/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch index 217629f7d6ac7..56c6238b81f26 100644 --- a/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch +++ b/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch @@ -1,4 +1,4 @@ -From 43620479f6bfbbc4c3eed28947e0676c817acb7c Mon Sep 17 00:00:00 2001 +From d33f3461fa2202ef9b0d6cdf2137c510c59fb052 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 16 Apr 2014 10:59:28 +0200 Subject: [PATCH 03/19] Fix NixOS containers @@ -10,10 +10,10 @@ container, so checking early whether it exists will fail. 1 file changed, 2 insertions(+) diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c -index 575b9da447..438ca294db 100644 +index 8f17ab8810..197e5aa252 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c -@@ -5590,6 +5590,7 @@ static int run(int argc, char *argv[]) { +@@ -5625,6 +5625,7 @@ static int run(int argc, char *argv[]) { goto finish; } } else { @@ -21,7 +21,7 @@ index 575b9da447..438ca294db 100644 const char *p, *q; if (arg_pivot_root_new) -@@ -5604,6 +5605,7 @@ static int run(int argc, char *argv[]) { +@@ -5639,6 +5640,7 @@ static int run(int argc, char *argv[]) { r = -EINVAL; goto finish; } @@ -30,5 +30,5 @@ index 575b9da447..438ca294db 100644 } else { -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0004-Look-for-fsck-in-the-right-place.patch b/pkgs/os-specific/linux/systemd/0004-Look-for-fsck-in-the-right-place.patch index f7b768af515f2..36d0ee0cde24f 100644 --- a/pkgs/os-specific/linux/systemd/0004-Look-for-fsck-in-the-right-place.patch +++ b/pkgs/os-specific/linux/systemd/0004-Look-for-fsck-in-the-right-place.patch @@ -1,4 +1,4 @@ -From a08ed6697974d7f7dabe60d42bbc9e31a10f7e23 Mon Sep 17 00:00:00 2001 +From 8fd5968163f3a1cb5f196d934756ba08ccaa5b1e Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 1 May 2014 14:10:10 +0200 Subject: [PATCH 04/19] Look for fsck in the right place @@ -8,7 +8,7 @@ Subject: [PATCH 04/19] Look for fsck in the right place 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/fsck/fsck.c b/src/fsck/fsck.c -index cd7adfaeb9..68cebdd158 100644 +index 745d01ff50..dd4eef45c3 100644 --- a/src/fsck/fsck.c +++ b/src/fsck/fsck.c @@ -368,7 +368,7 @@ static int run(int argc, char *argv[]) { @@ -21,5 +21,5 @@ index cd7adfaeb9..68cebdd158 100644 cmdline[i++] = "-T"; -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch b/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch index 7ebf07d0a82b7..6acac84a9d28b 100644 --- a/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch +++ b/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch @@ -1,4 +1,4 @@ -From ddcfae6de8c460903c5db8c536ffeb5771e976f8 Mon Sep 17 00:00:00 2001 +From 90d1a90d3147e9c8db5caec8befabda270e755d4 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 19 Dec 2014 14:46:17 +0100 Subject: [PATCH 05/19] Add some NixOS-specific unit directories @@ -14,10 +14,10 @@ Also, remove /usr and /lib as these don't exist on NixOS. 2 files changed, 6 insertions(+), 19 deletions(-) diff --git a/src/basic/path-lookup.c b/src/basic/path-lookup.c -index 05eb17d66c..1cd141d012 100644 +index 6fb8c40e7a..142ecdecec 100644 --- a/src/basic/path-lookup.c +++ b/src/basic/path-lookup.c -@@ -91,11 +91,7 @@ int xdg_user_data_dir(char **ret, const char *suffix) { +@@ -92,11 +92,7 @@ int xdg_user_data_dir(char **ret, const char *suffix) { } static const char* const user_data_unit_paths[] = { @@ -29,7 +29,7 @@ index 05eb17d66c..1cd141d012 100644 NULL }; -@@ -613,15 +609,13 @@ int lookup_paths_init( +@@ -614,15 +610,13 @@ int lookup_paths_init( persistent_config, SYSTEM_CONFIG_UNIT_DIR, "/etc/systemd/system", @@ -46,7 +46,7 @@ index 05eb17d66c..1cd141d012 100644 STRV_IFNOTNULL(generator_late)); break; -@@ -637,14 +631,11 @@ int lookup_paths_init( +@@ -638,14 +632,11 @@ int lookup_paths_init( persistent_config, USER_CONFIG_UNIT_DIR, "/etc/systemd/user", @@ -62,7 +62,7 @@ index 05eb17d66c..1cd141d012 100644 STRV_IFNOTNULL(generator_late)); break; -@@ -794,7 +785,6 @@ char **generator_binary_paths(UnitFileScope scope) { +@@ -795,7 +786,6 @@ char **generator_binary_paths(UnitFileScope scope) { case UNIT_FILE_SYSTEM: add = strv_new("/run/systemd/system-generators", "/etc/systemd/system-generators", @@ -70,7 +70,7 @@ index 05eb17d66c..1cd141d012 100644 SYSTEM_GENERATOR_DIR); break; -@@ -802,7 +792,6 @@ char **generator_binary_paths(UnitFileScope scope) { +@@ -803,7 +793,6 @@ char **generator_binary_paths(UnitFileScope scope) { case UNIT_FILE_USER: add = strv_new("/run/systemd/user-generators", "/etc/systemd/user-generators", @@ -78,7 +78,7 @@ index 05eb17d66c..1cd141d012 100644 USER_GENERATOR_DIR); break; -@@ -841,12 +830,10 @@ char **env_generator_binary_paths(bool is_system) { +@@ -842,12 +831,10 @@ char **env_generator_binary_paths(bool is_system) { if (is_system) add = strv_new("/run/systemd/system-environment-generators", "/etc/systemd/system-environment-generators", @@ -122,5 +122,5 @@ index fc0f8c34fa..162432e77f 100644 systemd_sleep_dir=${root_prefix}/lib/systemd/system-sleep -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0006-Get-rid-of-a-useless-message-in-user-sessions.patch b/pkgs/os-specific/linux/systemd/0006-Get-rid-of-a-useless-message-in-user-sessions.patch index 0c09107c5ef22..438d841bb1c7a 100644 --- a/pkgs/os-specific/linux/systemd/0006-Get-rid-of-a-useless-message-in-user-sessions.patch +++ b/pkgs/os-specific/linux/systemd/0006-Get-rid-of-a-useless-message-in-user-sessions.patch @@ -1,4 +1,4 @@ -From b39b8871bcaa07280d6b0cf2226b1a3be31232b8 Mon Sep 17 00:00:00 2001 +From 213279752124dc4a57a4189df9b5b2e96feaa0b3 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 11 May 2015 15:39:38 +0200 Subject: [PATCH 06/19] Get rid of a useless message in user sessions @@ -13,10 +13,10 @@ in containers. 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/core/manager.c b/src/core/manager.c -index 34891a8754..b9b4789720 100644 +index 9368a1dfa1..5b0bdb1bc7 100644 --- a/src/core/manager.c +++ b/src/core/manager.c -@@ -1375,7 +1375,8 @@ static unsigned manager_dispatch_stop_when_bound_queue(Manager *m) { +@@ -1408,7 +1408,8 @@ static unsigned manager_dispatch_stop_when_bound_queue(Manager *m) { if (!unit_is_bound_by_inactive(u, &culprit)) continue; @@ -27,5 +27,5 @@ index 34891a8754..b9b4789720 100644 /* If stopping a unit fails continuously we might enter a stop loop here, hence stop acting on the * service being unnecessary after a while. */ -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0007-hostnamed-localed-timedated-disable-methods-that-cha.patch b/pkgs/os-specific/linux/systemd/0007-hostnamed-localed-timedated-disable-methods-that-cha.patch index d7649b5e44a76..a93488afbf92a 100644 --- a/pkgs/os-specific/linux/systemd/0007-hostnamed-localed-timedated-disable-methods-that-cha.patch +++ b/pkgs/os-specific/linux/systemd/0007-hostnamed-localed-timedated-disable-methods-that-cha.patch @@ -1,4 +1,4 @@ -From 566208aea81057789218b959f4d0e898eec54fc9 Mon Sep 17 00:00:00 2001 +From 14474d5e116609ce4fac60d779b08fa3eab840c3 Mon Sep 17 00:00:00 2001 From: Gabriel Ebner Date: Sun, 6 Dec 2015 14:26:36 +0100 Subject: [PATCH 07/19] hostnamed, localed, timedated: disable methods that @@ -11,10 +11,10 @@ Subject: [PATCH 07/19] hostnamed, localed, timedated: disable methods that 3 files changed, 25 insertions(+) diff --git a/src/hostname/hostnamed.c b/src/hostname/hostnamed.c -index 36702f2fb0..669257ea2f 100644 +index b20a93ad81..6292fca4fc 100644 --- a/src/hostname/hostnamed.c +++ b/src/hostname/hostnamed.c -@@ -797,6 +797,9 @@ static int method_set_static_hostname(sd_bus_message *m, void *userdata, sd_bus_ +@@ -813,6 +813,9 @@ static int method_set_static_hostname(sd_bus_message *m, void *userdata, sd_bus_ if (r < 0) return r; @@ -24,7 +24,7 @@ index 36702f2fb0..669257ea2f 100644 name = empty_to_null(name); context_read_etc_hostname(c); -@@ -860,6 +863,9 @@ static int set_machine_info(Context *c, sd_bus_message *m, int prop, sd_bus_mess +@@ -876,6 +879,9 @@ static int set_machine_info(Context *c, sd_bus_message *m, int prop, sd_bus_mess if (r < 0) return r; @@ -104,5 +104,5 @@ index 66b454269d..0a8fe25d0f 100644 if (r < 0) return r; -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0008-Fix-hwdb-paths.patch b/pkgs/os-specific/linux/systemd/0008-Fix-hwdb-paths.patch index f938b553c9f52..e1bc44a148ea0 100644 --- a/pkgs/os-specific/linux/systemd/0008-Fix-hwdb-paths.patch +++ b/pkgs/os-specific/linux/systemd/0008-Fix-hwdb-paths.patch @@ -1,4 +1,4 @@ -From 3b9983969de2a86929768f6362ed41c20dd13bd3 Mon Sep 17 00:00:00 2001 +From d668df39728c992ec0c691ef6e76664e7121f5bd Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov Date: Thu, 7 Jul 2016 02:47:13 +0300 Subject: [PATCH 08/19] Fix hwdb paths @@ -24,5 +24,5 @@ index 5ddc2211e6..ee621eec46 100644 + "/etc/udev/hwdb.bin\0" + -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0009-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch b/pkgs/os-specific/linux/systemd/0009-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch index 87cf1afc7d22b..68d40980ab169 100644 --- a/pkgs/os-specific/linux/systemd/0009-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch +++ b/pkgs/os-specific/linux/systemd/0009-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch @@ -1,4 +1,4 @@ -From b5966b6abb9696798618367cab33d1fed317734f Mon Sep 17 00:00:00 2001 +From dd59ce5f1bbdafb0b92f8aeacc68b000ec347a61 Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov Date: Tue, 11 Oct 2016 13:12:08 +0300 Subject: [PATCH 09/19] Change /usr/share/zoneinfo to /etc/zoneinfo @@ -35,10 +35,10 @@ index e486474c44..5f373d0723 100644 Etc/UTC. The resulting link should lead to the corresponding binary diff --git a/src/basic/time-util.c b/src/basic/time-util.c -index 5d162e8ffe..1bec83e555 100644 +index b659d6905d..660b1c6fed 100644 --- a/src/basic/time-util.c +++ b/src/basic/time-util.c -@@ -1269,7 +1269,7 @@ static int get_timezones_from_zone1970_tab(char ***ret) { +@@ -1267,7 +1267,7 @@ static int get_timezones_from_zone1970_tab(char ***ret) { assert(ret); @@ -47,7 +47,7 @@ index 5d162e8ffe..1bec83e555 100644 if (!f) return -errno; -@@ -1308,7 +1308,7 @@ static int get_timezones_from_tzdata_zi(char ***ret) { +@@ -1306,7 +1306,7 @@ static int get_timezones_from_tzdata_zi(char ***ret) { _cleanup_strv_free_ char **zones = NULL; int r; @@ -56,7 +56,7 @@ index 5d162e8ffe..1bec83e555 100644 if (!f) return -errno; -@@ -1421,7 +1421,7 @@ int verify_timezone(const char *name, int log_level) { +@@ -1419,7 +1419,7 @@ int verify_timezone(const char *name, int log_level) { if (p - name >= PATH_MAX) return -ENAMETOOLONG; @@ -65,7 +65,7 @@ index 5d162e8ffe..1bec83e555 100644 fd = open(t, O_RDONLY|O_CLOEXEC); if (fd < 0) -@@ -1512,7 +1512,7 @@ int get_timezone(char **ret) { +@@ -1510,7 +1510,7 @@ int get_timezone(char **ret) { if (r < 0) return r; /* returns EINVAL if not a symlink */ @@ -75,10 +75,10 @@ index 5d162e8ffe..1bec83e555 100644 return -EINVAL; diff --git a/src/firstboot/firstboot.c b/src/firstboot/firstboot.c -index 2cb4f80d5d..ebeaeac52f 100644 +index d28a416e5d..c7c215731d 100644 --- a/src/firstboot/firstboot.c +++ b/src/firstboot/firstboot.c -@@ -491,7 +491,7 @@ static int process_timezone(void) { +@@ -494,7 +494,7 @@ static int process_timezone(void) { if (isempty(arg_timezone)) return 0; @@ -88,10 +88,10 @@ index 2cb4f80d5d..ebeaeac52f 100644 (void) mkdir_parents(etc_localtime, 0755); if (symlink(e, etc_localtime) < 0) diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c -index 438ca294db..98bd110d92 100644 +index 197e5aa252..c674fa61d5 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c -@@ -1887,8 +1887,8 @@ int userns_mkdir(const char *root, const char *path, mode_t mode, uid_t uid, gid +@@ -1899,8 +1899,8 @@ int userns_mkdir(const char *root, const char *path, mode_t mode, uid_t uid, gid static const char *timezone_from_path(const char *path) { return PATH_STARTSWITH_SET( path, @@ -137,5 +137,5 @@ index 0a8fe25d0f..2f02b9a520 100644 return -ENOMEM; -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0010-localectl-use-etc-X11-xkb-for-list-x11.patch b/pkgs/os-specific/linux/systemd/0010-localectl-use-etc-X11-xkb-for-list-x11.patch index 6e36bbdc34065..f2514de6c6629 100644 --- a/pkgs/os-specific/linux/systemd/0010-localectl-use-etc-X11-xkb-for-list-x11.patch +++ b/pkgs/os-specific/linux/systemd/0010-localectl-use-etc-X11-xkb-for-list-x11.patch @@ -1,4 +1,4 @@ -From f4e9304560ad42eeb8d42be583cc55eb2e5b4bb1 Mon Sep 17 00:00:00 2001 +From a93da270bed88972f4d60a1fa08f24e00712d7fb Mon Sep 17 00:00:00 2001 From: Imuli Date: Wed, 19 Oct 2016 08:46:47 -0400 Subject: [PATCH 10/19] localectl: use /etc/X11/xkb for list-x11-* @@ -10,10 +10,10 @@ NixOS has an option to link the xkb data files to /etc/X11, but not to 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/locale/localectl.c b/src/locale/localectl.c -index 548ac8eb2c..5e372f1566 100644 +index b5624209dc..4ab7adfdb6 100644 --- a/src/locale/localectl.c +++ b/src/locale/localectl.c -@@ -280,7 +280,7 @@ static int list_x11_keymaps(int argc, char **argv, void *userdata) { +@@ -279,7 +279,7 @@ static int list_x11_keymaps(int argc, char **argv, void *userdata) { } state = NONE, look_for; int r; @@ -23,5 +23,5 @@ index 548ac8eb2c..5e372f1566 100644 return log_error_errno(errno, "Failed to open keyboard mapping list. %m"); -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0011-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch b/pkgs/os-specific/linux/systemd/0011-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch index 5aa22d988952d..c21a1bda41226 100644 --- a/pkgs/os-specific/linux/systemd/0011-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch +++ b/pkgs/os-specific/linux/systemd/0011-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch @@ -1,4 +1,4 @@ -From 43a363f30b6012d600cfb62a3851c4ac7af4d1d5 Mon Sep 17 00:00:00 2001 +From 3bc3462165cd72de93a1c71f03e6c4150726b159 Mon Sep 17 00:00:00 2001 From: Franz Pletz Date: Sun, 11 Feb 2018 04:37:44 +0100 Subject: [PATCH 11/19] build: don't create statedir and don't touch prefixdir @@ -8,12 +8,12 @@ Subject: [PATCH 11/19] build: don't create statedir and don't touch prefixdir 1 file changed, 3 deletions(-) diff --git a/meson.build b/meson.build -index 5bdfd9753d..5bf6afc7b7 100644 +index c0cbadecb1..8266bf57de 100644 --- a/meson.build +++ b/meson.build -@@ -3539,9 +3539,6 @@ install_data('LICENSE.GPL2', - 'docs/GVARIANT-SERIALIZATION.md', - install_dir : docdir) +@@ -3729,9 +3729,6 @@ install_data('LICENSE.GPL2', + install_subdir('LICENSES', + install_dir : docdir) -meson.add_install_script('sh', '-c', mkdir_p.format(systemdstatedir)) -meson.add_install_script('sh', '-c', 'touch $DESTDIR@0@'.format(prefixdir)) @@ -22,5 +22,5 @@ index 5bdfd9753d..5bf6afc7b7 100644 # Ensure that changes to the docs/ directory do not break the -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0012-inherit-systemd-environment-when-calling-generators.patch b/pkgs/os-specific/linux/systemd/0012-inherit-systemd-environment-when-calling-generators.patch index a2bdfcf8ec3fd..5f27e41752328 100644 --- a/pkgs/os-specific/linux/systemd/0012-inherit-systemd-environment-when-calling-generators.patch +++ b/pkgs/os-specific/linux/systemd/0012-inherit-systemd-environment-when-calling-generators.patch @@ -1,4 +1,4 @@ -From 7ea935a5ac4f31106ce9347227d4eb59b77b02cd Mon Sep 17 00:00:00 2001 +From 85f0ad0cb7b4f0cfd482c9611f9cbc2dacbba33a Mon Sep 17 00:00:00 2001 From: Andreas Rammhold Date: Fri, 2 Nov 2018 21:15:42 +0100 Subject: [PATCH 12/19] inherit systemd environment when calling generators. @@ -16,10 +16,10 @@ executables that are being called from managers. 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/src/core/manager.c b/src/core/manager.c -index b9b4789720..79239afe4a 100644 +index 5b0bdb1bc7..1538a5200a 100644 --- a/src/core/manager.c +++ b/src/core/manager.c -@@ -4149,10 +4149,15 @@ static int manager_run_generators(Manager *m) { +@@ -3653,10 +3653,15 @@ static int manager_run_generators(Manager *m) { argv[4] = NULL; RUN_WITH_UMASK(0022) @@ -40,5 +40,5 @@ index b9b4789720..79239afe4a 100644 finish: -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0013-add-rootprefix-to-lookup-dir-paths.patch b/pkgs/os-specific/linux/systemd/0013-add-rootprefix-to-lookup-dir-paths.patch index 20372a5dbad58..d008cf2821c7a 100644 --- a/pkgs/os-specific/linux/systemd/0013-add-rootprefix-to-lookup-dir-paths.patch +++ b/pkgs/os-specific/linux/systemd/0013-add-rootprefix-to-lookup-dir-paths.patch @@ -1,4 +1,4 @@ -From eb93778af78a127e8e20d6ed7fd9f91fd22dc7c9 Mon Sep 17 00:00:00 2001 +From b30d2273d3ce1480b0c4c27c25211f84e04172e9 Mon Sep 17 00:00:00 2001 From: Andreas Rammhold Date: Thu, 9 May 2019 11:15:22 +0200 Subject: [PATCH 13/19] add rootprefix to lookup dir paths @@ -12,7 +12,7 @@ files that I might have missed. 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/basic/def.h b/src/basic/def.h -index 2e60abb4f1..732ec51d36 100644 +index eccee3d3fa..e94a2c8bd0 100644 --- a/src/basic/def.h +++ b/src/basic/def.h @@ -39,13 +39,15 @@ @@ -34,5 +34,5 @@ index 2e60abb4f1..732ec51d36 100644 #define CONF_PATHS(n) \ CONF_PATHS_USR(n) \ -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0014-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch b/pkgs/os-specific/linux/systemd/0014-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch index a22566eb4cc30..49c6651c0edff 100644 --- a/pkgs/os-specific/linux/systemd/0014-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch +++ b/pkgs/os-specific/linux/systemd/0014-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch @@ -1,4 +1,4 @@ -From 1d623def80a3532ac1445499c9d4673e21ae8195 Mon Sep 17 00:00:00 2001 +From 76da27ff77e5db07e502d4d8d26286d69c3f0319 Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov Date: Thu, 25 Jul 2019 20:45:55 +0300 Subject: [PATCH 14/19] systemd-shutdown: execute scripts in @@ -10,12 +10,12 @@ This is needed for NixOS to use such scripts as systemd directory is immutable. 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/shutdown/shutdown.c b/src/shutdown/shutdown.c -index a98cfc4d8a..b0b34edda7 100644 +index 7ad9930677..fdb03a2e1a 100644 --- a/src/shutdown/shutdown.c +++ b/src/shutdown/shutdown.c -@@ -312,7 +312,7 @@ int main(int argc, char *argv[]) { +@@ -335,7 +335,7 @@ int main(int argc, char *argv[]) { _cleanup_free_ char *cgroup = NULL; - char *arguments[3], *watchdog_device; + char *arguments[3]; int cmd, r, umount_log_level = LOG_INFO; - static const char* const dirs[] = {SYSTEM_SHUTDOWN_PATH, NULL}; + static const char* const dirs[] = {SYSTEM_SHUTDOWN_PATH, "/etc/systemd/system-shutdown", NULL}; @@ -23,5 +23,5 @@ index a98cfc4d8a..b0b34edda7 100644 /* The log target defaults to console, but the original systemd process will pass its log target in through a * command line argument, which will override this default. Also, ensure we'll never log to the journal or -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0015-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch b/pkgs/os-specific/linux/systemd/0015-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch index 1a21d1005ee04..78d77c0058229 100644 --- a/pkgs/os-specific/linux/systemd/0015-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch +++ b/pkgs/os-specific/linux/systemd/0015-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch @@ -1,4 +1,4 @@ -From 5a96c4a98be971d84a12ae04e42bc3cb889d5191 Mon Sep 17 00:00:00 2001 +From 47c651f97acae814d4ff679ae04d78d4532cbca6 Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov Date: Thu, 25 Jul 2019 20:46:58 +0300 Subject: [PATCH 15/19] systemd-sleep: execute scripts in @@ -10,7 +10,7 @@ This is needed for NixOS to use such scripts as systemd directory is immutable. 1 file changed, 1 insertion(+) diff --git a/src/sleep/sleep.c b/src/sleep/sleep.c -index a3aeb24633..0ed6a34d79 100644 +index 7064f3a905..b60ced9d9b 100644 --- a/src/sleep/sleep.c +++ b/src/sleep/sleep.c @@ -182,6 +182,7 @@ static int execute( @@ -22,5 +22,5 @@ index a3aeb24633..0ed6a34d79 100644 }; -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0016-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch b/pkgs/os-specific/linux/systemd/0016-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch index 12624cb5548fc..3c1643e0f1ab8 100644 --- a/pkgs/os-specific/linux/systemd/0016-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch +++ b/pkgs/os-specific/linux/systemd/0016-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch @@ -1,32 +1,27 @@ -From 775a2a8940c07f4af33a2a11bfa17e0257b427cb Mon Sep 17 00:00:00 2001 +From df0fec7ac2f33bcca60ba9a2396af33397ba42cc Mon Sep 17 00:00:00 2001 From: Florian Klink Date: Sat, 7 Mar 2020 22:40:27 +0100 Subject: [PATCH 16/19] kmod-static-nodes.service: Update ConditionFileNotEmpty -kmod loads modules from not only /lib/modules but also from -/run/booted-system/kernel-modules/lib/modules and -/run/current-system/kernel-modules/lib/module - -Co-authored-by: Arian van Putten +On NixOS, kernel modules of the currently booted systems are located at +/run/booted-system/kernel-modules/lib/modules/%v/, not /lib/modules/%v/. --- - units/kmod-static-nodes.service.in | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) + units/kmod-static-nodes.service.in | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/units/kmod-static-nodes.service.in b/units/kmod-static-nodes.service.in -index 777e82d16b..9a5e05a1cc 100644 +index 777e82d16b..b6abc2bba0 100644 --- a/units/kmod-static-nodes.service.in +++ b/units/kmod-static-nodes.service.in -@@ -12,7 +12,9 @@ Description=Create List of Static Device Nodes +@@ -12,7 +12,7 @@ Description=Create List of Static Device Nodes DefaultDependencies=no Before=sysinit.target systemd-tmpfiles-setup-dev.service ConditionCapability=CAP_SYS_MODULE -ConditionFileNotEmpty=/lib/modules/%v/modules.devname -+ConditionFileNotEmpty=|/lib/modules/%v/modules.devname -+ConditionFileNotEmpty=|/run/booted-system/kernel-modules/lib/modules/%v/modules.devname -+ConditionFileNotEmpty=|/run/current-system/kernel-modules/lib/modules/%v/modules.devname ++ConditionFileNotEmpty=/run/booted-system/kernel-modules/lib/modules/%v/modules.devname [Service] Type=oneshot -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0017-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch b/pkgs/os-specific/linux/systemd/0017-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch index 52b74284fe26d..882690ad9140f 100644 --- a/pkgs/os-specific/linux/systemd/0017-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch +++ b/pkgs/os-specific/linux/systemd/0017-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch @@ -1,4 +1,4 @@ -From 6ddb2011b379f3232374327517af874b68c434b5 Mon Sep 17 00:00:00 2001 +From f21722ac0f51b0b59a5c030af3db5fe4e6397f7c Mon Sep 17 00:00:00 2001 From: Florian Klink Date: Sun, 8 Mar 2020 01:05:54 +0100 Subject: [PATCH 17/19] path-util.h: add placeholder for DEFAULT_PATH_NORMAL @@ -10,7 +10,7 @@ systemd itself uses extensively. 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/basic/path-util.h b/src/basic/path-util.h -index 26e7362d1f..a8f8a863ec 100644 +index 518f3340bf..18e826ea0b 100644 --- a/src/basic/path-util.h +++ b/src/basic/path-util.h @@ -24,11 +24,11 @@ @@ -29,5 +29,5 @@ index 26e7362d1f..a8f8a863ec 100644 #if HAVE_SPLIT_USR # define DEFAULT_PATH DEFAULT_PATH_SPLIT_USR -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0018-pkg-config-derive-prefix-from-prefix.patch b/pkgs/os-specific/linux/systemd/0018-pkg-config-derive-prefix-from-prefix.patch index 58eb7f96e642c..e602bef9c3d7f 100644 --- a/pkgs/os-specific/linux/systemd/0018-pkg-config-derive-prefix-from-prefix.patch +++ b/pkgs/os-specific/linux/systemd/0018-pkg-config-derive-prefix-from-prefix.patch @@ -1,4 +1,4 @@ -From 50f2ada6cbfafa75b628410e8834f29581854e6f Mon Sep 17 00:00:00 2001 +From 968bd0c7bc058a4b05b6457f9ff20d02b70c9852 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sun, 6 Dec 2020 08:34:19 +0100 Subject: [PATCH 18/19] pkg-config: derive prefix from --prefix @@ -29,5 +29,5 @@ index 162432e77f..2fc20daf03 100644 rootprefix=${root_prefix} sysconf_dir={{SYSCONF_DIR}} -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0019-core-handle-lookup-paths-being-symlinks.patch b/pkgs/os-specific/linux/systemd/0019-core-handle-lookup-paths-being-symlinks.patch index 54e5c32aeb446..916f95e194ac6 100644 --- a/pkgs/os-specific/linux/systemd/0019-core-handle-lookup-paths-being-symlinks.patch +++ b/pkgs/os-specific/linux/systemd/0019-core-handle-lookup-paths-being-symlinks.patch @@ -1,4 +1,4 @@ -From 2ab388cf0be320879e668a6206cb15d002b55f98 Mon Sep 17 00:00:00 2001 +From 169fc6f270ff3e3903a7a31550c964152f9751ec Mon Sep 17 00:00:00 2001 From: Andreas Rammhold Date: Wed, 18 Aug 2021 19:10:08 +0200 Subject: [PATCH 19/19] core: handle lookup paths being symlinks @@ -15,10 +15,10 @@ directory itself is already a symlink. 1 file changed, 31 insertions(+), 2 deletions(-) diff --git a/src/basic/unit-file.c b/src/basic/unit-file.c -index 0d58b1c4fe..7314f1245f 100644 +index 30c632dfce..6179100126 100644 --- a/src/basic/unit-file.c +++ b/src/basic/unit-file.c -@@ -254,6 +254,7 @@ int unit_file_build_name_map( +@@ -255,6 +255,7 @@ int unit_file_build_name_map( _cleanup_hashmap_free_ Hashmap *ids = NULL, *names = NULL; _cleanup_set_free_free_ Set *paths = NULL; @@ -26,7 +26,7 @@ index 0d58b1c4fe..7314f1245f 100644 uint64_t timestamp_hash; char **dir; int r; -@@ -273,6 +274,34 @@ int unit_file_build_name_map( +@@ -274,6 +275,34 @@ int unit_file_build_name_map( return log_oom(); } @@ -59,9 +59,9 @@ index 0d58b1c4fe..7314f1245f 100644 + } + STRV_FOREACH(dir, (char**) lp->search_path) { - struct dirent *de; _cleanup_closedir_ DIR *d = NULL; -@@ -351,11 +380,11 @@ int unit_file_build_name_map( + +@@ -386,11 +415,11 @@ int unit_file_build_name_map( continue; } @@ -76,5 +76,5 @@ index 0d58b1c4fe..7314f1245f 100644 log_debug("%s: linked unit file: %s → %s", __func__, filename, simplified); -- -2.33.1 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index c29bd637bf4c3..95782d2c0754b 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -123,7 +123,14 @@ assert withHomed -> withCryptsetup; assert withCryptsetup -> (cryptsetup != null); let wantCurl = withRemote || withImportd; - version = "249.7"; + wantGcrypt = withResolved || withImportd; + version = "250.3"; + + # Bump this variable on every (major) version change. See below (in the meson options list) for why. + # command: + # $ curl -s https://api.github.com/repos/systemd/systemd/releases/latest | \ + # jq '.created_at|strptime("%Y-%m-%dT%H:%M:%SZ")|mktime' + releaseTimestamp = "1640290180"; in stdenv.mkDerivation { inherit pname version; @@ -134,12 +141,12 @@ stdenv.mkDerivation { owner = "systemd"; repo = "systemd-stable"; rev = "v${version}"; - sha256 = "sha256-y33/BvvI+JyhsvuT1Cbm6J2Z72j71oXgLw6X9NwCMPE="; + sha256 = "sha256-O1XE0BhIuDAlFVX7WIy02M9YTIxLX0Q8atJAYsUgQDQ="; }; - # If these need to be regenerated, `git am path/to/00*.patch` them into a - # systemd worktree, rebase to the more recent systemd version, and export the - # patches again via `git -c format.signoff=false format-patch v${version}`. + # On major changes, or when otherwise required, you *must* reformat the patches, + # `git am path/to/00*.patch` them into a systemd worktree, rebase to the more recent + # systemd version, and export the patches again via `git -c format.signoff=false format-patch v${version}`. # Use `find . -name "*.patch" | sort` to get an up-to-date listing of all patches patches = [ ./0001-Start-device-units-for-uninitialised-encrypted-devic.patch @@ -168,14 +175,6 @@ stdenv.mkDerivation { # need (AFAICT). # See https://github.com/systemd/systemd/pull/20479 for upsteam discussion. ./0019-core-handle-lookup-paths-being-symlinks.patch - - # In v248 compiler weirdness and refactoring lead to the bootloader - # erroring out handling keyboard input on some systems. See - # https://github.com/systemd/systemd/issues/19191 - # This should be redundant in v249.6 when it offically gets tagged in - # systemd-stable - ./0020-sd-boot-Unify-error-handling.patch - ./0021-sd-boot-Rework-console-input-handling.patch ] ++ lib.optional stdenv.hostPlatform.isMusl ( let oe-core = fetchzip { @@ -287,6 +286,10 @@ stdenv.mkDerivation { { name = "libtss2-mu.so.0"; pkg = opt withTpm2Tss tpm2-tss; } { name = "libtss2-tcti-"; pkg = opt withTpm2Tss tpm2-tss; } { name = "libfido2.so.1"; pkg = opt withFido2 libfido2; } + + # inspect-elf support + { name = "libelf.so.1"; pkg = opt withCoredump elfutils; } + { name = "libdw.so.1"; pkg = opt withCoredump elfutils; } ]; patchDlOpen = dl: @@ -446,7 +449,12 @@ stdenv.mkDerivation { "-Dsmack=true" "-Db_pie=true" "-Dinstall-sysconfdir=false" - "-Defi-ld=${stdenv.cc.bintools.targetPrefix}ld" + "-Defi-ld=gold" + "-Dsbat-distro=nixos" + "-Dsbat-distro-summary=NixOS" + "-Dsbat-distro-url=https://nixos.org/" + "-Dsbat-distro-pkgname=${pname}" + "-Dsbat-distro-version=${version}" /* As of now, systemd doesn't allow runtime configuration of these values. So the settings in /etc/login.defs have no effect on it. Many people think this @@ -498,57 +506,112 @@ stdenv.mkDerivation { "-Dutmp=false" "-Didn=false" ]; + preConfigure = + let + # A list of all the runtime binaries that the systemd exectuables, tests and libraries are referencing in their source code, scripts and unit files. + # As soon as a dependency isn't required anymore we should remove it from the list. The `where` attribute for each of the replacement patterns must be exhaustive. If another (unhandled) case is found in the source code the build fails with an error message. + binaryReplacements = [ + { search = "/usr/bin/getent"; replacement = "${getent}/bin/getent"; where = [ "src/nspawn/nspawn-setuid.c" ]; } + + { + search = "/sbin/mkswap"; + replacement = "${lib.getBin util-linux}/sbin/mkswap"; + where = [ + "man/systemd-makefs@.service.xml" + ]; + } + { search = "/sbin/swapon"; replacement = "${lib.getBin util-linux}/sbin/swapon"; where = [ "src/core/swap.c" "src/basic/unit-def.h" ]; } + { search = "/sbin/swapoff"; replacement = "${lib.getBin util-linux}/sbin/swapoff"; where = [ "src/core/swap.c" ]; } + { + search = "/bin/echo"; + replacement = "${coreutils}/bin/echo"; + where = [ + "man/systemd-analyze.xml" + "man/systemd.service.xml" + "src/analyze/test-verify.c" + "src/test/test-env-file.c" + "src/test/test-fileio.c" + "test/test-execute/exec-systemcallfilter-failing2.service" + "test/test-execute/exec-systemcallfilter-failing3.service" + "test/test-execute/exec-systemcallfilter-failing.service" + "test/testsuite-06.units/hola.service" + "test/udev-test.pl" + "test/units/hello.service" + "test/units/testsuite-07.sh" + "test/units/testsuite-15.sh" + "test/units/testsuite-17.05.sh" + "test/units/testsuite-40.sh" + "test/units/unstoppable.service" + ]; + } + { + search = "/bin/cat"; + replacement = "${coreutils}/bin/cat"; + where = [ "test/create-busybox-container" "test/test-execute/exec-noexecpaths-simple.service" "src/journal/cat.c" ]; + } + { search = "/sbin/modprobe"; replacement = "${lib.getBin kmod}/sbin/modprobe"; where = [ "units/modprobe@.service" ]; } + { + search = "/usr/lib/systemd/systemd-fsck"; + replacement = "$out/lib/systemd/systemd-fsck"; + where = [ + "man/systemd-fsck@.service.xml" + "test/test-fstab-generator.sh" + "test/test-fstab-generator/test-12-dev-sdx.expected/systemd-fsck-root.service" + "test/test-fstab-generator/test-13-label.expected/systemd-fsck-root.service" + "test/test-fstab-generator/test-14-uuid.expected/systemd-fsck-root.service" + "test/test-fstab-generator/test-15-partuuid.expected/systemd-fsck-root.service" + ]; + } + ] ++ lib.optionals withImportd [ + { + search = "\"gpg\""; + replacement = "\\\"${gnupg}/bin/gpg\\\""; + where = [ "src/import/pull-common.c" ]; + } + { + search = "\"tar\""; + replacement = "\\\"${gnutar}/bin/tar\\\""; + where = [ + "src/import/export-tar.c" + "src/import/export.c" + "src/import/import-common.c" + "src/import/import-tar.c" + "src/import/import.c" + "src/import/importd.c" + "src/import/pull-tar.c" + "src/import/pull.c" + ]; + } + ]; + + # { replacement, search, where } -> List[str] + mkSubstitute = { replacement, search, where }: + map (path: "substituteInPlace ${path} --replace '${search}' \"${replacement}\"") where; + mkEnsureSubstituted = { replacement, search, where }: + '' + if [[ $(grep -r '${search}' | grep -v "${replacement}" | grep -v NEWS | wc -l) -gt 0 ]]; then + echo "Not all references to '${search}' have been replace. Found the following matches:" + grep '${search}' -r | grep -v "${replacement}" | grep -v NEWS + exit 1 + fi + ''; - preConfigure = '' - mesonFlagsArray+=(-Dntp-servers="0.nixos.pool.ntp.org 1.nixos.pool.ntp.org 2.nixos.pool.ntp.org 3.nixos.pool.ntp.org") - export LC_ALL="en_US.UTF-8"; - # FIXME: patch this in systemd properly (and send upstream). - # already fixed in f00929ad622c978f8ad83590a15a765b4beecac9: (u)mount - for i in \ - src/core/mount.c \ - src/core/swap.c \ - src/cryptsetup/cryptsetup-generator.c \ - src/journal/cat.c \ - src/nspawn/nspawn.c \ - src/remount-fs/remount-fs.c \ - src/shared/generator.c \ - src/shutdown/shutdown.c \ - units/emergency.service.in \ - units/modprobe@.service \ - units/rescue.service.in \ - units/systemd-logind.service.in \ - units/systemd-nspawn@.service.in; \ - do - test -e $i - substituteInPlace $i \ - --replace /usr/bin/getent ${getent}/bin/getent \ - --replace /sbin/mkswap ${lib.getBin util-linux}/sbin/mkswap \ - --replace /sbin/swapon ${lib.getBin util-linux}/sbin/swapon \ - --replace /sbin/swapoff ${lib.getBin util-linux}/sbin/swapoff \ - --replace /bin/echo ${coreutils}/bin/echo \ - --replace /bin/cat ${coreutils}/bin/cat \ - --replace /sbin/sulogin ${lib.getBin util-linux}/sbin/sulogin \ - --replace /sbin/modprobe ${lib.getBin kmod}/sbin/modprobe \ - --replace /usr/lib/systemd/systemd-fsck $out/lib/systemd/systemd-fsck \ - --replace /bin/plymouth /run/current-system/sw/bin/plymouth # To avoid dependency - done + in + '' + mesonFlagsArray+=(-Dntp-servers="0.nixos.pool.ntp.org 1.nixos.pool.ntp.org 2.nixos.pool.ntp.org 3.nixos.pool.ntp.org") + export LC_ALL="en_US.UTF-8"; - for dir in tools src/resolve test src/test src/shared; do - patchShebangs $dir - done + ${lib.concatStringsSep "\n" (lib.flatten (map mkSubstitute binaryReplacements))} + ${lib.concatMapStringsSep "\n" mkEnsureSubstituted binaryReplacements} - # absolute paths to gpg & tar - substituteInPlace src/import/pull-common.c \ - --replace '"gpg"' '"${gnupg}/bin/gpg"' - for file in src/import/{{export,import,pull}-tar,import-common}.c; do - substituteInPlace $file \ - --replace '"tar"' '"${gnutar}/bin/tar"' - done + for dir in tools src/resolve test src/test src/shared; do + patchShebangs $dir + done - substituteInPlace src/libsystemd/sd-journal/catalog.c \ - --replace /usr/lib/systemd/catalog/ $out/lib/systemd/catalog/ - ''; + substituteInPlace src/libsystemd/sd-journal/catalog.c \ + --replace /usr/lib/systemd/catalog/ $out/lib/systemd/catalog/ + ''; # These defines are overridden by CFLAGS and would trigger annoying # warning messages @@ -556,7 +619,7 @@ stdenv.mkDerivation { substituteInPlace config.h \ --replace "POLKIT_AGENT_BINARY_PATH" "_POLKIT_AGENT_BINARY_PATH" \ --replace "SYSTEMD_BINARY_PATH" "_SYSTEMD_BINARY_PATH" \ - --replace "SYSTEMD_CGROUP_AGENT_PATH" "_SYSTEMD_CGROUP_AGENT_PATH" + --replace "SYSTEMD_CGROUP_AGENTS_PATH" "_SYSTEMD_CGROUP_AGENT_PATH" ''; NIX_CFLAGS_COMPILE = toString ([ @@ -568,8 +631,8 @@ stdenv.mkDerivation { # Set the release_agent on /sys/fs/cgroup/systemd to the # currently running systemd (/run/current-system/systemd) so # that we don't use an obsolete/garbage-collected release agent. - "-USYSTEMD_CGROUP_AGENT_PATH" - "-DSYSTEMD_CGROUP_AGENT_PATH=\"/run/current-system/systemd/lib/systemd/systemd-cgroups-agent\"" + "-USYSTEMD_CGROUP_AGENTS_PATH" + "-DSYSTEMD_CGROUP_AGENTS_PATH=\"/run/current-system/systemd/lib/systemd/systemd-cgroups-agent\"" "-USYSTEMD_BINARY_PATH" "-DSYSTEMD_BINARY_PATH=\"/run/current-system/systemd/lib/systemd/systemd\"" -- cgit 1.4.1 From 3ceeae830d42e7857981d11ad251c4f39e2fdd4b Mon Sep 17 00:00:00 2001 From: Andreas Rammhold Date: Sun, 12 Dec 2021 15:49:40 +0100 Subject: systemdMinimal: don't set {libfido2,p11-kit,libgcrypt} to null We don't have to do that as we already set all the feature flags to null. Setting individual libraries to null instead of disabling their feature flag will lead with bad example that will cause each of the features to be disabled with multiple flags in the systemdMinimal variant. If a dependency is pulled in via another feature we should disable that rather than setting it to null. Overriding a given package should be the last resort. --- pkgs/os-specific/linux/systemd/default.nix | 8 ++++---- pkgs/top-level/all-packages.nix | 4 +--- 2 files changed, 5 insertions(+), 7 deletions(-) (limited to 'pkgs/os-specific/linux') diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index 95782d2c0754b..c1217510813b6 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -61,6 +61,8 @@ , kexec-tools , bashInteractive , libmicrohttpd +, libfido2 +, p11-kit # the (optional) BPF feature requires bpftool, libbpf, clang and llmv-strip to be avilable during build time. # Only libbpf should be a runtime dependency. @@ -97,8 +99,6 @@ , withTimesyncd ? true , withTpm2Tss ? !stdenv.hostPlatform.isMusl , withUserDb ? !stdenv.hostPlatform.isMusl -, libfido2 -, p11-kit # name argument , pname ? "systemd" @@ -373,13 +373,13 @@ stdenv.mkDerivation { glib kmod libcap - libgcrypt libidn2 libuuid linuxHeaders pam ] + ++ lib.optional wantGcrypt libgcrypt ++ lib.optional withApparmor libapparmor ++ lib.optional wantCurl (lib.getDev curl) ++ lib.optionals withCompression [ bzip2 lz4 xz zstd ] @@ -418,7 +418,7 @@ stdenv.mkDerivation { # while we do not run tests we should also not build them. Removes about 600 targets "-Dtests=false" "-Danalyze=${lib.boolToString withAnalyze}" - "-Dgcrypt=${lib.boolToString (libgcrypt != null)}" + "-Dgcrypt=${lib.boolToString wantGcrypt}" "-Dimportd=${lib.boolToString withImportd}" "-Dlz4=${lib.boolToString withCompression}" "-Dhomed=${lib.boolToString withHomed}" diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 06857eb515a7a..c56a7ed533a62 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -23233,10 +23233,8 @@ with pkgs; withTpm2Tss = false; withUserDb = false; glib = null; - libgcrypt = null; + lvm2 = null; - libfido2 = null; - p11-kit = null; }; -- cgit 1.4.1 From 0c852e1fa6318bfc43b138832e6d42e40ed054e6 Mon Sep 17 00:00:00 2001 From: Andreas Rammhold Date: Sun, 12 Dec 2021 15:58:17 +0100 Subject: systemd: remove unused lvm2 input --- pkgs/os-specific/linux/systemd/default.nix | 1 - pkgs/top-level/all-packages.nix | 2 -- 2 files changed, 3 deletions(-) (limited to 'pkgs/os-specific/linux') diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index c1217510813b6..471ecf8683a49 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -29,7 +29,6 @@ # Optional dependencies , pam , cryptsetup -, lvm2 , audit , acl , lz4 diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index c56a7ed533a62..66ed930f0c9f3 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -23233,8 +23233,6 @@ with pkgs; withTpm2Tss = false; withUserDb = false; glib = null; - - lvm2 = null; }; -- cgit 1.4.1 From e6280a639759ff6343a9d63e83c0466f17281a68 Mon Sep 17 00:00:00 2001 From: Andreas Rammhold Date: Sun, 12 Dec 2021 15:59:20 +0100 Subject: systemd: introduce withTests flag This allows us to make test-only dependencies optional in builds that aren't running tests (sadly all of our builds). --- pkgs/os-specific/linux/systemd/default.nix | 8 ++++++-- pkgs/top-level/all-packages.nix | 1 - 2 files changed, 6 insertions(+), 3 deletions(-) (limited to 'pkgs/os-specific/linux') diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index 471ecf8683a49..6b075a29f6f02 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -15,6 +15,8 @@ , gperf , getent , glibcLocales + + # glib is only used during tests (test-bus-gvariant, test-bus-marshal) , glib , substituteAll , gettext @@ -98,6 +100,8 @@ , withTimesyncd ? true , withTpm2Tss ? !stdenv.hostPlatform.isMusl , withUserDb ? !stdenv.hostPlatform.isMusl + # tests assume too much system access for them to be feasible for us right now +, withTests ? false # name argument , pname ? "systemd" @@ -369,7 +373,6 @@ stdenv.mkDerivation { [ acl audit - glib kmod libcap libidn2 @@ -379,6 +382,7 @@ stdenv.mkDerivation { ] ++ lib.optional wantGcrypt libgcrypt + ++ lib.optional withTests glib ++ lib.optional withApparmor libapparmor ++ lib.optional wantCurl (lib.getDev curl) ++ lib.optionals withCompression [ bzip2 lz4 xz zstd ] @@ -413,7 +417,7 @@ stdenv.mkDerivation { "-Dsetfont-path=${kbd}/bin/setfont" "-Dtty-gid=3" # tty in NixOS has gid 3 "-Ddebug-shell=${bashInteractive}/bin/bash" - "-Dglib=${lib.boolToString (glib != null)}" + "-Dglib=${lib.boolToString withTests}" # while we do not run tests we should also not build them. Removes about 600 targets "-Dtests=false" "-Danalyze=${lib.boolToString withAnalyze}" diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 66ed930f0c9f3..976abf520c732 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -23232,7 +23232,6 @@ with pkgs; withTimesyncd = false; withTpm2Tss = false; withUserDb = false; - glib = null; }; -- cgit 1.4.1 From 49267a99d248c1666cae2621f311b25bccf9d7ac Mon Sep 17 00:00:00 2001 From: Andreas Rammhold Date: Fri, 31 Dec 2021 17:21:05 +0100 Subject: systemd: add the release timestamp into the build This helps systemd during runtime to make decisions about the sanity of the system clock. See the references news article for more details on the matter. --- pkgs/os-specific/linux/systemd/default.nix | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'pkgs/os-specific/linux') diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index 6b075a29f6f02..3030234b497e8 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -406,6 +406,14 @@ stdenv.mkDerivation { mesonFlags = [ "-Dversion-tag=${version}" + # We bump this variable on every (major) version change to ensure + # that we have known-good value for a timestamp that is in the (not so distant) past. + # This serves as a lower bound for valid system timestamps during startup. Systemd will + # reset the system timestamp if this date is +- 15 years from the system time. + # See the systemd v250 release notes for further details: + # https://github.com/systemd/systemd/blob/60e930fc3e6eb8a36fbc184773119eb8d2f30364/NEWS#L258-L266 + "-Dtime-epoch=${releaseTimestamp}" + "-Ddbuspolicydir=${placeholder "out"}/share/dbus-1/system.d" "-Ddbussessionservicedir=${placeholder "out"}/share/dbus-1/services" "-Ddbussystemservicedir=${placeholder "out"}/share/dbus-1/system-services" @@ -470,7 +478,6 @@ stdenv.mkDerivation { */ "-Dsystem-uid-max=999" "-Dsystem-gid-max=999" - # "-Dtime-epoch=1" "-Dsysvinit-path=" "-Dsysvrcnd-path=" -- cgit 1.4.1 From f592c5a7c484ab50f2be569c9a3c5c984b9e2a15 Mon Sep 17 00:00:00 2001 From: Jörg Thalheim Date: Mon, 24 Jan 2022 12:51:21 +0100 Subject: systemd: do not patch test files We do not run them, so it is unnecessary work. --- pkgs/os-specific/linux/systemd/default.nix | 22 +++------------------- 1 file changed, 3 insertions(+), 19 deletions(-) (limited to 'pkgs/os-specific/linux') diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index 3030234b497e8..8ae68d1808436 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -541,17 +541,6 @@ stdenv.mkDerivation { "src/analyze/test-verify.c" "src/test/test-env-file.c" "src/test/test-fileio.c" - "test/test-execute/exec-systemcallfilter-failing2.service" - "test/test-execute/exec-systemcallfilter-failing3.service" - "test/test-execute/exec-systemcallfilter-failing.service" - "test/testsuite-06.units/hola.service" - "test/udev-test.pl" - "test/units/hello.service" - "test/units/testsuite-07.sh" - "test/units/testsuite-15.sh" - "test/units/testsuite-17.05.sh" - "test/units/testsuite-40.sh" - "test/units/unstoppable.service" ]; } { @@ -565,11 +554,6 @@ stdenv.mkDerivation { replacement = "$out/lib/systemd/systemd-fsck"; where = [ "man/systemd-fsck@.service.xml" - "test/test-fstab-generator.sh" - "test/test-fstab-generator/test-12-dev-sdx.expected/systemd-fsck-root.service" - "test/test-fstab-generator/test-13-label.expected/systemd-fsck-root.service" - "test/test-fstab-generator/test-14-uuid.expected/systemd-fsck-root.service" - "test/test-fstab-generator/test-15-partuuid.expected/systemd-fsck-root.service" ]; } ] ++ lib.optionals withImportd [ @@ -599,9 +583,9 @@ stdenv.mkDerivation { map (path: "substituteInPlace ${path} --replace '${search}' \"${replacement}\"") where; mkEnsureSubstituted = { replacement, search, where }: '' - if [[ $(grep -r '${search}' | grep -v "${replacement}" | grep -v NEWS | wc -l) -gt 0 ]]; then - echo "Not all references to '${search}' have been replace. Found the following matches:" - grep '${search}' -r | grep -v "${replacement}" | grep -v NEWS + if [[ $(grep -r '${search}' | grep -v "${replacement}" | grep -Ev 'NEWS|^test/' | wc -l) -gt 0 ]]; then + echo "Not all references to '${search}' have been replaced. Found the following matches:" + grep '${search}' -r | grep -v "${replacement}" | grep -Ev 'NEWS|^test/' exit 1 fi ''; -- cgit 1.4.1 From f5c243d6c291671d256ec12a4c6805e9cb049565 Mon Sep 17 00:00:00 2001 From: Florian Klink Date: Sat, 5 Mar 2022 21:28:08 +0100 Subject: systemd: drop -Defi-ld=gold As reported in https://github.com/NixOS/nixpkgs/pull/156096#pullrequestreview-900986176, this fails to build on EFI enabled RISC-V because the requested EFI linker (efi-ld=gold) is unsupported. According to Wikipedia gold only supports x86, x86-64, ARM, PowerPC, TileGX. Removing this option alltogether will cause meson to figure out the default linker by itself. --- pkgs/os-specific/linux/systemd/default.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'pkgs/os-specific/linux') diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index 8ae68d1808436..eb92224e30d53 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -460,7 +460,6 @@ stdenv.mkDerivation { "-Dsmack=true" "-Db_pie=true" "-Dinstall-sysconfdir=false" - "-Defi-ld=gold" "-Dsbat-distro=nixos" "-Dsbat-distro-summary=NixOS" "-Dsbat-distro-url=https://nixos.org/" -- cgit 1.4.1 From 479b1cb510b13fe5a89e5aa228b2df60d8c464ed Mon Sep 17 00:00:00 2001 From: Alyssa Ross Date: Sun, 6 Mar 2022 00:58:59 +0000 Subject: systemd: fix a whole bunch of typos --- pkgs/os-specific/linux/systemd/default.nix | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'pkgs/os-specific/linux') diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index eb92224e30d53..eff7fd2327421 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -65,7 +65,7 @@ , libfido2 , p11-kit - # the (optional) BPF feature requires bpftool, libbpf, clang and llmv-strip to be avilable during build time. + # the (optional) BPF feature requires bpftool, libbpf, clang and llvm-strip to be available during build time. # Only libbpf should be a runtime dependency. , bpftools , libbpf @@ -176,7 +176,7 @@ stdenv.mkDerivation { # systemd. With the below patch we mitigate that effect by special casing # all our root unit dirs if they are symlinks. This does exactly what we # need (AFAICT). - # See https://github.com/systemd/systemd/pull/20479 for upsteam discussion. + # See https://github.com/systemd/systemd/pull/20479 for upstream discussion. ./0019-core-handle-lookup-paths-being-symlinks.patch ] ++ lib.optional stdenv.hostPlatform.isMusl ( let @@ -224,7 +224,7 @@ stdenv.mkDerivation { "find_program('${stdenv.cc.bintools.targetPrefix}objcopy'" '' + ( let - # The folllowing patches references to dynamic libraries to ensure that + # The following patches references to dynamic libraries to ensure that # all the features that are implemented via dlopen(3) are available (or # explicitly deactivated) by pointing dlopen to the absolute store path # instead of relying on the linkers runtime lookup code. @@ -280,7 +280,7 @@ stdenv.mkDerivation { { name = "libidn.so.12"; pkg = null; } { name = "libidn.so.11"; pkg = null; } - # journalctl --grep requires libpcre so lets provide it + # journalctl --grep requires libpcre so let's provide it { name = "libpcre2-8.so.0"; pkg = pcre2; } # Support for TPM2 in systemd-cryptsetup, systemd-repart and systemd-cryptenroll @@ -311,7 +311,7 @@ stdenv.mkDerivation { # exceptional case, details: # https://github.com/systemd/systemd-stable/blob/v249-stable/src/shared/tpm2-util.c#L157 if ! [[ "${library}" =~ .*libtss2-tcti-$ ]]; then - echo 'The shared library `${library}` does not exist but was given as subtitute for `${dl.name}`' + echo 'The shared library `${library}` does not exist but was given as substitute for `${dl.name}`' exit 1 fi fi -- cgit 1.4.1 From a0bfc8e7c1f2a138ea0453bb0502277e042afc06 Mon Sep 17 00:00:00 2001 From: Alyssa Ross Date: Sun, 6 Mar 2022 01:04:13 +0000 Subject: systemd: update patchShebangs comment We can't remove this yet even though we're on 250.3, because some more crept in and weren't fixed in time for the release. --- pkgs/os-specific/linux/systemd/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'pkgs/os-specific/linux') diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index eb92224e30d53..e27140b1f07fe 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -335,8 +335,8 @@ stdenv.mkDerivation { fi '' # Finally patch shebangs that might need patching. - # Should no longer be necessary with v250. - # https://github.com/systemd/systemd/pull/19638 + # Should no longer be necessary with v251. + # https://github.com/systemd/systemd/pull/21749 + '' patchShebangs . ''; -- cgit 1.4.1 From dc1303185f809382dc075d23e881f71b0794b826 Mon Sep 17 00:00:00 2001 From: Alyssa Ross Date: Sat, 5 Mar 2022 12:20:21 +0000 Subject: kmod: add dev and lib outputs Reduces the closure size of pkgsStatic.kmod from 51.0M to 541.6K. --- pkgs/os-specific/linux/kmod/default.nix | 2 ++ 1 file changed, 2 insertions(+) (limited to 'pkgs/os-specific/linux') diff --git a/pkgs/os-specific/linux/kmod/default.nix b/pkgs/os-specific/linux/kmod/default.nix index a1a1906ba9cea..0411bae2060c7 100644 --- a/pkgs/os-specific/linux/kmod/default.nix +++ b/pkgs/os-specific/linux/kmod/default.nix @@ -16,6 +16,8 @@ in stdenv.mkDerivation rec { sha256 = "0am54mi5rk72g5q7k6l6f36gw3r9vwgjmyna43ywcjhqmakyx00b"; }; + outputs = [ "out" "dev" "lib" ]; + nativeBuildInputs = [ autoreconfHook pkg-config libxslt ]; buildInputs = [ xz zstd ] ++ lib.optional stdenv.isDarwin elf-header; -- cgit 1.4.1 From fb079c3110d95867be383415e9ac41fd1520ab6f Mon Sep 17 00:00:00 2001 From: Alyssa Ross Date: Thu, 3 Mar 2022 13:04:49 +0000 Subject: linux.configfile: fix alts containing "/m" generate-config.pl's auto modules feature answers "m" to any Kconfig question it thinks supports being a module. It detected this by seeing if the help shown by make config (called "alts" by the script) contained the string "/m", which it would in the case of e.g a tristate option, where alts would be "N/m/y/?". But then along came CONFIG_MODPROBE_PATH in Linux 5.13, with a default value, shown in the make config help, of "/sbin/modprobe". generate-config.pl would see the "/m" substring, and answer "m" to the question, meaning (I think) that the built kernel would expect the modprobe binary to be at /m. This broke the (non-NixOS) VM images I build with Nix. NixOS was unaffected because it uses a different mechanism to set the modprobe path. With the current architecture, we can't 100% determine whether a Kconfig option is a string or a tristate, but we can get a lot closer by using a better regex. My new regex only accepts single word characters, separated by slashes, with a "/?" at the end. This is much less likely to ever end up as the default value of a string option. Tested by building linux_latest.configfile before and after my changes, and checking the only difference is the correct default for CONFIG_MODPROBE_PATH. --- pkgs/os-specific/linux/kernel/generate-config.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pkgs/os-specific/linux') diff --git a/pkgs/os-specific/linux/kernel/generate-config.pl b/pkgs/os-specific/linux/kernel/generate-config.pl index df807188f14f9..7e12ca5d96a95 100644 --- a/pkgs/os-specific/linux/kernel/generate-config.pl +++ b/pkgs/os-specific/linux/kernel/generate-config.pl @@ -81,7 +81,7 @@ sub runConfig { my $question = $1; my $name = $2; my $alts = $3; my $answer = ""; # Build everything as a module if possible. - $answer = "m" if $autoModules && $alts =~ /\/m/ && !($preferBuiltin && $alts =~ /Y/); + $answer = "m" if $autoModules && $alts =~ qr{\A(\w/)+m/(\w/)*\?\z} && !($preferBuiltin && $alts =~ /Y/); $answer = $answers{$name} if defined $answers{$name}; print STDERR "QUESTION: $question, NAME: $name, ALTS: $alts, ANSWER: $answer\n" if $debug; print OUT "$answer\n"; -- cgit 1.4.1 From f8be98b2cb58149b8f9789123743392b354d51a2 Mon Sep 17 00:00:00 2001 From: Alyssa Ross Date: Mon, 24 Jan 2022 12:53:19 +0000 Subject: cryptsetup: separate binaries from libraries This reduces closure sizes by making the libraries not depend on the binaries, which is good for dynamic builds, and (when statically linked) making the binaries not depend on the libraries, which is good for static builds. When static building, we additionally have to disable loading LUKS plugins from $lib to avoid a reference, which probably wouldn't have worked anyway. --- pkgs/os-specific/linux/cryptsetup/default.nix | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'pkgs/os-specific/linux') diff --git a/pkgs/os-specific/linux/cryptsetup/default.nix b/pkgs/os-specific/linux/cryptsetup/default.nix index a9bd508d16ecd..be819802394e5 100644 --- a/pkgs/os-specific/linux/cryptsetup/default.nix +++ b/pkgs/os-specific/linux/cryptsetup/default.nix @@ -5,7 +5,7 @@ stdenv.mkDerivation rec { pname = "cryptsetup"; version = "2.4.3"; - outputs = [ "out" "dev" "man" ]; + outputs = [ "bin" "out" "dev" "man" ]; separateDebugInfo = true; src = fetchurl { @@ -31,6 +31,12 @@ stdenv.mkDerivation rec { "--enable-cryptsetup-reencrypt" "--with-crypto_backend=openssl" "--disable-ssh-token" + ] ++ lib.optionals stdenv.hostPlatform.isStatic [ + "--disable-external-tokens" + # We have to override this even though we're removing token + # support, because the path still gets included in the binary even + # though it isn't used. + "--with-luks2-external-tokens-path=/" ]; nativeBuildInputs = [ pkg-config ]; -- cgit 1.4.1 From b8734c50e2942560be9ab5bb1da1b93ea55c8f93 Mon Sep 17 00:00:00 2001 From: Alyssa Ross Date: Sat, 5 Mar 2022 23:37:43 +0000 Subject: pkgsMusl.systemdMinimal: fix build Use latest patches from OpenEmbedded. pkgsMusl.systemd doesn't build yet because pkgsMusl.libnetfilter_conntrack is currently broken. --- pkgs/os-specific/linux/systemd/default.nix | 9 +++------ pkgs/os-specific/linux/systemd/musl.diff | 12 ------------ 2 files changed, 3 insertions(+), 18 deletions(-) delete mode 100644 pkgs/os-specific/linux/systemd/musl.diff (limited to 'pkgs/os-specific/linux') diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index 39679b317644c..fda8092ec98fb 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -181,8 +181,8 @@ stdenv.mkDerivation { ] ++ lib.optional stdenv.hostPlatform.isMusl ( let oe-core = fetchzip { - url = "https://git.openembedded.org/openembedded-core/snapshot/openembedded-core-14c6e5a4b72d0e4665279158a0740dd1dc21f72f.tar.bz2"; - sha256 = "1jixya4czkr5p5rdcw3d6ips8zzr82dvnanvzvgjh67730scflya"; + url = "https://git.openembedded.org/openembedded-core/snapshot/openembedded-core-7e35a575ef09a85e625a81e0b4d80b020e3e3a92.tar.bz2"; + sha256 = "0dvz4685nk0y7nnq3sr2q8ab3wfx0bi8ilwcgn0h6kagwcnav2n8"; }; musl-patches = oe-core + "/meta/recipes-core/systemd/systemd"; in @@ -191,7 +191,6 @@ stdenv.mkDerivation { (musl-patches + "/0003-missing_type.h-add-__compare_fn_t-and-comparison_fn_.patch") (musl-patches + "/0004-add-fallback-parse_printf_format-implementation.patch") (musl-patches + "/0005-src-basic-missing.h-check-for-missing-strndupa.patch") - (musl-patches + "/0006-Include-netinet-if_ether.h.patch") (musl-patches + "/0007-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch") (musl-patches + "/0008-add-missing-FTW_-macros-for-musl.patch") (musl-patches + "/0009-fix-missing-of-__register_atfork-for-non-glibc-build.patch") @@ -210,9 +209,7 @@ stdenv.mkDerivation { (musl-patches + "/0025-Handle-__cpu_mask-usage.patch") (musl-patches + "/0026-Handle-missing-gshadow.patch") (musl-patches + "/0028-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch") - - # Being discussed upstream: https://lists.openembedded.org/g/openembedded-core/topic/86411771#157056 - ./musl.diff + (musl-patches + "/0001-Adjust-for-musl-headers.patch") ] ); diff --git a/pkgs/os-specific/linux/systemd/musl.diff b/pkgs/os-specific/linux/systemd/musl.diff deleted file mode 100644 index cab135dd8fc53..0000000000000 --- a/pkgs/os-specific/linux/systemd/musl.diff +++ /dev/null @@ -1,12 +0,0 @@ -diff --git a/src/shared/mount-setup.c b/src/shared/mount-setup.c -index ef3527e..cc1ba23 100644 ---- a/src/shared/mount-setup.c -+++ b/src/shared/mount-setup.c -@@ -32,6 +32,7 @@ - #include "strv.h" - #include "user-util.h" - #include "virt.h" -+#include "missing_type.h" - - typedef enum MountMode { - MNT_NONE = 0, -- cgit 1.4.1 From 8d35d7e2bf15511da2207c8b667604e64aad9efc Mon Sep 17 00:00:00 2001 From: Alyssa Ross Date: Mon, 7 Mar 2022 23:58:05 +0000 Subject: shadow: 4.8.1 -> 4.8.11 --- pkgs/os-specific/linux/shadow/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'pkgs/os-specific/linux') diff --git a/pkgs/os-specific/linux/shadow/default.nix b/pkgs/os-specific/linux/shadow/default.nix index 2e4ae1649ea86..5537f9f6aacb0 100644 --- a/pkgs/os-specific/linux/shadow/default.nix +++ b/pkgs/os-specific/linux/shadow/default.nix @@ -19,13 +19,13 @@ in stdenv.mkDerivation rec { pname = "shadow"; - version = "4.8.1"; + version = "4.11.1"; src = fetchFromGitHub { owner = "shadow-maint"; repo = "shadow"; - rev = version; - sha256 = "13407r6qwss00504qy740jghb2dzd561la7dhp47rg8w3g8jarpn"; + rev = "v${version}"; + sha256 = "sha256-PxLX5V0t18JftT5wT41krNv18Ew7Kz3MfZkOi/80ODA="; }; buildInputs = lib.optional (pam != null && stdenv.isLinux) pam; -- cgit 1.4.1 From 0e3394758c5c12695e7be82aabb0ce907e4f0833 Mon Sep 17 00:00:00 2001 From: zowoq <59103226+zowoq@users.noreply.github.com> Date: Wed, 16 Mar 2022 17:47:19 +1000 Subject: libcap: 2.49 -> 2.63 https://sites.google.com/site/fullycapable/release-notes-for-libcap --- pkgs/os-specific/linux/libcap/default.nix | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) (limited to 'pkgs/os-specific/linux') diff --git a/pkgs/os-specific/linux/libcap/default.nix b/pkgs/os-specific/linux/libcap/default.nix index 2f12d2fea38c8..750e26313cfe9 100644 --- a/pkgs/os-specific/linux/libcap/default.nix +++ b/pkgs/os-specific/linux/libcap/default.nix @@ -1,4 +1,4 @@ -{ stdenv, lib, buildPackages, fetchurl, attr, perl, runtimeShell +{ stdenv, lib, buildPackages, fetchurl, attr, runtimeShell , usePam ? !isStatic, pam ? null , isStatic ? stdenv.hostPlatform.isStatic }: @@ -7,18 +7,17 @@ assert usePam -> pam != null; stdenv.mkDerivation rec { pname = "libcap"; - version = "2.49"; + version = "2.63"; src = fetchurl { url = "mirror://kernel/linux/libs/security/linux-privs/libcap2/${pname}-${version}.tar.xz"; - sha256 = "sha256-6YvE2TZFCC7Hh3MLD9GnErOIgkZcUFd33hfDOIMe4YE="; + sha256 = "sha256-DGN7j0T8fYYneH6c9X8VrAbB3cy1PkH+7FSWvjRm938="; }; outputs = [ "out" "dev" "lib" "man" "doc" ] ++ lib.optional usePam "pam"; depsBuildBuild = [ buildPackages.stdenv.cc ]; - nativeBuildInputs = [ perl ]; buildInputs = lib.optional usePam pam; @@ -31,7 +30,9 @@ stdenv.mkDerivation rec { "CC:=$(CC)" ] ++ lib.optional isStatic "SHARED=no"; - prePatch = '' + postPatch = '' + patchShebangs ./progs/mkcapshdoc.sh + # use full path to bash substituteInPlace progs/capsh.c --replace "/bin/bash" "${runtimeShell}" -- cgit 1.4.1 From 8d7d5fdbdc756d208799b2b2bb5da7e0301e6fcb Mon Sep 17 00:00:00 2001 From: linj Date: Thu, 17 Mar 2022 17:45:40 +0800 Subject: linux: enable TASKSTATS, TASK_XACCT, TASK_DELAY_ACCT and TASK_IO_ACCOUNTING iotop needs TASKSTATS, TASK_DELAY_ACCT, TASK_XACCT and TASK_IO_ACCOUNTING to work. For x86_64, all these options are enabled by upstream[1]. For aarch64, however, only TASK_XACCT and TASK_IO_ACCOUNTING are enabled by upstream[2]. This patch enables all these four options for aarch64, which have been enabled by many other distributions, e.g. debian[3], fedora[4], rhel[5] and gentoo[6]. I tried to only enable TASKSTATS and TASK_DELAY_ACCT since the other two options are enabled by upstream, but it turns out that it's necessary to explicitly enable all four options. I do not figure out the reason though. Additionally, given that debian enables these four options for all arch[3], I think it's safe for us to do the same thing. [1]: https://github.com/torvalds/linux/blob/56e337f2cf1326323844927a04e9dbce9a244835/arch/x86/configs/x86_64_defconfig#L8-L11 [2]: https://github.com/torvalds/linux/blob/56e337f2cf1326323844927a04e9dbce9a244835/arch/arm64/configs/defconfig#L10-L11 [3]: https://salsa.debian.org/kernel-team/linux/-/blob/da6ddc7d8f1a95980d9a1c499fe58066cfe1986b/debian/config/config#L6356-6359 [4]: https://src.fedoraproject.org/rpms/kernel/blob/rawhide/f/kernel-aarch64-fedora.config#_7398 [5]: https://src.fedoraproject.org/rpms/kernel/blob/rawhide/f/kernel-aarch64-rhel.config#_5885 [6]: https://github.com/gentoo/gentoo/blob/b839fccce25d49df2fcfe5ed184b557796b0d6bd/sys-kernel/gentoo-kernel/gentoo-kernel-5.15.29.ebuild#L27 --- pkgs/os-specific/linux/kernel/common-config.nix | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'pkgs/os-specific/linux') diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix index 068aedf31213a..8b2b212adfb32 100644 --- a/pkgs/os-specific/linux/kernel/common-config.nix +++ b/pkgs/os-specific/linux/kernel/common-config.nix @@ -906,6 +906,11 @@ let ANDROID_BINDER_IPC = { optional = true; tristate = whenAtLeast "5.0" "y";}; ANDROID_BINDERFS = { optional = true; tristate = whenAtLeast "5.0" "y";}; ANDROID_BINDER_DEVICES = { optional = true; freeform = whenAtLeast "5.0" "binder,hwbinder,vndbinder";}; + + TASKSTATS = yes; + TASK_DELAY_ACCT = yes; + TASK_XACCT = yes; + TASK_IO_ACCOUNTING = yes; } // optionalAttrs (stdenv.hostPlatform.system == "x86_64-linux" || stdenv.hostPlatform.system == "aarch64-linux") { # Enable CPU/memory hotplug support # Allows you to dynamically add & remove CPUs/memory to a VM client running NixOS without requiring a reboot -- cgit 1.4.1 From 75a612b110549757bcaad36054893b3d34bbb668 Mon Sep 17 00:00:00 2001 From: Maxine Aubrey Date: Fri, 18 Mar 2022 16:30:26 +0100 Subject: ell: 0.46 -> 0.49 --- pkgs/os-specific/linux/ell/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'pkgs/os-specific/linux') diff --git a/pkgs/os-specific/linux/ell/default.nix b/pkgs/os-specific/linux/ell/default.nix index aa8e3f15aab27..d79201cc4cd18 100644 --- a/pkgs/os-specific/linux/ell/default.nix +++ b/pkgs/os-specific/linux/ell/default.nix @@ -7,14 +7,14 @@ stdenv.mkDerivation rec { pname = "ell"; - version = "0.46"; + version = "0.49"; outputs = [ "out" "dev" ]; src = fetchgit { url = "https://git.kernel.org/pub/scm/libs/ell/ell.git"; rev = version; - sha256 = "sha256-Am1PNFFfSzII4Iaeq0wgfuVHSeMDjiDzYkNQWlnEHJY="; + sha256 = "sha256-/5ivelqRDvJuPVJqMs27VJUIq7/Dw6ROt/cmjSo309s="; }; nativeBuildInputs = [ -- cgit 1.4.1 From cbf0cefbd705fb4eb5c9b11bf80f9ebe249cf66c Mon Sep 17 00:00:00 2001 From: Maxine Aubrey Date: Fri, 18 Mar 2022 16:30:37 +0100 Subject: iwd: 1.20 -> 1.25 --- pkgs/os-specific/linux/iwd/default.nix | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'pkgs/os-specific/linux') diff --git a/pkgs/os-specific/linux/iwd/default.nix b/pkgs/os-specific/linux/iwd/default.nix index 72ecaffe5f50f..19f4301ff537b 100644 --- a/pkgs/os-specific/linux/iwd/default.nix +++ b/pkgs/os-specific/linux/iwd/default.nix @@ -12,12 +12,12 @@ stdenv.mkDerivation rec { pname = "iwd"; - version = "1.20"; + version = "1.25"; src = fetchgit { url = "https://git.kernel.org/pub/scm/network/wireless/iwd.git"; rev = version; - sha256 = "sha256-GcqmMqrZSgvSrsY8FJbPynNWTzSi5A6kmyq+xJ+2i3Y="; + sha256 = "sha256-3IiRuILU2FKzXAQ0Q79DX2+nlNMcHNanS8m9GqjBBnU="; }; outputs = [ "out" "man" "doc" ] @@ -59,6 +59,7 @@ stdenv.mkDerivation rec { postUnpack = '' mkdir -p iwd/ell ln -s ${ell.src}/ell/useful.h iwd/ell/useful.h + ln -s ${ell.src}/ell/asn1-private.h iwd/ell/asn1-private.h patchShebangs . ''; -- cgit 1.4.1 From 35e2c61dfd57be97b3df2c8de76d959a7908e1ad Mon Sep 17 00:00:00 2001 From: Sergei Trofimovich Date: Wed, 23 Mar 2022 08:04:28 +0000 Subject: systemd: 250.3 -> 250.4 Among other things fixes build failure on linux-headers-5.17: ../src/basic/meson.build:389:8: ERROR: Problem encountered: found unknown filesystem(s) defined in kernel headers: Filesystem found in kernel header but not in filesystems-gperf.gperf: CIFS_SUPER_MAGIC Filesystem found in kernel header but not in filesystems-gperf.gperf: SMB2_SUPER_MAGIC --- pkgs/os-specific/linux/systemd/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'pkgs/os-specific/linux') diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index fda8092ec98fb..691b4587fa1f4 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -127,7 +127,7 @@ assert withCryptsetup -> (cryptsetup != null); let wantCurl = withRemote || withImportd; wantGcrypt = withResolved || withImportd; - version = "250.3"; + version = "250.4"; # Bump this variable on every (major) version change. See below (in the meson options list) for why. # command: @@ -144,7 +144,7 @@ stdenv.mkDerivation { owner = "systemd"; repo = "systemd-stable"; rev = "v${version}"; - sha256 = "sha256-O1XE0BhIuDAlFVX7WIy02M9YTIxLX0Q8atJAYsUgQDQ="; + sha256 = "sha256-AdzPh7dGVrGbbjL9+PqytQOpRzNDUUEftmKZAbFH3L4="; }; # On major changes, or when otherwise required, you *must* reformat the patches, -- cgit 1.4.1 From 39eee39fd9212d81387e4429223fbb8a7ef168b7 Mon Sep 17 00:00:00 2001 From: Alyssa Ross Date: Fri, 25 Mar 2022 12:08:07 +0000 Subject: pkgsMusl.systemd: fix build for 250.4 --- pkgs/os-specific/linux/systemd/default.nix | 2 ++ 1 file changed, 2 insertions(+) (limited to 'pkgs/os-specific/linux') diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index 691b4587fa1f4..fbdc7d6ff4dc9 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -209,6 +209,8 @@ stdenv.mkDerivation { (musl-patches + "/0025-Handle-__cpu_mask-usage.patch") (musl-patches + "/0026-Handle-missing-gshadow.patch") (musl-patches + "/0028-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch") + (musl-patches + "/0001-pass-correct-parameters-to-getdents64.patch") + (musl-patches + "/0002-Add-sys-stat.h-for-S_IFDIR.patch") (musl-patches + "/0001-Adjust-for-musl-headers.patch") ] ); -- cgit 1.4.1