From 058f36aae7053dcbf4e2f06303b599e208863f3d Mon Sep 17 00:00:00 2001 From: Thomas Tuegel Date: Mon, 27 Jul 2015 13:50:39 -0500 Subject: [PATCH 01/44] quassel: add optional KF5 features Also fixes conditional dependencies so that TLS is enabled. --- .../networking/irc/quassel/default.nix | 55 +++++++++++-------- pkgs/top-level/all-packages.nix | 18 ++++++ 2 files changed, 50 insertions(+), 23 deletions(-) diff --git a/pkgs/applications/networking/irc/quassel/default.nix b/pkgs/applications/networking/irc/quassel/default.nix index a8bd2e801b9..c1944cf6d0d 100644 --- a/pkgs/applications/networking/irc/quassel/default.nix +++ b/pkgs/applications/networking/irc/quassel/default.nix @@ -1,20 +1,27 @@ { monolithic ? true # build monolithic Quassel , daemon ? false # build Quassel daemon , client ? false # build Quassel client -, withKDE ? stdenv.isLinux # enable KDE integration , previews ? false # enable webpage previews on hovering over URLs , tag ? "" # tag added to the package name -, kdelibs ? null # optional -, useQt5 ? false -, phonon_qt5, libdbusmenu_qt5 -, stdenv, fetchurl, cmake, makeWrapper, qt, automoc4, phonon, dconf, qca2, qca-qt5 }: +, useQt5 ? false, phonon_qt5, libdbusmenu_qt5, qca-qt5 +, withKDE ? stdenv.isLinux # enable KDE integration +, kf5 ? null, kdelibs ? null +, stdenv, fetchurl, cmake, makeWrapper, qt, automoc4, phonon, dconf, qca2 }: + +let useKF5 = useQt5 && withKDE; + useKDE4 = withKDE && !useQt5; + buildClient = monolithic || client; + buildCore = monolithic || daemon; +in assert stdenv.isLinux; assert monolithic -> !client && !daemon; assert client || daemon -> !monolithic; -assert withKDE -> kdelibs != null; +assert useKDE4 -> kdelibs != null; +assert useKF5 -> kf5 != null; +assert !buildClient -> !withKDE; # KDE is used by the client only let edf = flag: feature: [("-D" + feature + (if flag then "=ON" else "=OFF"))]; @@ -31,15 +38,21 @@ in with stdenv; mkDerivation rec { enableParallelBuilding = true; - buildInputs = [ cmake makeWrapper ] - ++ (if useQt5 then [ qt.base qca-qt5 ] else [ qt qca2 ]) - ++ (if useQt5 && (monolithic || daemon) then [ qt.script ] else []) - ++ (if useQt5 && previews then [ qt.webkit qt.webkitwidgets ] else []) - ++ lib.optional withKDE kdelibs - ++ lib.optional withKDE automoc4 - ++ lib.optional withKDE phonon - ++ lib.optional useQt5 phonon_qt5 - ++ lib.optional useQt5 libdbusmenu_qt5; + buildInputs = + [ cmake makeWrapper ] + ++ [(if useQt5 then qt.base else qt)] + ++ lib.optionals buildCore (if useQt5 then [qt.script qca-qt5] else [qca2]) + ++ lib.optionals buildClient + ( lib.optionals (previews && useQt5) [qt.webkit qt.webkitwidgets] + ++ lib.optionals useQt5 [libdbusmenu_qt5 phonon_qt5] + ++ lib.optionals useKDE4 [automoc4 kdelibs phonon] + ++ lib.optionals useKF5 + (with kf5; [ + extra-cmake-modules kconfigwidgets kcoreaddons + knotifications knotifyconfig ktextwidgets kwidgetsaddons + kxmlgui + ]) + ); cmakeFlags = [ "-DEMBED_DATA=OFF" @@ -52,24 +65,20 @@ in with stdenv; mkDerivation rec { ++ edf useQt5 "USE_QT5"; preFixup = - lib.optionalString client '' - wrapProgram "$out/bin/quasselclient" \ - --prefix GIO_EXTRA_MODULES : "${dconf}/lib/gio/modules" - '' + - lib.optionalString monolithic '' - wrapProgram "$out/bin/quassel" \ + lib.optionalString buildClient '' + wrapProgram "$out/bin/quassel${lib.optionalString client "client"}" \ --prefix GIO_EXTRA_MODULES : "${dconf}/lib/gio/modules" ''; meta = with stdenv.lib; { homepage = http://quassel-irc.org/; - description = "Qt4/KDE4/Qt5 distributed IRC client suppporting a remote daemon"; + description = "Qt/KDE distributed IRC client suppporting a remote daemon"; longDescription = '' Quassel IRC is a cross-platform, distributed IRC client, meaning that one (or multiple) client(s) can attach to and detach from a central core -- much like the popular combination of screen and a text-based IRC client such - as WeeChat, but graphical (based on Qt4/KDE4 or Qt5). + as WeeChat, but graphical (based on Qt4/KDE4 or Qt5/KF5). ''; license = stdenv.lib.licenses.gpl3; maintainers = with maintainers; [ phreedom ttuegel ]; diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 3e15e7b65c3..f1cb181fca8 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -12453,6 +12453,24 @@ let tag = "-daemon-qt5"; }; + quassel_kf5 = callPackage ../applications/networking/irc/quassel { + monolithic = true; + daemon = false; + client = false; + withKDE = true; + useQt5 = true; + qt = qt5; + kf5 = kf510; + dconf = gnome3.dconf; + tag = "-kf5"; + }; + + quasselClient_kf5 = quassel_kf5.override { + monolithic = false; + client = true; + tag = "-client-kf5"; + }; + quirc = callPackage ../tools/graphics/quirc {}; quodlibet = callPackage ../applications/audio/quodlibet { From 2152fd7f1e8b0528b574436bf95d711454e16d05 Mon Sep 17 00:00:00 2001 From: Vincent Laporte Date: Wed, 29 Jul 2015 19:43:50 +0200 Subject: [PATCH 02/44] mupdf: 1.7 -> 1.7a --- pkgs/applications/misc/mupdf/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/misc/mupdf/default.nix b/pkgs/applications/misc/mupdf/default.nix index 9b39f1c3c38..c988d171327 100644 --- a/pkgs/applications/misc/mupdf/default.nix +++ b/pkgs/applications/misc/mupdf/default.nix @@ -2,12 +2,12 @@ , libX11, libXext }: stdenv.mkDerivation rec { - version = "1.7"; + version = "1.7a"; name = "mupdf-${version}"; src = fetchurl { url = "http://mupdf.com/download/archive/${name}-source.tar.gz"; - sha256 = "0hjn1ywxhblqgj63qkp8x7qqjnwsgid3viw8az5i2i26dijmrgfh"; + sha256 = "073xq6kczq331awycvznpc49b22idqzdlw4g9254zi0z07x5y0wc"; }; buildInputs = [ pkgconfig zlib freetype libjpeg jbig2dec openjpeg libX11 libXext ]; From 219debbedd1609b6365bac1e381fdf55606cbbf6 Mon Sep 17 00:00:00 2001 From: AndersonTorres Date: Wed, 29 Jul 2015 18:36:02 -0300 Subject: [PATCH 03/44] cmatrix: init at 1.2a --- pkgs/applications/misc/cmatrix/default.nix | 27 ++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 2 files changed, 29 insertions(+) create mode 100644 pkgs/applications/misc/cmatrix/default.nix diff --git a/pkgs/applications/misc/cmatrix/default.nix b/pkgs/applications/misc/cmatrix/default.nix new file mode 100644 index 00000000000..c7a76ef00a6 --- /dev/null +++ b/pkgs/applications/misc/cmatrix/default.nix @@ -0,0 +1,27 @@ +{ stdenv, fetchurl, pkgconfig, ncurses }: + +let + version = "1.2a"; +in with stdenv.lib; +stdenv.mkDerivation rec { + + name = "cmatrix-${version}"; + + src = fetchurl{ + url = "http://www.asty.org/cmatrix/dist/${name}.tar.gz"; + sha256 = "0k06fw2n8nzp1pcdynhajp5prba03gfgsbj91bknyjr5xb5fd9hz"; + }; + + buildInputs = [ pkgconfig ncurses ]; + + meta = { + description = "Simulates the falling characters theme from The Matrix movie"; + longDescription = '' + CMatrix simulates the display from "The Matrix" and is based + on the screensaver from the movie's website. + ''; + homepage = http://www.asty.org/cmatrix/; + platforms = ncurses.meta.platforms; + maintainers = [ maintainers.AndersonTorres ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index ada3e3bd1f7..506c36d78a5 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -10723,6 +10723,8 @@ let clipit = callPackage ../applications/misc/clipit { }; + cmatrix = callPackage ../applications/misc/cmatrix { }; + bomi = callPackage ../applications/video/bomi { stdenv = overrideCC stdenv gcc49; pulseSupport = config.pulseaudio or true; From 752bbdbfbc5af9f3ed4dedf136a3bf7b411f3e51 Mon Sep 17 00:00:00 2001 From: AndersonTorres Date: Wed, 29 Jul 2015 09:51:15 -0300 Subject: [PATCH 04/44] PPSSPP: 0.9.9.1 -> 1.1.0 Changing SDL to version 2. --- pkgs/misc/emulators/ppsspp/default.nix | 18 +++++++++++------- pkgs/top-level/all-packages.nix | 2 +- 2 files changed, 12 insertions(+), 8 deletions(-) diff --git a/pkgs/misc/emulators/ppsspp/default.nix b/pkgs/misc/emulators/ppsspp/default.nix index 732500be0fc..439566de0ca 100644 --- a/pkgs/misc/emulators/ppsspp/default.nix +++ b/pkgs/misc/emulators/ppsspp/default.nix @@ -2,17 +2,21 @@ , withGamepads ? true, SDL # SDL is used for gamepad functionality }: +assert withGamepads -> (SDL != null); + let - version = "0.9.9.1"; + version = "1.1.0"; fstat = x: fn: "-D" + fn + "=" + (if x then "ON" else "OFF"); -in stdenv.mkDerivation { +in +with stdenv.lib; +stdenv.mkDerivation rec{ name = "PPSSPP-${version}"; src = fetchgit { url = "https://github.com/hrydgard/ppsspp.git"; - sha256 = "0fdbda0b4dfbecacd01850f1767e980281fed4cc34a21df26ab3259242d8c352"; - rev = "bf709790c4fed9cd211f755acaa650ace0f7555a"; + rev = "8c8e5de89d52b8bcb968227d96cbf049d04d1241"; fetchSubmodules = true; + sha256 = "71dfa0be045f31969b1d6ab4f1adf6a208f9ef4834d708bc7bf6d9195efb5f80"; }; buildInputs = [ zlib libpng pkgconfig qt4 ] @@ -21,11 +25,11 @@ in stdenv.mkDerivation { configurePhase = "cd Qt && qmake PPSSPPQt.pro"; installPhase = "mkdir -p $out/bin && cp ppsspp $out/bin"; - meta = with stdenv.lib; { + meta = { homepage = "http://www.ppsspp.org/"; description = "A PSP emulator, the Qt4 version"; license = licenses.gpl2Plus; - maintainers = [ maintainers.fuuzetsu ]; + maintainers = [ maintainers.fuuzetsu maintainers.AndersonTorres ]; platforms = platforms.linux ++ platforms.darwin ++ platforms.cygwin; }; -} \ No newline at end of file +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index ada3e3bd1f7..856b845dd57 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -14616,7 +14616,7 @@ let polytable = callPackage ../tools/typesetting/tex/polytable { }; - PPSSPP = callPackage ../misc/emulators/ppsspp { }; + PPSSPP = callPackage ../misc/emulators/ppsspp { SDL = SDL2; }; uae = callPackage ../misc/emulators/uae { }; From ad686d3762ceaae90038097741d8fce9fe9773fa Mon Sep 17 00:00:00 2001 From: Oliver Dunkl Date: Thu, 30 Jul 2015 11:38:41 +0200 Subject: [PATCH 05/44] Add odi to list of maintainers --- lib/maintainers.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/maintainers.nix b/lib/maintainers.nix index b0a08cfd619..f4cd203e41d 100644 --- a/lib/maintainers.nix +++ b/lib/maintainers.nix @@ -177,6 +177,7 @@ nslqqq = "Nikita Mikhailov "; obadz = "obadz "; ocharles = "Oliver Charles "; + odi = "Oliver Dunkl "; offline = "Jaka Hudoklin "; olcai = "Erik Timan "; orbitz = "Malcolm Matalka "; From 8b71698c0728647b1cdf9bb6fbc0c5bd803e2701 Mon Sep 17 00:00:00 2001 From: Oliver Dunkl Date: Thu, 30 Jul 2015 11:39:28 +0200 Subject: [PATCH 06/44] python-packages: pafy init version 0.3.74 --- pkgs/top-level/python-packages.nix | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index e760380132f..d8f05132d95 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -16790,4 +16790,24 @@ let maintainers = with maintainers; [ kamilchm ]; }; }; + + pafy = buildPythonPackage rec { + name = "pafy-${version}"; + version = "0.3.74"; + + src = pkgs.fetchurl { + url = "https://pypi.python.org/packages/source/p/pafy/${name}.tar.gz"; + md5 = "fbf0e7f85914eaf35f87837232eec09c"; + }; + + propagatedBuildInputs = with self; [ youtube-dl ]; + + meta = with stdenv.lib; { + description = "A library to download YouTube content and retrieve metadata"; + homepage = http://np1.github.io/pafy/; + license = licenses.lgpl3Plus; + maintainers = with maintainers; [ odi ]; + }; + }; + }; in pythonPackages From 2a31397f536b3bf57e4ee76b812fd83ab31de971 Mon Sep 17 00:00:00 2001 From: Spencer Janssen Date: Thu, 30 Jul 2015 16:29:38 -0500 Subject: [PATCH 07/44] stage-1: fix typo that breaks resume $d should be $sd, this causes resume from hibernate to fail if resumeDevice is not explicitly set in config. Introduced in commit: 'stage-1: Shut up warnings about swap devices that don't exist yet' --- nixos/modules/system/boot/stage-1-init.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/modules/system/boot/stage-1-init.sh b/nixos/modules/system/boot/stage-1-init.sh index 26cf7f06c9e..480bbfa2b07 100644 --- a/nixos/modules/system/boot/stage-1-init.sh +++ b/nixos/modules/system/boot/stage-1-init.sh @@ -184,7 +184,7 @@ if test -e /sys/power/resume -a -e /sys/power/disk; then # https://bugs.launchpad.net/ubuntu/+source/pm-utils/+bug/923326/comments/1 # when there are multiple swap devices, we can't know where the hibernate # image will reside. We can check all of them for swsuspend blkid. - resumeInfo="$(test -e "$d" && udevadm info -q property "$sd")" + resumeInfo="$(test -e "$sd" && udevadm info -q property "$sd")" if [ "$(echo "$resumeInfo" | sed -n 's/^ID_FS_TYPE=//p')" = "swsuspend" ]; then resumeDev="$sd" break From 6c1d408b47cc030edcec7a05d19aa2906382d7dc Mon Sep 17 00:00:00 2001 From: John Wiegley Date: Thu, 30 Jul 2015 16:20:04 -0700 Subject: [PATCH 08/44] bup: Patch to work on Darwin 10.10 --- pkgs/tools/backup/bup/default.nix | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/pkgs/tools/backup/bup/default.nix b/pkgs/tools/backup/bup/default.nix index 1964f01b077..b4efe9fb441 100644 --- a/pkgs/tools/backup/bup/default.nix +++ b/pkgs/tools/backup/bup/default.nix @@ -1,5 +1,5 @@ -{ stdenv, fetchzip, python, pyxattr, pylibacl, setuptools, fuse, git, perl, pandoc, makeWrapper -, par2cmdline, par2Support ? false }: +{ stdenv, fetchzip, fetchurl, python, pyxattr, pylibacl, setuptools +, fuse, git, perl, pandoc, makeWrapper, par2cmdline, par2Support ? false }: assert par2Support -> par2cmdline != null; @@ -7,7 +7,7 @@ let version = "0.26"; in with stdenv.lib; -stdenv.mkDerivation { +stdenv.mkDerivation rec { name = "bup-${version}"; src = fetchzip { @@ -18,12 +18,19 @@ stdenv.mkDerivation { buildInputs = [ python git ]; nativeBuildInputs = [ pandoc perl makeWrapper ]; - patchPhase = '' + darwin_10_10_patch = fetchurl { + url = "https://github.com/bup/bup/commit/75d089e7cdb7a7eb4d69c352f56dad5ad3aa1f97.diff"; + sha256 = "05kp47p30a45ip0fg090vijvzc7ijr0alc3y8kjl6bvv3gliails"; + }; + + postPatch = '' patchShebangs . substituteInPlace Makefile --replace "-Werror" "" substituteInPlace Makefile --replace "./format-subst.pl" "perl ./format-subst.pl" '' + optionalString par2Support '' substituteInPlace cmd/fsck-cmd.py --replace "['par2'" "['${par2cmdline}/bin/par2'" + '' + optionalString (elem stdenv.system platforms.darwin) '' + patch -p1 < ${darwin_10_10_patch} ''; dontAddPrefix = true; From 23562aad59048e8e1202e618fcf402079f1593b8 Mon Sep 17 00:00:00 2001 From: John Wiegley Date: Thu, 30 Jul 2015 16:21:39 -0700 Subject: [PATCH 09/44] Revert "emacs: Update Mac Port Emacs to 24.5-mac-5.9" This reverts commit 5c896e5511608592b94960c5c419f70dadc5b527, which was a set of local changes unrelated to the commit title. --- .../haskell-modules/configuration-common.nix | 2 -- pkgs/development/haskell-modules/hackage-packages.nix | 2 +- pkgs/servers/x11/xorg/overrides.nix | 10 +++++----- 3 files changed, 6 insertions(+), 8 deletions(-) diff --git a/pkgs/development/haskell-modules/configuration-common.nix b/pkgs/development/haskell-modules/configuration-common.nix index 30c5912a5a8..5260d508ab1 100644 --- a/pkgs/development/haskell-modules/configuration-common.nix +++ b/pkgs/development/haskell-modules/configuration-common.nix @@ -21,8 +21,6 @@ self: super: { options = dontCheck super.options; statistics = dontCheck super.statistics; text = dontCheck super.text; - c2hs = dontCheck super.c2hs; - mockery = dontCheck super.mockery; # The package doesn't compile with ruby 1.9, which is our default at the moment. hruby = super.hruby.override { ruby = pkgs.ruby_2_1; }; diff --git a/pkgs/development/haskell-modules/hackage-packages.nix b/pkgs/development/haskell-modules/hackage-packages.nix index 622ebfa7473..ba7bc517aa7 100644 --- a/pkgs/development/haskell-modules/hackage-packages.nix +++ b/pkgs/development/haskell-modules/hackage-packages.nix @@ -54313,7 +54313,7 @@ self: { yesod-static ]; buildTools = [ - curl git gnupg openssh perl rsync wget which + bup curl git gnupg lsof openssh perl rsync wget which ]; configureFlags = [ "-fassistant" "-fproduction" ]; preConfigure = "export HOME=$TEMPDIR"; diff --git a/pkgs/servers/x11/xorg/overrides.nix b/pkgs/servers/x11/xorg/overrides.nix index a43fb6d7706..336ae652628 100644 --- a/pkgs/servers/x11/xorg/overrides.nix +++ b/pkgs/servers/x11/xorg/overrides.nix @@ -79,9 +79,9 @@ in nativeBuildInputs = [ args.python ]; }; - # libxkbfile = attrs: attrs // { - # patches = lib.optional stdenv.cc.isClang ./libxkbfile-clang36.patch; - # }; + libxkbfile = attrs: attrs // { + patches = lib.optional stdenv.cc.isClang ./libxkbfile-clang36.patch; + }; libpciaccess = attrs : attrs // { patches = [ ./libpciaccess-apple.patch ]; @@ -285,9 +285,9 @@ in dmxproto /*libdmx not used*/ xf86vidmodeproto recordproto libXext pixman libXfont damageproto xcmiscproto bigreqsproto - inputproto xextproto randrproto renderproto presentproto + libpciaccess inputproto xextproto randrproto renderproto presentproto dri2proto dri3proto kbproto xineramaproto resourceproto scrnsaverproto videoproto - ] ++ lib.optional (!isDarwin) libpciaccess; + ]; commonPatches = [ ./xorgserver-xkbcomp-path.patch ] ++ lib.optional isDarwin ./fix-clang.patch; # XQuartz requires two compilations: the first to get X / XQuartz, From 55932c1beca26c7b5b7c259d95f6eb80644150a7 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 31 Jul 2015 01:30:15 +0200 Subject: [PATCH 10/44] Don't statically depend on cacert for certificates This reverts commit cd52c044568bdf1108428698048a9af92dc0b625 and others. Managing certificates (including revoking certificates and adding custom certificates) becomes extremely painful if every package in the system potentially depends on a different copy of cacert. Also, it makes updating cacert rather expensive. --- pkgs/applications/graphics/shotwell/default.nix | 6 +++--- pkgs/applications/networking/browsers/vimb/default.nix | 7 +------ .../networking/browsers/vimprobable2/default.nix | 7 +------ .../networking/cluster/panamax/api/default.nix | 4 ++-- .../networking/instant-messengers/fuze/default.nix | 4 ++-- .../instant-messengers/telepathy/gabble/default.nix | 4 ++-- pkgs/applications/networking/irc/weechat/default.nix | 6 +++--- pkgs/applications/version-management/bazaar/default.nix | 5 ++--- pkgs/applications/version-management/mercurial/default.nix | 5 ++--- pkgs/desktops/gnome-3/3.16/core/gnome-keyring/default.nix | 4 ++-- pkgs/desktops/gnome-3/3.16/core/rest/default.nix | 4 ++-- pkgs/development/interpreters/elixir/default.nix | 6 +++--- pkgs/development/libraries/glib-networking/default.nix | 4 ++-- pkgs/servers/mail/opensmtpd/default.nix | 2 +- pkgs/tools/misc/pipelight/pipelight.patch | 4 ++-- pkgs/tools/networking/aria2/default.nix | 6 ++---- pkgs/tools/security/prey/default.nix | 5 ++--- 17 files changed, 34 insertions(+), 49 deletions(-) diff --git a/pkgs/applications/graphics/shotwell/default.nix b/pkgs/applications/graphics/shotwell/default.nix index 2b25f8d41f6..052ba9402be 100644 --- a/pkgs/applications/graphics/shotwell/default.nix +++ b/pkgs/applications/graphics/shotwell/default.nix @@ -1,7 +1,7 @@ { fetchurl, stdenv, m4, glibc, gtk3, libexif, libgphoto2, libsoup, libxml2, vala, sqlite , webkitgtk24x, pkgconfig, gnome3, gst_all_1, which, udev, libraw, glib, json_glib , gettext, desktop_file_utils, lcms2, gdk_pixbuf, librsvg, makeWrapper -, gnome_doc_utils, hicolor_icon_theme, cacert }: +, gnome_doc_utils, hicolor_icon_theme }: # for dependencies see http://www.yorba.org/projects/shotwell/install/ @@ -15,9 +15,9 @@ stdenv.mkDerivation rec { }; NIX_CFLAGS_COMPILE = "-I${glib}/include/glib-2.0 -I${glib}/lib/glib-2.0/include"; - + configureFlags = [ "--disable-gsettings-convert-install" ]; - + preConfigure = '' patchShebangs . ''; diff --git a/pkgs/applications/networking/browsers/vimb/default.nix b/pkgs/applications/networking/browsers/vimb/default.nix index 3222e87ac65..84a2870b6d0 100644 --- a/pkgs/applications/networking/browsers/vimb/default.nix +++ b/pkgs/applications/networking/browsers/vimb/default.nix @@ -1,5 +1,5 @@ { stdenv, fetchurl, pkgconfig, libsoup, webkit, gtk, glib_networking -, gsettings_desktop_schemas, makeWrapper, cacert +, gsettings_desktop_schemas, makeWrapper }: stdenv.mkDerivation rec { @@ -11,11 +11,6 @@ stdenv.mkDerivation rec { sha256 = "0h9m5qfs09lb0dz8a79yccmm3a5rv6z8gi5pkyfh8fqkgkh2940p"; }; - # Nixos default ca bundle - patchPhase = '' - sed -i s,/etc/ssl/certs/ca-certificates.crt,${cacert}/etc/ssl/certs/ca-bundle.crt, src/config.def.h - ''; - buildInputs = [ makeWrapper gtk libsoup pkgconfig webkit gsettings_desktop_schemas ]; makeFlags = [ "PREFIX=$(out)" ]; diff --git a/pkgs/applications/networking/browsers/vimprobable2/default.nix b/pkgs/applications/networking/browsers/vimprobable2/default.nix index ad5f8aa4691..6f8eede9b3f 100644 --- a/pkgs/applications/networking/browsers/vimprobable2/default.nix +++ b/pkgs/applications/networking/browsers/vimprobable2/default.nix @@ -1,5 +1,5 @@ { stdenv, fetchurl, makeWrapper, glib, glib_networking, gtk, libsoup, libX11, perl, - pkgconfig, webkit, gsettings_desktop_schemas, cacert }: + pkgconfig, webkit, gsettings_desktop_schemas }: stdenv.mkDerivation rec { version = "1.4.2"; @@ -9,11 +9,6 @@ stdenv.mkDerivation rec { sha256 = "13jdximksh9r3cgd2f8vms0pbsn3x0gxvyqdqiw16xp5fmdx5kzr"; }; - # Nixos default ca bundle - patchPhase = '' - sed -i s,/etc/ssl/certs/ca-certificates.crt,${cacert}/etc/ssl/certs/ca-bundle.crt, config.h - ''; - buildInputs = [ makeWrapper gtk libsoup libX11 perl pkgconfig webkit gsettings_desktop_schemas ]; installPhase = '' diff --git a/pkgs/applications/networking/cluster/panamax/api/default.nix b/pkgs/applications/networking/cluster/panamax/api/default.nix index 524433b45fb..dcfef83f1be 100644 --- a/pkgs/applications/networking/cluster/panamax/api/default.nix +++ b/pkgs/applications/networking/cluster/panamax/api/default.nix @@ -1,5 +1,5 @@ { stdenv, buildEnv, fetchgit, fetchurl, makeWrapper, bundlerEnv, bundler_HEAD -, ruby, libxslt, libxml2, sqlite, openssl, cacert, docker +, ruby, libxslt, libxml2, sqlite, openssl, docker , dataDir ? "/var/lib/panamax-api" }: with stdenv.lib; @@ -62,7 +62,7 @@ stdenv.mkDerivation rec { --prefix "PATH" : "$out/share/panamax-api/bin:${env.ruby}/bin:$PATH" \ --prefix "HOME" : "$out/share/panamax-api" \ --prefix "GEM_HOME" : "${env}/${env.ruby.gemPath}" \ - --prefix "SSL_CERT_FILE" : "${cacert}/etc/ssl/certs/ca-bundle.crt" \ + --prefix "SSL_CERT_FILE" : /etc/ssl/certs/ca-certificates.crt \ --prefix "GEM_PATH" : "$out/share/panamax-api:${bundler}/${env.ruby.gemPath}" ''; diff --git a/pkgs/applications/networking/instant-messengers/fuze/default.nix b/pkgs/applications/networking/instant-messengers/fuze/default.nix index 6b85e107d06..33ffe87a4ff 100644 --- a/pkgs/applications/networking/instant-messengers/fuze/default.nix +++ b/pkgs/applications/networking/instant-messengers/fuze/default.nix @@ -1,12 +1,12 @@ { stdenv, fetchurl, dpkg, openssl, alsaLib, libXext, libXfixes, libXrandr , libjpeg, curl, libX11, libXmu, libXv, libXtst, qt4, mesa, zlib -, gnome, libidn, rtmpdump, c-ares, openldap, makeWrapper, cacert +, gnome, libidn, rtmpdump, c-ares, openldap, makeWrapper }: assert stdenv.system == "x86_64-linux"; let curl_custom = stdenv.lib.overrideDerivation curl (args: { - configureFlags = args.configureFlags ++ ["--with-ca-bundle=${cacert}/etc/ssl/certs/ca-bundle.crt"] ; + configureFlags = args.configureFlags ++ ["--with-ca-bundle=/etc/ssl/certs/ca-certificates.crt"] ; } ); in stdenv.mkDerivation { diff --git a/pkgs/applications/networking/instant-messengers/telepathy/gabble/default.nix b/pkgs/applications/networking/instant-messengers/telepathy/gabble/default.nix index a74885b2ce3..971a834f409 100644 --- a/pkgs/applications/networking/instant-messengers/telepathy/gabble/default.nix +++ b/pkgs/applications/networking/instant-messengers/telepathy/gabble/default.nix @@ -1,5 +1,5 @@ { stdenv, fetchurl, pkgconfig, libxslt, telepathy_glib, libxml2, dbus_glib, dbus_daemon -, sqlite, libsoup, libnice, gnutls, cacert }: +, sqlite, libsoup, libnice, gnutls }: stdenv.mkDerivation rec { name = "telepathy-gabble-0.18.2"; @@ -13,7 +13,7 @@ stdenv.mkDerivation rec { buildInputs = [ libxml2 dbus_glib sqlite libsoup libnice telepathy_glib gnutls ] ++ stdenv.lib.optional doCheck dbus_daemon; - configureFlags = "--with-ca-certificates=${cacert}/etc/ssl/certs/ca-bundle.crt"; + configureFlags = "--with-ca-certificates=/etc/ssl/certs/ca-certificates.crt"; enableParallelBuilding = true; doCheck = true; diff --git a/pkgs/applications/networking/irc/weechat/default.nix b/pkgs/applications/networking/irc/weechat/default.nix index c39c5be1d4c..060be8ab1eb 100644 --- a/pkgs/applications/networking/irc/weechat/default.nix +++ b/pkgs/applications/networking/irc/weechat/default.nix @@ -1,6 +1,6 @@ { stdenv, fetchurl, ncurses, openssl, perl, python, aspell, gnutls , zlib, curl , pkgconfig, libgcrypt, ruby, lua5, tcl, guile -, pythonPackages, cacert, cmake, makeWrapper, libobjc +, pythonPackages, cmake, makeWrapper, libobjc , extraBuildInputs ? [] }: stdenv.mkDerivation rec { @@ -15,11 +15,11 @@ stdenv.mkDerivation rec { buildInputs = [ ncurses perl python openssl aspell gnutls zlib curl pkgconfig libgcrypt ruby lua5 tcl guile pythonPackages.pycrypto makeWrapper - cacert cmake ] + cmake ] ++ stdenv.lib.optionals stdenv.isDarwin [ pythonPackages.pync libobjc ] ++ extraBuildInputs; - NIX_CFLAGS_COMPILE = "-I${python}/include/${python.libPrefix} -DCA_FILE=${cacert}/etc/ssl/certs/ca-bundle.crt"; + NIX_CFLAGS_COMPILE = "-I${python}/include/${python.libPrefix} -DCA_FILE=/etc/ssl/certs/ca-certificates.crt"; postInstall = '' NIX_PYTHONPATH="$out/lib/${python.libPrefix}/site-packages" diff --git a/pkgs/applications/version-management/bazaar/default.nix b/pkgs/applications/version-management/bazaar/default.nix index c3b238eeb0a..28406cecbb0 100644 --- a/pkgs/applications/version-management/bazaar/default.nix +++ b/pkgs/applications/version-management/bazaar/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, pythonPackages, cacert }: +{ stdenv, fetchurl, pythonPackages }: stdenv.mkDerivation rec { version = "2.6"; @@ -19,10 +19,9 @@ stdenv.mkDerivation rec { patches = [ ./add_certificates.patch ]; postPatch = '' substituteInPlace bzrlib/transport/http/_urllib2_wrappers.py \ - --subst-var-by "certPath" "${cacert}/etc/ssl/certs/ca-bundle.crt" + --subst-var-by certPath /etc/ssl/certs/ca-certificates.crt ''; - installPhase = '' python setup.py install --prefix=$out wrapPythonPrograms diff --git a/pkgs/applications/version-management/mercurial/default.nix b/pkgs/applications/version-management/mercurial/default.nix index 4d8b2fe27c6..12f3c8f11d8 100644 --- a/pkgs/applications/version-management/mercurial/default.nix +++ b/pkgs/applications/version-management/mercurial/default.nix @@ -1,6 +1,5 @@ { stdenv, fetchurl, python, makeWrapper, docutils, unzip, hg-git, dulwich -, guiSupport ? false, tk ? null, curses, cacert - +, guiSupport ? false, tk ? null, curses , ApplicationServices }: let @@ -48,7 +47,7 @@ stdenv.mkDerivation { mkdir -p $out/etc/mercurial cat >> $out/etc/mercurial/hgrc << EOF [web] - cacerts = ${cacert}/etc/ssl/certs/ca-bundle.crt + cacerts = /etc/ssl/certs/ca-certificates.crt EOF # copy hgweb.cgi to allow use in apache diff --git a/pkgs/desktops/gnome-3/3.16/core/gnome-keyring/default.nix b/pkgs/desktops/gnome-3/3.16/core/gnome-keyring/default.nix index a6621aebe43..c3f16db359e 100644 --- a/pkgs/desktops/gnome-3/3.16/core/gnome-keyring/default.nix +++ b/pkgs/desktops/gnome-3/3.16/core/gnome-keyring/default.nix @@ -1,6 +1,6 @@ { stdenv, fetchurl, pkgconfig, dbus, libgcrypt, libtasn1, pam, python, glib, libxslt , intltool, pango, gcr, gdk_pixbuf, atk, p11_kit, makeWrapper -, docbook_xsl_ns, docbook_xsl, gnome3, cacert }: +, docbook_xsl_ns, docbook_xsl, gnome3 }: let majVer = gnome3.version; @@ -22,7 +22,7 @@ in stdenv.mkDerivation rec { nativeBuildInputs = [ pkgconfig intltool docbook_xsl_ns docbook_xsl ]; configureFlags = [ - "--with-ca-certificates=${cacert}/etc/ssl/certs/ca-bundle.crt" # NixOS hardcoded path + "--with-ca-certificates=/etc/ssl/certs/ca-certificates.crt" # NixOS hardcoded path "--with-pkcs11-config=$$out/etc/pkcs11/" # installation directories "--with-pkcs11-modules=$$out/lib/pkcs11/" ]; diff --git a/pkgs/desktops/gnome-3/3.16/core/rest/default.nix b/pkgs/desktops/gnome-3/3.16/core/rest/default.nix index 354f1715dc1..eada9ab1993 100644 --- a/pkgs/desktops/gnome-3/3.16/core/rest/default.nix +++ b/pkgs/desktops/gnome-3/3.16/core/rest/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, pkgconfig, glib, libsoup, gobjectIntrospection, cacert, gnome3 }: +{ stdenv, fetchurl, pkgconfig, glib, libsoup, gobjectIntrospection, gnome3 }: stdenv.mkDerivation rec { name = "rest-0.7.92"; @@ -10,7 +10,7 @@ stdenv.mkDerivation rec { buildInputs = [ pkgconfig glib libsoup gobjectIntrospection]; - configureFlags = "--with-ca-certificates=${cacert}/etc/ssl/certs/ca-bundle.crt"; + configureFlags = "--with-ca-certificates=/etc/ssl/certs/ca-certificates.crt"; meta = with stdenv.lib; { platforms = platforms.linux; diff --git a/pkgs/development/interpreters/elixir/default.nix b/pkgs/development/interpreters/elixir/default.nix index 99d649f3f68..c9a83774486 100644 --- a/pkgs/development/interpreters/elixir/default.nix +++ b/pkgs/development/interpreters/elixir/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, erlang, rebar, makeWrapper, coreutils, curl, bash, cacert }: +{ stdenv, fetchurl, erlang, rebar, makeWrapper, coreutils, curl, bash }: let version = "1.0.5"; @@ -32,8 +32,8 @@ stdenv.mkDerivation { b=$(basename $f) if [ $b == "mix" ]; then continue; fi wrapProgram $f \ - --prefix PATH ":" "${erlang}/bin:${coreutils}/bin:${curl}/bin:${bash}/bin" \ - --set CURL_CA_BUNDLE "${cacert}/etc/ssl/certs/ca-bundle.crt" + --prefix PATH ":" "${erlang}/bin:${coreutils}/bin:${curl}/bin:${bash}/bin" \ + --set CURL_CA_BUNDLE /etc/ssl/certs/ca-certificates.crt done ''; diff --git a/pkgs/development/libraries/glib-networking/default.nix b/pkgs/development/libraries/glib-networking/default.nix index 79b31b1365b..a17b7a21409 100644 --- a/pkgs/development/libraries/glib-networking/default.nix +++ b/pkgs/development/libraries/glib-networking/default.nix @@ -1,5 +1,5 @@ { stdenv, fetchurl, pkgconfig, glib, intltool, gnutls, libproxy -, gsettings_desktop_schemas, cacert }: +, gsettings_desktop_schemas }: let ver_maj = "2.44"; @@ -13,7 +13,7 @@ stdenv.mkDerivation rec { sha256 = "8f8a340d3ba99bfdef38b653da929652ea6640e27969d29f7ac51fbbe11a4346"; }; - configureFlags = "--with-ca-certificates=${cacert}/etc/ssl/certs/ca-bundle.crt"; + configureFlags = "--with-ca-certificates=/etc/ssl/certs/ca-certificates.crt"; preBuild = '' sed -e "s@${glib}/lib/gio/modules@$out/lib/gio/modules@g" -i $(find . -name Makefile) diff --git a/pkgs/servers/mail/opensmtpd/default.nix b/pkgs/servers/mail/opensmtpd/default.nix index 810012fb60a..a95a5d81ce9 100644 --- a/pkgs/servers/mail/opensmtpd/default.nix +++ b/pkgs/servers/mail/opensmtpd/default.nix @@ -23,7 +23,7 @@ stdenv.mkDerivation rec { "--with-sock-dir=/run" "--with-privsep-user=smtpd" "--with-queue-user=smtpq" - "--with-ca-file=${cacert}/etc/ssl/certs/ca-bundle.crt" + "--with-ca-file=/etc/ssl/certs/ca-certificates.crt" ]; installFlags = [ diff --git a/pkgs/tools/misc/pipelight/pipelight.patch b/pkgs/tools/misc/pipelight/pipelight.patch index bde6ecf943d..66dd0fdab4c 100644 --- a/pkgs/tools/misc/pipelight/pipelight.patch +++ b/pkgs/tools/misc/pipelight/pipelight.patch @@ -43,7 +43,7 @@ diff -urN pipelight.old/bin/pipelight-plugin.in pipelight.new/bin/pipelight-plug -fi +download_file() +{ -+ curl --cacert /etc/ssl/certs/ca-bundle.crt -o "$1" "$2" ++ curl --cacert /etc/ssl/certs/ca-certificates.crt -o "$1" "$2" +} # Use shasum instead of sha256sum on MacOS / *BSD @@ -111,7 +111,7 @@ diff -urN pipelight.old/share/install-dependency pipelight.new/share/install-dep -fi +download_file() +{ -+ curl --cacert /etc/ssl/certs/ca-bundle.crt -o "$1" "$2" ++ curl --cacert /etc/ssl/certs/ca-certificates.crt -o "$1" "$2" +} +get_download_size() +{ diff --git a/pkgs/tools/networking/aria2/default.nix b/pkgs/tools/networking/aria2/default.nix index 8d7f4541cad..e48beb3fe35 100644 --- a/pkgs/tools/networking/aria2/default.nix +++ b/pkgs/tools/networking/aria2/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, pkgconfig, cacert, c-ares, openssl, libxml2, sqlite, zlib }: +{ stdenv, fetchurl, pkgconfig, c-ares, openssl, libxml2, sqlite, zlib }: stdenv.mkDerivation rec { name = "aria2-${version}"; @@ -11,9 +11,7 @@ stdenv.mkDerivation rec { buildInputs = [ pkgconfig c-ares openssl libxml2 sqlite zlib ]; - propagatedBuildInputs = [ cacert ]; - - configureFlags = [ "--with-ca-bundle=${cacert}/etc/ssl/certs/ca-bundle.crt" ]; + configureFlags = [ "--with-ca-bundle=/etc/ssl/certs/ca-certificates.crt" ]; meta = with stdenv.lib; { homepage = http://aria2.sourceforge.net/; diff --git a/pkgs/tools/security/prey/default.nix b/pkgs/tools/security/prey/default.nix index d04f48c0f31..b36c11cf934 100644 --- a/pkgs/tools/security/prey/default.nix +++ b/pkgs/tools/security/prey/default.nix @@ -1,5 +1,4 @@ -{ stdenv, fetchurl, fetchgit, curl, scrot, imagemagick, xawtv, inetutils -, makeWrapper, coreutils, cacert +{ stdenv, fetchurl, fetchgit, curl, scrot, imagemagick, xawtv, inetutils, makeWrapper, coreutils , apiKey ? "" , deviceKey ? "" }: @@ -36,7 +35,7 @@ in stdenv.mkDerivation rec { cp -R ${modulesSrc}/* $out/modules/ wrapProgram "$out/prey.sh" \ --prefix PATH ":" "${xawtv}/bin:${imagemagick}/bin:${curl}/bin:${scrot}/bin:${inetutils}/bin:${coreutils}/bin" \ - --set CURL_CA_BUNDLE "${cacert}/etc/ssl/certs/ca-bundle.crt" + --set CURL_CA_BUNDLE "/etc/ssl/certs/ca-certificates.crt" ''; meta = with stdenv.lib; { From 0edfda814eea1e24b9ece7fc546bdf97e0d5da12 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 31 Jul 2015 01:36:41 +0200 Subject: [PATCH 11/44] Fix random ugliness --- pkgs/data/misc/cacert/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/data/misc/cacert/default.nix b/pkgs/data/misc/cacert/default.nix index 7bcb499aab4..0b125485fd4 100644 --- a/pkgs/data/misc/cacert/default.nix +++ b/pkgs/data/misc/cacert/default.nix @@ -9,7 +9,7 @@ stdenv.mkDerivation rec { unpackFile ${curl.src}; ''; - nativeBuildInputs = [ perl ] ++ (with perlPackages; [ LWP ]); + nativeBuildInputs = [ perl perlPackages.LWP ]; buildPhase = '' perl curl-*/lib/mk-ca-bundle.pl -d "file://$(pwd)/nss/lib/ckfw/builtins/certdata.txt" ca-bundle.crt From 6c6201a99bb52e96d7c10365dbcf67f6cafdfe2c Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Thu, 30 Jul 2015 18:00:14 +0200 Subject: [PATCH 12/44] Remove unnecessary rec{s from "my" packages --- pkgs/applications/editors/neovim/default.nix | 6 +++--- pkgs/development/compilers/squeak/default.nix | 2 +- pkgs/development/interpreters/picoc/default.nix | 2 +- pkgs/development/libraries/accounts-qt/default.nix | 2 +- pkgs/development/libraries/libcli/default.nix | 2 +- pkgs/development/tools/misc/bin_replace_string/default.nix | 2 +- pkgs/development/tools/parsing/flexc++/default.nix | 2 +- pkgs/os-specific/linux/freefall/default.nix | 2 +- pkgs/os-specific/linux/jfbview/default.nix | 2 +- pkgs/os-specific/linux/phc-intel/default.nix | 2 +- pkgs/tools/filesystems/duff/default.nix | 2 +- pkgs/tools/filesystems/encfs/default.nix | 2 +- pkgs/tools/networking/hans/default.nix | 4 ++-- pkgs/tools/security/eid-mw/default.nix | 2 +- pkgs/tools/security/eid-viewer/default.nix | 3 ++- pkgs/tools/text/aha/default.nix | 2 +- 16 files changed, 20 insertions(+), 19 deletions(-) diff --git a/pkgs/applications/editors/neovim/default.nix b/pkgs/applications/editors/neovim/default.nix index 28d455e06b2..c55d4b0e76a 100644 --- a/pkgs/applications/editors/neovim/default.nix +++ b/pkgs/applications/editors/neovim/default.nix @@ -17,7 +17,7 @@ let version = "2015-06-09"; # Note: this is NOT the libvterm already in nixpkgs, but some NIH silliness: - neovimLibvterm = let version = "2015-02-23"; in stdenv.mkDerivation rec { + neovimLibvterm = let version = "2015-02-23"; in stdenv.mkDerivation { name = "neovim-libvterm-${version}"; src = fetchFromGitHub { @@ -54,7 +54,7 @@ let ignoreCollisions = true; }; - neovim = stdenv.mkDerivation rec { + neovim = stdenv.mkDerivation { name = "neovim-${version}"; src = fetchFromGitHub { @@ -135,7 +135,7 @@ let }; }; -in if (vimAlias == false && configure == null) then neovim else stdenv.mkDerivation rec { +in if (vimAlias == false && configure == null) then neovim else stdenv.mkDerivation { name = "neovim-${version}-configured"; nativeBuildInputs = [ makeWrapper ]; buildCommand = '' diff --git a/pkgs/development/compilers/squeak/default.nix b/pkgs/development/compilers/squeak/default.nix index 6e68defb624..7f3ed5c6ec3 100644 --- a/pkgs/development/compilers/squeak/default.nix +++ b/pkgs/development/compilers/squeak/default.nix @@ -2,7 +2,7 @@ , libpthreadstubs, pango, pkgconfig, libpulseaudio, which }: let version = "4.10.2.2614"; in -stdenv.mkDerivation rec { +stdenv.mkDerivation { name = "squeak-${version}"; src = fetchurl { diff --git a/pkgs/development/interpreters/picoc/default.nix b/pkgs/development/interpreters/picoc/default.nix index c9ec01703bf..290abca5474 100644 --- a/pkgs/development/interpreters/picoc/default.nix +++ b/pkgs/development/interpreters/picoc/default.nix @@ -1,7 +1,7 @@ { stdenv, fetchFromGitHub, readline }: let version = "2015-05-04"; in -stdenv.mkDerivation rec { +stdenv.mkDerivation { name = "picoc-${version}"; src = fetchFromGitHub { diff --git a/pkgs/development/libraries/accounts-qt/default.nix b/pkgs/development/libraries/accounts-qt/default.nix index 824a2949492..26a04362090 100644 --- a/pkgs/development/libraries/accounts-qt/default.nix +++ b/pkgs/development/libraries/accounts-qt/default.nix @@ -1,7 +1,7 @@ { stdenv, fetchFromGitLab, doxygen, glib, libaccounts-glib, pkgconfig, qt5 }: let version = "1.13"; in -stdenv.mkDerivation rec { +stdenv.mkDerivation { name = "accounts-qt-${version}"; src = fetchFromGitLab { diff --git a/pkgs/development/libraries/libcli/default.nix b/pkgs/development/libraries/libcli/default.nix index bbeb75d0b8d..a6d564d9294 100644 --- a/pkgs/development/libraries/libcli/default.nix +++ b/pkgs/development/libraries/libcli/default.nix @@ -1,7 +1,7 @@ { stdenv, fetchFromGitHub }: let version = "1.9.7"; in -stdenv.mkDerivation rec { +stdenv.mkDerivation { name = "libcli-${version}"; src = fetchFromGitHub { diff --git a/pkgs/development/tools/misc/bin_replace_string/default.nix b/pkgs/development/tools/misc/bin_replace_string/default.nix index 7d33d8ee3c3..9e4b77c196e 100644 --- a/pkgs/development/tools/misc/bin_replace_string/default.nix +++ b/pkgs/development/tools/misc/bin_replace_string/default.nix @@ -1,7 +1,7 @@ { stdenv, fetchurl, libelf, txt2man }: let version = "0.2"; in -stdenv.mkDerivation rec { +stdenv.mkDerivation { name = "bin_replace_string-${version}"; src = fetchurl { diff --git a/pkgs/development/tools/parsing/flexc++/default.nix b/pkgs/development/tools/parsing/flexc++/default.nix index d723cc0382b..0b9c4fcbc64 100644 --- a/pkgs/development/tools/parsing/flexc++/default.nix +++ b/pkgs/development/tools/parsing/flexc++/default.nix @@ -1,7 +1,7 @@ { stdenv, fetchurl, bobcat, icmake, yodl }: let version = "2.02.00"; in -stdenv.mkDerivation rec { +stdenv.mkDerivation { name = "flexc++-${version}"; src = fetchurl { diff --git a/pkgs/os-specific/linux/freefall/default.nix b/pkgs/os-specific/linux/freefall/default.nix index 4c1497367e3..34d0f3881e4 100644 --- a/pkgs/os-specific/linux/freefall/default.nix +++ b/pkgs/os-specific/linux/freefall/default.nix @@ -1,7 +1,7 @@ { stdenv, fetchurl }: let version = "3.19"; in -stdenv.mkDerivation rec { +stdenv.mkDerivation { name = "freefall-${version}"; src = fetchurl { diff --git a/pkgs/os-specific/linux/jfbview/default.nix b/pkgs/os-specific/linux/jfbview/default.nix index 34bf136ece7..c89f6e81410 100644 --- a/pkgs/os-specific/linux/jfbview/default.nix +++ b/pkgs/os-specific/linux/jfbview/default.nix @@ -5,7 +5,7 @@ let version = "0.5.1"; binaries = [ "jfbpdf" "jfbview" "jpdfcat" "jpdfgrep" ]; in -stdenv.mkDerivation rec { +stdenv.mkDerivation { name = "jfbview-${version}"; src = fetchFromGitHub { diff --git a/pkgs/os-specific/linux/phc-intel/default.nix b/pkgs/os-specific/linux/phc-intel/default.nix index 4b656967386..4c47047ff74 100644 --- a/pkgs/os-specific/linux/phc-intel/default.nix +++ b/pkgs/os-specific/linux/phc-intel/default.nix @@ -7,7 +7,7 @@ assert stdenv.lib.versionAtLeast kernel.version "4.0"; assert !kernel.features ? grsecurity; let version = "0.4.0-rev17"; in -stdenv.mkDerivation rec { +stdenv.mkDerivation { name = "linux-phc-intel-${version}-${kernel.version}"; src = fetchurl { diff --git a/pkgs/tools/filesystems/duff/default.nix b/pkgs/tools/filesystems/duff/default.nix index edb69aaef5c..31015334166 100644 --- a/pkgs/tools/filesystems/duff/default.nix +++ b/pkgs/tools/filesystems/duff/default.nix @@ -1,7 +1,7 @@ { stdenv, fetchFromGitHub, autoreconfHook, gettext }: let version = "0.5.2"; in -stdenv.mkDerivation rec { +stdenv.mkDerivation { name = "duff-${version}"; src = fetchFromGitHub { diff --git a/pkgs/tools/filesystems/encfs/default.nix b/pkgs/tools/filesystems/encfs/default.nix index d85440c5475..b21054e478d 100644 --- a/pkgs/tools/filesystems/encfs/default.nix +++ b/pkgs/tools/filesystems/encfs/default.nix @@ -2,7 +2,7 @@ , pkgconfig, rlog }: let version = "1.8.1"; in -stdenv.mkDerivation rec { +stdenv.mkDerivation { name = "encfs-${version}"; src = fetchFromGitHub { diff --git a/pkgs/tools/networking/hans/default.nix b/pkgs/tools/networking/hans/default.nix index c4f7c8da9d4..31a47d2e441 100644 --- a/pkgs/tools/networking/hans/default.nix +++ b/pkgs/tools/networking/hans/default.nix @@ -1,7 +1,7 @@ { stdenv, fetchFromGitHub, nettools }: let version = "0.4.4"; in -stdenv.mkDerivation rec { +stdenv.mkDerivation { name = "hans-${version}"; src = fetchFromGitHub { @@ -29,7 +29,7 @@ stdenv.mkDerivation rec { buildInputs = [ nettools ]; postPatch = '' - substituteInPlace src/tun.cpp --replace "/sbin/" "/${nettools}/bin/" + substituteInPlace src/tun.cpp --replace "/sbin/" "${nettools}/bin/" ''; enableParallelBuilding = true; diff --git a/pkgs/tools/security/eid-mw/default.nix b/pkgs/tools/security/eid-mw/default.nix index e14bc6b9cc4..c039c41314d 100644 --- a/pkgs/tools/security/eid-mw/default.nix +++ b/pkgs/tools/security/eid-mw/default.nix @@ -2,7 +2,7 @@ , pkgconfig }: let version = "4.1.4"; in -stdenv.mkDerivation rec { +stdenv.mkDerivation { name = "eid-mw-${version}"; src = fetchFromGitHub { diff --git a/pkgs/tools/security/eid-viewer/default.nix b/pkgs/tools/security/eid-viewer/default.nix index f2dfd58a7fb..6df5116ad18 100644 --- a/pkgs/tools/security/eid-viewer/default.nix +++ b/pkgs/tools/security/eid-viewer/default.nix @@ -1,9 +1,10 @@ { stdenv, fetchurl, jre, makeWrapper, pcsclite }: -stdenv.mkDerivation rec { +let # TODO: find out what the version components actually mean, if anything: package = "eid-viewer-4.0.7-195"; build = "tcm406-258907"; +in stdenv.mkDerivation rec { name = "${package}-${build}"; src = fetchurl { diff --git a/pkgs/tools/text/aha/default.nix b/pkgs/tools/text/aha/default.nix index 4ae8048623c..d1c21e62a66 100644 --- a/pkgs/tools/text/aha/default.nix +++ b/pkgs/tools/text/aha/default.nix @@ -1,7 +1,7 @@ { stdenv, fetchFromGitHub }: let version = "0.4.8"; in -stdenv.mkDerivation rec { +stdenv.mkDerivation { name = "aha-${version}"; src = fetchFromGitHub { From c0f59dc0bbdd13eb81c78e7e1bb67d5eb52da08e Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Thu, 30 Jul 2015 18:44:43 +0200 Subject: [PATCH 13/44] lz4: remove test restrictions Tests are still disabled by default. --- pkgs/tools/compression/lz4/default.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/pkgs/tools/compression/lz4/default.nix b/pkgs/tools/compression/lz4/default.nix index 57f0327fa1e..1fefc1dcc83 100644 --- a/pkgs/tools/compression/lz4/default.nix +++ b/pkgs/tools/compression/lz4/default.nix @@ -17,9 +17,8 @@ stdenv.mkDerivation rec { makeFlags = "PREFIX=$(out)"; - doCheck = false; + doCheck = false; # tests take a very long time checkTarget = "test"; - checkFlags = "-j1 -C programs"; # -j1 required since version 128, -C should be temporary meta = with stdenv.lib; { description = "Extremely fast compression algorithm"; From 7b30d6a8cb55ad4e8001acef0a5affcf22e4f383 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Thu, 30 Jul 2015 20:03:22 +0200 Subject: [PATCH 14/44] sudo: add withInsults flag (disabled by default) The feature Nix neither needs nor deserves. Requires the "insults" to be explicitly enabled in sudoers. This adds 1.6 MB to your sudo as some kind of cruel meta-joke. --- pkgs/tools/security/sudo/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/pkgs/tools/security/sudo/default.nix b/pkgs/tools/security/sudo/default.nix index 8c9d3533346..34e1731778f 100644 --- a/pkgs/tools/security/sudo/default.nix +++ b/pkgs/tools/security/sudo/default.nix @@ -1,5 +1,6 @@ { stdenv, fetchurl, coreutils, pam, groff , sendmailPath ? "/var/setuid-wrappers/sendmail" +, withInsults ? false }: stdenv.mkDerivation rec { @@ -20,6 +21,9 @@ stdenv.mkDerivation rec { "--with-vardir=/var/db/sudo" "--with-logpath=/var/log/sudo.log" "--with-sendmail=${sendmailPath}" + ] ++ stdenv.lib.optional withInsults [ + "--with-insults" + "--with-all-insults" ]; configureFlagsArray = [ From cf1edbb66251ac176f820e0895ca2268b2f59727 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Thu, 30 Jul 2015 23:57:03 +0200 Subject: [PATCH 15/44] stress-ng: 0.04.12 -> 0.04.13 Changes: https://launchpad.net/ubuntu/+source/stress-ng/0.04.13-1 --- pkgs/tools/system/stress-ng/default.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pkgs/tools/system/stress-ng/default.nix b/pkgs/tools/system/stress-ng/default.nix index a2cff62e2c8..38f2f2551bf 100644 --- a/pkgs/tools/system/stress-ng/default.nix +++ b/pkgs/tools/system/stress-ng/default.nix @@ -1,15 +1,15 @@ -{ stdenv, fetchurl, attr }: +{ stdenv, fetchurl, attr, keyutils }: -let version = "0.04.12"; in +let version = "0.04.13"; in stdenv.mkDerivation rec { name = "stress-ng-${version}"; src = fetchurl { - sha256 = "0gc5mai1dzhb7n8wsy2kzx0q85zbsa2ilvc2fpa30ilcwmg28kgm"; + sha256 = "0h4alfylf15q1rdf9v42fy0bhh4c1s1fagiym445qb3yacf5p9g3"; url = "http://kernel.ubuntu.com/~cking/tarballs/stress-ng/${name}.tar.gz"; }; - buildInputs = [ attr ]; + buildInputs = [ attr keyutils ]; patchPhase = '' substituteInPlace Makefile --replace "/usr" "" From 083ff50289fc6b83b37f1318ba61a0e6a1d0349b Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Fri, 31 Jul 2015 02:02:26 +0200 Subject: [PATCH 16/44] Revert "python-packages: click 3.3 -> 4.1" I *think* this might be breaking nox-review on Travis (but not here...) Reverting to get Travis working ASAP until I figure out if that is so. This reverts commit ba9a6e2d095a5895e82f791ec8f1b92f05259454. --- pkgs/top-level/python-packages.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index d8f05132d95..32bc74fd15e 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -1884,11 +1884,11 @@ let }; click = buildPythonPackage rec { - name = "click-4.1"; + name = "click-3.3"; src = pkgs.fetchurl { url = "https://pypi.python.org/packages/source/c/click/${name}.tar.gz"; - sha256 = "1n4fvxpgbna83g6daarscljwpbarr45qfalh9hqla8ayy84ysfg3"; + sha256 = "1rfn8ml80rw3hkgpm1an5p3vdyhh7hzx4zynr8dhfl7bsw28r77p"; }; meta = { From 389a0bf6cc0ca99cff3376648599285ec817b0b3 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Fri, 31 Jul 2015 02:36:06 +0200 Subject: [PATCH 17/44] python-packages: re-add click 4.1 as separate attr --- pkgs/top-level/python-packages.nix | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 32bc74fd15e..d2c83016dca 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -1903,6 +1903,17 @@ let }; }; + click_4_1 = buildPythonPackage rec { + name = "click-4.1"; + + src = pkgs.fetchurl { + url = "https://pypi.python.org/packages/source/c/click/${name}.tar.gz"; + sha256 = "1n4fvxpgbna83g6daarscljwpbarr45qfalh9hqla8ayy84ysfg3"; + }; + + inherit (self.click) meta; + }; + clepy = buildPythonPackage rec { name = "clepy-0.3.20"; From 967088e00232bbd890951a1945109c42057340b5 Mon Sep 17 00:00:00 2001 From: Jan Malakhovski Date: Sun, 19 Jul 2015 16:49:23 +0000 Subject: [PATCH 18/44] nixos: let's not forget types in the timezone module --- nixos/modules/config/timezone.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/nixos/modules/config/timezone.nix b/nixos/modules/config/timezone.nix index 06857139311..b9844b4adad 100644 --- a/nixos/modules/config/timezone.nix +++ b/nixos/modules/config/timezone.nix @@ -26,6 +26,7 @@ in hardwareClockInLocalTime = mkOption { default = false; + type = types.bool; description = "If set, keep the hardware clock in local time instead of UTC."; }; From dd991dd576386acac34779ba3b572d975e831156 Mon Sep 17 00:00:00 2001 From: Jan Malakhovski Date: Mon, 20 Jul 2015 23:19:56 +0000 Subject: [PATCH 19/44] perl-URIIMAP: init at 1.01 --- pkgs/top-level/perl-packages.nix | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/pkgs/top-level/perl-packages.nix b/pkgs/top-level/perl-packages.nix index 51bc30ad1c8..12be02bbf5b 100644 --- a/pkgs/top-level/perl-packages.nix +++ b/pkgs/top-level/perl-packages.nix @@ -10504,6 +10504,15 @@ let self = _self // overrides; _self = with self; { buildInputs = [URI TestMore]; }; + URIIMAP = buildPerlPackage { + name = "URI-imap-1.01"; + src = fetchurl { + url = mirror://cpan/authors/id/C/CW/CWEST/URI-imap-1.01.tar.gz; + sha256 = "0bdv6mrdijcq46r3lmz801rscs63f8p9qqliy2safd6fds4rj55v"; + }; + propagatedBuildInputs = [URI]; + }; + URINested = buildPerlModule { name = "URI-Nested-0.10"; src = fetchurl { From 2392cf18976b1fc3977af17912ce170ef6972e62 Mon Sep 17 00:00:00 2001 From: Jan Malakhovski Date: Mon, 20 Jul 2015 23:20:14 +0000 Subject: [PATCH 20/44] perl-IMAPClient: init at 0.13 --- pkgs/top-level/perl-packages.nix | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/pkgs/top-level/perl-packages.nix b/pkgs/top-level/perl-packages.nix index 12be02bbf5b..bfb16d3720e 100644 --- a/pkgs/top-level/perl-packages.nix +++ b/pkgs/top-level/perl-packages.nix @@ -4674,6 +4674,16 @@ let self = _self // overrides; _self = with self; { }; }; + IMAPClient = buildPerlPackage { + name = "IMAP-Client-0.13"; + src = fetchurl { + url = mirror://cpan/authors/id/C/CO/CONTEB/IMAP-Client-0.13.tar.gz; + sha256 = "15fa4hpw2rqg2iadyz10rnv99hns78wph5qlh3257a3mbfjjyyla"; + }; + propagatedBuildInputs = [IOSocketSSL URIIMAP]; + doCheck = false; # nondeterministic + }; + ImportInto = buildPerlPackage { name = "Import-Into-1.002004"; src = fetchurl { From e5a93ab20104430d6a900980c0b6653bb6ccc9a5 Mon Sep 17 00:00:00 2001 From: Thomas Tuegel Date: Thu, 30 Jul 2015 21:24:11 -0500 Subject: [PATCH 21/44] Revert "nixos/quassel: Temporarily switch back to qt4 since qt5 tls in quassel is broken" This reverts commit c61d048427719d6e0c131f58825331df0a9d4ccc. --- nixos/modules/services/networking/quassel.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/modules/services/networking/quassel.nix b/nixos/modules/services/networking/quassel.nix index 579d62884c7..005eb7bd761 100644 --- a/nixos/modules/services/networking/quassel.nix +++ b/nixos/modules/services/networking/quassel.nix @@ -3,7 +3,7 @@ with lib; let - quassel = pkgs.kde4.quasselDaemon; + quassel = pkgs.quasselDaemon_qt5; cfg = config.services.quassel; user = if cfg.user != null then cfg.user else "quassel"; in From 03b09e7cd4b6c12efeb4c38a0ba5a699dd30b5bb Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Fri, 31 Jul 2015 04:47:59 +0200 Subject: [PATCH 22/44] eid-viewer: 4.0.7-195-tcm406-258907 -> 4.1.4-v4.1.4-tcm406-270732 --- pkgs/tools/security/eid-viewer/default.nix | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/pkgs/tools/security/eid-viewer/default.nix b/pkgs/tools/security/eid-viewer/default.nix index 6df5116ad18..ad33975a7d9 100644 --- a/pkgs/tools/security/eid-viewer/default.nix +++ b/pkgs/tools/security/eid-viewer/default.nix @@ -2,14 +2,15 @@ let # TODO: find out what the version components actually mean, if anything: - package = "eid-viewer-4.0.7-195"; - build = "tcm406-258907"; + major = "4.1.4-v4.1.4"; + minor = "tcm406-270732"; + version = "${major}-${minor}"; in stdenv.mkDerivation rec { - name = "${package}-${build}"; + name = "eid-viewer-${version}"; src = fetchurl { - url = "http://eid.belgium.be/en/binaries/${package}.src.tar_${build}.gz"; - sha256 = "e263e6751ef7c185e278a607fdc46c207306d9a56c6ddb2ce6f58fb4464a2893"; + url = "http://eid.belgium.be/en/binaries/eid-viewer-${major}.src.tar_${minor}.gz"; + sha256 = "06kda45y7c3wvvqby153zcasgz4jibjypv8gvfwvrwvn4ag2z934"; }; buildInputs = [ jre pcsclite ]; @@ -32,6 +33,7 @@ in stdenv.mkDerivation rec { doCheck = true; meta = with stdenv.lib; { + inherit version; description = "Belgian electronic identity card (eID) viewer"; homepage = http://eid.belgium.be/en/using_your_eid/installing_the_eid_software/linux/; license = licenses.lgpl3; From 6c14111c9df6328374dced088d9fe45b8f693cf3 Mon Sep 17 00:00:00 2001 From: John Chee Date: Tue, 21 Jul 2015 18:24:31 -0700 Subject: [PATCH 23/44] entr: init at 3.2 --- pkgs/tools/misc/entr/default.nix | 32 ++++++++++++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 2 files changed, 34 insertions(+) create mode 100644 pkgs/tools/misc/entr/default.nix diff --git a/pkgs/tools/misc/entr/default.nix b/pkgs/tools/misc/entr/default.nix new file mode 100644 index 00000000000..8770a585887 --- /dev/null +++ b/pkgs/tools/misc/entr/default.nix @@ -0,0 +1,32 @@ +{ stdenv, fetchurl, coreutils, ncurses }: + +stdenv.mkDerivation rec { + name = "entr-${version}"; + version = "3.2"; + + src = fetchurl { + url = "http://entrproject.org/code/${name}.tar.gz"; + sha256 = "0ikigpfzyjmr8j6snwlvxzqamrjbhlv78m8w1h0h7kzczc5f1vmi"; + }; + + postPatch = '' + substituteInPlace Makefile.bsd --replace /bin/echo echo + substituteInPlace entr.c --replace /bin/cat ${coreutils}/bin/cat + substituteInPlace entr.c --replace /usr/bin/clear ${ncurses}/bin/clear + substituteInPlace entr.1 --replace /bin/cat cat + substituteInPlace entr.1 --replace /usr/bin/clear clear + ''; + dontAddPrefix = true; + doCheck = true; + checkTarget = "test"; + installFlags = [ "PREFIX=$(out)" ]; + + meta = { + homepage = http://entrproject.org/; + description = "Run arbitrary commands when files change."; + + license = stdenv.lib.licenses.isc; + + platforms = stdenv.lib.platforms.all; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 14f98fd8dd0..a0a957ef55f 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -1415,6 +1415,8 @@ let enscript = callPackage ../tools/text/enscript { }; + entr = callPackage ../tools/misc/entr { }; + eplot = callPackage ../tools/graphics/eplot { }; ethtool = callPackage ../tools/misc/ethtool { }; From 9fdb7edae34839738b2c41ad086a0418cce5b943 Mon Sep 17 00:00:00 2001 From: Luca Bruno Date: Fri, 31 Jul 2015 13:28:56 +0000 Subject: [PATCH 24/44] gdm 3.16: share some tests --- pkgs/desktops/gnome-3/3.16/core/gdm/3.16-wip/default.nix | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/pkgs/desktops/gnome-3/3.16/core/gdm/3.16-wip/default.nix b/pkgs/desktops/gnome-3/3.16/core/gdm/3.16-wip/default.nix index 83642f1afe6..51b67afb01f 100644 --- a/pkgs/desktops/gnome-3/3.16/core/gdm/3.16-wip/default.nix +++ b/pkgs/desktops/gnome-3/3.16/core/gdm/3.16-wip/default.nix @@ -3,23 +3,24 @@ , gtk, libcanberra_gtk3, pam, libtool, gobjectIntrospection }: stdenv.mkDerivation rec { - name = "gdm-${gnome3.version}.0"; + name = "gdm-${gnome3.version}.2"; src = fetchurl { url = "mirror://gnome/sources/gdm/${gnome3.version}/${name}.tar.xz"; - sha256 = "0qg2qxlfdvi1081r8bbid5hg7vqlpm91996ck2z7fq6kczy4hvdv"; + sha256 = "0mhv3q8z208qvhz00zrxlqn7w9gi5vy6w8dpjh5s2ka28l3yhbn3"; }; - # Only needed to make it build preConfigure = '' substituteInPlace ./configure --replace "/usr/bin/X" "${xorg.xorgserver}/bin/X" substituteInPlace daemon/gdm-simple-slave.c --replace 'BINDIR "/gnome-session' '"${gnome_session}/bin/gnome-session' substituteInPlace daemon/gdm-launch-environment.c --replace 'BINDIR "/dbus-launch' '"${dbus.tools}/bin/dbus-launch' substituteInPlace data/gdm.conf-custom.in --replace '#WaylandEnable=false' 'WaylandEnable=false' + sed 's/#Enable=true/Enable=true/' -i data/gdm.conf-custom.in ''; configureFlags = [ "--localstatedir=/var" "--with-systemd=yes" "--without-plymouth" - "--with-systemdsystemunitdir=$(out)/etc/systemd/system" ]; + "--with-systemdsystemunitdir=$(out)/etc/systemd/system" + "--with-initial-vt=10" ]; buildInputs = [ pkgconfig glib itstool libxml2 intltool accountsservice gnome3.dconf systemd From adfd0c78309fe0ccd651c592a5f673b7bfabb2c0 Mon Sep 17 00:00:00 2001 From: Luca Bruno Date: Fri, 31 Jul 2015 13:28:37 +0000 Subject: [PATCH 25/44] nautilus: 3.16.1 -> 3.16.2 --- pkgs/desktops/gnome-3/3.16/core/nautilus/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/desktops/gnome-3/3.16/core/nautilus/default.nix b/pkgs/desktops/gnome-3/3.16/core/nautilus/default.nix index a4e94db0b74..0e732b60748 100644 --- a/pkgs/desktops/gnome-3/3.16/core/nautilus/default.nix +++ b/pkgs/desktops/gnome-3/3.16/core/nautilus/default.nix @@ -3,11 +3,11 @@ , libnotify, makeWrapper, exempi, librsvg, tracker }: stdenv.mkDerivation rec { - name = "nautilus-${gnome3.version}.1"; + name = "nautilus-${gnome3.version}.2"; src = fetchurl { url = "mirror://gnome/sources/nautilus/${gnome3.version}/${name}.tar.xz"; - sha256 = "0y83adhfaq4ns01rdkqmrvdwj0ch2pb10hl43as98kqqzm0qxs3y"; + sha256 = "13s785kzk68xf4gdj0inz9k2hy06ll598w42141svdj77bdcsziy"; }; buildInputs = [ pkgconfig libxml2 dbus_glib shared_mime_info libexif gtk libunique intltool exempi librsvg From eb4a88d8fd27cbda512c8728c797ef2b13a91ade Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= Date: Fri, 31 Jul 2015 15:20:06 +0200 Subject: [PATCH 26/44] glibc-locales: check that all we build is supported Until now, if e.g. the user passed "en_US.UTF-8" instead of "en_US.UTF-8/UTF-8", the locales would be generated without failing but wouldn't work well. Now we guard against such mistakes. Real life examples: https://github.com/fish-shell/fish-shell/issues/1927 --- pkgs/development/libraries/glibc/locales.nix | 21 +++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) diff --git a/pkgs/development/libraries/glibc/locales.nix b/pkgs/development/libraries/glibc/locales.nix index 5d6e678bfe6..cbf7af22cac 100644 --- a/pkgs/development/libraries/glibc/locales.nix +++ b/pkgs/development/libraries/glibc/locales.nix @@ -29,10 +29,25 @@ build null { # Hack to allow building of the locales (needed since glibc-2.12) sed -i -e 's,^$(rtld-prefix) $(common-objpfx)locale/localedef,localedef --prefix='$TMPDIR',' ../glibc-2*/localedata/Makefile + '' + + stdenv.lib.optionalString (!allLocales) '' + # Check that all locales to be built are supported + echo -n '${stdenv.lib.concatMapStrings (s: s + " \\\n") locales}' \ + | sort > locales-to-build.txt + cat ../glibc-2*/localedata/SUPPORTED | grep ' \\' \ + | sort > locales-supported.txt + comm -13 locales-supported.txt locales-to-build.txt \ + > locales-unsupported.txt + if [[ $(wc -c locales-unsupported.txt) != "0 locales-unsupported.txt" ]]; then + cat locales-supported.txt + echo "Error: unsupported locales detected:" + cat locales-unsupported.txt + echo "You should choose from the list above the error." + false + fi - ${if allLocales then "" else - "echo SUPPORTED-LOCALES=\"${toString locales}\" > ../glibc-2*/localedata/SUPPORTED"} - + echo SUPPORTED-LOCALES='${toString locales}' > ../glibc-2*/localedata/SUPPORTED + '' + '' make localedata/install-locales \ localedir=$out/lib/locale \ ''; From 831397f13696a2f4cd82a73193dbe048d0a5d116 Mon Sep 17 00:00:00 2001 From: Sander van der Burg Date: Fri, 31 Jul 2015 13:42:18 +0000 Subject: [PATCH 27/44] suds: add python package --- pkgs/top-level/python-packages.nix | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index d2c83016dca..ee93f2a8191 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -16820,5 +16820,20 @@ let maintainers = with maintainers; [ odi ]; }; }; + + suds = buildPythonPackage rec { + name = "suds-0.4"; + + src = pkgs.fetchurl { + url = "https://pypi.python.org/packages/source/s/suds/suds-0.4.tar.gz"; + md5 = "b7502de662341ed7275b673e6bd73191"; + }; + + meta = with stdenv.lib; { + description = "Lightweight SOAP client"; + homepage = https://fedorahosted.org/suds; + license = licenses.lgpl3Plus; + }; + }; }; in pythonPackages From 0310b484946f3b2434e997655c44687889058ce2 Mon Sep 17 00:00:00 2001 From: Sander van der Burg Date: Fri, 31 Jul 2015 16:19:56 +0000 Subject: [PATCH 28/44] Add mongodb-tools package as dependency to make snapshots and restores work --- pkgs/tools/package-management/disnix/dysnomia/default.nix | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/package-management/disnix/dysnomia/default.nix b/pkgs/tools/package-management/disnix/dysnomia/default.nix index f79250cf018..275c4b6e61f 100644 --- a/pkgs/tools/package-management/disnix/dysnomia/default.nix +++ b/pkgs/tools/package-management/disnix/dysnomia/default.nix @@ -1,5 +1,5 @@ { stdenv, fetchurl -, ejabberd ? null, mysql ? null, postgresql ? null, subversion ? null, mongodb ? null +, ejabberd ? null, mysql ? null, postgresql ? null, subversion ? null, mongodb ? null, mongodb-tools ? null , enableApacheWebApplication ? false , enableAxis2WebService ? false , enableEjabberdDump ? false @@ -17,7 +17,7 @@ assert enableMySQLDatabase -> mysql != null; assert enablePostgreSQLDatabase -> postgresql != null; assert enableSubversionRepository -> subversion != null; assert enableEjabberdDump -> ejabberd != null; -assert enableMongoDatabase -> mongodb != null; +assert enableMongoDatabase -> (mongodb != null && mongodb-tools != null); stdenv.mkDerivation { name = "dysnomia-0.4"; @@ -45,7 +45,8 @@ stdenv.mkDerivation { ++ stdenv.lib.optional enableMySQLDatabase mysql.out ++ stdenv.lib.optional enablePostgreSQLDatabase postgresql ++ stdenv.lib.optional enableSubversionRepository subversion - ++ stdenv.lib.optional enableMongoDatabase mongodb; + ++ stdenv.lib.optional enableMongoDatabase mongodb + ++ stdenv.lib.optional enableMongoDatabase mongodb-tools; meta = { description = "Automated deployment of mutable components and services for Disnix"; From a4e03fdc668ffe29e377281f37c405fb08dbd12f Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Fri, 31 Jul 2015 15:38:58 +0200 Subject: [PATCH 29/44] python-packages: click 3.3 -> 4.1 (redux) This reverts: commit 389a0bf6cc0ca99cff3376648599285ec817b0b3 commit 083ff50289fc6b83b37f1318ba61a0e6a1d0349b The nox-review failures were caused by a transient GitHub glitch that merely happened to crash in click. --- pkgs/top-level/python-packages.nix | 15 ++------------- 1 file changed, 2 insertions(+), 13 deletions(-) diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index ee93f2a8191..3539d30caf3 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -1884,11 +1884,11 @@ let }; click = buildPythonPackage rec { - name = "click-3.3"; + name = "click-4.1"; src = pkgs.fetchurl { url = "https://pypi.python.org/packages/source/c/click/${name}.tar.gz"; - sha256 = "1rfn8ml80rw3hkgpm1an5p3vdyhh7hzx4zynr8dhfl7bsw28r77p"; + sha256 = "1n4fvxpgbna83g6daarscljwpbarr45qfalh9hqla8ayy84ysfg3"; }; meta = { @@ -1903,17 +1903,6 @@ let }; }; - click_4_1 = buildPythonPackage rec { - name = "click-4.1"; - - src = pkgs.fetchurl { - url = "https://pypi.python.org/packages/source/c/click/${name}.tar.gz"; - sha256 = "1n4fvxpgbna83g6daarscljwpbarr45qfalh9hqla8ayy84ysfg3"; - }; - - inherit (self.click) meta; - }; - clepy = buildPythonPackage rec { name = "clepy-0.3.20"; From 3989c87ee1c326f7b986d8fe9c4137473169cc51 Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Fri, 31 Jul 2015 11:52:31 -0700 Subject: [PATCH 30/44] ldb: 1.1.20 -> 1.1.21 --- pkgs/development/libraries/ldb/default.nix | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/pkgs/development/libraries/ldb/default.nix b/pkgs/development/libraries/ldb/default.nix index b400ff813d2..07d4b034474 100644 --- a/pkgs/development/libraries/ldb/default.nix +++ b/pkgs/development/libraries/ldb/default.nix @@ -3,11 +3,11 @@ }: stdenv.mkDerivation rec { - name = "ldb-1.1.20"; + name = "ldb-1.1.21"; src = fetchurl { url = "mirror://samba/ldb/${name}.tar.gz"; - sha256 = "1ckplfvr8rp5y632w5j0abdgkj3irbzjh1wn0yxadnhz4ymknjds"; + sha256 = "1wfvqys8g3l2gki5xhf5jc50f6k95vdgzb97vvqfls404xzvnyr6"; }; buildInputs = [ @@ -16,7 +16,6 @@ stdenv.mkDerivation rec { ]; preConfigure = '' - echo $PYTHONPATH sed -i 's,#!/usr/bin/env python,#!${python}/bin/python,g' buildtools/bin/waf ''; From 898660f2d0453d64a953b7d6bf89068c1dab44f7 Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Fri, 31 Jul 2015 11:52:59 -0700 Subject: [PATCH 31/44] talloc: 2.1.2 -> 2.1.3 --- pkgs/development/libraries/talloc/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/talloc/default.nix b/pkgs/development/libraries/talloc/default.nix index d9f52d8d87c..467ccf9db86 100644 --- a/pkgs/development/libraries/talloc/default.nix +++ b/pkgs/development/libraries/talloc/default.nix @@ -3,11 +3,11 @@ }: stdenv.mkDerivation rec { - name = "talloc-2.1.2"; + name = "talloc-2.1.3"; src = fetchurl { url = "mirror://samba/talloc/${name}.tar.gz"; - sha256 = "13c365f7y8idjf2v1jxdjpkc3lxdmsxxfxjx1ymianm7zjiph393"; + sha256 = "1c1c3zs13qyripjwcjpz2hqc3p9p50m5yl95gdrrrvyl49dzg9bs"; }; buildInputs = [ From 40f45dcb6d8fa8c0e7831667b9bbe1a0575ff7d2 Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Fri, 31 Jul 2015 11:53:09 -0700 Subject: [PATCH 32/44] tdb: 1.3.6 -> 1.3.7 --- pkgs/development/libraries/tdb/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/tdb/default.nix b/pkgs/development/libraries/tdb/default.nix index 46f4bb68347..2bb47df20cf 100644 --- a/pkgs/development/libraries/tdb/default.nix +++ b/pkgs/development/libraries/tdb/default.nix @@ -3,11 +3,11 @@ }: stdenv.mkDerivation rec { - name = "tdb-1.3.6"; + name = "tdb-1.3.7"; src = fetchurl { url = "mirror://samba/tdb/${name}.tar.gz"; - sha256 = "19arbbicw469q6a9m8yyaigrxzrxkb1jnajlvq1v7n2qgqjdvmw5"; + sha256 = "04k42cjvjc5wsqsqf44397hclq3nxlm9avjcsbz2hsn01k59akd6"; }; buildInputs = [ From 308da3054e60c286ae525488a311445a7693a0ec Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Fri, 31 Jul 2015 12:38:36 -0700 Subject: [PATCH 33/44] ustr: Cleanup --- pkgs/development/libraries/ustr/default.nix | 30 ++++++++++++++++----- 1 file changed, 23 insertions(+), 7 deletions(-) diff --git a/pkgs/development/libraries/ustr/default.nix b/pkgs/development/libraries/ustr/default.nix index b016a6f715c..9a7475969c6 100644 --- a/pkgs/development/libraries/ustr/default.nix +++ b/pkgs/development/libraries/ustr/default.nix @@ -1,6 +1,6 @@ -{ stdenv, fetchurl, glibc }: -stdenv.mkDerivation rec { +{ stdenv, fetchurl }: +stdenv.mkDerivation rec { name = "ustr-${version}"; version = "1.0.4"; @@ -9,14 +9,30 @@ stdenv.mkDerivation rec { sha256 = "1i623ygdj7rkizj7985q9d6vj5amwg686aqb5j3ixpkqkyp6xbrx"; }; - prePatch = "substituteInPlace Makefile --replace /usr/include/ ${glibc}/include/"; + # Fixes bogus warnings that failed libsemanage + patches = [ ./va_args.patch ]; - patches = [ ./va_args.patch ]; # fixes bogus warnings that failed libsemanage + # Work around gcc5 switch to gnu11 + NIX_CFLAGS_COMPILE = "-std=gnu89"; - makeFlags = "DESTDIR=$(out) prefix= LDCONFIG=echo"; + # Fix detection of stdint.h + postPatch = '' + sed -i 's,\(have_stdint_h\)=0,\1=1,g' Makefile + sed -i 's,\(USTR_CONF_HAVE_STDINT_H\) 0,\1 1,g' ustr-import.in + ''; - configurePhase = "make ustr-import"; - buildInputs = [ glibc ]; + buildTargets = [ "all-shared" ]; + + preBuild = '' + makeFlagsArray+=("prefix=$out") + makeFlagsArray+=("LDCONFIG=echo") + makeFlagsArray+=("HIDE=") + ''; + + # Remove debug libraries + postInstall = '' + find $out/lib -name \*debug\* -delete + ''; meta = with stdenv.lib; { homepage = http://www.and.org/ustr/; From ffa178268892d668f4162a5c66c426476800acfe Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Fri, 31 Jul 2015 12:40:00 -0700 Subject: [PATCH 34/44] libsepol: 2.3 -> 2.4 --- pkgs/os-specific/linux/libsepol/default.nix | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/pkgs/os-specific/linux/libsepol/default.nix b/pkgs/os-specific/linux/libsepol/default.nix index 29b6d80445a..0417bf59cfa 100644 --- a/pkgs/os-specific/linux/libsepol/default.nix +++ b/pkgs/os-specific/linux/libsepol/default.nix @@ -1,22 +1,21 @@ -{ stdenv, fetchurl }: +{ stdenv, fetchurl, flex }: stdenv.mkDerivation rec { name = "libsepol-${version}"; - version = "2.3"; - se_release = "20140506"; + version = "2.4"; + se_release = "20150202"; se_url = "https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases"; src = fetchurl { url = "${se_url}/${se_release}/libsepol-${version}.tar.gz"; - sha256 = "13z6xakc2qqyhlvnc5h53jy7lqmh5b5cnpfn51lmvfdpqd18d3fc"; + sha256 = "0ncnwhpc1gx4hrrb822fqkwy5h75zzngsrfkd5mlqh1jk7aib419"; }; - preBuild = '' makeFlags="$makeFlags PREFIX=$out DESTDIR=$out" ''; + nativeBuildInputs = [ flex ]; - # TODO: Figure out why the build incorrectly links libsepol.so - postInstall = '' - rm $out/lib/libsepol.so - ln -s libsepol.so.1 $out/lib/libsepol.so + preBuild = '' + makeFlagsArray+=("PREFIX=$out") + makeFlagsArray+=("DESTDIR=$out") ''; passthru = { inherit se_release se_url; }; From b18a354c888c38c9373b48db8c32b93838df159a Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Fri, 31 Jul 2015 12:40:17 -0700 Subject: [PATCH 35/44] libselinux: 2.3 -> 2.4 --- pkgs/os-specific/linux/libselinux/default.nix | 23 +++++++++++-------- 1 file changed, 13 insertions(+), 10 deletions(-) diff --git a/pkgs/os-specific/linux/libselinux/default.nix b/pkgs/os-specific/linux/libselinux/default.nix index 746f49b519d..69e5fa856e3 100644 --- a/pkgs/os-specific/linux/libselinux/default.nix +++ b/pkgs/os-specific/linux/libselinux/default.nix @@ -8,12 +8,12 @@ with stdenv.lib; stdenv.mkDerivation rec { name = "libselinux-${version}"; - version = "2.3"; + version = "2.4"; inherit (libsepol) se_release se_url; src = fetchurl { url = "${se_url}/${se_release}/libselinux-${version}.tar.gz"; - sha256 = "1ckpiv6m5c07rp5vawlhv02w5rq8kc0n95fh2ckq2jnqxi1hn7hb"; + sha256 = "0yqg73ns97jwjh1iyv0jr5qxb8k5sqq5ywfkx11lzfn5yj8k0126"; }; buildInputs = [ pkgconfig libsepol pcre ] @@ -23,16 +23,19 @@ stdenv.mkDerivation rec { sed -i -e 's|\$(LIBDIR)/libsepol.a|${libsepol}/lib/libsepol.a|' src/Makefile ''; - installFlags = [ "PREFIX=$(out)" "DESTDIR=$(out)" ]; - installTargets = [ "install" ] ++ optional enablePython "install-pywrap"; + NIX_CFLAGS_COMPILE = "-std=gnu89"; - # TODO: Figure out why the build incorrectly links libselinux.so - postInstall = '' - rm $out/lib/libselinux.so - ln -s libselinux.so.1 $out/lib/libselinux.so + preBuild = '' + # Build fails without this precreated + mkdir -p $out/include + + makeFlagsArray+=("PREFIX=$out") + makeFlagsArray+=("DESTDIR=$out") ''; - meta = { - inherit (libsepol.meta) homepage platforms maintainers; + installTargets = [ "install" ] ++ optional enablePython "install-pywrap"; + + meta = libsepol.meta // { + description = "SELinux core library"; }; } From 0b191e565b0b8d0db910fbf99019400d27396370 Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Fri, 31 Jul 2015 12:40:46 -0700 Subject: [PATCH 36/44] checkpolicy: 2.3 -> 2.4 --- .../os-specific/linux/checkpolicy/default.nix | 27 +++++++++++-------- 1 file changed, 16 insertions(+), 11 deletions(-) diff --git a/pkgs/os-specific/linux/checkpolicy/default.nix b/pkgs/os-specific/linux/checkpolicy/default.nix index 1f06fb66218..d4ae82528f1 100644 --- a/pkgs/os-specific/linux/checkpolicy/default.nix +++ b/pkgs/os-specific/linux/checkpolicy/default.nix @@ -1,25 +1,30 @@ -{ stdenv, fetchurl, libsepol, libselinux, bison, flex }: -stdenv.mkDerivation rec { +{ stdenv, fetchurl, bison, flex, libsepol }: +stdenv.mkDerivation rec { name = "checkpolicy-${version}"; - version = "2.3"; + version = "2.4"; inherit (libsepol) se_release se_url; src = fetchurl { url = "${se_url}/${se_release}/checkpolicy-${version}.tar.gz"; - sha256 = "0yr0r2cxz9lbj7i0wqgcd4wjvc6zf1fmqk0xjybnkdpcmw8jsqwh"; + sha256 = "1m5wjm43lzp6bld8higsvdm2dkddydihhwv9qw2w9r4dm0largcv"; }; - buildInputs = [ libsepol libselinux bison flex ]; + nativeBuildInputs = [ bison flex ]; + buildInputs = [ libsepol ]; - preBuild = '' - makeFlags="$makeFlags LEX=flex LIBDIR=${libsepol}/lib PREFIX=$out" - sed -e 's@[.]o$@& ../lex.yy.o@' -i test/Makefile + # Don't build tests + postPatch = '' + sed -i '/-C test/d' Makefile ''; - meta = with stdenv.lib; { + preBuild = '' + makeFlagsArray+=("LEX=flex") + makeFlagsArray+=("LIBDIR=${libsepol}/lib") + makeFlagsArray+=("PREFIX=$out") + ''; + + meta = libsepol.meta // { description = "SELinux policy compiler"; - license = licenses.gpl2; - inherit (libsepol.meta) homepage platforms maintainers; }; } From f23406c0e27beff6421deb901dc1ac6fcf4c2073 Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Fri, 31 Jul 2015 12:40:31 -0700 Subject: [PATCH 37/44] libsemanage: 2.3 -> 2.4 --- .../os-specific/linux/libsemanage/default.nix | 24 ++++++++++--------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/pkgs/os-specific/linux/libsemanage/default.nix b/pkgs/os-specific/linux/libsemanage/default.nix index 599da9e4b3c..fd94fc6b094 100644 --- a/pkgs/os-specific/linux/libsemanage/default.nix +++ b/pkgs/os-specific/linux/libsemanage/default.nix @@ -1,25 +1,27 @@ -{ stdenv, fetchurl, libsepol, libselinux, ustr, bzip2, bison, flex, audit }: -stdenv.mkDerivation rec { +{ stdenv, fetchurl, bison, flex, libsepol, libselinux, ustr, bzip2, libaudit }: +stdenv.mkDerivation rec { name = "libsemanage-${version}"; - version = "2.3"; + version = "2.4"; inherit (libsepol) se_release se_url; src = fetchurl { url = "${se_url}/${se_release}/libsemanage-${version}.tar.gz"; - sha256 = "0jrf66df80mvjhrsbxcnb60j69pg4dh2pydy8vj8dhhiwqsrxq03"; + sha256 = "1134ka4mi4387ac5yv68bpp2y7ln5xxhwp07xhqnay0nxzjaqk0s"; }; - makeFlags = "PREFIX=$(out) DESTDIR=$(out)"; + nativeBuildInputs = [ bison flex ]; + buildInputs = [ libsepol libselinux ustr bzip2 libaudit ]; - NIX_CFLAGS_COMPILE = "-fstack-protector-all"; - NIX_CFLAGS_LINK = "-lsepol"; + preBuild = '' + makeFlagsArray+=("PREFIX=$out") + makeFlagsArray+=("DESTDIR=$out") + ''; - buildInputs = [ libsepol libselinux ustr bzip2 bison flex audit ]; + NIX_CFLAGS_COMPILE = "-fstack-protector-all -std=gnu89"; - meta = with stdenv.lib; { - inherit (libsepol.meta) homepage platforms maintainers; + meta = libsepol.meta // { description = "Policy management tools for SELinux"; - license = licenses.lgpl21; + license = stdenv.lib.licenses.lgpl21; }; } From c06b1d84f137a6c35c22110ebf4c1e7426024756 Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Fri, 31 Jul 2015 13:05:13 -0700 Subject: [PATCH 38/44] sepolgen: 1.2.1 -> 1.2.2 --- pkgs/os-specific/linux/sepolgen/default.nix | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/pkgs/os-specific/linux/sepolgen/default.nix b/pkgs/os-specific/linux/sepolgen/default.nix index 812b100699f..4067e5f70e2 100644 --- a/pkgs/os-specific/linux/sepolgen/default.nix +++ b/pkgs/os-specific/linux/sepolgen/default.nix @@ -2,17 +2,19 @@ stdenv.mkDerivation rec { name = "sepolgen-${version}"; - version = "1.2.1"; + version = "1.2.2"; inherit (libsepol) se_release se_url; src = fetchurl { url = "${se_url}/${se_release}/sepolgen-${version}.tar.gz"; - sha256 = "1c41hz4a64mjvbfhgc7c7plydahsc161z0qn46qz2g3bvimj9323"; + sha256 = "09139kspr41zgksayi4dh982p8080lrfl96p4dld51nknbpaigdy"; }; - makeFlags = "PREFIX=$(out) DESTDIR=$(out) PYTHONLIBDIR=lib/${python.libPrefix}/site-packages"; - - buildInputs = [ python ]; + preBuild = '' + makeFlagsArray+=("PREFIX=$out") + makeFlagsArray+=("DESTDIR=$out") + makeFlagsArray+=("PYTHONLIBDIR=lib/${python.libPrefix}/site-packages") + ''; meta = with stdenv.lib; { inherit (libsepol.meta) homepage platforms maintainers; From f6e554f28871306a0235cd9be7397cfd587a83f1 Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Fri, 31 Jul 2015 13:02:41 -0700 Subject: [PATCH 39/44] selinux: Use fstack-protector=all --- pkgs/os-specific/linux/checkpolicy/default.nix | 2 ++ pkgs/os-specific/linux/libselinux/default.nix | 4 ++-- pkgs/os-specific/linux/libsemanage/default.nix | 4 ++-- pkgs/os-specific/linux/libsepol/default.nix | 2 ++ 4 files changed, 8 insertions(+), 4 deletions(-) diff --git a/pkgs/os-specific/linux/checkpolicy/default.nix b/pkgs/os-specific/linux/checkpolicy/default.nix index d4ae82528f1..9fbed50f3b9 100644 --- a/pkgs/os-specific/linux/checkpolicy/default.nix +++ b/pkgs/os-specific/linux/checkpolicy/default.nix @@ -13,6 +13,8 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ bison flex ]; buildInputs = [ libsepol ]; + NIX_CFLAGS_COMPILE = "-fstack-protector-all"; + # Don't build tests postPatch = '' sed -i '/-C test/d' Makefile diff --git a/pkgs/os-specific/linux/libselinux/default.nix b/pkgs/os-specific/linux/libselinux/default.nix index 69e5fa856e3..d3279780c7c 100644 --- a/pkgs/os-specific/linux/libselinux/default.nix +++ b/pkgs/os-specific/linux/libselinux/default.nix @@ -19,12 +19,12 @@ stdenv.mkDerivation rec { buildInputs = [ pkgconfig libsepol pcre ] ++ optionals enablePython [ swig python ]; + NIX_CFLAGS_COMPILE = "-fstack-protector-all -std=gnu89"; + postPatch = optionalString enablePython '' sed -i -e 's|\$(LIBDIR)/libsepol.a|${libsepol}/lib/libsepol.a|' src/Makefile ''; - NIX_CFLAGS_COMPILE = "-std=gnu89"; - preBuild = '' # Build fails without this precreated mkdir -p $out/include diff --git a/pkgs/os-specific/linux/libsemanage/default.nix b/pkgs/os-specific/linux/libsemanage/default.nix index fd94fc6b094..c60d96bba78 100644 --- a/pkgs/os-specific/linux/libsemanage/default.nix +++ b/pkgs/os-specific/linux/libsemanage/default.nix @@ -13,13 +13,13 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ bison flex ]; buildInputs = [ libsepol libselinux ustr bzip2 libaudit ]; + NIX_CFLAGS_COMPILE = "-fstack-protector-all -std=gnu89"; + preBuild = '' makeFlagsArray+=("PREFIX=$out") makeFlagsArray+=("DESTDIR=$out") ''; - NIX_CFLAGS_COMPILE = "-fstack-protector-all -std=gnu89"; - meta = libsepol.meta // { description = "Policy management tools for SELinux"; license = stdenv.lib.licenses.lgpl21; diff --git a/pkgs/os-specific/linux/libsepol/default.nix b/pkgs/os-specific/linux/libsepol/default.nix index 0417bf59cfa..ecbb2a0ec46 100644 --- a/pkgs/os-specific/linux/libsepol/default.nix +++ b/pkgs/os-specific/linux/libsepol/default.nix @@ -13,6 +13,8 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ flex ]; + NIX_CFLAGS_COMPILE = "-fstack-protector-all"; + preBuild = '' makeFlagsArray+=("PREFIX=$out") makeFlagsArray+=("DESTDIR=$out") From b7389a2d1ae56ce19b9dfaf556f183e46d7fc5ae Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Fri, 31 Jul 2015 14:58:06 -0700 Subject: [PATCH 40/44] libaudit: Add stub --- pkgs/top-level/all-packages.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index dbda5432032..acecdb56129 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -9374,6 +9374,7 @@ let atop = callPackage ../os-specific/linux/atop { }; audit = callPackage ../os-specific/linux/audit { }; + libaudit = audit; b43Firmware_5_1_138 = callPackage ../os-specific/linux/firmware/b43-firmware/5.1.138.nix { }; From 3ada013455862eeea16a224a140be20aa7e6dbcd Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Fri, 31 Jul 2015 15:14:58 -0700 Subject: [PATCH 41/44] setools: 3.3.8 -> 2015-02-12 --- pkgs/os-specific/linux/setools/default.nix | 34 +++++++++---------- .../ftbfs-invalid-operands-of-types.patch | 15 -------- 2 files changed, 17 insertions(+), 32 deletions(-) delete mode 100644 pkgs/os-specific/linux/setools/ftbfs-invalid-operands-of-types.patch diff --git a/pkgs/os-specific/linux/setools/default.nix b/pkgs/os-specific/linux/setools/default.nix index 63a43b2b5e9..bb17683800f 100644 --- a/pkgs/os-specific/linux/setools/default.nix +++ b/pkgs/os-specific/linux/setools/default.nix @@ -1,28 +1,28 @@ -{ stdenv, fetchurl, fetchpatch, autoreconfHook, pkgconfig, bison, flex +{ stdenv, fetchFromGitHub, autoreconfHook, pkgconfig, bison, flex , python, swig2, tcl, libsepol, libselinux, libxml2, sqlite, bzip2 }: stdenv.mkDerivation rec { - name = "setools-3.3.8"; + name = "setools-2015-02-12"; - src = fetchurl { - url = "http://oss.tresys.com/projects/setools/chrome/site/dists/${name}/${name}.tar.bz2"; - sha256 = "16g987ijaxabc30zyjzia4nafq49rm038y1pm4vca7i3kb67wf24"; + src = fetchFromGitHub { + owner = "TresysTechnology"; + repo = "setools3"; + rev = "f1e5b208d507171968ca4d2eeefd7980f1004a3c"; + sha256 = "02gzy2kpszhr13f0d9qfiwh2hj4201g2x366j53v5n5qz481aykd"; }; - patches = [ ./ftbfs-invalid-operands-of-types.patch ]; + configureFlags = [ + "--disable-gui" + "--with-sepol-devel=${libsepol}" + "--with-selinux-devel=${libselinux}" + "--with-tcl=${tcl}/lib" + ]; - # SWIG-TCL is broken in 3.3.8 - configureFlags = '' - --with-tcl=${tcl}/lib - --with-sepol-devel=${libsepol} - --with-selinux-devel=${libselinux} - --disable-gui - --disable-swig-tcl - ''; + NIX_CFLAGS_COMPILE = "-fstack-protector-all"; + NIX_LDFLAGS = "-L${libsepol}/lib -L${libselinux}/lib"; - buildInputs = [ autoreconfHook pkgconfig bison flex python swig2 ]; - - nativeBuildInputs = [ tcl libsepol libselinux libxml2 sqlite bzip2 ]; + nativeBuildInputs = [ autoreconfHook pkgconfig python swig2 bison flex ]; + buildInputs = [ tcl libxml2 sqlite bzip2 ]; meta = { description = "SELinux Tools"; diff --git a/pkgs/os-specific/linux/setools/ftbfs-invalid-operands-of-types.patch b/pkgs/os-specific/linux/setools/ftbfs-invalid-operands-of-types.patch deleted file mode 100644 index 97a5727f05b..00000000000 --- a/pkgs/os-specific/linux/setools/ftbfs-invalid-operands-of-types.patch +++ /dev/null @@ -1,15 +0,0 @@ -https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=750331 - -Index: setools-git/secmds/replcon.cc -=================================================================== ---- setools-git.orig/secmds/replcon.cc -+++ setools-git/secmds/replcon.cc -@@ -60,7 +60,7 @@ static struct option const longopts[] = - {NULL, 0, NULL, 0} - }; - --extern int lsetfilecon_raw(const char *, security_context_t) __attribute__ ((weak)); -+extern int lsetfilecon_raw(const char *, const char *) __attribute__ ((weak)); - - /** - * As that setools must work with older libselinux versions that may From c53a13fe0e11cab6bbd8877205b3a1da6fa2592f Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Fri, 31 Jul 2015 17:00:57 -0700 Subject: [PATCH 42/44] policycoreutils: 2.3 -> 2.4 --- pkgs/os-specific/linux/libselinux/default.nix | 2 +- .../linux/policycoreutils/default.nix | 54 ++++++++++++------- .../linux/policycoreutils/size_format.patch | 11 ---- 3 files changed, 35 insertions(+), 32 deletions(-) delete mode 100644 pkgs/os-specific/linux/policycoreutils/size_format.patch diff --git a/pkgs/os-specific/linux/libselinux/default.nix b/pkgs/os-specific/linux/libselinux/default.nix index d3279780c7c..22ff351e45a 100644 --- a/pkgs/os-specific/linux/libselinux/default.nix +++ b/pkgs/os-specific/linux/libselinux/default.nix @@ -1,5 +1,5 @@ { stdenv, fetchurl, pkgconfig, libsepol, pcre -, enablePython ? false, swig ? null, python ? null +, enablePython ? true, swig ? null, python ? null }: assert enablePython -> swig != null && python != null; diff --git a/pkgs/os-specific/linux/policycoreutils/default.nix b/pkgs/os-specific/linux/policycoreutils/default.nix index ef7e76824db..4eb8394a4d3 100644 --- a/pkgs/os-specific/linux/policycoreutils/default.nix +++ b/pkgs/os-specific/linux/policycoreutils/default.nix @@ -1,29 +1,38 @@ -{ stdenv, fetchurl, intltool, pcre, libcap_ng, libcgroup -, libsepol, libselinux, libsemanage, setools -, python, sepolgen }: -stdenv.mkDerivation rec { +{ stdenv, fetchurl, pythonPackages, gettext +, setools, libsepol, libselinux, libcap_ng, libsemanage, sepolgen +}: +stdenv.mkDerivation rec { name = "policycoreutils-${version}"; - version = "2.3"; + version = "2.4"; inherit (libsepol) se_release se_url; src = fetchurl { url = "${se_url}/${se_release}/policycoreutils-${version}.tar.gz"; - sha256 = "1lpwxr5hw3dwhlp2p7y8jcr18mvfcrclwd8c2idz3lmmb3pglk46"; + sha256 = "0y9l9k60iy21hj0lcvfdfxs1fxydg6d3pxp9rhy7hwr4y5vgh6dq"; }; - preConfigure = '' + postPatch = '' + # Fix references to libsepol.a + find . -name Makefile -exec sed -i 's,[^ ]*/libsepol.a,${libsepol}/lib/libsepol.a,g' {} \; + + # Fix install references substituteInPlace po/Makefile --replace /usr/bin/install install - find . -type f -exec sed -i 's,/usr/bin/python,${python}/bin/python,' {} \; + + # Fix references to /usr/share + grep -r '/usr/share' | awk -F: '{print $1}' | xargs sed -i "s,\(\$(DESTDIR)\)*/usr/share,$out/share,g" + + # Fix sepolicy install + sed -i "s,\(setup.py install\).*,\1 --prefix=$out,g" sepolicy/Makefile ''; - buildInputs = [ intltool pcre libcap_ng libcgroup - libsepol libselinux libsemanage setools - python sepolgen # ToDo? these are optional - ]; + nativeBuildInputs = [ pythonPackages.python gettext ]; + buildInputs = [ setools libsepol libselinux libcap_ng libsemanage ]; + pythonPath = [ libselinux sepolgen ]; preBuild = '' - mkdir -p "$out/lib" && cp -s "${libsepol}/lib/libsepol.a" "$out/lib" + makeFlagsArray+=("PREFIX=$out") + makeFlagsArray+=("DESTDIR=$out") ''; # Creation of the system-config-selinux directory is broken @@ -31,14 +40,19 @@ stdenv.mkDerivation rec { mkdir -p $out/share/system-config-selinux ''; + # Fix the python scripts to include paths to libraries + # NOTE: We are not using wrapPythonPrograms or makeWrapper as these scripts + # purge the environment as a security measure + postInstall = '' + grep -r '#!.*python' $out/bin | awk -F: '{print $1}' | xargs sed -i "1a \ + import sys; \ + sys.path.append('$(toPythonPath "$out")'); \ + ${stdenv.lib.flip stdenv.lib.concatMapStrings pythonPath (lib: '' + sys.path.append('$(toPythonPath "${lib}")'); \ + '')}" + ''; + NIX_CFLAGS_COMPILE = "-fstack-protector-all"; - NIX_LDFLAGS = "-lsepol -lpcre"; - - makeFlags = "PREFIX=$(out) DESTDIR=$(out) LOCALEDIR=$(out)/share/locale"; - - patches = [ ./size_format.patch ]; - - patchFlags = [ "-p0" ]; meta = with stdenv.lib; { description = "SELinux policy core utilities"; diff --git a/pkgs/os-specific/linux/policycoreutils/size_format.patch b/pkgs/os-specific/linux/policycoreutils/size_format.patch deleted file mode 100644 index 04432098547..00000000000 --- a/pkgs/os-specific/linux/policycoreutils/size_format.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- setfiles/restore.c.orig 2014-08-21 17:26:00.200788259 +0200 -+++ setfiles/restore.c 2014-08-21 17:26:04.728888118 +0200 -@@ -118,7 +118,7 @@ - r_opts->count++; - if (r_opts->count % STAR_COUNT == 0) { - if (r_opts->progress == 1) { -- fprintf(stdout, "\r%luk", (size_t) r_opts->count / STAR_COUNT ); -+ fprintf(stdout, "\r%zuk", (size_t) r_opts->count / STAR_COUNT ); - } else { - if (r_opts->nfile > 0) { - progress = (r_opts->count < r_opts->nfile) ? (100.0 * r_opts->count / r_opts->nfile) : 100; From 7a6b3bf6880b45f1a55ff371564f5c91e26d781f Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Fri, 31 Jul 2015 17:07:44 -0700 Subject: [PATCH 43/44] cgmanager: 0.36 -> 0.37 --- pkgs/os-specific/linux/cgmanager/default.nix | 16 +++------------- 1 file changed, 3 insertions(+), 13 deletions(-) diff --git a/pkgs/os-specific/linux/cgmanager/default.nix b/pkgs/os-specific/linux/cgmanager/default.nix index 79be500a13d..8f56eda3a1b 100644 --- a/pkgs/os-specific/linux/cgmanager/default.nix +++ b/pkgs/os-specific/linux/cgmanager/default.nix @@ -1,31 +1,21 @@ { stdenv, fetchurl, pkgconfig, libnih, dbus }: stdenv.mkDerivation rec { - name = "cgmanager-0.36"; + name = "cgmanager-0.37"; src = fetchurl { url = "https://linuxcontainers.org/downloads/cgmanager/${name}.tar.gz"; - sha256 = "039azd4ghpmiccd95ki8fna321kccapff00rib6hrdgg600pyw7l"; + sha256 = "0vkv8am6h3x89c1rqb6a1glwz3mik3065jigri96njjzmvrff2c3"; }; buildInputs = [ pkgconfig libnih dbus ]; configureFlags = [ "--with-init-script=systemd" - "--sysconfdir=/etc/" + "--sysconfdir=/etc" "--localstatedir=/var" ]; - installFlags = [ "DESTDIR=\${out}" ]; - - postInstall = '' - mv $out/$out/* $out - DIR=$out/$out - while rmdir $DIR 2>/dev/null; do - DIR="$(dirname "$DIR")" - done - ''; - meta = with stdenv.lib; { homepage = https://linuxcontainers.org/cgmanager/introduction/; description = "a central privileged daemon that manages all your cgroups"; From 85e2c8ff23feb5f6344acde44d8b51d46c4ba89a Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Fri, 31 Jul 2015 17:08:04 -0700 Subject: [PATCH 44/44] lxc: Cleanup --- pkgs/os-specific/linux/lxc/default.nix | 36 +++++++++++++++++--------- pkgs/top-level/all-packages.nix | 4 +-- 2 files changed, 25 insertions(+), 15 deletions(-) diff --git a/pkgs/os-specific/linux/lxc/default.nix b/pkgs/os-specific/linux/lxc/default.nix index 1c6847cce82..c7170d5b464 100644 --- a/pkgs/os-specific/linux/lxc/default.nix +++ b/pkgs/os-specific/linux/lxc/default.nix @@ -1,7 +1,9 @@ { stdenv, fetchFromGitHub, autoreconfHook, pkgconfig, perl, docbook2x -, docbook_xml_dtd_45, systemd, wrapPython -, libapparmor ? null, gnutls ? null, libseccomp ? null, cgmanager ? null -, libnih ? null, dbus ? null, libcap ? null, python3 ? null +, docbook_xml_dtd_45, python3Packages + +# Optional Dependencies +, libapparmor ? null, gnutls ? null, libselinux ? null, libseccomp ? null +, cgmanager ? null, libnih ? null, dbus ? null, libcap ? null, systemd ? null }: let @@ -18,10 +20,12 @@ stdenv.mkDerivation rec { sha256 = "149nq630h9bg87hb3cn086ci0cz29l7fp3i6qf1mqxv7hnildm8p"; }; + nativeBuildInputs = [ + autoreconfHook pkgconfig perl docbook2x python3Packages.wrapPython + ]; buildInputs = [ - autoreconfHook pkgconfig perl docbook2x systemd - libapparmor gnutls libseccomp cgmanager libnih dbus libcap python3 - wrapPython + libapparmor gnutls libselinux libseccomp cgmanager libnih dbus libcap + python3Packages.python systemd ]; patches = [ ./support-db2x.patch ]; @@ -31,17 +35,23 @@ stdenv.mkDerivation rec { configureFlags = [ "--localstatedir=/var" "--sysconfdir=/etc" - "--with-rootfs-path=/var/lib/lxc/rootfs" + "--enable-doc" + "--disable-api-docs" ] ++ optional (libapparmor != null) "--enable-apparmor" - ++ optional (gnutls != null) "--enable-gnutls" + ++ optional (libselinux != null) "--enable-selinux" ++ optional (libseccomp != null) "--enable-seccomp" - ++ optional (enableCgmanager) "--enable-cgmanager" ++ optional (libcap != null) "--enable-capabilities" ++ [ - "--enable-doc" - "--enable-tests" + "--disable-examples" + "--enable-python" + "--disable-lua" + "--enable-bash" + (if doCheck then "--enable-tests" else "--disable-tests") + "--with-rootfs-path=/var/lib/lxc/rootfs" ]; + doCheck = false; + installFlags = [ "localstatedir=\${TMPDIR}" "sysconfdir=\${out}/etc" @@ -50,7 +60,9 @@ stdenv.mkDerivation rec { "LXCPATH=\${TMPDIR}/var/lib/lxc" ]; - postInstall = "wrapPythonPrograms"; + postInstall = '' + wrapPythonPrograms + ''; meta = { homepage = "http://lxc.sourceforge.net"; diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index acecdb56129..149c77a0bf2 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -2140,9 +2140,7 @@ let lshw = callPackage ../tools/system/lshw { }; - lxc = callPackage ../os-specific/linux/lxc { - wrapPython = python3Packages.wrapPython; - }; + lxc = callPackage ../os-specific/linux/lxc { }; lzip = callPackage ../tools/compression/lzip { };