public
/
nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge staging-next into staging

This commit is contained in:
github-actions[bot] 2021-04-28 00:15:29 +00:00 committed by GitHub
parent 97889a52e1 dc8ff4a460
commit 655989d7b3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
33 changed files with 318 additions and 190 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
nixos/modules/services/web-apps/mastodon.nix
View File

@ -31,7 +31,7 @@ let
// (if cfg.smtp.authenticate then { SMTP_LOGIN = cfg.smtp.user; } else {})
// cfg.extraConfig;
systemCallsList = [ "@clock" "@cpu-emulation" "@debug" "@keyring" "@module" "@mount" "@obsolete" "@raw-io" "@reboot" "@resources" "@setuid" "@swap" ];
systemCallsList = [ "@clock" "@cpu-emulation" "@debug" "@keyring" "@module" "@mount" "@obsolete" "@raw-io" "@reboot" "@setuid" "@swap" ];
cfgService = {
# User and group
@ -434,7 +434,7 @@ in {
Type = "oneshot";
WorkingDirectory = cfg.package;
# System Call Filtering
SystemCallFilter = "~" + lib.concatStringsSep " " systemCallsList;
SystemCallFilter = "~" + lib.concatStringsSep " " (systemCallsList ++ [ "@resources" ]);
} // cfgService;
after = [ "network.target" ];
@ -461,7 +461,7 @@ in {
EnvironmentFile = "/var/lib/mastodon/.secrets_env";
WorkingDirectory = cfg.package;
# System Call Filtering
SystemCallFilter = "~" + lib.concatStringsSep " " systemCallsList;
SystemCallFilter = "~" + lib.concatStringsSep " " (systemCallsList ++ [ "@resources" ]);
} // cfgService;
after = [ "mastodon-init-dirs.service" "network.target" ] ++ (if databaseActuallyCreateLocally then [ "postgresql.service" ] else []);
wantedBy = [ "multi-user.target" ];
@ -487,7 +487,7 @@ in {
RuntimeDirectory = "mastodon-streaming";
RuntimeDirectoryMode = "0750";
# System Call Filtering
SystemCallFilter = "~" + lib.concatStringsSep " " (systemCallsList ++ [ "@privileged" ]);
SystemCallFilter = "~" + lib.concatStringsSep " " (systemCallsList ++ [ "@privileged" "@resources" ]);
} // cfgService;
};
@ -511,7 +511,7 @@ in {
RuntimeDirectory = "mastodon-web";
RuntimeDirectoryMode = "0750";
# System Call Filtering
SystemCallFilter = "~" + lib.concatStringsSep " " (systemCallsList ++ [ "@privileged" ]);
SystemCallFilter = "~" + lib.concatStringsSep " " (systemCallsList ++ [ "@resources" ]);
} // cfgService;
path = with pkgs; [ file imagemagick ffmpeg ];
};
@ -532,7 +532,7 @@ in {
EnvironmentFile = "/var/lib/mastodon/.secrets_env";
WorkingDirectory = cfg.package;
# System Call Filtering
SystemCallFilter = "~" + lib.concatStringsSep " " (systemCallsList ++ [ "@privileged" ]);
SystemCallFilter = "~" + lib.concatStringsSep " " systemCallsList;
} // cfgService;
path = with pkgs; [ file imagemagick ffmpeg ];
};

13
nixos/tests/installer.nix
View File

@ -294,7 +294,7 @@ let
# the same during and after installation.
virtualisation.emptyDiskImages = [ 512 ];
virtualisation.bootDevice =
if grubVersion == 1 then "/dev/sdb" else "/dev/vdb";
if grubVersion == 1 then "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive2" else "/dev/vdb";
virtualisation.qemu.diskInterface =
if grubVersion == 1 then "scsi" else "virtio";
@ -695,22 +695,23 @@ in {
};
# Test a basic install using GRUB 1.
grub1 = makeInstallerTest "grub1" {
grub1 = makeInstallerTest "grub1" rec {
createPartitions = ''
machine.succeed(
"flock /dev/sda parted --script /dev/sda -- mklabel msdos"
"flock ${grubDevice} parted --script ${grubDevice} -- mklabel msdos"
+ " mkpart primary linux-swap 1M 1024M"
+ " mkpart primary ext2 1024M -1s",
"udevadm settle",
"mkswap /dev/sda1 -L swap",
"mkswap ${grubDevice}-part1 -L swap",
"swapon -L swap",
"mkfs.ext3 -L nixos /dev/sda2",
"mkfs.ext3 -L nixos ${grubDevice}-part2",
"mount LABEL=nixos /mnt",
"mkdir -p /mnt/tmp",
)
'';
grubVersion = 1;
grubDevice = "/dev/sda";
# /dev/sda is not stable, even when the SCSI disk number is.
grubDevice = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive1";
};
# Test using labels to identify volumes in grub

16
pkgs/applications/graphics/kodelife/default.nix
View File

@ -9,22 +9,20 @@
stdenv.mkDerivation rec {
pname = "kodelife";
version = "0.9.0.129";
version = "0.9.8.143";
suffix = {
aarch64-linux = "linux-arm64";
armv7l-linux = "linux-armhf";
x86_64-darwin = "macos";
x86_64-linux = "linux-x86_64";
}.${stdenv.hostPlatform.system} or (throw "Unsupported system: ${stdenv.hostPlatform.system}");
src = fetchzip {
url = "https://hexler.net/pub/${pname}/${pname}-${version}-${suffix}.zip";
sha256 = {
aarch64-linux = "0z2fqlf156348ha3zhv16kvqdx68fbwbzch2gzjm9x1na9n5k1ra";
armv7l-linux = "1ppwgrmgl1j2ws9mhrscvvkamd69a6xw7x35df6d30cyj97r0mzy";
x86_64-darwin = "0f8vn6m3xzsiyxm2ka5wkbp63wvzrix6g1xrbpvcm3v2llmychkl";
x86_64-linux = "035c1nlw0nim057sz3axpkcgkafqbm6gpr8hwr097vlrqll6w3dv";
aarch64-linux = "0ryjmpzpfqdqrvqpq851vvrjd8ld5g91gcigpv9rxp3z1b7qdand";
armv7l-linux = "08nlwn8ixndqil4m7j6c8gjxmwx8zi3in86arnwf13shk6cds5nb";
x86_64-linux = "0kbz7pvh4i4a3pj1vzbzzslha825i888isvsigcqsqvipjr4798q";
}.${stdenv.hostPlatform.system} or (throw "Unsupported system: ${stdenv.hostPlatform.system}");
};
@ -35,8 +33,10 @@ stdenv.mkDerivation rec {
preferLocalBuild = true;
installPhase = ''
runHook preInstall
mkdir -p $out/bin
mv KodeLife $out/bin
runHook postInstall
'';
preFixup = let
@ -49,7 +49,7 @@ stdenv.mkDerivation rec {
libGLU libGL
xorg.libX11
];
in lib.optionalString (!stdenv.isDarwin) ''
in ''
patchelf \
--set-interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" \
--set-rpath "${libPath}" \
@ -61,6 +61,6 @@ stdenv.mkDerivation rec {
description = "Real-time GPU shader editor";
license = licenses.unfree;
maintainers = with maintainers; [ prusnak ];
platforms = [ "aarch64-linux" "armv7l-linux" "x86_64-darwin" "x86_64-linux" ];
platforms = [ "aarch64-linux" "armv7l-linux" "x86_64-linux" ];
};
}

8
pkgs/applications/graphics/krita/default.nix
View File

@ -10,11 +10,11 @@
mkDerivation rec {
pname = "krita";
version = "4.4.2";
version = "4.4.3";
src = fetchurl {
url = "https://download.kde.org/stable/${pname}/${version}/${pname}-${version}.tar.xz";
sha256 = "121fjdv5phx1aqk21vx9k9vsc5k1w8s86gp6pamy2y31r2ph7r8y";
url = "https://download.kde.org/stable/${pname}/${version}/${pname}-${version}.tar.gz";
sha256 = "0rwghzci2wn2jmisvnzs23yxc2z3d4dcx2qbbhcvjyi3q8ij61nl";
};
nativeBuildInputs = [ cmake extra-cmake-modules python3Packages.sip makeWrapper ];
@ -48,6 +48,6 @@ mkDerivation rec {
homepage = "https://krita.org/";
maintainers = with maintainers; [ abbradar ];
platforms = platforms.linux;
license = licenses.gpl2;
license = licenses.gpl3Only;
};
}

4
pkgs/applications/misc/khal/default.nix
View File

@ -2,11 +2,11 @@
with python3.pkgs; buildPythonApplication rec {
pname = "khal";
version = "0.10.2";
version = "0.10.3";
src = fetchPypi {
inherit pname version;
sha256 = "11qhrga44knlnp88py9p547d4nr5kn041d2nszwa3dqw7mf22ks9";
sha256 = "sha256-L92PwU/ll+Wn1unGPHho2WC07QIbVjxoSnHwcJDtpDI=";
};
patches = [

2
pkgs/applications/networking/instant-messengers/discord/base.nix
View File

@ -75,7 +75,7 @@ in stdenv.mkDerivation rec {
homepage = "https://discordapp.com/";
downloadPage = "https://discordapp.com/download";
license = licenses.unfree;
maintainers = with maintainers; [ ldesgoui MP2E tadeokondrak ];
maintainers = with maintainers; [ ldesgoui MP2E ];
platforms = [ "x86_64-linux" ];
};
}

4
pkgs/applications/networking/irc/catgirl/default.nix
View File

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
pname = "catgirl";
version = "1.6";
version = "1.7";
src = fetchurl {
url = "https://git.causal.agency/catgirl/snapshot/${pname}-${version}.tar.gz";
sha256 = "0shg02zidqqmvywqqsaazlgg9rd5lhhrvjx6n0lzmdfaawxywciv";
sha256 = "sha256-3shSdeq4l6Y5DEJZEVMHAngp6vjnkPjzpLpcp407X/0=";
};
nativeBuildInputs = [ ctags pkg-config ];

10
pkgs/applications/science/logic/elan/default.nix
View File

@ -7,16 +7,16 @@ in
rustPlatform.buildRustPackage rec {
pname = "elan";
version = "0.11.0";
version = "1.0.0";
src = fetchFromGitHub {
owner = "kha";
owner = "leanprover";
repo = "elan";
rev = "v${version}";
sha256 = "1sl69ygdwhf80sx6m76x5gp1kwsw0rr1lv814cgzm8hvyr6g0jqa";
sha256 = "sha256-Ve9nd/IEHo7Gg4WyxqKLUV495U1k9LfDyClkuVkooyA=";
};
cargoSha256 = "1f881maf8jizd5ip7pc1ncbiq7lpggp0byma13pvqk7gisnqyr4r";
cargoSha256 = "sha256-InGMZdP0c/QKU6ao8qhAUIDcAhOTumLOz6wo/u2+ibA=";
nativeBuildInputs = [ pkg-config makeWrapper ];
@ -61,7 +61,7 @@ rustPlatform.buildRustPackage rec {
meta = with lib; {
description = "Small tool to manage your installations of the Lean theorem prover";
homepage = "https://github.com/Kha/elan";
homepage = "https://github.com/leanprover/elan";
license = with licenses; [ asl20 /* or */ mit ];
maintainers = with maintainers; [ gebner ];
};

4
pkgs/applications/science/logic/lean/default.nix
View File

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "lean";
version = "3.28.0";
version = "3.29.0";
src = fetchFromGitHub {
owner = "leanprover-community";
repo = "lean";
rev = "v${version}";
sha256 = "sha256-IzoFE92F559WeSUCiYZ/fx2hrsyRzgOACr3/pzJ4OOY=";
sha256 = "sha256-f2Gp76c+4R+ww52f1AyVZqixpei1WZPwr7pfgxMMb9Q=";
};
nativeBuildInputs = [ cmake ];

36
pkgs/data/icons/tela-icon-theme/default.nix Normal file
View File

@ -0,0 +1,36 @@
{ fetchFromGitHub, gtk3, hicolor-icon-theme, jdupes, lib, stdenv }:
stdenv.mkDerivation rec {
pname = "tela-icon-theme";
version = "2021-01-21";
src = fetchFromGitHub {
owner = "vinceliuice";
repo = pname;
rev = version;
sha256 = "0gphy4aq2qjcg79k6rc0q5901mn3q76qhckn5vxvmypn9n3lb9ph";
};
nativeBuildInputs = [ gtk3 jdupes ];
propagatedBuildInputs = [ hicolor-icon-theme ];
dontDropIconThemeCache = true;
installPhase = ''
runHook preInstall
patchShebangs install.sh
mkdir -p $out/share/icons
./install.sh -a -d $out/share/icons
jdupes -l -r $out/share/icons
runHook postInstall
'';
meta = with lib; {
description = "A flat colorful Design icon theme";
homepage = "https://github.com/vinceliuice/tela-icon-theme";
license = licenses.gpl3Plus;
platforms = platforms.unix;
maintainers = with maintainers; [ figsoda ];
};
}

32
pkgs/development/libraries/ffms/default.nix
View File

@ -1,20 +1,38 @@
{ lib, stdenv, fetchFromGitHub, zlib, ffmpeg_3, pkg-config }:
{ lib
, stdenv
, fetchFromGitHub
, autoreconfHook
, pkg-config
, ffmpeg
, zlib
}:
stdenv.mkDerivation rec {
pname = "ffms";
version = "2.23";
version = "2.40";
src = fetchFromGitHub {
owner = "FFMS";
repo = "ffms2";
rev = version;
sha256 = "0dkz5b3gxq5p4xz0qqg6l2sigszrlsinz3skyf0ln4wf3zrvf8m5";
sha256 = "sha256-3bPxt911T0bGpAIS2RxBjo+VV84xW06eKcCj3ZAcmvw=";
};
NIX_CFLAGS_COMPILE = "-fPIC";
nativeBuildInputs = [ pkg-config ];
buildInputs = [ zlib ffmpeg_3 ];
nativeBuildInputs = [
autoreconfHook
pkg-config
];
preAutoreconf = ''
mkdir src/config
'';
buildInputs = [
ffmpeg
zlib
];
# ffms includes a built-in vapoursynth plugin, see:
# https://github.com/FFMS/ffms2#avisynth-and-vapoursynth-plugin
@ -25,9 +43,9 @@ stdenv.mkDerivation rec {
meta = with lib; {
homepage = "https://github.com/FFMS/ffms2/";
description = "Libav/ffmpeg based source library for easy frame accurate access";
description = "FFmpeg based source library for easy frame accurate access";
license = licenses.mit;
maintainers = with maintainers; [ ];
maintainers = with maintainers; [ tadeokondrak ];
platforms = platforms.unix;
};
}

4
pkgs/development/libraries/libcint/default.nix
View File

@ -9,13 +9,13 @@
stdenv.mkDerivation rec {
pname = "libcint";
version = "4.1.1";
version = "4.3.0";
src = fetchFromGitHub {
owner = "sunqm";
repo = "libcint";
rev = "v${version}";
sha256 = "sha256-HBZ/VMuTLAYpqcIPzQ4JbsMSXsI/sKc14ZFpbVhQF/g=";
hash = "sha256-vJ4OyU9HYQvF1SWmniNGAuHQ7K/TfiK8C4celK5hjiA=";
};
nativeBuildInputs = [ cmake ];

4
pkgs/development/python-modules/cloudscraper/default.nix
View File

@ -9,12 +9,12 @@
buildPythonPackage rec {
pname = "cloudscraper";
version = "1.2.56";
version = "1.2.58";
disabled = !isPy3k;
src = fetchPypi {
inherit pname version;
sha256 = "84c5910023dd393619b2b793fdb154392c5c8887b55e4bcac3ad2646f1cfe212";
sha256 = "1wnzv2k8cm8q1x18r4zg8pcnpm4gsdp82hywwjimp2v2qll918nx";
};
propagatedBuildInputs = [

26
pkgs/development/python-modules/mido/default.nix
View File

@ -1,6 +1,13 @@
{ stdenv, lib, buildPythonPackage, fetchPypi, substituteAll
, portmidi, pygame, python-rtmidi, rtmidi-python
, pytest
{ stdenv
, lib
, buildPythonPackage
, fetchPypi
, substituteAll
, portmidi
, pygame
, python-rtmidi
, rtmidi-python
, pytestCheckHook
}:
buildPythonPackage rec {
@ -25,15 +32,18 @@ buildPythonPackage rec {
rtmidi-python
];
checkInputs = [ pytest ];
checkPhase = ''
py.test . -rs -q
'';
checkInputs = [
pytestCheckHook
];
pythonImportsCheck = [
"mido"
];
meta = with lib; {
description = "MIDI Objects for Python";
homepage = "https://mido.readthedocs.io";
license = licenses.mit;
maintainers = with maintainers; [ hexa ];
maintainers = with maintainers; [ ];
};
}

34
pkgs/development/python-modules/openapi-schema-validator/default.nix Normal file
View File

@ -0,0 +1,34 @@
{ lib
, buildPythonPackage
, fetchPypi
, pytestCheckHook
, isodate
, jsonschema
, pytest-flake8
, pytestcov
, rfc3339-validator
, six
, strict-rfc3339
}:
buildPythonPackage rec {
pname = "openapi-schema-validator";
version = "0.1.5";
src = fetchPypi {
inherit pname version;
sha256 = "a4b2712020284cee880b4c55faa513fbc2f8f07f365deda6098f8ab943c9f0df";
};
propagatedBuildInputs = [ isodate jsonschema six strict-rfc3339 rfc3339-validator ];
checkInputs = [ pytestCheckHook pytestcov pytest-flake8 ];
pythonImportsCheck = [ "openapi_schema_validator" ];
meta = with lib; {
description = "Validates OpenAPI schema against the OpenAPI Schema Specification v3.0";
homepage = "https://github.com/p1c2u/openapi-schema-validator";
license = licenses.bsd3;
maintainers = with maintainers; [ AluisioASG ];
};
}

4
pkgs/development/python-modules/openapi-spec-validator/default.nix
View File

@ -1,5 +1,5 @@
{ lib, buildPythonPackage, isPy27, fetchPypi
, jsonschema, pyyaml, six, pathlib
, jsonschema, openapi-schema-validator, pyyaml, six, pathlib
, mock, pytest, pytestcov, pytest-flake8, tox, setuptools }:
buildPythonPackage rec {
@ -11,7 +11,7 @@ buildPythonPackage rec {
sha256 = "53ba3d884e98ff2062d5ada025aa590541dcd665b8f81067dc82dd61c0923759";
};
propagatedBuildInputs = [ jsonschema pyyaml six setuptools ]
propagatedBuildInputs = [ jsonschema openapi-schema-validator pyyaml six setuptools ]
++ (lib.optionals (isPy27) [ pathlib ]);
checkInputs = [ mock pytest pytestcov pytest-flake8 tox ];

26
pkgs/development/python-modules/pyu2f/default.nix
View File

@ -1,34 +1,30 @@
{ stdenv, lib, fetchFromGitHub, buildPythonPackage,
six, mock, pyfakefs, unittest2, pytest
{ lib
, buildPythonPackage
, fetchFromGitHub
, six
, mock
, pyfakefs
, pytestCheckHook
}:
buildPythonPackage rec {
pname = "pyu2f";
version = "0.1.4";
version = "0.1.5a";
src = fetchFromGitHub {
owner = "google";
repo = pname;
rev = version;
sha256 = "0waxdydvxn05a8ab9j235mz72x7p4pwa59pnxyk1zzbwxnpxb3p9";
sha256 = "0mx7bn1p3n0fxyxa82wg3c719hby7vqkxv57fhf7zvhlg2zfnr0v";
};
# Platform detection for linux fails
postPatch = lib.optionalString stdenv.isLinux ''
rm pyu2f/tests/hid/macos_test.py
'';
propagatedBuildInputs = [ six ];
checkInputs = [ pytest mock pyfakefs unittest2 ];
checkPhase = ''
pytest pyu2f/tests
'';
checkInputs = [ mock pyfakefs pytestCheckHook ];
meta = with lib; {
description = "U2F host library for interacting with a U2F device over USB";
homepage = "https://github.com/google/pyu2f/";
homepage = "https://github.com/google/pyu2f";
license = licenses.asl20;
maintainers = with maintainers; [ prusnak ];
};

31
pkgs/development/python-modules/rfc3339-validator/default.nix Normal file
View File

@ -0,0 +1,31 @@
{ lib
, buildPythonPackage
, fetchPypi
, pytestCheckHook
, hypothesis
, six
, strict-rfc3339
}:
buildPythonPackage rec {
pname = "rfc3339-validator";
version = "0.1.3";
src = fetchPypi {
pname = "rfc3339_validator";
inherit version;
sha256 = "7a578aa0740e9ee2b48356fe1f347139190c4c72e27f303b3617054efd15df32";
};
propagatedBuildInputs = [ six ];
checkInputs = [ pytestCheckHook hypothesis strict-rfc3339 ];
pythonImportsCheck = [ "rfc3339_validator" ];
meta = with lib; {
description = "RFC 3339 validator for Python";
homepage = "https://github.com/naimetti/rfc3339-validator";
license = licenses.mit;
maintainers = with maintainers; [ AluisioASG ];
};
}

2
pkgs/development/python-modules/rtmidi-python/default.nix
View File

@ -29,6 +29,6 @@ buildPythonPackage rec {
description = "Python wrapper for RtMidi";
homepage = "https://github.com/superquadratic/rtmidi-python";
license = licenses.mit;
maintainers = with maintainers; [ hexa ];
maintainers = with maintainers; [ ];
};
}

20
pkgs/development/tools/misc/tockloader/default.nix
View File

@ -1,27 +1,37 @@
{ lib, python3Packages }:
{ lib
, python3Packages
}:
python3Packages.buildPythonApplication rec {
pname = "tockloader";
version = "1.5.0";
version = "1.6.0";
src = python3Packages.fetchPypi {
inherit pname version;
sha256 = "11k4ppwq845lnj265ydfr0cn1rrym5amx2i19x1h3ccbxc3gsy3x";
sha256 = "1aqkj1nplcw3gmklrhq6vxy6v9ad5mqiw4y1svasak2zkqdk1wyc";
};
propagatedBuildInputs = with python3Packages; [
argcomplete
colorama
crcmod
pytoml
pyserial
pytoml
tqdm
];
# has no test suite
checkPhase = ''
runHook preCheck
$out/bin/tockloader --version | grep -q ${version}
runHook postCheck
'';
meta = with lib; {
homepage = "https://github.com/tock/tockloader";
license = licenses.mit;
description = "Tool for programming Tock onto hardware boards";
maintainers = with maintainers; [ hexa ];
maintainers = with maintainers; [ ];
};
}

10
pkgs/os-specific/linux/nvidia-x11/default.nix
View File

@ -56,11 +56,11 @@ rec {
# Last one supporting x86
legacy_390 = generic {
version = "390.138";
sha256_32bit = "0y3qjygl0kfz9qs0rp9scn1k3l8ym9dib7wpkyh5gs4klcip7xkv";
sha256_64bit = "0rnnb5l4i8s76vlg6yvlrxhm2x9wdqw7k5hgf4fyaa3cr3k1kysz";
settingsSha256 = "0ad6hwl56nvbdv9g85lw7ywadqvc2gaq9x6d2vjcia9kg4vrmfqx";
persistencedSha256 = "15jciyq6i3pz1g67xzqlwmc62v3xswzhjcqmfcdndvlvhcibsimr";
version = "390.143";
sha256_32bit = "AelrdTTeo/3+ZdXK0iniZDB8gJUkeZQtNoRm25z+bQY=";
sha256_64bit = "tyKqcPM71ErK8ZZHLPtxmgrWzv6tfEmxBRveCSwTlO8=";
settingsSha256 = "EJPXZbxZS1CMENAYk9dCAIsHsRTXJpj473+JLuhGkWI=";
persistencedSha256 = "FtlPF3jCNr18NnImTmr8zJsaK9wbj/aWZ9LwoLr5SeE=";
};
legacy_340 = generic {

6
pkgs/os-specific/linux/sd-switch/default.nix
View File

@ -2,16 +2,16 @@
rustPlatform.buildRustPackage rec {
pname = "sd-switch";
version = "0.2.0";
version = "0.2.1";
src = fetchFromGitLab {
owner = "rycee";
repo = pname;
rev = version;
sha256 = "1bhks4ma3sn95bsszs6lj9cwfr8zgmja0hqfp8xr5iq77ww2p6k3";
sha256 = "0sg1y8lb2pnll3408fbqp65acys31mrlzsqfrwm4nvbkayf0jcv3";
};
cargoSha256 = "0lskxakzh3yji0rzk8jcfz1sv4j19b5kmdsaj7401m5w84s1cbjw";
cargoSha256 = "16yb61wihg06i2h9vjqcsjqkjjpmxyv4df22i25034gkcgb20xcn";
nativeBuildInputs = [ pkg-config ];
buildInputs = [ dbus ];

4
pkgs/tools/inputmethods/fcitx5/fcitx5-configtool.nix
View File

@ -19,13 +19,13 @@
mkDerivation rec {
pname = "fcitx5-configtool";
version = "5.0.2";
version = "5.0.4";
src = fetchFromGitHub {
owner = "fcitx";
repo = "fcitx5-configtool";
rev = version;
sha256 = "sha256-kw0KIbS5SVMf6kR/9xsYiChHXQBM0enSVXyh0QfiiPY=";
sha256 = "sha256-UO3Ob+bFQ/2Vqb8YpD9tfmfZt5YLUyoqcbtsHLaVOzE=";
};
cmakeFlags = [

34
pkgs/tools/misc/inav-blackbox-tools/default.nix Normal file
View File

@ -0,0 +1,34 @@
{ lib, stdenv, fetchFromGitHub, pkg-config, cairo }:
stdenv.mkDerivation rec {
pname = "inav-blackbox-tools";
version = "unstable-2021-04-22";
src = fetchFromGitHub {
owner = "iNavFlight";
repo = "blackbox-tools";
rev = "0109e2fb9b44d593e60bca4cef4098d83c55c373";
sha256 = "1rdlw74dqq0hahnka2w2pgvs172vway2x6v8byxl2s773l22k4ln";
};
nativeBuildInputs = [ pkg-config ];
buildInputs = [ cairo ];
installPhase = ''
runHook preInstall
mkdir -p "$out/bin"
cp obj/{blackbox_decode,blackbox_render,encoder_testbed} "$out/bin"
runHook postInstall
'';
meta = with lib; {
description = "Tools for working with blackbox flight logs";
homepage = "https://github.com/inavflight/blackbox-tools";
license = licenses.gpl3Only;
maintainers = with maintainers; [ expipiplus1 ];
platforms = platforms.all;
};
}

34
pkgs/tools/networking/innernet/default.nix
View File

@ -1,4 +1,4 @@
{ lib, stdenv, rustPlatform, fetchFromGitHub, llvmPackages, linuxHeaders, sqlite, Security }:
{ lib, stdenv, rustPlatform, fetchFromGitHub, llvmPackages, sqlite, installShellFiles, Security }:
rustPlatform.buildRustPackage rec {
pname = "innernet";
@ -10,11 +10,37 @@ rustPlatform.buildRustPackage rec {
rev = "v${version}";
sha256 = "sha256-Z4F5RYPVgFiiDBg6lxILjAh/a/rL7IJBqHIJ/tQyLnE=";
};
cargoSha256 = "sha256-WSkN5aXMgfqZJAV1b3elF7kwf2f5OpcntKSf8620YcY=";
nativeBuildInputs = with llvmPackages; [
llvm
clang
installShellFiles
];
buildInputs = [ sqlite ] ++ lib.optionals stdenv.isDarwin [ Security ];
LIBCLANG_PATH = "${llvmPackages.libclang}/lib";
nativeBuildInputs = with llvmPackages; [ llvm clang ];
buildInputs = [ sqlite ] ++ lib.optionals stdenv.isDarwin [ Security ];
cargoSha256 = "sha256-WSkN5aXMgfqZJAV1b3elF7kwf2f5OpcntKSf8620YcY=";
postInstall = ''
installManPage doc/innernet-server.8.gz
installManPage doc/innernet.8.gz
'';
doInstallCheck = true;
installCheckPhase = ''
if [[ "$("$out/bin/${pname}"-server --version)" == "${pname}-server ${version}" ]]; then
echo '${pname}-server smoke check passed'
else
echo '${pname}-server smoke check failed'
return 1
fi
if [[ "$("$out/bin/${pname}" --version)" == "${pname} ${version}" ]]; then
echo '${pname} smoke check passed'
else
echo '${pname} smoke check failed'
return 1
fi
'';
meta = with lib; {
description = "A private network system that uses WireGuard under the hood";

41
pkgs/tools/security/oath-toolkit/default.nix
View File

@ -1,48 +1,25 @@
{ lib, stdenv, fetchFromGitLab, fetchpatch, pam, xmlsec, autoreconfHook, pkg-config, libxml2, gtk-doc, perl, gengetopt, bison, help2man }:
{ lib, stdenv, fetchurl, pam, xmlsec }:
let
securityDependency =
if stdenv.isDarwin then xmlsec
else pam;
in stdenv.mkDerivation {
name = "oath-toolkit-2.6.2";
in stdenv.mkDerivation rec {
pname = "oath-toolkit";
version = "2.6.6";
src = fetchFromGitLab {
owner = "oath-toolkit";
repo = "oath-toolkit";
rev = "0dffdec9c5af5c89a5af43add29d8275eefe7414";
sha256 = "0n2sl444723f1k0sjmc0mzdwslx51yxac39c2cx2bl3ykacgfv74";
src = fetchurl {
url = "mirror://savannah/${pname}/${pname}-${version}.tar.gz";
sha256 = "0v4lrgip08b8xlivsfn3mwql3nv8hmcpzrn6pi3xp88vqwav6s7x";
};
patches = [
# fix for glibc>=2.28
(fetchpatch {
name = "new_glibc_check.patch";
url = "https://sources.debian.org/data/main/o/oath-toolkit/2.6.1-1.3/debian/patches/new-glibc-check.patch";
sha256 = "0h75xyy3xsl485v7w27yqkks6z9sgsjmrv6wiswy15fdj5wyciv3";
})
];
buildInputs = [ securityDependency libxml2 perl gengetopt bison ];
nativeBuildInputs = [ autoreconfHook gtk-doc help2man pkg-config ];
# man file generation fails when true
enableParallelBuilding = false;
configureFlags = [ "--disable-pskc" ];
# Replicate the steps from cfg.mk
preAutoreconf = ''
printf "gdoc_MANS =\ngdoc_TEXINFOS =\n" > liboath/man/Makefile.gdoc
printf "gdoc_MANS =\ngdoc_TEXINFOS =\n" > libpskc/man/Makefile.gdoc
touch ChangeLog
'';
buildInputs = [ securityDependency ];
meta = with lib; {
description = "Components for building one-time password authentication systems";
homepage = "https://www.nongnu.org/oath-toolkit/";
maintainers = with maintainers; [ schnusch ];
platforms = with platforms; linux ++ darwin;
};
}

21
pkgs/tools/security/tboot/default.nix
View File

@ -1,27 +1,23 @@
{ lib, stdenv, fetchurl, trousers, openssl, zlib }:
{ lib, stdenv, fetchurl, openssl, perl, trousers, zlib }:
stdenv.mkDerivation rec {
pname = "tboot";
version = "1.9.8";
version = "1.10.1";
src = fetchurl {
url = "mirror://sourceforge/tboot/${pname}-${version}.tar.gz";
sha256 = "06f0ggl6vrb5ghklblvh2ixgmmjv31rkp1vfj9qm497iqwq9ac00";
sha256 = "18bnkwnlk16cc20nysqfcjx006idi7jmmhahk8vk09w458bhaajg";
};
patches = [ ./tboot-add-well-known-secret-option-to-lcp_writepol.patch ];
buildInputs = [ trousers openssl zlib ];
buildInputs = [ openssl trousers zlib ];
enableParallelBuilding = true;
hardeningDisable = [ "pic" "stackprotector" ];
preConfigure = ''
substituteInPlace tboot/Makefile --replace /usr/bin/perl ${perl}/bin/perl
NIX_CFLAGS_COMPILE = [ "-Wno-error=address-of-packed-member" ];
configurePhase = ''
for a in lcptools utils tb_polgen; do
substituteInPlace $a/Makefile --replace /usr/sbin /sbin
for a in lcptools-v2 tb_polgen utils; do
substituteInPlace "$a/Makefile" --replace /usr/sbin /sbin
done
substituteInPlace docs/Makefile --replace /usr/share /share
'';
@ -31,6 +27,7 @@ stdenv.mkDerivation rec {
meta = with lib; {
description = "A pre-kernel/VMM module that uses Intel(R) TXT to perform a measured and verified launch of an OS kernel/VMM";
homepage = "https://sourceforge.net/projects/tboot/";
changelog = "https://sourceforge.net/p/tboot/code/ci/v${version}/tree/CHANGELOG";
license = licenses.bsd3;
maintainers = with maintainers; [ ak ];
platforms = [ "x86_64-linux" "i686-linux" ];

50
pkgs/tools/security/tboot/tboot-add-well-known-secret-option-to-lcp_writepol.patch
View File

@ -1,50 +0,0 @@
diff -urp tboot-1.8.0.orig/lcptools/writepol.c tboot-1.8.0/lcptools/writepol.c
--- tboot-1.8.0.orig/lcptools/writepol.c 2014-01-30 10:34:57.000000000 +0100
+++ tboot-1.8.0/lcptools/writepol.c 2014-02-12 01:48:51.523581057 +0100
@@ -40,6 +40,7 @@
#include <getopt.h>
#include <trousers/tss.h>
#include <trousers/trousers.h>
+#include <tss/tss_defines.h>
#define PRINT printf
#include "../include/uuid.h"
@@ -51,14 +52,15 @@ static uint32_t index_value = 0;
static char *file_arg=NULL;
static uint32_t fLeng;
static unsigned char *policy_data = NULL;
-static char *password = NULL;
+static const char *password = NULL;
static uint32_t passwd_length = 0;
+static const char well_known_secret[] = TSS_WELL_KNOWN_SECRET;
static int help_input = 0;
static unsigned char empty_pol_data[] = {0};
-static const char *short_option = "ehi:f:p:";
+static const char *short_option = "ehi:f:p:Z";
static const char *usage_string = "lcp_writepol -i index_value "
- "[-f policy_file] [-e] [-p passwd] [-h]";
+ "[-f policy_file] [-e] [-p passwd|-Z] [-h]";
static const char *option_strings[] = {
"-i index value: uint32/string.\n"
@@ -67,6 +69,7 @@ static const char *option_strings[] = {
"\tINDEX_AUX:0x50000002 or \"aux\"\n",
"-f file_name: string. File name of the policy data is stored. \n",
"-p password: string. \n",
+ "-Z use well known secret as password. \n",
"-e write 0 length data to the index.\n"
"\tIt will be used for some special index.\n"
"\tFor example, the index with permission WRITEDEFINE.\n",
@@ -119,6 +122,11 @@ parse_cmdline(int argc, const char * arg
fLeng = 0;
break;
+ case 'Z':
+ password = well_known_secret;
+ passwd_length = sizeof(well_known_secret);
+ break;
+
case 'h':
help_input = 1;
break;

6
pkgs/tools/security/tpm2-tools/default.nix
View File

@ -21,10 +21,8 @@ stdenv.mkDerivation rec {
tpm2-tss
] ++ (lib.optional abrmdSupport tpm2-abrmd));
in ''
for bin in $out/bin/*; do
wrapProgram $bin \
--suffix LD_LIBRARY_PATH : "${ldLibraryPath}"
done
wrapProgram $out/bin/tpm2 --suffix LD_LIBRARY_PATH : "${ldLibraryPath}"
wrapProgram $out/bin/tss2 --suffix LD_LIBRARY_PATH : "${ldLibraryPath}"
'';

1
pkgs/tools/text/ripgrep-all/default.nix
View File

@ -58,5 +58,6 @@ rustPlatform.buildRustPackage rec {
homepage = "https://github.com/phiresky/ripgrep-all";
license = with licenses; [ agpl3Plus ];
maintainers = with maintainers; [ zaninime ma27 ];
mainProgram = "rga";
};
}

1
pkgs/tools/text/ripgrep/default.nix
View File

@ -51,5 +51,6 @@ rustPlatform.buildRustPackage rec {
homepage = "https://github.com/BurntSushi/ripgrep";
license = with licenses; [ unlicense /* or */ mit ];
maintainers = with maintainers; [ tailhook globin ma27 zowoq ];
mainProgram = "rg";
};
}

4
pkgs/top-level/all-packages.nix
View File

@ -12253,6 +12253,8 @@ in
binutils-arm-embedded = pkgsCross.arm-embedded.buildPackages.binutils;
};
inav-blackbox-tools = callPackage ../tools/misc/inav-blackbox-tools { };
msp430GccSupport = callPackage ../development/misc/msp430/gcc-support.nix { };
msp430Newlib = callPackage ../development/misc/msp430/newlib.nix { };
@ -21814,6 +21816,8 @@ in
theano = callPackage ../data/fonts/theano { };
tela-icon-theme = callPackage ../data/icons/tela-icon-theme { };
template-glib = callPackage ../development/libraries/template-glib { };
tempora_lgc = callPackage ../data/fonts/tempora-lgc { };

4
pkgs/top-level/python-packages.nix
View File

@ -4598,6 +4598,8 @@ in {
openant = callPackage ../development/python-modules/openant { };
openapi-schema-validator = callPackage ../development/python-modules/openapi-schema-validator { };
openapi-spec-validator = callPackage ../development/python-modules/openapi-spec-validator { };
openbabel-bindings = callPackage ../development/python-modules/openbabel-bindings {
@ -7024,6 +7026,8 @@ in {
retworkx = callPackage ../development/python-modules/retworkx { };
rfc3339-validator = callPackage ../development/python-modules/rfc3339-validator { };
rfc3986 = callPackage ../development/python-modules/rfc3986 { };
rfc3987 = callPackage ../development/python-modules/rfc3987 { };