From acbf28145c8df2a83e4ae3aed5de66c820addce9 Mon Sep 17 00:00:00 2001 From: Austin Seipp Date: Mon, 17 Mar 2014 18:30:51 -0500 Subject: [PATCH 001/166] nixos: make several kernel common-config options optional Realistically, common-config is useful, but there are a lot of things in there that are non-optionally specified that aren't always useful. For example, when deploying grsecurity, I don't want the bluetooth, wireless, or input joystick/extra filesystem stack (XFS, etc), nor the staging drivers tree. The problem is that if you specify this in your own kernel config in the grsecurity module, by saying 'BT n' to turn off bluetooth, common-config turns on 'BT_HCIUART_BCSP y', which then becomes unused and errors out. This is really just an arbitrary picking at the moment, but it should be OK. Signed-off-by: Austin Seipp --- .../linux/kernel/common-config.nix | 74 +++++++++---------- 1 file changed, 37 insertions(+), 37 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix index 5aed09105cc..69006abd57a 100644 --- a/pkgs/os-specific/linux/kernel/common-config.nix +++ b/pkgs/os-specific/linux/kernel/common-config.nix @@ -76,17 +76,17 @@ with stdenv.lib; CLS_U32_MARK y # Wireless networking. - CFG80211_WEXT y # Without it, ipw2200 drivers don't build - IPW2100_MONITOR y # support promiscuous mode - IPW2200_MONITOR y # support promiscuous mode - HOSTAP_FIRMWARE y # Support downloading firmware images with Host AP driver - HOSTAP_FIRMWARE_NVRAM y - ATH9K_PCI y # Detect Atheros AR9xxx cards on PCI(e) bus - ATH9K_AHB y # Ditto, AHB bus + CFG80211_WEXT? y # Without it, ipw2200 drivers don't build + IPW2100_MONITOR? y # support promiscuous mode + IPW2200_MONITOR? y # support promiscuous mode + HOSTAP_FIRMWARE? y # Support downloading firmware images with Host AP driver + HOSTAP_FIRMWARE_NVRAM? y + ATH9K_PCI? y # Detect Atheros AR9xxx cards on PCI(e) bus + ATH9K_AHB? y # Ditto, AHB bus ${optionalString (versionAtLeast version "3.2") '' - B43_PHY_HT y + B43_PHY_HT? y ''} - BCMA_HOST_PCI y + BCMA_HOST_PCI? y # Enable various FB devices. FB y @@ -108,7 +108,7 @@ with stdenv.lib; # Enable KMS for devices whose X.org driver supports it. DRM_I915_KMS y ${optionalString (versionOlder version "3.9") '' - DRM_RADEON_KMS y + DRM_RADEON_KMS? y ''} # Hybrid graphics support VGA_SWITCHEROO y @@ -142,18 +142,18 @@ with stdenv.lib; EXT2_FS_XIP y # Ext2 execute in place support EXT4_FS_POSIX_ACL y EXT4_FS_SECURITY y - REISERFS_FS_XATTR y - REISERFS_FS_POSIX_ACL y - REISERFS_FS_SECURITY y - JFS_POSIX_ACL y - JFS_SECURITY y - XFS_QUOTA y - XFS_POSIX_ACL y - XFS_RT y # XFS Realtime subvolume support - OCFS2_DEBUG_MASKLOG n + REISERFS_FS_XATTR? y + REISERFS_FS_POSIX_ACL? y + REISERFS_FS_SECURITY? y + JFS_POSIX_ACL? y + JFS_SECURITY? y + XFS_QUOTA? y + XFS_POSIX_ACL? y + XFS_RT? y # XFS Realtime subvolume support + OCFS2_DEBUG_MASKLOG? n BTRFS_FS_POSIX_ACL y UBIFS_FS_XATTR? y - UBIFS_FS_ADVANCED_COMPR y + UBIFS_FS_ADVANCED_COMPR? y NFSD_V2_ACL y NFSD_V3 y NFSD_V3_ACL y @@ -166,7 +166,7 @@ with stdenv.lib; # Security related features. STRICT_DEVMEM y # Filter access to /dev/mem SECURITY_SELINUX_BOOTPARAM_VALUE 0 # Disable SELinux by default - DEVKMEM n # Disable /dev/kmem + DEVKMEM? n # Disable /dev/kmem ${if versionOlder version "3.14" then '' CC_STACKPROTECTOR y # Detect buffer overflows on the stack '' else '' @@ -185,14 +185,14 @@ with stdenv.lib; ${optionalString (versionAtLeast version "3.3" && versionOlder version "3.13") '' AUDIT_LOGINUID_IMMUTABLE y ''} - B43_PCMCIA y + B43_PCMCIA? y BLK_DEV_CMD640_ENHANCED y # CMD640 enhanced support BLK_DEV_IDEACPI y # IDE ACPI support BLK_DEV_INTEGRITY y BSD_PROCESS_ACCT_V3 y - BT_HCIUART_BCSP y - BT_HCIUART_H4 y # UART (H4) protocol support - BT_HCIUART_LL y + BT_HCIUART_BCSP? y + BT_HCIUART_H4? y # UART (H4) protocol support + BT_HCIUART_LL? y BT_RFCOMM_TTY? y # RFCOMM TTY support CRASH_DUMP? n ${optionalString (versionOlder version "3.1") '' @@ -206,10 +206,10 @@ with stdenv.lib; FUSION y # Fusion MPT device support IDE_GD_ATAPI y # ATAPI floppy support IRDA_ULTRA y # Ultra (connectionless) protocol - JOYSTICK_IFORCE_232 y # I-Force Serial joysticks and wheels - JOYSTICK_IFORCE_USB y # I-Force USB joysticks and wheels - JOYSTICK_XPAD_FF y # X-Box gamepad rumble support - JOYSTICK_XPAD_LEDS y # LED Support for Xbox360 controller 'BigX' LED + JOYSTICK_IFORCE_232? y # I-Force Serial joysticks and wheels + JOYSTICK_IFORCE_USB? y # I-Force USB joysticks and wheels + JOYSTICK_XPAD_FF? y # X-Box gamepad rumble support + JOYSTICK_XPAD_LEDS? y # LED Support for Xbox360 controller 'BigX' LED LDM_PARTITION y # Windows Logical Disk Manager (Dynamic Disk) support LEDS_TRIGGER_IDE_DISK y # LED IDE Disk Trigger LOGIRUMBLEPAD2_FF y # Logitech Rumblepad 2 force feedback @@ -275,17 +275,17 @@ with stdenv.lib; ''} # Virtualisation. - PARAVIRT y + PARAVIRT? y ${if versionAtLeast version "3.10" then '' - HYPERVISOR_GUEST y + HYPERVISOR_GUEST? y '' else '' - PARAVIRT_GUEST y + PARAVIRT_GUEST? y ''} - KVM_GUEST y + KVM_GUEST? y ${optionalString (versionOlder version "3.7") '' - KVM_CLOCK y + KVM_CLOCK? y ''} - XEN y + XEN? y XEN_DOM0? y KSM y ${optionalString (!stdenv.is64bit) '' @@ -308,8 +308,8 @@ with stdenv.lib; ''} # Enable the 9P cache to speed up NixOS VM tests. - 9P_FSCACHE y - 9P_FS_POSIX_ACL y + 9P_FSCACHE? y + 9P_FS_POSIX_ACL? y ${kernelPlatform.kernelExtraConfig or ""} ${extraConfig} From d8b21c22245af2d6a6582df3290921ac5ca26235 Mon Sep 17 00:00:00 2001 From: "Ricardo M. Correia" Date: Tue, 15 Apr 2014 21:13:34 +0200 Subject: [PATCH 002/166] nixos: Fix sysctl option merging Using pkgs.lib.mkOverride in a sysctl option would throw a bogus error. Also, if you defined a sysctl multiple times in the same configuration, only one of the values would be picked up, while the others were silently discarded. This patch should fix both issues. If you define a sysctl multiple times at your highest defined priority level, you will get a proper error with detailed location information. --- nixos/modules/config/sysctl.nix | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/nixos/modules/config/sysctl.nix b/nixos/modules/config/sysctl.nix index b4cd22caa79..7f6c965b67c 100644 --- a/nixos/modules/config/sysctl.nix +++ b/nixos/modules/config/sysctl.nix @@ -6,8 +6,12 @@ let sysctlOption = mkOptionType { name = "sysctl option value"; - check = x: isBool x || isString x || isInt x || isNull x; - merge = args: defs: (last defs).value; # FIXME: hacky way to allow overriding in configuration.nix. + check = val: + let + checkType = x: isBool x || isString x || isInt x || isNull x; + in + checkType val || (val._type or "" == "override" && checkType val.content); + merge = loc: defs: mergeOneOption loc (filterOverrides defs); }; in From ca88cf2ac9f0b2ae3a7eda7e6d65987843ea03a3 Mon Sep 17 00:00:00 2001 From: Christoph Hrdinka Date: Wed, 23 Apr 2014 00:51:27 +0200 Subject: [PATCH 003/166] glibc_multi: fix ldd on x86_64 --- pkgs/top-level/all-packages.nix | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 579e8d741d9..5b9b77484d8 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -4445,6 +4445,15 @@ let ln -s $glibc32/lib $out/lib/32 ln -s lib $out/lib64 + # fixing ldd RLTLIST + rm $out/bin + cp -rs $glibc64/bin $out + chmod u+w $out/bin + rm $out/bin/ldd + sed -e "s|^RTLDLIST=.*$|RTLDLIST=\"$out/lib/ld-2.19.so $out/lib/32/ld-linux.so.2\"|g" \ + $glibc64/bin/ldd > $out/bin/ldd + chmod 555 $out/bin/ldd + rm $out/include cp -rs $glibc32/include $out chmod -R u+w $out/include From e11a71c3be4b73b18703719616fe407430e08ce7 Mon Sep 17 00:00:00 2001 From: Christoph Hrdinka Date: Fri, 25 Apr 2014 11:49:09 +0200 Subject: [PATCH 004/166] glibc_multi: fix typo --- pkgs/top-level/all-packages.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 5b9b77484d8..132e1d5849e 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -4445,7 +4445,7 @@ let ln -s $glibc32/lib $out/lib/32 ln -s lib $out/lib64 - # fixing ldd RLTLIST + # fixing ldd RLTDLIST rm $out/bin cp -rs $glibc64/bin $out chmod u+w $out/bin From e2672e892a1e01a6d0cd1797f0398c5bb9fd6b93 Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Sat, 10 May 2014 00:33:24 -0500 Subject: [PATCH 005/166] keyutils: Update from 1.5.8 -> 1.5.9 --- pkgs/os-specific/linux/keyutils/default.nix | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/pkgs/os-specific/linux/keyutils/default.nix b/pkgs/os-specific/linux/keyutils/default.nix index 8673981ecd5..fc05fc23452 100644 --- a/pkgs/os-specific/linux/keyutils/default.nix +++ b/pkgs/os-specific/linux/keyutils/default.nix @@ -1,29 +1,28 @@ { stdenv, fetchurl, gnumake, file }: stdenv.mkDerivation rec { - name = "keyutils-1.5.8"; + name = "keyutils-1.5.9"; src = fetchurl { url = "http://people.redhat.com/dhowells/keyutils/${name}.tar.bz2"; - sha256 = "17419fr7mph8wlhxpqb1bdrghz0db15bmjdgxg1anfgbf9ra6zbc"; + sha256 = "1bl3w03ygxhc0hz69klfdlwqn33jvzxl1zfl2jmnb2v85iawb8jd"; }; buildInputs = [ file ]; patchPhase = '' - sed -i -e "s,/usr/bin/make,${gnumake}/bin/make," \ - -e "s, /etc, $out/etc," \ - -e "s, /bin, $out/bin," \ - -e "s, /sbin, $out/sbin," \ - -e "s, /lib, $out/lib," \ - -e "s, /lib64, $out/lib64," \ - -e "s,/usr,$out," \ + sed -i -e "s, /usr/bin/make, ${gnumake}/bin/make," \ + -e "s, /usr, ," \ + -e "s,\$(LNS) \$(LIBDIR)/\$(SONAME),\$(LNS) \$(SONAME)," \ Makefile ''; + + installPhase = "make install DESTDIR=$out"; - meta = { + meta = with stdenv.lib; { homepage = http://people.redhat.com/dhowells/keyutils/; description = "Tools used to control the Linux kernel key management system"; - license = "GPLv2+"; + license = licenses.gpl2Plus; + platforms = platforms.linux; }; } From f75ea738eddeaba586e7f6749e9bf841598f37b5 Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Sat, 10 May 2014 00:31:34 -0500 Subject: [PATCH 006/166] ecryptfs: Update from 82 -> 104 --- pkgs/tools/security/ecryptfs/default.nix | 35 ++++++++++++++++++------ 1 file changed, 27 insertions(+), 8 deletions(-) diff --git a/pkgs/tools/security/ecryptfs/default.nix b/pkgs/tools/security/ecryptfs/default.nix index d1ed6f420ec..13046aa0b2d 100644 --- a/pkgs/tools/security/ecryptfs/default.nix +++ b/pkgs/tools/security/ecryptfs/default.nix @@ -1,18 +1,37 @@ -{stdenv, fetchurl, fuse, python, perl, keyutils, pam, nss, nspr}: +{ stdenv, fetchurl, pkgconfig, perl, keyutils, nss, nspr, python, pam +, intltool, makeWrapper, coreutils, gettext, cryptsetup, lvm2, rsync, which }: + stdenv.mkDerivation { - name = "ecryptfs-82"; + name = "ecryptfs-104"; src = fetchurl { - url = http://launchpad.net/ecryptfs/trunk/82/+download/ecryptfs-utils_82.orig.tar.gz; - sha256 = "1w3swispgp71prz8h56hqby2wwnvam5vllqvc69rn8cf605i69a6"; + url = http://launchpad.net/ecryptfs/trunk/104/+download/ecryptfs-utils_104.orig.tar.gz; + sha256 = "0f3lzpjw97vcdqzzgii03j3knd6pgwn1y0lpaaf46iidaiv0282a"; }; - NIX_CFLAGS_COMPILE = "-I${nspr}/include/nspr -I${nss}/include/nss"; + buildInputs = [ pkgconfig perl nss nspr python pam intltool makeWrapper ]; + propagatedBuildInputs = [ coreutils gettext cryptsetup lvm2 rsync keyutils which ]; - buildInputs = [ python perl keyutils pam nss nspr ]; + postInstall = '' + FILES="$(grep -r '/bin/sh' $out/bin | sed 's,:.*,,' | uniq)" + for file in $FILES; do + sed -i $file -e "s,\(/sbin/u\?mount.ecryptfs\(_private\)\?\),$out\1," \ + -e "s,\(/sbin/cryptsetup\),${cryptsetup}\1," \ + -e "s,\(/sbin/dmsetup\),${lvm2}\1," \ + -e 's,/sbin/\(unix_chkpwd\),\1,' + wrapProgram $file \ + --prefix PATH ":" "${coreutils}/bin" \ + --prefix PATH ":" "${gettext}/bin" \ + --prefix PATH ":" "${rsync}/bin" \ + --prefix PATH ":" "${keyutils}/bin" \ + --prefix PATH ":" "${which}/bin" \ + --prefix PATH ":" "$out/bin" + done + ''; - meta = { + meta = with stdenv.lib; { description = "Enterprise-class stacked cryptographic filesystem"; - license = "GPLv2+"; + license = licenses.gpl2Plus; + platforms = platforms.linux; }; } From d1277ddcc2aa009d05b7b6e3fbaa72262516b3ec Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Edward=20Tj=C3=B6rnhammar?= Date: Tue, 27 May 2014 22:27:31 +0200 Subject: [PATCH 007/166] Adding Radicale package and service --- nixos/modules/module-list.nix | 1 + .../modules/services/networking/radicale.nix | 48 +++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 +- pkgs/top-level/python-packages.nix | 31 ++++++++++++ 4 files changed, 81 insertions(+), 1 deletion(-) create mode 100644 nixos/modules/services/networking/radicale.nix diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index c1b55cb5550..f5c0e02e47f 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -213,6 +213,7 @@ ./services/networking/prayer.nix ./services/networking/privoxy.nix ./services/networking/quassel.nix + ./services/networking/radicale.nix ./services/networking/radvd.nix ./services/networking/rdnssd.nix ./services/networking/rpcbind.nix diff --git a/nixos/modules/services/networking/radicale.nix b/nixos/modules/services/networking/radicale.nix new file mode 100644 index 00000000000..fc9afc70aca --- /dev/null +++ b/nixos/modules/services/networking/radicale.nix @@ -0,0 +1,48 @@ +{config, lib, pkgs, ...}: + +with lib; + +let + + cfg = config.services.radicale; + + confFile = pkgs.writeText "radicale.conf" cfg.config; + +in + +{ + + options = { + + services.radicale.enable = mkOption { + type = types.bool; + default = false; + description = '' + Enable Radicale CalDAV and CardDAV server + ''; + }; + + services.radicale.config = mkOption { + type = types.string; + default = ""; + description = '' + Radicale configuration, this will set the service + configuration file + ''; + }; + }; + + config = mkIf cfg.enable { + + environment.systemPackages = [ pkgs.pythonPackages.radicale ]; + + jobs.radicale = { + description = "A Simple Calendar and Contact Server"; + startOn = "started network-interfaces"; + exec = "${pkgs.pythonPackages.radicale}/bin/radicale -C ${confFile} -d"; + daemonType = "fork"; + }; + + }; + +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 04116d38883..05188f99147 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -1155,7 +1155,7 @@ let gnuvd = callPackage ../tools/misc/gnuvd { }; goaccess = callPackage ../tools/misc/goaccess { }; - + googleAuthenticator = callPackage ../os-specific/linux/google-authenticator { }; gource = callPackage ../applications/version-management/gource {}; diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 933a073a5aa..006e05630b6 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -2233,6 +2233,37 @@ rec { }; }; + radicale = buildPythonPackage rec { + name = "radicale-${version}"; + namePrefix = ""; + version = "0.9b1"; + + src = fetchurl { + url = "http://pypi.python.org/packages/source/R/Radicale/Radicale-${version}.tar.gz"; + sha256 = "3a8451909de849f173f577ddec0a085f19040dbb6aa13d5256208a0f8e11d88d"; + }; + + propagatedBuildInputs = with pythonPackages; [ + flup + ldap + sqlalchemy + ]; + + doCheck = false; + + meta = { + homepage = "http://www.radicale.org/"; + longDescription = '' + The Radicale Project is a complete CalDAV (calendar) and CardDAV + (contact) server solution. Calendars and address books are available for + both local and remote access, possibly limited through authentication + policies. They can be viewed and edited by calendar and contact clients + on mobile phones or computers. + ''; + license = stdenv.lib.licenses.gpl3Plus; + maintainers = [ stdenv.lib.maintainers.edwtjo ]; + }; + }; raven = buildPythonPackage rec { name = "raven-3.4.1"; From cf21858bdfd4735ba0a4d2f32bcf187ab4c16f78 Mon Sep 17 00:00:00 2001 From: Jonathan Glines Date: Wed, 4 Jun 2014 00:54:01 -0600 Subject: [PATCH 008/166] Added package for kochi-substitute font. --- pkgs/data/fonts/kochi-substitute/default.nix | 25 ++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 pkgs/data/fonts/kochi-substitute/default.nix diff --git a/pkgs/data/fonts/kochi-substitute/default.nix b/pkgs/data/fonts/kochi-substitute/default.nix new file mode 100644 index 00000000000..f00f855d490 --- /dev/null +++ b/pkgs/data/fonts/kochi-substitute/default.nix @@ -0,0 +1,25 @@ +{ stdenv, fetchurl }: + +let version = "20030809"; +in +stdenv.mkDerivation { + name = "kochi-substitute-${version}"; + + src = fetchurl { + url = "http://jaist.dl.sourceforge.jp/efont/5411/kochi-substitute-${version}.tar.bz2"; + sha256 = "f4d69b24538833bf7e2c4de5e01713b3f1440960a6cc2a5993cb3c68cd23148c"; + }; + + sourceRoot = "kochi-substitute-${version}"; + + installPhase = + '' + mkdir -p $out/share/fonts/kochi-substitute + cp *.ttf $out/share/fonts/kochi-substitute + ''; + + meta = { + description = "Japanese font, a free replacement for MS Gothic and MS Mincho."; + homepage = http://sourceforge.jp/projects/efont/; + }; +} From 1d470d6eacde3977105506ec984370feba4a5d48 Mon Sep 17 00:00:00 2001 From: Jonathan Glines Date: Wed, 4 Jun 2014 18:59:14 -0600 Subject: [PATCH 009/166] Added kochi-substitute entry in all-packages.nix. --- pkgs/top-level/all-packages.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index ede5259f1ba..3be9de80fc1 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -7789,6 +7789,8 @@ let junicode = callPackage ../data/fonts/junicode { }; + kochi-substitute = callPackage ../data/fonts/kochi-substitute {}; + liberation_ttf = callPackage ../data/fonts/redhat-liberation-fonts { }; libertine = builderDefsPackage (import ../data/fonts/libertine) { From 0672cfcc5f8bf556905555e111e184bb6df28e7b Mon Sep 17 00:00:00 2001 From: Jonathan Glines Date: Sun, 8 Jun 2014 11:47:37 -0600 Subject: [PATCH 010/166] Added mirrors for sourceforge.jp. --- pkgs/build-support/fetchurl/mirrors.nix | 6 ++++++ pkgs/data/fonts/kochi-substitute/default.nix | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/pkgs/build-support/fetchurl/mirrors.nix b/pkgs/build-support/fetchurl/mirrors.nix index eb3b8a105cd..9a0ced7437b 100644 --- a/pkgs/build-support/fetchurl/mirrors.nix +++ b/pkgs/build-support/fetchurl/mirrors.nix @@ -20,6 +20,12 @@ rec { http://kent.dl.sourceforge.net/sourceforge/ ]; + # SourceForge.jp. + sourceforgejp = [ + http://osdn.dl.sourceforge.jp/ + http://jaist.dl.sourceforge.jp/ + ]; + # GNU (http://www.gnu.org/prep/ftp.html). gnu = [ # This one redirects to a (supposedly) nearby and (supposedly) up-to-date diff --git a/pkgs/data/fonts/kochi-substitute/default.nix b/pkgs/data/fonts/kochi-substitute/default.nix index f00f855d490..625955c444d 100644 --- a/pkgs/data/fonts/kochi-substitute/default.nix +++ b/pkgs/data/fonts/kochi-substitute/default.nix @@ -6,7 +6,7 @@ stdenv.mkDerivation { name = "kochi-substitute-${version}"; src = fetchurl { - url = "http://jaist.dl.sourceforge.jp/efont/5411/kochi-substitute-${version}.tar.bz2"; + url = "mirror://sourceforgejp/efont/5411/kochi-substitute-${version}.tar.bz2"; sha256 = "f4d69b24538833bf7e2c4de5e01713b3f1440960a6cc2a5993cb3c68cd23148c"; }; From c2bb5c6133886ebdcc1ab215ea0556dadc9bbd0a Mon Sep 17 00:00:00 2001 From: Jonathan Glines Date: Mon, 9 Jun 2014 00:25:18 -0600 Subject: [PATCH 011/166] Added license for kochi-substitute font. --- pkgs/data/fonts/kochi-substitute/default.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pkgs/data/fonts/kochi-substitute/default.nix b/pkgs/data/fonts/kochi-substitute/default.nix index 625955c444d..ba5b64ffc83 100644 --- a/pkgs/data/fonts/kochi-substitute/default.nix +++ b/pkgs/data/fonts/kochi-substitute/default.nix @@ -19,7 +19,8 @@ stdenv.mkDerivation { ''; meta = { - description = "Japanese font, a free replacement for MS Gothic and MS Mincho."; + description = "Japanese font, a replacement for MS Gothic and MS Mincho."; homepage = http://sourceforge.jp/projects/efont/; + license = stdenv.lib.licenses.unfreeRedistributable; }; } From 18b9aff62299ef6bad2797db2cccb242d706d378 Mon Sep 17 00:00:00 2001 From: Jonathan Glines Date: Mon, 9 Jun 2014 00:26:05 -0600 Subject: [PATCH 012/166] Added maintainer for kochi-substitute. --- pkgs/data/fonts/kochi-substitute/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/pkgs/data/fonts/kochi-substitute/default.nix b/pkgs/data/fonts/kochi-substitute/default.nix index ba5b64ffc83..63ead532d75 100644 --- a/pkgs/data/fonts/kochi-substitute/default.nix +++ b/pkgs/data/fonts/kochi-substitute/default.nix @@ -22,5 +22,6 @@ stdenv.mkDerivation { description = "Japanese font, a replacement for MS Gothic and MS Mincho."; homepage = http://sourceforge.jp/projects/efont/; license = stdenv.lib.licenses.unfreeRedistributable; + maintainers = [ stdenv.lib.maintainers.auntie ]; }; } From 068c7fd037981a7746e627fe4a29c7a4ce034948 Mon Sep 17 00:00:00 2001 From: Gergely Risko Date: Tue, 10 Jun 2014 20:09:48 +0200 Subject: [PATCH 013/166] Fix nixos-rebuild.sh to depend on Nix And therefore always choose the correct architecture for the rebuilt system regardless for the PATH setting of the user. --- nixos/modules/installer/tools/nixos-rebuild.sh | 10 ++++++++++ nixos/modules/installer/tools/tools.nix | 1 + 2 files changed, 11 insertions(+) diff --git a/nixos/modules/installer/tools/nixos-rebuild.sh b/nixos/modules/installer/tools/nixos-rebuild.sh index d7b749573fa..be37e61151a 100644 --- a/nixos/modules/installer/tools/nixos-rebuild.sh +++ b/nixos/modules/installer/tools/nixos-rebuild.sh @@ -97,6 +97,16 @@ if [ -n "$upgrade" -a -z "$_NIXOS_REBUILD_REEXEC" ]; then nix-channel --update nixos fi +# Make sure that we use the Nix package we depend on, not something +# else from the PATH for nix-{env,instantiate,build}. This is +# important, because NixOS defaults the architecture of the rebuilt +# system to the architecture of the nix-* binaries used. So if on an +# amd64 system the user has an i686 Nix package in her PATH, then we +# would silently downgrade the whole system to be i686 NixOS on the +# next reboot. +if [ -z "$_NIXOS_REBUILD_REEXEC" ]; then + export PATH=@nix@/bin:$PATH +fi # Re-execute nixos-rebuild from the Nixpkgs tree. if [ -z "$_NIXOS_REBUILD_REEXEC" -a -n "$canRun" ]; then diff --git a/nixos/modules/installer/tools/tools.nix b/nixos/modules/installer/tools/tools.nix index 5ebf05e340f..f7fac75eb06 100644 --- a/nixos/modules/installer/tools/tools.nix +++ b/nixos/modules/installer/tools/tools.nix @@ -32,6 +32,7 @@ let nixos-rebuild = makeProg { name = "nixos-rebuild"; src = ./nixos-rebuild.sh; + nix = config.nix.package; }; nixos-generate-config = makeProg { From 80721cdd41ff107c650e8349a03bea1f6f43cfbb Mon Sep 17 00:00:00 2001 From: Kirill Elagin Date: Wed, 11 Jun 2014 13:17:00 +0400 Subject: [PATCH 014/166] Revert "Fix configuring httpd with custom user/group." This reverts commit 08f9da2e8eb9d3da39a1f28e191bd4fb7fd2fa45. --- nixos/modules/services/web-servers/apache-httpd/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nixos/modules/services/web-servers/apache-httpd/default.nix b/nixos/modules/services/web-servers/apache-httpd/default.nix index b8359d4756b..75ec6671d15 100644 --- a/nixos/modules/services/web-servers/apache-httpd/default.nix +++ b/nixos/modules/services/web-servers/apache-httpd/default.nix @@ -594,14 +594,14 @@ in message = "SSL is enabled for HTTPD, but sslServerCert and/or sslServerKey haven't been specified."; } ]; - users.extraUsers = optional (mainCfg.user == "wwwrun") + users.extraUsers = optionalAttrs (mainCfg.user == "wwwrun") singleton { name = "wwwrun"; group = "wwwrun"; description = "Apache httpd user"; uid = config.ids.uids.wwwrun; }; - users.extraGroups = optional (mainCfg.group == "wwwrun") + users.extraGroups = optionalAttrs (mainCfg.group == "wwwrun") singleton { name = "wwwrun"; gid = config.ids.gids.wwwrun; }; From 1208dd4df0602fb2f413a643eb9a7367bf1b6443 Mon Sep 17 00:00:00 2001 From: Kirill Elagin Date: Wed, 11 Jun 2014 13:17:42 +0400 Subject: [PATCH 015/166] Fix configuring apache with extra user/group This fix is consistent with all the other modules. --- .../modules/services/web-servers/apache-httpd/default.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/nixos/modules/services/web-servers/apache-httpd/default.nix b/nixos/modules/services/web-servers/apache-httpd/default.nix index 75ec6671d15..c76f127b721 100644 --- a/nixos/modules/services/web-servers/apache-httpd/default.nix +++ b/nixos/modules/services/web-servers/apache-httpd/default.nix @@ -594,17 +594,17 @@ in message = "SSL is enabled for HTTPD, but sslServerCert and/or sslServerKey haven't been specified."; } ]; - users.extraUsers = optionalAttrs (mainCfg.user == "wwwrun") singleton + users.extraUsers = optionalAttrs (mainCfg.user == "wwwrun") (singleton { name = "wwwrun"; group = "wwwrun"; description = "Apache httpd user"; uid = config.ids.uids.wwwrun; - }; + }); - users.extraGroups = optionalAttrs (mainCfg.group == "wwwrun") singleton + users.extraGroups = optionalAttrs (mainCfg.group == "wwwrun") (singleton { name = "wwwrun"; gid = config.ids.gids.wwwrun; - }; + }); environment.systemPackages = [httpd] ++ concatMap (svc: svc.extraPath) allSubservices; From f81434bdfe5cf4946a7b731c7a158873fea0b261 Mon Sep 17 00:00:00 2001 From: Kirill Elagin Date: Wed, 11 Jun 2014 13:36:15 +0400 Subject: [PATCH 016/166] Fix trying to add users to non-existent groups --- nixos/modules/services/databases/openldap.nix | 2 +- nixos/modules/services/web-servers/apache-httpd/default.nix | 2 +- nixos/modules/services/web-servers/nginx/default.nix | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/nixos/modules/services/databases/openldap.nix b/nixos/modules/services/databases/openldap.nix index c95238b3451..eae4c114fc1 100644 --- a/nixos/modules/services/databases/openldap.nix +++ b/nixos/modules/services/databases/openldap.nix @@ -68,7 +68,7 @@ in users.extraUsers = optionalAttrs (cfg.user == "openldap") (singleton { name = "openldap"; - group = "openldap"; + group = cfg.group; uid = config.ids.uids.openldap; }); diff --git a/nixos/modules/services/web-servers/apache-httpd/default.nix b/nixos/modules/services/web-servers/apache-httpd/default.nix index c76f127b721..6d0416fbb15 100644 --- a/nixos/modules/services/web-servers/apache-httpd/default.nix +++ b/nixos/modules/services/web-servers/apache-httpd/default.nix @@ -596,7 +596,7 @@ in users.extraUsers = optionalAttrs (mainCfg.user == "wwwrun") (singleton { name = "wwwrun"; - group = "wwwrun"; + group = mainCfg.group; description = "Apache httpd user"; uid = config.ids.uids.wwwrun; }); diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index ff94ee42d28..ef1aaee7557 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -105,7 +105,7 @@ in users.extraUsers = optionalAttrs (cfg.user == "nginx") (singleton { name = "nginx"; - group = "nginx"; + group = cfg.group; uid = config.ids.uids.nginx; }); From b913409e0bcf93706f2e2f6b25809ab30bd124ec Mon Sep 17 00:00:00 2001 From: Jonathan Glines Date: Wed, 11 Jun 2014 22:05:16 -0600 Subject: [PATCH 017/166] Removed non-free kochi-substitute and added kochi from Debian package. --- lib/licenses.nix | 6 ++++ lib/maintainers.nix | 1 + pkgs/data/fonts/kochi-gothic/default.nix | 35 ++++++++++++++++++++ pkgs/data/fonts/kochi-mincho/default.nix | 35 ++++++++++++++++++++ pkgs/data/fonts/kochi-substitute/default.nix | 25 -------------- pkgs/top-level/all-packages.nix | 4 ++- 6 files changed, 80 insertions(+), 26 deletions(-) create mode 100644 pkgs/data/fonts/kochi-gothic/default.nix create mode 100644 pkgs/data/fonts/kochi-mincho/default.nix delete mode 100644 pkgs/data/fonts/kochi-substitute/default.nix diff --git a/lib/licenses.nix b/lib/licenses.nix index e49528f2a2e..171f6938937 100644 --- a/lib/licenses.nix +++ b/lib/licenses.nix @@ -243,6 +243,12 @@ unfreeRedistributableFirmware = "unfree-redistributable-firmware"; + wadalab = { + shortName = "wadalab"; + fullName = "Wadalab Font License"; + url = https://fedoraproject.org/wiki/Licensing:Wadalab?rd=Licensing/Wadalab; + }; + zlib = { shortName = "zlib"; fullName = "zlib license"; diff --git a/lib/maintainers.nix b/lib/maintainers.nix index 8a98cb14651..a0aae2f3b59 100644 --- a/lib/maintainers.nix +++ b/lib/maintainers.nix @@ -17,6 +17,7 @@ arobyn = "Alexei Robyn "; astsmtl = "Alexander Tsamutali "; aszlig = "aszlig "; + auntie = "Jonathan Glines "; bbenoist = "Baptist BENOIST "; bennofs = "Benno Fünfstück "; berdario = "Dario Bertini "; diff --git a/pkgs/data/fonts/kochi-gothic/default.nix b/pkgs/data/fonts/kochi-gothic/default.nix new file mode 100644 index 00000000000..9c36da36bf6 --- /dev/null +++ b/pkgs/data/fonts/kochi-gothic/default.nix @@ -0,0 +1,35 @@ +{ stdenv, fetchurl, dpkg }: + +let version = "20030809"; +in +stdenv.mkDerivation { + name = "kochi-gothic-${version}"; + + src = fetchurl { + url = "mirror://debian/pool/main/t/ttf-kochi/ttf-kochi-gothic_${version}-15_all.deb"; + sha256 = "6e2311cd8e880a9328e4d3eef34a1c1f024fc87fba0dce177a0e1584a7360fea"; + }; + + buildInputs = [ dpkg ]; + + unpackCmd = '' + dpkg-deb --fsys-tarfile $src | tar xf - ./usr/share/fonts/truetype/kochi/kochi-gothic-subst.ttf + ''; + + installPhase = '' + mkdir -p $out/share/fonts/truetype + cp ./share/fonts/truetype/kochi/kochi-gothic-subst.ttf $out/share/fonts/truetype/ + ''; + + meta = { + description = "Japanese font, a free replacement for MS Gothic."; + longDescription = '' + Kochi Gothic was developed as a free replacement for the MS Gothic + font from Microsoft. This is the Debian version of Kochi Gothic, which + removes some non-free glyphs that were added from the naga10 font. + ''; + homepage = http://sourceforge.jp/projects/efont/; + license = stdenv.lib.licenses.wadalab; + maintainers = [ stdenv.lib.maintainers.auntie ]; + }; +} diff --git a/pkgs/data/fonts/kochi-mincho/default.nix b/pkgs/data/fonts/kochi-mincho/default.nix new file mode 100644 index 00000000000..2f31b85220b --- /dev/null +++ b/pkgs/data/fonts/kochi-mincho/default.nix @@ -0,0 +1,35 @@ +{ stdenv, fetchurl, dpkg }: + +let version = "20030809"; +in +stdenv.mkDerivation { + name = "kochi-mincho-${version}"; + + src = fetchurl { + url = "mirror://debian/pool/main/t/ttf-kochi/ttf-kochi-mincho_${version}-15_all.deb"; + sha256 = "91ce6c993a3a0f77ed85db76f62ce18632b4c0cbd8f864676359a17ae5e6fa3c"; + }; + + buildInputs = [ dpkg ]; + + unpackCmd = '' + dpkg-deb --fsys-tarfile $src | tar xf - ./usr/share/fonts/truetype/kochi/kochi-mincho-subst.ttf + ''; + + installPhase = '' + mkdir -p $out/share/fonts/truetype + cp ./share/fonts/truetype/kochi/kochi-mincho-subst.ttf $out/share/fonts/truetype/ + ''; + + meta = { + description = "Japanese font, a free replacement for MS Mincho."; + longDescription = '' + Kochi Mincho was developed as a free replacement for the MS Mincho + font from Microsoft. This is the Debian version of Kochi Mincho, which + removes some non-free glyphs that were added from the naga10 font. + ''; + homepage = http://sourceforge.jp/projects/efont/; + license = stdenv.lib.licenses.wadalab; + maintainers = [ stdenv.lib.maintainers.auntie ]; + }; +} diff --git a/pkgs/data/fonts/kochi-substitute/default.nix b/pkgs/data/fonts/kochi-substitute/default.nix deleted file mode 100644 index 625955c444d..00000000000 --- a/pkgs/data/fonts/kochi-substitute/default.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ stdenv, fetchurl }: - -let version = "20030809"; -in -stdenv.mkDerivation { - name = "kochi-substitute-${version}"; - - src = fetchurl { - url = "mirror://sourceforgejp/efont/5411/kochi-substitute-${version}.tar.bz2"; - sha256 = "f4d69b24538833bf7e2c4de5e01713b3f1440960a6cc2a5993cb3c68cd23148c"; - }; - - sourceRoot = "kochi-substitute-${version}"; - - installPhase = - '' - mkdir -p $out/share/fonts/kochi-substitute - cp *.ttf $out/share/fonts/kochi-substitute - ''; - - meta = { - description = "Japanese font, a free replacement for MS Gothic and MS Mincho."; - homepage = http://sourceforge.jp/projects/efont/; - }; -} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 3be9de80fc1..b6aaa84f619 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -7789,7 +7789,9 @@ let junicode = callPackage ../data/fonts/junicode { }; - kochi-substitute = callPackage ../data/fonts/kochi-substitute {}; + kochi-gothic = callPackage ../data/fonts/kochi-gothic {}; + + kochi-mincho = callPackage ../data/fonts/kochi-mincho {}; liberation_ttf = callPackage ../data/fonts/redhat-liberation-fonts { }; From f5b5df830cdf506cca1a8a6b17cc1ea1b775d788 Mon Sep 17 00:00:00 2001 From: Jonathan Glines Date: Wed, 11 Jun 2014 22:18:05 -0600 Subject: [PATCH 018/166] Moved kochi-mincho and kochi-gothic back into one package. --- pkgs/data/fonts/kochi-mincho/default.nix | 35 ------------------- .../default.nix | 18 +++++++--- pkgs/top-level/all-packages.nix | 4 +-- 3 files changed, 14 insertions(+), 43 deletions(-) delete mode 100644 pkgs/data/fonts/kochi-mincho/default.nix rename pkgs/data/fonts/{kochi-gothic => kochi-substitute}/default.nix (59%) diff --git a/pkgs/data/fonts/kochi-mincho/default.nix b/pkgs/data/fonts/kochi-mincho/default.nix deleted file mode 100644 index 2f31b85220b..00000000000 --- a/pkgs/data/fonts/kochi-mincho/default.nix +++ /dev/null @@ -1,35 +0,0 @@ -{ stdenv, fetchurl, dpkg }: - -let version = "20030809"; -in -stdenv.mkDerivation { - name = "kochi-mincho-${version}"; - - src = fetchurl { - url = "mirror://debian/pool/main/t/ttf-kochi/ttf-kochi-mincho_${version}-15_all.deb"; - sha256 = "91ce6c993a3a0f77ed85db76f62ce18632b4c0cbd8f864676359a17ae5e6fa3c"; - }; - - buildInputs = [ dpkg ]; - - unpackCmd = '' - dpkg-deb --fsys-tarfile $src | tar xf - ./usr/share/fonts/truetype/kochi/kochi-mincho-subst.ttf - ''; - - installPhase = '' - mkdir -p $out/share/fonts/truetype - cp ./share/fonts/truetype/kochi/kochi-mincho-subst.ttf $out/share/fonts/truetype/ - ''; - - meta = { - description = "Japanese font, a free replacement for MS Mincho."; - longDescription = '' - Kochi Mincho was developed as a free replacement for the MS Mincho - font from Microsoft. This is the Debian version of Kochi Mincho, which - removes some non-free glyphs that were added from the naga10 font. - ''; - homepage = http://sourceforge.jp/projects/efont/; - license = stdenv.lib.licenses.wadalab; - maintainers = [ stdenv.lib.maintainers.auntie ]; - }; -} diff --git a/pkgs/data/fonts/kochi-gothic/default.nix b/pkgs/data/fonts/kochi-substitute/default.nix similarity index 59% rename from pkgs/data/fonts/kochi-gothic/default.nix rename to pkgs/data/fonts/kochi-substitute/default.nix index 9c36da36bf6..eceebf52912 100644 --- a/pkgs/data/fonts/kochi-gothic/default.nix +++ b/pkgs/data/fonts/kochi-substitute/default.nix @@ -3,30 +3,38 @@ let version = "20030809"; in stdenv.mkDerivation { - name = "kochi-gothic-${version}"; + name = "kochi-substitute-${version}"; src = fetchurl { url = "mirror://debian/pool/main/t/ttf-kochi/ttf-kochi-gothic_${version}-15_all.deb"; sha256 = "6e2311cd8e880a9328e4d3eef34a1c1f024fc87fba0dce177a0e1584a7360fea"; }; + src2 = fetchurl { + url = "mirror://debian/pool/main/t/ttf-kochi/ttf-kochi-mincho_${version}-15_all.deb"; + sha256 = "91ce6c993a3a0f77ed85db76f62ce18632b4c0cbd8f864676359a17ae5e6fa3c"; + }; + buildInputs = [ dpkg ]; unpackCmd = '' dpkg-deb --fsys-tarfile $src | tar xf - ./usr/share/fonts/truetype/kochi/kochi-gothic-subst.ttf + dpkg-deb --fsys-tarfile $src2 | tar xf - ./usr/share/fonts/truetype/kochi/kochi-mincho-subst.ttf ''; installPhase = '' mkdir -p $out/share/fonts/truetype cp ./share/fonts/truetype/kochi/kochi-gothic-subst.ttf $out/share/fonts/truetype/ + cp ./share/fonts/truetype/kochi/kochi-mincho-subst.ttf $out/share/fonts/truetype/ ''; meta = { - description = "Japanese font, a free replacement for MS Gothic."; + description = "Japanese font, a free replacement for MS Gothic and MS Mincho."; longDescription = '' - Kochi Gothic was developed as a free replacement for the MS Gothic - font from Microsoft. This is the Debian version of Kochi Gothic, which - removes some non-free glyphs that were added from the naga10 font. + Kochi Gothic was developed as a free replacement for the MS Gothic and + MS Mincho fonts from Microsoft. These are the Debian versions of the + fonts, which remove some non-free glyphs that were added from the naga10 + font. ''; homepage = http://sourceforge.jp/projects/efont/; license = stdenv.lib.licenses.wadalab; diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index b6aaa84f619..3be9de80fc1 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -7789,9 +7789,7 @@ let junicode = callPackage ../data/fonts/junicode { }; - kochi-gothic = callPackage ../data/fonts/kochi-gothic {}; - - kochi-mincho = callPackage ../data/fonts/kochi-mincho {}; + kochi-substitute = callPackage ../data/fonts/kochi-substitute {}; liberation_ttf = callPackage ../data/fonts/redhat-liberation-fonts { }; From 1a30cf5e0926488b58b862a370a5e88461815c23 Mon Sep 17 00:00:00 2001 From: Jonathan Glines Date: Thu, 12 Jun 2014 21:33:23 -0600 Subject: [PATCH 019/166] Re-added the non-free kochi-substitute with naga10 glyphs. --- .../fonts/kochi-substitute-naga10/default.nix | 36 +++++++++++++++++++ pkgs/data/fonts/kochi-substitute/default.nix | 8 ++--- pkgs/top-level/all-packages.nix | 2 ++ 3 files changed, 42 insertions(+), 4 deletions(-) create mode 100644 pkgs/data/fonts/kochi-substitute-naga10/default.nix diff --git a/pkgs/data/fonts/kochi-substitute-naga10/default.nix b/pkgs/data/fonts/kochi-substitute-naga10/default.nix new file mode 100644 index 00000000000..30a56f950f9 --- /dev/null +++ b/pkgs/data/fonts/kochi-substitute-naga10/default.nix @@ -0,0 +1,36 @@ +{ stdenv, fetchurl }: + +let version = "20030809"; +in +stdenv.mkDerivation { + name = "kochi-substitute-naga10-${version}"; + + src = fetchurl { + url = "mirror://sourceforgejp/efont/5411/kochi-substitute-${version}.tar.bz2"; + sha256 = "f4d69b24538833bf7e2c4de5e01713b3f1440960a6cc2a5993cb3c68cd23148c"; + }; + + sourceRoot = "kochi-substitute-${version}"; + + installPhase = '' + mkdir -p $out/share/fonts/truetype + cp ./kochi-gothic-subst.ttf $out/share/fonts/truetype/kochi-gothic-subst-naga10.ttf + cp ./kochi-mincho-subst.ttf $out/share/fonts/truetype/kochi-mincho-subst-naga10.ttf + ''; + + unfreeRedistributable = "unfree-redistributable"; + + meta = { + description = "Japanese font, non-free replacement for MS Gothic and MS Mincho."; + homepage = http://sourceforge.jp/projects/efont/; + longDescription = '' + Kochi Gothic and Kochi Mincho were developed as free replacements for the + MS Gothic and MS Mincho fonts from Microsoft. This version of the fonts + includes some non-free glyphs from the naga10 font, which stipulate that + this font may not be sold commercially. See kochi-substitute for the free + Debian version. + ''; + license = stdenv.lib.licenses.unfree; + maintainers = [ stdenv.lib.maintainers.auntie ]; + }; +} diff --git a/pkgs/data/fonts/kochi-substitute/default.nix b/pkgs/data/fonts/kochi-substitute/default.nix index eceebf52912..dec20fd5100 100644 --- a/pkgs/data/fonts/kochi-substitute/default.nix +++ b/pkgs/data/fonts/kochi-substitute/default.nix @@ -31,10 +31,10 @@ stdenv.mkDerivation { meta = { description = "Japanese font, a free replacement for MS Gothic and MS Mincho."; longDescription = '' - Kochi Gothic was developed as a free replacement for the MS Gothic and - MS Mincho fonts from Microsoft. These are the Debian versions of the - fonts, which remove some non-free glyphs that were added from the naga10 - font. + Kochi Gothic and Kochi Mincho were developed as free replacements for the + MS Gothic and MS Mincho fonts from Microsoft. These are the Debian + versions of the fonts, which remove some non-free glyphs that were added + from the naga10 font. ''; homepage = http://sourceforge.jp/projects/efont/; license = stdenv.lib.licenses.wadalab; diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 3be9de80fc1..e5d81472f33 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -7791,6 +7791,8 @@ let kochi-substitute = callPackage ../data/fonts/kochi-substitute {}; + kochi-substitute-naga10 = callPackage ../data/fonts/kochi-substitute-naga10 {}; + liberation_ttf = callPackage ../data/fonts/redhat-liberation-fonts { }; libertine = builderDefsPackage (import ../data/fonts/libertine) { From fad3494f072ffb766a5b65d7ee80e3e17fce327f Mon Sep 17 00:00:00 2001 From: Jonathan Glines Date: Thu, 12 Jun 2014 21:38:37 -0600 Subject: [PATCH 020/166] Changed kochi-substitute-naga10 to unfreeRedistributable. --- pkgs/data/fonts/kochi-substitute-naga10/default.nix | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/pkgs/data/fonts/kochi-substitute-naga10/default.nix b/pkgs/data/fonts/kochi-substitute-naga10/default.nix index 30a56f950f9..98ab8a3bcac 100644 --- a/pkgs/data/fonts/kochi-substitute-naga10/default.nix +++ b/pkgs/data/fonts/kochi-substitute-naga10/default.nix @@ -18,11 +18,8 @@ stdenv.mkDerivation { cp ./kochi-mincho-subst.ttf $out/share/fonts/truetype/kochi-mincho-subst-naga10.ttf ''; - unfreeRedistributable = "unfree-redistributable"; - meta = { description = "Japanese font, non-free replacement for MS Gothic and MS Mincho."; - homepage = http://sourceforge.jp/projects/efont/; longDescription = '' Kochi Gothic and Kochi Mincho were developed as free replacements for the MS Gothic and MS Mincho fonts from Microsoft. This version of the fonts @@ -30,7 +27,8 @@ stdenv.mkDerivation { this font may not be sold commercially. See kochi-substitute for the free Debian version. ''; - license = stdenv.lib.licenses.unfree; + homepage = http://sourceforge.jp/projects/efont/; + license = stdenv.lib.licenses.unfreeRedistributable; maintainers = [ stdenv.lib.maintainers.auntie ]; }; } From 339b34798724039a09239ea58b2cb59ab92a5134 Mon Sep 17 00:00:00 2001 From: Jonathan Glines Date: Sun, 15 Jun 2014 10:02:41 -0600 Subject: [PATCH 021/166] Added package for Japanese IPAFonts. --- lib/licenses.nix | 6 ++++++ pkgs/data/fonts/ipafont/default.nix | 33 +++++++++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 3 files changed, 41 insertions(+) create mode 100644 pkgs/data/fonts/ipafont/default.nix diff --git a/lib/licenses.nix b/lib/licenses.nix index e49528f2a2e..dbc9c81b424 100644 --- a/lib/licenses.nix +++ b/lib/licenses.nix @@ -130,6 +130,12 @@ url = http://www.opensource.org/licenses/ISC; }; + ipa = { + shortName = "IPA 1.0"; + fullName = "IPA Font License v1.0"; + url = http://ipafont.ipa.go.jp/ipafont/; + }; + ipl10 = { shortName = "IPL 1.0"; fullName = "IBM Public License Version 1.0"; diff --git a/pkgs/data/fonts/ipafont/default.nix b/pkgs/data/fonts/ipafont/default.nix new file mode 100644 index 00000000000..91bf95d1ea2 --- /dev/null +++ b/pkgs/data/fonts/ipafont/default.nix @@ -0,0 +1,33 @@ +{ stdenv, fetchurl, unzip }: + +stdenv.mkDerivation { + name = "ipafont-003.03"; + + src = fetchurl { + url = "http://ipafont.ipa.go.jp/ipafont/IPAfont00303.php"; + sha256 = "f755ed79a4b8e715bed2f05a189172138aedf93db0f465b4e20c344a02766fe5"; + }; + + buildInputs = [ unzip ]; + + unpackPhase = '' + unzip $src + ''; + + installPhase = '' + mkdir -p $out/share/fonts/opentype + cp ./IPAfont00303/*.ttf $out/share/fonts/opentype/ + ''; + + meta = { + description = "Japanese font package with Mincho and Gothic fonts"; + longDescription = '' + IPAFont is a Japanese font developed by the Information-technology + Promotion Agency of Japan. It provides both Mincho and Gothic fonts, + suitable for both display and printing. + ''; + homepage = http://ipafont.ipa.go.jp/ipafont/; + license = stdenv.lib.licenses.ipa; + maintainers = [ stdenv.lib.maintainers.auntie ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 71e1fedbfcd..d80a6c040e6 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -7826,6 +7826,8 @@ let inconsolata = callPackage ../data/fonts/inconsolata {}; + ipafont = callPackage ../data/fonts/ipafont {}; + junicode = callPackage ../data/fonts/junicode { }; liberation_ttf = callPackage ../data/fonts/redhat-liberation-fonts { }; From 088bfaf826c20822c20f99f18102a1bd4420b934 Mon Sep 17 00:00:00 2001 From: "ambrop7@gmail.com" Date: Wed, 18 Jun 2014 23:17:43 +0200 Subject: [PATCH 022/166] Add nvidia-texture-tools. --- .../nvidia-texture-tools/default.nix | 41 +++++++++++++++++++ pkgs/top-level/all-packages.nix | 3 +- 2 files changed, 43 insertions(+), 1 deletion(-) create mode 100644 pkgs/development/libraries/nvidia-texture-tools/default.nix diff --git a/pkgs/development/libraries/nvidia-texture-tools/default.nix b/pkgs/development/libraries/nvidia-texture-tools/default.nix new file mode 100644 index 00000000000..852d72cb9aa --- /dev/null +++ b/pkgs/development/libraries/nvidia-texture-tools/default.nix @@ -0,0 +1,41 @@ +{ stdenv, fetchsvn, cmake, libpng, ilmbase, libtiff, zlib, libjpeg +, mesa, libX11 +}: + +stdenv.mkDerivation rec { + # No support yet for cg, cuda, glew, glut, openexr. + + name = "nvidia-texture-tools"; + + src = fetchsvn { + url = "http://nvidia-texture-tools.googlecode.com/svn/trunk"; + rev = "1388"; + sha256 = "0pwxqx5l16nqidzm6mwd3rd4gbbknkz6q8cxnvf7sggjpbcvm2d6"; + }; + + buildInputs = [ cmake libpng ilmbase libtiff zlib libjpeg mesa libX11 ]; + + patchPhase = '' + # Fix build due to missing dependnecies. + echo 'target_link_libraries(bc7 nvmath)' >> src/nvtt/bc7/CMakeLists.txt + echo 'target_link_libraries(bc6h nvmath)' >> src/nvtt/bc6h/CMakeLists.txt + + # Make a recently added pure virtual function just virtual, + # to keep compatibility. + sed -i 's/virtual void endImage() = 0;/virtual void endImage() {}/' src/nvtt/nvtt.h + + # Fix building shared libraries. + sed -i 's/SET(NVIMAGE_SHARED TRUE)/SET(NVIMAGE_SHARED TRUE)\nSET(NVTHREAD_SHARED TRUE)/' CMakeLists.txt + ''; + + cmakeFlags = [ + "-DNVTT_SHARED=TRUE" + ]; + + meta = { + description = "A set of cuda-enabled texture tools and compressors"; + homepage = "http://developer.nvidia.com/object/texture_tools.html"; + license = "MIT"; + platforms = stdenv.lib.platforms.linux; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index b17a38ad1f0..4b73aa8641c 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -5688,6 +5688,8 @@ let ntrack = callPackage ../development/libraries/ntrack { }; + nvidia-texture-tools = callPackage ../development/libraries/nvidia-texture-tools { }; + ode = builderDefsPackage (import ../development/libraries/ode) { }; ogre = callPackage ../development/libraries/ogre {}; @@ -10318,7 +10320,6 @@ let keen4 = callPackage ../games/keen4 { }; - ### DESKTOP ENVIRONMENTS cinnamon = recurseIntoAttrs rec { From edcad57434dc1ac3ea384e11c8bc88a834f18876 Mon Sep 17 00:00:00 2001 From: "ambrop7@gmail.com" Date: Wed, 18 Jun 2014 23:18:31 +0200 Subject: [PATCH 023/166] Add Gloox. --- pkgs/development/libraries/gloox/default.nix | 32 ++++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 2 files changed, 34 insertions(+) create mode 100644 pkgs/development/libraries/gloox/default.nix diff --git a/pkgs/development/libraries/gloox/default.nix b/pkgs/development/libraries/gloox/default.nix new file mode 100644 index 00000000000..4e271a8c678 --- /dev/null +++ b/pkgs/development/libraries/gloox/default.nix @@ -0,0 +1,32 @@ +{ stdenv, fetchurl +, zlibSupport ? true, zlib ? null +, sslSupport ? true, openssl ? null +, idnSupport ? true, libidn ? null +}: + +assert zlibSupport -> zlib != null; +assert sslSupport -> openssl != null; +assert idnSupport -> libidn != null; + +let + version = "1.0.10"; +in +stdenv.mkDerivation rec { + name = "gloox-${version}"; + + src = fetchurl { + url = "http://camaya.net/download/gloox-${version}.tar.bz2"; + sha256 = "300e756af97d43f3f70f1e68e4d4c7129d587dface61633f50d2c490876f58a3"; + }; + + buildInputs = [ ] + ++ stdenv.lib.optional zlibSupport zlib + ++ stdenv.lib.optional sslSupport openssl + ++ stdenv.lib.optional idnSupport libidn; + + meta = { + description = "A portable high-level Jabber/XMPP library for C++"; + homepage = "http://camaya.net/gloox"; + license = [ "GPLv3" ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 4b73aa8641c..45e1ef8e98d 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -4619,6 +4619,8 @@ let glog = callPackage ../development/libraries/glog { }; + gloox = callPackage ../development/libraries/gloox { }; + glpk = callPackage ../development/libraries/glpk { }; glsurf = callPackage ../applications/science/math/glsurf { From 7dbcc9a6eecb0b3a7ac410c0c5158e5696f083d1 Mon Sep 17 00:00:00 2001 From: "ambrop7@gmail.com" Date: Wed, 18 Jun 2014 23:18:53 +0200 Subject: [PATCH 024/166] Add 0 A.D. --- pkgs/games/0ad/data.nix | 19 +++++ pkgs/games/0ad/default.nix | 120 ++++++++++++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 + 3 files changed, 141 insertions(+) create mode 100644 pkgs/games/0ad/data.nix create mode 100644 pkgs/games/0ad/default.nix diff --git a/pkgs/games/0ad/data.nix b/pkgs/games/0ad/data.nix new file mode 100644 index 00000000000..6f3c85183da --- /dev/null +++ b/pkgs/games/0ad/data.nix @@ -0,0 +1,19 @@ +{ stdenv, fetchurl, version, releaseType }: + +stdenv.mkDerivation rec { + name = "0ad-data-${version}"; + + src = fetchurl { + url = "http://releases.wildfiregames.com/0ad-${version}-${releaseType}-unix-data.tar.xz"; + sha256 = "0f16d41e81d7349fb16490f3abbfd38bcb3f2b89648355b2b281c5045ddafadc"; + }; + + patchPhase = '' + rm binaries/data/tools/fontbuilder/fonts/*.txt + ''; + + installPhase = '' + mkdir -p $out/share/0ad + cp -r binaries/data/* $out/share/0ad/ + ''; +} diff --git a/pkgs/games/0ad/default.nix b/pkgs/games/0ad/default.nix new file mode 100644 index 00000000000..efbd59dbbe3 --- /dev/null +++ b/pkgs/games/0ad/default.nix @@ -0,0 +1,120 @@ +{ stdenv, stdenvType, callPackage, fetchurl, python27 +, pkgconfig, spidermonkey_24, boost, icu, libxml2, libpng +, libjpeg, zlib, curl, libogg, libvorbis, enet, miniupnpc +, openalSoft, mesa, xproto, libX11, libXcursor, nspr, SDL +, gloox, nvidia-texture-tools +, withEditor ? true, wxGTK ? null +}: + +assert withEditor -> wxGTK != null; + +let + version = "0.0.16"; + + releaseType = "alpha"; + + zeroadData = callPackage ./data.nix { inherit version releaseType; }; + + archForPremake = + if stdenv.lib.hasPrefix "x86_64-" stdenvType then "x64" else + if stdenv.lib.hasPrefix "i686-" stdenvType then "x32" else "ERROR"; + +in +stdenv.mkDerivation rec { + name = "0ad-${version}"; + + src = fetchurl { + url = "http://releases.wildfiregames.com/0ad-${version}-${releaseType}-unix-build.tar.xz"; + sha256 = "cb965ef7e292bc3a2f1f598a9695e16ff4d786398f384a1ec7d5f9bfe2626de5"; + }; + + buildInputs = [ + zeroadData python27 pkgconfig spidermonkey_24 boost icu + libxml2 libpng libjpeg zlib curl libogg libvorbis enet + miniupnpc openalSoft mesa xproto libX11 libXcursor nspr + SDL gloox nvidia-texture-tools + ] ++ stdenv.lib.optional withEditor wxGTK; + + NIX_CFLAGS_COMPILE = [ + "-I${xproto}/include/X11" + "-I${libX11}/include/X11" + "-I${libXcursor}/include/X11" + ]; + + configurePhase = '' + # Delete shipped libraries which we don't need. + rm -rf libraries/source/{enet,miniupnpc,nvtt,spidermonkey} + + # Build shipped premake. + make -C build/premake/premake4/build/gmake.unix + + # Run premake. + pushd build/premake + ./premake4/bin/release/premake4 \ + --file="premake4.lua" \ + --outpath="../workspaces/gcc/" \ + --platform=${archForPremake} \ + --os=linux \ + --with-system-nvtt \ + --with-system-enet \ + --with-system-miniupnpc \ + --with-system-mozjs24 \ + ${ if withEditor then "--atlas" else "" } \ + --collada \ + --bindir="$out"/bin \ + --libdir="$out"/lib/0ad \ + --datadir="$out"/share/0ad \ + gmake + popd + ''; + + buildPhase = '' + # Build bundled fcollada. + make -C libraries/source/fcollada/src + + # Build 0ad. + make -C build/workspaces/gcc verbose=1 + ''; + + installPhase = '' + # Copy executables. + mkdir -p "$out"/bin + cp binaries/system/pyrogenesis "$out"/bin/ + ((${ toString withEditor })) && cp binaries/system/ActorEditor "$out"/bin/ + + # Copy l10n data. + mkdir -p "$out"/share/0ad + cp -r binaries/data/l10n "$out"/share/0ad/ + + # Copy libraries. + mkdir -p "$out"/lib/0ad + cp binaries/system/libCollada.so "$out"/lib/0ad/ + ((${ toString withEditor })) && cp binaries/system/libAtlasUI.so "$out"/lib/0ad/ + + # Create links to data files. + ln -s -t "$out"/share/0ad "${zeroadData}"/share/0ad/* + + # Copy icon. + mkdir -p "$out"/share/icons + cp build/resources/0ad.png "$out"/share/icons/ + + # Copy/fix desktop item. + mkdir -p "$out"/share/applications + while read LINE; do + if [[ $LINE = "Exec=0ad" ]]; then + echo "Exec=$out/bin/pyrogenesis" + elif [[ $LINE = "Icon=0ad" ]]; then + echo "Icon=$out/share/icons/0ad.png" + else + echo "$LINE" + fi + done "$out"/share/applications/0ad.desktop + ''; + + meta = { + description = "A free, open-source game of ancient warfare"; + homepage = "http://wildfiregames.com/0ad/"; + license = [ "GPLv2" "LGPLv2.1" "MIT" "CC BY-SA 3.0" "zlib" ]; + platforms = [ "x86_64-linux" "i686-linux" ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 45e1ef8e98d..2c1d7fc4be2 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -10322,6 +10322,8 @@ let keen4 = callPackage ../games/keen4 { }; + zeroad = callPackage ../games/0ad { }; + ### DESKTOP ENVIRONMENTS cinnamon = recurseIntoAttrs rec { From a056940066622e4686dc4465c58ea3095a1ba42d Mon Sep 17 00:00:00 2001 From: taku0 Date: Sun, 11 May 2014 19:13:52 +0900 Subject: [PATCH 025/166] add oraclejdk8 --- .../compilers/jdk/jdk-linux-base.nix | 164 ++++++++++++++++ pkgs/development/compilers/jdk/jdk7-linux.nix | 178 +----------------- pkgs/development/compilers/jdk/jdk8-linux.nix | 10 + pkgs/top-level/all-packages.nix | 9 + 4 files changed, 192 insertions(+), 169 deletions(-) create mode 100644 pkgs/development/compilers/jdk/jdk-linux-base.nix create mode 100644 pkgs/development/compilers/jdk/jdk8-linux.nix diff --git a/pkgs/development/compilers/jdk/jdk-linux-base.nix b/pkgs/development/compilers/jdk/jdk-linux-base.nix new file mode 100644 index 00000000000..1effcd88d35 --- /dev/null +++ b/pkgs/development/compilers/jdk/jdk-linux-base.nix @@ -0,0 +1,164 @@ +{ productVersion +, patchVersion +, downloadUrl +, sha256_i686 +, sha256_x86_64 +, jceName +, jceDownloadUrl +, sha256JCE +}: + +{ swingSupport ? true +, stdenv +, requireFile +, unzip +, xlibs ? null +, installjdk ? true +, pluginSupport ? true +, installjce ? false +, glib +, libxml2 +, libav_0_8 +, ffmpeg +, libxslt +, mesa_noglu +, freetype +, fontconfig +, gnome +, cairo +, alsaLib +, atk +, gdk_pixbuf +}: + +assert stdenv.system == "i686-linux" || stdenv.system == "x86_64-linux"; +assert swingSupport -> xlibs != null; + +let + + /** + * The JRE libraries are in directories that depend on the CPU. + */ + architecture = + if stdenv.system == "i686-linux" then + "i386" + else if stdenv.system == "x86_64-linux" then + "amd64" + else + abort "jdk requires i686-linux or x86_64 linux"; + + jce = + if installjce then + requireFile { + name = jceName; + url = jceDownloadUrl; + sha256 = sha256JCE; + } + else + ""; +in + +stdenv.mkDerivation rec { + name = + if installjdk then "jdk-1.${productVersion}.0_${patchVersion}" else "jre-1.${productVersion}.0_${patchVersion}"; + + src = + if stdenv.system == "i686-linux" then + requireFile { + name = "jdk-${productVersion}u${patchVersion}-linux-i586.tar.gz"; + url = downloadUrl; + sha256 = sha256_i686; + } + else if stdenv.system == "x86_64-linux" then + + requireFile { + name = "jdk-${productVersion}u${patchVersion}-linux-x64.tar.gz"; + url = downloadUrl; + sha256 = sha256_x86_64; + } + else + abort "jdk requires i686-linux or x86_64 linux"; + + buildInputs = if installjce then [ unzip ] else []; + + # See: https://github.com/NixOS/patchelf/issues/10 + dontStrip = 1; + + installPhase = '' + cd .. + if test -z "$installjdk"; then + mv $sourceRoot/jre $out + else + mv $sourceRoot $out + fi + + for file in $out/* + do + if test -f $file ; then + rm $file + fi + done + + if test -n "$installjdk"; then + for file in $out/jre/* + do + if test -f $file ; then + rm $file + fi + done + fi + + # construct the rpath + rpath= + for i in $libraries; do + rpath=$rpath''${rpath:+:}$i/lib:$i/lib64 + done + + if test -z "$installjdk"; then + jrePath=$out + else + jrePath=$out/jre + fi + + if test -n "${jce}"; then + unzip ${jce} + cp -v UnlimitedJCEPolicy/*.jar $jrePath/lib/security + fi + + rpath=$rpath''${rpath:+:}$jrePath/lib/${architecture}/jli + rpath=$rpath''${rpath:+:}$jrePath/lib/${architecture}/server + rpath=$rpath''${rpath:+:}$jrePath/lib/${architecture}/xawt + rpath=$rpath''${rpath:+:}$jrePath/lib/${architecture} + + # set all the dynamic linkers + find $out -type f -perm +100 \ + -exec patchelf --interpreter "$(cat $NIX_GCC/nix-support/dynamic-linker)" \ + --set-rpath "$rpath" {} \; + + find $out -name "*.so" -exec patchelf --set-rpath "$rpath" {} \; + + if test -z "$pluginSupport"; then + rm -f $out/bin/javaws + if test -n "$installjdk"; then + rm -f $out/jre/bin/javaws + fi + fi + + mkdir $jrePath/lib/${architecture}/plugins + ln -s $jrePath/lib/${architecture}/libnpjp2.so $jrePath/lib/${architecture}/plugins + ''; + + inherit installjdk pluginSupport; + + /** + * libXt is only needed on amd64 + */ + libraries = + [stdenv.gcc.libc glib libxml2 libav_0_8 ffmpeg libxslt mesa_noglu xlibs.libXxf86vm alsaLib fontconfig freetype gnome.pango gnome.gtk cairo gdk_pixbuf atk] ++ + (if swingSupport then [xlibs.libX11 xlibs.libXext xlibs.libXtst xlibs.libXi xlibs.libXp xlibs.libXt xlibs.libXrender stdenv.gcc.gcc] else []); + + passthru.mozillaPlugin = if installjdk then "/jre/lib/${architecture}/plugins" else "/lib/${architecture}/plugins"; + + meta.license = "unfree"; +} + diff --git a/pkgs/development/compilers/jdk/jdk7-linux.nix b/pkgs/development/compilers/jdk/jdk7-linux.nix index 7683ad81e59..feaf978137b 100644 --- a/pkgs/development/compilers/jdk/jdk7-linux.nix +++ b/pkgs/development/compilers/jdk/jdk7-linux.nix @@ -1,170 +1,10 @@ -{ swingSupport ? true -, stdenv -, requireFile -, unzip -, file -, xlibs ? null -, installjdk ? true -, pluginSupport ? true -, installjce ? false -, glib -, libxml2 -, libav_0_8 -, ffmpeg -, libxslt -, mesa_noglu -, freetype -, fontconfig -, gnome -, cairo -, alsaLib -, atk -, gdk_pixbuf -}: - -assert stdenv.system == "i686-linux" || stdenv.system == "x86_64-linux"; -assert swingSupport -> xlibs != null; - -let - - /** - * The JRE libraries are in directories that depend on the CPU. - */ - architecture = - if stdenv.system == "i686-linux" then - "i386" - else if stdenv.system == "x86_64-linux" then - "amd64" - else - abort "jdk requires i686-linux or x86_64 linux"; - - jce = - if installjce then - requireFile { - name = "UnlimitedJCEPolicyJDK7.zip"; - url = http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html; - sha256 = "7a8d790e7bd9c2f82a83baddfae765797a4a56ea603c9150c87b7cdb7800194d"; - } - else - ""; -in - -stdenv.mkDerivation rec { - patchversion = "55"; - - name = - if installjdk then "jdk-1.7.0_${patchversion}" else "jre-1.7.0_${patchversion}"; - - src = - if stdenv.system == "i686-linux" then - requireFile { - name = "jdk-7u${patchversion}-linux-i586.tar.gz"; - url = http://www.oracle.com/technetwork/java/javase/downloads/jdk7-downloads-1880260.html; - sha256 = "0y0v5ilbkdmf14jrvwa23x91rfdw90jji4y7hq0l494iy4wjnyc1"; - } - else if stdenv.system == "x86_64-linux" then - - requireFile { - name = "jdk-7u${patchversion}-linux-x64.tar.gz"; - url = http://www.oracle.com/technetwork/java/javase/downloads/jdk7-downloads-1880260.html; - sha256 = "15sncxhjasv5i6p7hfrr92xq5ph9g6g12i4m52vp45l031bw5y46"; - } - else - abort "jdk requires i686-linux or x86_64 linux"; - - nativeBuildInputs = [ file ] - ++ stdenv.lib.optional installjce unzip; - - installPhase = '' - cd .. - - # Set PaX markings - exes=$(file $sourceRoot/bin/* $sourceRoot/jre/bin/* 2> /dev/null | grep -E 'ELF.*(executable|shared object)' | sed -e 's/: .*$//') - for file in $exes; do - paxmark m "$file" - # On x86 for heap sizes over 700MB disable SEGMEXEC and PAGEEXEC as well. - ${stdenv.lib.optionalString stdenv.isi686 ''paxmark msp "$file"''} - done - - if test -z "$installjdk"; then - mv $sourceRoot/jre $out - else - mv $sourceRoot $out - fi - - for file in $out/* - do - if test -f $file ; then - rm $file - fi - done - - if test -n "$installjdk"; then - for file in $out/jre/* - do - if test -f $file ; then - rm $file - fi - done - fi - - # construct the rpath - rpath= - for i in $libraries; do - rpath=$rpath''${rpath:+:}$i/lib''${rpath:+:}$i/lib64 - done - - if test -z "$installjdk"; then - jrePath=$out - else - jrePath=$out/jre - fi - - if test -n "${jce}"; then - unzip ${jce} - cp -v UnlimitedJCEPolicy/*.jar $jrePath/lib/security - fi - - rpath=$rpath''${rpath:+:}$jrePath/lib/${architecture}/jli - rpath=$rpath''${rpath:+:}$jrePath/lib/${architecture}/server - rpath=$rpath''${rpath:+:}$jrePath/lib/${architecture}/xawt - rpath=$rpath''${rpath:+:}$jrePath/lib/${architecture} - - # set all the dynamic linkers - find $out -type f -perm +100 \ - -exec patchelf --interpreter "$(cat $NIX_GCC/nix-support/dynamic-linker)" \ - --set-rpath "$rpath" {} \; - - find $out -name "*.so" -exec patchelf --set-rpath "$rpath" {} \; - - # HACK: For some reason, appending atk to the global patchelf rpath paths causes: - # java: relocation error: java: symbol , version GLIBC_2.2.5 not defined in file libc.so.6 with link time reference - # Because only libglass.so needs atk, we put it only in it's rpath. - # This seems to work fine. - test -f $out/jre/lib/${architecture}/libglass.so && patchelf --set-rpath "$rpath:${atk}/lib" $out/jre/lib/${architecture}/libglass.so - - if test -z "$pluginSupport"; then - rm -f $out/bin/javaws - if test -n "$installjdk"; then - rm -f $out/jre/bin/javaws - fi - fi - - mkdir $jrePath/lib/${architecture}/plugins - ln -s $jrePath/lib/${architecture}/libnpjp2.so $jrePath/lib/${architecture}/plugins - ''; - - inherit installjdk pluginSupport; - - /** - * libXt is only needed on amd64 - */ - libraries = - [stdenv.gcc.libc glib libxml2 libav_0_8 ffmpeg libxslt mesa_noglu xlibs.libXxf86vm alsaLib fontconfig freetype gnome.pango gnome.gtk cairo gdk_pixbuf] ++ - (if swingSupport then [xlibs.libX11 xlibs.libXext xlibs.libXtst xlibs.libXi xlibs.libXp xlibs.libXt xlibs.libXrender stdenv.gcc.gcc] else []); - - passthru.mozillaPlugin = if installjdk then "/jre/lib/${architecture}/plugins" else "/lib/${architecture}/plugins"; - - meta.license = "unfree"; +import ./jdk-linux-base.nix { + productVersion = "7"; + patchVersion = "55"; + downloadUrl = http://www.oracle.com/technetwork/java/javase/downloads/jdk7-downloads-1880260.html; + sha256_i686 = "0y0v5ilbkdmf14jrvwa23x91rfdw90jji4y7hq0l494iy4wjnyc1"; + sha256_x86_64 = "15sncxhjasv5i6p7hfrr92xq5ph9g6g12i4m52vp45l031bw5y46"; + jceName = "UnlimitedJCEPolicyJDK7.zip"; + jceDownloadUrl = http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html; + sha256JCE = "7a8d790e7bd9c2f82a83baddfae765797a4a56ea603c9150c87b7cdb7800194d"; } - diff --git a/pkgs/development/compilers/jdk/jdk8-linux.nix b/pkgs/development/compilers/jdk/jdk8-linux.nix new file mode 100644 index 00000000000..0c3eed75f4c --- /dev/null +++ b/pkgs/development/compilers/jdk/jdk8-linux.nix @@ -0,0 +1,10 @@ +import ./jdk-linux-base.nix { + productVersion = "8"; + patchVersion = "5"; + downloadUrl = http://www.oracle.com/technetwork/java/javase/downloads/jdk8-downloads-2133151.html; + sha256_i686 = "779f83efb8dc9ce7c1143ba9bbd38fa2d8a1c49dcb61f7d36972d37d109c5fc9"; + sha256_x86_64 = "44901389e9fb118971534ad0f58558ba8c43f315b369117135bd6617ae631edc"; + jceName = "jce_policy-8.zip"; + jceDownloadUrl = http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html; + sha256JCE = "f3020a3922efd6626c2fff45695d527f34a8020e938a49292561f18ad1320b59"; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 3ba5f6d76db..9122c03e3ff 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -3025,10 +3025,14 @@ let oraclejdk7 = pkgs.oraclejdk7distro true false; + oraclejdk8 = pkgs.oraclejdk8distro true false; + oraclejre = lowPrio (pkgs.jdkdistro false false); oraclejre7 = lowPrio (pkgs.oraclejdk7distro false false); + oraclejre8 = lowPrio (pkgs.oraclejdk8distro false false); + jrePlugin = lowPrio (pkgs.jdkdistro false true); supportsJDK = @@ -3045,6 +3049,11 @@ let (if pluginSupport then appendToName "with-plugin" else x: x) (callPackage ../development/compilers/jdk/jdk7-linux.nix { inherit installjdk; }); + oraclejdk8distro = installjdk: pluginSupport: + assert supportsJDK; + (if pluginSupport then appendToName "with-plugin" else x: x) + (callPackage ../development/compilers/jdk/jdk8-linux.nix { inherit installjdk; }); + jikes = callPackage ../development/compilers/jikes { }; juliaGit = callPackage ../development/compilers/julia/git-20131013.nix { From 4f745ce8b27bbb3ca6fac8ad314bcc4bfd025f87 Mon Sep 17 00:00:00 2001 From: taku0 Date: Sun, 22 Jun 2014 21:37:09 +0900 Subject: [PATCH 026/166] oraclejdk8: Add support for grsecurity --- pkgs/development/compilers/jdk/jdk-linux-base.nix | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/pkgs/development/compilers/jdk/jdk-linux-base.nix b/pkgs/development/compilers/jdk/jdk-linux-base.nix index 1effcd88d35..b29ae826d88 100644 --- a/pkgs/development/compilers/jdk/jdk-linux-base.nix +++ b/pkgs/development/compilers/jdk/jdk-linux-base.nix @@ -12,6 +12,7 @@ , stdenv , requireFile , unzip +, file , xlibs ? null , installjdk ? true , pluginSupport ? true @@ -79,13 +80,23 @@ stdenv.mkDerivation rec { else abort "jdk requires i686-linux or x86_64 linux"; - buildInputs = if installjce then [ unzip ] else []; + nativeBuildInputs = [ file ] + ++ stdenv.lib.optional installjce unzip; # See: https://github.com/NixOS/patchelf/issues/10 dontStrip = 1; installPhase = '' cd .. + + # Set PaX markings + exes=$(file $sourceRoot/bin/* $sourceRoot/jre/bin/* 2> /dev/null | grep -E 'ELF.*(executable|shared object)' | sed -e 's/: .*$//') + for file in $exes; do + paxmark m "$file" + # On x86 for heap sizes over 700MB disable SEGMEXEC and PAGEEXEC as well. + ${stdenv.lib.optionalString stdenv.isi686 ''paxmark msp "$file"''} + done + if test -z "$installjdk"; then mv $sourceRoot/jre $out else From 21643702e7dc34c05e848caec57ff8d579a91697 Mon Sep 17 00:00:00 2001 From: taku0 Date: Sun, 22 Jun 2014 21:45:30 +0900 Subject: [PATCH 027/166] jdk7: update patchversion 55 -> 60. --- pkgs/development/compilers/jdk/jdk7-linux.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/development/compilers/jdk/jdk7-linux.nix b/pkgs/development/compilers/jdk/jdk7-linux.nix index feaf978137b..46544dc390f 100644 --- a/pkgs/development/compilers/jdk/jdk7-linux.nix +++ b/pkgs/development/compilers/jdk/jdk7-linux.nix @@ -1,9 +1,9 @@ import ./jdk-linux-base.nix { productVersion = "7"; - patchVersion = "55"; + patchVersion = "60"; downloadUrl = http://www.oracle.com/technetwork/java/javase/downloads/jdk7-downloads-1880260.html; - sha256_i686 = "0y0v5ilbkdmf14jrvwa23x91rfdw90jji4y7hq0l494iy4wjnyc1"; - sha256_x86_64 = "15sncxhjasv5i6p7hfrr92xq5ph9g6g12i4m52vp45l031bw5y46"; + sha256_i686 = "d736fb4fd7c8ef50b76411daa640c6feeb48a5c275d29a90ffeb916a78d47a48"; + sha256_x86_64 = "c7232b717573b057dbe828d937ee406b7a75fbc6aba7f1de98a049cbd42c6ae8"; jceName = "UnlimitedJCEPolicyJDK7.zip"; jceDownloadUrl = http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html; sha256JCE = "7a8d790e7bd9c2f82a83baddfae765797a4a56ea603c9150c87b7cdb7800194d"; From 64016c57e7a9201c89f28d917f81082002ee367f Mon Sep 17 00:00:00 2001 From: taku0 Date: Mon, 23 Jun 2014 22:03:11 +0900 Subject: [PATCH 028/166] add firefox-bin: the binary package for Firefox web browser --- .../browsers/firefox-bin/default.nix | 337 ++++++++++++++++++ .../browsers/firefox-bin/generate_nix.rb | 217 +++++++++++ pkgs/top-level/all-packages.nix | 7 + 3 files changed, 561 insertions(+) create mode 100644 pkgs/applications/networking/browsers/firefox-bin/default.nix create mode 100644 pkgs/applications/networking/browsers/firefox-bin/generate_nix.rb diff --git a/pkgs/applications/networking/browsers/firefox-bin/default.nix b/pkgs/applications/networking/browsers/firefox-bin/default.nix new file mode 100644 index 00000000000..b8e3124f185 --- /dev/null +++ b/pkgs/applications/networking/browsers/firefox-bin/default.nix @@ -0,0 +1,337 @@ +# This file is generated from generate_nix.rb +# Execute the following command in a temporary directory to update the file. +# +# ruby generate_nix.rb > default.nix + +{ stdenv, fetchurl, config +, alsaLib +, atk +, cairo +, cups +, dbus_glib +, dbus_libs +, fontconfig +, freetype +, gconf +, gdk_pixbuf +, glib +, glibc +, gst_plugins_base +, gstreamer +, gtk +, libX11 +, libXScrnSaver +, libXext +, libXinerama +, libXrender +, libXt +, libcanberra +, libgnome +, libgnomeui +, mesa +, nspr +, nss +, pango +, heimdal +, pulseaudio +, systemd +}: + +let + version = "30.0"; + sources = [ + { locale = "ach"; arch = "linux-i686"; sha256 = "44d2fc9d491b6c001e35cff6e5f1c38c8561d24f8fe2dfb4d79365bcabe965ea"; } + { locale = "ach"; arch = "linux-x86_64"; sha256 = "e9fb52a3b82a1434b7fa3bae606749819672c96ce8678c51f1fdbc68520e26bf"; } + { locale = "af"; arch = "linux-i686"; sha256 = "bfce74c891ea370ce4e0fe43d578c3c0050d2655fff7372806ed6be338b2c438"; } + { locale = "af"; arch = "linux-x86_64"; sha256 = "18408a9c3f3b8c4d9f8cfe067ac23ddcdd3d3a7a22892ba8d74de5679a064db6"; } + { locale = "an"; arch = "linux-i686"; sha256 = "601efbf7944408ba1ac35831eaa92c4910cd904bfadc32895ff8d756c70ae934"; } + { locale = "an"; arch = "linux-x86_64"; sha256 = "0ba4c272ebac9ecafe5dbfb7fbba1cd2790d126f5b1756ab9a323c94b644df0b"; } + { locale = "ar"; arch = "linux-i686"; sha256 = "23ea3168aea75b044fa217b78b01a2dc8c9dd92171d726c4a78c23cffc474469"; } + { locale = "ar"; arch = "linux-x86_64"; sha256 = "dae2c1634e17b8c3e276e4c758c4d4c3b1b0d6006adac8e420c13b6f09a6cf53"; } + { locale = "as"; arch = "linux-i686"; sha256 = "7d36bd4589556374822f2ab5dd102d557257b5e0b529d1c963f96e9ab6a08850"; } + { locale = "as"; arch = "linux-x86_64"; sha256 = "c13ccf3546bafcfeb41c33762e41af249306d4bcfd3ad7fc957db481372be0dc"; } + { locale = "ast"; arch = "linux-i686"; sha256 = "853310674d7011956d760883af15b8e343250f8fc3acb3067e0f5a3d978c06ff"; } + { locale = "ast"; arch = "linux-x86_64"; sha256 = "2b938081e8672ed5ae16c40c6300e585a26f54da278726f48b98f3ca3e065662"; } + { locale = "be"; arch = "linux-i686"; sha256 = "b9acce210f2adf188ba9a3d92774a846a263baa5e076bb9452b89ca5609d6ac8"; } + { locale = "be"; arch = "linux-x86_64"; sha256 = "dd2a33ee1ed8c848454b6e64a0c1527f193d070e4d867c4f13fa84f39c9bfecd"; } + { locale = "bg"; arch = "linux-i686"; sha256 = "ee060cd395ef28bbad4be74aa42e2a51e7ad866183d139bffbcc7634dc94d738"; } + { locale = "bg"; arch = "linux-x86_64"; sha256 = "11a5dd807083da8c3132d9d6518dc674642418eff1fccf68e451ac67b90f141a"; } + { locale = "bn-BD"; arch = "linux-i686"; sha256 = "339d286f7f8f469bb6f9f85a8b21a745ecc42717dc91c21c7db88822e9be661a"; } + { locale = "bn-BD"; arch = "linux-x86_64"; sha256 = "fc3f06743a84a7684e43cd4efedb02a126dd119f6141da49c6120f1bbcdf9392"; } + { locale = "bn-IN"; arch = "linux-i686"; sha256 = "c585982368f258a8a728f782c37428311f0b6a6512231c077a439dd93645c3a2"; } + { locale = "bn-IN"; arch = "linux-x86_64"; sha256 = "00b9af4425050ec42b4a45a3c4a16700edcc66297331b601950fb81421ef8eb4"; } + { locale = "br"; arch = "linux-i686"; sha256 = "b86d944592f16f5f0e558106e3464248e3d686f45527a40fb64aaa79d9f73422"; } + { locale = "br"; arch = "linux-x86_64"; sha256 = "b894c12508f0b0a892154ea61fb2bb01947929041a63518f7c405ed976cc4d3f"; } + { locale = "bs"; arch = "linux-i686"; sha256 = "f7da0fead608f63c4a5be92fed9e0109fbe7288948d15dde05e10bba80b47743"; } + { locale = "bs"; arch = "linux-x86_64"; sha256 = "1cb090f9b16bcae95055377bc14a531697c480ad50e3a098dbd572770924d558"; } + { locale = "ca"; arch = "linux-i686"; sha256 = "0b36330715f8909e1515c535a06f4e3fdd7660de11b3424b4ce88f336561935f"; } + { locale = "ca"; arch = "linux-x86_64"; sha256 = "c6e9e545d09e589fd5fbfd2c6482a5ef366c470e294823b3ba05c5e728bca2c2"; } + { locale = "cs"; arch = "linux-i686"; sha256 = "ff1ca239be0e99b923c63c5bbc425dd2989bc40dbdc82dd731d7173fd539406a"; } + { locale = "cs"; arch = "linux-x86_64"; sha256 = "fe8472d6a4bf9fcda3caef51449fc3e20e1fbadbb772b330a012ffa7219afae3"; } + { locale = "csb"; arch = "linux-i686"; sha256 = "db1b7dbc7b0cd564a04b3a37827e8d77277cd7ba6a59403c45115d34e637f463"; } + { locale = "csb"; arch = "linux-x86_64"; sha256 = "023dd75e02f41a2ce9991fb40a8a46767f1a10da876a390035a084c5b97bd9d2"; } + { locale = "cy"; arch = "linux-i686"; sha256 = "9a6ac60099b03bdeb71c1a7739dafeff4b1682ffc43997191196e1f590421afa"; } + { locale = "cy"; arch = "linux-x86_64"; sha256 = "a5f2030fb08c0dd6dff95310209ed7c6ee613680dd500f00e30e26c547f9c249"; } + { locale = "da"; arch = "linux-i686"; sha256 = "99a893ac19b0ca28177c8957d7296e6deef9ddb36a6b5b17823cb1e6fc9ec683"; } + { locale = "da"; arch = "linux-x86_64"; sha256 = "69f29e795f203fe47e22daf1259c2ecfb39c362babefbbccb31405f4632f236b"; } + { locale = "de"; arch = "linux-i686"; sha256 = "925aac0800ce63a88fadc945da40b00ed6dde327637821518a372d7affb6e450"; } + { locale = "de"; arch = "linux-x86_64"; sha256 = "d86c5d2102a95ff5a6e580a1ca7af25c2f470211182ef70e988b29b195be6dd4"; } + { locale = "el"; arch = "linux-i686"; sha256 = "af07fac82dea32d33bd6bc440e2a645eb160d196cf0d4883b878d3d2c584f81a"; } + { locale = "el"; arch = "linux-x86_64"; sha256 = "fcc96c25422837f19f9ff6cde02c81c4a5a3b7c8e6809b90c8761519571db1f6"; } + { locale = "en-GB"; arch = "linux-i686"; sha256 = "758f7bb669743d6067e416c26f43806b16ddd16511a6818373e70960cbbd7151"; } + { locale = "en-GB"; arch = "linux-x86_64"; sha256 = "d46ba3d642bf43fca46dfb29efb5d08a15f114eb9facc868e86c31f7c9c98014"; } + { locale = "en-US"; arch = "linux-i686"; sha256 = "4bca44a1ba94bf5616f7ea650e37cd3e5a719546def9e4a08ee88aedbc3a4db6"; } + { locale = "en-US"; arch = "linux-x86_64"; sha256 = "3303cc600153d0198dace9826b6883aa510d4e380aa985b092b1da67ad865625"; } + { locale = "en-ZA"; arch = "linux-i686"; sha256 = "13736870573863aab644bf2be2219fe4b5c6bde4bd79b84f22e12d39e7cda6e0"; } + { locale = "en-ZA"; arch = "linux-x86_64"; sha256 = "7e88fa9f355f6787d38e75d86d5b592a1a2cec208255f276887f53a12beb9e97"; } + { locale = "eo"; arch = "linux-i686"; sha256 = "ae4446e223c0169dd0b56db58760fdb323a2bec8135e45c79d385d895b64cee8"; } + { locale = "eo"; arch = "linux-x86_64"; sha256 = "202f61dd8e5506594ae70bbee9150d86c8037887f8345871dc5c1c9e498b1d66"; } + { locale = "es-AR"; arch = "linux-i686"; sha256 = "8fb276ed26fd46fceb029fbade706cb6e55d2958f03400ec1290784c533888c4"; } + { locale = "es-AR"; arch = "linux-x86_64"; sha256 = "78130525d30d7c592bb63d7cedf3ab5db804d457c4d127d90b93d94501ad7b3c"; } + { locale = "es-CL"; arch = "linux-i686"; sha256 = "ef6bf393a681f4a08031eeda61bba3614ebfab222fed43f9f8b21cfa8eb3862e"; } + { locale = "es-CL"; arch = "linux-x86_64"; sha256 = "e56224bca0ebfab9eedecafafd792e48cb67e3f8741c4d5a94c8f74f634cecf6"; } + { locale = "es-ES"; arch = "linux-i686"; sha256 = "9e007e6aa0f8aa3d1fac5dc13e98f81c23e6ff1e574545c021f8f7feeff86ce2"; } + { locale = "es-ES"; arch = "linux-x86_64"; sha256 = "d4ff94f46fd086300992a30a1c4a8aa97ad7164d6cd26e82b20b5d0680b38169"; } + { locale = "es-MX"; arch = "linux-i686"; sha256 = "9db42a0557838b23ac4937adfec407804e624e679e9ffd6da739d17cdfbaab78"; } + { locale = "es-MX"; arch = "linux-x86_64"; sha256 = "d42d619d6da78d0bbcb32b0a93a2eaa623eadb3a5af43e5b8b14400e6e969779"; } + { locale = "et"; arch = "linux-i686"; sha256 = "5947822f3f02bd4ba530ad978de1a9d237981e3abdf1598e44095c650794d1ff"; } + { locale = "et"; arch = "linux-x86_64"; sha256 = "7521a4db287bb928f50b64817f3631e96ea4cead81b1a84ab7c3b930b3450e86"; } + { locale = "eu"; arch = "linux-i686"; sha256 = "44095e98e74205fa012a2c0c636de3fe9cfb79d5729abf15214c1e7734946014"; } + { locale = "eu"; arch = "linux-x86_64"; sha256 = "2032dfbc82a9aca1a2f4cf67e6089400bf305d13906f048c5c9b906a7201a9fb"; } + { locale = "fa"; arch = "linux-i686"; sha256 = "469b8008287c93e152e762e82fb61644384c1e2631a6c45033503652daed09b1"; } + { locale = "fa"; arch = "linux-x86_64"; sha256 = "61ea0d8941d22083f918d014d56a613788d1f4f549e5a62d50a1f9071439a36f"; } + { locale = "ff"; arch = "linux-i686"; sha256 = "81a0083e5e4136e3ab3e6db0e2adcedfae7572722655a9cb8b9ca388c6057342"; } + { locale = "ff"; arch = "linux-x86_64"; sha256 = "0efe16da918288754a3af816d72448a73690eb71b110cf3ff0586ee7505b9735"; } + { locale = "fi"; arch = "linux-i686"; sha256 = "a0ee069e7c3100b921aab7c54c5d32741df4e058f52cb7f42acb2643bd534b30"; } + { locale = "fi"; arch = "linux-x86_64"; sha256 = "55c84d504603d648e7d72a2fb8badb0bc9148cb376bb0cc6054f091867cb2613"; } + { locale = "fr"; arch = "linux-i686"; sha256 = "9c9abea13db23ef5ef8c9a3ccb5a0702b44a8db2402f43f01a478eb61e7ddf34"; } + { locale = "fr"; arch = "linux-x86_64"; sha256 = "ce26fc67cbc2031880ffa3529a59ca4122016258ab1c023e23247c26308b6a3e"; } + { locale = "fy-NL"; arch = "linux-i686"; sha256 = "4a734880ed65a207d98630647a341644df4f68149c50ce5e683bb21b5c27f2c6"; } + { locale = "fy-NL"; arch = "linux-x86_64"; sha256 = "bace955c686456d7894ca7bc1cf854eb158d6183050318efc73768e232c9a413"; } + { locale = "ga-IE"; arch = "linux-i686"; sha256 = "4801f40ebd820b8f229cfcd04a04351fcee9f78268af1c9863089ef6c64d736a"; } + { locale = "ga-IE"; arch = "linux-x86_64"; sha256 = "c417c0182e6f706473bc4b7cf8c14aec96f96e21c17b8593b71ff38c97f7e9d2"; } + { locale = "gd"; arch = "linux-i686"; sha256 = "15a9d316d472d2918eff0c6f02600e40a8f62d7ef53ab14c57537fdda0b5257a"; } + { locale = "gd"; arch = "linux-x86_64"; sha256 = "8fcdcf093148222865a905586774dae5d805ef22c01afadeaabe3f0c7b315dba"; } + { locale = "gl"; arch = "linux-i686"; sha256 = "83b0ccfe7cf7166899d17b2c9b1ea8effda9cf02024698f8db8f943a388bb3dc"; } + { locale = "gl"; arch = "linux-x86_64"; sha256 = "550026595e6e59405b5869183af056ba5a60a303270f1a176ef25e3db1c70289"; } + { locale = "gu-IN"; arch = "linux-i686"; sha256 = "7e7dc86fa805808931ba57455b99c9273a4b0aa60998affce3c4b06f0ae7fc70"; } + { locale = "gu-IN"; arch = "linux-x86_64"; sha256 = "e0f35d7fe7875785e3749131cf86c5cbea5cbd7b3abd2c2c69f5f8376d3e53d7"; } + { locale = "he"; arch = "linux-i686"; sha256 = "5c200c8da3209c2120a8576c30ab609331b52807d0640daaa1a70f665c776969"; } + { locale = "he"; arch = "linux-x86_64"; sha256 = "6923a64d1ac5453453f148d38f116faca41be5b1d0a13d4f128bb73db67cb8e2"; } + { locale = "hi-IN"; arch = "linux-i686"; sha256 = "6a7e5d06169d6dd87e505012604c93a28440156a3f81e6fe24d567f9c2b2a919"; } + { locale = "hi-IN"; arch = "linux-x86_64"; sha256 = "56801593b9dd5ecefed8d7eaf438879dd23006ffff9a31c543861259dedf8263"; } + { locale = "hr"; arch = "linux-i686"; sha256 = "4573cd0269639d122496bcaf842d8c741f4d54e8f57d0690b97d8e7e86ee7e74"; } + { locale = "hr"; arch = "linux-x86_64"; sha256 = "753984384829229601fbe55d0b6615f3432fdf9babe908fb642f6ac79c749727"; } + { locale = "hu"; arch = "linux-i686"; sha256 = "c330478e6e77eff117bce58e17661b83a30308f0a680f648fbf06d1c00f3883c"; } + { locale = "hu"; arch = "linux-x86_64"; sha256 = "9d118ba236aa7a9b517278c375aa4e4fa65f85c71b8bea9c41702f6ae7b815cb"; } + { locale = "hy-AM"; arch = "linux-i686"; sha256 = "48c1691073b6ede77f5c5d5ae07af7372f17b9f52fd92950c2cca0a01b3b340e"; } + { locale = "hy-AM"; arch = "linux-x86_64"; sha256 = "beda26cefeeeeee59ea52fdd28e1e3025ca4cc3124541fc6825100a61eb398d8"; } + { locale = "id"; arch = "linux-i686"; sha256 = "8cf6d0bc2d4bcc68a5ddc935c3bd6ed19a63284dc3227e849be729645a6171d4"; } + { locale = "id"; arch = "linux-x86_64"; sha256 = "8be5900b83840871ffb6faba08fea9b35f9f396cae08b228c68e333719fb819f"; } + { locale = "is"; arch = "linux-i686"; sha256 = "7c167389105063b84d507b09c689fa18bf854fd695010c8273b9711b21a24034"; } + { locale = "is"; arch = "linux-x86_64"; sha256 = "c79321c83c9e654f6eaf96ddf5d24f279d517fbf35dfdf923acf026124919598"; } + { locale = "it"; arch = "linux-i686"; sha256 = "a3eb17e0eda3cbf8ffbbd1ecd1716929ac87a801f060dd8ed5291298667775a9"; } + { locale = "it"; arch = "linux-x86_64"; sha256 = "3742453f0748911b393fed804e5827f014cc595a9df4516438dfa163d5050411"; } + { locale = "ja"; arch = "linux-i686"; sha256 = "fa030c64e04766ae5200370586c08b2f25627343586cd8a0486e583f345c466e"; } + { locale = "ja"; arch = "linux-x86_64"; sha256 = "fddeae03ffdfef0f6cc999807e001ea931c15b1833da48655bcb5845f1e017a3"; } + { locale = "kk"; arch = "linux-i686"; sha256 = "39d94b10fa751faf7423e5d43cd07ef4485ff26e21e47d106d2268058e2f33d9"; } + { locale = "kk"; arch = "linux-x86_64"; sha256 = "1dc7138dd5c08088479c5e7e8054d7ed640504860a0043ecea2c8b0c9c1892f9"; } + { locale = "km"; arch = "linux-i686"; sha256 = "0d12a305de4a63fc6c6394bd4044f44ca3626cbc41ca9ef1adad6d5041f6f1fd"; } + { locale = "km"; arch = "linux-x86_64"; sha256 = "7710091695dd100b7f33585fce58c54fec462a96540a7d791f1935088f21fadf"; } + { locale = "kn"; arch = "linux-i686"; sha256 = "b039e6a1114522ccae10b89ab794a222966fbf0914513b3c14f05c082a78b922"; } + { locale = "kn"; arch = "linux-x86_64"; sha256 = "cf82965b25d3990a57d861d688f1bd69e5b069fe281937274060ebe36ddbb8a6"; } + { locale = "ko"; arch = "linux-i686"; sha256 = "8b9378d39d7b42852c2bb537b0e85312760c343e6485826ed949ab4617293025"; } + { locale = "ko"; arch = "linux-x86_64"; sha256 = "4b946a0cbedad2b8d0c3598c04eeb058cea05d6d7e6388e4cfa3146a40f7c449"; } + { locale = "ku"; arch = "linux-i686"; sha256 = "11950c4a54c6a165e924fb6e68bcc46d63b5fddfcd2561c58a0ce401c0146d36"; } + { locale = "ku"; arch = "linux-x86_64"; sha256 = "37a07a4e059580c31433b419bcd61d928ad1db7e607cf8443378472d54b61b78"; } + { locale = "lij"; arch = "linux-i686"; sha256 = "c0efca49f31800a3773b0d05add56b195d1cbea287108803bb1ef5249a0dc94f"; } + { locale = "lij"; arch = "linux-x86_64"; sha256 = "6e4b2d8c5e9942bc469f722110ba310b2ccdc4dda6e3baee93ae54012ae658a2"; } + { locale = "lt"; arch = "linux-i686"; sha256 = "acde9010aa815f6645868b03f3d68d9a24c450ed830f063e2846ac1219ee628b"; } + { locale = "lt"; arch = "linux-x86_64"; sha256 = "c2491cd3e5d11c302d7ec3191d646e2073c46f69966fc382901a93d16fb0c902"; } + { locale = "lv"; arch = "linux-i686"; sha256 = "7411de62c4d8c01c8bb15b3f2dfc2e2ed17755e2f9856ead8e5e0fd05971ffd5"; } + { locale = "lv"; arch = "linux-x86_64"; sha256 = "e8e57e629396eb180e0041a50ae98ecb2292f514d423423748e4d4cebc54fb59"; } + { locale = "mai"; arch = "linux-i686"; sha256 = "26a053e48f4e6f04e4856a0dcb26e577a6ddb99afc883786d9c260d57e5e4a6d"; } + { locale = "mai"; arch = "linux-x86_64"; sha256 = "86be2c736aa5ccf926d44f24afdb2d40c28444b5bd6cf090f9a847199b38b492"; } + { locale = "mk"; arch = "linux-i686"; sha256 = "dcf7759bcde70158298ad9e2434e37d4e8240e00589a83dd8dbba53c35466a58"; } + { locale = "mk"; arch = "linux-x86_64"; sha256 = "056297d6404794a8da78aeceb620b0ebbcb38a693ee1079cc02e4d0411e40ec3"; } + { locale = "ml"; arch = "linux-i686"; sha256 = "2d632b3a5b60f18955906adca80b7ac7af3bfa39d03afd308efd1136cfc8971d"; } + { locale = "ml"; arch = "linux-x86_64"; sha256 = "b54a9d47cadeae4f92d22a362ca887a18a16ef64500149ac8eb9355dbbe5971b"; } + { locale = "mr"; arch = "linux-i686"; sha256 = "e66b22488bf2c772fa6d29cf43f3e9c1aa2a1a867620a1144af8cb92c2647651"; } + { locale = "mr"; arch = "linux-x86_64"; sha256 = "da982205e9b659dd66ab05ca815324642bed2117e668e67ad620bb2d87c5d1c8"; } + { locale = "ms"; arch = "linux-i686"; sha256 = "ad39ffa6d6d765c1e983d885f5d139a28e481d536068d517b4807137fa8d3036"; } + { locale = "ms"; arch = "linux-x86_64"; sha256 = "fb1b6ed5e2e7247beb69f3d0ad937f76ce7c1107ccdad742ff5085d4b3a8da98"; } + { locale = "nb-NO"; arch = "linux-i686"; sha256 = "5220da4627863f9fa1c11886e9c19c315547afafa96c98b22a1a4359c75f1056"; } + { locale = "nb-NO"; arch = "linux-x86_64"; sha256 = "5f9d60faadc7b76b010cd9cf35922b1881377b535e8afc5d9b974651156df866"; } + { locale = "nl"; arch = "linux-i686"; sha256 = "357b28841ea861b8297a4986460d1d265b27202c37bb296dcc69224f9b07fc51"; } + { locale = "nl"; arch = "linux-x86_64"; sha256 = "9a8505da2fe045ab6c2a2277d2d043374a26f106a5966b00f42e22fb26cf929a"; } + { locale = "nn-NO"; arch = "linux-i686"; sha256 = "f115bb50d1e052584caf7363db875ae222ee37449fa151e2f313c157a6274d76"; } + { locale = "nn-NO"; arch = "linux-x86_64"; sha256 = "2e7829a8a20c946bddce13b7b3d1b3600f90d90d2438f3eb69188d47203b264d"; } + { locale = "or"; arch = "linux-i686"; sha256 = "9ad48bdf2b7f1deedb05bdcc49740d5075ebf6ec228d82a7ed455c6bb36d7cb0"; } + { locale = "or"; arch = "linux-x86_64"; sha256 = "a007bc73fb1ea7765016e9faebac2c4f5e0111a45b3d75d1e55f4de8931796a2"; } + { locale = "pa-IN"; arch = "linux-i686"; sha256 = "8a38d2b1516ed4b58e36d266cd25a5bd10548f9e412076c9b4f1f27256c98c2a"; } + { locale = "pa-IN"; arch = "linux-x86_64"; sha256 = "664fa562261532d0f6bad10b84e15d47b69073768c2d12986c8d776eb1af8ddd"; } + { locale = "pl"; arch = "linux-i686"; sha256 = "3bb8963f1e3dcdb22cc55feebb2583fefd6f3760f4e6f2cc754174079d4ca07f"; } + { locale = "pl"; arch = "linux-x86_64"; sha256 = "710f1d86d2974d6ad3c63ebc0873518fd59f218ba07b27d06fb75c83af2c632e"; } + { locale = "pt-BR"; arch = "linux-i686"; sha256 = "cd2fafbd2291bad8481c4086db3c2973a7869b28a5e68a5ff199079814c6b3fc"; } + { locale = "pt-BR"; arch = "linux-x86_64"; sha256 = "f0ba5dc2366757841afb9c9f7799c40667304c36efe7da284202e8e7a45aa1fc"; } + { locale = "pt-PT"; arch = "linux-i686"; sha256 = "051af14810ad0cee4487757833f1f5b4a6f6f903f3cecf00d00410c1324d9ce4"; } + { locale = "pt-PT"; arch = "linux-x86_64"; sha256 = "82102b33dc1989bc3aa49da3915baf7e4012afe6e4bd7f80a301dfe847f3dbbe"; } + { locale = "rm"; arch = "linux-i686"; sha256 = "02051668e46d98f4e2e5becc3192f6173dfdf3a48cc82264c5821be06c5e12a0"; } + { locale = "rm"; arch = "linux-x86_64"; sha256 = "9600c1d272785b946058ffac9e57a8b1701d065f24fa940ad22e4b5aec2efad9"; } + { locale = "ro"; arch = "linux-i686"; sha256 = "7f17cbd3041396135eee08eac597c8c6a936e5a33d67d2b5de8ae157a56719ad"; } + { locale = "ro"; arch = "linux-x86_64"; sha256 = "ba1de85abe53a7d66f6311d6a202d91f86e871bace168cf60a759ab0e17eccdb"; } + { locale = "ru"; arch = "linux-i686"; sha256 = "9dcd0c2b5671fc5849b01f2932504a7217fca9a4b4eca8e9b6ff8f5a146517e2"; } + { locale = "ru"; arch = "linux-x86_64"; sha256 = "725214900968e4e648d3d13635bf72d34910eb31a30b83a3e7ba9c5c4085c2d7"; } + { locale = "si"; arch = "linux-i686"; sha256 = "d22ed75aa727351efcdba1cffe8e24ff305943c9a3072cac08b004677cf6a028"; } + { locale = "si"; arch = "linux-x86_64"; sha256 = "89d60c682413949a6dad4b7fd49cc4508c4e067fe5847c5f21d5e25a953f195f"; } + { locale = "sk"; arch = "linux-i686"; sha256 = "4ecbc58df00eaf4fafb1c33a93493bdd3e544562a67c60e2d4d93da90d369261"; } + { locale = "sk"; arch = "linux-x86_64"; sha256 = "75baa2c5153e282e2671d6222b7fc8c3b9cfc2b9ee0a595a4451fd314a928fb4"; } + { locale = "sl"; arch = "linux-i686"; sha256 = "53e2ae3525d0bd2005a86bf7ed3f27ca66906ddfceb85a738bd60e46ba2df773"; } + { locale = "sl"; arch = "linux-x86_64"; sha256 = "2dcc5592a49767dc3f2a7d40387bb550fd36724419ff567f9d107e32b2cf2d6d"; } + { locale = "son"; arch = "linux-i686"; sha256 = "d3b7372c59b21d0393768197517b3666ab78705b04a6e84a3345da031bad3776"; } + { locale = "son"; arch = "linux-x86_64"; sha256 = "fc017e7a18701880c7a54c23a0f77a6521aae17880dbc562e2b37167ba918fa0"; } + { locale = "sq"; arch = "linux-i686"; sha256 = "7f9c9100c559ebfbfff35adc694199079930f4bf9f1f6a820c0e17d80ea0e12b"; } + { locale = "sq"; arch = "linux-x86_64"; sha256 = "0f3fcddabab8263eb4c238942c45c0b5efc20c169948da24c56ed401a85209dc"; } + { locale = "sr"; arch = "linux-i686"; sha256 = "6281e2f849b3c530ff383cfd4cdc4ab06115362c3d57ba8133a9f799af08e815"; } + { locale = "sr"; arch = "linux-x86_64"; sha256 = "368ca83faa5ef3640f71d977916614369ebac1622681e828b75e9abf6ebeb425"; } + { locale = "sv-SE"; arch = "linux-i686"; sha256 = "9f77f497fc3e8c585bd546c0bb95c92f9f37d683e092c0762b3fe0022b6d39b5"; } + { locale = "sv-SE"; arch = "linux-x86_64"; sha256 = "0aa21764f0ca58591e3cfebba75196edd51a8fdbadb738f036994178c9612a67"; } + { locale = "ta"; arch = "linux-i686"; sha256 = "463ce70405d84945c201cca56c84171e097e6a0420d38cd453a0836fad82f09c"; } + { locale = "ta"; arch = "linux-x86_64"; sha256 = "db7e78bc1f4bcb573474806d19324eca58f42008fb0b0fa856f701f1430aeefd"; } + { locale = "te"; arch = "linux-i686"; sha256 = "18643daf675f8ef9785a0039d012c3a8ce96f4d228426651c5f09c292cbfb335"; } + { locale = "te"; arch = "linux-x86_64"; sha256 = "d9f8a260fc47b608fd523c61e9c6981776997f4b7fc247e794be32d177abfbc0"; } + { locale = "th"; arch = "linux-i686"; sha256 = "e03b80d55d2a545ab3219c5e88ed6b7d6974945e32321a2fc96039a6996638f6"; } + { locale = "th"; arch = "linux-x86_64"; sha256 = "0416fd2b7e7ddde59a101fcba8258622a83b739effb327984fa8405e634c2121"; } + { locale = "tr"; arch = "linux-i686"; sha256 = "75a49ce141c9a04254185b62af72c7e8c214e19e5257ff308b294aee6ac49a28"; } + { locale = "tr"; arch = "linux-x86_64"; sha256 = "0845a554b299b848d35894144d3ba5c7e0b808bcc9b2732e904463258ca73cb7"; } + { locale = "uk"; arch = "linux-i686"; sha256 = "a89f58c0f20a3ff7e609f572a4786f06b48886b7e2d303824417f42af49c8df2"; } + { locale = "uk"; arch = "linux-x86_64"; sha256 = "b45768588aaf80917c8ad40d62835cc96c3dadf97715234e66542b96eeb8db8e"; } + { locale = "vi"; arch = "linux-i686"; sha256 = "3fc35e59ecbbdf1b76b5b66e962a60eb724d9514d622879108725bcf7881fd1e"; } + { locale = "vi"; arch = "linux-x86_64"; sha256 = "88116edeeecbfe1ac03af0da26aff84bc3aa5ba00574e899ec08e0d68243f509"; } + { locale = "xh"; arch = "linux-i686"; sha256 = "a3afd3ac14049c72a9be28fb9a0849e4d3c5c2f13cb160c480988c4231679329"; } + { locale = "xh"; arch = "linux-x86_64"; sha256 = "569587e9cc4cd99899d2939367d56f2e4e9ae333b583064a648f05a8b0b58e2c"; } + { locale = "zh-CN"; arch = "linux-i686"; sha256 = "358e44998142e56356b839a51dff97fe85e6293424bd0c148decf61f01b6125b"; } + { locale = "zh-CN"; arch = "linux-x86_64"; sha256 = "7b5a84dbbe361a775aaadad8fd328e24f6cf2e336297f1d5906f51ff5d3dfae7"; } + { locale = "zh-TW"; arch = "linux-i686"; sha256 = "cf2cb9bed37dffe178a524ef5fe983e0e8b18f17c999e98474ae13e012da54da"; } + { locale = "zh-TW"; arch = "linux-x86_64"; sha256 = "aa0f1c5fb96dc4585e70fbcc291c6842be25e5d59be8bf39e8dc0232e9f1a76c"; } + { locale = "zu"; arch = "linux-i686"; sha256 = "775f6507ae8d6c2ef6e29e6b4d00453dcf9a0c9651eb9da482c78b5ebe64f2cd"; } + { locale = "zu"; arch = "linux-x86_64"; sha256 = "603510372a52497a8e41468dbc193afa25b0615f504f4548201deb89f27bd354"; } + ]; + + arch = if stdenv.system == "i686-linux" + then "linux-i686" + else "linux-x86_64"; + + isPrefixOf = prefix: string: + builtins.substring 0 (builtins.stringLength prefix) string == prefix; + + sourceMatches = locale: source: + (isPrefixOf source.locale locale) && source.arch == arch; + + systemLocale = config.i18n.defaultLocale or "en-US"; + + defaultSource = stdenv.lib.findFirst (sourceMatches "en-US") {} sources; + + source = stdenv.lib.findFirst (sourceMatches systemLocale) defaultSource sources; + +in + +stdenv.mkDerivation { + name = "firefox-bin-${version}"; + + src = fetchurl { + url = "http://download-installer.cdn.mozilla.net/pub/firefox/releases/${version}/${source.arch}/${source.locale}/firefox-${version}.tar.bz2"; + inherit (source) sha256; + }; + + phases = "unpackPhase installPhase"; + + libPath = stdenv.lib.makeLibraryPath + [ stdenv.gcc.gcc + alsaLib + atk + cairo + cups + dbus_glib + dbus_libs + fontconfig + freetype + gconf + gdk_pixbuf + glib + glibc + gst_plugins_base + gstreamer + gtk + libX11 + libXScrnSaver + libXext + libXinerama + libXrender + libXt + libcanberra + libgnome + libgnomeui + mesa + nspr + nss + pango + heimdal + pulseaudio + systemd + ] + ":" + stdenv.lib.makeSearchPath "lib64" [ + stdenv.gcc.gcc + ]; + + # "strip" after "patchelf" may break binaries. + # See: https://github.com/NixOS/patchelf/issues/10 + dontStrip = 1; + + installPhase = + '' + mkdir -p "$prefix/usr/lib/firefox-bin-${version}" + cp -r * "$prefix/usr/lib/firefox-bin-${version}" + + mkdir -p "$out/bin" + ln -s "$prefix/usr/lib/firefox-bin-${version}/firefox" "$out/bin/" + + for executable in \ + firefox mozilla-xremote-client firefox-bin plugin-container \ + updater crashreporter webapprt-stub + do + patchelf --interpreter "$(cat $NIX_GCC/nix-support/dynamic-linker)" \ + "$out/usr/lib/firefox-bin-${version}/$executable" + done + + for executable in \ + firefox mozilla-xremote-client firefox-bin plugin-container \ + updater crashreporter webapprt-stub libxul.so + do + patchelf --set-rpath "$libPath" \ + "$out/usr/lib/firefox-bin-${version}/$executable" + done + + # Create a desktop item. + mkdir -p $out/share/applications + cat > $out/share/applications/firefox.desktop < default.nix + +{ stdenv, fetchurl, config +, alsaLib +, atk +, cairo +, cups +, dbus_glib +, dbus_libs +, fontconfig +, freetype +, gconf +, gdk_pixbuf +, glib +, glibc +, gst_plugins_base +, gstreamer +, gtk +, libX11 +, libXScrnSaver +, libXext +, libXinerama +, libXrender +, libXt +, libcanberra +, libgnome +, libgnomeui +, mesa +, nspr +, nss +, pango +, heimdal +, pulseaudio +, systemd +}: + +let + version = "#{real_version}"; + sources = [ +EOH + +locale_arch_path_tuples.zip(hashes) do |tuple, hash| + locale, arch, path = tuple + + puts(%Q| { locale = "#{locale}"; arch = "#{arch}"; sha256 = "#{hash}"; }|) +end + +puts(<<'EOF') + ]; + + arch = if stdenv.system == "i686-linux" + then "linux-i686" + else "linux-x86_64"; + + isPrefixOf = prefix: string: + builtins.substring 0 (builtins.stringLength prefix) string == prefix; + + sourceMatches = locale: source: + (isPrefixOf source.locale locale) && source.arch == arch; + + systemLocale = config.i18n.defaultLocale or "en-US"; + + defaultSource = stdenv.lib.findFirst (sourceMatches "en-US") {} sources; + + source = stdenv.lib.findFirst (sourceMatches systemLocale) defaultSource sources; + +in + +stdenv.mkDerivation { + name = "firefox-bin-${version}"; + + src = fetchurl { + url = "http://download-installer.cdn.mozilla.net/pub/firefox/releases/${version}/${source.arch}/${source.locale}/firefox-${version}.tar.bz2"; + inherit (source) sha256; + }; + + phases = "unpackPhase installPhase"; + + libPath = stdenv.lib.makeLibraryPath + [ stdenv.gcc.gcc + alsaLib + atk + cairo + cups + dbus_glib + dbus_libs + fontconfig + freetype + gconf + gdk_pixbuf + glib + glibc + gst_plugins_base + gstreamer + gtk + libX11 + libXScrnSaver + libXext + libXinerama + libXrender + libXt + libcanberra + libgnome + libgnomeui + mesa + nspr + nss + pango + heimdal + pulseaudio + systemd + ] + ":" + stdenv.lib.makeSearchPath "lib64" [ + stdenv.gcc.gcc + ]; + + # "strip" after "patchelf" may break binaries. + # See: https://github.com/NixOS/patchelf/issues/10 + dontStrip = 1; + + installPhase = + '' + mkdir -p "$prefix/usr/lib/firefox-bin-${version}" + cp -r * "$prefix/usr/lib/firefox-bin-${version}" + + mkdir -p "$out/bin" + ln -s "$prefix/usr/lib/firefox-bin-${version}/firefox" "$out/bin/" + + for executable in \ + firefox mozilla-xremote-client firefox-bin plugin-container \ + updater crashreporter webapprt-stub + do + patchelf --interpreter "$(cat $NIX_GCC/nix-support/dynamic-linker)" \ + "$out/usr/lib/firefox-bin-${version}/$executable" + done + + for executable in \ + firefox mozilla-xremote-client firefox-bin plugin-container \ + updater crashreporter webapprt-stub libxul.so + do + patchelf --set-rpath "$libPath" \ + "$out/usr/lib/firefox-bin-${version}/$executable" + done + + # Create a desktop item. + mkdir -p $out/share/applications + cat > $out/share/applications/firefox.desktop < Date: Sun, 8 Jun 2014 20:43:16 -0500 Subject: [PATCH 029/166] nasm: 2.11.01 -> 2.11.05 --- pkgs/development/compilers/nasm/default.nix | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/pkgs/development/compilers/nasm/default.nix b/pkgs/development/compilers/nasm/default.nix index 8098b9d278f..8219882a2a2 100644 --- a/pkgs/development/compilers/nasm/default.nix +++ b/pkgs/development/compilers/nasm/default.nix @@ -1,11 +1,12 @@ { stdenv, fetchurl }: stdenv.mkDerivation rec { - name = "nasm-2.11.01"; + name = "nasm-${version}"; + version = "2.11.05"; src = fetchurl { - url = "http://www.nasm.us/pub/nasm/releasebuilds/2.11.01/${name}.tar.bz2"; - sha256 = "0p0rhq18in2hyv3gircgxj72n2b1mvr8bvjlqscpaz8m62cyvam7"; + url = "http://www.nasm.us/pub/nasm/releasebuilds/${version}/${name}.tar.bz2"; + sha256 = "1sgspnascc0asmwlv3jm1mq4vzx653sa7vlg48z20pfybk7pnhaa"; }; meta = { From 565f67b15d16861ff386488facaff4a451766875 Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Wed, 18 Jun 2014 19:39:47 -0500 Subject: [PATCH 030/166] gnu-efi: Update 3.0u -> 3.0v Additionally, create the include directories so that install populates them. --- .../development/libraries/gnu-efi/default.nix | 31 ++++++++++--------- 1 file changed, 16 insertions(+), 15 deletions(-) diff --git a/pkgs/development/libraries/gnu-efi/default.nix b/pkgs/development/libraries/gnu-efi/default.nix index 07c3c668793..f038883bd67 100644 --- a/pkgs/development/libraries/gnu-efi/default.nix +++ b/pkgs/development/libraries/gnu-efi/default.nix @@ -1,23 +1,15 @@ -{ stdenv -, fetchurl -}: +{ stdenv, fetchurl }: -let version = "3.0u"; in stdenv.mkDerivation { - - name = "gnu-efi-${version}"; +stdenv.mkDerivation rec { + name = "gnu-efi_${version}"; + version = "3.0v"; src = fetchurl { - url = "mirror://sourceforge/gnu-efi/gnu-efi_${version}.orig.tar.gz"; - sha256 = "0klkdxh1aqwwfm393q67nxww6liffyp2lfybbnh4q819b06la39w"; + url = "mirror://sourceforge/gnu-efi/${name}.orig.tar.gz"; + sha256 = "1pqgpm999l7zb8gh3s0zd2ax6f0n2l4jip7h0d2y91hhcy6zjxn7"; }; - meta = { - description = "GNU EFI development toolchain"; - homepage = http://sourceforge.net/projects/gnu-efi/; - license = "GPL"; - maintainers = [ stdenv.lib.maintainers.shlevy ]; - platforms = ["x86_64-linux" "i686-linux"]; - }; + arch = with stdenv.lib; head (splitString "-" stdenv.system); makeFlags = [ "CC=gcc" @@ -34,8 +26,17 @@ let version = "3.0u"; in stdenv.mkDerivation { ''; installPhase = '' + mkdir -pv $out/include/efi/{protocol,$arch} make PREFIX="$out" $makeFlags install mkdir -pv $out/share/gnu-efi install -D -m644 apps/*.efi $out/share/gnu-efi ''; + + meta = with stdenv.lib; { + description = "GNU EFI development toolchain"; + homepage = http://sourceforge.net/projects/gnu-efi/; + license = licenses.bsd3; + maintainers = [ stdenv.lib.maintainers.shlevy ]; + platforms = platforms.linux; + }; } From aac54c6699cd165177508d0b835e5e081b818057 Mon Sep 17 00:00:00 2001 From: "William A. Kennington III" Date: Wed, 18 Jun 2014 19:54:19 -0500 Subject: [PATCH 031/166] syslinux: Update 4.07 -> 6.02 --- pkgs/os-specific/linux/syslinux/default.nix | 32 ++++++++++++++------- 1 file changed, 22 insertions(+), 10 deletions(-) diff --git a/pkgs/os-specific/linux/syslinux/default.nix b/pkgs/os-specific/linux/syslinux/default.nix index 95f482a8230..734613c44ac 100644 --- a/pkgs/os-specific/linux/syslinux/default.nix +++ b/pkgs/os-specific/linux/syslinux/default.nix @@ -1,11 +1,11 @@ { stdenv, fetchurl, nasm, perl, libuuid }: stdenv.mkDerivation rec { - name = "syslinux-4.07"; + name = "syslinux-6.02"; src = fetchurl { - url = "mirror://kernel/linux/utils/boot/syslinux/4.xx/${name}.tar.bz2"; - sha256 = "0nm0lx45h4c5nxnsr538bvryzvqvj1p1p4vqxzd8nlcv47ja8h0j"; + url = "mirror://kernel/linux/utils/boot/syslinux/${name}.tar.xz"; + sha256 = "0y2ld2s64s6vc5pf8rj36w71rq2cfax3c1iafp0w1qbjpxy1p8xg"; }; patches = [ ./perl-deps.patch ]; @@ -14,15 +14,27 @@ stdenv.mkDerivation rec { enableParallelBuilding = true; - preBuild = - '' - substituteInPlace gpxe/src/Makefile.housekeeping --replace /bin/echo $(type -P echo) - substituteInPlace gpxe/src/Makefile --replace /usr/bin/perl $(type -P perl) - makeFlagsArray=(BINDIR=$out/bin SBINDIR=$out/sbin LIBDIR=$out/lib INCDIR=$out/include DATADIR=$out/share MANDIR=$out/share/man PERL=perl) - ''; + preBuild = '' + substituteInPlace Makefile --replace /bin/pwd $(type -P pwd) + substituteInPlace gpxe/src/Makefile.housekeeping --replace /bin/echo $(type -P echo) + substituteInPlace gpxe/src/Makefile --replace /usr/bin/perl $(type -P perl) + ''; - meta = { + makeFlags = [ + "BINDIR=$(out)/bin" + "SBINDIR=$(out)/sbin" + "LIBDIR=$(out)/lib" + "INCDIR=$(out)/include" + "DATADIR=$(out)/share" + "MANDIR=$(out)/share/man" + "PERL=perl" + "bios" + ]; + + meta = with stdenv.lib; { homepage = http://www.syslinux.org/; description = "A lightweight bootloader"; + license = licenses.gpl2; + platforms = platforms.linux; }; } From e7df430d916aae9c086c1e1eb42562506f82274e Mon Sep 17 00:00:00 2001 From: Vincent Laporte Date: Wed, 25 Jun 2014 10:25:14 +0200 Subject: [PATCH 032/166] Adds cppo --- pkgs/development/tools/ocaml/cppo/default.nix | 37 +++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 + 2 files changed, 39 insertions(+) create mode 100644 pkgs/development/tools/ocaml/cppo/default.nix diff --git a/pkgs/development/tools/ocaml/cppo/default.nix b/pkgs/development/tools/ocaml/cppo/default.nix new file mode 100644 index 00000000000..04475959f3d --- /dev/null +++ b/pkgs/development/tools/ocaml/cppo/default.nix @@ -0,0 +1,37 @@ +{stdenv, fetchurl, ocaml, findlib}: +let + pname = "cppo"; + version = "0.9.4"; + webpage = "http://mjambon.com/${pname}.html"; +in +stdenv.mkDerivation rec { + + name = "${pname}-${version}"; + + src = fetchurl { + url = "http://mjambon.com/releases/${pname}/${name}.tar.gz"; + sha256 = "1m7cbja7cf74l45plqnmjrjjz55v8x65rvx0ikk9mg1ak8lcmvxa"; + }; + + buildInputs = [ ocaml findlib ]; + + createFindlibDestdir = true; + + makeFlags = "PREFIX=$(out)"; + + preBuild = '' + mkdir $out/bin + ''; + + meta = { + description = "The C preprocessor for OCaml"; + longDescription = '' + Cppo is an equivalent of the C preprocessor targeted at the OCaml language and its variants. + ''; + homepage = "${webpage}"; + license = "bsd"; + }; +} + + + diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 3c1aade131e..5bc260eeb33 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -3175,6 +3175,8 @@ let ocaml_cairo = callPackage ../development/ocaml-modules/ocaml-cairo { }; + cppo = callPackage ../development/tools/ocaml/cppo { }; + cryptokit = callPackage ../development/ocaml-modules/cryptokit { }; deriving = callPackage ../development/tools/ocaml/deriving { }; From 5edd90ac3fe4ec47806bcda08d8a1b7a3674a74f Mon Sep 17 00:00:00 2001 From: tomberek Date: Wed, 25 Jun 2014 23:51:50 -0400 Subject: [PATCH 033/166] Haskell: add monadloc-pp --- .../libraries/haskell/monadloc-pp/default.nix | 18 ++++++++++++++++++ pkgs/top-level/haskell-packages.nix | 2 ++ 2 files changed, 20 insertions(+) create mode 100644 pkgs/development/libraries/haskell/monadloc-pp/default.nix diff --git a/pkgs/development/libraries/haskell/monadloc-pp/default.nix b/pkgs/development/libraries/haskell/monadloc-pp/default.nix new file mode 100644 index 00000000000..5ec05316ba0 --- /dev/null +++ b/pkgs/development/libraries/haskell/monadloc-pp/default.nix @@ -0,0 +1,18 @@ +{ cabal, filepath, haskellSrcExts, monadloc, syb }: + +cabal.mkDerivation (self: { + pname = "monadloc-pp"; + version = "0.3"; + sha256 = "0jr9ngcj3l6kd5cscll5kr3a4bp52sdjgrdxd1j5a21jyc3gdyvn"; + isLibrary = false; + isExecutable = true; + buildDepends = [ filepath haskellSrcExts monadloc syb ]; + jailbreak = true; + meta = { + homepage = "http://github.com/pepeiborra/monadloc"; + description = "A preprocessor for generating monadic call traces"; + license = self.stdenv.lib.licenses.publicDomain; + platforms = self.ghc.meta.platforms; + maintainers = [ self.stdenv.lib.maintainers.tomberek ]; + }; +}) diff --git a/pkgs/top-level/haskell-packages.nix b/pkgs/top-level/haskell-packages.nix index 608108a1847..2d83d5a999a 100644 --- a/pkgs/top-level/haskell-packages.nix +++ b/pkgs/top-level/haskell-packages.nix @@ -1466,6 +1466,8 @@ self : let callPackage = x : y : modifyPrio (newScope self x y); in monadloc = callPackage ../development/libraries/haskell/monadloc {}; + monadlocPp = callPackage ../development/libraries/haskell/monadloc-pp {}; + monadLoops = callPackage ../development/libraries/haskell/monad-loops {}; monadLogger = callPackage ../development/libraries/haskell/monad-logger {}; From 0c1ea65be99b0de45200c5f6002ba19a7795c8ef Mon Sep 17 00:00:00 2001 From: Aycan iRiCAN Date: Thu, 26 Jun 2014 09:23:46 +0300 Subject: [PATCH 034/166] jailbreak pipes-aeson which depends on pipes-bytestring == 2.0.* which is not available. --- pkgs/development/libraries/haskell/pipes-aeson/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/pkgs/development/libraries/haskell/pipes-aeson/default.nix b/pkgs/development/libraries/haskell/pipes-aeson/default.nix index aa226aa4e3b..2f4bd30994a 100644 --- a/pkgs/development/libraries/haskell/pipes-aeson/default.nix +++ b/pkgs/development/libraries/haskell/pipes-aeson/default.nix @@ -10,6 +10,7 @@ cabal.mkDerivation (self: { aeson attoparsec pipes pipesAttoparsec pipesBytestring pipesParse transformers ]; + jailbreak = true; meta = { homepage = "https://github.com/k0001/pipes-aeson"; description = "Encode and decode JSON streams using Aeson and Pipes"; From 86784cb7313d90fc86b38ce38cae8c0f369be038 Mon Sep 17 00:00:00 2001 From: Aycan iRiCAN Date: Thu, 26 Jun 2014 09:29:27 +0300 Subject: [PATCH 035/166] jailbreak pipes-aeson which depends on pipes-bytestring == 2.0.* which is not available --- pkgs/development/libraries/haskell/pipes-binary/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/pkgs/development/libraries/haskell/pipes-binary/default.nix b/pkgs/development/libraries/haskell/pipes-binary/default.nix index e48ad2a96a4..060a70f16b8 100644 --- a/pkgs/development/libraries/haskell/pipes-binary/default.nix +++ b/pkgs/development/libraries/haskell/pipes-binary/default.nix @@ -14,6 +14,7 @@ cabal.mkDerivation (self: { tastySmallcheck transformers ]; doCheck = false; + jailbreak = true; meta = { homepage = "https://github.com/k0001/pipes-binary"; description = "Encode and decode binary streams using the pipes and binary libraries"; From a3331eb87b25d954766af9652e1415a783dae76c Mon Sep 17 00:00:00 2001 From: Luca Bruno Date: Thu, 26 Jun 2014 10:15:34 +0200 Subject: [PATCH 036/166] nixos/sshd: drop mode from auth keys file. Closes #2559 --- nixos/modules/services/networking/ssh/sshd.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/nixos/modules/services/networking/ssh/sshd.nix b/nixos/modules/services/networking/ssh/sshd.nix index e4b29a0b909..b563a781f1d 100644 --- a/nixos/modules/services/networking/ssh/sshd.nix +++ b/nixos/modules/services/networking/ssh/sshd.nix @@ -56,7 +56,6 @@ let authKeysFiles = let mkAuthKeyFile = u: { target = "ssh/authorized_keys.d/${u.name}"; - mode = "0444"; source = pkgs.writeText "${u.name}-authorized_keys" '' ${concatStringsSep "\n" u.openssh.authorizedKeys.keys} ${concatMapStrings (f: readFile f + "\n") u.openssh.authorizedKeys.keyFiles} From a6f11f262e2bd0233d74bc9a88c6f4e8544daf2c Mon Sep 17 00:00:00 2001 From: Jos van den Oever Date: Thu, 26 Jun 2014 11:31:59 +0200 Subject: [PATCH 037/166] Update povray. Current master version has 404 on tar.gz. --- pkgs/tools/graphics/povray/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/graphics/povray/default.nix b/pkgs/tools/graphics/povray/default.nix index 12f307ca9de..6272bdae780 100644 --- a/pkgs/tools/graphics/povray/default.nix +++ b/pkgs/tools/graphics/povray/default.nix @@ -4,8 +4,8 @@ stdenv.mkDerivation { name = "povray-3.6"; src = fetchurl { - url = http://www.povray.org/redirect/www.povray.org/ftp/pub/povray/Official/Unix/povray-3.6.tar.bz2; - sha256 = "0wvsfgkybx28mj2p76nnsq9rdq50192g5qb7d0xk81s8skn7z2jf"; + url = http://www.povray.org/ftp/pub/povray/Old-Versions/Official-3.62/Unix/povray-3.6.tar.bz2; + sha256 = "4e8a7fecd44807343b6867e1f2440aa0e09613d6d69a7385ac48f4e5e7737a73"; }; # the installPhase wants to put files into $HOME. I let it put the files From bf1f2c6b1f29d9c9446d15e14f6992aaced49143 Mon Sep 17 00:00:00 2001 From: Georges Dubus Date: Thu, 26 Jun 2014 16:32:54 +0200 Subject: [PATCH 038/166] git: Updated to 2.0.1 (close #3096) --- .../version-management/git-and-tools/git/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/version-management/git-and-tools/git/default.nix b/pkgs/applications/version-management/git-and-tools/git/default.nix index f95b5a493a6..054b1c1b0f3 100644 --- a/pkgs/applications/version-management/git-and-tools/git/default.nix +++ b/pkgs/applications/version-management/git-and-tools/git/default.nix @@ -10,7 +10,7 @@ let - version = "1.9.4"; + version = "2.0.1"; svn = subversionClient.override { perlBindings = true; }; @@ -21,7 +21,7 @@ stdenv.mkDerivation { src = fetchurl { url = "https://www.kernel.org/pub/software/scm/git/git-${version}.tar.xz"; - sha256 = "1shxa49lsxn81qpfi60wh7rn5ci4zjgljvr0qczdmnqzd8w1zyvb"; + sha256 = "1pylqr2qzndy92x3pq8hkwsb3garww2jxb167s6hshrva81s24mb"; }; patches = [ ./docbook2texi.patch ./symlinks-in-bin.patch ./cert-path.patch ]; From e2ff0199656a6c3a5a90ace6520617ac88dd9f37 Mon Sep 17 00:00:00 2001 From: Nikita Mikhailov Date: Mon, 23 Jun 2014 22:56:35 +0700 Subject: [PATCH 039/166] skype: 4.2.0.13 -> 4.3.0.37 --- .../instant-messengers/skype/default.nix | 19 +++++++++---------- pkgs/top-level/all-packages.nix | 4 +--- 2 files changed, 10 insertions(+), 13 deletions(-) diff --git a/pkgs/applications/networking/instant-messengers/skype/default.nix b/pkgs/applications/networking/instant-messengers/skype/default.nix index 20a304952a7..f1ac1063934 100644 --- a/pkgs/applications/networking/instant-messengers/skype/default.nix +++ b/pkgs/applications/networking/instant-messengers/skype/default.nix @@ -1,20 +1,18 @@ -{ stdenv, fetchurl, alsaLib, libXv, libXi, libXrender, libXrandr, zlib, glib +{ stdenv, fetchurl, libXv, libXi, libXrender, libXrandr, zlib, glib , libXext, libX11, libXScrnSaver, libSM, qt4, libICE, freetype, fontconfig -, pulseaudio, usePulseAudio, lib }: +, pulseaudio, lib, ... }: assert stdenv.system == "i686-linux"; stdenv.mkDerivation rec { - name = "skype-4.2.0.13"; + name = "skype-4.3.0.37"; src = fetchurl { url = "http://download.skype.com/linux/${name}.tar.bz2"; - sha256 = "137kp6c0v4z7n7pp4hwrx4gjgk4knwj815dc6swh44lb5cj1c5m5"; + sha256 = "0bc9kck99rcsqzxzw3j6vnw5byvr8c9wixrx609zp255g0wxr6cc"; }; - buildInputs = - lib.optional usePulseAudio pulseaudio ++ [ - alsaLib + buildInputs = [ stdenv.glibc stdenv.gcc.gcc libXv @@ -27,6 +25,7 @@ stdenv.mkDerivation rec { libXi libXrender libXrandr + pulseaudio freetype fontconfig zlib @@ -44,13 +43,13 @@ stdenv.mkDerivation rec { fullPath=$fullPath''${fullPath:+:}$i/lib done - dynlinker="$(cat $NIX_GCC/nix-support/dynamic-linker)" + patchelf --interpreter "$(cat $NIX_GCC/nix-support/dynamic-linker)" \ + --set-rpath "$fullPath" $out/libexec/skype/skype cat > $out/bin/skype << EOF #!${stdenv.shell} export PULSE_LATENCY_MSEC=60 # workaround for pulseaudio glitches - export LD_LIBRARY_PATH=$fullPath:$LD_LIBRARY_PATH - $dynlinker $out/libexec/skype/skype --resources=$out/libexec/skype "\$@" + $out/libexec/skype/skype --resources=$out/libexec/skype "\$@" EOF chmod +x $out/bin/skype diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index ddadce508d8..b8d26c380cb 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -9424,9 +9424,7 @@ let siproxd = callPackage ../applications/networking/siproxd { }; - skype = callPackage_i686 ../applications/networking/instant-messengers/skype { - usePulseAudio = config.pulseaudio or true; - }; + skype = callPackage_i686 ../applications/networking/instant-messengers/skype { }; skype4pidgin = callPackage ../applications/networking/instant-messengers/pidgin-plugins/skype4pidgin { }; From 8864a6ec5505e35253589a16d841fa74b8232401 Mon Sep 17 00:00:00 2001 From: Peter Simons Date: Mon, 23 Jun 2014 22:36:12 +0200 Subject: [PATCH 040/166] haskell-extensible-effects: re-generate expression with cabal2nix --- .../libraries/haskell/extensible-effects/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/development/libraries/haskell/extensible-effects/default.nix b/pkgs/development/libraries/haskell/extensible-effects/default.nix index 8c188bf6820..a4c4f8ecc7c 100644 --- a/pkgs/development/libraries/haskell/extensible-effects/default.nix +++ b/pkgs/development/libraries/haskell/extensible-effects/default.nix @@ -11,6 +11,7 @@ cabal.mkDerivation (self: { HUnit QuickCheck testFramework testFrameworkHunit testFrameworkQuickcheck2 ]; + jailbreak = true; meta = { homepage = "https://github.com/RobotGymnast/extensible-effects"; description = "An Alternative to Monad Transformers"; @@ -18,5 +19,4 @@ cabal.mkDerivation (self: { platforms = self.ghc.meta.platforms; maintainers = [ self.stdenv.lib.maintainers.ocharles ]; }; - jailbreak = true; }) From 3239293415c1f0b6d65d7160d53d1f5157f9050d Mon Sep 17 00:00:00 2001 From: Peter Simons Date: Mon, 23 Jun 2014 22:36:28 +0200 Subject: [PATCH 041/166] haskell-pipes-bytestring: re-generate expression with cabal2nix --- .../development/libraries/haskell/pipes-bytestring/default.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/pkgs/development/libraries/haskell/pipes-bytestring/default.nix b/pkgs/development/libraries/haskell/pipes-bytestring/default.nix index 348847e6e9a..4fc5b1993a3 100644 --- a/pkgs/development/libraries/haskell/pipes-bytestring/default.nix +++ b/pkgs/development/libraries/haskell/pipes-bytestring/default.nix @@ -1,5 +1,4 @@ -{ cabal, pipes, pipesGroup, pipesParse, transformers -}: +{ cabal, pipes, pipesGroup, pipesParse, transformers }: cabal.mkDerivation (self: { pname = "pipes-bytestring"; From 05335620418f7c075868e56a4b36bb91de5cf339 Mon Sep 17 00:00:00 2001 From: Peter Simons Date: Mon, 23 Jun 2014 22:37:48 +0200 Subject: [PATCH 042/166] haskell-bson: update to version 0.3 --- pkgs/development/libraries/haskell/bson/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/haskell/bson/default.nix b/pkgs/development/libraries/haskell/bson/default.nix index da4629e93fb..028b2e7d969 100644 --- a/pkgs/development/libraries/haskell/bson/default.nix +++ b/pkgs/development/libraries/haskell/bson/default.nix @@ -4,8 +4,8 @@ cabal.mkDerivation (self: { pname = "bson"; - version = "0.2.4"; - sha256 = "1fr0xx9q2l3cb72j5lgrwdlr2gba7idh2v80s8d6dr69dhwaccd9"; + version = "0.3"; + sha256 = "0787z6970lf93mgrsyqcilnkx5bynny88ag15z2f07l1rhva6ac4"; buildDepends = [ binary cryptohash dataBinaryIeee754 mtl network text time ]; From ae7b43e4501ce7d2c96d719de025c6b448e068e9 Mon Sep 17 00:00:00 2001 From: Peter Simons Date: Mon, 23 Jun 2014 22:37:49 +0200 Subject: [PATCH 043/166] haskell-hcltest: update to version 0.3.2 --- pkgs/development/libraries/haskell/hcltest/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/haskell/hcltest/default.nix b/pkgs/development/libraries/haskell/hcltest/default.nix index 170c885d240..fa2ab9a145a 100644 --- a/pkgs/development/libraries/haskell/hcltest/default.nix +++ b/pkgs/development/libraries/haskell/hcltest/default.nix @@ -5,8 +5,8 @@ cabal.mkDerivation (self: { pname = "hcltest"; - version = "0.3.1"; - sha256 = "0qnf6ib01njcbjfbwxff8y4sqmrj6nyy9y9hb0l0kw21cxsgl7c9"; + version = "0.3.2"; + sha256 = "0q5b0v2gh0b3a15hg25bqj7scbckrkka2ckk49g2mrdz2gpr28bq"; buildDepends = [ dlist either filepath free lens mmorph monadControl mtl optparseApplicative randomShuffle split stm tagged tasty temporary From 22ed738808859711cf8ec53528798c7c4998bbe1 Mon Sep 17 00:00:00 2001 From: Peter Simons Date: Mon, 23 Jun 2014 22:37:51 +0200 Subject: [PATCH 044/166] haskell-mongoDB: update to version 2.0 --- pkgs/development/libraries/haskell/mongoDB/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/haskell/mongoDB/default.nix b/pkgs/development/libraries/haskell/mongoDB/default.nix index 259a8e2fc2d..c97676b64d8 100644 --- a/pkgs/development/libraries/haskell/mongoDB/default.nix +++ b/pkgs/development/libraries/haskell/mongoDB/default.nix @@ -5,8 +5,8 @@ cabal.mkDerivation (self: { pname = "mongoDB"; - version = "1.5.0"; - sha256 = "0dvy8pa79c26hcngds6nnwnayrhsyz1flj18m9bcyrcvwb5q3dd6"; + version = "2.0"; + sha256 = "1dspx1x20903i44i825ziwmvaax75m8g08kz97cv34077bdir80h"; buildDepends = [ binary bson cryptohash hashtables liftedBase monadControl mtl network parsec random randomShuffle text transformersBase From ffa1294358bd6c597df52cd065702dbfd1fb033d Mon Sep 17 00:00:00 2001 From: Peter Simons Date: Mon, 23 Jun 2014 22:37:52 +0200 Subject: [PATCH 045/166] haskell-quickcheck-property-monad: update to version 0.2.2 --- .../libraries/haskell/quickcheck-property-monad/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/haskell/quickcheck-property-monad/default.nix b/pkgs/development/libraries/haskell/quickcheck-property-monad/default.nix index 203f22146b1..0c9a22b5974 100644 --- a/pkgs/development/libraries/haskell/quickcheck-property-monad/default.nix +++ b/pkgs/development/libraries/haskell/quickcheck-property-monad/default.nix @@ -2,8 +2,8 @@ cabal.mkDerivation (self: { pname = "quickcheck-property-monad"; - version = "0.2.1"; - sha256 = "1ln8bcsc8hd8jyhd9rp2j90p5h5nhmwidb5my91p09h43y4z9xds"; + version = "0.2.2"; + sha256 = "1liixl4xxpx9f3877sss16m67y5bkwhxdmr8h40rpqdi7dz9s0mj"; buildDepends = [ either QuickCheck transformers ]; testDepends = [ doctest filepath QuickCheck ]; meta = { From fd0f8dece97c48b19f5908fe228cf9d4aa70299f Mon Sep 17 00:00:00 2001 From: Peter Simons Date: Mon, 23 Jun 2014 22:37:54 +0200 Subject: [PATCH 046/166] haskell-simple-sendfile: update to version 0.2.15 --- .../development/libraries/haskell/simple-sendfile/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/haskell/simple-sendfile/default.nix b/pkgs/development/libraries/haskell/simple-sendfile/default.nix index 52c5fd7fe68..604f3f065a9 100644 --- a/pkgs/development/libraries/haskell/simple-sendfile/default.nix +++ b/pkgs/development/libraries/haskell/simple-sendfile/default.nix @@ -4,8 +4,8 @@ cabal.mkDerivation (self: { pname = "simple-sendfile"; - version = "0.2.14"; - sha256 = "00k9cachx7y4811b71f8p468kx018hzvpvw6jgf7zmjhc9v922ni"; + version = "0.2.15"; + sha256 = "1fa20h2zcvxwdb5j5a0nnhl38bry1p5ckya1l7lrxx9r2bvjkyj9"; buildDepends = [ network resourcet ]; testDepends = [ conduit conduitExtra hspec HUnit network networkConduit resourcet From 93100d390441d40361b37cd0088c6aef2f6f66b8 Mon Sep 17 00:00:00 2001 From: Peter Simons Date: Mon, 23 Jun 2014 22:37:55 +0200 Subject: [PATCH 047/166] haskell-unix-compat: update to version 0.4.1.3 --- pkgs/development/libraries/haskell/unix-compat/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/haskell/unix-compat/default.nix b/pkgs/development/libraries/haskell/unix-compat/default.nix index 9742b193e7b..a43da3b7194 100644 --- a/pkgs/development/libraries/haskell/unix-compat/default.nix +++ b/pkgs/development/libraries/haskell/unix-compat/default.nix @@ -2,8 +2,8 @@ cabal.mkDerivation (self: { pname = "unix-compat"; - version = "0.4.1.1"; - sha256 = "1cjny6zca5wdj7d56kjkaxlad85kknn91pisrizjy6wngszyaigf"; + version = "0.4.1.3"; + sha256 = "1vfw3ffzdk9mshhgyp3dnbn8rihkz8qg6n5zqak8966dsdqhm4xb"; meta = { homepage = "http://github.com/jystic/unix-compat"; description = "Portable POSIX-compatibility layer"; From ad128c637bdff57f79c5903d90b11fae65734d81 Mon Sep 17 00:00:00 2001 From: John Wiegley Date: Thu, 26 Jun 2014 11:41:00 -0700 Subject: [PATCH 048/166] haskell-folds: new expression --- .../libraries/haskell/folds/default.nix | 23 +++++++++++++++++++ pkgs/top-level/haskell-packages.nix | 2 ++ 2 files changed, 25 insertions(+) create mode 100644 pkgs/development/libraries/haskell/folds/default.nix diff --git a/pkgs/development/libraries/haskell/folds/default.nix b/pkgs/development/libraries/haskell/folds/default.nix new file mode 100644 index 00000000000..4287ddbeb4f --- /dev/null +++ b/pkgs/development/libraries/haskell/folds/default.nix @@ -0,0 +1,23 @@ +{ cabal, comonad, contravariant, deepseq, doctest, filepath, hlint +, lens, mtl, pointed, profunctors, reflection, semigroupoids +, semigroups, tagged, transformers, vector +}: + +cabal.mkDerivation (self: { + pname = "folds"; + version = "0.6.1"; + sha256 = "13p4kyr48g917ib87n14qpqaka6isp73cwy7mvvsqgprj1fghyj1"; + buildDepends = [ + comonad contravariant lens pointed profunctors reflection + semigroupoids tagged transformers vector + ]; + testDepends = [ deepseq doctest filepath hlint mtl semigroups ]; + # The hlint tests presently fail + doCheck = false; + meta = { + homepage = "http://github.com/ekmett/folds"; + description = "Beautiful Folding"; + license = self.stdenv.lib.licenses.bsd3; + platforms = self.ghc.meta.platforms; + }; +}) diff --git a/pkgs/top-level/haskell-packages.nix b/pkgs/top-level/haskell-packages.nix index 5681ecbe2f1..474b81e40fd 100644 --- a/pkgs/top-level/haskell-packages.nix +++ b/pkgs/top-level/haskell-packages.nix @@ -799,6 +799,8 @@ self : let callPackage = x : y : modifyPrio (newScope self x y); in foldl = callPackage ../development/libraries/haskell/foldl {}; + folds = callPackage ../development/libraries/haskell/folds {}; + forceLayout = callPackage ../development/libraries/haskell/force-layout {}; free = callPackage ../development/libraries/haskell/free {}; From db1afc01d28334f20acdd008895a3cbd8582e8c9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= Date: Thu, 26 Jun 2014 22:23:09 +0200 Subject: [PATCH 049/166] samba: security-only updates 2.6.22 -> .24 Fixes CVE-2014-{0244,3493} and CVE-2013-4496 --- pkgs/servers/samba/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/servers/samba/default.nix b/pkgs/servers/samba/default.nix index ade79e2c99c..08f12d97506 100644 --- a/pkgs/servers/samba/default.nix +++ b/pkgs/servers/samba/default.nix @@ -18,11 +18,11 @@ assert useKerberos -> kerberos != null; stdenv.mkDerivation rec { - name = "samba-3.6.22"; + name = "samba-3.6.24"; src = fetchurl { - url = "http://us3.samba.org/samba/ftp/stable/${name}.tar.gz"; - sha256 = "1sny3irf1p4fjli5qa29swr3l217grg90cva35rmay48fw7g5g9h"; + url = "http://samba.org/samba/ftp/stable/${name}.tar.gz"; + sha256 = "19rln8m1k359bz6dhmlv39kzyjg7p296dz4y4mq1jwrlnw2bvl0i"; }; buildInputs = [ readline pam openldap popt iniparser libunwind fam acl cups ] From e36e853817b4c2da3b202c5e19d5f2111aafac9a Mon Sep 17 00:00:00 2001 From: John Wiegley Date: Thu, 26 Jun 2014 15:53:50 -0700 Subject: [PATCH 050/166] smljnBootstrap: new expression for running smlnj on darwin --- .../development/compilers/smlnj/bootstrap.nix | 43 +++++++++++++++++++ pkgs/top-level/all-packages.nix | 1 + 2 files changed, 44 insertions(+) create mode 100644 pkgs/development/compilers/smlnj/bootstrap.nix diff --git a/pkgs/development/compilers/smlnj/bootstrap.nix b/pkgs/development/compilers/smlnj/bootstrap.nix new file mode 100644 index 00000000000..27fdf75cc25 --- /dev/null +++ b/pkgs/development/compilers/smlnj/bootstrap.nix @@ -0,0 +1,43 @@ +{ stdenv, fetchurl, cpio, rsync, makeWrapper }: + +stdenv.mkDerivation rec { + name = "smlnj-bootstrap-${version}"; + + version = "110.76"; + + src = fetchurl { + url = "http://smlnj.cs.uchicago.edu/dist/working/${version}/smlnj-x86-${version}.pkg"; + sha256 = "0n3kdlqffqw97piya7i4lddrhjml2dp1q9hfq2jrd2hbzln8vdjf"; + }; + + buildInputs = [ cpio rsync makeWrapper ]; + + unpackPhase = '' + /usr/bin/xar -xf $src + cd smlnj.pkg + ''; + + buildPhase = '' + cat Payload | gunzip -dc | cpio -i + ''; + + installPhase = '' + ensureDir $out/bin + rsync -av bin/ $out/bin/ + + ensureDir $out/lib + rsync -av lib/ $out/lib/ + ''; + + postInstall = '' + wrapProgram "$out/bin/sml" --set "SMLNJ_HOME" "$out" + ''; + + meta = { + description = "Compiler for the Standard ML '97 programming language"; + homepage = http://www.smlnj.org; + license = stdenv.lib.licenses.free; + platforms = stdenv.lib.platforms.darwin; + maintainers = [ stdenv.lib.maintainers.jwiegley ]; + }; +} \ No newline at end of file diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 4c09e6df6e6..e55f34d4572 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -3303,6 +3303,7 @@ let sdcc = callPackage ../development/compilers/sdcc { }; + smlnjBootstrap = callPackage ../development/compilers/smlnj/bootstrap.nix { }; smlnj = callPackage_i686 ../development/compilers/smlnj { }; stalin = callPackage ../development/compilers/stalin { }; From ad96cc8bf9af05f1b193ecf11e7db66844a8b6b2 Mon Sep 17 00:00:00 2001 From: John Wiegley Date: Thu, 26 Jun 2014 15:54:12 -0700 Subject: [PATCH 051/166] twelf: new expression; prover for PL theory and logic --- .../science/logic/twelf/default.nix | 46 +++++++++++++++++++ pkgs/top-level/all-packages.nix | 6 +++ 2 files changed, 52 insertions(+) create mode 100644 pkgs/applications/science/logic/twelf/default.nix diff --git a/pkgs/applications/science/logic/twelf/default.nix b/pkgs/applications/science/logic/twelf/default.nix new file mode 100644 index 00000000000..f5d2d44df42 --- /dev/null +++ b/pkgs/applications/science/logic/twelf/default.nix @@ -0,0 +1,46 @@ +{ stdenv, fetchurl, pkgconfig, smlnj, rsync }: + +stdenv.mkDerivation rec { + name = "twelf-${version}"; + version = "1.7.1"; + + src = fetchurl { + url = "//twelf.plparty.org/releases/twelf-src-1.7.1.tar.gz"; + sha256 = "0fi1kbs9hrdrm1x4k13angpjasxlyd1gc3ys8ah54i75qbcd9c4i"; + }; + + buildInputs = [ pkgconfig smlnj rsync ]; + + buildPhase = '' + export SMLNJ_HOME=${smlnj} + make smlnj + ''; + + installPhase = '' + ensureDir $out/bin + rsync -av bin/* $out/bin/ + + ensureDir $out/share/emacs/site-lisp/twelf/ + rsync -av emacs/ $out/share/emacs/site-lisp/twelf/ + + ensureDir $out/share/twelf/examples + rsync -av examples/ $out/share/twelf/examples/ + ensureDir $out/share/twelf/vim + rsync -av vim/ $out/share/twelf/vim/ + ''; + + meta = { + description = "Twelf logic proof assistant"; + longDescription = '' + Twelf is a language used to specify, implement, and prove properties of + deductive systems such as programming languages and logics. Large + research projects using Twelf include the TALT typed assembly language, + a foundational proof-carrying-code system, and a type safety proof for + Standard ML. + ''; + homepage = http://twelf.org/wiki/Main_Page; + license = "MIT"; + maintainers = with stdenv.lib.maintainers; [ jwiegley ]; + platforms = stdenv.lib.platforms.unix; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index e55f34d4572..fbbfa940abb 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -10732,6 +10732,12 @@ let tptp = callPackage ../applications/science/logic/tptp {}; + twelf = callPackage ../applications/science/logic/twelf { + smlnj = if stdenv.isDarwin + then smlnjBootstrap + else smlnj; + }; + verifast = callPackage ../applications/science/logic/verifast {}; why3 = callPackage ../applications/science/logic/why3 {}; From 593e938341f82df93098a5df2ce85af6f7365ace Mon Sep 17 00:00:00 2001 From: Austin Seipp Date: Fri, 27 Jun 2014 00:24:43 -0500 Subject: [PATCH 052/166] php: 5.4.29 -> 5.4.30 CVE-2014-3981, CVE-2014-0207, CVE-2014-3478, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487, CVE-2014-4049, CVE-2014-3515 Signed-off-by: Austin Seipp --- pkgs/development/interpreters/php/5.4.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/interpreters/php/5.4.nix b/pkgs/development/interpreters/php/5.4.nix index b692e4d8a99..c194c3aa8a0 100644 --- a/pkgs/development/interpreters/php/5.4.nix +++ b/pkgs/development/interpreters/php/5.4.nix @@ -9,7 +9,7 @@ in composableDerivation.composableDerivation {} ( fixed : let inherit (fixed.fixed) version; in { - version = "5.4.29"; + version = "5.4.30"; name = "php-${version}"; @@ -243,7 +243,7 @@ composableDerivation.composableDerivation {} ( fixed : let inherit (fixed.fixed) src = fetchurl { url = "http://www.php.net/distributions/php-${version}.tar.bz2"; - sha256 = "19z2n6h1fvj30n6hl2mwhw2f4i1vwhbj3j7abq3gc16gcfh3rkk2"; + sha256 = "1rkc977b4k0y6qg5nf8729g5zpica31h1isyds6khmrdwi23df1j"; }; meta = { From dd56bfbd0082c7a0291cc3cc860363aded31935e Mon Sep 17 00:00:00 2001 From: Austin Seipp Date: Fri, 27 Jun 2014 00:52:12 -0500 Subject: [PATCH 053/166] kernel/grsec: updates Signed-off-by: Austin Seipp --- pkgs/os-specific/linux/kernel/linux-3.10.nix | 4 ++-- pkgs/os-specific/linux/kernel/linux-3.14.nix | 4 ++-- pkgs/os-specific/linux/kernel/linux-3.15.nix | 4 ++-- pkgs/os-specific/linux/kernel/linux-3.4.nix | 4 ++-- pkgs/os-specific/linux/kernel/patches.nix | 12 ++++++------ 5 files changed, 14 insertions(+), 14 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-3.10.nix b/pkgs/os-specific/linux/kernel/linux-3.10.nix index a08ad5ea53d..6ee5345f498 100644 --- a/pkgs/os-specific/linux/kernel/linux-3.10.nix +++ b/pkgs/os-specific/linux/kernel/linux-3.10.nix @@ -1,12 +1,12 @@ { stdenv, fetchurl, ... } @ args: import ./generic.nix (args // rec { - version = "3.10.44"; + version = "3.10.45"; extraMeta.branch = "3.10"; src = fetchurl { url = "mirror://kernel/linux/kernel/v3.x/linux-${version}.tar.xz"; - sha256 = "06brvvxkgx4im4jzyl08y8hifgqb8ndxlhdkczwlqx3cgs6769c0"; + sha256 = "0bsmqszc86d33g6qpwgrdckgrd1x37087br3vsc5151s2p22rk1f"; }; features.iwlwifi = true; diff --git a/pkgs/os-specific/linux/kernel/linux-3.14.nix b/pkgs/os-specific/linux/kernel/linux-3.14.nix index 4fbca05501d..f867309529f 100644 --- a/pkgs/os-specific/linux/kernel/linux-3.14.nix +++ b/pkgs/os-specific/linux/kernel/linux-3.14.nix @@ -1,12 +1,12 @@ { stdenv, fetchurl, ... } @ args: import ./generic.nix (args // rec { - version = "3.14.8"; + version = "3.14.9"; extraMeta.branch = "3.14"; src = fetchurl { url = "mirror://kernel/linux/kernel/v3.x/linux-${version}.tar.xz"; - sha256 = "0l2k7c8i3vzcs8mwdy3h1yzlqli6vr56wbn6bxp4nyvxkwxlhs5d"; + sha256 = "0rm68hzkxzzh6a1nw6fsxbg43d4b88957ail7b9ga589cagf3p94"; }; features.iwlwifi = true; diff --git a/pkgs/os-specific/linux/kernel/linux-3.15.nix b/pkgs/os-specific/linux/kernel/linux-3.15.nix index 531b85b789a..68f58f83a2f 100644 --- a/pkgs/os-specific/linux/kernel/linux-3.15.nix +++ b/pkgs/os-specific/linux/kernel/linux-3.15.nix @@ -1,12 +1,12 @@ { stdenv, fetchurl, ... } @ args: import ./generic.nix (args // rec { - version = "3.15.1"; + version = "3.15.2"; extraMeta.branch = "3.15"; src = fetchurl { url = "mirror://kernel/linux/kernel/v3.x/linux-${version}.tar.xz"; - sha256 = "0bmzag945bb9v20xc2f6i4syx456prai3qj5cxhm8cb76wby4s8b"; + sha256 = "09nq8q84xn6lwzdnn36pzfiqhn1lapi60yxn4hifb7v9ymhc5sv6"; }; features.iwlwifi = true; diff --git a/pkgs/os-specific/linux/kernel/linux-3.4.nix b/pkgs/os-specific/linux/kernel/linux-3.4.nix index 8308340f3f5..27efaac4488 100644 --- a/pkgs/os-specific/linux/kernel/linux-3.4.nix +++ b/pkgs/os-specific/linux/kernel/linux-3.4.nix @@ -1,12 +1,12 @@ { stdenv, fetchurl, ... } @ args: import ./generic.nix (args // rec { - version = "3.4.94"; + version = "3.4.95"; extraMeta.branch = "3.4"; src = fetchurl { url = "mirror://kernel/linux/kernel/v3.x/linux-${version}.tar.xz"; - sha256 = "0kc1s38zij39z8mrk9x29wizhbn4i7c7gyd796s1ib4826p3k48k"; + sha256 = "1rv2jsfc2m12nk293v12rvvqnicyh73pwp6bcb28jdqdhm95k6l6"; }; kernelPatches = args.kernelPatches ++ diff --git a/pkgs/os-specific/linux/kernel/patches.nix b/pkgs/os-specific/linux/kernel/patches.nix index eb4d7a100be..5a6a7d15c3c 100644 --- a/pkgs/os-specific/linux/kernel/patches.nix +++ b/pkgs/os-specific/linux/kernel/patches.nix @@ -60,17 +60,17 @@ rec { }; grsecurity_stable = grsecPatch - { kversion = "3.14.8"; - revision = "201406222110"; + { kversion = "3.14.9"; + revision = "201406262057"; branch = "stable"; - sha256 = "0jar710hqpjkp4g3ldrbcpgc170v9qp8ykajq5fi8mxx4j54gjwa"; + sha256 = "0rrcmlaz69028fwl45xnif1dc9wnl7lnrry1280mdg764wrc6g0n"; }; grsecurity_unstable = grsecPatch - { kversion = "3.15.1"; - revision = "201406222112"; + { kversion = "3.15.2"; + revision = "201406262058"; branch = "test"; - sha256 = "04sbpmzgfgn7hjiln9baynpgr7k67lm0b5wn2z8i2jsjigfmv0r4"; + sha256 = "02r9xasg1hiw3bynwh50r9cqjzwffmhsyg4gmiyzs58izivl1hvd"; }; grsec_fix_path = From f9ebbc80a14d423481cfaca380ae8dc6dd4f14ee Mon Sep 17 00:00:00 2001 From: John Wiegley Date: Thu, 26 Jun 2014 22:53:37 -0700 Subject: [PATCH 054/166] haskell-ghc-mod: patch ghc-process.el to avoid hanging @peti I've determined that the hang which this fixes does not happen all of the time (in fact, I've been using ghc-mod for weeks without seeing it once). But today it happened again, and it made me realize I had undone this patch locally. I'm committing it now because it fixes the problem completely for me, and certainly cannot hurt. --- pkgs/development/libraries/haskell/ghc-mod/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/pkgs/development/libraries/haskell/ghc-mod/default.nix b/pkgs/development/libraries/haskell/ghc-mod/default.nix index f05bfedafcf..ee2cbdbd203 100644 --- a/pkgs/development/libraries/haskell/ghc-mod/default.nix +++ b/pkgs/development/libraries/haskell/ghc-mod/default.nix @@ -21,6 +21,7 @@ cabal.mkDerivation (self: { configureFlags = "--datasubdir=${self.pname}-${self.version}"; postInstall = '' cd $out/share/$pname-$version + sed -i -e 's/"-b" "\\n" "-l"/"-l" "-b" "\\"\\\\n\\""/' ghc-process.el make rm Makefile cd .. From 48f2ca07f481e70204f760bff16f5699a309bdfa Mon Sep 17 00:00:00 2001 From: Austin Seipp Date: Fri, 27 Jun 2014 01:12:43 -0500 Subject: [PATCH 055/166] arcanist: 20140617 -> 20140627 Signed-off-by: Austin Seipp --- pkgs/development/tools/misc/arcanist/default.nix | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkgs/development/tools/misc/arcanist/default.nix b/pkgs/development/tools/misc/arcanist/default.nix index 7e3a3a6d15c..4236cffadfc 100644 --- a/pkgs/development/tools/misc/arcanist/default.nix +++ b/pkgs/development/tools/misc/arcanist/default.nix @@ -3,18 +3,18 @@ let libphutil = fetchgit { url = "git://github.com/facebook/libphutil.git"; - rev = "0027e97cd6cbafcbdc626b4ac6cf315b9508a14f"; - sha256 = "4781a4e3e1cb72da24e97f89a9b879803be8e1cf6baa2a4517801dfb893eec26"; + rev = "8d1b522333caf4984180ac830be8635437bacedb"; + sha256 = "e83da381cd8845b64a1cd3244d17736fb736aeabce37efd19754447f47cd4fe1"; }; arcanist = fetchgit { url = "git://github.com/facebook/arcanist.git"; - rev = "680ec3670cd9d9195debf3e9b674b1b232156e61"; - sha256 = "a70cde586960676c0d69f4d98e6936633e0d79c37c6f6cc5b0213146a6b18c83"; + rev = "0971c728fea89ac45a67e06cdb89349ad8040c60"; + sha256 = "33e595b81dcbef181d3c71072ecf1c22db3f86f49dbb5276c671caefe83c8594"; }; in stdenv.mkDerivation rec { name = "arcanist-${version}"; - version = "20140617"; + version = "20140627"; src = [ arcanist libphutil ]; buildInputs = [ php makeWrapper flex ]; From 865787ef3273566fe5b979638e3a0bbf08836595 Mon Sep 17 00:00:00 2001 From: aszlig Date: Fri, 27 Jun 2014 08:34:59 +0200 Subject: [PATCH 056/166] nixos/tests/openssh: Test configured auth keys. So far the test only uses an authorized key that is copied over to the target machine instead of being set by the target's configuration. Now, we cover both cases. Signed-off-by: aszlig --- nixos/tests/openssh.nix | 48 +++++++++++++++++++++++++++++++++-------- 1 file changed, 39 insertions(+), 9 deletions(-) diff --git a/nixos/tests/openssh.nix b/nixos/tests/openssh.nix index 0b9714c275d..d4ce95e49f7 100644 --- a/nixos/tests/openssh.nix +++ b/nixos/tests/openssh.nix @@ -1,4 +1,21 @@ -import ./make-test.nix ({ pkgs, ... }: { +import ./make-test.nix ({ pkgs, ... }: + +let + snakeOilPrivateKey = pkgs.writeText "privkey.snakeoil" '' + -----BEGIN EC PRIVATE KEY----- + MHcCAQEEIHQf/khLvYrQ8IOika5yqtWvI0oquHlpRLTZiJy5dRJmoAoGCCqGSM49 + AwEHoUQDQgAEKF0DYGbBwbj06tA3fd/+yP44cvmwmHBWXZCKbS+RQlAKvLXMWkpN + r1lwMyJZoSGgBHoUahoYjTh9/sJL7XLJtA== + -----END EC PRIVATE KEY----- + ''; + + snakeOilPublicKey = pkgs.lib.concatStrings [ + "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHA" + "yNTYAAABBBChdA2BmwcG49OrQN33f/sj+OHL5sJhwVl2Qim0vkUJQCry1zFpKTa" + "9ZcDMiWaEhoAR6FGoaGI04ff7CS+1yybQ= sakeoil" + ]; + +in { nodes = { @@ -9,6 +26,9 @@ import ./make-test.nix ({ pkgs, ... }: { services.openssh.enable = true; security.pam.services.sshd.limits = [ { domain = "*"; item = "memlock"; type = "-"; value = 1024; } ]; + users.extraUsers.root.openssh.authorizedKeys.keys = [ + snakeOilPublicKey + ]; }; client = @@ -23,15 +43,25 @@ import ./make-test.nix ({ pkgs, ... }: { $server->waitForUnit("sshd"); - $server->succeed("mkdir -m 700 /root/.ssh"); - $server->copyFileFromHost("key.pub", "/root/.ssh/authorized_keys"); + subtest "manual-authkey", sub { + $server->succeed("mkdir -m 700 /root/.ssh"); + $server->copyFileFromHost("key.pub", "/root/.ssh/authorized_keys"); - $client->succeed("mkdir -m 700 /root/.ssh"); - $client->copyFileFromHost("key", "/root/.ssh/id_dsa"); - $client->succeed("chmod 600 /root/.ssh/id_dsa"); + $client->succeed("mkdir -m 700 /root/.ssh"); + $client->copyFileFromHost("key", "/root/.ssh/id_dsa"); + $client->succeed("chmod 600 /root/.ssh/id_dsa"); - $client->waitForUnit("network.target"); - $client->succeed("ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no server 'echo hello world' >&2"); - $client->succeed("ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no server 'ulimit -l' | grep 1024"); + $client->waitForUnit("network.target"); + $client->succeed("ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no server 'echo hello world' >&2"); + $client->succeed("ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no server 'ulimit -l' | grep 1024"); + }; + + subtest "configured-authkey", sub { + $client->succeed("cat ${snakeOilPrivateKey} > privkey.snakeoil"); + $client->succeed("chmod 600 privkey.snakeoil"); + $client->succeed("ssh -o UserKnownHostsFile=/dev/null" . + " -o StrictHostKeyChecking=no -i privkey.snakeoil" . + " server true"); + }; ''; }) From da32f052b1390a77c58c8c1c3fae62db1abd050e Mon Sep 17 00:00:00 2001 From: aszlig Date: Fri, 27 Jun 2014 09:19:30 +0200 Subject: [PATCH 057/166] Revert "nixos/sshd: drop mode from auth keys file". This reverts commit a3331eb87b25d954766af9652e1415a783dae76c. See https://github.com/NixOS/nixpkgs/issues/2559#issuecomment-47313334 for a description why this is not a good idea. I guess it's better to implement a sane way to remove all files in authorized_keys.d, especially because it is also backwards-compatible. Reopens #2559. Signed-off-by: aszlig --- nixos/modules/services/networking/ssh/sshd.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/nixos/modules/services/networking/ssh/sshd.nix b/nixos/modules/services/networking/ssh/sshd.nix index b563a781f1d..e4b29a0b909 100644 --- a/nixos/modules/services/networking/ssh/sshd.nix +++ b/nixos/modules/services/networking/ssh/sshd.nix @@ -56,6 +56,7 @@ let authKeysFiles = let mkAuthKeyFile = u: { target = "ssh/authorized_keys.d/${u.name}"; + mode = "0444"; source = pkgs.writeText "${u.name}-authorized_keys" '' ${concatStringsSep "\n" u.openssh.authorizedKeys.keys} ${concatMapStrings (f: readFile f + "\n") u.openssh.authorizedKeys.keyFiles} From 622673495b6b00843c2bbacc932b377e2389cc8b Mon Sep 17 00:00:00 2001 From: aszlig Date: Fri, 27 Jun 2014 09:39:12 +0200 Subject: [PATCH 058/166] nixos/log2html: Remove schema from jQuery URLs. This allows viewing test logs for example when using a Hydra running with HTTPS. Signed-off-by: aszlig --- nixos/lib/test-driver/log2html.xsl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nixos/lib/test-driver/log2html.xsl b/nixos/lib/test-driver/log2html.xsl index 8e907d85ffa..ce8a9c6de2b 100644 --- a/nixos/lib/test-driver/log2html.xsl +++ b/nixos/lib/test-driver/log2html.xsl @@ -9,8 +9,8 @@ - - + +