From c60da1cb0d2bf5cd1f2ecad73529552db074588b Mon Sep 17 00:00:00 2001 From: Tobias Happ Date: Thu, 27 May 2021 17:55:17 +0200 Subject: [PATCH 01/26] teamspeak_server: fix updateScript (cherry picked from commit 18f28923c6dd34aec04ca95ebeb2384fe9249db3) --- .../networking/instant-messengers/teamspeak/server.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pkgs/applications/networking/instant-messengers/teamspeak/server.nix b/pkgs/applications/networking/instant-messengers/teamspeak/server.nix index e266265291b..e6acb7bd702 100644 --- a/pkgs/applications/networking/instant-messengers/teamspeak/server.nix +++ b/pkgs/applications/networking/instant-messengers/teamspeak/server.nix @@ -30,14 +30,14 @@ in stdenv.mkDerivation rec { passthru.updateScript = writeScript "update-teampeak-server" '' #!/usr/bin/env nix-shell - #!nix-shell -i bash -p common-updater-scripts curl gnugrep gnused + #!nix-shell -i bash -p common-updater-scripts curl gnugrep gnused jq pup set -eu -o pipefail version=$( \ - curl -s "https://www.teamspeak.de/download/teamspeak-3-amd64-server-linux/" \ - | grep softwareVersion \ - | sed -E -e 's/^.*([^<]+)<\/span>.*$/\1/' \ + curl https://www.teamspeak.com/en/downloads/ \ + | pup "#server .linux .version json{}" \ + | jq -r ".[0].text" ) versionOld=$(nix-instantiate --eval --strict -A "teamspeak_server.version") From b6951a764afb5944df4ee39c90ac77f9eb61aea6 Mon Sep 17 00:00:00 2001 From: Tobias Happ Date: Thu, 27 May 2021 17:55:40 +0200 Subject: [PATCH 02/26] teamspeak_server: 3.13.3 -> 3.13.5 (cherry picked from commit d0773a3c1fe74a85e8e0c9624d363fa69091b9c7) --- .../networking/instant-messengers/teamspeak/server.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/networking/instant-messengers/teamspeak/server.nix b/pkgs/applications/networking/instant-messengers/teamspeak/server.nix index e6acb7bd702..d76be9c81ca 100644 --- a/pkgs/applications/networking/instant-messengers/teamspeak/server.nix +++ b/pkgs/applications/networking/instant-messengers/teamspeak/server.nix @@ -4,13 +4,13 @@ let arch = if stdenv.is64bit then "amd64" else "x86"; in stdenv.mkDerivation rec { pname = "teamspeak-server"; - version = "3.13.3"; + version = "3.13.5"; src = fetchurl { url = "https://files.teamspeak-services.com/releases/server/${version}/teamspeak3-server_linux_${arch}-${version}.tar.bz2"; sha256 = if stdenv.is64bit - then "sha256-+b9S0ekQmXF5KwvVcmHIDpp0iZRO2W1ls8eYhDzjUUw=" - else "sha256-Qu6xPzbUdqO93j353cfQILlFYqmwFSnFWG9TjniX0+c="; + then "sha256-2tSX/ET2lZsi0mVB3KnbnBXMSTRsneGUA8w6mZ6TmlY=" + else "sha256-RdxG4nGXTTSY+P5oZu4uP5l7gKcU9C6uIILyNldSK50="; }; buildInputs = [ stdenv.cc.cc postgresql.lib ]; From 0699e902e6fef1b9d51f523657575430c8a41354 Mon Sep 17 00:00:00 2001 From: Tobias Happ Date: Thu, 27 May 2021 18:58:20 +0200 Subject: [PATCH 03/26] teamspeak_server: add missing runHook commands (cherry picked from commit 88b0d669e470b35399c1c0d226f8c42ff6aab55b) --- .../networking/instant-messengers/teamspeak/server.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/pkgs/applications/networking/instant-messengers/teamspeak/server.nix b/pkgs/applications/networking/instant-messengers/teamspeak/server.nix index d76be9c81ca..daa97b68217 100644 --- a/pkgs/applications/networking/instant-messengers/teamspeak/server.nix +++ b/pkgs/applications/networking/instant-messengers/teamspeak/server.nix @@ -18,6 +18,8 @@ in stdenv.mkDerivation rec { nativeBuildInputs = [ autoPatchelfHook ]; installPhase = '' + runHook preInstall + # Install files. mkdir -p $out/lib/teamspeak mv * $out/lib/teamspeak/ @@ -26,6 +28,8 @@ in stdenv.mkDerivation rec { mkdir -p $out/bin/ ln -s $out/lib/teamspeak/ts3server $out/bin/ts3server ln -s $out/lib/teamspeak/tsdns/tsdnsserver $out/bin/tsdnsserver + + runHook postInstall ''; passthru.updateScript = writeScript "update-teampeak-server" '' From fbc09eb8434f4466fe49637c9d1c46d714eecf20 Mon Sep 17 00:00:00 2001 From: Vonfry Date: Tue, 1 Jun 2021 15:04:12 +0800 Subject: [PATCH 04/26] zsh-completions: 0.32.0 -> 0.33.0 (cherry picked from commit f777cb75fbc46fcdb2291a542f734d3d956d41a6) --- pkgs/shells/zsh/zsh-completions/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/shells/zsh/zsh-completions/default.nix b/pkgs/shells/zsh/zsh-completions/default.nix index 07e538610ba..249826a2a25 100644 --- a/pkgs/shells/zsh/zsh-completions/default.nix +++ b/pkgs/shells/zsh/zsh-completions/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "zsh-completions"; - version = "0.32.0"; + version = "0.33.0"; src = fetchFromGitHub { owner = "zsh-users"; repo = pname; rev = version; - sha256 = "12l9wrx0aysyj62kgp5limglz0nq73w8c415wcshxnxmhyk6sw6d"; + sha256 = "0vs14n29wvkai84fvz3dz2kqznwsq2i5fzbwpv8nsfk1126ql13i"; }; installPhase= '' From 437b2bfe1823368c249dfe57604d139472642d89 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Sun, 30 May 2021 21:42:39 +0200 Subject: [PATCH 05/26] nixos/pam: use new plasma5Packages, fixes #124973 (cherry picked from commit 61654ca131c1431b172cc0464c83227c40331e16) --- nixos/modules/security/pam.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/modules/security/pam.nix b/nixos/modules/security/pam.nix index b5bd22f6ba7..3cde7e95155 100644 --- a/nixos/modules/security/pam.nix +++ b/nixos/modules/security/pam.nix @@ -965,7 +965,7 @@ in mr ${pkgs.apparmor-pam}/lib/security/pam_apparmor.so, '' + optionalString (isEnabled (cfg: cfg.enableKwallet)) '' - mr ${pkgs.plasma5.kwallet-pam}/lib/security/pam_kwallet5.so, + mr ${pkgs.plasma5Packages.kwallet-pam}/lib/security/pam_kwallet5.so, '' + optionalString config.virtualisation.lxc.lxcfs.enable '' mr ${pkgs.lxc}/lib/security/pam_cgfs.so From 63cb180895bbce29807e9d9dc729bf9d82fe053f Mon Sep 17 00:00:00 2001 From: Sebastian Sellmeier Date: Mon, 31 May 2021 16:36:26 +0200 Subject: [PATCH 06/26] sane-airscan: 0.99.24 -> 0.99.26 (cherry picked from commit 19120ab49753fb29feb5a49a20398f7d39a96ea4) --- pkgs/applications/graphics/sane/backends/airscan/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/graphics/sane/backends/airscan/default.nix b/pkgs/applications/graphics/sane/backends/airscan/default.nix index d2ff4339890..8d0e32e2b4e 100644 --- a/pkgs/applications/graphics/sane/backends/airscan/default.nix +++ b/pkgs/applications/graphics/sane/backends/airscan/default.nix @@ -2,7 +2,7 @@ , libxml2, gnutls, sane-backends }: stdenv.mkDerivation rec { pname = "sane-airscan"; - version = "0.99.24"; + version = "0.99.26"; nativeBuildInputs = [ meson ninja pkg-config ]; buildInputs = [ avahi gnutls libjpeg libpng libxml2 sane-backends ]; @@ -11,7 +11,7 @@ stdenv.mkDerivation rec { owner = "alexpevzner"; repo = pname; rev = version; - sha256 = "sha256-2zSLC9P7Q/GMefHvmrUz6nV2hgScb4BhPAkahNBouqk="; + sha256 = "08snfg5zx9924ryww0kxf1kgl085yw7fg6l4f1kzlhcmqf1958w5"; }; meta = with lib; { From d5dc09b57bc53dfcd2803ba8646d45986dedccc6 Mon Sep 17 00:00:00 2001 From: Aaron Janse Date: Fri, 4 Jun 2021 16:26:37 -0700 Subject: [PATCH 07/26] gnome-boxes: add qemu as dependency (cherry picked from commit 795021ada5e70447f4c5fddb71532b0f9594c0f7) --- pkgs/desktops/gnome/apps/gnome-boxes/default.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pkgs/desktops/gnome/apps/gnome-boxes/default.nix b/pkgs/desktops/gnome/apps/gnome-boxes/default.nix index 605275be7de..5972843ab31 100644 --- a/pkgs/desktops/gnome/apps/gnome-boxes/default.nix +++ b/pkgs/desktops/gnome/apps/gnome-boxes/default.nix @@ -49,6 +49,7 @@ , webkitgtk , vte , glib-networking +, qemu-utils }: stdenv.mkDerivation rec { @@ -120,7 +121,7 @@ stdenv.mkDerivation rec { ]; preFixup = '' - gappsWrapperArgs+=(--prefix PATH : "${lib.makeBinPath [ mtools cdrkit libcdio ]}") + gappsWrapperArgs+=(--prefix PATH : "${lib.makeBinPath [ mtools cdrkit libcdio qemu-utils ]}") ''; postPatch = '' From d6c7d92ae06842cecc26f68dc7998e9786b48c74 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Sun, 6 Jun 2021 06:38:36 +0000 Subject: [PATCH 08/26] gnome.eog: 40.1 -> 40.2 (cherry picked from commit 381dcecd65e14f1b71b4a2491fe3da0dc8401930) --- pkgs/desktops/gnome/core/eog/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/desktops/gnome/core/eog/default.nix b/pkgs/desktops/gnome/core/eog/default.nix index 426a8783352..e67a623069b 100644 --- a/pkgs/desktops/gnome/core/eog/default.nix +++ b/pkgs/desktops/gnome/core/eog/default.nix @@ -28,11 +28,11 @@ stdenv.mkDerivation rec { pname = "eog"; - version = "40.1"; + version = "40.2"; src = fetchurl { url = "mirror://gnome/sources/${pname}/${lib.versions.major version}/${pname}-${version}.tar.xz"; - sha256 = "sha256-e+CGA3/tm2v4S6yXqD48kYMBt+nJavEwsnJS0KURFok="; + sha256 = "sha256-kITimZMftX3ih+V9vS7i0pf7Z0DA1TW52o1fGWqP0ZU="; }; nativeBuildInputs = [ From 0b1af950c19f722292dd1a9d9ce0b893e35ab5fc Mon Sep 17 00:00:00 2001 From: Sage Raflik Date: Fri, 28 May 2021 11:22:47 -0500 Subject: [PATCH 09/26] dwm: restored config patch interface (cherry picked from commit 6e9a1ab020cfdfb3cce4a88a8da118729e319645) --- pkgs/top-level/all-packages.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index a161dee933f..2bca61029b6 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -23093,7 +23093,11 @@ in dwl = callPackage ../applications/window-managers/dwl { }; - dwm = callPackage ../applications/window-managers/dwm { }; + dwm = callPackage ../applications/window-managers/dwm { + # dwm is configured entirely through source modification. Allow users to + # specify patches through nixpkgs.config.dwm.patches + patches = config.dwm.patches or []; + }; dwmblocks = callPackage ../applications/misc/dwmblocks { }; From 01c2ac927a4972942ac5b03d34e2d4026ee19d46 Mon Sep 17 00:00:00 2001 From: Sage Raflik Date: Fri, 28 May 2021 13:06:29 -0500 Subject: [PATCH 10/26] dwm: added neonfuz as maintainer (cherry picked from commit d4bfc63516385d29f6b300caa945228beeed7244) --- pkgs/applications/window-managers/dwm/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/applications/window-managers/dwm/default.nix b/pkgs/applications/window-managers/dwm/default.nix index 2c3ed2e47e8..088581b6701 100644 --- a/pkgs/applications/window-managers/dwm/default.nix +++ b/pkgs/applications/window-managers/dwm/default.nix @@ -40,7 +40,7 @@ stdenv.mkDerivation rec { tags. ''; license = licenses.mit; - maintainers = with maintainers; [ viric ]; + maintainers = with maintainers; [ viric neonfuz ]; platforms = platforms.all; }; } From 3eb0a0f9215424d3d4a7631c1b3310483af1ed3f Mon Sep 17 00:00:00 2001 From: Michal Sojka Date: Wed, 9 Jun 2021 17:09:59 +0200 Subject: [PATCH 11/26] firefox: Make CUPS printers visible in the print dialog Firefox 81 introduced a new print dialog. Under NixOS, this dialog offers only "Save as PDF" as the destination. To print to a real printer, one has to click "Print using the system dialog" and print from there. This is not only one unnecessary extra click, but the system dialog also does not offer preview. With this commit, Firefox starts offering real printers in its printing dialog, removing the above mentioned deficiencies. CUPS is needed because Firefox uses dlopen() to load libcups.so.2 at runtime. See https://searchfox.org/mozilla-central/rev/b52cf6bbe214bd9d93ed9333d0403f7d556ad7c8/widget/nsCUPSShim.cpp#28 (cherry picked from commit 5102a1247103e7f23fdad9710f1887807b31e37f) --- pkgs/applications/networking/browsers/firefox/wrapper.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pkgs/applications/networking/browsers/firefox/wrapper.nix b/pkgs/applications/networking/browsers/firefox/wrapper.nix index 13becfc4f62..f338a41be71 100644 --- a/pkgs/applications/networking/browsers/firefox/wrapper.nix +++ b/pkgs/applications/networking/browsers/firefox/wrapper.nix @@ -11,6 +11,7 @@ , libkrb5 , libva , mesa # firefox wants gbm for drm+dmabuf +, cups }: ## configurability of the wrapper itself @@ -62,7 +63,7 @@ let ++ lib.optional (cfg.enableFXCastBridge or false) fx_cast_bridge ++ extraNativeMessagingHosts ); - libs = lib.optionals stdenv.isLinux [ udev libva mesa libnotify xorg.libXScrnSaver ] + libs = lib.optionals stdenv.isLinux [ udev libva mesa libnotify xorg.libXScrnSaver cups ] ++ lib.optional (pipewireSupport && lib.versionAtLeast version "83") pipewire ++ lib.optional ffmpegSupport ffmpeg ++ lib.optional gssSupport libkrb5 From 044a0d06c736e94dcbb33fd6ece6bfb5be15caff Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Samuel=20Gr=C3=A4fenstein?= Date: Sun, 23 May 2021 02:07:03 +0200 Subject: [PATCH 12/26] nixos-rebuild: fix creating ./result symlink for flakes (cherry picked from commit 531dc2e0f12673cce9cc6ea3dc5fd8bfef39c9bf) --- pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) mode change 100644 => 100755 pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh diff --git a/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh b/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh old mode 100644 new mode 100755 index 2b94f18f538..890c070a27a --- a/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh +++ b/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh @@ -215,7 +215,12 @@ nixBuild() { } nixFlakeBuild() { - if [ -z "$buildHost" ]; then + if [[ -z "$buildHost" && -z "$targetHost" ]] && + ! [ "$action" = switch -o "$action" = boot ] + then + nix "${flakeFlags[@]}" build "$@" + readlink -f ./result + elif [ -z "$buildHost" ]; then nix "${flakeFlags[@]}" build "$@" --out-link "${tmpDir}/result" readlink -f "${tmpDir}/result" else From 62f818272f045938d7c6086df8d0050065d27b95 Mon Sep 17 00:00:00 2001 From: Thomas Gerbet Date: Sun, 13 Jun 2021 12:58:07 +0200 Subject: [PATCH 13/26] spice: 0.14.2 -> 0.15.0 Fixes CVE-2021-20201. (cherry picked from commit 05c0b157dca604b98d057951715cb01cdfe0e1af) --- .../libraries/spice/correct-meson.patch | 26 ------------------- pkgs/development/libraries/spice/default.nix | 11 +++----- 2 files changed, 3 insertions(+), 34 deletions(-) delete mode 100644 pkgs/development/libraries/spice/correct-meson.patch diff --git a/pkgs/development/libraries/spice/correct-meson.patch b/pkgs/development/libraries/spice/correct-meson.patch deleted file mode 100644 index d3422cb915b..00000000000 --- a/pkgs/development/libraries/spice/correct-meson.patch +++ /dev/null @@ -1,26 +0,0 @@ -diff --git a/meson.build b/meson.build -index 8b8ae8bb..e58c436c 100644 ---- a/meson.build -+++ b/meson.build -@@ -2,7 +2,7 @@ - # project definition - # - project('spice', 'c', -- version : run_command('build-aux/git-version-gen', '${MESON_SOURCE_ROOT}/.tarball-version', check : true).stdout().strip(), -+ version : run_command('build-aux/git-version-gen', meson.source_root() + '/.tarball-version', check : true).stdout().strip(), - license : 'LGPLv2.1', - meson_version : '>= 0.48') - -diff --git a/server/meson.build b/server/meson.build -index 34d8eef1..988ccab2 100644 ---- a/server/meson.build -+++ b/server/meson.build -@@ -7,7 +7,7 @@ version_info = meson.project_version().split('.') - major = '@0@'.format(version_info[0]) - minor = '@0@'.format(version_info[1]) - micro = version_info[2].to_int() --if not version_info[3].contains('git') -+if not version_info.contains('git') - micro += 1 - endif - micro = '@0@'.format(micro) diff --git a/pkgs/development/libraries/spice/default.nix b/pkgs/development/libraries/spice/default.nix index 584b1e15a8e..1934866f138 100644 --- a/pkgs/development/libraries/spice/default.nix +++ b/pkgs/development/libraries/spice/default.nix @@ -26,18 +26,13 @@ stdenv.mkDerivation rec { pname = "spice"; - version = "0.14.2"; + version = "0.15.0"; src = fetchurl { - url = "https://www.spice-space.org/download/releases/${pname}-${version}.tar.bz2"; - sha256 = "19r999py9v9c7md2bb8ysj809ag1hh6djl1ik8jcgx065s4b60xj"; + url = "https://www.spice-space.org/download/releases/spice-server/${pname}-${version}.tar.bz2"; + sha256 = "1xd0xffw0g5vvwbq4ksmm3jjfq45f9dw20xpmi82g1fj9f7wy85k"; }; - patches = [ - # submitted https://gitlab.freedesktop.org/spice/spice/merge_requests/4 - ./correct-meson.patch - ]; - postPatch = '' patchShebangs build-aux ''; From 09ea65e0e256298b2432c059db8ec7b98850de11 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Wed, 26 May 2021 08:20:56 +0000 Subject: [PATCH 14/26] jbang: 0.70.0 -> 0.71.1 (cherry picked from commit 717c9381241651fcccc21ef4b96681b5f37786d7) --- pkgs/development/tools/jbang/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/tools/jbang/default.nix b/pkgs/development/tools/jbang/default.nix index dfef3906602..1220ec90d90 100644 --- a/pkgs/development/tools/jbang/default.nix +++ b/pkgs/development/tools/jbang/default.nix @@ -1,12 +1,12 @@ { stdenv, lib, fetchzip, jdk, makeWrapper, coreutils, curl }: stdenv.mkDerivation rec { - version = "0.70.0"; + version = "0.71.1"; pname = "jbang"; src = fetchzip { url = "https://github.com/jbangdev/jbang/releases/download/v${version}/${pname}-${version}.tar"; - sha256 = "sha256-Fy7TvWJVRJI5fhfZzMuW+KBLaVLWKjk/I3Kx60Wazyo="; + sha256 = "sha256-+s2Wa+5Qznqpv84VEZCMmzy0bI1mN/BknPObYqJlaYs="; }; nativeBuildInputs = [ makeWrapper ]; From fd334c5224063a7a8d1f3024b2e183c138a90c30 Mon Sep 17 00:00:00 2001 From: Francesco Gazzetta Date: Tue, 22 Jun 2021 14:37:25 +0200 Subject: [PATCH 15/26] twemoji-color-font: 13.0.1 -> 13.1.0 (cherry picked from commit e0c9a230ced1cf06a58733db88741c8a6607dd30) --- pkgs/data/fonts/twemoji-color-font/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/data/fonts/twemoji-color-font/default.nix b/pkgs/data/fonts/twemoji-color-font/default.nix index a2fde6813b7..ae1d3f9927f 100644 --- a/pkgs/data/fonts/twemoji-color-font/default.nix +++ b/pkgs/data/fonts/twemoji-color-font/default.nix @@ -5,20 +5,20 @@ stdenv.mkDerivation rec { pname = "twemoji-color-font"; - version = "13.0.1"; + version = "13.1.0"; # We fetch the prebuilt font because building it takes 1.5 hours on hydra. # Relevant issue: https://github.com/NixOS/nixpkgs/issues/97871 src = fetchurl { url = "https://github.com/eosrei/twemoji-color-font/releases/download/v${version}/TwitterColorEmoji-SVGinOT-Linux-${version}.tar.gz"; - sha256 = "1mn2cb6a3v0q8i81s9a8bk49nbwxq91n6ki7827i7rhjkncb0mbn"; + sha256 = "sha256-V8DWUUAK+HLDPcq3izPs174PfUnaSeLByDpZwhUIX5Q="; }; dontBuild = true; installPhase = '' install -Dm755 TwitterColorEmoji-SVGinOT.ttf $out/share/fonts/truetype/TwitterColorEmoji-SVGinOT.ttf - install -Dm644 fontconfig/56-twemoji-color.conf $out/etc/fonts/conf.d/56-twemoji-color.conf + install -Dm644 fontconfig/46-twemoji-color.conf $out/etc/fonts/conf.d/46-twemoji-color.conf ''; meta = with lib; { From 936f34d99c0fba24973aa63172b0669cd62aa75b Mon Sep 17 00:00:00 2001 From: Jeremy Kolb Date: Fri, 9 Jul 2021 16:21:51 -0400 Subject: [PATCH 16/26] open-vm-tools: 11.2.5 -> 11.3.0 Move to the latest version of open-vm-tools. This fixes automatic KMS. (cherry picked from commit 398cab1a2b7a957a5abc6a5f19089f09ae07df78) --- .../virtualization/open-vm-tools/default.nix | 29 ++++--------------- 1 file changed, 5 insertions(+), 24 deletions(-) diff --git a/pkgs/applications/virtualization/open-vm-tools/default.nix b/pkgs/applications/virtualization/open-vm-tools/default.nix index e7479957444..2a87b906788 100644 --- a/pkgs/applications/virtualization/open-vm-tools/default.nix +++ b/pkgs/applications/virtualization/open-vm-tools/default.nix @@ -1,18 +1,19 @@ { stdenv, lib, fetchFromGitHub, makeWrapper, autoreconfHook, fetchpatch, - fuse, libmspack, openssl, pam, xercesc, icu, libdnet, procps, libtirpc, rpcsvc-proto, + bash, fuse, libmspack, openssl, pam, xercesc, icu, libdnet, procps, libtirpc, rpcsvc-proto, libX11, libXext, libXinerama, libXi, libXrender, libXrandr, libXtst, pkg-config, glib, gdk-pixbuf-xlib, gtk3, gtkmm3, iproute2, dbus, systemd, which, + linux-pam, libdrm, udev, withX ? true }: stdenv.mkDerivation rec { pname = "open-vm-tools"; - version = "11.2.5"; + version = "11.3.0"; src = fetchFromGitHub { owner = "vmware"; repo = "open-vm-tools"; rev = "stable-${version}"; - sha256 = "sha256-Jv+NSKw/+l+b4lfVGgCZFlcTScO/WAO/d7DtI0FAEV4="; + sha256 = "1yfffxc7drr1hyg28jcvly7jn1bm4ca76lmma5ykbmba2qqszx49"; }; sourceRoot = "${src.name}/open-vm-tools"; @@ -20,26 +21,10 @@ stdenv.mkDerivation rec { outputs = [ "out" "dev" ]; nativeBuildInputs = [ autoreconfHook makeWrapper pkg-config ]; - buildInputs = [ fuse glib icu libdnet libmspack libtirpc openssl pam procps rpcsvc-proto xercesc ] + buildInputs = [ fuse glib icu libdnet libdrm libmspack libtirpc openssl pam procps rpcsvc-proto udev xercesc ] ++ lib.optionals withX [ gdk-pixbuf-xlib gtk3 gtkmm3 libX11 libXext libXinerama libXi libXrender libXrandr libXtst ]; - patches = [ - # Fix building with glib 2.68. Remove after next release. - # We drop AUTHORS due to conflicts when applying. - # https://github.com/vmware/open-vm-tools/pull/505 - (fetchpatch { - url = "https://github.com/vmware/open-vm-tools/commit/82931a1bcb39d5132910c7fb2ddc086c51d06662.patch"; - stripLen = 1; - excludes = [ "AUTHORS" ]; - sha256 = "0yz5hnngr5vd4416hvmh8734a9vxa18d2xd37kl7if0p9vik6zlg"; - }) - ]; - postPatch = '' - # Build bugfix for 10.1.0, stolen from Arch PKGBUILD - mkdir -p common-agent/etc/config - sed -i 's|.*common-agent/etc/config/Makefile.*|\\|' configure.ac - sed -i 's,etc/vmware-tools,''${prefix}/etc/vmware-tools,' Makefile.am sed -i 's,^confdir = ,confdir = ''${prefix},' scripts/Makefile.am sed -i 's,usr/bin,''${prefix}/usr/bin,' scripts/Makefile.am @@ -60,10 +45,6 @@ stdenv.mkDerivation rec { enableParallelBuilding = true; NIX_CFLAGS_COMPILE = builtins.toString [ - # igrone glib-2.62 deprecations - # Drop in next stable release. - "-DGLIB_DISABLE_DEPRECATION_WARNINGS" - # fix build with gcc9 "-Wno-error=address-of-packed-member" "-Wno-error=format-overflow" From 94f0dea33bb9f6c7d793b68051681cd127c0e6b3 Mon Sep 17 00:00:00 2001 From: Jeremy Kolb Date: Sun, 11 Jul 2021 18:42:02 -0400 Subject: [PATCH 17/26] open-vm-tools: Copy the udev files over correctly (cherry picked from commit 42ea61bc7dacc8360eb87152635f5f14f003c18d) --- nixos/modules/virtualisation/vmware-guest.nix | 2 ++ .../applications/virtualization/open-vm-tools/default.nix | 8 ++++++-- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/nixos/modules/virtualisation/vmware-guest.nix b/nixos/modules/virtualisation/vmware-guest.nix index 962a9059ea4..9465a8d6800 100644 --- a/nixos/modules/virtualisation/vmware-guest.nix +++ b/nixos/modules/virtualisation/vmware-guest.nix @@ -56,5 +56,7 @@ in ${open-vm-tools}/bin/vmware-user-suid-wrapper ''; }; + + services.udev.packages = [ open-vm-tools ]; }; } diff --git a/pkgs/applications/virtualization/open-vm-tools/default.nix b/pkgs/applications/virtualization/open-vm-tools/default.nix index 2a87b906788..4fa334da040 100644 --- a/pkgs/applications/virtualization/open-vm-tools/default.nix +++ b/pkgs/applications/virtualization/open-vm-tools/default.nix @@ -30,7 +30,6 @@ stdenv.mkDerivation rec { sed -i 's,usr/bin,''${prefix}/usr/bin,' scripts/Makefile.am sed -i 's,etc/vmware-tools,''${prefix}/etc/vmware-tools,' services/vmtoolsd/Makefile.am sed -i 's,$(PAM_PREFIX),''${prefix}/$(PAM_PREFIX),' services/vmtoolsd/Makefile.am - sed -i 's,$(UDEVRULESDIR),''${prefix}/$(UDEVRULESDIR),' udev/Makefile.am # Avoid a glibc >= 2.25 deprecation warning that gets fatal via -Werror. sed 1i'#include ' -i lib/wiper/wiperPosix.c @@ -39,7 +38,7 @@ stdenv.mkDerivation rec { sed -i 's,/sbin/shutdown,shutdown,' lib/system/systemLinux.c ''; - configureFlags = [ "--without-kernel-modules" "--without-xmlsecurity" ] + configureFlags = [ "--without-kernel-modules" "--without-xmlsecurity" "--with-udev-rules-dir=${placeholder "out"}/lib/udev/rules.d" ] ++ lib.optional (!withX) "--without-x"; enableParallelBuilding = true; @@ -50,9 +49,14 @@ stdenv.mkDerivation rec { "-Wno-error=format-overflow" ]; + preConfigure = '' + mkdir -p ${placeholder "out"}/lib/udev/rules.d + ''; + postInstall = '' wrapProgram "$out/etc/vmware-tools/scripts/vmware/network" \ --prefix PATH ':' "${lib.makeBinPath [ iproute2 dbus systemd which ]}" + substituteInPlace "$out/lib/udev/rules.d/99-vmware-scsi-udev.rules" --replace "/bin/sh" "${bash}/bin/sh" ''; meta = with lib; { From 22180dc1d0f90b90032bb03900b75a06e4bce359 Mon Sep 17 00:00:00 2001 From: Jeremy Kolb Date: Mon, 12 Jul 2021 06:34:38 -0400 Subject: [PATCH 18/26] Update pkgs/applications/virtualization/open-vm-tools/default.nix Co-authored-by: Sandro (cherry picked from commit 808ee853e73efd91fcff13059ff9cc8777e85af9) --- pkgs/applications/virtualization/open-vm-tools/default.nix | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/virtualization/open-vm-tools/default.nix b/pkgs/applications/virtualization/open-vm-tools/default.nix index 4fa334da040..e57de946e11 100644 --- a/pkgs/applications/virtualization/open-vm-tools/default.nix +++ b/pkgs/applications/virtualization/open-vm-tools/default.nix @@ -38,8 +38,11 @@ stdenv.mkDerivation rec { sed -i 's,/sbin/shutdown,shutdown,' lib/system/systemLinux.c ''; - configureFlags = [ "--without-kernel-modules" "--without-xmlsecurity" "--with-udev-rules-dir=${placeholder "out"}/lib/udev/rules.d" ] - ++ lib.optional (!withX) "--without-x"; + configureFlags = [ + "--without-kernel-modules" + "--without-xmlsecurity" + "--with-udev-rules-dir=${placeholder "out"}/lib/udev/rules.d" + ] ++ lib.optional (!withX) "--without-x"; enableParallelBuilding = true; From 91fcbe8f4f14356ab889d826c955075bfb70b3d6 Mon Sep 17 00:00:00 2001 From: Jeremy Kolb Date: Mon, 12 Jul 2021 06:40:10 -0400 Subject: [PATCH 19/26] Remove unused dependencies (cherry picked from commit 5f093827334ab825c8e9f9fc367ad20adbd7103a) --- pkgs/applications/virtualization/open-vm-tools/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/virtualization/open-vm-tools/default.nix b/pkgs/applications/virtualization/open-vm-tools/default.nix index e57de946e11..3c8c90a98a3 100644 --- a/pkgs/applications/virtualization/open-vm-tools/default.nix +++ b/pkgs/applications/virtualization/open-vm-tools/default.nix @@ -1,8 +1,8 @@ -{ stdenv, lib, fetchFromGitHub, makeWrapper, autoreconfHook, fetchpatch, +{ stdenv, lib, fetchFromGitHub, makeWrapper, autoreconfHook, bash, fuse, libmspack, openssl, pam, xercesc, icu, libdnet, procps, libtirpc, rpcsvc-proto, libX11, libXext, libXinerama, libXi, libXrender, libXrandr, libXtst, pkg-config, glib, gdk-pixbuf-xlib, gtk3, gtkmm3, iproute2, dbus, systemd, which, - linux-pam, libdrm, udev, + libdrm, udev, withX ? true }: stdenv.mkDerivation rec { From ef3ff52c1eb3246d61dc7df8eceb42f29acd45e9 Mon Sep 17 00:00:00 2001 From: Sandro Date: Wed, 14 Jul 2021 02:14:35 +0200 Subject: [PATCH 20/26] Update pkgs/applications/virtualization/open-vm-tools/default.nix (cherry picked from commit c619e11879529877bd102b5f1eeff7e78daa4c87) --- .../virtualization/open-vm-tools/default.nix | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/pkgs/applications/virtualization/open-vm-tools/default.nix b/pkgs/applications/virtualization/open-vm-tools/default.nix index 3c8c90a98a3..da0a07c60a5 100644 --- a/pkgs/applications/virtualization/open-vm-tools/default.nix +++ b/pkgs/applications/virtualization/open-vm-tools/default.nix @@ -1,9 +1,10 @@ -{ stdenv, lib, fetchFromGitHub, makeWrapper, autoreconfHook, - bash, fuse, libmspack, openssl, pam, xercesc, icu, libdnet, procps, libtirpc, rpcsvc-proto, - libX11, libXext, libXinerama, libXi, libXrender, libXrandr, libXtst, - pkg-config, glib, gdk-pixbuf-xlib, gtk3, gtkmm3, iproute2, dbus, systemd, which, - libdrm, udev, - withX ? true }: +{ stdenv, lib, fetchFromGitHub, makeWrapper, autoreconfHook +, bash, fuse, libmspack, openssl, pam, xercesc, icu, libdnet, procps, libtirpc, rpcsvc-proto +, libX11, libXext, libXinerama, libXi, libXrender, libXrandr, libXtst +, pkg-config, glib, gdk-pixbuf-xlib, gtk3, gtkmm3, iproute2, dbus, systemd, which +, libdrm, udev +, withX ? true +}: stdenv.mkDerivation rec { pname = "open-vm-tools"; From 1a9c8739fd57f9a7fa28de5cb29ee7a338ce6d23 Mon Sep 17 00:00:00 2001 From: Artturin Date: Wed, 21 Jul 2021 21:12:41 +0300 Subject: [PATCH 21/26] strawberry: add glib-networking (cherry picked from commit e060a9515343e5240e2f6a4ff8354ff2a0096b43) --- pkgs/applications/audio/strawberry/default.nix | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/audio/strawberry/default.nix b/pkgs/applications/audio/strawberry/default.nix index c8ffba2c2a7..8e052759231 100644 --- a/pkgs/applications/audio/strawberry/default.nix +++ b/pkgs/applications/audio/strawberry/default.nix @@ -28,6 +28,7 @@ , qtx11extras , qttools , withGstreamer ? true +, glib-networking , gst_all_1 ? null , withVlc ? true , libvlc ? null @@ -69,6 +70,7 @@ mkDerivation rec { p11-kit ] ++ lib.optionals withGstreamer (with gst_all_1; [ + glib-networking gstreamer gst-plugins-base gst-plugins-good @@ -82,8 +84,11 @@ mkDerivation rec { util-linux ]; - postInstall = '' - qtWrapperArgs+=(--prefix GST_PLUGIN_SYSTEM_PATH_1_0 : "$GST_PLUGIN_SYSTEM_PATH_1_0") + postInstall = lib.optionalString withGstreamer '' + qtWrapperArgs+=( + --prefix GST_PLUGIN_SYSTEM_PATH_1_0 : "$GST_PLUGIN_SYSTEM_PATH_1_0" + --prefix GIO_EXTRA_MODULES : "${glib-networking.out}/lib/gio/modules" + ) ''; meta = with lib; { From e2770d3b95b283e543bb9c4e221c047d04bfa503 Mon Sep 17 00:00:00 2001 From: Artturin Date: Thu, 22 Jul 2021 00:16:45 +0300 Subject: [PATCH 22/26] virtscreen: unbreak (cherry picked from commit 5871962ba579ffef8475300c5f6ed5bfba7f97b9) --- pkgs/tools/admin/virtscreen/default.nix | 25 +++++++++++++++++++++---- 1 file changed, 21 insertions(+), 4 deletions(-) diff --git a/pkgs/tools/admin/virtscreen/default.nix b/pkgs/tools/admin/virtscreen/default.nix index ebfd6c21772..a1558248f80 100644 --- a/pkgs/tools/admin/virtscreen/default.nix +++ b/pkgs/tools/admin/virtscreen/default.nix @@ -1,4 +1,12 @@ -{ lib, stdenv, fetchFromGitHub, python3Packages, x11vnc, xrandr, libGL }: +{ lib +, stdenv +, fetchFromGitHub +, python3Packages +, x11vnc +, xrandr +, libGL +, qt5 +}: python3Packages.buildPythonApplication rec { pname = "virtscreen"; @@ -16,6 +24,8 @@ python3Packages.buildPythonApplication rec { sha256 = "005qach6phz8w17k8kqmyd647c6jkfybczybxq0yxi5ik0s91a08"; }; + nativeBuildInputs = [ qt5.wrapQtAppsHook ]; + propagatedBuildInputs = with python3Packages; [ netifaces pyqt5 @@ -24,10 +34,17 @@ python3Packages.buildPythonApplication rec { xrandr ]; - postPatch = let - ext = stdenv.hostPlatform.extensions.sharedLibrary; in '' + dontWrapQtApps = true; + + makeWrapperArgs = [ + "\${qtWrapperArgs[@]}" + # import Qt.labs.platform failed without this + "--prefix QML2_IMPORT_PATH : ${qt5.qtquickcontrols2.bin}/${qt5.qtbase.qtQmlPrefix}" + ]; + + postPatch = '' substituteInPlace virtscreen/__main__.py \ - --replace "'GL'" "'${libGL}/lib/libGL${ext}'" \ + --replace "'GL'" "'${libGL}/lib/libGL${stdenv.hostPlatform.extensions.sharedLibrary}'" \ ''; meta = with lib; { From 607be851e4ad39f724ac182053513c7ba3169d70 Mon Sep 17 00:00:00 2001 From: Artturin Date: Wed, 30 Jun 2021 23:16:37 +0300 Subject: [PATCH 23/26] hplip: hardcode ppdc path to fix #44230 the ppdc: Warning - overlapping filename can be ignored https://bugs.launchpad.net/hplip/+bug/1756967 (cherry picked from commit 46c7445c34fbd71118b217593b906e3e9df3caa2) --- pkgs/misc/drivers/hplip/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/pkgs/misc/drivers/hplip/default.nix b/pkgs/misc/drivers/hplip/default.nix index 98a67a75f0b..0decad90ae3 100644 --- a/pkgs/misc/drivers/hplip/default.nix +++ b/pkgs/misc/drivers/hplip/default.nix @@ -102,6 +102,10 @@ python3Packages.buildPythonApplication { ]; prePatch = '' + # https://github.com/NixOS/nixpkgs/issues/44230 + substituteInPlace createPPD.sh \ + --replace ppdc "${cups}/bin/ppdc" + # HPLIP hardcodes absolute paths everywhere. Nuke from orbit. find . -type f -exec sed -i \ -e s,/etc/hp,$out/etc/hp,g \ From 91469eef74c940acb2c164eb9d7dbec67015cb04 Mon Sep 17 00:00:00 2001 From: Artturin Date: Thu, 1 Jul 2021 00:37:24 +0300 Subject: [PATCH 24/26] hplip: add -n to gzip to improve reproducibility (cherry picked from commit 1422563f54681f3ea3805fa1b8f3571f20dd7e19) --- pkgs/misc/drivers/hplip/default.nix | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/pkgs/misc/drivers/hplip/default.nix b/pkgs/misc/drivers/hplip/default.nix index 0decad90ae3..c8566bfc07a 100644 --- a/pkgs/misc/drivers/hplip/default.nix +++ b/pkgs/misc/drivers/hplip/default.nix @@ -101,10 +101,11 @@ python3Packages.buildPythonApplication { ./hplip-3.20.11-nixos-cups-ppd-search-path.patch ]; - prePatch = '' + postPatch = '' # https://github.com/NixOS/nixpkgs/issues/44230 substituteInPlace createPPD.sh \ - --replace ppdc "${cups}/bin/ppdc" + --replace ppdc "${cups}/bin/ppdc" \ + --replace "gzip -c" "gzip -cn" # HPLIP hardcodes absolute paths everywhere. Nuke from orbit. find . -type f -exec sed -i \ @@ -153,6 +154,12 @@ python3Packages.buildPythonApplication { export CUPS_DATADIR="${cups}/share/cups" ''; + postConfigure = '' + # don't save timestamp, in order to improve reproducibility + substituteInPlace Makefile \ + --replace "GZIP_ENV = --best" "GZIP_ENV = --best -n" + ''; + enableParallelBuilding = true; # From 5570d49718de4ac5efbd0742c195c967b327ee85 Mon Sep 17 00:00:00 2001 From: Angus Trau Date: Wed, 28 Jul 2021 16:53:48 +1000 Subject: [PATCH 25/26] vscode-extensions.ms-vscode-remote.remote-ssh: 0.50.0 -> 0.65.7 (cherry picked from commit 0cefe482ddbded05c7b483b5c3a005a3a48ad209) --- pkgs/misc/vscode-extensions/remote-ssh/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/misc/vscode-extensions/remote-ssh/default.nix b/pkgs/misc/vscode-extensions/remote-ssh/default.nix index 29ca973a0aa..ab59527d82b 100644 --- a/pkgs/misc/vscode-extensions/remote-ssh/default.nix +++ b/pkgs/misc/vscode-extensions/remote-ssh/default.nix @@ -36,8 +36,8 @@ in mktplcRef = { name = "remote-ssh"; publisher = "ms-vscode-remote"; - version = "0.50.0"; - sha256 = "01pyd6759p5nkjhjy3iplrl748xblr54l1jphk2g02s1n5ds2qb9"; + version = "0.65.7"; + sha256 = "ae86c4be79fc5af747bb1f1aa5841221af80ee7476cc2f1c9ac277fa2fa1d683"; }; postPatch = '' From 712325e1db4095c12cd4106e41364a04bef90c0c Mon Sep 17 00:00:00 2001 From: Robert Scott Date: Sun, 1 Aug 2021 16:25:52 +0100 Subject: [PATCH 26/26] gnome.caribou: add patch for CVE-2021-3567 adding vala requirement as patching triggers a rerun on valac, also needing a fix for semi-modern vala support (cherry picked from commit f13ed324902308e118475c08128c22e91cde982b) --- pkgs/desktops/gnome/core/caribou/default.nix | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/pkgs/desktops/gnome/core/caribou/default.nix b/pkgs/desktops/gnome/core/caribou/default.nix index 5985ff82266..50fb1c3de56 100644 --- a/pkgs/desktops/gnome/core/caribou/default.nix +++ b/pkgs/desktops/gnome/core/caribou/default.nix @@ -1,6 +1,6 @@ { fetchurl, lib, stdenv, pkg-config, gnome, glib, gtk3, clutter, dbus, python3, libxml2 , libxklavier, libXtst, gtk2, intltool, libxslt, at-spi2-core, autoreconfHook -, wrapGAppsHook, libgee }: +, wrapGAppsHook, libgee, vala_0_40 }: let pname = "caribou"; @@ -21,9 +21,19 @@ in stdenv.mkDerivation rec { url = "https://bugzilla.gnome.org/attachment.cgi?id=364774"; sha256 = "15k1455grf6knlrxqbjnk7sals1730b0whj30451scp46wyvykvd"; }) + (fetchurl { + name = "fix-build-modern-vala.patch"; + url = "https://gitlab.gnome.org/GNOME/caribou/-/commit/76fbd11575f918fc898cb0f5defe07f67c11ec38.patch"; + sha256 = "0qy27zk7889hg51nx40afgppcx9iaihxbg3aqz9w35d6fmhr2k2y"; + }) + (fetchurl { + name = "CVE-2021-3567.patch"; + url = "https://gitlab.gnome.org/GNOME/caribou/-/commit/d41c8e44b12222a290eaca16703406b113a630c6.patch"; + sha256 = "1vd2j3823k2p3msv7fq2437p3jvxzbd7hyh07i80g9754ylh92y8"; + }) ]; - nativeBuildInputs = [ pkg-config intltool libxslt libxml2 autoreconfHook wrapGAppsHook ]; + nativeBuildInputs = [ pkg-config intltool libxslt libxml2 autoreconfHook wrapGAppsHook vala_0_40 ]; buildInputs = [ glib gtk3 clutter at-spi2-core dbus pythonEnv python3.pkgs.pygobject3