public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master.upstream' into staging.upstream

Browse Source
This commit is contained in:
William A. Kennington III
2015-07-05 13:06:02 -07:00
parent 2363660191 2d1aafef55
commit d605663ae2
155 changed files with 4271 additions and 2114 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pkgs/tools/X11/xdg-utils/default.nix
View File

@@ -18,7 +18,7 @@ stdenv.mkDerivation rec {
substituteInPlace $item --replace "cut " "${coreutils}/bin/cut "
substituteInPlace $item --replace "sed " "${gnused}/bin/sed "
substituteInPlace $item --replace "egrep " "${gnugrep}/bin/egrep "
sed -i $item -e "s#[^e]grep #${gnugrep}/bin/grep #g" # Don't replace 'egrep'
sed -i $item -re "s#([^e])grep #\1${gnugrep}/bin/grep #g" # Don't replace 'egrep'
substituteInPlace $item --replace "which " "${which}/bin/which "
substituteInPlace $item --replace "/usr/bin/file" "${file}/bin/file"
done

12
pkgs/tools/filesystems/duperemove/default.nix
View File

@@ -1,12 +1,14 @@
{ lib, stdenv, fetchurl, libgcrypt, pkgconfig, glib, linuxHeaders }:
{ lib, stdenv, fetchFromGitHub, libgcrypt, pkgconfig, glib, linuxHeaders }:
stdenv.mkDerivation rec {
name = "duperemove-${version}";
version = "0.09.beta2";
version = "0.09.4";
src = fetchurl {
url = "https://github.com/markfasheh/duperemove/archive/v${version}.tar.gz";
sha256 = "0rn7lf9rjf4ypgfwms2y7b459rri4rfn809h6wx8xl9nbm5niil4";
src = fetchFromGitHub {
owner = "markfasheh";
repo = "duperemove";
rev = "v${version}";
sha256 = "1d586k6rbfqb5557i1p5xq8ngbppbwpxlkw8wqm7d900a3hp36nl";
};
buildInputs = [ libgcrypt pkgconfig glib linuxHeaders ];

8
pkgs/tools/filesystems/glusterfs/default.nix
View File

@@ -6,11 +6,11 @@ let
s = # Generated upstream information
rec {
baseName="glusterfs";
version="3.7.1";
version="3.7.2";
name="${baseName}-${version}";
hash="0d1bcijwvc3rhr24xsn7nnp0b5xwlwvybamb05jzja5m7hapydpw";
url="http://download.gluster.org/pub/gluster/glusterfs/3.7/3.7.1/glusterfs-3.7.1.tar.gz";
sha256="0d1bcijwvc3rhr24xsn7nnp0b5xwlwvybamb05jzja5m7hapydpw";
hash="0cw6p21nnxcvzd8rymd5q0ydlaz4hx4rmv22hwbb39h7a2rvfv79";
url="http://download.gluster.org/pub/gluster/glusterfs/3.7/3.7.2/glusterfs-3.7.2.tar.gz";
sha256="0cw6p21nnxcvzd8rymd5q0ydlaz4hx4rmv22hwbb39h7a2rvfv79";
};
buildInputs = [
fuse bison flex_2_5_35 openssl python ncurses readline

2
pkgs/tools/graphics/asymptote/default.nix
View File

@@ -10,7 +10,7 @@ let
version="2.35";
name="${baseName}-${version}";
hash="11f28vxw0ybhvl7vxmqcdwvw7y6gz55ykw9ybgzb2px6lsvgag7z";
url="http://softlayer-ams.dl.sourceforge.net/project/asymptote/2.35/asymptote-2.35.src.tgz";
url="mirror://sourceforge/asymptote/2.35/asymptote-2.35.src.tgz";
sha256="11f28vxw0ybhvl7vxmqcdwvw7y6gz55ykw9ybgzb2px6lsvgag7z";
};
buildInputs = [

4
pkgs/tools/misc/cloc/default.nix
View File

@@ -4,11 +4,11 @@ stdenv.mkDerivation rec {
name = "cloc-${version}";
version = "1.62";
version = "1.64";
src = fetchurl {
url = "mirror://sourceforge/cloc/cloc-${version}.tar.gz";
sha256 = "1cxc663dccd0sc2m0aj5lxdbnbzrys6rh9n8q122h74bfvsiw4f4";
sha256 = "1w3mz69h2i7pscvi9q7yp7wimds8g38c5ph78cj5pvjl5wa035rh";
};
buildInputs = [ perl AlgorithmDiff RegexpCommon ];

100
pkgs/tools/misc/grub/trusted.nix
View File

@@ -1,26 +1,92 @@
{stdenv, fetchgit, autoconf, automake, buggyBiosCDSupport ? true}:
{ stdenv, fetchurl, fetchgit, autogen, flex, bison, python, autoconf, automake
, gettext, ncurses, libusb, freetype, qemu, devicemapper
}:
stdenv.mkDerivation {
name = "trustedGRUB-1.1.5";
with stdenv.lib;
let
pcSystems = {
"i686-linux".target = "i386";
"x86_64-linux".target = "i386";
};
inPCSystems = any (system: stdenv.system == system) (mapAttrsToList (name: _: name) pcSystems);
version = "2.0-git-2015-07-04";
unifont_bdf = fetchurl {
url = "http://unifoundry.com/unifont-5.1.20080820.bdf.gz";
sha256 = "0s0qfff6n6282q28nwwblp5x295zd6n71kl43xj40vgvdqxv0fxx";
};
po_src = fetchurl {
name = "grub-2.02-beta2.tar.gz";
url = "http://alpha.gnu.org/gnu/grub/grub-2.02~beta2.tar.gz";
sha256 = "1lr9h3xcx0wwrnkxdnkfjwy08j7g7mdlmmbdip2db4zfgi69h0rm";
};
in (
stdenv.mkDerivation rec {
name = "trustedGRUB-${version}";
src = fetchgit {
url = "https://github.com/ts468/TrustedGRUB";
rev = "954941c17e14c8f7b18e6cd3043ef5f946866f1c";
sha256 = "30c21765dc44f02275e66220d6724ec9cd45496226ca28c6db59a9147aa22685";
url = "https://github.com/Sirrix-AG/TrustedGRUB2";
rev = "1865d07bdef7f39916790c77103fb85e99de14a4";
sha256 = "e6bd9edfeb653e98e585fd691a31533b649b2fca1f4a903c70f6ea371014c9f7";
};
# Autoconf/automake required for the splashimage patch.
buildInputs = [autoconf automake];
nativeBuildInputs = [ autogen flex bison python autoconf automake ];
buildInputs = [ ncurses libusb freetype gettext devicemapper ]
++ optional doCheck qemu;
preConfigure = ''
autoreconf
preConfigure =
'' for i in "tests/util/"*.in
do
sed -i "$i" -e's|/bin/bash|/bin/sh|g'
done
# Apparently, the QEMU executable is no longer called
# `qemu-system-i386', even on i386.
#
# In addition, use `-nodefaults' to avoid errors like:
#
# chardev: opening backend "stdio" failed
# qemu: could not open serial device 'stdio': Invalid argument
#
# See <http://www.mail-archive.com/qemu-devel@nongnu.org/msg22775.html>.
sed -i "tests/util/grub-shell.in" \
-e's/qemu-system-i386/qemu-system-x86_64 -nodefaults/g'
'';
prePatch =
'' tar zxf ${po_src} grub-2.02~beta2/po
rm -rf po
mv grub-2.02~beta2/po po
sh autogen.sh
gunzip < "${unifont_bdf}" > "unifont.bdf"
sed -i "configure" \
-e "s|/usr/src/unifont.bdf|$PWD/unifont.bdf|g"
'';
patches = [ ./fix-bash-completion.patch ];
# save target that grub is compiled for
grubTarget = if inPCSystems
then "${pcSystems.${stdenv.system}.target}-pc"
else "";
doCheck = false;
enableParallelBuilding = true;
postInstall = ''
paxmark pms $out/sbin/grub-{probe,bios-setup}
'';
meta = {
homepage = "http://sourceforge.net/projects/trustedgrub/";
repositories.git = https://github.com/ts468/TrustedGRUB;
description = "Legacy GRUB bootloader extended with TCG support";
platforms = stdenv.lib.platforms.linux;
maintainers = with stdenv.lib.maintainers; [ tstrobel ];
meta = with stdenv.lib; {
description = "GRUB 2.0 extended with TCG (TPM) support for integrity measured boot process (trusted boot)";
homepage = https://github.com/Sirrix-AG/TrustedGRUB2;
license = licenses.gpl3Plus;
platforms = platforms.gnu;
};
}
})

8
pkgs/tools/networking/mailsend/default.nix
View File

@@ -3,11 +3,11 @@ let
s = # Generated upstream information
rec {
baseName="mailsend";
version="1.17b15";
version="1.18";
name="${baseName}-${version}";
hash="0sxjrv9yn2xyjak9si0gw2zalsrfqqcvz0indq9ap5fyalj1pjvk";
url="https://github.com/muquit/mailsend/archive/1.17b15.tar.gz";
sha256="0sxjrv9yn2xyjak9si0gw2zalsrfqqcvz0indq9ap5fyalj1pjvk";
hash="1fjrb6q7y2dxx0qz7r0wlhqfkjqq1vfh7yb7jl77h5qi5kd5rm46";
url="https://github.com/muquit/mailsend/archive/1.18.tar.gz";
sha256="1fjrb6q7y2dxx0qz7r0wlhqfkjqq1vfh7yb7jl77h5qi5kd5rm46";
};
buildInputs = [
openssl

57
pkgs/tools/networking/minidlna/config.patch
View File

@@ -1,57 +0,0 @@
diff -rc minidlna-1.0.24/genconfig.sh minidlna-1.0.24-new/genconfig.sh
*** minidlna-1.0.24/genconfig.sh 2012-06-24 20:08:26.697884140 +0200
--- minidlna-1.0.24-new/genconfig.sh 2012-06-24 20:10:44.742874979 +0200
***************
*** 38,68 ****
${RM} ${CONFIGFILE}
- # Detect if there are missing headers
- # NOTE: This check only works with a normal distro
- [ ! -e "/usr/include/sqlite3.h" ] && MISSING="libsqlite3 $MISSING"
- [ ! -e "/usr/include/jpeglib.h" ] && MISSING="libjpeg $MISSING"
- [ ! -e "/usr/include/libexif/exif-loader.h" ] && MISSING="libexif $MISSING"
- [ ! -e "/usr/include/id3tag.h" ] && MISSING="libid3tag $MISSING"
- [ ! -e "/usr/include/ogg/ogg.h" ] && MISSING="libogg $MISSING"
- [ ! -e "/usr/include/vorbis/codec.h" ] && MISSING="libvorbis $MISSING"
- [ ! -e "/usr/include/FLAC/metadata.h" ] && MISSING="libflac $MISSING"
- [ ! -e "/usr/include/ffmpeg/avutil.h" -a \
- ! -e "/usr/include/libavutil/avutil.h" -a \
- ! -e "/usr/include/ffmpeg/libavutil/avutil.h" ] && MISSING="libavutil $MISSING"
- [ ! -e "/usr/include/ffmpeg/avformat.h" -a \
- ! -e "/usr/include/libavformat/avformat.h" -a \
- ! -e "/usr/include/ffmpeg/libavformat/avformat.h" ] && MISSING="libavformat $MISSING"
- [ ! -e "/usr/include/ffmpeg/avcodec.h" -a \
- ! -e "/usr/include/libavcodec/avcodec.h" -a \
- ! -e "/usr/include/ffmpeg/libavcodec/avcodec.h" ] && MISSING="libavcodec $MISSING"
- if [ -n "$MISSING" ]; then
- echo -e "\nERROR! Cannot continue."
- echo -e "The following required libraries are either missing, or are missing development headers:\n"
- echo -e "$MISSING\n"
- exit 1
- fi
-
echo "/* MiniDLNA Project" >> ${CONFIGFILE}
echo " * http://sourceforge.net/projects/minidlna/" >> ${CONFIGFILE}
echo " * (c) 2008-2009 Justin Maggard" >> ${CONFIGFILE}
--- 38,43 ----
diff -rc minidlna-1.0.24/Makefile minidlna-1.0.24-new/Makefile
*** minidlna-1.0.24/Makefile 2012-06-24 20:16:08.673195909 +0200
--- minidlna-1.0.24-new/Makefile 2012-06-24 20:16:18.615267052 +0200
***************
*** 64,70 ****
$(INSTALL) -d $(ETCINSTALLDIR)
$(INSTALL) --mode=0644 minidlna.conf $(ETCINSTALLDIR)
! minidlna: $(BASEOBJS) $(LNXOBJS) $(LIBS)
@echo Linking $@
@$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(BASEOBJS) $(LNXOBJS) $(LIBS)
--- 64,70 ----
$(INSTALL) -d $(ETCINSTALLDIR)
$(INSTALL) --mode=0644 minidlna.conf $(ETCINSTALLDIR)
! minidlna: $(BASEOBJS) $(LNXOBJS)
@echo Linking $@
@$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(BASEOBJS) $(LNXOBJS) $(LIBS)

13
pkgs/tools/networking/minidlna/default.nix
View File

@@ -1,23 +1,20 @@
{ stdenv, fetchurl, ffmpeg, flac, libvorbis, libogg, libid3tag, libexif, libjpeg, sqlite }:
{ stdenv, fetchurl, ffmpeg, flac, libvorbis, libogg, libid3tag, libexif, libjpeg, sqlite, gettext }:
let version = "1.0.25"; in
let version = "1.1.4"; in
stdenv.mkDerivation rec {
name = "minidlna-${version}";
src = fetchurl {
url = "mirror://sourceforge/project/minidlna/minidlna/${version}/minidlna_${version}_src.tar.gz";
sha256 = "0l987x3bx2apnlihnjbhywgk5b2g9ysiapwclz5vphj2w3xn018p";
url = "mirror://sourceforge/project/minidlna/minidlna/${version}/minidlna-${version}.tar.gz";
sha256 = "9814c04a2c506a0dd942c4218d30c07dedf90dabffbdef2d308a3f9f23545314";
};
patches = [ ./config.patch ];
preConfigure = ''
export NIX_CFLAGS_COMPILE="$NIX_CFLAGS_COMPILE -I${ffmpeg}/include/libavutil -I${ffmpeg}/include/libavcodec -I${ffmpeg}/include/libavformat"
export makeFlags="INSTALLPREFIX=$out"
'';
buildInputs = [ ffmpeg flac libvorbis libogg libid3tag libexif libjpeg sqlite ];
buildInputs = [ ffmpeg flac libvorbis libogg libid3tag libexif libjpeg sqlite gettext ];
meta = {
description = "Media server software";

2
pkgs/tools/package-management/nox/default.nix
View File

@@ -10,6 +10,8 @@ pythonPackages.buildPythonPackage rec {
sha256 = "1s1jhickdhym70qrb5h4qxq1mvkpwgdppqpfb2jnpfaf1az6c207";
};
patches = [ ./show-trace.patch ];
buildInputs = [ pythonPackages.pbr ];
pythonPath = with pythonPackages; [

41
pkgs/tools/package-management/nox/show-trace.patch Normal file
View File

@@ -0,0 +1,41 @@
From: Tobias Geerinckx-Rice <tobias.geerinckx.rice@gmail.com>
Date: Tue, 2 Jun 2015 13:04:19 +0200
Subject: [PATCH] Run `nix-env` & `nix-shell` with `--show-trace`
Evaluation is broken often enough that this seems wise.
Debugging such errors without a backtrace is most unpleasant.
diff -Naur nix-nox-0.0.1/nox/nixpkgs_repo.py nix-nox-0.0.1b/nox/nixpkgs_repo.py
--- nox/nox/nixpkgs_repo.py 2014-10-26 21:50:33.000000000 +0100
+++ nox/nox/nixpkgs_repo.py 2015-07-03 04:46:08.114975479 +0200
@@ -75,7 +75,7 @@
def packages(path):
"""List all nix packages in the repo, as a set"""
- output = subprocess.check_output(['nix-env', '-f', path, '-qaP', '--drv-path'],
+ output = subprocess.check_output(['nix-env', '-f', path, '-qaP', '--drv-path', '--show-trace'],
universal_newlines=True)
return set(output.split('\n'))
diff -Naur nix-nox-0.0.1/nox/search.py nix-nox-0.0.1b/nox/search.py
--- nox/nox/search.py 2014-09-20 14:55:33.000000000 +0200
+++ nox/nox/search.py 2015-07-03 04:46:54.264813143 +0200
@@ -10,7 +10,7 @@
def nix_packages_json():
click.echo('Refreshing cache')
- output = subprocess.check_output(['nix-env', '-qa', '--json'],
+ output = subprocess.check_output(['nix-env', '-qa', '--json', '--show-trace'],
universal_newlines=True)
return json.loads(output)
@@ -70,7 +70,7 @@
value_proc=parse_input)
attributes = [p.attribute for p in packages]
if action == 'install':
- subprocess.check_call(['nix-env', '-iA'] + attributes)
+ subprocess.check_call(['nix-env', '-iA', '--show-trace'] + attributes)
elif action == 'shell':
attributes = [a[len('nixpkgs.'):] for a in attributes]
- subprocess.check_call(['nix-shell', '-p'] + attributes)
+ subprocess.check_call(['nix-shell', '-p', '--show-trace'] + attributes)

81
pkgs/tools/security/chaps/default.nix Normal file
View File

@@ -0,0 +1,81 @@
{ stdenv, fetchgit, fetchurl, trousers, leveldb, unzip, scons, pkgconfig
, glib, dbus_cplusplus, dbus, protobuf, openssl, snappy, pam }:
let
src_chromebase = fetchgit {
url = "https://chromium.googlesource.com/chromium/src/base.git";
rev = "2dfe404711e15e24e79799516400c61b2719d7af";
sha256 = "2bd93a3ace4b6767db2c1bd1e16f426c97b8d2133a9cb15f8372b2516cfa65c5";
};
src_gmock = fetchurl {
url = "https://googlemock.googlecode.com/files/gmock-1.7.0.zip";
sha256 = "0nq98cpnv2jsx2byp4ilam6kydcnziflkc16ikydajmp4mcvpz16";
};
src_platform2 = fetchgit {
url = "https://chromium.googlesource.com/chromiumos/platform2";
rev = "e999e989eaa71c3db7314fc7b4e20829b2b5473b";
sha256 = "bb43ef7918ec6219711cbba3ce91236413738f1341261a1845256b3d6cc9f843";
};
in
stdenv.mkDerivation rec {
name = "chaps-0.42-6812";
version = "0.42-6812";
src = fetchgit {
url = "https://github.com/google/chaps-linux";
rev = "989aadc45cdb216ca35b0c97d13fc691576fa1d7";
sha256 = "c58e08e89d36050cd831116819d555f0e24e7bf11047cb18f2a2eead45ba67be";
};
patches = [ ./fix_absolute_path.patch ./fix_environment_variables.patch ./fix_scons.patch ./insert_prefetches.patch ];
postPatch = ''
substituteInPlace makefile --replace @@NIXOS_SRC_CHROMEBASE@@ ${src_chromebase}
substituteInPlace makefile --replace @@NIXOS_SRC_GMOCK@@ ${src_gmock}
substituteInPlace makefile --replace @@NIXOS_SRC_PLATFORM2@@ ${src_platform2}
substituteInPlace makefile --replace @@NIXOS_LEVELDB@@ ${leveldb}
'';
nativeBuildInputs = [ unzip scons pkgconfig ];
buildInputs = [ trousers glib dbus_cplusplus dbus protobuf openssl snappy leveldb pam ];
buildPhase = ''
make build
'';
installPhase = ''
mkdir -p $out/bin
cp ${name}/out/chapsd $out/bin/.
cp ${name}/out/chaps_client $out/bin/.
mkdir -p $out/lib
cp ${name}/out/libchaps.so.* $out/lib/.
mkdir -p $out/lib/security
cp ${name}/out/pam_chaps.so $out/lib/security/.
mkdir -p $out/include
cp -r ${name}/out/chaps $out/include/.
mkdir -p $out/etc/dbus-1/system.d
cp ${name}/out/org.chromium.Chaps.conf $out/etc/dbus-1/system.d/.
mkdir -p $out/etc/dbus-1/system-services
cp ${name}/platform2/chaps/org.chromium.Chaps.service $out/etc/dbus-1/system-services/.
mkdir -p $out/usr/share/pam-configs/chaps
mkdir -p $out/usr/share/man/man8
cp ${name}/man/* $out/usr/share/man/man8/.
'';
meta = with stdenv.lib; {
description = "PKCS #11 implementation based on trusted platform module (TPM)";
homepage = "https://www.chromium.org/developers/design-documents/chaps-technical-design";
maintainers = [ maintainers.tstrobel ];
platforms = platforms.linux;
license = licenses.bsd3;
};
}

18
pkgs/tools/security/chaps/fix_absolute_path.patch Normal file
View File

@@ -0,0 +1,18 @@
diff --git a/patches/platform2/fix_echo.patch b/patches/platform2/fix_echo.patch
new file mode 100644
index 0000000..d2272f6
--- /dev/null
+++ b/patches/platform2/fix_echo.patch
@@ -0,0 +1,12 @@
+diff -uNr platform2/common-mk/common.mk platform2-new/common-mk/common.mk
+--- platform2/common-mk/common.mk 2015-07-03 12:07:47.482745292 +0200
++++ platform2-new/common-mk/common.mk 2015-07-03 12:08:16.868600569 +0200
+@@ -263,7 +263,7 @@
+ $(eval $(call override_var,STRIP,strip))
+
+ RMDIR ?= rmdir
+-ECHO = /bin/echo -e
++ECHO = echo -e
+
+ ifeq ($(lastword $(subst /, ,$(CC))),clang)
+ CDRIVER = clang

42
pkgs/tools/security/chaps/fix_environment_variables.patch Normal file
View File

@@ -0,0 +1,42 @@
diff --git a/extrasrc/Makefile b/extrasrc/Makefile
index fb95845..77125c0 100644
--- a/extrasrc/Makefile
+++ b/extrasrc/Makefile
@@ -10,11 +10,11 @@ OUTDIR=$(SRCDIR)/out
GMOCK_DIR=$(SRCDIR)/gmock-$(GMOCK_VER)
GTEST_DIR=$(GMOCK_DIR)/gtest
-INCLUDES="-I$(SRCDIR)/include -I$(SRCDIR)/platform2/libchromeos -isystem $(GTEST_DIR)/include -I$(GMOCK_DIR)/include -I$(SRCDIR)/leveldb/include"
+INCLUDES="-I$(SRCDIR)/include -I$(SRCDIR)/platform2/libchromeos -isystem $(GTEST_DIR)/include -I$(GMOCK_DIR)/include -I$(SRCDIR)/leveldb/include $(NIX_LDFLAG) $(NIX_CFLAGS_COMPILE)"
# To build Chaps, defer to platform2/chaps/Makefile
all: libchrome-$(BASE_VER).a libchromeos-$(BASE_VER).a | out
- cd platform2/chaps && BASE_VER=$(BASE_VER) LINUX_BUILD=1 PKG_CONFIG_PATH=$(SRCDIR) CXXFLAGS=$(INCLUDES) OUT=$(OUTDIR) CHAPS_VERSION_MAJOR=$(CHAPS_VERSION_MAJOR) CHAPS_VERSION_MINOR=$(CHAPS_VERSION_MINOR) $(MAKE)
+ cd platform2/chaps && BASE_VER=$(BASE_VER) LINUX_BUILD=1 PKG_CONFIG_PATH=$(SRCDIR):$(PKG_CONFIG_PATH) CXXFLAGS=$(INCLUDES) OUT=$(OUTDIR) CHAPS_VERSION_MAJOR=$(CHAPS_VERSION_MAJOR) CHAPS_VERSION_MINOR=$(CHAPS_VERSION_MINOR) $(MAKE)
# To build required Chromium components, defer to scons file.
libchrome-$(BASE_VER).a:
@@ -38,7 +38,7 @@ out/libgmock.a: out/gmock-all.o
ar -rv $@ $<
test: out/libgtest.a out/libgmock.a libchrome-$(BASE_VER).a libchromeos-$(BASE_VER).a | out
- cd platform2/chaps && BASE_VER=$(BASE_VER) LINUX_BUILD=1 PKG_CONFIG_PATH=$(SRCDIR) CXXFLAGS=$(INCLUDES) LDLIBS="-L$(OUTDIR)" OUT=$(OUTDIR) $(MAKE) tests
+ cd platform2/chaps && BASE_VER=$(BASE_VER) LINUX_BUILD=1 PKG_CONFIG_PATH=$(SRCDIR):$(PKG_CONFIG_PATH) CXXFLAGS=$(INCLUDES) LDLIBS="-L$(OUTDIR)" OUT=$(OUTDIR) $(MAKE) tests
clean: clean_chaps clean_chromeos clean_chromebase clean_gmock clean_debian
clean_gmock:
@@ -49,7 +49,7 @@ clean_chromebase:
clean_chromeos:
-BASE_VER=$(BASE_VER) scons -f Sconstruct.libchromeos -c
clean_chaps:
- -cd platform2/chaps && BASE_VER=$(BASE_VER) LINUX_BUILD=1 PKG_CONFIG_PATH=$(SRCDIR) $(MAKE) clean
+ -cd platform2/chaps && BASE_VER=$(BASE_VER) LINUX_BUILD=1 PKG_CONFIG_PATH=$(SRCDIR):$(PKG_CONFIG_PATH) $(MAKE) clean
rm -rf out
clean_debian:
dh_clean
@@ -64,4 +64,4 @@ install_man:
$(INSTALL) -m 0644 -D man/chapsd.8 $(MANDIR)/man8/chapsd.8
$(INSTALL) -m 0644 -D man/chaps_client.8 $(MANDIR)/man8/chaps_client.8
install: install_man
- cd platform2/chaps && BASE_VER=$(BASE_VER) LINUX_BUILD=1 PKG_CONFIG_PATH=$(SRCDIR) CXXFLAGS=$(INCLUDES) OUT=$(OUTDIR) CHAPS_VERSION_MAJOR=$(CHAPS_VERSION_MAJOR) CHAPS_VERSION_MINOR=$(CHAPS_VERSION_MINOR) $(MAKE) install_files
+ cd platform2/chaps && BASE_VER=$(BASE_VER) LINUX_BUILD=1 PKG_CONFIG_PATH=$(SRCDIR):$(PKG_CONFIG_PATH) CXXFLAGS=$(INCLUDES) OUT=$(OUTDIR) CHAPS_VERSION_MAJOR=$(CHAPS_VERSION_MAJOR) CHAPS_VERSION_MINOR=$(CHAPS_VERSION_MINOR) $(MAKE) install_files

26
pkgs/tools/security/chaps/fix_scons.patch Normal file
View File

@@ -0,0 +1,26 @@
diff --git a/extrasrc/Sconstruct.libchrome b/extrasrc/Sconstruct.libchrome
index 4feb76d..311fe8a 100644
--- a/extrasrc/Sconstruct.libchrome
+++ b/extrasrc/Sconstruct.libchrome
@@ -103,7 +103,7 @@ base_lib = {
'pc_libs' : 'glib-2.0',
}
-env = Environment()
+env = Environment(ENV = os.environ)
BASE_VER = os.environ.get('BASE_VER', '0')
GTEST_DIR = os.environ.get('GTEST_DIR', '0')
diff --git a/extrasrc/Sconstruct.libchromeos b/extrasrc/Sconstruct.libchromeos
index 1da6001..66f9acb 100644
--- a/extrasrc/Sconstruct.libchromeos
+++ b/extrasrc/Sconstruct.libchromeos
@@ -18,7 +18,7 @@ base_lib = {
'pc_libs' : 'dbus-c++-1',
}
-env = Environment()
+env = Environment(ENV = os.environ)
PKG_CONFIG = os.environ.get('PKG_CONFIG', 'pkg-config')
BASE_VER = os.environ.get('BASE_VER', '0')

51
pkgs/tools/security/chaps/insert_prefetches.patch Normal file
View File

@@ -0,0 +1,51 @@
diff --git a/makefile b/makefile
index b6865f3..c14f5ec 100644
--- a/makefile
+++ b/makefile
@@ -53,8 +53,8 @@ $(SRCDIR)/include/trousers/scoped_tss_type.h: extrasrc/scoped_tss_type.h | $(SRC
cp $< $@
# Chromium includes <leveldb/memenv.h>. This requires an install of libleveldb-dev that has
# memenv support included; move this into a local leveldb/ subdirectory
-$(SRCDIR)/include/leveldb/memenv.h: /usr/include/leveldb/helpers/memenv.h | $(SRCDIR)/include/leveldb
- cp $< $@
+$(SRCDIR)/include/leveldb/memenv.h: $(SRCDIR)/include/leveldb
+ cp @@NIXOS_LEVELDB@@/include/leveldb/helpers/memenv.h $@
# Chromium includes <include/testing/gtest/include/gtest/gtest_prod.h>, so have a local copy.
$(SRCDIR)/include/testing/gtest/include/gtest/gtest_prod.h: extrasrc/gtest_prod.h | $(SRCDIR)/include/testing/gtest/include/gtest
cp $< $@
@@ -80,7 +80,7 @@ GMOCK_DIR=$(SRCDIR)/gmock-$(GMOCK_VERSION)
GTEST_DIR=$(GMOCK_DIR)/gtest
src_gmock: $(GMOCK_DIR)/LICENSE
$(GMOCK_DIR)/LICENSE: | $(SRCDIR)
- cd $(SRCDIR) && wget $(GMOCK_URL)
+ cd $(SRCDIR) && cp @@NIXOS_SRC_GMOCK@@ gmock-$(GMOCK_VERSION).zip && chmod +w gmock-$(GMOCK_VERSION).zip
cd $(SRCDIR) && unzip -q gmock-$(GMOCK_VERSION).zip
rm $(SRCDIR)/gmock-$(GMOCK_VERSION).zip
touch $@
@@ -107,8 +107,7 @@ src_chromebase: $(SRCDIR)/base/base64.h
$(SRCDIR)/base: | $(SRCDIR)
mkdir -p $@
$(SRCDIR)/base/base64.h: | $(SRCDIR)/base
- git clone $(CHROMEBASE_GIT) $(SRCDIR)/base
- cd $(SRCDIR)/base && git checkout $(CHROMEBASE_COMMIT)
+ cp -r @@NIXOS_SRC_CHROMEBASE@@/. $(SRCDIR)/base && chmod -R +w $(SRCDIR)/base
# We need two subdirectories from the platform2 repository from ChromiumOS:
# - chaps/ for the Chaps source code
@@ -119,14 +118,8 @@ $(SRCDIR)/platform2:
PLATFORM2_GIT=https://chromium.googlesource.com/chromiumos/platform2
PATCHES=$(wildcard $(CURDIR)/patches/platform2/*.patch)
$(SRCDIR)/platform2/chaps/Makefile: | $(SRCDIR)/platform2
- cd $(SRCDIR)/platform2 && git init . && git remote add -f origin $(PLATFORM2_GIT)
- cd $(SRCDIR)/platform2 && git config core.sparsecheckout true
- cd $(SRCDIR)/platform2 && echo "chaps" > .git/info/sparse-checkout
- cd $(SRCDIR)/platform2 && echo "libchromeos/chromeos" >> .git/info/sparse-checkout
- cd $(SRCDIR)/platform2 && echo "common-mk/common.mk" >> .git/info/sparse-checkout
- cd $(SRCDIR)/platform2 && git pull origin master
- cd $(SRCDIR)/platform2 && git checkout $(CROS_BRANCH)
- cd $(SRCDIR)/platform2 && if [ ! -z "$(PATCHES)" ]; then git am $(PATCHES); fi
+ cd $(SRCDIR)/platform2 && cp -r @@NIXOS_SRC_PLATFORM2@@/. . && chmod -R +w $(SRCDIR)/platform2
+ cd $(SRCDIR)/platform2 && if [ ! -z "$(PATCHES)" ]; then patch -p1 < $(PATCHES); fi
# Copy man pages

29
pkgs/tools/security/tpm-luks/default.nix Normal file
View File

@@ -0,0 +1,29 @@
{ stdenv, fetchgit, autoreconfHook, gawk, trousers, cryptsetup, openssl }:
stdenv.mkDerivation rec {
name = "tpm-luks-${version}";
version = "0.9pre";
src = fetchgit {
url = "https://github.com/shpedoikal/tpm-luks/";
rev = "3fa3ea4bbd34b5b02e9271e775a338fa49dc834f";
sha256 = "37a56f05ad492d3128b07b3cb9dbf85ba8a0dd791329323fb398eb1026dfc89c";
};
buildInputs = [ autoreconfHook gawk trousers cryptsetup openssl ];
installPhase = ''
mkdir -p $out
make install DESTDIR=$out
mv $out/$out/sbin $out/bin
rm -r $out/nix
'';
meta = with stdenv.lib; {
description = "LUKS key storage in TPM NVRAM";
homepage = https://github.com/shpedoikal/tpm-luks/;
maintainers = [ maintainers.tstrobel ];
platforms = platforms.linux;
};
}

4
pkgs/tools/system/stress-ng/default.nix
View File

@@ -1,11 +1,11 @@
{ stdenv, fetchurl, attr }:
let version = "0.04.07"; in
let version = "0.04.10"; in
stdenv.mkDerivation rec {
name = "stress-ng-${version}";
src = fetchurl {
sha256 = "0yzh0lkjll4qwhgjlrji9n9qps4nmh10240nsyqkgr4yv3my9fi0";
sha256 = "1y0jmcgwn8np22r3ajg7giai8dvfg0r5ddpgbiqs48cx2gz7iyhf";
url = "http://kernel.ubuntu.com/~cking/tarballs/stress-ng/${name}.tar.gz";
};