Commit Graph

5816 Commits

Author SHA1 Message Date
Daniel Peebles
77d1fb94f1 Merge pull request #19470 from copumpkin/fix-sierra
Fix Darwin stdenv to work on Sierra
2016-10-12 19:04:03 -04:00
Dan Peebles
d8a0307a5d [darwin.stdenv] Fix to work on Sierra
This reinstates the libSystem selective symbol export machinery we used
to have, but locks it to the symbols that were present in 10.11 and skips
the actual compiled code we put into that library in favor of the system
initialization code. That should make it more stable and less likely to
do weird stuff than the last time we did this.
2016-10-12 00:08:13 -04:00
Graham Christensen
b98c0a668e
nvidia-x11: 367.35 -> 367.57 2016-10-11 19:43:58 -04:00
Vladimír Čunát
9d1dfc9ed0 Merge #18861: add AMDGPU-PRO driver 2016-10-11 19:57:30 +02:00
David McFarland
3b4ce62451 amdgpu-pro: Init at 16.30.3-315407 2016-10-11 14:19:38 -03:00
Joachim Fasting
ce73a3ea0f grsecurity: 4.7.6-201609301918 -> 4.7.7-201610101902 2016-10-11 13:15:16 +02:00
Eelco Dolstra
88f10ad409 aggregateModules: Preserve kernel's modules.{builtin,order}
Fixes #19426.
2016-10-11 11:42:41 +02:00
sternenseemann
3fb2993cb3 maintainers: rename lukasepple according to github account name 2016-10-09 22:04:22 +02:00
Aneesh Agrawal
f0602d2d36 kernel: Make SECURITY_YAMA optional
It's highly recommended, but not required to run NixOS.
2016-10-08 17:46:33 +02:00
Aneesh Agrawal
a000ed181c linux config: enable the Yama LSM (#14392)
The Yama Linux Security Module restricts the use of ptrace so that
processes cannot ptrace processes that are not their children. This
prevents attackers from compromising one user-level processes and
snooping on the memory and runtime state of other processes owned
by the same user.
2016-10-08 16:40:12 +02:00
Tim Steinbach
a699eb4798 linux: 4.4.23 -> 4.4.24 (#19346) 2016-10-08 07:02:07 +02:00
Tim Steinbach
9481edec56 linux: 4.7.6 -> 4.7.7 (#19345) 2016-10-08 07:01:51 +02:00
Tim Steinbach
07e67b33af linux: 4.8.0 -> 4.8.1 (#19344) 2016-10-08 07:01:27 +02:00
Marco Maggesi
435673b948 Revert "Revert "linux*: remove 3.14, as it's no longer maintained""
In the end, it is too dangerous to have an unmaintained kernel in
nixpkgs.  Revert the revert.

This reverts commit e921725176.
2016-10-07 23:26:32 +02:00
Marco Maggesi
e921725176 Revert "linux*: remove 3.14, as it's no longer maintained"
This is the simplest way to reenable the use of BLCR
(which at present requires linux version >3.12 <3.18)
until we find a better solution.

This reverts commit 6a9e765e27.
2016-10-07 14:31:24 +02:00
Jude Taylor
3dee596ed1 reinstate libiconv/libcharset wrapper 2016-10-06 11:56:32 -07:00
Thomas Tuegel
2e255a2edd
Merge branch 'staging' 2016-10-06 09:51:02 -05:00
Eelco Dolstra
a8b61b0aad Merge pull request #19278 from anderspapitto/local
perf: add dependency on libaudit
2016-10-06 11:45:54 +02:00
Anders Papitto
aa44330963 perf: add dependency on libaudit
the `trace` subcommand of perf is only enabled when libaudit is
available at compile time
2016-10-05 17:59:44 -07:00
Jörg Thalheim
638d4b4d71 Merge pull request #19265 from Mic92/rtkit
rtkit: apply security relevant patch
2016-10-06 00:07:35 +02:00
Eelco Dolstra
f084274eeb Merge pull request #19251 from groxxda/patch-2
kernel: Disable RT_GROUP_SCHED
2016-10-05 20:05:18 +02:00
Vladimír Čunát
30f551d8b2 Merge branch 'master' into staging 2016-10-05 19:02:48 +02:00
Jörg Thalheim
c684eb756a
rtkit: *security* Pass uid of caller to polkit
Otherwise, we force polkit to look up the uid itself in /proc, which is racy if
they execve() a setuid binary.
2016-10-05 18:11:02 +02:00
Alexander Ried
96fbdf8594 kernel: Disable RT_GROUP_SCHED
Follow systemd recommendation
fd74fa791f/README (L96-L103)
2016-10-05 12:52:45 +02:00
Alexander Ried
4e91e8cb3d rtkit: add patch from debian to remove ControlGroup stanza
fixes log clutter:
systemd[1]: [/nix/store/....-rtkit-0.11/etc/systemd/system/rtkit-daemon.service:32] Unknown lvalue 'ControlGroup' in section 'Service'
2016-10-05 11:23:11 +02:00
Thomas Tuegel
d067b7bd35
Merge branch 'kde-5' into staging 2016-10-04 21:50:17 -05:00
Shea Levy
e54313d183 Revert "Revert "Linux 4.8""
Now featuring @aszlig's modinst_arg_list_too_long patch.

This reverts commit 43bedb970d.

Fixes #19213
2016-10-04 10:10:36 -04:00
Shea Levy
43bedb970d Revert "Linux 4.8"
This reverts commit e4958d54b1.
2016-10-03 22:04:43 -04:00
Vladimír Čunát
1525568c74 util-linux: fixup patch hash from grandparent merge
And name the file, too.
2016-10-03 23:06:51 +02:00
Jörg Thalheim
45f64a37c9 Merge pull request #19175 from Mic92/util-linux
util-linux: workaround CVE-2016-2779
2016-10-03 22:53:21 +02:00
Jörg Thalheim
888f6a1280 Merge pull request #19199 from wizeman/u/fix-help2man-hash
help2man: fix hash
2016-10-03 19:26:44 +02:00
Franz Pletz
beca8946ee
jool: 3.4.5 -> 3.5.0 2016-10-03 18:25:28 +02:00
Shea Levy
e4958d54b1 Linux 4.8 2016-10-03 08:45:45 -04:00
Eric Sagnes
58d44a376e wireguard: 2016-08-08 -> 2016-10-01 2016-10-03 17:06:11 +09:00
Jörg Thalheim
ba00ba65eb
util-linux: workaround CVE-2016-2779
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2779
2016-10-03 08:49:56 +02:00
Joachim Fasting
9a9237e0aa
grsecurity: revamp nixos kernel config
Cleanup:
- Restructure & add some commentary
- Remove redundant option specs given the auto config
  constraints (some are left in for documentation purposes)

Changes:
- GRKERNSEC_CONFIG_VIRT_HOST -> GUEST
  The former deselects paravirtualization and friends
- PAX_LATENT_ENTROPY n -> y (implied by auto)
- GRKERNSEC_ACL_HIDEKERN y -> n
  Possibly useless with redistribution
2016-10-02 19:25:58 +02:00
Joachim Fasting
1bb7b44cd7
grsecurity: make GRKERNSEC y and PAX y implicit
These options should always be specified. Note, an implication of this
change is that not specifying any grsec/PaX options results in a build
failure.
2016-10-02 19:25:58 +02:00
Tuomas Tynkkynen
19225bf5cc Merge remote-tracking branch 'upstream/master' into staging 2016-10-02 10:36:47 +03:00
Tuomas Tynkkynen
f5dd3a703d treewide: Fix more lib.optional misuses 2016-10-02 00:44:10 +03:00
Aneesh Agrawal
fcee1d0b28
Remove redundant -DCMAKE_BUILD_TYPE=Release flags
Since commit 183d05a0 in 2012, this is the default.

fixes #18000
2016-10-01 16:13:41 +02:00
Joachim Fasting
2ec9a1a955
grsecurity: 4.7.5-201609261522 -> 4.7.6-201609301918 2016-10-01 08:47:30 +02:00
Joachim Fasting
22108b7a10
linux_4_7: 4.7.5 -> 4.7.6 2016-10-01 08:46:31 +02:00
Eelco Dolstra
613a12a8bd linux: 4.4.22 -> 4.4.23 2016-09-30 14:41:19 +02:00
Eelco Dolstra
8b09ba32d3 systemd: Apply various upstream bug fixes
This includes the fix for the assertion failure in
https://github.com/systemd/systemd/issues/4234.
2016-09-30 11:23:51 +02:00
rnhmjoj
7cf7572734
btfs: 2.11 -> 2.12 2016-09-30 01:23:16 +02:00
Eelco Dolstra
fe9e5f9f55 pam_usb: Fix evaluation 2016-09-29 20:35:40 +02:00
Eelco Dolstra
518340624d Merge remote-tracking branch 'origin/master' into staging 2016-09-29 13:06:14 +02:00
Eelco Dolstra
c5ddb7dd56 Move useSetUID to pam_usb, the only place where it's used 2016-09-29 13:05:28 +02:00
Yochai
ca9c21b0ab rtl8812au: 4.2.2-1 -> 4.3.20 2016-09-29 09:29:22 +03:00
Graham Christensen
ff5cf3abff linux-3.10: fix build by upstream patch 2016-09-28 19:18:34 +02:00
Vladimír Čunát
77604964b6 Merge branch 'master' into staging 2016-09-28 17:13:59 +02:00
Vladimír Čunát
3e1afeaa5b libsepol: temporary fixup after flex security update
/cc #18909.
2016-09-28 11:12:05 +02:00
Alexander Ried
d666196a44
iproute2: fix bash completion
apparently bash expects only files in its completion folder and not
subfolders.
2016-09-27 18:20:07 +02:00
Joachim Fasting
98a9d815e0
grsecurity: 4.7.4-201609211951 -> 4.7.5-201609261522 2016-09-27 01:43:50 +02:00
zimbatm
0e91a0bbe7 Merge pull request #18943 from Mic92/busybox
busybox: 1.23.2 -> 1.24.2
2016-09-26 12:23:22 +01:00
Frederik Rietdijk
3ba16c8234 Do not use top-level buildPythonPackage or buildPythonApplication
but instead use the one in pythonPackages.
2016-09-26 11:10:51 +02:00
Joachim Fasting
e1395365ea
spl: fix eval
xref: 30ae939142
2016-09-25 16:16:33 +02:00
Alexander Ried
7615d6385a iproute2: 4.5.0 -> 4.7.0 (#18435)
iproute now packages a bash-completion file which it installs to
$BASH_COMPDIR.

* fanpatch: adjust for new version

- The patch did not apply because the code around the additions changed.
- The patch uses functions that got changed [1] & [2], I adjusted the
  patch to use the safe version. Probably not needed but better safe
  than sorry.
[1] format_host: http://git.kernel.org/cgit/linux/kernel/git/shemminger/iproute2.git/commit/?id=a418e451643e77fe36861e53359587ba8aa41873
[2] rt_addr_n2a: http://git.kernel.org/cgit/linux/kernel/git/shemminger/iproute2.git/commit/?id=7faf1588a755edb9c9cabbe1d3211265e9826d28
2016-09-25 15:07:03 +02:00
Franz Pletz
30ae939142
linuxPackages.spl: don't mark as broken on kernel >= 4.7
Compatibility added in c8c688b0c9.
2016-09-25 14:55:45 +02:00
Franz Pletz
6e063a49b1
linuxPackages.jool: 3.4.4 -> 3.4.5 2016-09-25 14:20:46 +02:00
Franz Pletz
c8c688b0c9
linuxPackages.zfs: 0.6.5.7 -> 0.6.5.8
Adds compatibility for 4.7 & 4.8 Linux kernels.
2016-09-25 14:20:46 +02:00
Franz Pletz
3a4a425728
linux: 4.7.4 -> 4.7.5 2016-09-25 14:20:46 +02:00
Franz Pletz
c83f8a536a
linux: 4.4.20 -> 4.4.22 2016-09-25 14:20:46 +02:00
Franz Pletz
fdf239fb83
linux: 4.1.31 -> 4.1.33 2016-09-25 14:20:45 +02:00
Franz Pletz
17402fc4a3
linux: 3.18.40 -> 3.18.42 2016-09-25 14:20:45 +02:00
Franz Pletz
31ff655e46
kernelPatches: remove unneeded patches 2016-09-25 14:20:45 +02:00
Franz Pletz
01f465c82b
linux: 3.12.62 -> 3.12.63 2016-09-25 14:20:45 +02:00
Franz Pletz
b1029abe56
linux: 3.10.102 -> 3.10.103 2016-09-25 14:20:45 +02:00
Franz Pletz
e8cd27dd8a
linux_4_6: remove, not maintained anymore 2016-09-25 14:20:39 +02:00
Jörg Thalheim
74876b0cad
busybox: 1.23.2 -> 1.24.2
fixes https://lwn.net/Vulnerabilities/696815/
2016-09-25 13:21:29 +02:00
Nikolay Amiantov
ea4d517eb8 Merge pull request #18661 from NeQuissimus/kernel/zbud
kernel-common: Add ZBUD
2016-09-25 12:33:08 +04:00
Vladimír Čunát
fffc7638cd Merge branch 'master' into staging 2016-09-24 18:54:31 +02:00
Joachim Fasting
64816cd972
grsecurity: 4.7.4-201609152234 -> 201609211951 2016-09-22 23:40:50 +02:00
Joachim F
fc4751eccc Merge pull request #18751 from TvoroG/rtlwifi
rtlwifi_new: init at 2016-09-12
2016-09-22 22:50:46 +02:00
Luca Bruno
cf6815275a Merge pull request #18814 from tavyc/nvme-cli
nvme-cli: init at 0.9
2016-09-22 21:47:57 +01:00
Octavian Cerna
b26dff4ea5 nvme-cli: init at 0.9 2016-09-21 21:45:38 +03:00
Domen Kožar
d199d5041a ena: mark as broken on chromiumos
(cherry picked from commit bc06f19efb9a13a2b3fafbdc2ce35427e64c9402)
Signed-off-by: Domen Kožar <domen@dev.si>
2016-09-21 12:04:17 +02:00
Eelco Dolstra
7a4209c356 Merge remote-tracking branch 'origin/master' into staging 2016-09-20 17:46:09 +02:00
Marsel
52dd323047 rtlwifi_new: init at 2016-09-12 2016-09-20 16:18:24 +03:00
Kirill Boltaev
d2bbc631ff pktgen: disable parallel building 2016-09-19 05:28:43 +03:00
Joachim Fasting
e2659de1b2
kernelPatches: remove legacy grsecurity attrs 2016-09-18 15:26:57 +02:00
Charles Strahan
d5e24d3f80
fanctl: 0.9.0 -> 0.12.0 2016-09-17 22:37:39 -04:00
Vladimír Čunát
6a9e765e27 linux*: remove 3.14, as it's no longer maintained 2016-09-17 02:10:53 +02:00
Vladimír Čunát
12a45a8496 Merge #18237: ati_drivers_x11: patch for kernel 4.6 2016-09-17 01:29:27 +02:00
Vladimír Čunát
7a0b3c64ee Merge #18327: gcc darwin fixes 2016-09-17 00:32:03 +02:00
Vladimír Čunát
52e1a198cf Merge branch 'master' into staging 2016-09-17 00:31:34 +02:00
rushmorem
7be7620e51 fuse: 2.9.5 -> 2.9.7 2016-09-16 22:28:14 +02:00
Tuomas Tynkkynen
f5c9c4f18a Merge pull request #18659 from layus/fix-mptcp
linux_mptcp: fix config options broken by b4a4a63cc4
2016-09-16 21:06:54 +03:00
aszlig
a0b643ed06
linux-testing: 4.8-rc4 -> 4.8-rc6
Built successfully on my machine, no runtime tests performed.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Verified-with-PGP: ABAF 11C6 5A29 70B1 30AB E3C4 79BE 3E43 0041 1886
2016-09-16 17:57:32 +02:00
Tim Steinbach
77e1be36b9
kernel-common: Add ZBUD, move ZSMALLOC into module space 2016-09-16 15:31:51 +00:00
Guillaume Maudoux
f0e519d26a linux_mptcp: fix config options broken by b4a4a63cc4 2016-09-16 13:15:50 +02:00
Joachim Fasting
d082a7c0fd
grsecurity: 4.7.3-201609072139 -> 4.7.4-201609152234 2016-09-16 11:18:42 +02:00
Joachim Fasting
2050f12f4e
linux_4_7: 4.7.3 -> 4.7.4 2016-09-16 11:18:42 +02:00
Domen Kožar
77a67189ef lttng-modules: broken on chromiumos
(cherry picked from commit 3f4d94a4c2d422836c07ed1206b454cd7b681f01)
Signed-off-by: Domen Kožar <domen@dev.si>
2016-09-16 11:12:29 +02:00
Matthew Bauer
8610a34474
gcc: use special native system headers for darwin
Darwin systems need to be able to find CoreFoundation headers as well as
libc headers. Somehow, gcc doesn't accept any "framework" parameters
that would normally be used to include CoreFoundation in this
situation.

HACK: Instead, this adds a derivation that combines the two. The result
works but probably not a good long term solution.

ALTERNATIVES: Maybe sending patches in to GCC to allow
"native-system-framework" configure flag to get this found.
2016-09-15 17:58:09 -05:00
aszlig
1781e95577
Merge pull request #18567 (VirtualBox 5.1.6)
This introduces VirtualBox version 5.1.6 along with a few refactored
stuff, notably:

  * Kernel modules and user space applications are now separate
    derivations.
  * If config.pulseaudio doesn't exist in nixpkgs config, the default is
    now to build with PulseAudio modules.
  * A new updater to keep VirtualBox up to date.

All subtests in nixos/tests/virtualbox.nix succeed on my machine and
VirtualBox was reported to be working by @DamienCassou (although with
unrelated audio problems for another fix/branch) and @calbrecht.
2016-09-14 02:20:16 +02:00
Daiderd Jordan
28a0da5edc
darwin.libunwind: fix incorrect sha256 2016-09-14 00:42:07 +02:00
Kirill Boltaev
0f37287df5 treewide: explicitly specify gtk version 2016-09-13 21:09:24 +03:00
Tuomas Tynkkynen
0c0188c5d2 kernel config: Explicitly enable some NLS-related things
Doesn't affect x86, but ARM can't mount VFAT filesystems without this on
a 3.18 kernel.
2016-09-13 17:06:13 +03:00
Tuomas Tynkkynen
b4a4a63cc4 kernel generate-config.pl: Properly support string options
Or we get something like:

option not set correctly: NLS_DEFAULT (wanted 'utf8', got '"utf8"')
2016-09-13 17:06:13 +03:00
Tuomas Tynkkynen
246bd302ec kernel generate-config.pl: Be more verbose on errors 2016-09-13 17:06:13 +03:00
Nikolay Amiantov
4748709926 Merge commit 'refs/pull/18498/head' of git://github.com/NixOS/nixpkgs 2016-09-13 12:51:34 +03:00
Franz Pletz
05357f098c Merge pull request #18486 from aske/mba6x_bl
linuxPackages.mba6x_bl: 2016-02-12 -> 2016-04-22
2016-09-13 07:28:59 +02:00
aszlig
8bd89c922d
virtualbox: Split kernel modules into own package
Putting the kernel modules into the same output path as the main
VirtualBox derivation causes all of VirtualBox to be rebuilt on every
single kernel update.

The build process of VirtualBox already outputs the kernel module source
along with the generated files for the configuration of the main
VirtualBox package. We put this into a different output called "modsrc"
which we re-use from linuxPackages.virtualbox, which is now only
containing the resulting kernel modules without the main user space
implementation.

This not only has the advantage of decluttering the Nix expression for
the user space portions but also gets rid of the need to nuke references
and the need to patch out "depmod -a".

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-09-13 06:12:38 +02:00
Nikolay Amiantov
9b26cb92e3 Merge branch 'displaylink'
Close #18041
2016-09-13 01:59:47 +03:00
Nikolay Amiantov
fbf6a97b04 linuxPackages.displaylink: init at 1.1.62 2016-09-13 00:30:35 +03:00
Kirill Boltaev
bccd75094f treewide: explicitly specify gtk and related package versions 2016-09-12 18:26:06 +03:00
Dan Peebles
e6ea302c47 apple-source-releases: upgrade a bunch of stuff 2016-09-12 08:53:46 -04:00
Michael Raskin
11bc6ea4ae firejail: 0.9.42-rc1 -> 0.9.42 2016-09-12 13:01:34 +02:00
Dan Peebles
31e79c5478 stdenv-darwin: upgrade a couple more constituents 2016-09-12 03:40:53 -04:00
Dan Peebles
7b9d3f8605 stdenv-darwin: upgrade a few more things
It's a long build and generally painful to split into smaller commits,
so I apologize for lumping many changes into one commit but this is far
easier.

There are still several outdated parts of the darwin stdenv but these
changes should bring us closer to the goal.

Fixes #18461
2016-09-12 01:46:44 -04:00
Tuomas Tynkkynen
2b0eace6cf Merge remote-tracking branch 'upstream/staging' into master 2016-09-11 11:41:18 +03:00
aske
0628215f9e linuxPackages.mba6x_bl: 2016-02-12 -> 2016-04-22 2016-09-10 20:27:49 +03:00
Tuomas Tynkkynen
35ec0e72e3 util-linux: Split 'dev' 2016-09-10 19:05:05 +03:00
Joachim Fasting
91674b75d3
grsecurity: 4.7.2-201608312326 -> 4.7.3-201609072139 2016-09-10 17:06:42 +02:00
Ruslan Babayev
7b51c79ccd pktgen: 3.0.04 -> 3.0.13 (#18477) 2016-09-10 12:06:13 +02:00
Vladimír Čunát
07facfc49f broadcom-sta: don't (claim to) maintain anymore
I haven't used the driver for years.
2016-09-10 10:57:48 +02:00
Franz Pletz
c513e2ab39
multipath-tools: 0.5.0 -> 0.6.2, fixes build
Was broken due to 78178d5854.
2016-09-09 23:14:16 +02:00
Tuomas Tynkkynen
fcec24334e Merge remote-tracking branch 'upstream/staging' into master 2016-09-09 11:41:31 +03:00
Joachim Fasting
099584a27c
busybox: fix static build
The static build fails with undefined references to __memcpy_chk when
the fortify hardening is enabled.
2016-09-09 04:46:00 +02:00
Tuomas Tynkkynen
290db94f04 Merge remote-tracking branch 'upstream/master' into staging 2016-09-09 02:40:47 +03:00
Jörg Thalheim
e2991cc70b bcc: install documentation not as an executable
in bcc/tools documentation was wrapped as an executable
2016-09-08 20:39:24 +02:00
Jörg Thalheim
c58f6e62de bcc: git-2016-05-18 -> git-2016-08-30 2016-09-08 20:39:24 +02:00
Eelco Dolstra
bc7e4e390a linux: 4.4.19 -> 4.4.20 2016-09-08 13:58:05 +02:00
Tim Steinbach
4829cd7f65
kernel: 4.7.2 -> 4.7.3 2016-09-08 01:51:28 +00:00
Bjørn Forsman
2bf421d197 mcelog: add utillinux as dependency
Fixes this:

  $ sudo mcelog
  ...
  unknown-error-trigger: line 21: logger: command not found
  unknown-error-trigger: line 22: logger: command not found
2016-09-06 20:30:47 +02:00
Franz Pletz
9a2065ff2a
batman-adv: 2016.2 -> 2016.3 2016-09-06 03:59:43 +02:00
Eelco Dolstra
78178d5854 systemd: Separate lib output
This moves libsystemd.so and libudev.so into systemd.lib, and gets rid
of libudev (which just contained a copy of libudev.so and the udev
headers). It thus reduces the closure size of all packages that
(indirectly) depend on libsystemd, of which there are quite a few (for
instance, PulseAudio and dbus). For example, it reduces the closure of
Blender from 430.8 to 400.8 MiB.
2016-09-05 19:17:14 +02:00
Eelco Dolstra
e8315cb1ca shadow: Separate man output
This removes ~2 MiB from the minimal config.
2016-09-05 14:53:27 +02:00
Eelco Dolstra
ff7368e944 audit: Move z/OS plugin to a separate output
This prevents the NixOS base system from pulling in openldap,
cyris-sasl, and libkrb5.
2016-09-05 14:53:27 +02:00
Eelco Dolstra
8295089e6a utillinuxMinimal: Make more minimal
This removes locales, bash completion and crap like that. This cuts
6.5 MiB from the NixOS system closure (which unfortunately contains
two copies of util-linux, because of the need to break a dependency
cycle with systemd).
2016-09-05 13:45:59 +02:00
Matt McHenry
7bc91ffe41 patch ati-drivers for kernel 4.6
this uses the patch from
https://github.com/manjaro/packages-extra/commit/ddae91f2 to account
for https://github.com/torvalds/linux/commit/d4edcf0d and the patch
from https://www.virtualbox.org/ticket/15298 to account for
https://github.com/torvalds/linux/commit/09cbfeaf
2016-09-03 21:29:52 -04:00
Joachim Fasting
65786ba322
odp-dpdk: 10.10.1.0 -> 2016-08-16
Fixes build against dpdk 16.06

Tested build against linux, linux_latest, linux_3_18, linux_4_1,
linux_4_6, linux_grsec_nixos, linux_chromiumos_3_18.

While this is pre-release, the delta since 10.10.1.0 seems to contain
primarily fixes or internal improvements.

Also cleanup build inputs while we're at it.
2016-09-03 21:20:52 +02:00
Joachim F
f8b447a6e4 dpdk: 16.04 -> 16.07, fix build against linux 4.7 (#18256)
Tested build against linux_latest and linux_grsec_nixos.
2016-09-03 17:40:27 +02:00
Joachim Fasting
ca465eeeb1
wireguard: disable build against -grsec kernels
Looks to be incompatible with the PaX constification plugin:

> /tmp/nix-build-wireguard-unstable-2016-08-08.drv-0/WireGuard-experimental-0.0.20160808/src/device.c:329:29: error: constified variable 'link_ops' placed into writable section ".data..read_mostly"
 static struct rtnl_link_ops link_ops __read_mostly = {

https://hydra.nixos.org/build/39671573/log/raw

See also https://github.com/NixOS/nixpkgs/issues/18209
2016-09-03 14:50:07 +02:00
Vladimír Čunát
4745341c69 spl: fix evaluation after the parent commit
This doesn't fully fix the tarball job.
2016-09-03 14:34:55 +02:00
Rok Garbas
3698f321ef
spl: mark it broken on kernels higher then 4.7
until new spl version is release
2016-09-03 14:07:49 +02:00
Franz Pletz
a1c24ab976
systemd: apply patch to fix #18158
See:
 - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834367
 - https://github.com/systemd/systemd/issues/3842
2016-09-02 23:39:19 +02:00
Shea Levy
ce0043bf4c phc-intel: 0.4.0rev19 -> 0.4.0rev22
Fixes build on linux 4.7
2016-09-02 07:41:42 -04:00
Tuomas Tynkkynen
3364230d56 Disable bunch of non-compiling packages on Darwin
These ones have a "Last successful build" timestamp in the 2014s or
2015s. Presumably no one will notice if we now stop building them.

softether_4_18              2015-09-20  http://hydra.nixos.org/build/39418483
lensfun                     2014-09-30  http://hydra.nixos.org/build/39394104
net_snmp                    2015-09-20  http://hydra.nixos.org/build/39410553
djview                      2015-08-11  http://hydra.nixos.org/build/39413233
libmusicbrainz2             2015-09-20  http://hydra.nixos.org/build/39410106
fox_1_6                     2014-05-07  http://hydra.nixos.org/build/39410858
libofx                      2015-09-24  http://hydra.nixos.org/build/39423507
yacas                       2014-09-30  http://hydra.nixos.org/build/39393150
iomelt                      2014-09-30  http://hydra.nixos.org/build/39408486
softether                   2015-09-20  http://hydra.nixos.org/build/39425800
mp4v2                       2014-09-30  http://hydra.nixos.org/build/39421899
virtuoso7                   2014-09-21  http://hydra.nixos.org/build/39415206
man_db                      2015-04-23  http://hydra.nixos.org/build/39404236
libdiscid                   2014-09-30  http://hydra.nixos.org/build/39412202
zabbix22.agent              2014-09-21  http://hydra.nixos.org/build/39412149
vidalia                     2015-08-06  http://hydra.nixos.org/build/39411500
libmtp                      2015-09-20  http://hydra.nixos.org/build/39419199
wxGTK29                     2015-09-20  http://hydra.nixos.org/build/39415296
ncmpcpp                     2015-11-06  http://hydra.nixos.org/build/39404455
libtorrent                  2014-09-21  http://hydra.nixos.org/build/39394646
shishi                      2014-03-21  http://hydra.nixos.org/build/39418874
ocaml_3_12_1                2014-09-30  http://hydra.nixos.org/build/39392996
djview4                     2015-08-11  http://hydra.nixos.org/build/39427799
vimNox                      2014-05-23  http://hydra.nixos.org/build/39397012
ttfautohint                 2015-08-06  http://hydra.nixos.org/build/39398330
libraw                      2015-09-24  http://hydra.nixos.org/build/39402271
wxGTK30                     2015-09-20  http://hydra.nixos.org/build/39401871
sbcl_1_2_5                  2015-09-20  http://hydra.nixos.org/build/39426091
prover9                     2014-09-30  http://hydra.nixos.org/build/39406476
rcs                         2015-08-25  http://hydra.nixos.org/build/39392037
gpac                        2015-09-24  http://hydra.nixos.org/build/39399470
virtuoso6                   2014-09-30  http://hydra.nixos.org/build/39398651
xlslib                      2015-09-24  http://hydra.nixos.org/build/39410387
ucommon                     2015-03-27  http://hydra.nixos.org/build/39414040
commoncpp2                  2014-09-30  http://hydra.nixos.org/build/39420117
virtuoso                    2014-09-21  http://hydra.nixos.org/build/39399978
miniHttpd                   2014-09-30  http://hydra.nixos.org/build/39392925
mpack                       2014-09-26  http://hydra.nixos.org/build/39399535
nbd                         2014-09-26  http://hydra.nixos.org/build/39401367
newsbeuter-dev              2014-07-29  http://hydra.nixos.org/build/39406259
gimp_2_8                    2015-09-20  http://hydra.nixos.org/build/39436271
gimp                        2015-09-20  http://hydra.nixos.org/build/39435976
zabbix20.agent              2014-09-30  http://hydra.nixos.org/build/39393242
gst_all_1.gst-plugins-good  2015-09-20  http://hydra.nixos.org/build/39408506
ocaml_4_00_1                2014-09-30  http://hydra.nixos.org/build/39399526
inadyn                      2014-09-30  http://hydra.nixos.org/build/39426389
gst_all_1.gst-plugins-bad   2015-09-20  http://hydra.nixos.org/build/39392970
zabbix.agent                2014-09-30  http://hydra.nixos.org/build/39421412
cmake-2_8                   2015-09-24  http://hydra.nixos.org/build/39399443
liblastfm                   2015-08-06  http://hydra.nixos.org/build/39421812
newsbeuter                  2014-07-29  http://hydra.nixos.org/build/39396605
sdcv                        2014-09-26  http://hydra.nixos.org/build/39412928
2016-09-01 20:39:33 +03:00
Eelco Dolstra
e05c4c6541 libapparmor: Move python stuff to a separate output
This prevents systemd and by extension a zillion other packages from
having Python 2.7 in their closure. For example, the closure of
systemd dropped from 133 MiB to 85 MiB.
2016-09-01 18:57:43 +02:00
Joachim Fasting
0ce7b31b09
grsecurity: 4.7.2-201608211829 -> 201608312326 2016-09-01 14:51:33 +02:00
Joachim F
8c90b7db89 Merge pull request #18073 from joachifm/rtl8723bs
rtl8723bs: 6918e9b2ff29 -> 2016-04-11, fix build against 4.7
2016-09-01 14:48:51 +02:00
Tuomas Tynkkynen
8c4aeb1780 Merge staging into master
Brings in:
    - changed output order for multiple outputs:
      https://github.com/NixOS/nixpkgs/pull/14766
    - audit disabled by default
      https://github.com/NixOS/nixpkgs/pull/17916

 Conflicts:
	pkgs/development/libraries/openldap/default.nix
2016-09-01 13:27:27 +03:00
Franz Pletz
003ab1d9fd
nftables: 0.5 -> 0.6 2016-09-01 12:25:14 +02:00
Tuomas Tynkkynen
20ab753e35 libaudit: Split into multiple outputs 2016-08-31 23:15:28 +03:00
Graham Christensen
24f7946489 Merge pull request #18154 from womfoo/fix/mbpfan-buffer-overflow
mbpfan: include buffer overflow patch
2016-08-31 08:16:57 -04:00
Kranium Gikos Mendoza
bbafdefd86 mbpfan: include buffer overflow patch 2016-08-31 19:25:28 +08:00
Philip Potter
66726acfae sysklogd: fix compile error (#18133)
sysklogd was failing to build because it didn't know the size of the
`union wait` type.

Running `git bisect` showed 9744c7768d,
which bumped glibc from 2.23 to 2.24, as the likely suspect.  This is
corroborated by evidence such as this email:
https://lists.debian.org/debian-glibc/2016/08/msg00069.html

Linux from scratch recommends changing `union wait` to `int`:
http://www.linuxfromscratch.org/lfs/view/development/chapter06/sysklogd.html

Therefore, that's what this commit does.
2016-08-31 00:05:07 +02:00
Nikolay Amiantov
0987f2ff6a Merge pull request #18100 from Mic92/android-udev-rules
android-udev-rules: usage example
2016-08-30 23:09:56 +04:00
Octavian Cerna
938b993091 raspberrypifw: Don't strip ELF files
Stripping breaks raspivid and other executables.
2016-08-30 17:34:16 +03:00
Tuomas Tynkkynen
d3dc3d4130 Merge remote-tracking branch 'dezgeg/shuffle-outputs' into staging
https://github.com/NixOS/nixpkgs/pull/14766
2016-08-30 12:43:37 +03:00
aszlig
f19c961b4e
linux-testing: Fix arg list too long in modinst
With the default kernel and thus with the build I have tested in
74ec94bfa2, we get an error during
modules_install:

make[2]: execvp: /nix/store/.../bin/bash: Argument list too long

I haven't noticed this build until I actually tried booting using this
kernel because make didn't fail here.

The reason this happens within Nix and probably didn't yet surface in
other distros is that programs only have a limited amount of memory
available for storing the environment and the arguments.

Environment variables however are quite common on Nix and thus we
stumble on problems like this way earlier - in this case Linux 4.8 - but
I have noticed this in 4.7-next as well already.

The fix is far from perfect and suffers performance overhead because we
now run grep for every *.mod file instead of passing all *.mod files
into one single invocation of grep.

But comparing the performance overhead (around 1s on my machine) with
the overall build time of the kernel I think the overhead really is
neglicible.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-08-30 06:55:52 +02:00
Tuomas Tynkkynen
47784e55e1 darwin binutils: Fix binutils-raw output references 2016-08-30 02:57:43 +03:00
Jörg Thalheim
ec20540a1a
android-udev-rules: usage example 2016-08-29 23:40:13 +02:00
aszlig
74ec94bfa2
linux/kernel/testing: 4.8-rc3 -> 4.8-rc4
Tested by only building the linux_testing attribute, but haven't yet
tested it in production.

I've also fixed the extraMeta.branch attribute.

Verified-with-PGP: ABAF 11C6 5A29 70B1 30AB E3C4 79BE 3E43 0041 1886
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-08-29 20:52:19 +02:00
aszlig
42e1ec215e
linux/kernel: Remove MLX4_EN_VXLAN for 4.8
This option is no longer needed and has been removed in upstream commit
torvalds/linux@a831274a13.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-08-29 20:52:19 +02:00
aszlig
0bce188ec1
linux/kernel: Remove KVM_APIC_ARCHITECTURE for 4.8
The option is no longer needed and has been removed upstream in
torvalds/linux@557abc40d1.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-08-29 20:52:19 +02:00
Robin Gloster
6a04de991c
linuxPackages_3_12.ena: fix build 2016-08-29 16:35:13 +00:00
obadz
0e9d355397 musl: disable stackprotector hardening
Prevents busybox segfault
2016-08-29 13:04:29 +01:00
Tuomas Tynkkynen
0e26cf84fc kernel: Remove propagatedBuildOutputs
Not needed after the shuffle.
2016-08-29 14:49:52 +03:00
Tuomas Tynkkynen
a17216af4c treewide: Shuffle outputs
Make either 'bin' or 'out' the first output.
2016-08-29 14:49:51 +03:00
obadz
b74793bd1c Merge branch 'master' into staging
Conflicts:
	pkgs/tools/system/facter/default.nix
2016-08-29 12:44:17 +01:00
Joachim Fasting
898edb0fbc lttng-modules: 2.6.3 -> 2.8.0
Full changelog at
https://git.lttng.org/?p=lttng-modules.git;a=blob_plain;f=ChangeLog;hb=4d484e547c486f902a60216dc421cb891b772431

Built against linux and linux_latest

cc @bjornfor
2016-08-29 11:39:44 +02:00
Joachim Fasting
e5c3a52afc
grsecurity: fix features.grsecurity
Previously, features.grsecurity wasn't actually set due to a bug in the
grsec builder. We now rely on the generic kernel builder to set features
from kernelPatches.
2016-08-29 04:09:40 +02:00
Joachim Fasting
b56f7acc78
batman-adv: mark as broken on -grsec
Looks to be incompatible with the PaX constification plugin:

> /tmp/nix-build-batman-adv-2016.2-4.7.2.drv-0/batman-adv-2016.2/net/batman-adv/soft-interface.c:1065:22:
error: constified variable 'batadv_link_ops' placed into writable
section ".data..read_mostly"
 struct rtnl_link_ops batadv_link_ops __read_mostly = {

https://hydra.nixos.org/build/39312033/log/raw
2016-08-29 04:09:40 +02:00
Joachim Fasting
fcf5a24d8c
kernel config: set DEBUG_STACKOVERFLOW regardless of features.grsecurity
features.grsecurity has actually been unset for a long time, with no
ill effect on grsec kernel builds so this conditional looks useless.
2016-08-29 04:08:39 +02:00
Kranium Gikos Mendoza
268cb1a08b forkstat: 0.01.13 -> 0.01.14 (#18076) 2016-08-29 01:38:01 +00:00
Joachim Fasting
e0ee5dc04f
rtl8723bs: 6918e9b2ff29 -> 2016-04-11, fix build against 4.7
Upstream
e71a5fc58c
adds linux 4.7 support; all subsequent commits are error fixes so we
bump to current HEAD for good measure.

Built against linux and linux_latest.

Mark as broken on -grsec, seems incompatible with PaX
constification:
> 76fb2-src/hal/rtl8723b_hal_init.c:2186:26: error: assignment of member
'free_hal_data' in read-only object
  pHalFunc->free_hal_data = &rtl8723b_free_hal_data;

and so on.
2016-08-29 03:31:14 +02:00
Robin Gloster
e17bc25943
Merge remote-tracking branch 'upstream/master' into staging 2016-08-29 00:24:47 +00:00
Tuomas Tynkkynen
c004c6e14d kernel config: Explicitly enable some stuff not enabled by 'make alldefconfig'
List of what to enable taken from https://lwn.net/Articles/672587/.
This doesn't change the resulting x86 configs, but is more useful for
other architectures. For instance, POSIX_MQUEUE is currently missing
on ARM.
2016-08-29 03:07:11 +03:00
obadz
3de6e5be50 Merge branch 'master' into staging
Conflicts:
      pkgs/applications/misc/navit/default.nix
      pkgs/applications/networking/mailreaders/alpine/default.nix
      pkgs/applications/networking/mailreaders/realpine/default.nix
      pkgs/development/compilers/ghc/head.nix
      pkgs/development/libraries/openssl/default.nix
      pkgs/games/liquidwar/default.nix
      pkgs/games/spring/springlobby.nix
      pkgs/os-specific/linux/kernel/perf.nix
      pkgs/servers/sip/freeswitch/default.nix
      pkgs/tools/archivers/cromfs/default.nix
      pkgs/tools/graphics/plotutils/default.nix
2016-08-27 23:54:54 +01:00
Bjørn Forsman
daa9d5edca perf: unbreak build since glibc 2.24 upgrade
glibc 2.24 deprecated readdir_r, breaking the perf build:

  $ nix-build -A linuxPackages.perf
  ...
    CC       util/event.o
    CC       util/evlist.o
  util/event.c: In function '__event__synthesize_thread':
  util/event.c:448:2: error: 'readdir_r' is deprecated [-Werror=deprecated-declarations]
    while (!readdir_r(tasks, &dirent, &next) && next) {
    ^
  In file included from /nix/store/8ic0jwg3p5vcwx52k4781n987hmv0bks-glibc-2.24-dev/include/features.h:368:0,
                   from /nix/store/8ic0jwg3p5vcwx52k4781n987hmv0bks-glibc-2.24-dev/include/stdint.h:25,
                   from /nix/store/jsazxc1b86g2ww569ziwhhvkz8z43vjd-gcc-5.4.0/lib/gcc/x86_64-unknown-linux-gnu/5.4.0/include/stdint.h:9,
                   from /tmp/nix-build-perf-linux-4.4.19.drv-0/linux-4.4.19/tools/include/linux/types.h:6,
                   from util/event.c:1:
  /nix/store/8ic0jwg3p5vcwx52k4781n987hmv0bks-glibc-2.24-dev/include/dirent.h:189:12: note: declared here
   extern int __REDIRECT (readdir_r,
              ^
  util/event.c: In function 'perf_event__synthesize_threads':
  util/event.c:586:2: error: 'readdir_r' is deprecated [-Werror=deprecated-declarations]
    while (!readdir_r(proc, &dirent, &next) && next) {

Fix by adding -Wno-error=deprecated-declarations compile flag.
2016-08-27 10:21:57 +02:00
Gabriel Ebner
131cd8f45d Merge pull request #18005 from gebner/kernel-amd-powerplay
kernel: config: enable DRM_AMD_POWERPLAY
2016-08-26 19:04:54 +02:00
Franz Pletz
f75ab31234
sysklogd: fix broken build caused by new glibc version 2016-08-26 15:03:19 +02:00
Franz Pletz
40e0e5fb0b
linux_testing: 4.7-rc7 -> 4.8-rc3 2016-08-26 14:47:45 +02:00
Franz Pletz
aacf6651c1
linux: 4.4.18 -> 4.4.19 2016-08-26 14:47:45 +02:00
Franz Pletz
90251478ec
linux: 4.1.30 -> 4.1.31 2016-08-26 14:47:45 +02:00
Franz Pletz
377c851395
linux: 3.18.36 -> 3.18.40 2016-08-26 14:47:45 +02:00
Franz Pletz
dc37edb36c
linux: 3.14.73 -> 3.14.77 2016-08-26 14:47:45 +02:00
Franz Pletz
458d477215
linux: 3.12.61 -> 3.12.62 2016-08-26 14:47:45 +02:00
Michael Raskin
7e631101b9 lxc: 2.0.3 -> 2.0.4 2016-08-26 13:43:35 +02:00
Gabriel Ebner
7b01df18a2 kernel: config: enable DRM_AMD_POWERPLAY 2016-08-26 08:45:49 +02:00
Shea Levy
2b1fa9da8b Add initial patches for CPU Controller on Control Group v2 2016-08-25 13:01:40 -04:00
Lancelot SIX
7fd44eafa6 Merge pull request #17817 from mbrock/libselinux-fix
libselinux: fix Python binding

Built and tested locally.
2016-08-25 12:43:19 +02:00
Robin Gloster
eddc0a5549
treewide: fix darwin builds by using getOutput
This fixes eval for pkgs referring to optional static output
2016-08-25 08:44:20 +00:00
Franz Pletz
df275f5b85 treewide: fix darwin builds by referring to stdenv's libc 2016-08-25 02:56:25 +02:00
Franz Pletz
29ec1c6b09 audit: 2.4.4 -> 2.6.6 2016-08-25 01:56:36 +02:00
Franz Pletz
f0f95d03ca utillinux: 2.28 -> 2.28.1 2016-08-25 01:55:42 +02:00
Franz Pletz
3ce7b77517 libnl: 3.2.27 -> 3.2.28 2016-08-25 01:55:41 +02:00
Franz Pletz
a30bf645f2 sinit: 0.9.2 -> 1.0, fix glibc static linking 2016-08-24 21:31:02 +02:00
Franz Pletz
d5189fb7ad lxc: 2.0.3 -> 2.0.4, fixes hardened build 2016-08-24 21:31:02 +02:00
Robin Gloster
c26de11551 linuxPackages.perf: fix build with new glibc and remove hack
elfutils now adds a eu- prefix to avoid collisions
2016-08-24 19:19:02 +00:00
Daiderd Jordan
8b8a74d5d6 Merge pull request #17864 from LnL7/darwin-libsecurity
darwin.libsecurity: fix for gnustep makefiles
2016-08-24 19:56:24 +02:00
Robin Gloster
9e47acb89d otpw: disable stackprotector hardening 2016-08-24 17:19:43 +00:00
Shea Levy
8b9b9fad31 Revert "Revert "Merge branch 'modprobe-fix' of git://github.com/abbradar/nixpkgs""
Revert a revert of a merge that shouldn't have been in master but was intentionally in staging.

Next time I'll do this right after the revert instead of so far down the line...

This reverts commit 9adad8612b.
2016-08-24 07:35:30 -04:00
obadz
0e8d2725dc Merge branch 'master' into staging 2016-08-23 18:50:06 +01:00
Joachim Fasting
cf592a8969
grsecurity: 4.7.1-201608161813 -> 4.7.2-201608211829 2016-08-23 01:49:34 +02:00
obadz
24a9183f90 Merge branch 'hardened-stdenv' into staging
Closes #12895

Amazing work by @globin & @fpletz getting hardened compiler flags by
enabled default on the whole package set
2016-08-22 01:19:35 +01:00
obadz
ba50fd7170 Merge branch 'master' into staging 2016-08-22 01:18:11 +01:00