3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

321 commits

Author SHA1 Message Date
Eelco Dolstra b20a0e49c8
Revert systemd interface version to 2
The new systemd in 19.09 gives an "Access Denied" error when doing
"systemctl daemon-reexec" on an 19.03 system. The fix is to use the
previous systemctl to signal the daemon to re-exec itself. This
ensures that users don't have to reboot when upgrading from NixOS
19.03 to 19.09.
2019-09-16 16:51:19 +02:00
Will Dietz 5f269cd4f9
systemd: cleanup unused variable and containing 'let' (NFCI)
This seems to be inlined directly later, FWIW.
2019-09-13 22:01:48 -05:00
Andreas Rammhold 9c06aae94a
systemd: add myself as maintainer 2019-09-08 17:14:15 +02:00
Andreas Rammhold d9b1256f93
systemd: 242 -> 243 2019-09-08 17:14:10 +02:00
Frederik Rietdijk e68505e735 Merge remote-tracking branch 'upstream/gcc8' into staging-next 2019-09-06 23:25:18 +02:00
Vladimír Čunát b479a21403
Merge #68032: systemd: fix CVE-2019-15718 (staging-next) 2019-09-04 11:03:10 +02:00
Andreas Rammhold cde7715039 systemd: fix CVE-2019-15718
More details at: https://www.openwall.com/lists/oss-security/2019/09/03/1
2019-09-04 01:05:28 +02:00
volth 08f68313a4 treewide: remove redundant rec 2019-08-28 11:07:32 +00:00
volth 46420bbaa3 treewide: name -> pname (easy cases) (#66585)
treewide replacement of

stdenv.mkDerivation rec {
  name = "*-${version}";
  version = "*";

to pname
2019-08-15 13:41:18 +01:00
Nikolay Amiantov cc9fb5f015 systemd: update revision 2019-08-01 00:55:35 +03:00
Florian Klink df489f82e1 systemd: apply systemd-stable 242 backports
from https://github.com/NixOS/systemd/pull/29
2019-06-29 16:10:37 +02:00
volth f3282c8d1e treewide: remove unused variables (#63177)
* treewide: remove unused variables

* making ofborg happy
2019-06-16 19:59:05 +00:00
Andreas Rammhold 0f93834c5e
systemd: remove references to $out/lib/systemd/catalog
On aarch64 we "leak" a reference to $out/lib/systemd/catalog in the lib
output. The result of that is a dependency cycle between $out and $lib.
Thus nix (rightfully) marks the build as failed. That reference
originates from an array of strings (catalog_file_dirs) in systemd
(src/src/journal/catalog.{c,h}).  The only consumer (as of v242) of the
symbol is the main function of journalctl.  Still libsystemd.so contains
the VALUE but not the symbol.  Systemd seems to be properly using
function & data sections together with the linker flags to garbage
collect unused sections (-Wl,--gc-sections).  For unknown reasons those
flags do not eliminate the unused string constants, in this case on
aarch64-linux. The hacky way is to just remove the reference after we
finished compiling.  Since it can not be used (there is no symbol to
actually refer to it) there should not be any harm.  It is a bit odd and
I really do not like starting these kind of hacks but there doesn't seem
to be a straight forward way at this point in time.

The reference will be replaced by the same reference the usual nukeRefs
tooling uses.  The standard tooling can not / should not be uesd since
it is a bit too excessive and could potentially do us some (more) harm.
2019-06-03 15:05:22 +02:00
Andreas Rammhold 81f390d2e3
systemd: disable building tests
We are currently not running any tests but building them takes
signitifcant amounts of time since they account to about 40% of all the
compilation targets.
2019-06-03 15:05:21 +02:00
Andreas Rammhold 8c7e588362
systemd: 241.20190221 -> 242 2019-06-03 15:05:11 +02:00
Jörg Thalheim 5b0db07ee1
systemd: 239.20190219 -> 241.20190221 2019-06-03 15:05:09 +02:00
Samuel Dionne-Riel cc058156bd systemd: Enables systemd-boot for ARM platforms 2019-05-28 19:26:57 -04:00
rnhmjoj d16a24379a
systemd: lower priority to solve collisions with openresolv 2019-05-08 13:21:04 +02:00
Matthew Bauer 4224b034cc systemd: use lib.getBin for utillinux
it’s almost always a better idea to use getBin instead of .bin.
Otherwise, we could get an evaluation error if utillinux is missing
the bin otuput.
2019-04-20 16:39:12 -04:00
Andreas Rammhold bb821c65ff
systemd: update debian patches url to snapshots.debian.org
The current approach will fail when enough time has passed. We ideally
want to be reproducible even in a few years of time. So we should pick
the sources of patches wisely as otherwise we can not do that.
2019-03-23 09:52:35 +01:00
Franz Pletz e94914560b
systemd: 239.20190110 -> 239.20190219
Fix CVE-2019-6454.
2019-02-19 23:22:34 +01:00
Vladimír Čunát 2c226107cb
systemd-cryptsetup-generator: fixup linkage
It got broken by 74a64a8a6 #53483.
But IMO it's *this* expression that was written in a too fragile way.
2019-01-26 14:16:56 +01:00
Franz Pletz 74a64a8a61
systemd: 239 -> 239.20190110
Fixes CVE-2018-16864 & CVE-2018-16865 (journald stack clash). Fixes #53755.

Also updates the debian patches to fix CVE-2018-15686. Fixes #52250.
2019-01-10 20:54:12 +01:00
Vladimír Čunát 179b8146e6
systemd: apply patches from Debian
There are some security fixes among those.
2018-11-04 11:08:04 +01:00
Vladimír Čunát 587c3774ab
Revert "systemd: 239 -> 239.20181031"
This reverts commit d1de23b830.
The changes turned out to be too intrusive, so we'll patch instead.
Discussion: https://github.com/NixOS/systemd/pull/24
2018-11-04 11:08:03 +01:00
Franz Pletz a7912ecc85
systemd: 239 -> 239.20181031
Fixes CVE-2018-15688 and updates latest upstream stable v239 branch.

See https://github.com/NixOS/systemd/pull/24 for details.

Co-authored-by: Andreas Rammhold <andreas@rammhold.de>
2018-10-31 16:12:00 +01:00
Daiderd Jordan 1383c08f2c
Merge branch 'master' into staging-next 2018-10-01 19:42:07 +02:00
Tuomas Tynkkynen fe7919f7a1 systemd: Replace meta.available checks
This sort of code breaks config.{allowBroken, allowUnsupportedSystem} =
true by making them do unpredictable things.
2018-09-28 15:01:00 +03:00
Florian Klink c3cc34f20a systemd: update to fix nspawn containers (#47264)
This fixes nspawn containers with older systemd inside currently failing
to start.

See:
https://github.com/NixOS/systemd/pull/23
https://github.com/systemd/systemd/pull/10104
https://github.com/NixOS/nixpkgs/issues/47253
2018-09-24 10:00:50 +01:00
Vladimír Čunát 2d6179d1e8
Merge branch 'master' into staging
A few trivial conflicts due to *Platforms mass replace.
2018-09-01 17:38:18 +02:00
John Ericson 0828e2d8c3 treewide: Remove usage of remaining redundant platform compatability stuff
Want to get this out of here for 18.09, so it can be deprecated
thereafter.
2018-08-30 17:20:32 -04:00
Uli Baum 03c1f567d5 systemd: don't use options from fstab on remount
Include fix by @aszlig to fix remount with comment/application-specific
fstab options.
2018-08-30 12:53:18 +02:00
Jörg Thalheim 734c2bc4d0 systemd-cryptsetup-generator: cryptsetup belongs to buildInputs
This fixes the build.
2018-08-29 17:07:12 +01:00
Markus Kowalewski 2ba5ac8dda
systemd: add license 2018-08-18 00:32:36 +02:00
Jörg Thalheim 05daf390b3 systemd: 238 -> 239 2018-08-06 11:03:09 +02:00
volth 52f53c69ce pkgs/*: remove unreferenced function arguments 2018-07-21 02:48:04 +00:00
Matthew Justin Bauer 98f2f08b4b
Merge pull request #41009 from matthewbauer/normalize-names
Add versions to packages missing it
2018-05-25 16:32:48 -05:00
Matthew Bauer 73b11060fc treewide: add more versions to package names 2018-05-25 15:48:30 -05:00
Jan Tojnar cd1fb3babf
systemd: fix build
meson 0.46 no longer likes receiving both -Dmandir and --mandir. I removed the flags from the expression in favour of those in the meson setup hook. This also fixes manpages which were previously
installed to $man/lib for some reason.
2018-05-22 21:04:40 +02:00
Patrick Hilhorst 61411e57ec
Merge remote-tracking branch 'upstream/master' into gcc8 2018-05-15 21:37:03 +02:00
John Ericson ee4b56edd3 Merge remote-tracking branch 'upstream/master' into staging 2018-05-11 14:36:08 -04:00
Matthew Bauer c37b93bd52 treewide: remove lib.meta.enableIfAvailable 2018-05-09 16:21:22 -05:00
Patrick Hilhorst 3a395ccb57
systemd: suppress certain warnings to compile under gcc8 2018-05-09 23:02:37 +02:00
Matthew Bauer 6748534d83 Merge remote-tracking branch 'upstream/master' into staging 2018-05-08 09:36:00 -05:00
xeji e450d9fb90
Merge pull request #38961 from bachp/cryptsetup-generator
cryptsetup-generator: add postFixup
2018-05-05 17:41:40 +02:00
John Ericson cf06e42d1c Merge remote-tracking branch 'upstream/master' into staging 2018-05-03 16:35:36 -04:00
Matthew Bauer 143978a477 treewide: remove platform assertions
linux: readd assertion
2018-05-03 13:09:20 -05:00
Matthew Justin Bauer eeb016e8f0
Merge branch 'staging' into fix-ncurses-darwin-extensions 2018-05-02 15:40:38 -05:00
Will Dietz 919dda7aba
Merge pull request #37814 from dtzWill/update/util-linux-2.32
util-linux: 2.31.1 -> 2.32
2018-04-30 13:21:59 -05:00
Will Dietz dadf222934 systemd: add pcre2 as build dep for searching in journalctl 2018-04-29 20:24:04 -05:00
Will Dietz b341529a35 systemd: use upstream patch to fix building with util-linux 2.32
See linked PR.
2018-04-29 16:54:24 -05:00
Pascal Bach caed1877eb cryptsetup-generator: add postFixup
This makes cryptsetup-generator link correctly
to the shared systemd library.
2018-04-29 22:16:27 +02:00
John Ericson ba52ae5048 treewide: isArm -> isAarch32
Following legacy packing conventions, `isArm` was defined just for
32-bit ARM instruction set. This is confusing to non packagers though,
because Aarch64 is an ARM instruction set.

The official ARM overview for ARMv8[1] is surprisingly not confusing,
given the overall state of affairs for ARM naming conventions, and
offers us a solution. It divides the nomenclature into three levels:

```
ISA:             ARMv8   {-A, -R, -M}
                 /    \
Mode:     Aarch32     Aarch64
             |         /   \
Encoding:   A64      A32   T32
```

At the top is the overall v8 instruction set archicture. Second are the
two modes, defined by bitwidth but differing in other semantics too, and
buttom are the encodings, (hopefully?) isomorphic if they encode the
same mode.

The 32 bit encodings are mostly backwards compatible with previous
non-Thumb and Thumb encodings, and if so we can pun the mode names to
instead mean "sets of compatable or isomorphic encodings", and then
voilà we have nice names for 32-bit and 64-bit arm instruction sets
which do not use the word ARM so as to not confused either laymen or
experienced ARM packages.

[1]: https://developer.arm.com/products/architecture/a-profile
2018-04-25 15:28:55 -04:00
Jan Malakhovski 7438083a4d tree-wide: disable doCheck and doInstallCheck where it fails (the trivial part) 2018-04-25 04:18:46 +00:00
xeji 0de00d5799 systemd 238: bump revision for upstream bugfixes
fixes #37744, #38341
2018-04-05 17:45:41 +02:00
Shea Levy 05e375d710
Merge remote-tracking branch 'origin/master' into staging 2018-03-28 09:36:47 -04:00
Nikolay Amiantov 0402877344 systemd: disable EFI support on AArch64
It seemingly isn't used by NixOS and currently breaks AArch64 build.
2018-03-28 15:40:50 +03:00
Shea Levy 26e8d58cb5
libseccomp: Disable only on RISC-V if Linux.
The isSeccomputable flag treated Linux without seccomp as just a
normal variant, when it really should be treated as a special case
incurring complexity debt to support.
2018-03-27 08:16:24 -04:00
Shea Levy cdf9a78a3e
kexectools: Disable only on RISC-V if Linux.
The isKexecable flag treated Linux without kexec as just a normal
variant, when it really should be treated as a special case incurring
complexity debt to support.
2018-03-27 08:15:07 -04:00
xeji eb828c6831 systemd: add withSelinux option
false by default, so no rebuild
2018-03-27 01:24:46 +02:00
Nikolay Amiantov 6b9771e4a7
systemd: use stable tree
This fixes a bug with changed qemu network interface names and also generally
should be preferred to using a release tag.
2018-03-23 14:43:31 +01:00
Nikolay Amiantov 0ccab4946d systemd: 237 -> 238 2018-03-22 22:37:26 +03:00
Jan Tojnar 1c6f15083b
systemd: remove unneeded rpath fixup 2018-03-22 07:30:59 +01:00
Jan Malakhovski 7079e744d4 Merge branch 'master' into staging
Resolved the following conflicts (by carefully applying patches from the both
branches since the fork point):

   pkgs/development/libraries/epoxy/default.nix
   pkgs/development/libraries/gtk+/3.x.nix
   pkgs/development/python-modules/asgiref/default.nix
   pkgs/development/python-modules/daphne/default.nix
   pkgs/os-specific/linux/systemd/default.nix
2018-03-10 20:38:13 +00:00
aszlig 88530e02b6
systemd: Update to latest NixOS branch
Updated to the latest version of the nixos-v237 branch, which fixes two
things:

  * Make sure that systemd looks in /etc for configuration files.
    https://github.com/NixOS/systemd/pull/15
  * Fix handling of the x-initrd.mount option.
    https://github.com/NixOS/systemd/pull/16

I've added NixOS VM tests for both to ensure we won't run into
regressions. The newly added systemd test only tests for that and is by
no means exhaustive, but it's a start.

Personally I only wanted to fix the former issue, because that's the one
I've been debugging. After sending in a pull request for our systemd
fork (https://github.com/NixOS/systemd/pull/17) I got a notice from
@Mic92, that he already fixed this and his fix was even better as it's
even suitable for upstream (so we hopefully can drop that patch
someday).

The reason why the second one came in was simply because it has been
merged before the former, but I thought it would be a good idea to have
tests for that as well.

In addition I've removed the sysconfdir=$out/etc entry to make sure the
default (/etc) is used. Installing is still done to $out, because those
directories that were previously into sysconfdir now get into
factoryconfdir.

Quote from commit NixOS/systemd@98067cc806:

  By default systemd should read all its configuration from /etc.
  Therefore we rely on -Dsysconfdir=/etc in meson as default value.
  Unfortunately this would also lead to installation of systemd's own
  configuration files to `/etc` whereas we are limited to /nix/store. To
  counter that this commit introduces two new configuration variables
  `factoryconfdir` and `factorypkgconfdir` to install systemd's own
  configuration into nix store again, while having executables looking
  up files in /etc.

Tested this change against all of the NixOS VM tests we have in
nixos/release.nix. Between this change and its parent no new tests were
failing (although a lot of them were flaky).

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @Mic92, @tk-ecotelecom, @edolstra, @fpletz
Fixes: #35415
Fixes: #35268
2018-03-03 10:39:38 +01:00
aszlig ae7efee4fa
systemd: Reident the expression file
The indenting is a bit weird to follow, especially at the end of the
file (right brace without indent, but the opening brace is indented by
two spaces).

No functional change and I've verified this by building it with this
change and without and both lead to the same store paths.

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @fpletz, @edolstra
2018-03-03 01:53:16 +01:00
Shea Levy a486cb1af6
systemd: Fix references to /usr/bin in cross-compilation 2018-03-01 14:54:41 -05:00
Shea Levy 9d2af8d61c
systemd: Fix cross-compiling 2018-02-26 06:38:42 -05:00
Shea Levy 42c8776571
systemd: Take python3 from buildPackages. 2018-02-25 09:07:14 -05:00
Shea Levy 87270fb306
gnu-efi: Only build on efi-enabled systems 2018-02-24 21:49:31 -05:00
Pascal Bach d351cd9f69 systemd-cryptsetup-generator: fix compilation with systemd 237
Closes #35097
2018-02-20 16:34:30 +02:00
Will Dietz d3b59f864a define top-level attrs for getent, getconf
Note that currently getent is explicitly taken from "glibc.bin",
regardless of build configuration which this preserves for now.
(on non-musl anyway)
2018-02-13 11:47:16 -06:00
Will Dietz 82dfab87fa systemd: add getent-bin to nativeBuildInputs, meson searches for getent 2018-02-13 09:45:05 -06:00
Will Dietz 8323123e95 systemd: use musl-getent on musl instead of glibc.bin's getent 2018-02-13 09:45:05 -06:00
Franz Pletz eb862c48dd
systemd: 234 -> 237
Co-Authored-By: Florian Klink <flokli@flokli.de>
Co-Authored-By: Andreas Rammhold <andreas@rammhold.de>
2018-02-13 01:24:24 +01:00
Vladimír Čunát 94cba39aa2
systemd resolved: patch CVE-2017-15908
fix loop on packets with pseudo dns types
https://github.com/NixOS/systemd/pull/14
2017-11-28 20:11:40 +01:00
John Ericson bac21681a1 systemd: Use some nativeBuildInputs
I erred on the side of caution when changing these.
2017-09-21 15:49:54 -04:00
Robin Gloster 61733ed6cc systemd: use fetchpatch for patch with the correct hash
the fetchurl failed on hydra sometimes
2017-09-03 10:33:27 -04:00
Frederik Rietdijk 91ede67a5a systemd: use fetchurl for patch
because a hash corresponding to fetchurl was provided.
2017-09-02 13:09:58 +02:00
teh 3e50f0ae0e systemd: add patch to fix suspend.target 2017-08-30 21:22:58 +02:00
Silvan Mosberger f5fa5fa4d6 pkgs: refactor needless quoting of homepage meta attribute (#27809)
* pkgs: refactor needless quoting of homepage meta attribute

A lot of packages are needlessly quoting the homepage meta attribute
(about 1400, 22%), this commit refactors all of those instances.

* pkgs: Fixing some links that were wrongfully unquoted in the previous
commit

* Fixed some instances
2017-08-01 22:03:30 +02:00
Thomas Tuegel 631f6b3e11
systemd: unset RANLIB
Commit 093cc00cdd sets the RANLIB environment
variable by default, causing `make' to invoke the wrong program.
2017-07-21 15:46:40 -05:00
Thomas Tuegel aa11af8bbe
systemd: fix broken source hash 2017-07-21 15:46:33 -05:00
Robin Gloster ae26f291bc
systemd: 233 -> 234 2017-07-16 17:22:45 +02:00
Eelco Dolstra 32e492251b
systemd: Apply fix for CVE-2017-9445 2017-06-28 14:08:05 +02:00
Jörg Thalheim dfebb66f65
systemd: v232 -> v233
Changelog: https://github.com/systemd/systemd/blob/v233/NEWS

Upgrade was pretty smooth. One notably change is the new hybrid cgroup
mode: https://github.com/systemd/systemd/blob/v233/NEWS#L5 It should
provide better compatibility with docker.
2017-05-30 08:47:09 +01:00
Eelco Dolstra 6ef630a125
systemd: Include https://github.com/NixOS/systemd/pull/8 2017-03-27 15:37:49 +02:00
Robin Gloster 31ff2ac057
systemd: add patch to fix docker
843d5baf6a

"don't use the unified hierarchy for the systemd cgroup yet"

fixes #22472
2017-02-16 23:56:27 +01:00
Robin Gloster 8a0d1bcf8b
systemd: add patches to fix i686 booting 2017-02-02 01:12:55 +01:00
Robin Gloster 972749f1d4
systemd: fix repository url
Left-over from testing, sorry..
2017-01-26 17:57:10 +01:00
Robin Gloster a38f1911d3
systemd: 231 -> 232
Includes adding some more upstream units and removing obsolete (-.slice) ones.
2017-01-26 17:52:52 +01:00
Eelco Dolstra 8b09ba32d3 systemd: Apply various upstream bug fixes
This includes the fix for the assertion failure in
https://github.com/systemd/systemd/issues/4234.
2016-09-30 11:23:51 +02:00
Eelco Dolstra 78178d5854 systemd: Separate lib output
This moves libsystemd.so and libudev.so into systemd.lib, and gets rid
of libudev (which just contained a copy of libudev.so and the udev
headers). It thus reduces the closure size of all packages that
(indirectly) depend on libsystemd, of which there are quite a few (for
instance, PulseAudio and dbus). For example, it reduces the closure of
Blender from 430.8 to 400.8 MiB.
2016-09-05 19:17:14 +02:00
Franz Pletz a1c24ab976
systemd: apply patch to fix #18158
See:
 - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834367
 - https://github.com/systemd/systemd/issues/3842
2016-09-02 23:39:19 +02:00
Tuomas Tynkkynen a17216af4c treewide: Shuffle outputs
Make either 'bin' or 'out' the first output.
2016-08-29 14:49:51 +03:00
Robin Gloster 33e1c78ae3 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-08-16 07:54:01 +00:00
Moritz Ulrich 21df40f85f systemd-cryptsetup-generator: Fix bug.
The annoying wrapper script also wraps `systemd-cryptsetup`. We need to
copy the original binary to $out too.
2016-08-15 12:42:44 +02:00
Robin Gloster b7787d932e Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-08-12 09:46:53 +00:00
Moritz Ulrich 9626707e2b systemd-cryptsetup-generator: Add note to revert 3efadce. 2016-08-09 19:21:58 +02:00
Moritz Ulrich 3efadce03b systemd-cryptsetup-generator: Fix installPhase. 2016-08-09 19:21:25 +02:00