3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

2474 commits

Author SHA1 Message Date
Rodney Lorrimar 9e56cddf13 emacsWithPackages: support installing larger packages
I was getting the following error building tide from Melpa:

    nix-build  -E '(import <nixpkgs> {}).emacs25WithPackages (p: [p.melpaPackages.tide])'

    File tide-20170509.1134.tar is large (10.2M), really open? (y or n) Error reading from stdin
    builder for ‘/nix/store/gs9ik7yf8iilsikkfing74i70m0diax3-emacs-tide-20170509.1134.drv’ failed with exit code 255
    cannot build derivation ‘/nix/store/m3p080aani4rw82llp8nqk93cw2nvirk-emacs-with-packages-25.2.drv’: 1 dependencies couldn't be built

Solution was to disable the large file warning threshold when
installing packages.
2017-05-29 12:56:09 +01:00
Ryan Trinkle 0916c26ed6 symlinkJoin: eliminate lndir spam
By default lndir outputs the name of each subdirectory as it descends into it; this commit gives it the -silent flag to disable this behavior
2017-05-27 16:19:34 -04:00
Jaka Hudoklin 112f5229d8 Merge pull request #26131 from matejc/pkgs/build-support/docker/pull
docker tools: fix pull image function
2017-05-27 12:44:34 +02:00
Matej Cotman 8d3cb0af9e docker tools: fix pull image function 2017-05-26 18:48:16 +02:00
Vladimír Čunát 00672dec8a
Merge older staging
This still causes some uncached rebuilds, but master(!) and staging
move too fast forward rebuild-wise, so Hydra might never catch up.
(There are also other occasional problems.)
Therefore I merge at this point where the rebuild isn't that bad.
2017-05-26 15:45:43 +02:00
Eelco Dolstra dc4e2cd70f Merge pull request #26062 from cleverca22/libredirect
libredirect: allow null paths
2017-05-24 18:09:55 +02:00
Mateusz Naściszewski 00572d595c
ipfs: 0.4.6 -> 0.4.9 2017-05-24 16:31:17 +02:00
michael bishop 5677ce2008
libredirect: allow null paths 2017-05-24 11:29:06 -03:00
Vladimír Čunát 8004e79415
Merge branch 'master' into staging 2017-05-24 03:24:06 +02:00
Benno Fünfstück 19d3cf81d3 rust: fix fetch-cargo-deps for git dependencies
We need to make sure that `$revs` ends with a space, since files must always
end with newlines. The previous code ignored the last entry in `$revs`, because
read already returns non-zero exit code for the last entry, as it does not end
with a space.
2017-05-23 10:01:33 +02:00
Frederik Rietdijk 99cfab07b9 Merge remote-tracking branch 'upstream/master' into HEAD 2017-05-22 09:21:40 +02:00
Matthew Bauer 2c0006521b
emacsWithPackages: wrap MacOS app
fixes #22893
2017-05-20 18:51:32 -05:00
Shea Levy b71b7ee622 fetchFromGitHub: Allow private repos, hosted githubs 2017-05-19 15:38:01 -04:00
Vladimír Čunát 8b01ec9a9e
Merge branch 'master' into staging 2017-05-10 00:54:53 +02:00
Eelco Dolstra 31c2d20621
debian: 8.7 -> 8.8 2017-05-08 16:02:38 +02:00
Eelco Dolstra 94d164dd7f
Add a setup hook for detecting $TMPDIR references in RPATHs and wrapper scripts 2017-05-04 20:23:57 +02:00
Linus Heckemann 33962a4420 stdenv: fix "grep: invalid range" 2017-05-04 16:54:01 +01:00
Frederik Rietdijk c520e79842 Merge remote-tracking branch 'upstream/master' into HEAD 2017-05-03 09:59:49 +02:00
Vladimír Čunát 1bcd56b6e6
Merge branch 'master' into staging
There's been a very large rebuild on master, unfortunately.
pytestcov conflict: I'm not really sure what should be propagated.
2017-05-02 16:01:48 +02:00
Utku Demir 5a78bed2bb Fix documentation of emacsWithPackages
After [this change](901a778c77), it should be `overrideScope` instead of `override`.
2017-05-02 09:52:04 +12:00
Michael Raskin f3b45f83b5 Merge pull request #25205 from orivej/rsp
Fix parsing @args.rsp compiler arguments
2017-05-01 18:48:11 +02:00
Shea Levy 8a1707ad0d nixBufferBuilders: Add haskellMonoRepo builder 2017-05-01 11:44:21 -04:00
rht 5628cebcf0 /bin/sh -> ${stdenv.shell} 2017-04-30 17:01:07 +02:00
Thomas Tuegel 4e0d21edd1 Merge pull request #25285 from ttuegel/qt--fix-plugin-paths
Qt: purify plugin paths, unify Linux and Darwin builders
2017-04-30 07:33:50 -05:00
Joachim Fasting ab4fa1cce4
tree-wide: prune some dead grsec leaves
The beginning of pruning grsecurity/PaX from the tree.
2017-04-30 12:05:41 +02:00
Peter Simons d1008a9a5f Merge pull request #25299 from ahmedtd/fix-wrap-gapps-hook
wrapGAppsHook: Correct `wrapProgram` invocations
2017-04-29 10:33:52 +02:00
Taahir Ahmed 2cd342cfb3 wrapGAppsHook: Correct wrapProgram invocations
This change fixes several defects in the way `wrapGAppsHook` selected
the executable to wrap.

Previously, it would wrap any top-level files in the target `/bin` and
`/libexec` directories, including directories and non-executable
files.  In addition, it failed to wrap files in subdirectories.

Now, it uses `find` to iterate over these directory hierarchies,
selecting only executable files for wrapping.
2017-04-28 15:24:50 -05:00
Peter Simons 5c25c33a05 wrapGAppsHook: Revert "Correct wrapProgram invocations"
This reverts commit 8b9f153bb9 of
https://github.com/NixOS/nixpkgs/pull/25183 because it breaks builds of
packages that don't install both a "bin" and a "libexec" directory. See
https://github.com/NixOS/nixpkgs/pull/25183#issuecomment-298064769 for more
details.
2017-04-28 20:01:33 +02:00
Thomas Tuegel 394885daec
kdeWrapper: prefix Qt search paths 2017-04-28 05:54:20 -05:00
Peter Simons edcff000d4 Merge pull request #25183 from ahmedtd/fix-wrap-gapps-hook
wrapGAppsHook: Correct `wrapProgram` invocations
2017-04-28 11:13:12 +02:00
Renzo Carbonara d3bf2afc54 fetchdarcs: add SSL_CERT_FILE environment variable 2017-04-26 22:23:00 +02:00
Dan Peebles 9e764af72f fetchs3: init simple S3 downloader 2017-04-25 22:01:32 -04:00
Orivej Desh e9adf383e6 Fix parsing @args.rsp compiler arguments 2017-04-25 13:29:43 +00:00
Taahir Ahmed 8b9f153bb9 wrapGAppsHook: Correct wrapProgram invocations
This change fixes several defects in the way `wrapGAppsHook` selected
the executable to wrap.

Previously, it would wrap any top-level files in the target `/bin` and
`/libexec` directories, including directories and non-executable
files.  In addition, it failed to wrap files in subdirectories.

Now, it uses `find` to iterate over these directory hierarchies,
selecting only executable files for wrapping.
2017-04-24 10:56:53 -05:00
Frederik Rietdijk 4fc9b1852a Merge remote-tracking branch 'upstream/master' into HEAD 2017-04-23 11:26:47 +02:00
Benno Fünfstück bd78749d33 rust: improve fetch-cargo-deps determinism for non-sandboxed builds
When not using sandboxing, /usr/share/git-core/templates may leak into the
nix build through the libgit2 hardcoded default template search path. We now
explictly set the templatedir to avoid this problem.

See https://github.com/bennofs/nix-index/issues/2#issuecomment-296268983 for
an example case of nondeterminism.
2017-04-21 23:26:46 +02:00
Sven Slootweg fa8adf2c47 fetchurl: fixed typo in error message
This typo was likely introduced by copy-pasting the error message from elsewhere and forgetting to change the text, during the MD5 deprecation process (#4491).
2017-04-21 16:41:09 +02:00
Frederik Rietdijk e0abe74baf Merge remote-tracking branch 'upstream/master' into HEAD 2017-04-18 11:25:43 +02:00
Tim Stewart 5ca1646bb0 docker: improve reproducibility of layers
This patch fixes file modification times to $SOURCE_DATE_EPOCH, and
ensures that files originating from the store are owned by root:root.
Both changes improve reproducibility, and the latter allows proper
building on a host where the store is owned by a non-root user.
2017-04-16 22:46:24 -04:00
Jörg Thalheim e8d5af0bd8
buildRustPackage: only copy executables to bin
in newer rust versions also *.rlib files are put into this directory
2017-04-15 13:26:51 +02:00
Jörg Thalheim be70c02461
buildRustPackage: add standard package hooks
when overriding build phases also the standard hooks should be called
2017-04-15 13:26:51 +02:00
Jörg Thalheim 33cfee8177
buildRustPackage: add cargoBuildFlags 2017-04-15 13:26:50 +02:00
John Ericson 3bff114d95 Merge pull request #24871 from elitak/cross-staging
Various small crossDrv fixes
2017-04-15 01:27:05 -04:00
Vladimír Čunát f7a4f146c9
Merge branch 'master' into staging
This includes a fix for a bad merge.
2017-04-14 19:22:02 +02:00
Vladimír Čunát aeb0560959
Merge #24858: Smart wrapProgram 2017-04-14 12:24:33 +02:00
Eric Litak bd45ec6416 buildEnv: use buildPackages.perl so crossDrv works 2017-04-14 02:00:08 -07:00
Nikolay Amiantov e7c76d3c25 makeWrapper: search for free unwrapped file name 2017-04-12 18:12:16 +03:00
Nikolay Amiantov 54bbf91479 buildFHSEnv: add ACLOCAL_PATH
Fixes #24620.
2017-04-12 14:43:08 +03:00
Christian Kauhaus 09f24f628b buildRustPackage: Fix "warning: file ... may be generated" (#24471)
Every Rust derivation used to emit a warning like the following:

```
setting SOURCE_DATE_EPOCH to timestamp 1490877042 of file cargo-6e0c18c/Cargo.lock
warning: file cargo-6e0c18c/Cargo.lock may be generated; SOURCE_DATE_EPOCH may be non-deterministic
```

The reason is that the dependencies are copied without preserving
timestamps. Changing the build script to timestamp-preserving copy
removes the warning.
2017-03-30 15:15:49 +02:00
Michael Raskin 8a919af23b Merge pull request #24347 from spacekitteh/fetchGitRepo
fetchRepoProject: fixes; more options
2017-03-28 02:33:35 +02:00
Nikolay Amiantov 50adc53207 buildDotnetPackage: don't depend on invalid quoting in makeWrapper
Fixes #24387.
2017-03-27 18:24:08 +03:00
Sophie Taylor 50d964d105 fetchRepoProject: typo 2017-03-27 15:04:02 +10:00
Sophie Taylor 69055ecb51 fetchRepoProject: fixup 2017-03-26 21:55:41 +10:00
Sophie Taylor f3b6a0b14c fetchRepoProject: typo 2017-03-26 21:50:46 +10:00
Sophie Taylor 62e115af5b Merge branch 'master' into fetchGitRepo 2017-03-26 20:17:03 +10:00
Sophie Taylor 1f545f01bb
fetchRepoProject: fixes; more options 2017-03-26 20:05:59 +10:00
Shea Levy f087b75941 nix-buffer support: Make process-environment changes actually local 2017-03-25 11:13:25 -04:00
Daiderd Jordan 7dc489d95a Merge pull request #24275 from spacekitteh/fetchFromGitRepo
fetchRepoProject: Fix buildCommand
2017-03-25 09:45:11 +01:00
Daiderd Jordan 00f472a563
fetchrepoproject: cleanup extra flags 2017-03-25 00:35:20 +01:00
Sophie Taylor 2078c34dad fetchRepoProject: Fix buildCommand 2017-03-25 00:24:43 +01:00
Shea Levy 9a777013d1 Add setupSystemdUnits function.
Allows setting up and managing a set of systemd units on any systemd distribution.
2017-03-24 15:47:51 -04:00
Daiderd Jordan f6669da3cf
fetchrepoproject: fix evaluation 2017-03-24 08:40:16 +01:00
Daniel Peebles a9644fb1f0 Merge pull request #24239 from spacekitteh/fetchFromGitRepo
Added fetchRepoProject
2017-03-23 23:30:07 -04:00
Sophie Taylor 76e095c6c5
fetchRepoProject: init.
Added to grab projects added by git-repo.

Contains some problems still reguarding purity and clone.bundle,
but good enough for now.
2017-03-24 13:28:23 +10:00
Nikolay Amiantov a40b7d07e9 makeQtWrapper, kdeWrapper: add GTK3 dependencies 2017-03-22 20:15:32 +03:00
HeeL cd2627da0d Fix mkdir for fetchgx to not throw an exception 2017-03-21 16:04:00 +01:00
Robin Gloster f57185db95
fetch-*: remove md5 support
fixes #4491
2017-03-20 22:23:41 +01:00
Vladimír Čunát 3ca0990da1
fetchsvn: fixup name guessing after #23851
I can't see any unfixed differences due to that PR,
at least in nix-env -qa output for the four Hydra platforms.
2017-03-19 10:55:16 +01:00
Nikolay Amiantov 7ff6eec5fd makeWrapper: quote paths
Fixes https://github.com/NixOS/nixpkgs/pull/22962#commitcomment-21144939

Also run ShellCheck.
2017-03-16 15:16:33 +01:00
Vladimír Čunát e99bc64552
Merge branch 'master' into staging
More larger rebuilds from master, unfortunately.
2017-03-15 19:09:56 +01:00
Daniel Peebles 38a03817b0 Merge pull request #22571 from LnL7/darwin-frameworks-hook
add setup-hook to fix darwin frameworks
2017-03-15 11:33:23 -04:00
Tuomas Tynkkynen aba0b45b86 Merge remote-tracking branch 'upstream/master' into staging
Conflicts:
      pkgs/development/libraries/qt-5/5.7/qtbase/default.nix
2017-03-14 00:49:22 +02:00
Arseniy Alekseyev 6a51b55af6 fetchSvn: Add support for --ignore-keywords flag
This is a flag that disables subversion keyword substitution.
Keyword substitution inserts metadata into the files being checked
out, and is therefore somewhat at odds with build reproducibility.

In particular, it can become a problem if you're trying to switch
between svn and a git export of the same thing (keyword substitutions
are normally not exported into git).
2017-03-13 03:43:39 +00:00
Daiderd Jordan 04fa8e006c
darwin: add setup-hook to fix CF references 2017-03-12 15:19:03 +01:00
Linus Heckemann 603b799bcb Add removeReferencesTo for removing specific refs
This allows for a less blanket approach than nuke-refs, targetting specific
references that we know we don't want rather than all references that we don't
know we want.
2017-03-09 12:01:55 +00:00
Shea Levy d39be63a10 stripDirs: Silence annoying 'File format not recognized' errors 2017-03-08 14:25:06 -05:00
Anders Papitto 095cf1b903 Revert "buildRustPackage: fix deprecated use of registry.index config key"
This reverts commit e8aa8cc94b.
2017-03-02 13:40:19 +01:00
Shea Levy bae77363c3 nixBufferBuilders.withPackages: Fix buffer count logic 2017-03-01 11:05:50 -05:00
Vladimír Čunát b43614a6bb
Merge branch 'staging'
(Truly, this time :-)
2017-03-01 11:34:44 +01:00
Daniel Peebles 1f779398c9 Merge pull request #20444 from NeQuissimus/java_packages
Java packages
2017-02-27 20:04:56 -05:00
Vladimír Čunát a1919db7cd
Merge branch 'master' into staging 2017-02-27 20:15:27 +01:00
Vladimír Čunát 20ffc3cd73
compress-man-pages: skip compressed manpages
Because of bash 4.4 the semantics GLOBIGNORE changed.
This resulted in already compressed manpages to be compressed twice.
Also be careful about symlinks to fix #21777, e.g. the ledger example.
2017-02-27 20:03:45 +01:00
Thomas Tuegel 68e0bc38a2
Move kdeWrapper out of kdeFrameworks 2017-02-27 11:49:21 -06:00
Thomas Tuegel d446303d0b
Move kdeDerivation out of kdeFrameworks 2017-02-27 11:49:16 -06:00
Jörg Thalheim f8cb022feb
build-support/vm: replace sha256 with sha1 2017-02-26 10:01:08 +01:00
Thomas Tuegel e02de9e017
kde4: Remove kdewrapper
- Not useful without the KDE 4 desktop
2017-02-24 16:49:06 -06:00
Eelco Dolstra d0d5ea0cdf
Grrr 2017-02-21 15:26:14 +01:00
Eelco Dolstra fac3438a96
Fix Ubuntu 16.10 name 2017-02-21 15:22:30 +01:00
Eelco Dolstra 1fdb52ffcc
Add Ubuntu 16.10 2017-02-21 15:08:58 +01:00
Eelco Dolstra acb2acf1f5
VM builds: Use -smp when enableParallelBuilding is set 2017-02-21 15:08:54 +01:00
Eelco Dolstra 012b5a5c45
Add Fedora 25 2017-02-21 15:08:46 +01:00
anderspapitto 6dbb3ab031 buildRustPackage: fix deprecated use of registry.index config key (#22987)
See
8214bb953d
for the cargo commit which deprecated the registry.index key, and
implements this as a replacement. This gets rid of the error message

warning: custom registry support via the `registry.index` configuration is being removed, this functionality will not work in the future
2017-02-19 18:25:25 +00:00
Eelco Dolstra 97fc806a7b
nix-prefetch-zip: Remove
This script is not needed anymore since "nix-prefetch-url --unpack
<url>" and "nix-prefetch-url -A foo.src" (where "foo.src" is a
fetchzip / fetchFromGitHub call) work fine.
2017-02-16 11:28:23 +01:00
Profpatsch 21cdf340db pythonPackages: use a more direct mirror (#22833)
The pypi.io domain is redirected two (!) times and lands on the URL added by
this commit.
2017-02-15 15:40:31 +01:00
Tim Steinbach 8a7a44c918
javaPackages: Use artifactId/groupId 2017-02-13 18:40:13 -05:00
Parnell Springmeyer 9e36a58649
Merging against upstream master 2017-02-13 17:16:28 -06:00
Eelco Dolstra a4ec1841da
VM tests: veryloose -> cache=loose 2017-02-13 12:18:10 +01:00
Tuomas Tynkkynen 00c80a247d updateAutotoolsGnuConfigScriptsHook: Only fix files
Some package had a broken symlink named config.sub, and the script would
fail.
2017-02-11 12:24:49 +02:00
Vladimír Čunát 66fe4af226
Merge recent staging
It's the version last built on Hydra, almost fully.
2017-02-10 18:07:14 +01:00
Joachim Fasting fc54ece470
Revert "grsecurity: overrideDerivation -> overrideAttrs"
This reverts commit 3d9017602b.

This didn't quite work as I had expected ... While it seemed okay at
first, it fails to propagate all the attributes it used to (notably
features).  I'll revisit this later but reverting for now.
2017-02-10 06:52:02 +01:00
Joachim Fasting 3d9017602b
grsecurity: overrideDerivation -> overrideAttrs 2017-02-09 16:23:06 +01:00
Michael Raskin 5f3fa24a20 cygwin-iso: fix the most obvious parts of bit rot
Still doesn't build though. Is anyone still using it?
2017-02-09 15:07:38 +01:00
Vladimír Čunát 6bea415b5e
Merge branch 'master' into staging 2017-02-09 08:42:04 +01:00
Eelco Dolstra 11621b9ec0
samba: Fix URL
Fixes #22527.
2017-02-07 20:23:56 +01:00
Vladimír Čunát 3b583d943e
Merge #19328: mkWrapper fix and docs 2017-02-05 14:09:22 +01:00
Parnell Springmeyer 6777e6f812
Merging with upstream 2017-01-29 05:54:01 -06:00
Parnell Springmeyer 4aa0923009
Getting rid of the var indirection and using a bin path instead 2017-01-29 04:11:01 -06:00
Parnell Springmeyer e92b8402b0
Addressing PR feedback 2017-01-28 20:48:03 -08:00
Gabriel Gonzalez c791c0fd16 Add a pkgs.dhallToNix utility
This adds a `dhallToNix` utility which compiles expression from the Dhall
configuration language to Nix using Nix's support for "import from derivation".
The main motivation of this compiler is to allow users to carve out small typed
subsets of Nix projects.  Everything in the Dhall language (except `Double`s)
can be translated to Nix in this way, including functions.
2017-01-26 20:11:49 -08:00
Parnell Springmeyer a26a796d5c
Merging against master - updating smokingpig, rebase was going to be messy 2017-01-26 02:00:04 -08:00
Parnell Springmeyer bae00e8aa8
setcap-wrapper: Merging with upstream master and resolving conflicts 2017-01-25 11:08:05 -08:00
Tuomas Tynkkynen c909f1b18e stdenv: Add updateAutoconfGnuConfigScriptsHook for aarch64
This is required for Aarch64 since a lot of source tarballs ship with
outdated configure scripts that don't recognize aarch64. Simply
replacing the config.guess and config.sub with new versions from
upstream makes them build again.

This same approach is used by at least Buildroot and Fedora. In
principle this could be enabled for all architectures but
conditionalizing this on aarch64 avoids a mass rebuild on x86.
2017-01-25 00:01:52 +02:00
Tuomas Tynkkynen 7c8a060c09 stdenv: Bringup aarch64 architecture support 2017-01-25 00:01:51 +02:00
John Ericson 09401d44eb cc-wrapper: Remove unneeded crossAttrs 2017-01-24 11:37:56 -05:00
Andraz Bajt d72406985b
Fix fetchbower to handle SSL origins 2017-01-23 15:50:18 +01:00
Eelco Dolstra cc0981b176
debian: 8.6 -> 8.7 2017-01-17 10:55:05 +01:00
Vladimír Čunát a652099c46
fetchurl: change to grep -E to fix #8561
Close #21861.
2017-01-13 19:07:07 +01:00
Connor Clark c7ba4643a9 nix-prefetch-git: remove call to non-existent print_metadata command; improve hash mismatch error message. 2017-01-03 18:57:37 -08:00
Nikolay Amiantov 0a16269198 Revert "releaseTools.debBuild: split checkinstall into separate phase" 2016-12-31 02:13:04 +04:00
Michael Raskin f9020aed06 Merge pull request #20767 from abbradar/debbuild
releaseTools.debBuild: split checkinstall into separate phase
2016-12-30 21:57:19 +00:00
Michael Raskin dd2fc990f0 Merge pull request #19939 from groxxda/replaceDependency
replaceDependency: fix syntax error
2016-12-30 20:48:26 +00:00
Eelco Dolstra bbd03e236a
Use looser 9pfs caching in VM tests/builds
This can give significant speed ups, see
7e20254412.
2016-12-29 21:26:16 +01:00
Joachim Fasting 5a8147479e make-initrd: create reproducible initrds
To achieve reproducible results, `cpio` archive members are added in
sorted order and inodes renumbered.

The `cpio-clean.pl` script is made obsolete by setting mtimes via
`touch` & using `cpio --reproducible`.  Suggested by @dezgeg in
https://github.com/NixOS/nixpkgs/pull/21273#issuecomment-268116605.

Note that using `--reproducible` means that initial ramdisk creation now
requires at least `cpio` version 2.12 (released in 2015).
2016-12-20 14:00:04 +01:00
Jörg Thalheim f90d632fb4 Merge pull request #19369 from Mic92/nix-prefetch-git
nix-prefetch-git: fix json output.
2016-12-14 08:32:50 +01:00
Michael Raskin c94e44b0ae linkFarm: prefer local build 2016-12-09 11:26:53 +01:00
Tomas Hlavaty 59134519ee fix win-dll-link.sh setup hook (#20925)
if a dll is symlink then dll files from the symlinked
directory need to be taken
2016-12-07 17:58:36 +01:00
Jörg Thalheim 47d0d3d46f
nix-prefetch-git: fix date field
in some cases `git show` include tag information in the output
this is suppressed by the parameter '-1'
2016-12-05 12:32:14 +01:00
Jörg Thalheim 954d995394
nix-prefetch-git: escape string fields properly
json requires certain characters to be escaped in strings.
2016-12-05 12:32:14 +01:00
Aristid Breitkreuz e3dcf5da1d rq: init at 0.9.2 (broken because our v8 is too old, and I'm too weak to update v8) 2016-12-03 23:36:48 +01:00
Nikolay Amiantov 41fcb036eb releaseTools.debBuild: split checkinstall into separate phase and allow to override them 2016-12-03 11:09:41 +03:00
Eelco Dolstra e3a873479e
Remove fetchMD5warn
Deprecation warnings should not be used in Nixpkgs because they spam
innocent "nix-env -qa" users with (in this case) dozens of messages
that they can't do anything about.

This also reverts commit 2ca8833383.
2016-11-30 15:14:30 +01:00
Vladimír Čunát 97853c07d7
stdenv moveToOutput: move even broken symlinks
I believe this reduces surprises and is actually simpler semantically.
This is important e.g. for relative symlinks when moving both source
and target - now the order of moving won't matter.

Fixes #20723 (a particular instance of the surprise).
2016-11-26 12:32:15 +01:00
Vladimír Čunát 925b335607
Merge branch 'master' into staging 2016-11-26 11:27:09 +01:00
Lazar Bodor 186ed3bf8f dockerTools: rsync contents with -keep-dirlinks 2016-11-24 12:48:26 +11:00
Franz Pletz f01dd648f5
Merge branch 'master' into staging 2016-11-23 02:06:26 +01:00
David McFarland 175461e09b cc-wrapper: don't expand $ in response files
This makes the response file handling more consistent with GCC.

For example, a reponse file may contain:

    "-Wl,$ORIGIN"

GCC will treat this as a double quoted string and not expand the
variable reference.  Previously, cc-wrapper would expand the variable
in the same was as if the string was provided on the command line.
2016-11-19 20:21:32 -04:00
Alexey Shmalko a80cacd3ec
fetchFromGitHub: add fetchSubmodules option
This commit extends fetchFromGitHub with ability to fetch GitHub
repositories with submodules, so we can use the function consistently
with all GitHub repositories.

Note it doesn't change the previous behavior.
2016-11-18 13:04:26 +02:00
Justin Bedo 04121437be
singularity: init 2.2 2016-11-15 09:11:53 +11:00
Tim Steinbach d849c0e2e1
Build support 2016-11-14 15:19:33 -05:00
Shea Levy ca4b43d180 Merge branch 'master' into staging 2016-11-04 22:57:07 -04:00
Tim Steinbach 04b22dd935 Merge pull request #19982 from sternenseemann/netcat
Make netcat-openbsd the default netcat
2016-11-02 19:44:29 -04:00
Daiderd Jordan f84e2efcfd Merge pull request #20018 from adnelson/use_basename_docker
docker.buildUtils: use baseNameOf to allow for slashes in name
2016-11-01 12:29:28 +01:00
Ben Gamari 22cc5407cd gcc-cross-wrapper: Fix include path
Include files are typically in the libc package's `dev` output but previously `-isystem` was looking in `out`, resulting in my cross-compilation environment not finding its include files.
2016-10-31 23:44:03 +02:00
Tuomas Tynkkynen d0ae7b973d Merge remote-tracking branch 'upstream/master' into staging 2016-10-31 20:13:06 +02:00
Test ca5fda39dc docker.buildUtils: use baseNameOf to allow for slashes in name 2016-10-31 10:11:48 -05:00
Shea Levy 225602d9f2 Merge branch 'response-files' of git://github.com/corngood/nixpkgs into staging 2016-10-31 10:07:30 -04:00
Franz Pletz aa2b8d25d6 Merge pull request #19931 from mguentner/ipfs_update
ipfs: i20160112 -> 0.4.4, fetchgx
2016-10-31 14:42:05 +01:00
David McFarland 1ad1edbb32 cc-wrapper: expand response files
Fixes #11762
2016-10-31 01:12:07 -03:00
sternenseemann e2372502d3 netcat: make netcat-openbsd the default netcat (#19411)
The motivation for this change is the following: As gnu-netcat,
e. g. does not support ipv6, it is not suitable as default netcat.

This commit also fixes all obvious build issues caused by this change.
2016-10-30 15:06:04 +01:00
Alexander Ried cc523714a6 fetchfile: remove unused file 2016-10-29 07:28:52 +02:00
Franz Pletz ff04adf871
fetchgx: fetch dependencies with gx and gx-go 2016-10-29 05:17:27 +02:00
Alexander Ried 10728c25b0 replaceDependency: fix syntax error 2016-10-28 01:00:04 +02:00
Frederik Rietdijk 7077a270bf Merge remote-tracking branch 'upstream/master' into HEAD 2016-10-26 13:06:43 +02:00
Tom Boettcher 30b09b8620 dockerTools: Fix loop typo.
This typo was causing only a single layer to be de-duplicated,
rather than all parent layers.
2016-10-24 14:30:00 -05:00
Joachim Fasting 6d1bf921fa
grsecurity: work around #19698
This is a temporary work-around to fix using grsecurity on NixOS with
the new kernelPackages/kernelPatches machinery.

For whatever reason, when `security.grsecurity.enable = true`, the grsec
patch ends up being applied twice, causing the kernel build to fail.

Until the root cause of this is identified, we hack around it by simply
pruning duplicate patches in the grsec kernel builder.

Closes #19698
2016-10-23 18:25:29 +02:00
Frederik Rietdijk e56832d730 Merge remote-tracking branch 'upstream/master' into HEAD 2016-10-22 17:23:24 +02:00
Tuomas Tynkkynen 5076c0a5d3 modules-closure: Use stdenvNoCC 2016-10-20 02:39:29 +03:00
David McFarland 2b6659e13e cc-wrapper: fix detection of unsupported linker flags on cygwin 2016-10-18 17:52:20 -03:00
Vladimír Čunát 027efec879 Merge staging without python splitting for now
The split needs more time to finish rebuilding,
but the rest seems OK and there are security fixes.
2016-10-14 09:24:21 +02:00
Jörg Thalheim d5316884e4 Merge pull request #19024 from adnelson/docker_refactor
dockerTools: add docs to docker build functions
2016-10-13 11:50:21 +02:00
Profpatsch bef6bef0d2
stdenv/stripHash: print to stdout, not to variable
`stripHash` documentation states that it prints out the stripped name to
the stdout, but the function stored the value in `strippedName`
instead.

Basically all usages did something like
`$(stripHash $foo | echo $strippedName)` which is just braindamaged.
Fixed the implementation and all invocations.
2016-10-11 18:34:36 +02:00
Nikolay Amiantov 7a73ecc18e buildFHSEnv: link /etc/zoneinfo
This is needed because now /etc/localtime symlink points there.
2016-10-11 16:56:11 +03:00
Michael Raskin f603dc11a6 fetch*: print a trace warning about md5 deprecation 2016-10-09 16:19:04 +02:00
Vincent Laporte 4168706d4f OCaml modules: make explicit some dependencies to ocamlbuild 2016-10-09 11:55:19 +02:00
Profpatsch 5ae18574fc stdenv/makeWrapper: make extraFlagsArray local
extraFlagsArray should not be exposed outside of `makeWrapper`, it
should only be possible to set it inside a script supplied via the
`--run` argument.
2016-10-08 23:36:49 +02:00
Profpatsch dd58d24fa6 stdenv: document makeWrapper
Add function documentation to `makeWrapper`.
Also add user documentation to the nixpkgs manual.
2016-10-08 23:36:40 +02:00
Damien Cassou 0e69fb2f19 Merge pull request #18985 from dudebout/emacs-with-c-src
emacs: add an option to install the C source
2016-10-07 17:23:19 +02:00
Shea Levy eca0f17ad2 nix-buffer support improvements.
Use inherit-local, add per-package elisp hooks.
2016-10-07 10:31:37 -04:00
Vladimír Čunát 30f551d8b2 Merge branch 'master' into staging 2016-10-05 19:02:48 +02:00
Jörg Thalheim 1bd8d7710e Merge pull request #19125 from markus1189/bin-bash-cleanup
Bin bash cleanup
2016-10-05 17:16:00 +02:00
Kirill Boltaev 3e646865f4 treewide: use ocaml.version (#19192) 2016-10-05 09:32:30 +02:00
Markus Hauck aafbd40577 Replace hard coded /bin/bash occurrences 2016-10-04 20:15:37 +02:00
Allen Nelson 940aafcbcc use rsync, comment out pulls 2016-10-03 15:12:29 -05:00
Jörg Thalheim 888f6a1280 Merge pull request #19199 from wizeman/u/fix-help2man-hash
help2man: fix hash
2016-10-03 19:26:44 +02:00
Allen Nelson b9007c8d83 add examples file 2016-10-03 12:07:33 -05:00
Joachim Fasting 1bb7b44cd7
grsecurity: make GRKERNSEC y and PAX y implicit
These options should always be specified. Note, an implication of this
change is that not specifying any grsec/PaX options results in a build
failure.
2016-10-02 19:25:58 +02:00
Allen Nelson 4abe579250 add docs to docker build functions
bring back ls_tar

replace goPackages with go

don't hardcode /nix/store in vmTools

more docs
2016-09-29 12:52:57 -05:00
Eelco Dolstra 97bfc2fac9 runCommand: Use stdenvNoCC
This ensures that most "trivial" derivations used to build NixOS
configurations no longer depend on GCC. For commands that do invoke
gcc, there is runCommandCC.
2016-09-29 13:06:43 +02:00
Eelco Dolstra 0cb16a6955 Add stdenvNoCC
This is a standard environment that doesn't contain a C/C++
compiler. This is mostly to prevent trivial builders like runCommand
and substituteAll from pulling in gcc for simple configuration changes
on NixOS.
2016-09-29 13:06:41 +02:00
Eelco Dolstra 518340624d Merge remote-tracking branch 'origin/master' into staging 2016-09-29 13:06:14 +02:00
Eelco Dolstra c5ddb7dd56 Move useSetUID to pam_usb, the only place where it's used 2016-09-29 13:05:28 +02:00
Eelco Dolstra 030e20f759 Add a warning about using requireFile 2016-09-29 13:05:28 +02:00
Vladimír Čunát 77604964b6 Merge branch 'master' into staging 2016-09-28 17:13:59 +02:00
Nicolas Dudebout 9c3852538c emacsWrapper: remove site-start.elc 2016-09-27 16:13:22 -04:00
Eric Sagnes 37f0aafc56 releaseTools: add channel function 2016-09-27 08:51:28 +09:00
Luca Bruno c049fd4a31 Merge pull request #18896 from tboettch/dockerToolsFix
dockerTools: Fix layer redundancy.
2016-09-25 15:35:05 +01:00
Vladimír Čunát fffc7638cd Merge branch 'master' into staging 2016-09-24 18:54:31 +02:00
Tom Boettcher 1e8b69c35e dockerTools: Fix layer redundancy.
When building an image with multiple layers, files
already included in an underlying layer are supposed to
be excluded from the current layer. However, some subtleties
in the way filepaths are compared seem to be blocking this.

Specifically:
* tar generates relative filepaths with directories ending in '/'
* find generates absolute filepaths with no trailing slashes on directories

That is, paths extracted from the underlying tarball look like:
    nix/store/.../foobar/
whereas the layer being generated uses paths like:
    /nix/store/.../foobar

This patch modifies the output of "tar -t" to match the latter format.
2016-09-23 16:40:59 -05:00
Eelco Dolstra f081a1aaf4 debian: 8.5 -> 8.6 2016-09-22 15:53:29 +02:00
Eelco Dolstra ac03df96ba openssl: 1.0.1t -> 1.0.1u, 1.0.2h -> 1.0.2i, 1.1.0 -> 1.1.0a
https://www.openssl.org/news/secadv/20160922.txt
2016-09-22 15:05:09 +02:00
Eelco Dolstra 7a4209c356 Merge remote-tracking branch 'origin/master' into staging 2016-09-20 17:46:09 +02:00
Eelco Dolstra 5f8a330d40 outputDocdev -> outputDevdoc
For consistency with the devdoc output.
2016-09-20 17:44:48 +02:00
Eelco Dolstra 594c47e5eb Don't nuke section 3 manpages by default
They now go to devman, devdoc, or $outputMan, in that order. This is
to prevent cases such as the man-pages package quietly losing its
section 3 pages.
2016-09-20 17:42:43 +02:00
Profpatsch 61462c94e6 lib/fetchers.nix: factor out impure proxy vars (#18702)
Apparently everyone just copied those variables, instead of creating a
library constant for them. Some even removed the comment. -.-
2016-09-17 21:50:01 +02:00
Shea Levy b04cdae902 nixBufferBuilders.withPackages: Make more legible, special-case proof-general.
There's some bigger changes coming, but thought I'd push this first...
2016-09-05 17:55:49 -04:00
Shea Levy 05c132486d Initial version of nixBufferBuilders.withPackages.
This builds elisp to setup an emacs buffer with the packages given
available. See shlevy/nix-buffer for more information.

Currently only modifies $PATH.
2016-09-05 12:01:26 -04:00
Nikolay Amiantov 698cadd714 runVM: mount devpts 2016-09-04 17:11:01 +03:00
Nikolay Amiantov 8b38b6aae2 runVM: check exit code before postVM eval 2016-09-04 17:11:01 +03:00
Tuomas Tynkkynen e2c6740c37 Merge commit 'adaee73' from staging into master
This one was already merged into release-16.09, so let's not have the
stable branch is ahead of master and confuse things. In addition to
that, currently we have an odd situation that master has less things
actually finished building than in staging.

Conflicts:
	pkgs/data/documentation/man-pages/default.nix
2016-09-03 01:02:51 +03:00
Parnell Springmeyer 98c058a1ee Adapting everything for the merged permissions wrappers work. 2016-09-01 19:21:06 -05:00
Tuomas Tynkkynen 8c4aeb1780 Merge staging into master
Brings in:
    - changed output order for multiple outputs:
      https://github.com/NixOS/nixpkgs/pull/14766
    - audit disabled by default
      https://github.com/NixOS/nixpkgs/pull/17916

 Conflicts:
	pkgs/development/libraries/openldap/default.nix
2016-09-01 13:27:27 +03:00
Eelco Dolstra 8172cd734c docdev -> devdoc
It's "developer documentation", not "documentation developer" after
all.
2016-09-01 11:07:23 +02:00
Domen Kožar da421bc75f Fix #4210: Remove builderDefs
This was one of the ways to build packages, we are trying
hard to minimize different ways so it's easier for newcomers
to learn only one way.

This also:

- removes texLive (old), fixes #14807
- removed upstream-updater, if that code is still used it should be in
  separate repo
- changes a few packages like gitit/mit-scheme to use new texlive
2016-08-31 11:34:46 +02:00
Tuomas Tynkkynen 8576332fdf grsec: Fix build after multiple output shuffling
Same problem with overrideDerivation as in
https://github.com/NixOS/nixpkgs/issues/10721. Would be nice to have
that fixed...
2016-08-30 15:55:49 +03:00
Tuomas Tynkkynen d3dc3d4130 Merge remote-tracking branch 'dezgeg/shuffle-outputs' into staging
https://github.com/NixOS/nixpkgs/pull/14766
2016-08-30 12:43:37 +03:00
Tuomas Tynkkynen 5d55ae5d50 stdenv/multiple-outputs.sh: Change output propagation logic
Because 'dev' will most often not be the default output after my changes.
2016-08-29 14:49:51 +03:00
obadz b74793bd1c Merge branch 'master' into staging
Conflicts:
	pkgs/tools/system/facter/default.nix
2016-08-29 12:44:17 +01:00
Joachim Fasting e5c3a52afc
grsecurity: fix features.grsecurity
Previously, features.grsecurity wasn't actually set due to a bug in the
grsec builder. We now rely on the generic kernel builder to set features
from kernelPatches.
2016-08-29 04:09:40 +02:00
Franz Pletz c0fa26ef3b Merge remote-tracking branch 'origin/master' into hardened-stdenv 2016-08-24 11:01:53 +02:00
Franz Pletz 8576aea57c cc-wrapper: fix detection of unsupported linker flags 2016-08-24 10:59:52 +02:00
Franz Pletz 3c06e5f6f7 cc-wrapper: check ld hardening capabilities in stdenv 2016-08-23 18:13:31 +02:00
Robin Gloster 07604ad631 add-hardening.sh: fix quotation 2016-08-23 15:27:51 +00:00
Robin Gloster 335d0097cf cc-wrapper: add-{flags,hardening} -> add-{flags,hardening}.sh 2016-08-23 15:27:51 +00:00
Tuomas Tynkkynen 74a3a2cd7e treewide: Use makeBinPath 2016-08-23 01:18:10 +03:00
obadz ba50fd7170 Merge branch 'master' into staging 2016-08-22 01:18:11 +01:00
Domen Kožar 76dca3d0e0 Merge pull request #17837 from MostAwesomeDude/fossil
build-support: Add fetchfossil function.
2016-08-21 21:47:00 +02:00
Corbin 76b74ab2f1 fetchfossil: Don't support MD5.
This effectively means that SHA256 is the only way to go. I'm not really
bothered by this.
2016-08-21 11:53:40 -07:00
Vladimír Čunát cdb44a4ada Merge branch 'master' into staging 2016-08-20 18:01:36 +02:00
cmfwyp eb6f576ffd fetchurl: update Savannah mirrors 2016-08-20 03:21:05 +03:00
Corbin 2d94071cc4 fetchfossil: Require rev.
Otherwise no bumps are done when upstream changes. Not sure how to ping the
repository and check without just doing the clone.
2016-08-19 13:55:10 -07:00
Daniel Peebles 57e6f19cad Merge pull request #17794 from abbradar/nostdinc
cc-wrapper: handle -nostdinc{++,}
2016-08-19 16:35:35 -04:00
Thomas Tuegel 64ba7b53f1 Revert "Merge pull request #17806 from matthewbauer/emacs-wrapper"
This reverts commit da68127737, reversing
changes made to 2ba494b728.

These changes are reverted because they cause an incompatibility which
they should not.
2016-08-19 15:09:41 -05:00
Corbin 7880bc0c21 fetchfossil: Cleanup some copy-and-paste. 2016-08-19 07:34:58 -07:00
Corbin 23a50ca407 fetchfossil: Don't let Fossil write to $out/.fossil. 2016-08-18 23:16:37 -07:00
Corbin 20a0e2e3bf build-support: Add fetchfossil function.
This is a dead-simple fetcher which clones a Fossil repository, opens it
directly into $out, and then nicks out the single Fossil checkout marker.
2016-08-18 22:29:30 -07:00
Matthew Bauer 6ceedaaee4 emacs: add versatile "emacsWrapper"
"emacsWrapper" replaces emacsWithPackages. In addition to "packagesFun",
emacsWrapper has an optional variable called "execStart". execStart can
be used to append elisp to the default site-start.el script. This is
useful for providing a way to load a user's .emacs.d/init.el
file. "emacsWithPackages" is implemented with emacsWrapper for
convenience and compatability.
2016-08-17 18:19:58 +00:00
Nikolay Amiantov 24f695ffaa cc-wrapper: handle -nostdinc{++,} 2016-08-17 13:19:46 +03:00
Robin Gloster 33e1c78ae3 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-08-16 07:54:01 +00:00
Nikolay Amiantov 6d6f6b4748 makeModulesClosure: don't set pipefail as it's already set in $stdenv/setup 2016-08-14 22:38:33 +03:00
Franz Pletz bd4490e277 Merge branch 'master' into hardened-stdenv 2016-08-13 16:59:55 +02:00
Luca Bruno 27f294f38d Merge pull request #17589 from cmfwyp/sagemath
sagemath: update mirrors, fix TeX Live dependency
2016-08-12 21:58:41 +01:00
Domen Kožar b9e009b5b5 add Fedora 24 2016-08-12 16:44:23 +02:00
Robin Gloster b7787d932e Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-08-12 09:46:53 +00:00
Michael Raskin 1eb5f8bfc7 update-walker: allow filtering for SF tarballs 2016-08-11 17:57:35 +02:00
obadz 1cd9c58834 Merge pull request #17461 from rasendubi/powerpc
cross-compilation: fixes for powerpc-linux-uclibc
2016-08-11 00:51:51 +01:00
cmfwyp 37c83ca3a2
sage: update mirrors
The list of mirrors is at https://www.sagemath.org/mirrors.html.
2016-08-07 21:09:14 -04:00
Robin Gloster 1b979d8384 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-08-03 13:34:44 +00:00
Alexey Shmalko 662721a461
gcc-cross-wrapper: fix for non-chroot build
When `libc` is not set, many lines expand to `/lib`, `/include`, which
makes gccCross use host libraries outside Nix (with a different
architecture).
2016-08-03 03:28:14 +03:00
Tuomas Tynkkynen 21f17d69f6 treewide: Add lots of meta.platforms
Build-tested on x86_64 Linux & Mac.
2016-08-02 21:42:43 +03:00
Tuomas Tynkkynen 55b23aeff5 icon-conv-tools: Don't depend on the .nix file at build time
The `src = ./.;` would cause spurious rebuild of the package since the
output hash now depends on the contents of the .nix file.
2016-08-02 21:30:17 +03:00
Tuomas Tynkkynen 2258b21e4b treewide: Add lots of platforms to packages with no meta
Build-tested on x86_64 Linux and on Darwin.
2016-08-02 21:17:44 +03:00
Tuomas Tynkkynen 59ce911810 treewide: Some EOF-whitespace fixes 2016-08-02 21:17:44 +03:00
Robin Gloster 1be4907ca2 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-08-02 13:46:36 +00:00
Robin Gloster 63c7b4f9a7 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-07-31 20:51:34 +00:00
Maarten Hoogendoorn e809667b17 vmTools.runInLinuxImage: add virtio_rng device
This allows the QEMU VM's to use the /dev/random device, by
getting entropy from the host.
2016-07-31 12:39:19 +02:00
Franz Pletz 7e8b3adb04 fetchpatch: add addPrefixes argument
Sometimes patches start without a leading prefix. We default to strip
one prefix or path component from patches (-p1) in the patchPhase in
stdenv.

As all patches should therefore be in this format, fetchpatch should
have an option to normalize patch paths. This commit introduces a new
argument to fetchpatch called addPrefixes that adds one patch prefix to
the old and new paths in a patch before putting it into the store.
2016-07-29 12:03:08 +02:00
Alexey Shmalko bb3fc68b30
antBuild: run default hooks
Fixes https://github.com/NixOS/nixpkgs/issues/10931.
antBuild overrides buildPhase and installPhase without calling default
hooks.
2016-07-26 02:02:42 +03:00
Robin Gloster 203846b9de Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-07-19 10:37:02 +00:00
Franz Pletz 1109b236cf Merge pull request #16660 from nathan7/tarsum
dockerTools: disable compression in tarsum.go
2016-07-19 10:18:41 +02:00
Renzo Carbonara e54ec2f907 fetchMavenArtifact: init (#16825)
fetchMavenArtifact downloads a Maven artifact given a group id, an artifact id,
and a version.

Example usage:

   org_apache_httpcomponents_httpclient_4_5_2 = fetchMavenArtifact {
     groupId = "org.apache.httpcomponents";
     artifactId = "httpclient";
     version = "4.5.2";
     sha256 = "0ms00zc28pwqk83nwwbafhq6p8zci9mrjzbqalpn6v0d80hwdzqd";
     # Optionally: repos = [ ... urls to some Maven repos to use ... ];
     # Optionally: url, urls - pointing directly to a specific jar url.
   };

Now `org_apache_httpcomponents_httpclient_4_5_2.jar` points to the downloaded
JAR file, while `org_apache_httpcomponents_httpclient_4_5_2` refers to a
derivation that when used used in `buildInputs` will be automatically added to
the Java classpath.
2016-07-19 09:48:36 +02:00
Joachim F 2621e9b641 Merge pull request #16976 from phanimahesh/sourceforge-mirrors
mirrors: add downloads.sourceforge.net
2016-07-16 13:12:49 +02:00
Robin Gloster 5185bc1773 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-07-15 14:41:01 +00:00
J Phani Mahesh c4fa18b7a2 mirrors: add downloads.sourceforge.net
downloads.sourceforge.net is the official way to download tarballs from
SourceForge.  However, it is reported as unreliable due to SF's weird
load balancing system.

This commit gives the official mirror utmost priority, and will use
other configured mirrors (which may be temporary) as a fallback only
when the official one can't be reached/download fails/hangs.

References: NixOs/nixpkgs#16900
2016-07-15 13:20:35 +05:30
Tuomas Tynkkynen 13160d9c10 buildInLinuxVM: Workaround bug #16742
This is blocking the channel update: #16949
2016-07-14 15:12:50 +03:00
Vladimír Čunát 1b5ac05845 Merge branch 'staging'
Includes security fixes in gd and libarchive.
2016-07-14 15:51:28 +02:00
Vladimír Čunát ab9515092b symlinkJoin: truly pass the defaulted parameters
The catch is that in nix the @-pattern binds the set that was *explicitly*
passed to the function, i.e. default values are *not* taken into account.
2016-07-14 15:36:53 +02:00
Alexey Shmalko 0172558e82 buildEnv: build the whole tree of directories to pathsToLink
This patch fixes #16614 and #16741.

The first issue was caused by the fact that both `/share` and
`/share/fish/vendor_completions.d` end in the `pathsToLink`. The
`pkgs/build-support/buildenv/builder.pl` creates `/share`, then links
`/share/fish` under `/share` and then tries to create the directory
`/share/fish/vendor_completions.d` and fails because it already exists.

The simplest way to reproduce the issue is to build the next Nix
expression:

```nix
let pkgs = import <nixpkgs> { };
in pkgs.buildEnv {
  name = "buildenv-issue";

  paths = [
    pkgs.fish
    pkgs.vim
  ];

  pathsToLink = [
    "/share"
    "/share/fish/vendor_completions.d"
  ];
}
```

The second issue is more critical and was caused by the fact findFiles
doesn't recurse deep enough. It stops at first unique directory for the
package (e.g., "/share" or even "/") and later the scripts decides it
shouldn't link it as it doesn't match pathsToLink (e.g., "/share/fish"),
so the result is empty.

The test:
```nix
let pkgs = import <nixpkgs> { };
in pkgs.buildEnv {
  name = "buildenv-issue";

  paths = [
    pkgs.fish
    pkgs.vim
  ];

  pathsToLink = [
    "/share/fish/functions"
  ];
}
```

or

```nix
let pkgs = import <nixpkgs> { };
in pkgs.buildEnv {
  name = "buildenv-issue";

  paths = [
    pkgs.vim
  ];

  pathsToLink = [
    "/share"
  ];
}
```
2016-07-13 03:54:11 +03:00
Nikolay Amiantov d43bde5f2b patchShebangs: quote variable assignment 2016-07-09 03:05:11 +03:00
Cireo ff3e7d2b4b patchShebangs: strip trailing whitespace
Prior to this commit, trailing whitespace would be introduced when
modifying '#!' lines with no arguments.  For example (whitespace added):

    /nix/store/.../foo: interpreter directive changed
        from "/bin/bash"
          to "/nix/store/...-bash-4.3-p42/bin/bash  "

    /nix/store/.../bar: interpreter directive changed
        from "/bin/baz wef"
          to "/nix/store/...-baz wef "

We add a sed command to strip trailing whitespace, so the above commands
would drop the two spaces after "bash", or the one space after "baz wef".

abbradar: fixed commit title

Closes #16785.
2016-07-09 03:00:27 +03:00
Bjørn Forsman 68205d0ade nix-prefetch-git: unbreak JSON output
This fixes a regression caused by commit f56ab9e
("nix-prefetch-git: Include the date in the machine-readable [...]")
where a couple of directory paths printed by pushd/popd appeared before
the JSON output on stdout (thus breaking it). Fix it by redirecting the
extraneous output to /dev/null.

Reported by Michael Alan Dorman <mdorman@ironicdesign.com>.
2016-07-04 14:39:47 +02:00
David Grayson f56ab9e5e4 nix-prefetch-git: Include the date in the machine-readable output on
stdout, in strict ISO 8601 format.

This will be helpful for automatically updating fetchgit expressions
and the dates in version numbers associated with them.
2016-07-03 11:19:13 +01:00
Nathan Zadoks b9284e445b dockerTools: disable compression in tarsum.go
Previously, tarsum would compress the (discarded) tarball produced.
That's a waste of CPU, and a waste of time.
2016-07-02 02:22:36 -04:00
Nathan Zadoks 23e9e33975 dockerTools: format tarsum.go with gofmt
Nearly all Go code on this earth is formatted with gofmt, and it's
somewhat surprising to find a Go file that isn't formatted accordingly.
2016-07-02 02:22:36 -04:00
Vladimír Čunát 3afa246038 Merge branch 'staging'
This includes a security update of expat.
2016-06-29 07:47:04 +02:00
Benno Fünfstück a368b27270 fhs-user-env: keep DBUS_SESSION_BUS_ADDRESS env
Steam requires this variable or some games run incredibly slow.
See ValveSoftware/Dota-2#921 for more information.
2016-06-28 23:55:43 +02:00
Nikolay Amiantov 5cec134c70 buildFHSUserEnv: don't set CHROOTENV_EXTRA_BINDS 2016-06-28 18:59:33 +03:00
zimbatm 4f5918cd2e Revert "stdenv: introduce baseHash() to replace stripHash()"
Introduced by mistake

This reverts commit e71a5cb878.
2016-06-25 14:25:58 +01:00
zimbatm e71a5cb878 stdenv: introduce baseHash() to replace stripHash()
stripHash uses a global variable to communicate it's computation
results, but it's not necessary. You can just pipe to stdout in a
subshell. A function mostly behaves like just another command.

baseHash() also introduces a suffix-stripping capability since it's
something the users of the function tend to use.
2016-06-25 14:20:56 +01:00
Vladimír Čunát 6b27ceb006 Merge 'master' into staging and re-revert merge
... from staging to master, reverted temporarily in aa9a04883e.
2016-06-23 12:09:03 +02:00
Vladimír Čunát aa9a04883e Revert "Merge branch 'staging'" due to glibc
The main output started to retain dependency on bootstrap-tools; see
https://github.com/NixOS/nixpkgs/pull/15867#issuecomment-227949096

This reverts commit c05d829598, reversing
changes made to f073df60d6.
2016-06-23 09:25:10 +02:00
Vladimír Čunát c05d829598 Merge branch 'staging' 2016-06-22 10:49:56 +02:00
obadz fb6b4860c7 xl2tpd: add nixos module for service
(required adding execv to libredirect)
2016-06-20 21:41:59 +01:00
Eelco Dolstra 5fc64c4baa debian: 7.10 -> 7.11, 8.4 -> 8.5 2016-06-20 14:39:44 +02:00
zimbatm b0f8416c5c Merge pull request #16180 from zimbatm/shell-escaping
Escape all shell arguments uniformly
2016-06-19 23:27:52 +01:00
Vladimír Čunát 61b8d27b4c make-wrapper: fixup #14753 changes to make tests work
The tests need to expand passed variable and very carefully.
I could see no other easy way than to change single-quoting in
makeWrapper to double-quoting.
The tests now fail with the same problem as on master...
2016-06-19 13:38:46 +02:00
Vladimír Čunát e757404555 Merge branch 'master' into staging
Hydra nixpkgs: ?compare=1279790
2016-06-19 12:33:04 +02:00
Moritz Ulrich e72282be84 Merge pull request #16052 from dvc94ch/rust-cross
Rust and cargo improvements
2016-06-16 09:42:23 +02:00
Benno Fünfstück 9ff91371d0 nix-prefetch-git: fix bash evaluation order dependency 2016-06-15 22:54:35 +02:00
David Craven 54f80775cb rust: Refactoring of rust and cargo packages 2016-06-15 12:47:13 +02:00
Joachim Fasting 886c03ad2e Merge pull request #16107 from joachifm/grsec-ng
Rework grsecurity support
2016-06-14 03:52:50 +02:00
Joachim Fasting 75b9a7beac
grsecurity: implement a single NixOS kernel
This patch replaces the old grsecurity kernels with a single NixOS
specific grsecurity kernel.  This kernel is intended as a general
purpose kernel, tuned for casual desktop use.

Providing only a single kernel may seem like a regression compared to
offering a multitude of flavors.  It is impossible, however, to
effectively test and support that many options.  This is amplified by
the reality that very few seem to actually use grsecurity on NixOS,
meaning that bugs go unnoticed for long periods of time, simply because
those code paths end up never being exercised.  More generally, it is
hopeless to anticipate imagined needs.  It is better to start from a
solid foundation and possibly add more flavours on demand.

While the generic kernel is intended to cover a wide range of use cases,
it cannot cover everything.  For some, the configuration will be either
too restrictive or too lenient.  In those cases, the recommended
solution is to build a custom kernel --- this is *strongly* recommended
for security sensitive deployments.

Building a custom grsec kernel should be as simple as
```nix
linux_grsec_nixos.override {
  extraConfig = ''
    GRKERNSEC y
    PAX y
    # and so on ...
  '';
}
```

The generic kernel should be usable both as a KVM guest and host.  When
running as a host, the kernel assumes hardware virtualisation support.
Virtualisation systems other than KVM are *unsupported*: users of
non-KVM systems are better served by compiling a custom kernel.

Unlike previous Grsecurity kernels, this configuration disables `/proc`
restrictions in favor of `security.hideProcessInformation`.

Known incompatibilities:
- ZFS: can't load spl and zfs kernel modules; claims incompatibility
  with KERNEXEC method `or` and RAP; changing to `bts` does not fix the
  problem, which implies we'd have to disable RAP as well for ZFS to
  work
- `kexec()`: likely incompatible with KERNEXEC (unverified)
- Xen: likely incompatible with KERNEXEC and UDEREF (unverified)
- Virtualbox: likely incompatible with UDEREF (unverified)
2016-06-14 00:08:20 +02:00
Rob Vermaas 91436641ec Fix hash for Debian 8.4 Jessie
(cherry picked from commit fd60751ce0)
2016-06-13 12:20:55 +00:00
zimbatm 28fa4a2f03 Escape all shell arguments uniformly 2016-06-12 18:11:37 +01:00
zimbatm a42b7faaec nix-prefetch-git: shellcheck fixes
Used shellcheck (https://github.com/koalaman/shellcheck) to validate
the script and fixed any resulting escaping and ambiguity issues.
2016-06-12 13:45:20 +01:00
Nikolay Amiantov b341de88e9 Merge pull request #16030 from abbradar/fhs-refactor
Improvements for FHS user chrootenv
2016-06-11 21:04:20 +04:00
Tuomas Tynkkynen a06a405d0b cross GCC: Fix some paths to libc headers (after multiple outputs)
It's not completely clear to me why the path to libc headers is set
differently when cross building...
2016-06-11 04:15:17 +03:00
Robin Gloster 8031cba2ab Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-06-10 09:27:04 +00:00
Domen Kožar 7a5b85cdda pkgs.runCommand: passAsFile (buildCommand can be very long)
Close #15803. This avoids the error:

while setting up the build environment: executing
‘/nix/store/7sb42axk5lrxqz45nldrb2pchlys14s1-bash-4.3-p42/bin/bash’:
Argument list too long

Note: I wanted to make it optional based on buildCommand length,
but that seems pointless as I'm sure it's less performant.

Amended by vcunat:
https://github.com/NixOS/nixpkgs/pull/15803#issuecomment-224841225
2016-06-10 10:49:26 +02:00
Vladimír Čunát 46f22d89b9 Merge #15867: glibc, gcc: fixes for ARM targets
... needed after closure-size merge (#7701)
2016-06-10 09:57:17 +02:00
Vladimír Čunát cec03a8ecd Merge #14753: makeWrapper: allow spaces in variables 2016-06-09 13:09:43 +02:00
Kamil Chmielewski 7eb671ebcd no more goPackages 2016-06-09 13:08:00 +02:00
Nikolay Amiantov 3d8664ee42 buildFHSUserEnv: mark CHROOTENV_EXTRA_BINDS as discussed for deprecation 2016-06-07 14:22:38 +03:00
Nikolay Amiantov 3e90b00c10 buildFHSEnv: link 'bin' output 2016-06-07 04:06:35 +03:00
Nikolay Amiantov 8d9e5d297d buildFHSEnv: don't link GCC compiler part 2016-06-07 04:06:35 +03:00
Nikolay Amiantov 74107a7867 buildFHSEnv: refactor and simplify, drop buildFHSChrootEnv
This takes another approach at binding FHS directory structure. We
now bind-mount all the root filesystem to directory "/host" in the target tree.
From that we symlink all the directories into the tree if they do not already
exist in FHS structure.

This probably makes `CHROOTENV_EXTRA_BINDS` unnecessary -- its main usecase was
to add bound directories from the host to the sandbox, and we not just symlink
all of them. I plan to get some feedback on its usage and maybe deprecate it.

This also drops old `buildFHSChrootEnv` infrastructure. The main problem with it
is it's very difficult to unmount a recursive-bound directory when mount is not
sandboxed. This problem is a bug even without these changes -- if
you have for example `/home/alice` mounted to somewhere, you wouldn't see
it in `buildFHSChrootEnv` now. With the new directory structure, it's
impossible to use regular bind at all. After some tackling with this I realized
that the fix would be brittle and dangerous (if you don't unmount everything
clearly and proceed to removing the temporary directory, bye-bye fs!). It also
probably doesn't worth it because I haven't heard that someone actually uses it
for a long time, and `buildFHSUserEnv` should cover most cases while being much
more maintainable and safe for the end-user.
2016-06-07 04:06:35 +03:00
David Craven c22f0c7474 Fix buildRustPackage edge cases
1. When multiple versions of the same package are required
   $revs is an array.
2. When cargo fetch is run it usually doesn't need a network
   connection. But when it does SSL_CERT_FILE isn't set.
2016-06-02 17:15:52 +02:00
Eric Litak 7399d0949c fixing libcCross related flags
(excluding darwin and mingw for now)
2016-05-31 16:28:04 -07:00
Robin Gloster 2d382f3d98 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-05-30 19:39:34 +00:00
Nikolay Amiantov 1b2139b3e2 buildFHSEnv: use separate gcc for 64- and 32-bit 2016-05-29 23:22:58 +03:00
Moritz Ulrich d8b0618e6c buildRustPackage: Don't specify logLevel by default. 2016-05-28 15:05:11 +02:00