Wei-Ming Yang
70e9b60b33
dockerTools.examples: correct a typo in comments
...
This commit is for correcting a typo in comments.
2018-01-01 16:13:40 +08:00
John Ericson
64965e8224
Merge pull request #29483 from veprbl/hardening_unsupported_flags
...
cc-wrapper: allow compilers to specify unsupported hardening modes
2017-12-30 23:25:43 -05:00
Yegor Timoshenko
60a133f9d0
Merge pull request #33139 from yegortimoshenko/20171228.053707/chrootenv
...
chrootenv: rewrite on top of GLib
2017-12-31 06:59:31 +03:00
Yegor Timoshenko
4b1cf5afb8
chrootenv: rewrite on top of GLib
...
Changes:
* doesn't handle root user separately
* doesn't chdir("/") which makes using it seamless
* only bind mounts, doesn't symlink (i.e. files)
Incidentally, fixes #33106 .
It's about two times shorter than the previous version, and much
easier to read/follow through. It uses GLib quite heavily, along with
RAII (available in GCC/Clang).
2017-12-30 22:28:38 +00:00
Dmitry Kalinkin
6d9769663d
cc-wrapper: allow compilers to specify unsupported hardening modes
...
Fixes: 0fd7ef61b2
('clang_34: Disable hardening bits (#28543 )')
2017-12-30 12:23:25 -05:00
Jörg Thalheim
c333e9b348
Merge pull request #32302 from andir/uwimap-pollution
...
uwimap pollution of `include/`
2017-12-29 00:08:26 +01:00
Yegor Timoshenko
25b35f4ffb
chrootenv: resolve potential race condition
2017-12-28 00:25:02 +00:00
Joachim F
e6542d0609
Merge pull request #32916 from jbedo/singularity-2.4
...
singularity: 2.2 -> 2.4
2017-12-25 13:30:42 +00:00
Orivej Desh
c4be328f98
Merge pull request #32814 from fahadsadah/patch-1
...
build-support: clean-up fetchSvn
2017-12-24 01:24:56 +00:00
Yegor Timoshenko
73a0d95b96
chrootenv: code review
...
* Wrap LEN macro in parantheses
* Drop env_filter in favor of stateful environ_blacklist_filter,
use execvp instead of execvpe, don't explicitly use environ
* Add argument error logging wherever it makes sense
* Drop strjoin in favor of asprintf
* char* -> const char* where appropriate
* Handle stat errors
* Print user messages with fputs, not errorf
* Abstract away is_str_in (previously bind_blacklisted)
* Cleanup temporary directory on error
* Some minor syntactic and naming changes
Thanks to Jörg Thalheim and Tuomas Tynkkynen for the code review!
2017-12-22 18:56:13 +03:00
Yegor Timoshenko
710662be94
chrootenv: error on chrootenv-inside-chrootenv, resolves #32802
2017-12-22 18:56:13 +03:00
Yegor Timoshenko
0234cd41b4
chrootenv: replace env whitelist with blacklist, closes #32878
2017-12-22 18:56:13 +03:00
Yegor Timoshenko
c03663a145
chrootenv: bind-mount all dirs in /, symlink files, closes #32877
2017-12-22 18:56:13 +03:00
Yegor Timoshenko
ef1accae91
chrootenv: print sysctl command for Debian users, fixes #32876
2017-12-22 18:56:13 +03:00
Justin Bedo
db927ea35b
singularity: 2.2 -> 2.4
2017-12-21 10:50:06 +11:00
zimbatm
adc5c9b83d
mkShell: add builder ( #30975 )
2017-12-20 23:42:07 +00:00
Orivej Desh
e2c8655405
ld-is-cc-hook: init
...
This hook sets LD to CC, for use with software that works as if LD=$CC when LD
is unset, and does not work when LD=ld.
2017-12-19 01:45:42 +00:00
Orivej Desh
170a964815
makeSetupHook: make the default name "hook" overridable
...
for occasional convenience while looking at drv paths,
such as in the output of nix-build and nix-diff.
2017-12-19 01:41:31 +00:00
Fahad Sadah
60e937b8b2
build-support: tidy fetchSvn
...
Remove old workaround rendered unnecessary by af9db522cf
2017-12-18 15:56:53 +00:00
Orivej Desh
7c58e8dfc2
Merge branch 'master' into staging
...
* master: (125 commits)
scummvm: fix eval
tinycc: 0.9.27pre-20171016 -> 0.9.27
Update terraform provider versions
vscode: 1.18.1 -> 1.19.0
linux: 4.14.6 -> 4.14.7
scummvm: 1.9.0 -> 2.0.0
cmst: 2017.03.18 -> 2017.09.19
albert: 0.14.7 -> 0.14.14
obs-studio: fix vlc plugin
ffmpeg, ffmpeg-full: 3.4 -> 3.4.1
uchiwa: 0.26.3 -> 1.1.0
linux-testing: 4.15-rc3 -> 4.15-rc4
steam: override nss, nspr, fixes #32781
ponyc: 0.20.0 -> 0.21.0
pythonPackages.pwntools: disable tests
gnome3.gnome-tweak-tool: 3.26.3 → 3.26.4
vim-rhubarb: init at 2017-06-28
atom: depend on libsecret
nvidia-settings: Make sure binary can find libXv.so
backblaze-b2: 0.6.2 -> 1.1.0
...
2017-12-18 15:56:03 +00:00
Orivej Desh
eca6ab79f1
Merge pull request #32498 from dylex/patch-1
...
Don't set cxx_stdlib when nativeTools on linux
2017-12-17 04:24:19 +00:00
Dylan Simon
0c62b7cd74
cc-wrapper: don't set cxx_stdlib when nativeTools is true
...
There are no gcc paths on nativeTools, and cc isn't set.
2017-12-17 04:23:54 +00:00
Vladimír Čunát
24d81d6332
Merge branch 'master' into staging
2017-12-15 21:40:23 +01:00
Orivej Desh
76a97fdb31
libredirect: add description
...
Fixes #32675
2017-12-14 19:03:35 +00:00
John Ericson
a0b1ebeee9
Merge remote-tracking branch 'upstream/staging' into binutils-wrapper
2017-12-13 16:14:47 -05:00
John Ericson
7ef4448c97
Merge commit '9d8f9b2e531bf95a700a949d879927fb6996ffc9' into binutils-wrapper
2017-12-13 16:08:36 -05:00
John Ericson
99806c5e12
bintools-wrapper: Create man and info outputs propagated underlying ones
...
These will be installed if the wrappers are. The wrappers aren't very
good to install, but that's another matter.
2017-12-13 16:08:19 -05:00
John Ericson
ef178be597
bintools-wrapper: Support ld.ldd, along with ld.bfd and ld.gold
...
Also make the code more precise in the process
2017-12-13 16:08:18 -05:00
John Ericson
b8a21aa918
misc setup-hooks: Use env vars to refer to binutils programs
...
This is more robust for cross-compilation
2017-12-13 16:08:18 -05:00
John Ericson
2bba929062
bintools-wrapper: Import separately from cc-wrapper
2017-12-13 16:08:18 -05:00
John Ericson
8e557ed2c5
bintools-wrapper: Init
...
Factor a bintools (i.e. binutils / cctools) wrapper out of cc-wrapper. While
only LD is wrapped, the setup hook defines environment variables on behalf of
other utilites.
2017-12-13 16:08:18 -05:00
John Ericson
4f869bccc1
cc-wrapper: Don't treat "-" alone as a flag
...
It means stdin, and is morally equivalent to passing a file. e.g.
$ echo 'int main(void) { return 0; }' | gcc -x c -
will compile and link a binary.
2017-12-13 16:08:17 -05:00
John Ericson
bdd6c037c0
cc-wrapper: Use separate mangler for "bool" variables
...
This avoids any `NIX_FOOBAR=1 1` not triggering conditions.
2017-12-13 16:08:17 -05:00
John Ericson
fc7ed86915
cc-wrapper: Pull variable mangler into utils.sh
...
In preparation for splitting out bintools-wrapper
2017-12-13 16:08:13 -05:00
Graham Christensen
105d9519c1
Merge remote-tracking branch 'origin/master' into staging
2017-12-12 20:06:36 -05:00
Graham Christensen
e5629dc51a
Merge pull request #32365 from vcunat/p/check-meta
...
check meta, treewide
2017-12-12 18:55:23 -05:00
Vladimír Čunát
3a110ea3f9
treewide platform checks: abort
-> throw
...
They aren't meant to be critical (uncatchable) errors.
Tested with nix-env + checkMeta:
[ "x86_64-linux" "i686-linux" "x86_64-darwin" "aarch64-linux" ]
2017-12-12 18:08:10 -05:00
Vladimír Čunát
c2b679516f
Merge branch 'master' into staging
2017-12-12 21:08:16 +01:00
Tuomas Tynkkynen
0d27df280f
build-support/vm: Use devtmpfs, not static device nodes
...
In 2017, there is no reason to create a static /dev.
2017-12-12 14:31:50 +02:00
Eelco Dolstra
2d4fdc1b9e
debian: 8.9 -> 8.10
2017-12-12 13:14:17 +01:00
Pierre-Étienne Meunier
4348b7f2d0
carnix: init at 0.5.0
...
fixes #31150
2017-12-12 04:59:12 -06:00
Pierre-Étienne Meunier
5a0d954156
add buildRustCrate function to build rust crates
2017-12-12 04:58:45 -06:00
Pierre-Étienne Meunier
ea232fe29d
add fetchCrate function to fetch rust crates
2017-12-12 04:58:45 -06:00
John Ericson
45d4b27d02
cc-wrapper: GNAT wrapper stop caring about -m32
...
It need not concern itself with 32-bit dynamic linking; ld-wrapper handles that now.
2017-12-11 19:12:28 -05:00
Orivej Desh
dd604d575f
Merge branch 'master' into staging
...
* master: (39 commits)
pythonPackages: rename dns -> dnspython
awesome: fix LUA_PATH/LUA_CPATH to lgi [now for version 3.5]
qt4: fix qmake on darwin and delete custom install phase
python.buildEnv: always include the $out output
nix-bash-completions: lazy load aware install
borg: 1.1.1 -> 1.1.3
nixos/programs/bash: document that /etc/bash_completion.d is obsolete
ocamlPackages.markup: 0.7.4 -> 0.7.5
hhvm: 3.21 -> 3.23.2
ocamlPackages.ulex: 1.1 -> 1.2
notmuch: 0.25.2 -> 0.25.3
gmime3: 3.0.1 -> 3.0.5
qt4: fix darwin install phase
nixos/programs/bash: Let bash-completion lazy load scripts
Revert "gmime: 3.0.1 -> 3.0.5"
rawtherapee: delete unused files
pythonPackages: rename dns -> dnspython
nixpkgs: remove sqlite/kyotocabinet deps for leveldb
tor-browser-bundle-bin: 7.0.10 -> 7.0.11
networkmanager: remove restart after suspend from resume
...
2017-12-10 15:24:30 +00:00
Andreas Rammhold
7d7d3775e5
Revert "fix phpPackages memcache,memcached,xdebug"
...
This reverts commit 8c125c0c74
.
2017-12-10 12:12:43 +01:00
Jörg Thalheim
8bdbb21f9c
Merge pull request #31182 from yegortimoshenko/chroot-user/c-rewrite
...
chroot-user: rewrite in C, drop CHROOTENV_EXTRA_BINDS
2017-12-10 08:20:59 +00:00
Orivej Desh
926aaa4870
Merge pull request #32215 from dtzWill/feature/clang-multilib
...
multilib-capable clang, multilib tests
2017-12-09 21:41:54 +00:00
Jörg Thalheim
438fb59e6f
chroot-user: better error message, if unshare is not allowed
2017-12-09 09:14:56 +00:00
Benjamin Hipple
b1ec502c1e
Init Centos 7.4 vmTools diskImage
...
This commit adds the CentOS 7.4 base image from the CentOS mirror, for use with
building RPMs or evaluating Nix expressions in a CentOS image.
When CentOS 7.5 comes out, I will swap this URL to the permanently vaulted image.
2017-12-03 11:42:34 -05:00