1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-12-05 20:12:52 +00:00
Commit graph

2745 commits

Author SHA1 Message Date
Antoine Eiche 346996ceec dockerTools: dereference hard links in tar archives
This is to improve image creation reproducibility. Since the nar
format doesn't support hard link, the tar stream of a layer can be
different if a dependency of a layer has been built locally or if it
has been fetched from a binary cache.

If the dependency has been build locally, it can contain hard links
which are encoded in the tar stream. If the dependency has been
fetched from a binary cache, the tar stream doesn't contain any hard
link. So even if the content is the same, tar streams are different.
2018-03-13 13:46:41 +01:00
Antoine Eiche e8f452f110 dockerTools: add an onTopOfPulledImage example
This allows to test if a pulled image can be updated by using our
Docker tools.
2018-03-13 11:59:22 +01:00
Justin Bedo 5c1e42276d
singularity: 2.4 -> 2.4.2 2018-03-12 15:13:31 +11:00
Nikolay Amiantov 9db2a3e638 buildFHSEnv: export TZDIR
This is needed since NixOS keeps tzdata in non-standard /etc/zoneinfo path.
2018-03-11 02:14:49 +03:00
Nikolay Amiantov 94f0ef6628 buildFHSEnv: fix compiler search paths
Fixes OpenWrt compilation.
2018-03-10 23:57:12 +03:00
Jan Malakhovski 7079e744d4 Merge branch 'master' into staging
Resolved the following conflicts (by carefully applying patches from the both
branches since the fork point):

   pkgs/development/libraries/epoxy/default.nix
   pkgs/development/libraries/gtk+/3.x.nix
   pkgs/development/python-modules/asgiref/default.nix
   pkgs/development/python-modules/daphne/default.nix
   pkgs/os-specific/linux/systemd/default.nix
2018-03-10 20:38:13 +00:00
Shea Levy c46cd6cefe
Merge branch 'patch-10' of git://github.com/matthewbauer/nixpkgs 2018-03-08 18:31:55 -05:00
Shea Levy c69d8bf5e6
treewide: Remove gnat support.
See discussion in 6ac7b19c97.
2018-03-08 13:56:36 -05:00
Charles Strahan 806edaa0a2
hardening: ld wrapper changes, setup-hook, etc 2018-03-06 19:21:10 -05:00
Charles Strahan 634c748050
hardening: initial cross support 2018-03-06 18:03:13 -05:00
Charles Strahan fc46895e86
hardening: allow user supplied flags to override
Put hardening flags before user supplied flags.
2018-03-06 00:30:09 -05:00
Charles Strahan cc7ce57f86
hardening: clarify the whitelist logic
Per @Ericson2314's suggestion [1], make it more clear that the active
hardenings are decided via whitelist; the blacklist is merely for the
debug messages.

1: 36d5ce41d4 (r133279731)
2018-03-06 00:30:09 -05:00
Charles Strahan 9920923cde
hardening: fix careless bugs
I got a substitution backwards (used '+' instead of '-').

Also, this now works under `set -u` (had to fix a couple unbound
variable references).
2018-03-06 00:30:08 -05:00
Charles Strahan 0937df463f
hardening: fix bug/typo 2018-03-06 00:30:08 -05:00
Charles Strahan 9fe17b2153
hardening: fix #18995 2018-03-06 00:30:00 -05:00
Vladimír Čunát a373fe8322
makeInitrd: explain why we don't use closureInfo
/cc #36268.
2018-03-05 13:04:55 +01:00
Eelco Dolstra 165b32d386
Revert "makeInitrd: Use closureInfo"
This reverts commit 776a5e6ebf.

Fixes #36268.
2018-03-05 12:49:59 +01:00
Franz Pletz 0f78afdf25
Merge pull request #32248 from awakesecurity/parnell/fetchdocker
Support fetching docker images from V2 registries
2018-03-04 17:10:27 +00:00
Vladimír Čunát b70c93f211
Merge branch 'master' into nix-2.0 2018-03-03 18:02:35 +01:00
Shea Levy 95579af5ec
Merge remote-tracking branch 'origin/staging' into cross-nixos 2018-03-01 14:56:58 -05:00
Tuomas Tynkkynen b8b2225f6b Merge remote-tracking branch 'upstream/master' into staging 2018-03-01 06:09:20 +02:00
Shea Levy 6a32291523
makeModulesClosure: Fix cross-compilation 2018-02-28 15:01:32 -05:00
Shea Levy 7f623cfa45
callCabal2nix: Fix filtering for non-cleanSourceable sources.
What was here before wasn't correct anyway, and now it works in
restricted mode.

Fixes #35207
2018-02-28 14:22:19 -05:00
Tuomas Tynkkynen 34f95d92a2 Merge remote-tracking branch 'upstream/master' into staging
Conflicts:
	pkgs/applications/misc/pytrainer/default.nix
	pkgs/development/tools/pew/default.nix
	pkgs/tools/misc/you-get/default.nix
2018-02-28 20:52:49 +02:00
Will Dietz f14ff86ec9 bintools-wrapper: fix breakage on aarch64, where "isArm" is false
Unintentionally changed in #35247
2018-02-28 09:42:13 -06:00
John Ericson dfc5d7835d
Merge pull request #35247 from telent/mips32
lib, treewide: Add missing MIPS arches, and fix existing usage
2018-02-27 14:01:15 -05:00
Eelco Dolstra 0d00215880
Cleanup 2018-02-27 19:59:26 +01:00
John Ericson 4a29081a94
Merge pull request #35071 from oxij/stdenv/infopages
stdenv, bash: fixing info pages and stuff
2018-02-26 18:06:11 -05:00
Jan Malakhovski f1074211ce cc-wrapper: allow building without documentation, propagate info pages 2018-02-26 22:42:33 +00:00
Jan Malakhovski 0ab1067d12 bintools-wrapper: allow building without documentation 2018-02-26 22:42:32 +00:00
Vladimír Čunát f5ce8f86df
Revert "Merge staging at '8d490ca9934d0' into master"
This reverts commit fc23242220, reversing
changes made to 754816b84b.
We don't have many binaries yet.  Comment on the original merge commit.
2018-02-26 22:53:18 +01:00
Frederik Rietdijk fc23242220 Merge staging at '8d490ca9934d0c01e1e9ade455657e54e2e843c0' into master 2018-02-26 13:05:32 +01:00
Frederik Rietdijk 4f08b0fbac Merge remote-tracking branch 'upstream/master' into HEAD 2018-02-26 10:50:18 +01:00
Jan Tojnar a31d98f312
tree-wide: autorename gnome packages to use dashes 2018-02-25 17:41:16 +01:00
Jörg Thalheim de87c0348c
Merge pull request #35176 from abbradar/update-vm
vmTools: update distributions
2018-02-24 10:08:17 +00:00
Daniel Barlow 9c50ae6898 lib, treewide: Add missing MIPS arches, and fix existing usage
Existing "mips64el" should be "mipsel".

This is just the barest minimum so that nixpkgs can recognize them as
systems - although required for building individual derivations onto
MIPS boards, it is not sufficient if you want to actually build nixos on
those targets
2018-02-23 20:43:42 -05:00
Eelco Dolstra 8c6f9223d0
Merge pull request #35402 from shlevy/closure-info-total-size
closureInfo: Report the total closure size.
2018-02-23 17:02:33 +01:00
Shea Levy adf8074abe
closureInfo: Report the total closure size.
This can be useful for e.g. preallocating disk image sizes.
2018-02-23 10:52:37 -05:00
Nikolay Amiantov a984be41ab Merge branch 'master' into staging 2018-02-23 18:51:08 +03:00
Eelco Dolstra 776a5e6ebf
makeInitrd: Use closureInfo 2018-02-23 16:41:31 +01:00
Yurii Rashkovskii e1aecec4cd
build-support/rust: make use of abandoned cargoUpdateHook
Previously, cargoUpdateHook was meaningful as it was used
in
[`cargo-fetch-deps`](19d3cf81d3/pkgs/build-support/rust/fetch-cargo-deps (L71)).

However, this entire file was removed in
5f8cf0048e. As far as I can
tell, nothing in the code is using it, but it is still
being passed around:
https://github.com/NixOS/nixpkgs/search?q=cargoUpdateHook&type=Code&utf8=%E2%9C%93

There are, however, legitimate use cases for it. For example,
in some software, some dependencies are not locked in Cargo.toml
and this causes Cargo to try fetching another version of them.
This doesn't work well with vendoring crates.

This hook allows to inject patching or whatever necessary workarounds
in the crate vendoring process. I suppose that's what it was for
in there in the first place.

This patch restores this hook and makes it usable again.
2018-02-23 11:17:03 +07:00
Eelco Dolstra d12c9911df
Merge remote-tracking branch 'origin/master' into nix-2.0 2018-02-22 17:28:51 +01:00
John Ericson e42e6d2f0e
Merge pull request #35266 from abbradar/cc-bools
cc-wrapper: fix bool handling for empty and zero values
2018-02-21 17:00:42 -05:00
Nikolay Amiantov 9a9c2e6579 cc-wrapper: fix bool handling for empty and zero values
Before the code would fail silently for zero values and with some output for
empties. We now currently handle both via defaulting value to zero and making
`let` return success error code when there's no syntax error.
2018-02-21 23:54:31 +03:00
Nikolay Amiantov c811c35b9c vmTools: update distributions
Drop currently unsupported releases.
Add Fedora 26 and 27.
Update CentOS.
Add Debian 9.
Add Ubuntu 17.10.
2018-02-21 15:41:46 +03:00
Nikolay Amiantov 430e0f4a80 buildBazelPackage: init
A separate function for building Bazel-bazed packages. Internally it splits the
build into two phases, fetching and building.

Users are expected to provide `fetchArgs.sha256` -- checksum of fetched
dependencies. Local dependencies should be removed in `fetchArgs.preInstall`.
Overall `fetchArgs` and `buildArgs` can be used to add specific steps to fetch
and build.
2018-02-20 20:39:49 +03:00
Jörg Thalheim c7aa4fd65b
Merge pull request #35177 from abbradar/fix-debbuild
debBuild: install all packages at once to avoid dependency management
2018-02-20 11:07:44 +00:00
Jörg Thalheim f61e8d98ff
rust: 1.22.1 -> 1.24.0 2018-02-20 09:59:26 +00:00
Pierre-Etienne Meunier 8e5ab6e7ac BuildRustCrate: more general overrides, and handling the "dylib" crate type (#35171)
* buildRustCrate: adding a symlink from libblah-xxxxx.so to libblah.so
* BuildRustCrate: overriding phases
* Carnix: 0.6.5 -> 0.6.6
* Fixing symlink_dependencies --buildDep
* Shorter symlink_dependencies
* running `runHook postBuild` *after* the build
2018-02-20 08:55:04 +01:00
Nikolay Amiantov c55b2fa7cd debBuild: install all packages at once to avoid dependency management 2018-02-19 16:07:40 +03:00
Jan Malakhovski a89899ce4e fetchurl: cleanup, better errors
Also fix what seems like bugs in uncommon `stdenv`s.
2018-02-18 14:24:53 +00:00
Vladimír Čunát b5aaaf87a7
Merge staging and PR #35021
It's the last staging commit (mostly) built on Hydra,
and a minimal fix for Darwin regression in pysqlite.
2018-02-16 09:13:12 +01:00
Matthew Justin Bauer a5e28a554e
nix-buffer: make eshell-path-env be inherited 2018-02-15 17:30:59 -06:00
Nikolay Amiantov 56e0943b08 makeModulesClosure: support firmware
Link it in stage 1.
2018-02-16 00:11:07 +02:00
Frederik Rietdijk 672bb6b4ab Merge remote-tracking branch 'upstream/master' into HEAD 2018-02-14 21:30:08 +01:00
Antoine Eiche ce838e52b9 dockerTools.buildImage: do not add /nix/store in the tar stream
Since the /nix/store directory is not immutable, tar can fails if it
has to push it into the layer archive.

Fixes #34137.
2018-02-14 06:40:41 +01:00
Parnell Springmeyer 0a603ee165
Merge remote-tracking branch 'upstream/master' into parnell/fetchdocker 2018-02-13 17:28:45 -06:00
Stewart Mackenzie a5cabdb6b1 buildRustCrate: add a postInstall phase (#34906) 2018-02-13 17:28:32 +01:00
Will Dietz d5916a84cf bintools-wrapper: teach about musl dynamic linkers 2018-02-13 09:44:33 -06:00
Shea Levy 038b893338
Merge branch 'patch-9' of git://github.com/matthewbauer/nixpkgs 2018-02-12 09:33:25 -05:00
Peter Hoeg 8016f9b4c9
Merge pull request #34611 from peterhoeg/p/descent
descent 1 & 2: use assets from gog.com with the dxx-rebirth project
2018-02-12 22:31:41 +08:00
Peter Hoeg 126cc690ac build-support gogUnpackHook: support for unpacking games from gog.com 2018-02-12 22:28:06 +08:00
Matthew Justin Bauer 5b59084e00
Filter nix-buffer packages
Null packages cause an error
2018-02-11 21:52:16 -06:00
pe@pijul.org 113591c803 defaultCrateOverrides: add pq-sys
fixes #34228
2018-02-10 06:59:56 -06:00
pe@pijul.org 508bf1b318 defaultCrateOverrides: add thrussh-libsodium 2018-02-10 06:59:56 -06:00
aszlig 1cba74dfc1
setup-hooks: Add autoPatchelfHook
I originally wrote this for packaging proprietary games in Vuizvui[1]
but I thought it would be generally useful as we have a fair amount of
proprietary software lurking around in nixpkgs, which are a bit tedious
to maintain, especially when the library dependencies change after an
update.

So this setup hook searches for all ELF executables and libraries in the
resulting output paths after install phase and uses patchelf to set the
RPATH and interpreter according to what dependencies are available
inside the builder.

For example consider something like this:

stdenv.mkDerivation {
  ...
  nativeBuildInputs = [ autoPatchelfHook ];
  buildInputs = [ mesa zlib ];
  ...
}

Whenever for example an executable requires mesa or zlib, the RPATH will
automatically be set to the lib dir of the corresponding dependency.

If the library dependency is required at runtime, an attribute called
runtimeDependencies can be used to list dependencies that are added to
all executables that are discovered unconditionally.

Beside this, it also makes initial packaging of proprietary software
easier, because one no longer has to manually figure out the
dependencies in the first place.

[1]: https://github.com/openlab-aux/vuizvui

Signed-off-by: aszlig <aszlig@nix.build>
Closes: #34506
2018-02-10 00:27:24 +05:30
Eelco Dolstra 5193807750
VM tests: Initialize the Nix database with correct NAR hashes/sizes 2018-02-07 15:49:02 +01:00
gnidorah 810a19bab3 way-cooler: 0.6.2 -> 0.8.0 2018-02-04 05:17:53 +03:00
Jörg Thalheim 2a2c8eab26 rust: fix evaluation 2018-02-04 00:09:00 +00:00
Jörg Thalheim 6580b18d3f cargo-vendor: move to all-packages 2018-02-03 22:35:27 +00:00
pe@pijul.org 8f20e7ce3a carnix: 0.6.0 -> 0.6.5 2018-02-03 22:31:54 +00:00
Jörg Thalheim 8ee54334e9
Merge pull request #33980 from thefloweringash/cargo-vendor-carnix
cargo-vendor: Build from source using carnix
2018-02-03 10:28:57 +00:00
Tuomas Tynkkynen 10c8e6d0c5 Merge remote-tracking branch 'upstream/master' into staging 2018-02-03 02:50:21 +02:00
Vladimír Čunát 2fb4606f38
Merge branch 'master' into staging
Haskell rebuild.
Hydra: ?compare=1430378
2018-02-01 09:36:23 +01:00
Shea Levy 943592f698
Add setFunctionArgs lib function.
Among other things, this will allow *2nix tools to output plain data
while still being composable with the traditional
callPackage/.override interfaces.
2018-01-31 14:02:19 -05:00
Tuomas Tynkkynen 71631a922b runInLinuxVM: Use QEMU command line that works on other architectures
... by moving the existing definition to qemu-flags.nix and reusing
that.
2018-01-30 16:57:27 +02:00
Tuomas Tynkkynen 8c4f8c51a6 runInLinuxVM: Don't hardcode x86-specific serial device 2018-01-30 16:57:27 +02:00
Vladimír Čunát 2d2dbe083f
Merge branch 'master' into staging
Hydra: ?compare=1429281
2018-01-27 09:14:22 +01:00
John Ericson 57b01b1bcf lib, openssl: Get rid of openssl.system
We compute it on the fly, careful to avoid any mass rebuilds for now.
2018-01-26 21:22:00 -05:00
Pierre-Etienne Meunier 6fbaa05dd1 Carnix 0.6 (#34238) 2018-01-26 10:53:18 +00:00
Will Dietz 0e95bed017 nix-prefetch-git: fix extraction of submodule hashes on latest git
Summary:

According to git-submodule manpage,
"git submodule status" prefixes the hash with a '-' if it is not
initialized, and other chars in other circumstances.
(this is consistent on the various git versions tested)

nix-prefetch-git runs "git submodule init" which does you'd think,
but apparently despite this earlier versions of git before 2.16
would still give the hash the '-' suffix.
In particular this is the behavior when using 2.15 and 2.14.1
from the nixos-17.09 and nixos-17.03 channels respectively.

The script then used awk to drop the first char of the first field
which does the wrong thing when there is no prefix emitted:
while there is a space character before the hash, this is not
part of the field and so we ended up eating the first character
of the hash.

To fix this in a way that also works with the previous behavior,
this commit instead uses awk to grab the hash field
and uses tr to delete any '-' chars should they be present.

This seems to work in my testing, and for example can now
successfully fetch the source for "nginxModules.brotli"
where previously it would generate an error:

fatal: '22564a95d9ab58865a096b8d9f7324ea5f2e03e' is not a commit and a branch 'fetchgit' cannot be created from it

(we dropped a '2' from the beginning of the hash)
2018-01-24 20:18:59 +02:00
Frederik Rietdijk 6b0873440b Merge remote-tracking branch 'upstream/master' into HEAD 2018-01-22 16:09:11 +01:00
Tuomas Tynkkynen 95880aaf06 nixos/initrd: Don't include some x86-specific modules unconditionally 2018-01-22 12:53:33 +02:00
Tuomas Tynkkynen 44326993f4 build-support/vm: Autodetect kernel filename
It's 'Image' on AArch64.
2018-01-22 12:53:24 +02:00
Yegor Timoshenko 4b1b6ee6d1
patchShebangs: preserve times, resolves #33084
Close #33281.  Edits by vcunat:
 - use Eelco's idea: empty file instead of full copy
 - use longer name suffix to decrease the likelihood of collision
2018-01-21 12:09:07 +01:00
John Ericson 5708396f47
Merge pull request #34018 from obsidiansystems/fetchpatch
fetchpatch: Add support for an arbitrary extra prefix
2018-01-18 12:39:39 -05:00
John Ericson 9bd437d4b4 fetchpatch: Add support for an arbitrary extra prefix
We still ensure the old and new ones start, respectfully, with `a/` and
`b/`. Use with `stripLen` to ensure tha the old `a/` and `/b` are gone
if a new prefix is added.
2018-01-18 12:19:49 -05:00
Andrew Childs be797f7e1c cargo-vendor: Build from source using carnix
Removes a binary bootstrap, and enables cargo-vendor on aarch64.
2018-01-18 20:44:42 +09:00
Andrew Childs 62dcb3d5d0 buildRustCrate: Allow arbitrary attributes in crateOverrides 2018-01-18 20:42:00 +09:00
Tuomas Tynkkynen 6ed0fe7e45 Merge remote-tracking branch 'upstream/master' into staging
Conflicts:
	pkgs/build-support/fetchbower/default.nix
	pkgs/build-support/fetchdarcs/default.nix
	pkgs/build-support/fetchgx/default.nix
	pkgs/development/python-modules/botocore/default.nix
	pkgs/os-specific/linux/firmware/firmware-linux-nonfree/default.nix
	pkgs/tools/admin/awscli/default.nix
2018-01-14 21:18:27 +02:00
Shea Levy 4e78aeb441
callCabal2nix: Fix calling with a path in the store. 2018-01-11 10:17:56 -05:00
John Ericson e017a027d5
Merge pull request #33681 from obsidiansystems/fixed-output-deps
Fixed output deps
2018-01-10 14:28:10 -05:00
Parnell Springmeyer e4ec980e9c
Merge remote-tracking branch 'upstream/master' into parnell/fetchdocker 2018-01-10 10:13:49 -08:00
John Ericson 888404f11b treewide: Fix deps in a few other fixed output derivations 2018-01-10 11:18:44 -05:00
John Ericson 940c4fa3f5 treewide: Fetchers should use stdenvNoCC. 2018-01-10 11:18:44 -05:00
John Ericson 3d59b4d285 treewide: Fixed output fetch* derivations should use nativeBuildInputs 2018-01-09 20:14:46 -05:00
Robin Gloster 7c5430c27c
Revert "rust: store the cargo-vendor config"
This reverts commit 0af2c5891b.

See 0af2c5891b (commitcomment-26737983)
This breaks the cargoSha256 hashes.
2018-01-09 15:03:03 +01:00
Will Dietz 9721ed22e8 schedulingPriority should be an int, fix check-meta type and in-tree use 2018-01-09 07:25:24 -06:00
zimbatm 0af2c5891b rust: store the cargo-vendor config
cargo-vendor generates almost the right cargo config. Store it with the
vendored files and patch it on use.

This allows to re-use the generated config when using git dependencies.
2018-01-09 03:37:53 +01:00
Vladimír Čunát 5837d1a070
Merge branch 'master' into staging 2018-01-08 17:33:31 +01:00