From 1bf1d81053f99800c3bcf22e90faba74ea11fcbb Mon Sep 17 00:00:00 2001 From: llathasa-veleth Date: Thu, 12 Aug 2021 14:27:25 +0300 Subject: [PATCH 01/28] profetch: init at v0.1.6 --- pkgs/tools/misc/profetch/default.nix | 34 ++++++++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 2 files changed, 36 insertions(+) create mode 100644 pkgs/tools/misc/profetch/default.nix diff --git a/pkgs/tools/misc/profetch/default.nix b/pkgs/tools/misc/profetch/default.nix new file mode 100644 index 000000000000..52211ee1c68a --- /dev/null +++ b/pkgs/tools/misc/profetch/default.nix @@ -0,0 +1,34 @@ +{ stdenv, lib +, fetchFromGitHub, gprolog }: + +stdenv.mkDerivation rec { + pname = "profetch"; + version = "v0.1.6"; + + src = fetchFromGitHub { + owner = "RustemB"; + repo = "profetch"; + rev = "v0.1.6"; + sha256 = "1clh3l50wz6mlrw9kx0wh2bbhnz6bsksyh4ngz7givv4y3g9m702"; + }; + + buildInputs = [ gprolog ]; + + buildPhase = '' + gplc profetch.pl --no-top-level \ + --no-debugger --no-fd-lib \ + --no-fd-lib-warn --min-size -o profetch + ''; + + installPhase = '' + install -Dm755 -t $out/bin profetch + ''; + + meta = with lib; { + description = "System Information Fetcher Written in GNU/Prolog"; + homepage = "https://github.com/RustemB/profetch"; + license = licenses.gpl3; + platforms = platforms.all; + maintainers = [ maintainers.vel ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 3c7a13f08702..86c317322b7a 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -3253,6 +3253,8 @@ with pkgs; inherit (darwin) libiconv; }; + profetch = callPackage ../tools/misc/profetch { }; + psrecord = python3Packages.callPackage ../tools/misc/psrecord {}; reg = callPackage ../tools/virtualization/reg { }; From 50ea7288a375caf890e12a15dbebcbdbffba7d7e Mon Sep 17 00:00:00 2001 From: veleth Date: Thu, 12 Aug 2021 20:37:43 +0300 Subject: [PATCH 02/28] disfetch: more convenient way of using name/rev --- pkgs/tools/misc/profetch/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/misc/profetch/default.nix b/pkgs/tools/misc/profetch/default.nix index 52211ee1c68a..13b680694010 100644 --- a/pkgs/tools/misc/profetch/default.nix +++ b/pkgs/tools/misc/profetch/default.nix @@ -7,8 +7,8 @@ stdenv.mkDerivation rec { src = fetchFromGitHub { owner = "RustemB"; - repo = "profetch"; - rev = "v0.1.6"; + repo = pname; + rev = version; sha256 = "1clh3l50wz6mlrw9kx0wh2bbhnz6bsksyh4ngz7givv4y3g9m702"; }; From e9f95216eac352de29d32f3b6c61f31fc036bd53 Mon Sep 17 00:00:00 2001 From: veleth Date: Fri, 13 Aug 2021 09:27:25 +0300 Subject: [PATCH 03/28] profetch: update version to suit recomendations Co-authored-by: Christoph Neidahl --- pkgs/tools/misc/profetch/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/tools/misc/profetch/default.nix b/pkgs/tools/misc/profetch/default.nix index 13b680694010..727647463972 100644 --- a/pkgs/tools/misc/profetch/default.nix +++ b/pkgs/tools/misc/profetch/default.nix @@ -3,7 +3,7 @@ stdenv.mkDerivation rec { pname = "profetch"; - version = "v0.1.6"; + version = "0.1.6"; src = fetchFromGitHub { owner = "RustemB"; From eab56c384ba89aee1f62f194e9195a6b2534f039 Mon Sep 17 00:00:00 2001 From: veleth Date: Fri, 13 Aug 2021 09:27:32 +0300 Subject: [PATCH 04/28] profetch: update version to suit recomendations Co-authored-by: Christoph Neidahl --- pkgs/tools/misc/profetch/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/tools/misc/profetch/default.nix b/pkgs/tools/misc/profetch/default.nix index 727647463972..2f645cd80dac 100644 --- a/pkgs/tools/misc/profetch/default.nix +++ b/pkgs/tools/misc/profetch/default.nix @@ -8,7 +8,7 @@ stdenv.mkDerivation rec { src = fetchFromGitHub { owner = "RustemB"; repo = pname; - rev = version; + rev = "v${version}; sha256 = "1clh3l50wz6mlrw9kx0wh2bbhnz6bsksyh4ngz7givv4y3g9m702"; }; From 2bd7a492ba04fa3fa1e0bf278d2468253b1a6c7b Mon Sep 17 00:00:00 2001 From: veleth Date: Fri, 13 Aug 2021 09:28:00 +0300 Subject: [PATCH 05/28] profetch: update code alignment Co-authored-by: Christoph Neidahl --- pkgs/tools/misc/profetch/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pkgs/tools/misc/profetch/default.nix b/pkgs/tools/misc/profetch/default.nix index 2f645cd80dac..846ee7451bd3 100644 --- a/pkgs/tools/misc/profetch/default.nix +++ b/pkgs/tools/misc/profetch/default.nix @@ -18,9 +18,11 @@ stdenv.mkDerivation rec { gplc profetch.pl --no-top-level \ --no-debugger --no-fd-lib \ --no-fd-lib-warn --min-size -o profetch + runHook postBuild ''; installPhase = '' + runHook preInstall install -Dm755 -t $out/bin profetch ''; From 90cc1994d0f5d9bb44f33c2c094571ccd70684d1 Mon Sep 17 00:00:00 2001 From: veleth Date: Fri, 13 Aug 2021 09:36:00 +0300 Subject: [PATCH 06/28] profetch: refined code + Added missing `"` to the `rev` variable + We use 4-space indentation in bash scripts inside nix code + License in GPL3-only + One-line args because not too much of them --- pkgs/tools/misc/profetch/default.nix | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/pkgs/tools/misc/profetch/default.nix b/pkgs/tools/misc/profetch/default.nix index 846ee7451bd3..c121274aa16d 100644 --- a/pkgs/tools/misc/profetch/default.nix +++ b/pkgs/tools/misc/profetch/default.nix @@ -1,5 +1,4 @@ -{ stdenv, lib -, fetchFromGitHub, gprolog }: +{ stdenv, lib, fetchFromGitHub, gprolog }: stdenv.mkDerivation rec { pname = "profetch"; @@ -8,28 +7,28 @@ stdenv.mkDerivation rec { src = fetchFromGitHub { owner = "RustemB"; repo = pname; - rev = "v${version}; + rev = "v${version}"; sha256 = "1clh3l50wz6mlrw9kx0wh2bbhnz6bsksyh4ngz7givv4y3g9m702"; }; buildInputs = [ gprolog ]; buildPhase = '' - gplc profetch.pl --no-top-level \ - --no-debugger --no-fd-lib \ - --no-fd-lib-warn --min-size -o profetch - runHook postBuild + gplc profetch.pl --no-top-level --no-debugger \ + --no-fd-lib --no-fd-lib-warn \ + --min-size -o profetch + runHook postBuild ''; installPhase = '' - runHook preInstall - install -Dm755 -t $out/bin profetch + runHook preInstall + install -Dm755 -t $out/bin profetch ''; meta = with lib; { description = "System Information Fetcher Written in GNU/Prolog"; homepage = "https://github.com/RustemB/profetch"; - license = licenses.gpl3; + license = licenses.gpl3Only; platforms = platforms.all; maintainers = [ maintainers.vel ]; }; From 8b8a629b224876e4d7cdaeb4cb9f0cd2d25720ef Mon Sep 17 00:00:00 2001 From: veleth Date: Fri, 13 Aug 2021 17:50:53 +0300 Subject: [PATCH 07/28] profetch: add postInstall hook Co-authored-by: Christoph Neidahl --- pkgs/tools/misc/profetch/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/pkgs/tools/misc/profetch/default.nix b/pkgs/tools/misc/profetch/default.nix index c121274aa16d..6c0e5359649a 100644 --- a/pkgs/tools/misc/profetch/default.nix +++ b/pkgs/tools/misc/profetch/default.nix @@ -23,6 +23,7 @@ stdenv.mkDerivation rec { installPhase = '' runHook preInstall install -Dm755 -t $out/bin profetch + runHook postInstall ''; meta = with lib; { From e67b99da608ecb72fcc046867d7338e1b30a5d3d Mon Sep 17 00:00:00 2001 From: veleth Date: Fri, 13 Aug 2021 17:51:06 +0300 Subject: [PATCH 08/28] profetch: add preBuild hook Co-authored-by: Christoph Neidahl --- pkgs/tools/misc/profetch/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/pkgs/tools/misc/profetch/default.nix b/pkgs/tools/misc/profetch/default.nix index 6c0e5359649a..cbce3f821b4c 100644 --- a/pkgs/tools/misc/profetch/default.nix +++ b/pkgs/tools/misc/profetch/default.nix @@ -14,6 +14,7 @@ stdenv.mkDerivation rec { buildInputs = [ gprolog ]; buildPhase = '' + runHook preBuild gplc profetch.pl --no-top-level --no-debugger \ --no-fd-lib --no-fd-lib-warn \ --min-size -o profetch From c6ed61f0936c8dd714ce1a6a3e208f3f607da644 Mon Sep 17 00:00:00 2001 From: veleth Date: Fri, 13 Aug 2021 17:51:36 +0300 Subject: [PATCH 09/28] profetch: replace buildInputs with nativeBuildInputs Co-authored-by: Sandro --- pkgs/tools/misc/profetch/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/tools/misc/profetch/default.nix b/pkgs/tools/misc/profetch/default.nix index cbce3f821b4c..11684579f187 100644 --- a/pkgs/tools/misc/profetch/default.nix +++ b/pkgs/tools/misc/profetch/default.nix @@ -11,7 +11,7 @@ stdenv.mkDerivation rec { sha256 = "1clh3l50wz6mlrw9kx0wh2bbhnz6bsksyh4ngz7givv4y3g9m702"; }; - buildInputs = [ gprolog ]; + nativeBuildInputs = [ gprolog ]; buildPhase = '' runHook preBuild From b2a1e0bd7fa4583830cfd5122728c023341fa41b Mon Sep 17 00:00:00 2001 From: veleth Date: Fri, 13 Aug 2021 17:53:11 +0300 Subject: [PATCH 10/28] profetch: indentation fix --- pkgs/tools/misc/profetch/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/tools/misc/profetch/default.nix b/pkgs/tools/misc/profetch/default.nix index 11684579f187..3ed264c38de3 100644 --- a/pkgs/tools/misc/profetch/default.nix +++ b/pkgs/tools/misc/profetch/default.nix @@ -24,7 +24,7 @@ stdenv.mkDerivation rec { installPhase = '' runHook preInstall install -Dm755 -t $out/bin profetch - runHook postInstall + runHook postInstall ''; meta = with lib; { From 61bae5655709e09a13741c7fa6913bdae165a010 Mon Sep 17 00:00:00 2001 From: veleth Date: Fri, 13 Aug 2021 18:14:33 +0300 Subject: [PATCH 11/28] Update default.nix --- pkgs/tools/misc/profetch/default.nix | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/pkgs/tools/misc/profetch/default.nix b/pkgs/tools/misc/profetch/default.nix index 3ed264c38de3..d5118b346a6b 100644 --- a/pkgs/tools/misc/profetch/default.nix +++ b/pkgs/tools/misc/profetch/default.nix @@ -15,16 +15,16 @@ stdenv.mkDerivation rec { buildPhase = '' runHook preBuild - gplc profetch.pl --no-top-level --no-debugger \ - --no-fd-lib --no-fd-lib-warn \ - --min-size -o profetch - runHook postBuild + gplc profetch.pl --no-top-level --no-debugger \ + --no-fd-lib --no-fd-lib-warn \ + --min-size -o profetch + runHook postBuild ''; installPhase = '' - runHook preInstall - install -Dm755 -t $out/bin profetch - runHook postInstall + runHook preInstall + install -Dm755 -t $out/bin profetch + runHook postInstall ''; meta = with lib; { From 46232128d2635dcc1852f1bf163412b695d93ff7 Mon Sep 17 00:00:00 2001 From: LavaDesu Date: Wed, 1 Sep 2021 17:54:42 +0700 Subject: [PATCH 12/28] tree-sitter: replace hyphens with underscores in .withPlugins nvim-treesitter expects underscores instead of hyphens, causing some grammars not to be recognised --- pkgs/development/tools/parsing/tree-sitter/default.nix | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/pkgs/development/tools/parsing/tree-sitter/default.nix b/pkgs/development/tools/parsing/tree-sitter/default.nix index 60704fdd780b..0b38d1d8e267 100644 --- a/pkgs/development/tools/parsing/tree-sitter/default.nix +++ b/pkgs/development/tools/parsing/tree-sitter/default.nix @@ -90,8 +90,9 @@ let in { name = - (lib.strings.removePrefix "tree-sitter-" - (lib.strings.removeSuffix "-grammar" name)) + (lib.strings.replaceStrings ["-"] ["_"] + (lib.strings.removePrefix "tree-sitter-" + (lib.strings.removeSuffix "-grammar" name))) + stdenv.hostPlatform.extensions.sharedLibrary; path = "${drv}/parser"; } From b79483d2b72c8e349a8fa8a6e67e8061d82d6027 Mon Sep 17 00:00:00 2001 From: Noah Fontes Date: Sun, 12 Sep 2021 15:07:15 -0700 Subject: [PATCH 13/28] autoPatchelfHook: fix detection under crossSystem In #84415, autoPatchelfHook was taught to use the correct path to the readelf binary when a crossSystem is specified. Unfortunately, the remainder of the functionality in the script depended on ldd, which only reads ELF files of its own architecture. It has the further unfortunate quality of not reporting any useful error, but rather that the file is not a dynamic executable. This change uses patchelf to directly analyze the DT_NEEDED tags in the target files instead, which correctly works across architectures. It also updates the use of objdump to be prefix-aware $OBJDUMP (which would have been required in the PR mentioned above, but we never made it that far into the script execution). --- .../setup-hooks/auto-patchelf.sh | 99 ++++++++++++++----- 1 file changed, 73 insertions(+), 26 deletions(-) diff --git a/pkgs/build-support/setup-hooks/auto-patchelf.sh b/pkgs/build-support/setup-hooks/auto-patchelf.sh index 70b1fc802b56..d310f8255224 100644 --- a/pkgs/build-support/setup-hooks/auto-patchelf.sh +++ b/pkgs/build-support/setup-hooks/auto-patchelf.sh @@ -38,7 +38,6 @@ isExecutable() { declare -Ag autoPatchelfCachedDepsAssoc declare -ag autoPatchelfCachedDeps - addToDepCache() { if [[ ${autoPatchelfCachedDepsAssoc[$1]+f} ]]; then return; fi @@ -54,25 +53,70 @@ declare -gi depCacheInitialised=0 declare -gi doneRecursiveSearch=0 declare -g foundDependency -getDepsFromSo() { - ldd "$1" 2> /dev/null | sed -n -e 's/[^=]*=> *\(.\+\) \+([^)]*)$/\1/p' +getDepsFromElfBinary() { + # NOTE: This does not use runPatchelf because it may encounter non-ELF + # files. Caller is expected to check the return code if needed. + patchelf --print-needed "$1" 2> /dev/null +} + +getRpathFromElfBinary() { + # NOTE: This does not use runPatchelf because it may encounter non-ELF + # files. Caller is expected to check the return code if needed. + local rpath + rpath="$(patchelf --print-rpath "$1" 2> /dev/null)" || return $? + + local IFS=':' + printf "%s\n" $rpath +} + +populateCacheForDep() { + local so="$1" + local rpath found + rpath="$(getRpathFromElfBinary "$so")" || return 1 + + for found in $(getDepsFromElfBinary "$so"); do + local rpathElem + for rpathElem in $rpath; do + # Ignore empty element or $ORIGIN magic variable which should be + # deterministically resolved by adding this package's library + # files early anyway. + # + # shellcheck disable=SC2016 + # (Expressions don't expand in single quotes, use double quotes for + # that.) + if [[ -z "$rpathElem" || "$rpathElem" == *'$ORIGIN'* ]]; then + continue + fi + + local soname="${found%.so*}" + local foundso= + for foundso in "$rpathElem/$soname".so*; do + addToDepCache "$foundso" + done + + # Found in this element of the rpath, no need to check others. + if [ -n "$foundso" ]; then + break + fi + done + done + + # Not found in any rpath element. + return 1 } populateCacheWithRecursiveDeps() { - local so found foundso - for so in "${autoPatchelfCachedDeps[@]}"; do - for found in $(getDepsFromSo "$so"); do - local base="${found##*/}" - local soname="${base%.so*}" - for foundso in "${found%/*}/$soname".so*; do - addToDepCache "$foundso" - done - done + # Dependencies may add more to the end of this array, so we use a counter + # with while instead of a regular for loop here. + local -i i=0 + while [ $i -lt ${#autoPatchelfCachedDeps[@]} ]; do + populateCacheForDep "${autoPatchelfCachedDeps[$i]}" + i=$i+1 done } getSoArch() { - objdump -f "$1" | sed -ne 's/^architecture: *\([^,]\+\).*/\1/p' + $OBJDUMP -f "$1" | sed -ne 's/^architecture: *\([^,]\+\).*/\1/p' } # NOTE: If you want to use this function outside of the autoPatchelf function, @@ -130,25 +174,25 @@ autoPatchelfFile() { fi fi + local libcLib + libcLib="$(< "$NIX_CC/nix-support/orig-libc")/lib" + echo "searching for dependencies of $toPatch" >&2 - # We're going to find all dependencies based on ldd output, so we need to - # clear the RPATH first. - runPatchelf --remove-rpath "$toPatch" - - # If the file is not a dynamic executable, ldd/sed will fail, - # in which case we return, since there is nothing left to do. local missing - missing="$( - ldd "$toPatch" 2> /dev/null | \ - sed -n -e 's/^[\t ]*\([^ ]\+\) => not found.*/\1/p' - )" || return 0 + missing="$(getDepsFromElfBinary "$toPatch")" || return 0 # This ensures that we get the output of all missing dependencies instead # of failing at the first one, because it's more useful when working on a # new package where you don't yet know its dependencies. for dep in $missing; do + # Check whether this library exists in libc. If so, we don't need to do + # any futher searching -- it will be resolved correctly by the linker. + if [ -f "$libcLib/$dep" ]; then + continue + fi + echo -n " $dep -> " >&2 if findDependency "$dep" "$(getSoArch "$toPatch")"; then rpath="$rpath${rpath:+:}${foundDependency%/*}" @@ -185,7 +229,7 @@ addAutoPatchelfSearchPath() { done while IFS= read -r -d '' file; do - addToDepCache "$file" + addToDepCache "$file" done < <(find "$@" "${findOpts[@]}" \! -type d \ \( -name '*.so' -o -name '*.so.*' \) -print0) } @@ -221,10 +265,10 @@ autoPatchelf() { segmentHeaders="$(LANG=C $READELF -l "$file")" # Skip if the ELF file doesn't have segment headers (eg. object files). # not using grep -q, because it can cause Broken pipe - [ -n "$(echo "$segmentHeaders" | grep '^Program Headers:')" ] || continue + grep -q '^Program Headers:' <<<"$segmentHeaders" || continue if isExecutable "$file"; then # Skip if the executable is statically linked. - [ -n "$(echo "$segmentHeaders" | grep "^ *INTERP\\>")" ] || continue + grep -q "^ *INTERP\\>" <<<"$segmentHeaders" || continue fi # Jump file if patchelf is unable to parse it # Some programs contain binary blobs for testing, @@ -256,6 +300,9 @@ autoPatchelf() { # So what we do here is basically run in postFixup and emulate the same # behaviour as fixupOutputHooks because the setup hook for patchelf is run in # fixupOutput and the postFixup hook runs later. +# +# shellcheck disable=SC2016 +# (Expressions don't expand in single quotes, use double quotes for that.) postFixupHooks+=(' if [ -z "${dontAutoPatchelf-}" ]; then autoPatchelf -- $(for output in $outputs; do From b014bcf4163af5bcbee3e18de645c0d3ea9aedc0 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Tue, 14 Sep 2021 02:40:49 +0000 Subject: [PATCH 14/28] bosh-cli: 6.4.5 -> 6.4.6 --- pkgs/applications/networking/cluster/bosh-cli/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/networking/cluster/bosh-cli/default.nix b/pkgs/applications/networking/cluster/bosh-cli/default.nix index 90105b1c4ebb..2dc1c1e86f2c 100644 --- a/pkgs/applications/networking/cluster/bosh-cli/default.nix +++ b/pkgs/applications/networking/cluster/bosh-cli/default.nix @@ -8,13 +8,13 @@ buildGoModule rec { pname = "bosh-cli"; - version = "6.4.5"; + version = "6.4.6"; src = fetchFromGitHub { owner = "cloudfoundry"; repo = pname; rev = "v${version}"; - sha256 = "sha256-/1JRje7SNrIsb3V1tq5ZW5zsURaQUzM/Jp3TMR0MfKw="; + sha256 = "sha256-MNM8gyi7L00OSf2EIEQFAlH7oMrcZSubf6tWcgJJMeQ="; }; vendorSha256 = null; From eb328077c3a3f01c5d0c27f0b95fe4f544dbd9ad Mon Sep 17 00:00:00 2001 From: Guillaume Girol Date: Tue, 14 Sep 2021 12:00:00 +0000 Subject: [PATCH 15/28] nixos/vsftpd: allocate group; fix fallout of #133166 --- nixos/modules/misc/ids.nix | 4 ++-- nixos/modules/services/networking/vsftpd.nix | 4 +++- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix index 30cd8615acf8..77575f322746 100644 --- a/nixos/modules/misc/ids.nix +++ b/nixos/modules/misc/ids.nix @@ -46,7 +46,7 @@ in messagebus = 4; # D-Bus haldaemon = 5; #disk = 6; # unused - vsftpd = 7; + #vsftpd = 7; # dynamically allocated ass of 2021-09-14 ftp = 8; bitlbee = 9; #avahi = 10; # removed 2019-05-22 @@ -366,7 +366,7 @@ in messagebus = 4; # D-Bus haldaemon = 5; disk = 6; - vsftpd = 7; + #vsftpd = 7; # dynamically allocated as of 2021-09-14 ftp = 8; bitlbee = 9; #avahi = 10; # removed 2019-05-22 diff --git a/nixos/modules/services/networking/vsftpd.nix b/nixos/modules/services/networking/vsftpd.nix index c57994533c17..5489f74bf032 100644 --- a/nixos/modules/services/networking/vsftpd.nix +++ b/nixos/modules/services/networking/vsftpd.nix @@ -282,7 +282,8 @@ in users.users = { "vsftpd" = { - uid = config.ids.uids.vsftpd; + group = "vsftpd"; + isSystemUser = true; description = "VSFTPD user"; home = if cfg.localRoot != null then cfg.localRoot # <= Necessary for virtual users. @@ -297,6 +298,7 @@ in }; }; + users.groups.vsftpd = {}; users.groups.ftp.gid = config.ids.gids.ftp; # If you really have to access root via FTP use mkOverride or userlistDeny From 9739ba6baf77bcbb39ead2d443019fb930d9a42d Mon Sep 17 00:00:00 2001 From: Guillaume Girol Date: Tue, 14 Sep 2021 12:00:00 +0000 Subject: [PATCH 16/28] nixos/systemd: create a group for systemd-coredump MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fixes: ``` activating the configuration... warning: user ‘systemd-coredump’ has unknown group ‘systemd-coredump’ setting up /etc... ``` Oversight of #133166 --- nixos/modules/system/boot/systemd.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/nixos/modules/system/boot/systemd.nix b/nixos/modules/system/boot/systemd.nix index 6671592202ff..9693e2e377a7 100644 --- a/nixos/modules/system/boot/systemd.nix +++ b/nixos/modules/system/boot/systemd.nix @@ -1060,6 +1060,7 @@ in uid = config.ids.uids.systemd-coredump; group = "systemd-coredump"; }; + users.groups.systemd-coredump = {}; users.users.systemd-network = { uid = config.ids.uids.systemd-network; group = "systemd-network"; From 9cdc7e7ae87f1410c139e56a46886f61676f339e Mon Sep 17 00:00:00 2001 From: Pavol Rusnak Date: Mon, 13 Sep 2021 22:55:56 +0200 Subject: [PATCH 17/28] bitcoin: 0.21.1 -> 22.0 --- pkgs/applications/blockchains/bitcoin/default.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pkgs/applications/blockchains/bitcoin/default.nix b/pkgs/applications/blockchains/bitcoin/default.nix index 8bbeda2e0d4e..7a0237ed2b15 100644 --- a/pkgs/applications/blockchains/bitcoin/default.nix +++ b/pkgs/applications/blockchains/bitcoin/default.nix @@ -24,10 +24,10 @@ with lib; let - version = "0.21.1"; - majorMinorVersion = versions.majorMinor version; + version = "22.0"; + majorVersion = versions.major version; desktop = fetchurl { - url = "https://raw.githubusercontent.com/bitcoin-core/packaging/${majorMinorVersion}/debian/bitcoin-qt.desktop"; + url = "https://raw.githubusercontent.com/bitcoin-core/packaging/${majorVersion}.x/debian/bitcoin-qt.desktop"; sha256 = "0cpna0nxcd1dw3nnzli36nf9zj28d2g9jf5y0zl9j18lvanvniha"; }; in @@ -40,7 +40,7 @@ stdenv.mkDerivation rec { "https://bitcoincore.org/bin/bitcoin-core-${version}/bitcoin-${version}.tar.gz" "https://bitcoin.org/bin/bitcoin-core-${version}/bitcoin-${version}.tar.gz" ]; - sha256 = "caff23449220cf45753f312cefede53a9eac64000bb300797916526236b6a1e0"; + sha256 = "d0e9d089b57048b1555efa7cd5a63a7ed042482045f6f33402b1df425bf9613b"; }; nativeBuildInputs = From eb37bdb2ae677f7dde2abdb716e3028fe2009d2c Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Tue, 14 Sep 2021 14:14:45 +0000 Subject: [PATCH 18/28] libatomic_ops: 7.6.10 -> 7.6.12 --- pkgs/development/libraries/libatomic_ops/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/libatomic_ops/default.nix b/pkgs/development/libraries/libatomic_ops/default.nix index f9e850f91ffa..9b91dac8f638 100644 --- a/pkgs/development/libraries/libatomic_ops/default.nix +++ b/pkgs/development/libraries/libatomic_ops/default.nix @@ -2,14 +2,14 @@ stdenv.mkDerivation rec { pname = "libatomic_ops"; - version = "7.6.10"; + version = "7.6.12"; src = fetchurl { urls = [ "http://www.ivmaisoft.com/_bin/atomic_ops/libatomic_ops-${version}.tar.gz" "https://github.com/ivmai/libatomic_ops/releases/download/v${version}/libatomic_ops-${version}.tar.gz" ]; - sha256 = "1bwry043f62pc4mgdd37zx3fif19qyrs8f5bw7qxlmkzh5hdyzjq"; + sha256 = "sha256-8KtWbiX84ItWDh/qtqPbAdtKOOW8aHgEM07zkgxUnz4="; }; outputs = [ "out" "dev" "doc" ]; From ac74b42351e671d45949341fe5b9dac5bb69f574 Mon Sep 17 00:00:00 2001 From: Benjamin Asbach Date: Sat, 11 Sep 2021 19:23:32 -0600 Subject: [PATCH 19/28] csvs-to-sqlite: removed from `python-package` since it's an command line application --- .../python-modules => tools/misc}/csvs-to-sqlite/default.nix | 0 pkgs/top-level/all-packages.nix | 2 +- pkgs/top-level/python-packages.nix | 2 -- 3 files changed, 1 insertion(+), 3 deletions(-) rename pkgs/{development/python-modules => tools/misc}/csvs-to-sqlite/default.nix (100%) diff --git a/pkgs/development/python-modules/csvs-to-sqlite/default.nix b/pkgs/tools/misc/csvs-to-sqlite/default.nix similarity index 100% rename from pkgs/development/python-modules/csvs-to-sqlite/default.nix rename to pkgs/tools/misc/csvs-to-sqlite/default.nix diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 4aeb4cc079e7..afad862de885 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -2470,7 +2470,7 @@ with pkgs; csv2latex = callPackage ../tools/misc/csv2latex { }; - csvs-to-sqlite = with python3Packages; toPythonApplication csvs-to-sqlite; + csvs-to-sqlite = python3Packages.callPackage ../tools/misc/csvs-to-sqlite { }; cucumber = callPackage ../development/tools/cucumber {}; diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 88fa4b1d1ebb..951c675d09eb 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -1749,8 +1749,6 @@ in { cssutils = callPackage ../development/python-modules/cssutils { }; - csvs-to-sqlite = callPackage ../development/python-modules/csvs-to-sqlite { }; - csvw = callPackage ../development/python-modules/csvw { }; cucumber-tag-expressions = callPackage ../development/python-modules/cucumber-tag-expressions { }; From 4b24b5445c45356aca133da7a8d44c42f213b9b0 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Tue, 14 Sep 2021 17:01:10 +0000 Subject: [PATCH 20/28] mob: 1.10.0 -> 1.12.0 --- pkgs/applications/misc/mob/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/misc/mob/default.nix b/pkgs/applications/misc/mob/default.nix index 72aa41d03c26..e9e0559b0d08 100644 --- a/pkgs/applications/misc/mob/default.nix +++ b/pkgs/applications/misc/mob/default.nix @@ -2,14 +2,14 @@ buildGoPackage rec { pname = "mob"; - version = "1.10.0"; + version = "1.12.0"; goPackagePath = "github.com/remotemobprogramming/mob"; src = fetchFromGitHub { rev = "v${version}"; owner = "remotemobprogramming"; repo = pname; - sha256 = "sha256-O732PNmE+RDmETHAX/vlaSF4ZUShmO7P1B41kCw+/cQ="; + sha256 = "sha256-5hvuaKlaWrB8nEeHytnn4ywciLbOSoXdBdc3K/PqMG8="; }; meta = with lib; { From 6957f6cb1efd2a3b9b85683bd2b3cae6c0b1068c Mon Sep 17 00:00:00 2001 From: Jonathan Ringer Date: Tue, 14 Sep 2021 11:04:45 -0700 Subject: [PATCH 21/28] python3Packages.google-resumable-media: fix google-crc32c bounds --- .../python-modules/google-resumable-media/default.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/pkgs/development/python-modules/google-resumable-media/default.nix b/pkgs/development/python-modules/google-resumable-media/default.nix index f29604c9da30..854b6304e7a8 100644 --- a/pkgs/development/python-modules/google-resumable-media/default.nix +++ b/pkgs/development/python-modules/google-resumable-media/default.nix @@ -19,6 +19,11 @@ buildPythonPackage rec { sha256 = "36d682161fdcbfa29681212c210fabecbf6849a505a0cbc54b7f70a10a5278a2"; }; + postPatch = '' + substituteInPlace setup.py \ + --replace "google-crc32c >= 1.0, <= 1.1.2" "google-crc32c~=1.0" + ''; + propagatedBuildInputs = [ google-auth google-crc32c requests ]; checkInputs = [ google-cloud-testutils mock pytestCheckHook pytest-asyncio ]; From 9c81cbace1a74dc599af642f7e9e87954a184114 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Tue, 14 Sep 2021 18:15:03 +0000 Subject: [PATCH 22/28] open-policy-agent: 0.31.0 -> 0.32.0 --- pkgs/development/tools/open-policy-agent/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/tools/open-policy-agent/default.nix b/pkgs/development/tools/open-policy-agent/default.nix index 2d87fea8ff55..6f46e6df956e 100644 --- a/pkgs/development/tools/open-policy-agent/default.nix +++ b/pkgs/development/tools/open-policy-agent/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "open-policy-agent"; - version = "0.31.0"; + version = "0.32.0"; src = fetchFromGitHub { owner = "open-policy-agent"; repo = "opa"; rev = "v${version}"; - sha256 = "sha256-SUMTyqzeaCTj/fVdDHFZkh43t+mIFGNt6wendOt9gfw="; + sha256 = "sha256-RCB9PSUvfIqDAuZFw8HAF35ZhWwTiS+dAHgwlLPwc9I="; }; vendorSha256 = null; From b5074c90f803fee4101349fa9712a86c448f139d Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Tue, 14 Sep 2021 19:01:44 +0000 Subject: [PATCH 23/28] operator-sdk: 1.11.0 -> 1.12.0 --- pkgs/development/tools/operator-sdk/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/development/tools/operator-sdk/default.nix b/pkgs/development/tools/operator-sdk/default.nix index 908a5e6c23da..23bd877a698e 100644 --- a/pkgs/development/tools/operator-sdk/default.nix +++ b/pkgs/development/tools/operator-sdk/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "operator-sdk"; - version = "1.11.0"; + version = "1.12.0"; src = fetchFromGitHub { owner = "operator-framework"; repo = pname; rev = "v${version}"; - sha256 = "sha256-5eW2yrlUI0B5YNi9BtDjPsTC2vwavEXAMppa5rv5xhE="; + sha256 = "sha256-+AWkzv6SI/d3p1ljopSyLg2qi1hv6PsynmVG7+lUSTw="; }; - vendorSha256 = "sha256-gATpYjGKxOfXUnfSZ5uXrVbIydiEbijYR2axPluE5YU="; + vendorSha256 = "sha256-jYBkC0IA2xbRa+56CW/5EWG8sYg3eRuFdLpOFSinuuw="; doCheck = false; From a5d5f32f9018fcafb203437740964ab574aef8ab Mon Sep 17 00:00:00 2001 From: Benjamin Asbach Date: Tue, 14 Sep 2021 08:34:34 -0600 Subject: [PATCH 24/28] csvs-to-sqlite: added override for `click` dependency to version `7` in order to fix build The application is not capable to build with `click` greate than version `7`. --- pkgs/tools/misc/csvs-to-sqlite/default.nix | 24 +++++++++++----------- pkgs/top-level/all-packages.nix | 2 +- 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/pkgs/tools/misc/csvs-to-sqlite/default.nix b/pkgs/tools/misc/csvs-to-sqlite/default.nix index ea32471f09c5..b351b6e4efb6 100644 --- a/pkgs/tools/misc/csvs-to-sqlite/default.nix +++ b/pkgs/tools/misc/csvs-to-sqlite/default.nix @@ -1,16 +1,16 @@ -{ lib -, buildPythonPackage -, fetchFromGitHub -, isPy3k -, click -, dateparser -, pandas -, py-lru-cache -, six -, pytestCheckHook -}: +{ lib, python3, fetchFromGitHub }: -buildPythonPackage rec { +let + # csvs-to-sqlite is currently not compatible with Click 8. See the following + # https://github.com/simonw/csvs-to-sqlite/issues/80 + # + # Workaround the issue by providing click 7 explicitly. + python = python3.override { + packageOverrides = self: super: { + click = self.callPackage ../../../development/python-modules/click/7.nix { }; + }; + }; +in with python.pkgs; buildPythonApplication rec { pname = "csvs-to-sqlite"; version = "1.2"; disabled = !isPy3k; diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index afad862de885..f10b60c4aa75 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -2470,7 +2470,7 @@ with pkgs; csv2latex = callPackage ../tools/misc/csv2latex { }; - csvs-to-sqlite = python3Packages.callPackage ../tools/misc/csvs-to-sqlite { }; + csvs-to-sqlite = callPackage ../tools/misc/csvs-to-sqlite { }; cucumber = callPackage ../development/tools/cucumber {}; From 5a9d8315c368d9a67947ca7902137a94c930e7a8 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Tue, 14 Sep 2021 16:23:03 +0000 Subject: [PATCH 25/28] pyupgrade: 2.25.0 -> 2.25.1 --- pkgs/development/python-modules/pyupgrade/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/pyupgrade/default.nix b/pkgs/development/python-modules/pyupgrade/default.nix index 636a05718420..20f5c404b979 100644 --- a/pkgs/development/python-modules/pyupgrade/default.nix +++ b/pkgs/development/python-modules/pyupgrade/default.nix @@ -8,14 +8,14 @@ buildPythonPackage rec { pname = "pyupgrade"; - version = "2.25.0"; + version = "2.25.1"; disabled = pythonOlder "3.6"; src = fetchFromGitHub { owner = "asottile"; repo = pname; rev = "v${version}"; - sha256 = "0mbx5gv6ns896mxzml8q9r9dn5wvnrb7gc5iw49fdwbb0yw9yhyx"; + sha256 = "sha256-4k4973sNCqE2JbyT901HAijlyymFAR4hJp7NavqlzCQ="; }; checkInputs = [ pytestCheckHook ]; From 61e54424baa413ca1a8efa805813d07e3f1ff00f Mon Sep 17 00:00:00 2001 From: Michael Weiss Date: Tue, 14 Sep 2021 22:38:13 +0200 Subject: [PATCH 26/28] chromium: 93.0.4577.63 -> 93.0.4577.82 https://chromereleases.googleblog.com/2021/09/stable-channel-update-for-desktop.html This update includes 11 security fixes. Google is aware that exploits for CVE-2021-30632 and CVE-2021-30633 exist in the wild. CVEs: CVE-2021-30625 CVE-2021-30626 CVE-2021-30627 CVE-2021-30628 CVE-2021-30629 CVE-2021-30630 CVE-2021-30631 CVE-2021-30632 CVE-2021-30633 --- .../networking/browsers/chromium/upstream-info.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.json b/pkgs/applications/networking/browsers/chromium/upstream-info.json index a094e681e230..38b595d245b8 100644 --- a/pkgs/applications/networking/browsers/chromium/upstream-info.json +++ b/pkgs/applications/networking/browsers/chromium/upstream-info.json @@ -1,8 +1,8 @@ { "stable": { - "version": "93.0.4577.63", - "sha256": "0ls8r77la6p7474j84wchvs4rvnxwfv7c8xvbxjm8h7jqak4zwza", - "sha256bin64": "1kv742arnv710mhakm2v59dwfypg7j01k7rd5if8h0s49yzdw3qc", + "version": "93.0.4577.82", + "sha256": "0lr8zdq06smncdzd6knzww9hxl8ynvxadmrkyyl13fpwb1422rjx", + "sha256bin64": "0ydvcakpnl20gx7493hv6aqnyf8f28rkvzgwnm4gws92b92n9ify", "deps": { "gn": { "version": "2021-07-08", @@ -12,9 +12,9 @@ } }, "chromedriver": { - "version": "93.0.4577.15", - "sha256_linux": "11wcimkcgaiz740k9xibi5hq1kd4zgy1vk6bd6cp31wjw4y21x5f", - "sha256_darwin": "0cxf3cg5pg9rigq7wmbap6wvmgpdr6v44bndisyaqhlw7s2hhndn" + "version": "93.0.4577.63", + "sha256_linux": "0w2lyjj0y9g1wnvk1sg2wi9dvhbjhdz1jb20rlrp5ny2gak6a47b", + "sha256_darwin": "11420nflyfvf95hxj488336jq6xqjn4lcrwpr67rj2fx6ganji7z" } }, "beta": { From 5f191ca827afaa4487a4234c6fbd6138985506f3 Mon Sep 17 00:00:00 2001 From: Michal Sojka Date: Mon, 13 Sep 2021 12:34:05 +0200 Subject: [PATCH 27/28] freecad: Allow opening .dwg files Since version 0.19, freecad can open .dwg files through libredwg. See https://wiki.freecadweb.org/FreeCAD_and_DWG_Import#FreeCAD_v0.19_and_LibreDWG. Before this commit, freecad could open .dwg files only if libredwg was independently installed. This is not how programs should work in Nix. Therefore, we explicitly depend on libredwg and hardcode full path to dwg2dxf. --- pkgs/applications/graphics/freecad/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pkgs/applications/graphics/freecad/default.nix b/pkgs/applications/graphics/freecad/default.nix index ac4050fc8c5b..ed2434fa5d07 100644 --- a/pkgs/applications/graphics/freecad/default.nix +++ b/pkgs/applications/graphics/freecad/default.nix @@ -15,6 +15,7 @@ , libGLU , libXmu , libf2c +, libredwg , libspnav , matplotlib , medfile @@ -131,6 +132,7 @@ mkDerivation rec { qtWrapperArgs = [ "--set COIN_GL_NO_CURRENT_CONTEXT_CHECK 1" + "--prefix PATH : ${libredwg}/bin" ]; postFixup = '' From 38384e4c75ffbd560eef6befd7b938e27446b70f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Robert=20Sch=C3=BCtz?= Date: Tue, 14 Sep 2021 16:25:29 -0700 Subject: [PATCH 28/28] libadwaita: 1.0.0-alpha.1 -> 1.0.0-alpha.2 https://gitlab.gnome.org/GNOME/libadwaita/-/blob/1.0.0-alpha.2/NEWS --- pkgs/development/libraries/libadwaita/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/libadwaita/default.nix b/pkgs/development/libraries/libadwaita/default.nix index d6cffcab7fed..405598c69640 100644 --- a/pkgs/development/libraries/libadwaita/default.nix +++ b/pkgs/development/libraries/libadwaita/default.nix @@ -18,7 +18,7 @@ stdenv.mkDerivation rec { pname = "libadwaita"; - version = "1.0.0-alpha.1"; + version = "1.0.0-alpha.2"; outputs = [ "out" "dev" "devdoc" ]; outputBin = "devdoc"; # demo app @@ -28,7 +28,7 @@ stdenv.mkDerivation rec { owner = "GNOME"; repo = "libadwaita"; rev = version; - sha256 = "1v52md62kaqykv8b6kxxbxwnbdzlda4ir7n5wh2iizadcailyw7p"; + sha256 = "1yvjdzs5ipmr4gi0l4k6dkqhl9b090kpjc3ll8bv1a6i7yfaf53s"; }; nativeBuildInputs = [