Commit graph

1346 commits

Author SHA1 Message Date
Peter Simons
cfce8509b8 grsecurity: add GRKERNSEC_DENYUSB option (disabled by default)
This option tells the kernel to ignore plug-in events of USB devices. Useful to
protect against attacks with malicious hardware. Currently disabled by default,
though.
2015-01-19 00:15:41 +03:00
Shea Levy
f326b7995c Remove libc++ stuff from cc-wrapper
This is now part of the libc++ setup hook
2015-01-16 11:30:51 -05:00
Shea Levy
7dc57a389e cc-wrapper: Set CC/CXX more specifically if possible 2015-01-16 10:50:53 -05:00
Eelco Dolstra
1b1e015e6e Update Debian to 7.8 2015-01-15 14:51:55 +01:00
Eric Seidel
b070eacfcd rename occurrences of cc.gcc to cc.cc 2015-01-14 20:51:58 -08:00
Eric Seidel
48f63c2f2e rename gcc-wrapper to cc-wrapper.
also makes cc-wrapper compatible with clang in the darwin fork.
2015-01-14 20:26:56 -08:00
Vladimír Čunát
77d66ed834 fetchgit: improve name detection, discard nix-1.8 check
The name detection didn't work for e.g. http://git.suckless.org/sinit/.
I tested the tarball builds now.

@shlevy claimed nixpkgs requires nix-1.8 features anyway,
so the additional check with message were superfluous.
2015-01-13 19:45:31 +01:00
Vladimír Čunát
7637e71cee merge #5521: give fetchgit outputs nicer names 2015-01-13 17:46:44 +01:00
Eelco Dolstra
7358b8dfda Fix a warning in initrd generation
${pkgs.busybox}/bin and ${pkgs.busybox}/sbin are now the same
directory, so don't copy both.
2015-01-12 17:52:30 +01:00
Eelco Dolstra
872f8c0431 Remove RHEL 7 RC
It no longer exists on the RedHat FTP site.
2015-01-12 15:13:21 +01:00
Eelco Dolstra
02df7cdaa0 Fix CentOS 6.5 URLs 2015-01-12 15:13:05 +01:00
Peter Simons
4cf52df32e Merge pull request #5663 from ryantrinkle/fix-cabal-js
Use Cabal_1_22_0_0 instead of Cabal_HEAD in cabalJs
2015-01-09 15:33:03 +01:00
Ryan Trinkle
20710afb46 Use Cabal_1_22_0_0 instead of Cabal_HEAD in cabalJs
Cabal_HEAD no longer exists.  When Cabal_1_22_0_0 or later becomes the default, this should be updated again to point to Cabal
2015-01-09 08:29:56 -05:00
John Wiegley
268da01677 cabal: Allow optional use of cpphs as a preprocessor
Pinging @peti.  This is needed on Darwin/Yosemite because clang's
preprocessor is broken there.
2015-01-08 11:55:11 -06:00
William A. Kennington III
c82410eeda java: Normalize to the default jre / jdk 2015-01-07 14:55:41 -08:00
Shea Levy
3e1fdb7a35 gcc-wrapper is used for clang too 2015-01-05 14:39:22 -05:00
Ryan Trinkle
b1e967958e Eliminate incorrect version checks from cabalJs 2015-01-02 12:30:19 -05:00
Shea Levy
a8603605aa fetchgit: give output a nicer name
Instead of git-export, we get the basename of the repo, plus the
shortrev if the commit-ish is a rev.
2015-01-01 10:03:45 -05:00
Ricardo M. Correia
0a97acdc0f grsecurity: Update stable and test patches
stable: 3.0-3.14.27-201412211908 -> 3.0-3.14.27-201412280859
test:   3.0-3.17.7-201412211910  -> 3.0-3.18.1-201412281149
2015-01-01 15:45:31 +01:00
Charles Strahan
df55381b65 ghcjs: restructure 2014-12-31 00:03:43 -05:00
Ricardo M. Correia
1d44322d53 grsecurity: Update stable and test patches
stable: 3.0-3.14.27-201412211908 -> 3.0-3.14.27-201412280859
test:   3.0-3.17.7-201412211910  -> 3.0-3.18.1-201412281149
2014-12-29 03:00:47 +01:00
Charles Strahan
347a9674c1 ghcjs: cleanup 2014-12-27 18:48:12 -05:00
Charles Strahan
a188373640 Merge branch 'master' of github.com:nixos/nixpkgs into ryghcjs
Conflicts:
	pkgs/development/libraries/haskell/ghcjs-dom/default.nix
	pkgs/top-level/haskell-packages.nix
2014-12-27 14:35:01 -05:00
Shea Levy
05edd656f6 Missed gcc refs 2014-12-26 12:28:15 -05:00
John Wiegley
28b6fb61e6 Change occurrences of gcc to the more general cc
This is done for the sake of Yosemite, which does not have gcc, and yet
this change is also compatible with Linux.
2014-12-26 11:06:21 -06:00
Igor Pashev
d57927748a autoreconf may need gettext
E. g. for AC_LIB_PREFIX
2014-12-22 20:20:00 +00:00
vi
0c49b2942e Added mirrors for MySQL. 2014-12-17 11:14:46 +00:00
Vladimír Čunát
1a0a161920 gnat: make it build again (close #5307)
Problems are worked around by using older gcc wrapper for gnat bootstrap.
(from ca441636f1^)

I tried nicer solutions first, but I was unable to fix all problems for hours.
2014-12-14 16:24:31 +01:00
Michael Raskin
9ed097ab50 Fix fetchzip for actuall zip files 2014-12-12 15:16:57 +03:00
Charles Strahan
fb59151109 purify ghcjs 2014-12-11 20:56:41 -05:00
Domen Kožar
4aa3eec330 Merge branch 'master' into staging
Conflicts:
	pkgs/development/libraries/fontconfig/default.nix
2014-12-07 14:02:48 +01:00
Eelco Dolstra
b8e33a5dcb Ubuntu 14.10: Update hashes 2014-12-05 16:02:59 +01:00
Bas van Dijk
6fa969839a Merge branch 'master' of https://github.com/NixOS/nixpkgs into update
Conflicts:
	pkgs/development/libraries/haskell/text-binary/default.nix
	pkgs/top-level/haskell-defaults.nix
	pkgs/top-level/haskell-packages.nix
2014-12-05 07:54:48 +01:00
William A. Kennington III
4fcbe096b6 fetchgit: Simplify submodule url discovery 2014-12-04 15:17:58 -08:00
Bas van Dijk
35cdb19f03 Use mkdir -p instead of deprecated ensureDir 2014-11-29 14:24:31 +01:00
Vladimír Čunát
cbd2305d4d Merge branch 'master' into staging 2014-11-28 18:59:07 +01:00
aszlig
444987193e
nixos: Rename virtualbox to virtualboxGuest.
Especially new users could be confused by this, so we're now marking
services.virtualbox.enable as obsolete and defaulting to
services.virtualboxGuest.enable instead. I believe this now makes it
clear, that this option is for guest additions only.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-11-27 18:42:22 +01:00
Vladimír Čunát
b5ff06eda4 Merge branch 'master' into staging 2014-11-26 21:48:26 +01:00
Vladimír Čunát
b1803465d9 imagemagick: use a stable URL, reshuffle mirrors
CC: #5133.
2014-11-26 21:42:42 +01:00
Peter Simons
c7d3f60217 cabal: add support for "editedCabalFile" attribute to address https://github.com/NixOS/cabal2nix/issues/84
When 'editedCabalFile' is set to an SHA256 hash, the build driver replaces the
original Cabal instructions with the new version that is downloaded from
"http://hackage.haskell.org/package/${fname}/${pname}.cabal".
2014-11-26 14:24:45 +01:00
Eelco Dolstra
e611215f5c Move finding XML catalogs into a separate setup hook
This is because libxml/libxslt are not the only implementations that
respect $XML_CATALOG_FILES.

Also, look in share/xml for catalogs (in addition to the
now-deprecated xml/dtd and xml/xsl).
2014-11-25 16:23:48 +01:00
Vladimír Čunát
a9bad25ffe Merge branch 'master' into staging 2014-11-24 22:14:25 +01:00
Domen Kožar
909b62fa6e fetchurl: friendly message if hash is not given 2014-11-23 17:49:32 +01:00
Eelco Dolstra
17cf42d876 Fix patchelf RPM builds
http://hydra.nixos.org/build/17037187
2014-11-20 13:19:36 +01:00
Eelco Dolstra
99a2afd784 Update to Debian 7.7 2014-11-20 11:11:21 +01:00
Eelco Dolstra
e5513ac4dc Add Ubuntu 14.10 2014-11-20 11:11:08 +01:00
Eelco Dolstra
fda5c17a6f vmTools: Fix permissions on /tmp and /dev/* 2014-11-18 14:49:39 +01:00
Vladimír Čunát
8e44ae5bd4 stdenv lib64-moving: fail instead of overwriting
Silent overwriting is dangerous and it bit us straightaway on gcc_multi.
https://github.com/NixOS/nixpkgs/commit/51f1b4ec48d5
2014-11-17 11:27:38 +01:00
Vincent Laporte
cded306f82 nix-prefetch-git: allow dots in submodule names 2014-11-15 18:37:58 +00:00
Peter Simons
ffb635eb65 cabal: fix GHC 6.10.4 builds
3e8344d334 added some magic -optP-P flag that the old compiler
version doesn't support.
2014-11-15 18:20:40 +01:00
Eelco Dolstra
0a9ec07b93 findTarball: Fix the case where src is a directory 2014-11-10 20:06:50 +01:00
Edward Tjörnhammar
4030ab3ba4 add parens to de ambiguify 2014-11-10 06:53:24 +01:00
Edward Tjörnhammar
91c7ffc498 Revert "Revert "initialized git repo should use the set http_proxy""
This reverts commit f8a833cfb1.
This makes sure the check returns a zero code.

See discussion on https://github.com/NixOS/nixpkgs/commit/5af576f
2014-11-09 21:27:26 +01:00
Luca Bruno
f8a833cfb1 Revert "initialized git repo should use the set http_proxy"
This reverts commit 5af576ff7f.

See discussion on https://github.com/NixOS/nixpkgs/commit/5af576f
2014-11-09 13:50:48 +01:00
Luca Bruno
83221f3886 Merge branch 'master' into staging
Makes the build more useful:
- Disabled hybrid iso, makes installer tests pass again
- Imagemagick fixes to the "Illegal instruction" thing
2014-11-08 15:56:40 +01:00
Peter Simons
44273088ad cabal: enable multi-threaded builds with GHC 7.8.x or later for executables
Multi-threaded builds exacerbate the non-determinism in ghc package ids, which
is a serious problem for libraries. Packages that define only executables,
however, should be safe to  build with parallelism enabled.
2014-11-07 23:22:27 +01:00
Peter Simons
40bb2781ee cabal: add "-hidir $TMPDIR" parameter to ghc call that compiles Setup.hs
Packages that don't have a Setup.hs file get to use a default version that
lives in the Nix store. By default ghc tries to put the Setup.o and Setup.hi
files in the same directory as the source file, which isn't writable. This
leads to build errors [1]. Thus, we re-direct those paths to a build-local
writable location: $TMPDIR.

Arguably, we could also use "." or copy the /nix/store/deadbeef-Setup.hs file
into the local source directory before compiling, which would work fine, too.

[1] https://github.com/NixOS/nixpkgs/issues/4851
2014-11-07 23:22:25 +01:00
Edward Tjörnhammar
5af576ff7f initialized git repo should use the set http_proxy 2014-11-07 11:50:30 +01:00
Eelco Dolstra
f01ecbee50 nixBuild: Respect the preHook/postHook of the caller 2014-11-06 11:12:29 +01:00
Eelco Dolstra
c964077200 findTarball: Handle pipefail
It was failing because the bash subshell died with SIGPIPE, which is
no longer ignored.

http://hydra.nixos.org/build/16766452
2014-11-05 18:24:16 +01:00
Eelco Dolstra
83758d2b26 Die tabs die 2014-11-05 18:12:21 +01:00
Eelco Dolstra
2d498a3c1c findTarballs: Take nullglob into account 2014-11-05 18:12:07 +01:00
Vladimír Čunát
52404a868d Merge recent master into staging
Nixpkgs Hydra: ?compare=1157272

TODO: port e22889064f

Conflicts:
	nixos/tests/gnome3_10.nix (auto-solved)
	pkgs/applications/video/aegisub/default.nix
	pkgs/development/libraries/boost/1.55.nix
2014-11-05 15:00:44 +01:00
Eelco Dolstra
7495c61d49 Merge remote-tracking branch 'origin/darwin-clang-stdenv' into staging
Conflicts:
	pkgs/applications/editors/vim/macvim.nix
2014-11-04 14:30:43 +01:00
Joachim Fasting
71a443c1b2 Add mirrors for sage 2014-11-03 23:04:44 +01:00
Bjørn Forsman
96cacf01bf nix-prefetch-git: run single-threaded 'git repack'
Without this, the generated pack files are non-deterministic.

I didn't notice this issue in my earlier testing, because my test repo
had too few commits for the thread scheduling to take effect. (Test repo
had about 10 commits.)
2014-11-03 22:52:57 +01:00
Peter Simons
a9c53037fa Merge remote-tracking branch 'origin/master' into staging. 2014-11-02 16:15:53 +01:00
Bjørn Forsman
53614cf1a7 nix-prefetch-git: fix determinism with leaveDotGit
Add more files to the delete list:

 * .git/FETCH_HEAD
 * .git/ORIG_HEAD
 * .git/refs/remotes/origin/HEAD
 * .git/config

Further, remove all remote branches, remove tags not reachable from the
given 'rev', do a full repack and then garbage collect unreferenced
objects.

According to my testing, the result is fully deterministic. As in "any
change done to the upstream repo, ahead of 'rev', will not affect the
hash of the resulting 'clone'". Even changing the clone URL will not
change the output hash, because .git/config is removed.

A new version of git can of course change store format, but that's
unavoidable.

For big repositories, the repack operation may be a bit heavy. But as
far as I can see there is no cheaper way to determinism.
2014-11-02 13:15:33 +01:00
Bjørn Forsman
faaa8a6acf nix-prefetch-git: remove unneeded semicolons
Shell isn't Perl ;-)
2014-11-01 15:17:11 +01:00
Bjørn Forsman
8ec8358724 nix-prefetch-git: whitespace cleanup
Use 4 spaces per indent level instead of a mix of 2 spaces, 4 spaces and
hardtab. (According to nixpkgs coding style for shell scripts.)
2014-11-01 13:47:37 +01:00
Peter Simons
b11060d8db Merge remote-tracking branch 'origin/master' into staging. 2014-10-31 11:14:24 +01:00
Eelco Dolstra
2ee8b30b64 stdenv.lib -> lib 2014-10-27 10:25:35 +01:00
Moritz Ulrich
cdd2dd70aa Merge remote-tracking branch 'refs/remotes/origin/master' into chicken-eggs 2014-10-27 01:14:13 +01:00
Raffael Mancini
3ee2ca1d21 Added an up-to-date http debian mirror for those without ftp access. 2014-10-25 17:10:22 +02:00
Eelco Dolstra
f4be4f5e54 Merge remote-tracking branch 'origin/master' into staging 2014-10-24 12:24:13 +02:00
Edward Tjörnhammar
a5af1c228e Adding fetchurl mirrors for roy marples projects(dhcpcd, openresolv) 2014-10-23 19:45:33 +02:00
Vladimír Čunát
2cf17b0802 Merge recent master into staging
Hydra nixpkgs: ?compare=1156478
2014-10-23 17:40:41 +02:00
Ricardo M. Correia
cb95ac1352 Merge pull request #4609 from alexanderkjeldaas/updated-grsec
Updated grsec.
2014-10-22 16:37:21 +02:00
Chris Double
40791a4ec5 Fix build-fhs-chrootenv mount script 2014-10-22 10:39:17 +02:00
Alexander Kjeldaas
005bb796e6 Updated grsec. 2014-10-22 02:18:41 +02:00
Peter Simons
bddf342631 Patch 7a20d76 failed when the Haskell expression lacked a meta attribute. This commit fixes that issue. 2014-10-22 00:23:12 +02:00
Peter Simons
7a20d76482 Disable all Haskell builds for Darwin on Hydra.
Hydra generates a GHC closure for Darwin that for no apparent reason
contains an ancient, broken Haddock binary -- probably because of an
impurity in the build system. That bug makes those GHC binaries
unusable: <https://github.com/NixOS/nixpkgs/issues/2689>.
2014-10-21 23:54:51 +02:00
Shea Levy
3fe41ca763 Debain 7.6-amd64 tarball was updated in place 2014-10-20 15:26:51 -04:00
Shea Levy
652030e85d debian packages tarball was updated in place 2014-10-20 15:23:44 -04:00
Shea Levy
a3ffe238e7 Revert "cabal: enable multi-threaded builds with GHC 7.8.x or later"
This likely exacerbates the non-determinism in ghc package ids, so until
that is fixed let's live with the slow builds.

This reverts commit 817c0e4144.
2014-10-16 13:17:30 -04:00
Nikolay Amiantov
09f33a4389 substituteAllFiles: add derivation
Closes #4145
2014-10-16 15:27:25 +01:00
Moritz Ulrich
e47428d0e2 Infrastructure to build chicken eggs. 2014-10-13 23:29:27 +02:00
Eelco Dolstra
2c65f3fa66 Fix stdenv-native 2014-10-11 23:10:27 +02:00
Eelco Dolstra
79d0d7b437 Unify gcc-wrapper and clang-wrapper 2014-10-11 22:26:39 +02:00
Eelco Dolstra
0d67d13527 gcc-wrapper: Style fix 2014-10-11 22:26:39 +02:00
Eelco Dolstra
02122ccfd0 gcc-wrapper: Style fix 2014-10-11 22:26:39 +02:00
Eelco Dolstra
ffbdcbfe29 gcc-wrapper: Wrap ld.gold
This ensures that gcc's ‘-fuse-ld=gold’ flag works.
2014-10-10 14:55:17 +02:00
Eelco Dolstra
3e0a348728 gcc-wrapper: Get rid of builder.sh + cleanup 2014-10-10 14:55:08 +02:00
Eelco Dolstra
811de3bfaa Merge remote-tracking branch 'origin/staging' into darwin-clang-stdenv
Conflicts:
	pkgs/tools/security/gnupg/default.nix
2014-10-09 10:57:57 +02:00
Eelco Dolstra
51f1b4ec48 Automatically move stuff in lib64 to lib 2014-10-07 15:04:13 +02:00
Eelco Dolstra
ab04b7d0bb Automatically move programs in sbin to bin
This should fix the OpenJDK build, which was failing because paxctl is
in sbin and therefore not automatically added to $PATH.

http://hydra.nixos.org/build/15658346
2014-10-07 14:43:56 +02:00
Eelco Dolstra
a85dcf4a00 Merge remote-tracking branch 'origin/master' into staging
Conflicts:
	pkgs/development/libraries/libav/default.nix
	pkgs/shells/bash/bash-4.2-patches.nix
	pkgs/stdenv/generic/default.nix
2014-10-07 00:09:37 +02:00
Ryan Trinkle
92f8d68b99 Merge branch 'master' of https://github.com/NixOS/nixpkgs
Conflicts:
	pkgs/development/libraries/haskell/ghcjs-dom/default.nix
	pkgs/top-level/haskell-packages.nix
2014-10-06 13:12:58 -04:00
Aristid Breitkreuz
5c0816567d fix fetchurl 2014-10-05 19:23:27 +02:00
Domen Kožar
d6b7778753 fetchurl: fix mirroring after ecf5a08831 2014-10-05 09:53:18 +02:00