Commit graph

1666 commits

Author SHA1 Message Date
Vladimír Čunát
c0599fdd61 Merge #11798: cc-wrapper: fix on darwin 2016-01-25 10:03:42 +01:00
Vladimír Čunát
8f48a9756b cc-wrapper: quote when saving $PATH 2016-01-25 09:54:10 +01:00
Dan Peebles
8f9aea9ccc grsecurity: fix kernel config and uncomment grsecurity kernels 2016-01-23 16:58:44 +00:00
Dan Peebles
33cf0792b1 grsecurity-testing: update patches and associated kernel version 2016-01-23 14:29:34 +00:00
Nikolay Amiantov
f18317885a fhs-userenv: don't use bash login mode
Login mode can cause hidden problems, e.g. #12406. Generally we don't want
to read user's .bash_profile when we don't start an interactive shell inside
a chroot.
2016-01-23 15:55:53 +03:00
Vladimír Čunát
0957359568 Merge branch 'staging' 2016-01-22 13:48:35 +01:00
Rok Garbas
36fc03edb6 fetchgit: import impure GIT_PROXY_COMMAND and SOCKS_SERVER, fixes #8605
These environment variables allow using fetchgit with git:// URLs using
the SOCKS proxy technique described in 'Using Git with a SOCKS proxy':

  http://www.patthoyts.tk/blog/using-git-with-socks-proxy.html

Briefly, GIT_PROXY_COMMAND is set to a script which invokes connect[1],
which reads SOCKS_PROXY, which might be pointing to a local instance of
'ssh -D'.

[1] pkgs/tools/networking/connect
2016-01-20 02:18:22 +01:00
Anthony Cowley
d96893647d cc-wrapper: fix on darwin
The ld-wrapper.sh script calls `readlink` in some circumstances. We need
to ensure that this is the `readlink` from the `coreutils` package so
that flag support is as expected.

This is accomplished by explicitly setting PATH at the top of each shell
script.

Without doing this, the following happens with a trivial `main.c`:

```
nix-env -f "<nixpkgs>" -iA pkgs.clang
$ clang main.c -L /nix/../nix/store/2ankvagznq062x1gifpxwkk7fp3xwy63-xnu-2422.115.4/Library -o a.out
readlink: illegal option -- f
usage: readlink [-n] [file ...]
```

The key element is the `..` in the path supplied to the linker via a
`-L` flag. With this patch, the above invocation works correctly on
darwin, whose native `/usr/bin/readlink` does not support the `-f` flag.

The explicit path also ensures that the `grep` called by `cc-wrapper.sh`
is the one from Nix.

Fixes #6447
2016-01-19 17:47:11 -05:00
Domen Kožar
9c571a98ed Merge pull request #10998 from andrewrynhard/master
Add help flag to nix-prefetch-git
2016-01-19 12:01:55 +01:00
Eelco Dolstra
e210fdd272 Merge pull request #12469 from domenkozar/fetchurl/executable
fetchurl: support executables
2016-01-19 11:27:13 +01:00
Domen Kožar
c7383cb34b fetchurl: support executables 2016-01-19 11:17:49 +01:00
Domen Kožar
3b381d37ee Merge pull request #5096 from aszlig/buildenv-check-collision-contents
buildEnv: Check the content of colliding paths.
2016-01-19 01:00:09 +01:00
Thomas Tuegel
9dfd9fe0bf elpa2nix: fix packages with DOS line endings 2016-01-18 15:29:19 -06:00
Thomas Tuegel
decb5802c9 elpaBuild: factor out package installation
Building packages requires package-build.el from Melpa, but installing
packages only requires package.el. Packages from ELPA are already built,
so there is no need to involve package-build.el.
2016-01-18 15:29:19 -06:00
Thomas Tuegel
1724a07e2e melpaBuild: keep original source file names without hash 2016-01-18 15:29:19 -06:00
Thomas Tuegel
cd54d7af47 melpaBuild: don't download dependencies
Stop package.el from trying to download dependencies. It wouldn't work
anyway.
2016-01-18 15:29:17 -06:00
Thomas Tuegel
18251778c9 melpaBuild: don't guess archive file name
package-build can tell us exactly what the archive file name is, instead
of globbing for it.
2016-01-18 15:29:17 -06:00
Thomas Tuegel
4b2303b8c9 melpaBuild: get Emacs package name from recipe
When building a package from a Melpa recipe file, get the Emacs package
name from the recipe. Nix is more restrictive about packages names than
Emacs, so the Nix name for a package is sometimes different.
2016-01-18 15:29:16 -06:00
Vladimír Čunát
620c147cce Merge branch 'master' into staging 2016-01-18 09:48:49 +01:00
aszlig
bfb11fd030
buildEnv: Skip content check on ignoreCollisions.
Checking file contents is redundant in this case, because we will go
ahead anyway, regardless of whether the content is the same.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-01-18 03:56:09 +01:00
aszlig
4529ed1259
buildEnv: Check the content of colliding paths.
Originally wanted to include ignoreCollisions in cups-progs, but I think
it's better if we use ignoreCollisions only if there are _real_
collisions between files with different contents.

Of course, we also check whether the file permissions match, so you get
a collision if contents are the same but the permissions are different.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-01-18 03:54:22 +01:00
Domen Kožar
36057827f6 requireFile: remove colon from the url for easier copy/paste 2016-01-16 21:58:40 +01:00
Nikolay Amiantov
de9634bba3 Merge pull request #11998 from abbradar/initrd-root
make-initrd: store all files with root as owner
2016-01-16 22:45:49 +03:00
Eelco Dolstra
2fcee55e5f separateDebugInfo: Create symlinks matching original binaries
For instance, a binary like libfoo.so will cause a symlink
lib/debug/libfoo.so.debug -> .build-id/<build-ID>.debug to be
created. This is primarily useful for use with eu-addr2line, if you
know the name of a binary and the relative address, but not the build
ID.
2016-01-15 16:16:11 +01:00
Vladimír Čunát
2d0893088f Merge branch 'master' into staging 2016-01-15 13:43:57 +01:00
Vladimír Čunát
98218971c2 Merge #12299: make firefox-like browsers wrapped by default 2016-01-15 08:53:58 +01:00
Vladimír Čunát
f50d80f627 makeDesktopItem: change name of the derivations
The name wasn't suggesting what kind of stuff is in there;
now it's the same as the name of the file that gets generated.
2016-01-15 08:37:02 +01:00
Domen Kožar
622eb5f699 requireFile: use correct absolute path syntax 2016-01-14 14:13:58 +01:00
lethalman
091c74b1c8 Merge pull request #12062 from mogorman/platformio
platformio: init at 2.7.0
2016-01-13 15:47:25 +01:00
Luca Bruno
4a4561ce24 dockerTools: nix functions for manipulating docker images 2016-01-13 10:27:37 +01:00
Tyson Whitehead
5c89edbc3b buildRustPackage: don't hardcode /nix/store, use $NIX_STORE 2016-01-12 13:45:11 -05:00
Nikolay Amiantov
9124e9584b Merge pull request #11779 from abbradar/fhs-root
chroot-user: don't create new user namespace if we are root
2016-01-12 14:40:45 +03:00
Nikolay Amiantov
ded1a55b8d substituteAllFiles: support postInstall 2016-01-10 06:03:26 +03:00
Eelco Dolstra
64bc8a84a4 Force another rebuild
Unfortunately, yesterday Nix got reverted to a version with broken
passAsFile implementation on some Hydra machines, so we have corrupted
files again. (E.g. http://hydra.nixos.org/build/29777678.) Forcing
another gratuitous rebuild to get rid of them.

(cherry picked from commit 75974d9220b8397c736ada76fb24eb934fa62f6c)
2016-01-07 13:21:16 +01:00
Matthew O'Gorman
c87ef76027
build-fhs-userenv: added the option meta to be passed down to the final derivation. 2016-01-06 04:06:28 -05:00
Eelco Dolstra
38460cfe72 set-source-date-epoch-to-latest.sh: Support Darwin 2016-01-06 00:31:27 +01:00
Eelco Dolstra
81e530a749 Set SOURCE_DATE_EPOCH to latest source file
This provides a timestamp that's more useful than 1970-01-01 yet still
deterministic.
2016-01-05 17:21:48 +01:00
Eelco Dolstra
2b5ed58099 cc-wrapper: Don't mess with __DATE__ and __TIME__
This is handled by $SOURCE_DATE_EPOCH now.
2016-01-05 17:21:48 +01:00
Eric Seidel
a8217711ce fetchgitLocal: make it work in submodules 2016-01-04 15:09:00 -08:00
Dan Peebles
e81ae8e5a0 native-darwin-cctools-wrapper: kill it
Nothing uses it anymore
2016-01-03 20:28:34 -05:00
Michael Raskin
502c791611 update-walker: add a minimal description 2016-01-01 19:07:38 +01:00
Thomas Tuegel
7466e0f264 melpaBuild: accept recipeFile in lieu of fileSpecs 2015-12-29 13:23:49 -06:00
Vladimír Čunát
b91dcad4bc fetchFromBitBucket: auto-remove an impure file
Also fix the hash in goPackages.inflect, the only user of the fetcher ATM.
Closes #12002 (different `inflect` fix), fixes #12012.
Using fetchzip-derived functions is likely more efficient than fetchhg,
and it's lighter on dependencies (hash is the same as with fetchhg in this case).
2015-12-29 16:54:50 +01:00
Nikolay Amiantov
9c431b77ff make-initrd: store all files with root as owner 2015-12-28 12:07:11 +03:00
Thomas Tuegel
688c005608 melpaBuild: update package-build.el 2015-12-27 10:59:27 -06:00
Thomas Tuegel
0b1edac8c0 nix-prefetch-bzr: match path name to fetchbzr name
fetchbzr always uses the derivation name `bzr-export`. nix-prefetch-bzr
should use the same name for its output. This avoids duplicate downloads
and problems with forbidden characters in bazaar repository names.
2015-12-19 09:32:22 -06:00
Thomas Tuegel
55544c1e68 nix-prefetch-zip: keep downloaded file extension
Keep the correct file extension on the downloaded file so that
`unpackFile` will know how to unpack it correctly.
2015-12-19 09:32:22 -06:00
Thomas Tuegel
0bc4af00ee emacsWithPackages: add user documentation 2015-12-19 09:32:16 -06:00
Thomas Tuegel
dadfd93811 emacsWithPackages: know its own package set
Fixes #10819. emacsWithPackages will know its own package set. This
requires it to be in a package set, rather than at the top level, so it
lives in emacsPackagesNg.
2015-12-19 09:31:41 -06:00
Nikolay Amiantov
ed4219964d chrootenv: add setuid wrappers to path 2015-12-17 14:21:17 +03:00