Commit graph

3220 commits

Author SHA1 Message Date
Austin Seipp
ba2f861f05 kernel: stable/longterm updates
- stable:   3.14    -> 3.14.1
 - longterm: 3.10.36 -> 3.10.37
 - longterm: 3.4.86  -> 3.4.86

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-14 19:46:39 -05:00
Ricardo M. Correia
1b113178ee grsecurity: Update test patch from 3.0-3.13.9-201404131254 -> 3.0-3.13.10-201404141717 2014-04-15 00:16:29 +02:00
Ricardo M. Correia
3a1c9a2945 linux: Update to 3.13.10 2014-04-15 00:16:29 +02:00
Eelco Dolstra
73b4b287bb linux: Don't use underscores in the timestamp 2014-04-14 21:06:04 +02:00
John Wiegley
7a59054dce Add a recipe for installing "watch" from procps (#2227) 2014-04-14 09:10:10 -05:00
Bjørn Forsman
1296372681 cifs-utils: update 6.2 -> 6.3
January 9, 2014: Release 6.3:
* fixes for various bugs turned up by Coverity
* clean unused cruft out of upcall binary
* add new pam_cifscreds PAM module for establishing NTLM creds on login
* https://lists.samba.org/archive/samba-technical/2014-January/097124.html
2014-04-13 22:56:21 +02:00
Bjørn Forsman
5e50b35a26 bluez5: remove unneeded libusb dependency
bluez >= 5.9 does not depend on libusb[1].

[1] http://www.bluez.org/release-of-bluez-5-9/
2014-04-13 22:46:47 +02:00
Austin Seipp
788d9a13fb grsecurity: stable/vserver/testing updates
- stable:  201404111812            -> 201404131252
 - vserver: vs2.3.2.16-201404111814 -> vs2.3.2.16-201404131253
 - testing: 201404111815            -> 201404131254

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-13 13:11:17 -05:00
Michael Raskin
e86e76e560 Adding sysdig system call tracer for Linux 2014-04-13 20:49:37 +04:00
Bjørn Forsman
d1f875c6af lttng project: update from 2.3.0 to 2.4.1
(And update liburcu to 0.8.4 according to release notes for lttng 2.4.x.)

In addition to new features and bug fixes, version 2.4.x is needed to build
against Linux 3.12 (our new stable kernel).
2014-04-13 10:47:16 +02:00
Austin Seipp
172dc1336f nixos: add grsecurity module (#1875)
This module implements a significant refactoring in grsecurity
configuration for NixOS, making it far more usable by default and much
easier to configure.

 - New security.grsecurity NixOS attributes.
   - All grsec kernels supported
   - Allows default 'auto' grsec configuration, or custom config
   - Supports custom kernel options through kernelExtraConfig
   - Defaults to high-security - user must choose kernel, server/desktop
     mode, and any virtualisation software. That's all.
   - kptr_restrict is fixed under grsecurity (it's unwriteable)
 - grsecurity patch creation is now significantly abstracted
   - only need revision, version, and SHA1
   - kernel version requirements are asserted for sanity
   - built kernels can have the uname specify the exact grsec version
     for development or bug reports. Off by default (requires
     `security.grsecurity.config.verboseVersion = true;`)
 - grsecurity sysctl support
   - By default, disabled.
   - For people who enable it, NixOS deploys a 'grsec-lock' systemd
     service which runs at startup. You are expected to configure sysctl
     through NixOS like you regularly would, which will occur before the
     service is started. As a result, changing sysctl settings requires
     a reboot.
 - New default group: 'grsecurity'
   - Root is a member by default
   - GRKERNSEC_PROC_GID is implicitly set to the 'grsecurity' GID,
     making it possible to easily add users to this group for /proc
     access
 - AppArmor is now automatically enabled where it wasn't before, despite
   implying features.apparmor = true

The most trivial example of enabling grsecurity in your kernel is by
specifying:

    security.grsecurity.enable          = true;
    security.grsecurity.testing         = true;      # testing 3.13 kernel
    security.grsecurity.config.system   = "desktop"; # or "server"

This specifies absolutely no virtualisation support. In general, you
probably at least want KVM host support, which is a little more work.
So:

    security.grsecurity.enable = true;
    security.grsecurity.stable = true; # enable stable 3.2 kernel
    security.grsecurity.config = {
      system   = "server";
      priority = "security";
      virtualisationConfig   = "host";
      virtualisationSoftware = "kvm";
      hardwareVirtualisation = true;
    }

This module has primarily been tested on Hetzner EX40 & VQ7 servers
using NixOps.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-11 22:43:51 -05:00
Austin Seipp
acbf28145c nixos: make several kernel common-config options optional
Realistically, common-config is useful, but there are a lot of things in
there that are non-optionally specified that aren't always useful. For
example, when deploying grsecurity, I don't want the bluetooth,
wireless, or input joystick/extra filesystem stack (XFS, etc), nor the
staging drivers tree.

The problem is that if you specify this in your own kernel config in the
grsecurity module, by saying 'BT n' to turn off bluetooth,
common-config turns on 'BT_HCIUART_BCSP y', which then becomes unused
and errors out.

This is really just an arbitrary picking at the moment, but it should be
OK.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-11 22:39:29 -05:00
Mathijs Kwik
5a3fa7f88f nvidia-x11: patch for kernel 3.14 support 2014-04-11 23:40:16 +02:00
Peter Simons
3c7f5870e3 Merge pull request #2197 from offlinehacker/pkgs/lxc/rootfs_fix
lxc: set rootfs path somewhere outside /nix/store
2014-04-10 12:34:08 +02:00
Mathijs Kwik
4219eb430d intel-microcode: upgrade to 20140122 2014-04-10 11:57:20 +02:00
Jaka Hudoklin
c7e94de91f lxc: set rootfs path somewhere outside /nix/store
This commit fixes lxc to eventually work
2014-04-10 11:46:06 +02:00
Ricardo M. Correia
5dfc6584a5 grsecurity: Update stable patch from 3.0-3.2.56-201404062126 -> 3.0-3.2.57-201404091758 2014-04-10 00:37:33 +02:00
Ricardo M. Correia
c50abd0e13 linux: Update to 3.2.57 2014-04-10 00:37:33 +02:00
Peter Simons
2cc462eb11 lxc: update from 1.0.1 to 1.0.3 2014-04-09 12:41:10 +02:00
Peter Simons
30aa995a42 busybox: update from 1.21.1 to 1.22.1 2014-04-09 12:41:10 +02:00
Austin Seipp
3ff158289a lockdep: refactor into non-kernel package
Lockdep doesn't *really* require the kernel package - just the kernel
sources. It's really a user-space tool just compiled from some portable
code within the kernel, nothing more.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-08 19:21:55 -05:00
Eelco Dolstra
2ba552fb2e Revert "Fix services.udisks.enable."
This reverts commit 02a30bea44,
necessary after reverting to udisks 1.0.4.

http://hydra.nixos.org/build/10194840
2014-04-08 13:28:24 +02:00
Austin Seipp
05ec851050 kernel: longterm updates
- longterm: 3.4.85  -> 3.4.86
 - longterm: 3.10.35 -> 3.10.36
 - longterm: 3.12.15 -> 3.12.17

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-07 13:56:50 -05:00
Austin Seipp
4dc15c087a musl: version 1.0.0
NB: This currently doesn't add a working musl-wrapper around musl-gcc to
allow it to work properly (musl has its own dynamic linker as well as
libc too which must be accounted for). But at the moment it builds fine,
and I plan on working more on it in the future. So lets get it
integrated and building on Hydra.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-07 10:31:31 -05:00
Ricardo M. Correia
807fad571a grsecurity: Update stable and test patches
stable: 3.0-3.2.56-201404012135 -> 3.0-3.2.56-201404062126
test:   3.0-3.13.8-201404011912 -> 3.0-3.13.9-201404062127
2014-04-07 15:31:12 +02:00
Ricardo M. Correia
c494289c12 linux: Update to 3.13.9 2014-04-07 15:31:12 +02:00
Eelco Dolstra
59ea2d7ba5 Apply patch for CVE-2014-0004 to udisks-1.0.4
(cherry picked from commit 3b1f9899618f81794ce8b88fe4eaa867e549eb06)
2014-04-07 13:22:12 +02:00
Eelco Dolstra
fa6b9baea9 Revert "udisks1: bump to fix CVE-2014-0004"
This reverts commit 0194a44d63c613065bb5c55d50470881c00563c2 because
it breaks udisks on 13.10 (e.g. running "udisks --enumerate" will
print "Unit udisks.service failed to load").

(cherry picked from commit d7daf1a47f0d3d759555a3f0a0f09398c69c6b28)
2014-04-07 13:22:12 +02:00
Shea Levy
9949d0255e Merge branch 'make-the-kernel-build-repeatable' of git://github.com/alexanderkjeldaas/nixpkgs
Make the kernel build and initrd generation binary repeatable (#2128)
2014-04-06 17:02:16 -04:00
Austin Seipp
ef903555fd gradm: learn of all accesses for /nix/store
This is necessary for gradm's learning mode to work, as otherwise the
/nix/store directory is marked hidden, which causes the kernel to reject
the linker loading ld-linux.so

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-06 21:51:35 +02:00
Austin Seipp
784062214c gradm: fix gradm_pam path
We alredy rewrote /sbin/gradm, which technically matches
/sbin/gradm_pam, so this ends up working exactly as we want. Otherwise
we rewrite twice and gradm can't execute the PAM module with '-p'

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-06 21:51:26 +02:00
Shea Levy
d35619429a Merge branch 'cache.su' of git://github.com/wkennington/nixpkgs
su: Make the su package a provider of only the su binary

Fixes #1877
2014-04-05 18:49:30 -04:00
William A. Kennington III
28ab3acb58 su: Make the su package a provider of only the su binary
Additionally, provide su with the base system and remove su from the
util-linux package as it is now provided by shadow.
2014-04-05 16:01:52 -05:00
Alexander Kjeldaas
4aeb10b09a Make cpufrequtils compilation pure. 2014-04-05 09:08:05 +02:00
Alexander Kjeldaas
c69eb7c2c1 Remove timestamp from the kernel. 2014-04-05 08:40:55 +02:00
Evgeny Egorochkin
9f957d054f hostapd: update from 2.0 to 2.1 2014-04-03 07:05:07 +03:00
Shea Levy
0c66dbaee6 Enable CC_STACKPROTECTOR_REGULAR on linux 3.14+ 2014-04-02 17:58:54 -04:00
Vladimír Čunát
8146737127 Merge #2090: add new lockdep tool from Linux 3.14 2014-04-02 20:55:30 +02:00
Ricardo M. Correia
52d233af22 grsecurity: Update stable patch from 3.0-3.2.55-201403300851 -> 3.0-3.2.56-201404012135 2014-04-02 15:11:33 +02:00
Ricardo M. Correia
e8c6c60b93 linux: Update to 3.2.56 2014-04-02 15:11:32 +02:00
Domen Kožar
f7b19ea8b3 typo 2014-04-02 12:40:59 +02:00
Ricardo M. Correia
407a6857c6 grsecurity: Update stable and test patches
stable: 3.0-3.2.55-201403252026 -> 3.0-3.2.55-201403300851
test:   3.0-3.13.7-201403252047 -> 3.0-3.13.8-201404011912
2014-04-02 02:16:59 +02:00
Austin Seipp
19bc051ca1 kernel: stable/longterm updates
- longterm: 3.4.83  -> 3.4.85
 - longterm: 3.10.33 -> 3.10.35
 - longterm: 3.12.14 -> 3.12.15
 - stable:   3.13.7  -> 3.13.8

NOTE: This will break the testing grsec kernel at the moment (there's
not a 3.13.8 patch yet), but it's destined to be upgraded to 3.14 soon
anyway.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-01 11:11:10 +02:00
Austin Seipp
7288f25bd1 kernel: stable/longterm updates
- longterm: 3.4.83  -> 3.4.85
 - longterm: 3.10.33 -> 3.10.35
 - longterm: 3.12.14 -> 3.12.15
 - stable:   3.13.7  -> 3.13.8

NOTE: This will break the testing grsec kernel at the moment (there's
not a 3.18.8 patch yet), but it's destined to be upgraded to 3.14 soon
anyway.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-01 03:03:00 -05:00
Austin Seipp
1459896be1 kernel: add myself to maintainer list
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-01 02:59:20 -05:00
Austin Seipp
bdff718c5b kernel: add lockdep expression
Lockdep is the kernel's locking validation/debugging tool and has seen
heavy pro-active usage and development. In Linux 3.14, it's now
available directly to userspace for the same purpose. It comes with a
convenient utility to LD_PRELOAD a shared library for validation, or a
user-space API to link to directly.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-01 01:20:46 -05:00
Austin Seipp
9493159017 kernel: remove 3.11 series (EOL)
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-01 00:56:23 -05:00
Shea Levy
2d4ce25b5b Add linux 3.14 2014-03-31 20:54:47 -04:00
Domen Kožar
c6ebbd29e5 add v4l2loopback: a kernel module to create V4L2 loopback devices 2014-03-31 20:02:53 +02:00
ambrop7@gmail.com
bc2984d77d nvidia-x11: Fix build with kernel 3.13. 2014-03-29 23:35:14 +01:00
Shea Levy
701cb6b099 Merge branch 'nixos/containers/fix1' of git://github.com/offlinehacker/nixpkgs
nixos: fix linux containers (systemd-nspawn, lxc, lxc-libvirt)
2014-03-28 23:39:01 -04:00
Eelco Dolstra
98c3caed93 nvidia-x11: Update to 331.49 2014-03-28 16:43:56 +01:00
Ricardo M. Correia
911f332279 grsecurity: Update stable and test patches
stable: 3.0-3.2.55-201403202347 -> 3.0-3.2.55-201403252026
test:   3.0-3.13.6-201403202349 -> 3.0-3.13.7-201403252047
2014-03-26 23:07:57 +00:00
Ricardo M. Correia
1c73e6f9d8 linux: Update to 3.13.7 2014-03-26 23:07:57 +00:00
Moritz Ulrich
02a30bea44 Fix services.udisks.enable.
Latest update to udisks in 344f2e65 broke it for me. Fix it by doing the
following:

- Add udisks.service to /etc/systemd/system (via systemd.packages)
- Fix path to udisks-daemon in udisks.service (libexec/ instead of lib/)
2014-03-25 16:52:45 +01:00
Jaka Hudoklin
70a4c7b1df nixos: fix linux containers (systemd-nspawn, lxc, lxc-libvirt)
- Make dhcp work, use dhcpcd without udev in container
- Make login shell work, patch getty to not wait for /dev/tty0
- Make ssh work, sshd/pam do not start session
2014-03-24 23:59:50 +01:00
Mathijs Kwik
231f6c5460 psmisc: the tarball got updated upstream
looking at our git history, I think it is very peculiar that we
managed to have this version (22.21) 2 months before release :)

So I think we were using some beta/rc that accidentally got called
22.21
2014-03-24 10:35:52 +01:00
Ricardo M. Correia
f63d2dba0a pax-utils: Update from 0.7 -> 0.8.1 2014-03-21 16:14:17 +01:00
Ricardo M. Correia
9db587bf7d grsecurity: Update stable and test patches
stable: 3.0-3.2.55-201403172027 -> 3.0-3.2.55-201403202347
test:   3.0-3.13.6-201403172032 -> 3.0-3.13.6-201403202349
2014-03-21 15:41:32 +01:00
Vladimír Čunát
00cfc70b10 linux: update to 3.12.14 and 3.10.33 2014-03-21 15:38:52 +01:00
Evgeny Egorochkin
5115636037 bluez5: update from 5.12 to 5.16 2014-03-21 16:04:15 +02:00
Shea Levy
e4961c63f7 Remove sec_perm patch that was needed by AUFS
Now the kernel is unpatched by default on non-MIPS!
2014-03-21 04:37:23 -04:00
Shea Levy
f4c989ede4 Merge branch 'master' of git://github.com/hrdinka/nixpkgs
conky: add config options
2014-03-20 20:14:14 -04:00
Austin Seipp
9bcc48a4b2 criu: attempt to fix doc building on Hydra
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-03-20 14:01:57 -05:00
Austin Seipp
7dcf9f6907 criu: only supported on 64-bit
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-03-20 13:41:05 -05:00
Vladimír Čunát
8a8ae81e40 acpid: update from 2.0.21 to 2.0.22 2014-03-19 21:56:48 +01:00
Vladimír Čunát
3cf4029981 Merge pull request #1972 from vcunat/p/procps
procps-ng: make it the default procps (name and attr)
2014-03-19 17:54:30 +01:00
Ricardo M. Correia
cc69228119 grsecurity: Update stable and test patches
stable: 3.0-3.2.55-201403142107 -> 3.0-3.2.55-201403172027
test:   3.0-3.13.6-201403142112 -> 3.0-3.13.6-201403172032
2014-03-18 16:51:25 +01:00
Eelco Dolstra
c0f3f6e396 linux: Update to 3.4.83 2014-03-17 11:25:48 +01:00
mornfall
ec353692ad Merge pull request #1849 from thoughtpolice/criu
criu: version 1.2
2014-03-16 22:58:54 +01:00
Vladimír Čunát
ca09a878d0 procps-ng: make it the default procps (name and attr) 2014-03-16 19:07:38 +01:00
Austin Seipp
47b35d5e80 criu: version 1.2
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-03-16 07:16:34 -05:00
Christoph Hrdinka
26d5d506c9 conky: add config options 2014-03-16 12:30:15 +01:00
Cillian de Róiste
b57ee8c331 nixpkgs-lint: add the platforms meta attr for most of my packages 2014-03-16 12:08:26 +01:00
Ricardo M. Correia
e76c059b23 grsecurity: Fix grsec-path.patch to apply with newest patches 2014-03-15 18:01:47 +01:00
Peter Simons
f1a30454f6 Merge pull request #1942 from thoughtpolice/fixups
Trivial fixes for my packages
2014-03-15 09:35:35 +01:00
Ricardo M. Correia
ceec014020 grsecurity: Update stable and test patches
stable: 3.0-3.2.55-201403122114 -> 3.0-3.2.55-201403142107
test:   3.0-3.13.6-201403122116 -> 3.0-3.13.6-201403142112
2014-03-15 04:15:28 +01:00
Ricardo M. Correia
3c97fdc7a8 spl, zfs: Add myself as a maintainer 2014-03-15 02:01:57 +01:00
Shea Levy
602cf8d78c Merge branch 'u/zfs-import' of git://github.com/wizeman/nixpkgs
zfs: Misc fixes
2014-03-14 19:40:34 -04:00
Shea Levy
0c12dd3ded Merge branch 'pkgs/systemd/journald_http_gateway' of git://github.com/offlinehacker/nixpkgs
systemd: python support & journal http gateway

Conflicts:
	nixos/modules/misc/ids.nix
2014-03-14 19:16:59 -04:00
Shea Levy
3f6603a80e Fix alsa-utils 2014-03-14 09:08:04 -04:00
Nixpkgs Monitor
69fff447aa alsaUtils: update from 1.0.27 to 1.0.27.2 2014-03-14 11:16:56 +01:00
Vladimír Čunát
d6349df0dd put systemd unit dirs on the right place
Also see #1936.
2014-03-13 21:44:51 +01:00
Vladimír Čunát
344f2e6518 udisks1: bump to fix CVE-2014-0004
Also systemd unit is now installed.
Thanks to nixpkgs monitor again, as for all my CVE commits.
2014-03-13 21:16:50 +01:00
Shea Levy
0f72effdd9 The derivation primop doesn't play well with null outputs attribute 2014-03-13 15:05:15 -04:00
Evgeny Egorochkin
0ffbfd38bf udisks2: update from 2.1.1 to 2.1.3, potentially fixes CVE-2014-0004 2014-03-13 08:59:25 +02:00
Ricardo M. Correia
86b8cf954a grsecurity: Update stable and test patches
stable: 3.0-3.2.55-201403072107 -> 3.0-3.2.55-201403122114
test:   3.0-3.13.6-201403072241 -> 3.0-3.13.6-201403122116
2014-03-13 02:28:58 +01:00
Domen Kozar
059e8e179b set all licenses to be attributes (and wait for Nix 1.7) 2014-03-12 21:20:43 +01:00
Peter Simons
24d0e07a47 wpa_supplicant: cosmetic to un-break syntax highlighting 2014-03-11 12:34:48 +01:00
Peter Simons
813533f49a wpa_supplicant: cherry-pick future patch that disable strict SSL certificate checks
Close #1913.
2014-03-11 12:34:33 +01:00
Ricardo M. Correia
d999872b8d grsecurity: Update stable and test patches
stable: 3.0-3.2.55-201403022154 -> 3.0-3.2.55-201403072107
test:   3.0-3.13.5-201403031445 -> 3.0-3.13.6-201403072241
2014-03-10 17:23:17 +01:00
Ricardo M. Correia
9b650b074b linux: Update to 3.13.6 2014-03-10 17:23:17 +01:00
Bjørn Forsman
8d18d58f91 can-utils: new package
CAN userspace utilities and tools (for use with Linux SocketCAN).

There is no real "homepage" for this project (the only thing I could
find was the gitorious page) and they haven't produced any proper
releases (source archives and/or git tags), even though git history goes
back to 2006 and things seem stable.
2014-03-09 14:19:39 +01:00
Peter Simons
c9f64fb8ba lxc: update from 1.0.0 to 1.0.1 2014-03-08 12:47:18 +01:00
Austin Seipp
fb055c10f6 Make my packages slightly more consistent.
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-03-07 20:27:02 -06:00
Rob Vermaas
7047235acb Now properly add nvidiabl. 2014-03-07 16:08:38 +01:00
Domen Kožar
339651b855 Merge pull request #1817 from wkennington/cache.wpasupplicant
wpa_supplicant: Update 2.0 -> 2.1
2014-03-07 13:20:39 +01:00
Ricardo M. Correia
a7e65a8a95 zfs: Fix compilation on 3.13 and later kernels 2014-03-04 12:58:59 +01:00
Ricardo M. Correia
c5b3257388 spl: Fix compilation on 3.13 and later kernels 2014-03-04 12:58:55 +01:00
Ricardo M. Correia
17073197e9 spl: Fix compilation on 3.12 and later kernels 2014-03-04 12:58:39 +01:00
Ricardo M. Correia
d01242edb8 zfs: Fix minor filesystem corruption with gcc 4.8
It turns out that some of gcc 4.8's aggressive optimizations may
cause minor filesystem corruption in ZFS. To fix it, a patch was
cherry-picked from the upstream's git tree.

See: https://github.com/zfsonlinux/zfs/pull/2051
2014-03-04 12:58:11 +01:00
Ricardo M. Correia
e0fe5e7c38 zfs: Fix libblkid detection (backport from upstream)
This fixes issues with importing ZFS pools, such as when the ZFS device is a
partition that covers the end of the disk.

See: https://github.com/zfsonlinux/zfs/issues/1684
2014-03-04 12:58:11 +01:00
Moritz Ulrich
5d05dde655 ldm: Use meta.repositories.git.
Improves reliability of nixpkgs-monitor.
2014-03-04 12:44:15 +01:00
Austin Seipp
c4d5757e29 grsecurity updates
- stable:  3.0-3.2.55-201402241936 -> 3.0-3.2.55-201403022154
  - testing: 3.0-3.13.5-201402241943 -> 3.0-3.13.5-201403031445

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-03-04 01:13:22 +01:00
Corey O'Connor
19c59ab984 upgrade bbswitch to 0.8 2014-03-04 01:05:12 +01:00
mornfall
528b600ec6 Merge pull request #1867 from thoughtpolice/fixes
Some minor fixes for my packages - ktap, cb0cat, etc
2014-03-03 20:36:08 +01:00
William A. Kennington III
a19cf91652 wpa_supplicant: Update 2.0 -> 2.1 2014-03-03 10:26:04 -06:00
Peter Simons
f9af98f1fd ipsecTools: update from 0.8.1 to 0.8.2 2014-03-03 11:10:24 +01:00
Ricardo M. Correia
69a83ba99f grsecurity: Update stable and test patches
stable: 3.0-3.2.55-201402221305 -> 3.0-3.2.55-201402241936
test:   3.0-3.13.4-201402221308 -> 3.0-3.13.5-201402241943
2014-03-03 02:16:58 +01:00
Ricardo M. Correia
8109de905a linux: Update to 3.13.5 2014-03-03 02:16:50 +01:00
Austin Seipp
812d17f177 ktap: don't use FFI by default
It's not yet supported on i386 - instead, make it optional and
controlled by a `useFFI` attribute.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-03-02 06:16:56 -06:00
Austin Seipp
73bcce319b ktap: Update to 0.5-e7a38ef0
This adds a new, useful net library as well.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-03-02 05:52:36 -06:00
Austin Seipp
6a88b95ac7 checksec: add homepage
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-03-02 05:51:49 -06:00
Ricardo M. Correia
84011efb74 paxctl: Use http instead of https
This is needed since paxctl is going to be added to stdenv but
early stdenv curl does not support https.
2014-02-28 00:15:55 +01:00
mornfall
5fe6abc099 Merge pull request #1824 from thoughtpolice/ktap
ktap: add v0.5-dev from git
2014-02-27 19:48:29 +01:00
mornfall
2d9492b14d Merge pull request #1793 from thoughtpolice/reptyr
reptyr: version 0.5
2014-02-27 19:47:19 +01:00
Evgeny Egorochkin
05c19ced9b linuxPackages_3_12.perf: update from 3.12.12 to 3.12.13 2014-02-26 20:49:27 +02:00
Peter Simons
2dc6bcbc40 libselinux: update from 2.2.1 to 2.2.2 2014-02-24 22:04:40 +01:00
Peter Simons
9f714fbafa iw: update from 3.11 to 3.14 2014-02-24 22:04:40 +01:00
Peter Simons
01aaf816c9 acpid: update from 2.0.20 to 2.0.21 2014-02-24 22:04:40 +01:00
Peter Simons
abca8f64f2 lxc: update from 1.0.0.beta4 to 1.0.0 2014-02-24 21:17:55 +01:00
Austin Seipp
60728bc46c ktap: add v0.5-dev from git
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-02-23 22:29:56 -06:00
Austin Seipp
7f4b97d495 grsecurity: stable/testing updates
- stable:  3.0-3.2.55-201402201903 -> 3.0-3.2.55-201402221305
 - testing: 3.0-3.13.4-201402201908 -> 3.0-3.13.4-201402221308

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-02-22 20:29:25 +01:00
Ricardo M. Correia
6554a490f6 gradm, pax-utils, paxctl: Add myself as a maintainer 2014-02-22 20:17:00 +01:00
Ricardo M. Correia
4ee12df331 pax-utils: Fix URL 2014-02-22 19:25:33 +01:00
Ricardo M. Correia
bf02ae28d6 gradm: Fix URL 2014-02-22 19:25:33 +01:00
Ricardo M. Correia
1b60ee5f67 paxctl: Fix URL 2014-02-22 19:17:53 +01:00
Ricardo Correia
39fbd8f4fb Merge pull request #1771 from thoughtpolice/grsec-tools
grsecurity: add gradm, paxctl, and pax-utils (take #2)
2014-02-22 18:14:57 +01:00
Vladimír Čunát
351f704091 Merge x-updates into master
There's a major dbus bump (1.6 -> 1.8), and various minor fixes and updates.
2014-02-22 11:28:51 +01:00
Austin Seipp
4631a65c43 grsecurity: add pax-utils-0.7
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-02-21 13:17:56 -06:00
Austin Seipp
c2e4ccd4ad grsecurity: add paxctl-0.7
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-02-21 13:17:53 -06:00
Austin Seipp
f1459cd4b0 grsecurity: add gradm-3.0-201401291757
This also ensures the appropriate udev rules are installed.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-02-21 13:14:11 -06:00
Ricardo Correia
308015e213 Merge pull request #1801 from thoughtpolice/kernel-grsec
kernel: stable updates, grsecurity patch updates
2014-02-21 19:23:49 +01:00
Domen Kožar
368839c703 Merge pull request #1467 from iElectric/buildPythonPackage-refactor
buildPythonPackage refactoring
2014-02-21 18:33:48 +01:00
Domen Kožar
f1db57f1fe buildPythonPackage: fix more borken packages 2014-02-21 18:29:57 +01:00
Austin Seipp
18f65f3640 grsecurity: stable/testing updates
- stable:  3.0-3.2.55-201402192249 -> 3.0-3.2.55-201402201903
  - testing: 3.0-3.13.3-201402192252 -> 3.0-3.13.4-201402201908

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-02-20 20:21:16 -06:00
Austin Seipp
a1dc5ea707 kernel: stable updates
- 3.13 stable:   3.13.3  -> 3.13.4
 - 3.12 stable:   3.12.11 -> 3.12.12
 - 3.10 longterm: 3.10.30 -> 3.10.31
 - 3.4  longterm: 3.4.80  -> 3.4.81

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-02-20 20:21:11 -06:00
Vladimír Čunát
ae5d8f6768 Merge master into x-updates 2014-02-20 20:55:31 +01:00
Ricardo Correia
1c645521bd Merge pull request #1796 from thoughtpolice/grsec
grsecurity: stable/testing updates
2014-02-20 14:18:29 +01:00
Rob Vermaas
cf00cd5e36 Add support for printing qr code for google-authenticator. 2014-02-20 12:30:49 +01:00
Austin Seipp
58e08a1a4f grsecurity: stable/testing updates
- stable:  3.0-3.2.55-201402152203 -> 3.0-3.2.55-201402192249
  - testing: 3.0-3.13.3-201402152204 -> 3.0-3.13.3-201402192252

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-02-20 04:53:19 -06:00
Austin Seipp
7411fabd3e checksec: version 1.5
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-02-20 04:26:17 -06:00
Austin Seipp
e43130d379 reptyr: version 0.5
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-02-19 15:05:36 -06:00
Austin Seipp
c137015328 grsecurity updates.
- stable:  3.0-3.2.54-201402062221 -> 3.0-3.2.55-201402152203
  - testing: 3.0-3.13.3-201402132113 -> 3.0-3.13.3-201402152204

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-02-17 07:27:51 -06:00
Austin Seipp
8e349e721c linux: 3.2.54 -> 3.2.55
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-02-17 07:27:51 -06:00
William A. Kennington III
52248aa7a2 kernel: 3.12.10 -> 3.12.11 (close #1743) 2014-02-16 14:20:09 +01:00
Vladimír Čunát
96f07fa74e Merge master into x-updates 2014-02-16 11:45:02 +01:00
Vladimír Čunát
57240400cb nvidia driver: allow building on Hydra, maintain
The stuff is unfree, but distribution in any form *is* encouraged, c.f.
http://metadata.ftp-master.debian.org/changelogs//non-free/n/nvidia-graphics-drivers/nvidia-graphics-drivers_319.82-1_copyright
2014-02-16 10:07:31 +01:00
Vladimír Čunát
180e5ca0db nvidia driver: fix eval with older kernels (e.g. 3.10) 2014-02-16 09:53:15 +01:00
Cillian de Róiste
93f7b77067 xf86_input_wacom: update from 0.20.0 to 0.23.0 2014-02-15 20:45:10 +01:00
William A. Kennington III
bdb842d5eb Move all db4 packages to the default db5 2014-02-15 12:03:02 +01:00
Evgeny Egorochkin
daa2827b99 grsecurity: update patch 2014-02-14 18:13:05 +02:00
Evgeny Egorochkin
fc213ccfa8 linux_3_13: update from 3.13.2 to 3.13.3 2014-02-14 16:56:38 +02:00
Evgeny Egorochkin
699509db14 linux_3_10: update from 3.10.29 to 3.10.30 2014-02-14 16:55:44 +02:00
Evgeny Egorochkin
ad4e2bd499 linux_3_4: update from 3.4.79 to 3.4.80 2014-02-14 16:55:44 +02:00
Evgeny Egorochkin
69f4bdac6e linux: add git repository and branch meta 2014-02-14 10:45:36 +02:00
Peter Simons
869402ef22 lxc: update from 1.0.0.beta2 to 1.0.0.beta4 2014-02-13 23:22:16 +01:00
Karn Kallio
b2f9e1d4f7 nvidia-x11: bump version and add patch for kernel 3.13 2014-02-12 11:08:28 +01:00
Vladimír Čunát
dfdf164f87 Merge master into x-updates
Conflicts (trivial):
	pkgs/games/spring/default.nix
2014-02-10 19:15:58 +01:00
Cillian de Róiste
00b1461e4f ATI-driver: the hash has changed, reported by: @ikervagyok 2014-02-10 16:42:02 +01:00
Ricardo M. Correia
b31547654d grsecurity: Update stable and test patches
stable: 3.0-3.2.54-201401191012 -> 3.0-3.2.54-201402062221
test:   3.0-3.12.8-201401191015 -> 3.0-3.13.2-201402062224
2014-02-08 16:16:58 +01:00
Ricardo M. Correia
31fa2cd52b grsecurity: Fix building grsec-3.x.0 kernels 2014-02-08 15:16:40 +00:00
Vladimír Čunát
24029ec478 linux: minor updates 3.12.10, 3.10.29, 3.4.79 2014-02-08 11:54:16 +01:00
Vladimír Čunát
9b69117fec Merge master into x-updates 2014-02-08 09:12:51 +01:00
Vladimir Still
d3979b659c perf: Make build fix for 3.13 cleaner. 2014-02-07 22:53:55 +01:00
Vladimir Still
70e4f8f928 perf: Allow proceeding in build even if patch fails.
Patching fails for linux 3.13 but it builds OK.
2014-02-07 18:16:24 +01:00
Mathijs Kwik
896ae598d1 Merge pull request #1698 from wkennington/master.kernel
kernel: Upgrade from 3.13.1 -> 3.13.2
2014-02-07 06:42:53 +01:00
Corey O'Connor
7a653e5156 add guvcview package 2014-02-07 00:01:40 +00:00
William A. Kennington III
346bfc28ea kernel: Upgrade from 3.13.1 -> 3.13.2 2014-02-06 16:30:40 -06:00
Jaka Hudoklin
ae9c22df3f systemd: enable journal http gateway by adding libmicrohttp 2014-02-06 16:18:25 +01:00
Jaka Hudoklin
09dd6a64fc systemd: add optional python support 2014-02-06 16:18:24 +01:00
Vladimír Čunát
be70104a3a Merge master into x-updates
Conflicts (taken master):
	pkgs/development/compilers/llvm/3.4/llvm.nix
2014-02-04 22:00:09 +01:00
Evgeny Egorochkin
832324d5eb lm_sensors: update from 3.3.4 to 3.3.5 2014-02-04 21:58:25 +02:00
Vladimír Čunát
cbba3f90da re-merge #1618: use ubuntu module blacklists by default
I'm sorry, previously I merged an outdated reference,
so only the old version of the PR got into master up to now.
2014-02-04 18:02:19 +01:00
Shea Levy
608cee44cc kmod: bump
Signed-off-by: Shea Levy <shea@shealevy.com>
2014-02-03 18:42:04 -05:00
Michael Raskin
ba4461f96f Fix wvdial build by inserting missing unistd.h includes 2014-02-02 19:21:08 +04:00
Vladimír Čunát
b5a32b3944 Merge #1618: use ubuntu module blacklists by default 2014-02-02 15:51:07 +01:00
Vladimír Čunát
6e2d3b9847 Merge master into x-updates 2014-02-02 10:05:25 +01:00
Vladimír Čunát
80f8b2cfbd kmod-blacklist-ubuntu: fix references to binaries 2014-02-02 09:45:59 +01:00
Vladimír Čunát
22690a8cd5 kmod-blacklist-ubuntu: fetch from tar.gz, not bazaar
Now the source is just a miniature archive.
2014-02-02 09:41:11 +01:00
William A. Kennington III
f9f065a178 kernel: Upgrade from 3.13.0 -> 3.13.1 2014-01-31 15:28:50 -06:00
Eelco Dolstra
b913a2eb81 linux: Update to 3.4.78 2014-01-31 18:00:13 +01:00
Domen Kožar
aa595f3cf1 Merge pull request #1628 from tomberek/alienfx_libusb
Add #include <unisted.h> for sleep and usleep
2014-01-29 08:57:20 -08:00
Petr Rockai
4124bb9ff5 Adopt more packages. 2014-01-28 18:11:00 +01:00
Vladimír Čunát
908ce109f9 Merge master into x-updates (the binutils change) 2014-01-28 18:00:29 +01:00
Petr Rockai
6f5be260b4 Adopt packages. 2014-01-28 17:31:17 +01:00
Vladimír Čunát
5acaa980a5 pull module blacklist from Ubuntu and use it by default
People often have serious problems due to bogus modules like *fb.
2014-01-28 12:52:36 +01:00
Vladimír Čunát
9739171cd4 Merge pull request #1567 from wizeman/u/grsec-upd-and-fix
grsecurity: Fix build and update patches
2014-01-28 03:41:05 -08:00
Vladimír Čunát
69b4bef3f3 Merge master into x-updates 2014-01-28 02:32:27 +01:00
Eelco Dolstra
1348aa5c42 rfkill: Update to 0.5 2014-01-27 17:58:25 +01:00
Vladimír Čunát
a9caafa0ea linux kernel updates to 3.4.77, 3.10.28 and 3.12.9
I tested they still build on x86_64.
2014-01-26 17:07:31 +01:00
William A. Kennington III
8bc7c9f66d linux: Update from 3.12.7 -> 3.12.8 2014-01-26 15:48:18 +01:00
William A. Kennington III
c47dc47083 linux: Update from 3.10.25 -> 3.10.27 2014-01-26 15:48:05 +01:00
Domen Kožar
a7d0a53d9e merge 2014-01-26 09:58:47 +01:00
Vladimír Čunát
5fb366d1e5 xorg: move nouveau driver here, some updates of modules
It seems that most of the modules is rarely used, but still.

Some of the updated modules don't build, just as they didn't before.
2014-01-26 09:03:01 +01:00
Domen Kožar
e505c8927d upower: add gobject introspection 2014-01-26 00:15:05 +01:00
Peter Simons
58f1520726 lxc: update from 1.0.0.beta1 to 1.0.0.beta2 2014-01-25 20:58:49 +01:00
Thomas Bereknyei
c17e6d6968 Add #include <unisted.h> for sleep and usleep 2014-01-25 13:46:48 -05:00
Petr Rockai
28f0ec6540 linux-perf: Fix build (unportable shell hack broke). 2014-01-25 16:30:14 +01:00
Vladimír Čunát
83b354e4f9 linuxHeaders: add meta, incl. platforms = linux;
Noted by @mornfall. The built package has ~5 MB uncompressed,
but just the Linux tarball has ~40 MB compressed...
2014-01-25 15:35:52 +01:00
Jaka Hudoklin
e0000f8ad1 ati-drivers: update to 13.12 (close #1569)
This update is mostly effort from @MarcWeber and @vcunat, now tested on real
hardware making sure it works with multiple GPUs and opencl.
2014-01-23 12:11:28 +01:00
Shea Levy
ca116f76f9 Unmaintain a bunch of packages
Trying to take maintainership more seriously...

Signed-off-by: Shea Levy <shea@shealevy.com>
2014-01-21 22:34:41 -05:00
Shea Levy
cb9cc87a39 kernel.passthru: Don't include meta to be consistent with stdenv.mkDerivation
Signed-off-by: Shea Levy <shea@shealevy.com>
2014-01-21 21:12:58 -05:00
Shea Levy
fd999ed570 Linux: Set passthru attr to contain full passthru
This fixes #1566, thanks @wizeman

Signed-off-by: Shea Levy <shea@shealevy.com>
2014-01-21 21:06:27 -05:00
Ricardo M. Correia
aeda8d63b9 grsecurity: Update stable and test patches
stable: 3.0-3.2.53-201312021727 -> 3.0-3.2.54-201401191012
test:   3.0-3.12.2-201312021733 -> 3.0-3.12.8-201401191015
2014-01-22 02:14:35 +01:00
Shea Levy
d18bc25b95 Rename linuxManualConfig to buildLinux
Signed-off-by: Shea Levy <shea@shealevy.com>
2014-01-21 20:05:55 -05:00
Vladimír Čunát
ac6761c908 Merge master into stdenv-updates
Conflicts:
	pkgs/applications/version-management/gource/default.nix
	pkgs/top-level/all-packages.nix
2014-01-20 19:39:28 +01:00
Shea Levy
3ae5e801a5 Linux 3.13
Signed-off-by: Shea Levy <shea@shealevy.com>
2014-01-19 22:35:24 -05:00
Ricardo M. Correia
84f35a7cc1 libaio: Fix download URL 2014-01-18 15:24:42 +00:00
Vladimír Čunát
0a58b512cb Merge master into stdenv-updates
Conflicts (simple):
	pkgs/development/compilers/gcc/4.8/default.nix
	pkgs/development/compilers/llvm/default.nix
	pkgs/development/libraries/gmp/5.1.1.nix
	pkgs/development/libraries/gmp/5.1.3.nix
	pkgs/development/libraries/gmp/5.1.x.nix
	pkgs/top-level/all-packages.nix
2014-01-18 14:46:20 +01:00
Ricardo M. Correia
acaadd9d2a linux: Update to 3.2.54 and 3.12.7 (close #1527) 2014-01-15 20:05:53 +01:00
Shea Levy
e5c34ddb55 Add platforms for kmscon
Signed-off-by: Shea Levy <shea@shealevy.com>
2014-01-15 08:17:19 -05:00
Eelco Dolstra
03ad7a081c linux: Update to 3.4.76 2014-01-15 10:55:53 +01:00
Shea Levy
b6a1673308 kmscon: Build man pages
Signed-off-by: Shea Levy <shea@shealevy.com>
2014-01-15 01:13:45 -05:00
Shea Levy
446c144b1a Add kmscon, a kms-based replacement for kernel VTs
Note that currently this depends on the default nixpkgs mesa and pango.
It may be possible to build more limited versions that don't e.g. depend
on the full X stack without limiting kmscon (which of course doesn't use
X).

Depends on libtsm, added in the same commit.

Signed-off-by: Shea Levy <shea@shealevy.com>
2014-01-15 00:58:46 -05:00
Vladimír Čunát
a2c316288c Merge master into stdenv-updates
Conflicts:
	pkgs/development/lisp-modules/stumpwm/default.nix (auto-solved)
	pkgs/top-level/all-packages.nix (trivial)
2014-01-12 12:29:24 +01:00
Domen Kožar
bc6e2e9c36 remove pointless passthru meta 2014-01-10 01:45:35 +01:00
Nixpkgs Monitor
a5882db800 cryptsetup: update from 1.6.2 to 1.6.3 2014-01-08 18:49:49 +01:00
Peter Simons
4888f83063 Merge pull request #1465 from msackman/master
Bump LXC to 1.0.0.beta1
2014-01-08 08:11:17 -08:00
Eelco Dolstra
c3db56527d linux: Update to 3.4.75 2014-01-07 11:08:16 +01:00
Matthew Sackman
847a310c67 Bump LXC to 1.0.0.beta1
Tested locally. Builds and works for me.
2014-01-06 17:46:00 +00:00
Shea Levy
053e029ee6 Some arches have multiple Makefiles
Signed-off-by: Shea Levy <shea@shealevy.com>
2014-01-05 16:07:32 -05:00
Shea Levy
adb57a0cc4 kernel: Fix depmod references
Signed-off-by: Shea Levy <shea@shealevy.com>
2014-01-05 10:31:16 -05:00
Shea Levy
139f8949e6 Merge branch 'merge-kernel-builds' into upstream-master
This is a second attempt at unifying the generic and manual-config
kernel builds (see #412 for the last time).

The set of working kernel packages is a superset of those that work on
master, and as the only objection last time was the size of the $dev
closure and now both $out and $dev combined are 20M smaller than $out on
master (see message for ac2035287f), this
should be unobjectionable.

Signed-off-by: Shea Levy <shea@shealevy.com>
2014-01-05 07:13:19 -05:00
Shea Levy
ac2035287f Greatly reduce kernel closure size
Based on access analysis with strace, I determined an essentially
minimal required set of files from the kernel source that was needed to
build all current kernel packages on 3.10, which ultimately resulted in
keeping 30M of source. Generalizing from that minimal set, which
required ad-hoc specifications of which headers outside of include/ and
arch/*/include and which files in the scripts/ directory should be kept,
to a policy of keeping all non-arch-specific headers that aren't part of
the drivers/ directory and the entire scripts/ directory added an
additional 17M, but there was nothing in the analysis that indicated
that that ad-hoc specification was at all complete so I think the extra
hit is worth the likely greater compatibility.

For reference, we now keep:

* All headers that are NOT in arch/${notTargetArch}/include or drivers/
* The scripts/ directory
* Makefile
* arch/${targetArch}/Makefile

IMO the most likely cause of future problems are the headers in
drivers/, but hopefully they won't actually be needed as they add 50M
Ideally kernel packages would only use include and
arch/${targetArch}/include, but alas this is observably not the case.

master:
  * $out
    * size: 234M
    * references-closure: linux-headers, glibc, attr, acl, zlib, gcc,
      coreutils, perl, bash
merge-kernel-builds:
  * $out
    * size: 152M
    * references-closure: none
  * $dev
    * size: 57M
    * references-closure: linux-headers, glibc, zlib, gcc

So even with the non-minimal set we still beat out master. Keeping the
drivers headers would make us only slightly bigger.

Signed-off-by: Shea Levy <shea@shealevy.com>
2014-01-05 06:55:47 -05:00
Vladimír Čunát
900c7d29e7 ipsecTools: fix build with newer gcc versions (warnings) 2014-01-05 11:29:57 +01:00
Shea Levy
a589bfae17 Update and fix kernel packages to new kernel build
In most cases, this just meant changing kernelDev (now removed from
linuxPackagesFor) to kernel.dev. Some packages needed more work (though
whether that was because of my changes or because they were already
broken, I'm not sure). Specifics:

* psmouse-alps builds on 3.4 but not 3.10, as noted in the comments that
  were already there
* blcr builds on 3.4 but not 3.10, as noted in comments that were
  already there
* open-iscsi, ati-drivers, wis-go7007, and openafsClient don't build on
  3.4 or 3.10 on this branch or on master, so they're marked broken
* A version-specific kernelHeaders package was added

The following packages were removed:

* atheros/madwifi is superceded by official ath*k modules
* aufs is no longer used by any of our kernels
* broadcom-sta v6 (which was already packaged) replaces broadcom-sta
* exmap has not been updated since 2011 and doesn't build
* iscis-target has not been updated since 2010 and doesn't build
* iwlwifi is part of mainline now and doesn't build
* nivida-x11-legacy-96 hasn't been updated since 2008 and doesn't build

Everything not specifically mentioned above builds successfully on 3.10.
I haven't yet tested on 3.4, but will before opening a pull request.

Signed-off-by: Shea Levy <shea@shealevy.com>
2014-01-04 21:17:04 -05:00
Domen Kožar
38fcedcd5f Merge pull request #1380 from offlinehacker/pkgs/ati-drivers/fix_download
ati-drivers: fix download
2014-01-03 03:40:36 -08:00
Shea Levy
2c38df1c5b kernel build: limit dev output footprint
This makes the disk usage footprint of building the kernel smaller in 3
ways:

1) There is no separate kernel source derivation
2) Rather than using the entire build tree, only the output of make
modules_prepare is kept in the $dev output (plus the module symbol
versioning file generated during the build)
3) Only the subset of the source tree known to be needed for external
builds is kept in $dev

Note that while 2) is supported by official kernel documentation, I
couldn't find any source describing what we need to keep for 3). I've
started with the bare minimum (the main Makefile is called by the
Makefile generated by make modules_prepare) and we can/should add more
as needed for kernelPackages.

Signed-off-by: Shea Levy <shea@shealevy.com>
2014-01-01 23:56:24 -05:00
Shea Levy
f95d214cfd Implement generic kernel build via manual-config
This has three major benefits:

1. We no longer have two kernel build processes to maintain

2. The build process is (IMO) cleaner and cleaves more closely to
upstream. In partuclar, we use make install to install the kernel and
development source/build trees, eliminating the guesswork about which
files to copy.

3. The derivation has multiple outputs: the kernel and modules are in
the default `out' output, while the build and source trees are in a
`dev' output. This makes it possible for the full source and build tree
to be kept (which is expected by out-of-tree modules) without bloating
the closure of the system derivation.

In addition, if a solution for how to handle queries in the presence of
imports from derivations ever makes it into nix, a framework for
querying the full configuration of the kernel in nix expressions is
already in place.

Signed-off-by: Shea Levy <shea@shealevy.com>
2014-01-01 09:21:25 -05:00
Shea Levy
a87b1f36e0 manual-config: Fully general cross-compiling
In the most general case, the cross and native kernel may differ in
patches and configuration file as well as architecture, kernel target,
etc. It's probably overkill to support that case, but since it was
doable without much duplication and it will make integrating with the
existing cross-compilation support in the generic kernel I decided to
implement it anyway.

Signed-off-by: Shea Levy <shea@shealevy.com>
2013-12-31 23:09:42 -05:00
Shea Levy
784c6d320c manual-config: Put `source' before the version in the sourceRoot name
nix's version parsing treats the previous name as a package named
`linux' with version `${version}-source', when we really want a package
named `linux-source' with version `${version}'

Signed-off-by: Shea Levy <shea@shealevy.com>
2013-12-31 22:50:41 -05:00
Shea Levy
0c5776bc0f manual-config: Patch conf.c for generate-config.pl
This only affects the `oldaskconfig' make target, so it shouldn't really
affect current manual-config users, but it does make it more
straightforward to implement the generic kernel build on top of
manual-config.

Signed-off-by: Shea Levy <shea@shealevy.com>
2013-12-31 22:49:12 -05:00
Shea Levy
fe185f0a18 manual-config: Always add config query functions
If the config attrset is manually specified, we still want isYes,
isModule, etc. to work. But we let the passed in config attrset take
precedence, if for some reason the caller wants to provide their own
implementation of one or more of these functions.

Signed-off-by: Shea Levy <shea@shealevy.com>
2013-12-31 22:46:43 -05:00
Shea Levy
008992619f linux/manual-config: Cross-compiling support
With this, I was able to successfully compile a defconfig kernel for the
sheevaplug, though I didn't actually try to run it (not having a
sheevaplug myself).

For native compiles, the most significant difference is that the
platform's kernel target is built directly rather than hoping the
default make target will pull it in.

Also some stylistic improvements along the way.

Signed-off-by: Shea Levy <shea@shealevy.com>
2013-12-31 22:38:06 -05:00
William A. Kennington III
609e981b93 ifenslave: Add new package 2013-12-31 09:28:52 -06:00
Nixpkgs Monitor
47c5b16643 syslinux: update from 4.06 to 4.07 2013-12-31 05:44:11 +02:00
William A. Kennington III
211b9a5016 linux: Update 3.10.18 -> 3.10.25 2013-12-29 07:53:23 -06:00
William A. Kennington III
811d88e94d linux: Update 3.11.8 -> 3.11.10 2013-12-29 07:53:19 -06:00
Tomasz Kontusz
18115fbbea Change pmount download address and add platforms
The URL change is needed as alioth.debian.org is forcing HTTPS with CA we don't recognize.
2013-12-24 10:50:40 +01:00
Nixpkgs Monitor
dc2cb043a9 powertop: update from 2.2 to 2.5 2013-12-23 05:22:37 +02:00
Nixpkgs Monitor
100ad41627 udisks2: update from 2.1.0 to 2.1.1 2013-12-21 02:28:27 +02:00
Nixpkgs Monitor
e64b7663f6 v4l_utils: update from 0.9.3 to 1.0.0 2013-12-21 02:28:27 +02:00
Shea Levy
76da6e6ed3 Linux 3.12.6
Signed-off-by: Shea Levy <shea@shealevy.com>
2013-12-20 13:45:45 -05:00
Shea Levy
01a051292f Linux 3.12.5
Signed-off-by: Shea Levy <shea@shealevy.com>
2013-12-18 12:35:07 -05:00
Nixpkgs Monitor
a94aa7cf49 bluez5: update from 5.8 to 5.12 2013-12-18 18:18:20 +02:00
Nixpkgs Monitor
be11410d4a batctl: update from 2013.2.0 to 2013.4.0 2013-12-18 18:18:18 +02:00
Lluís Batlle i Rossell
05b94c04cf Updating nvidia legacy 304 to 304.117 2013-12-18 11:24:53 +01:00
Eelco Dolstra
82f39bd19e linux: Fix hash 2013-12-17 13:27:03 +01:00
Eelco Dolstra
acac786868 linux: Update to 3.4.74 2013-12-16 14:46:21 +01:00
Nixpkgs Monitor
aeda3e2216 psmisc: update from 22.19 to 22.21 2013-12-16 01:36:17 +02:00
Nixpkgs Monitor
6fc2d316bb procps-ng: update from 3.3.6 to 3.3.9 2013-12-16 01:36:17 +02:00
Nixpkgs Monitor
e9a4b303e6 sdparm: update from 1.03 to 1.08 2013-12-14 21:44:51 +02:00
Jaka Hudoklin
220c3b5ba4 ati-drivers: fix download 2013-12-14 00:59:54 +01:00
Nixpkgs Monitor
a398237f37 lsscsi: update from 0.24 to 0.27 2013-12-14 00:16:59 +02:00
Nixpkgs Monitor
05e8d1187f libvolume_id: update from 0.81.0 to 0.81.1 2013-12-13 22:41:58 +02:00
Jaka Hudoklin
3c677fde65 ati-drivers: fix aticonfig segmentation fault
Fix aticonfig tool by setting libXinerama to LD_LIBRARY_PATH
2013-12-13 09:34:04 +01:00
Nixpkgs Monitor
ed9ce850fd policycoreutils: update from 2.2.4 to 2.2.5 2013-12-13 00:39:20 +02:00
Domen Kožar
3e06d3da1d dmidecode: set meta.platforms to linux 2013-12-12 00:32:31 +01:00
Eelco Dolstra
f74ca42ba6 linux: Update to 3.4.73 2013-12-11 14:28:37 +01:00
Shea Levy
9131b45db4 Linux 3.12.4
Signed-off-by: Shea Levy <shea@shealevy.com>
2013-12-09 12:01:37 -05:00
Nixpkgs Monitor
741b202d72 apparmor: update from 2.8.1 to 2.8.2 2013-12-09 11:04:25 +02:00
Peter Simons
87e87bd56c alsa: set meta.platform for ALSA-related packages to Linux 2013-12-06 19:26:34 +01:00
Vladimír Čunát
3d3b19d767 Merge #1325: linux-3.2 and grsecurity updates 2013-12-05 23:20:18 +01:00
Shea Levy
bb9caf40dd Linux 3.12.3
Signed-off-by: Shea Levy <shea@shealevy.com>
2013-12-05 10:21:06 -05:00
Ricardo M. Correia
61adb5962c grsecurity: Update to 3.0-3.2.53-201312021727 and 3.0-3.12.2-201312021733 2013-12-04 15:28:21 +01:00
Ricardo M. Correia
60ced497f6 linux: Update to 3.2.53 2013-12-04 15:28:20 +01:00
Michael Raskin
8da629a3b9 Adding libnl 3.2.19 to use instead of the latest with ntrack
ntrack has a bug about fresher libnl compatilbility. There are no
updates since September.
2013-12-02 22:47:52 +04:00
Eelco Dolstra
3b94410d86 linux: Update to 3.4.71 2013-12-01 18:20:39 -05:00
Michael Raskin
c00898c7a7 Merge pull request #1297 from wkennington/sysworking2
Update lots of Linux Utilities 2
2013-12-01 05:33:54 -08:00
Bjørn Forsman
e05f21d1ed bluez5: add missing dependency on pygobject
Fixes this:

  $ bluez-monitor-bluetooth
  Traceback (most recent call last):
    File "/nix/store/d3gv219wnnjd2c9agyq2gjpwxp0m84l8-bluez-5.8/test/.monitor-bluetooth-wrapped", line 5, in <module>
      import gobject
  ImportError: No module named gobject
2013-12-01 12:46:33 +01:00
Shea Levy
c06361a1fc Linux 3.12: Bump
Signed-off-by: Shea Levy <shea@shealevy.com>
2013-11-30 14:29:49 -05:00
William A. Kennington III
96dc58db9c Upgrade selinux from 20100904 -> 20131030 2013-11-29 02:08:53 -06:00
William A. Kennington III
3f449b8ae6 Add audit 2.3.2 for the new libsemanage 2013-11-29 02:08:52 -06:00
William A. Kennington III
16dce6f28a Upgrade libnl from 3.2.13 -> 3.2.23 2013-11-29 02:08:52 -06:00
William A. Kennington III
c1b2ce2f70 Upgrade libatasmart from 0.17 -> 0.19 2013-11-29 02:08:52 -06:00
William A. Kennington III
06f92d07e7 Upgrade kmod from 12 -> 15 2013-11-29 02:08:52 -06:00
William A. Kennington III
f35381595c Upgrade keyutils from 1.2 -> 1.5.8 2013-11-29 02:08:51 -06:00
William A. Kennington III
f18efaf26e Upgrade iproute2 from 3.8.0 -> 3.12.0
Additionally rmeove the werror patch as it is not needed for the build
anymore.
2013-11-29 02:08:51 -06:00
William A. Kennington III
c7ae9e39d9 Upgrade hwdata from 0.172 -> 0.249 2013-11-29 02:08:51 -06:00
Michael Raskin
0851ed23d8 Merge pull request #1282 from wizeman/grsec-upd
grsecurity: Update to latest version and add patch for kernel 3.12
2013-11-28 21:42:27 -08:00
Michael Raskin
7daf1b9487 Fix src for cpufrequtils 2013-11-28 16:26:14 +04:00
Michael Raskin
21df0bbd4a Merge pull request #1264 from urv/master
autofs: upgrade 5.0.5 -> 5.0.8
2013-11-28 02:58:51 -08:00
Michael Raskin
4d416e58b7 Merge pull request #1290 from wkennington/sysworking
Update lots of Linux Utilities
2013-11-28 02:40:31 -08:00
William A. Kennington III
07f125a5da Upgrade hdparm from 9.39 -> 9.43 2013-11-28 01:10:33 -06:00
William A. Kennington III
95dfbcdade Upgrade fuse from 2.9.2 -> 2.9.3 2013-11-28 01:07:34 -06:00
William A. Kennington III
f6503e5e35 Upgrade util-linux from 2.22 -> 2.24 2013-11-28 00:52:13 -06:00
William A. Kennington III
47c3272b1f Update MDadm from 3.1.2 -> 3.3
Additionally, remove the old udev patch since this version has a rule
for enabling mdraid arrays
2013-11-28 00:52:12 -06:00
William A. Kennington III
fb7421db64 Upgrade lvm from 2.02.100 -> 2.02.104 2013-11-28 00:52:12 -06:00
William A. Kennington III
cb8842e526 Update iw 3.10 -> 3.11 2013-11-28 00:52:12 -06:00
William A. Kennington III
98f5b253dc Update IPTables from 1.4.16.2 -> 1.4.20 2013-11-28 00:52:12 -06:00
William A. Kennington III
5c8029e0a1 Upgrade drbd from 8.4.0 -> 8.4.4 2013-11-28 00:52:12 -06:00
William A. Kennington III
1426f4b72b Upgrade dmidecode from 2.11 -> 2.12 2013-11-28 00:52:12 -06:00
William A. Kennington III
9ce566e9a4 Upgrade cryptsetup from 1.5.1 -> 1.6.2 2013-11-28 00:52:11 -06:00
William A. Kennington III
8e7ece3742 Upgrade cryptodev from 1.5 -> 1.6 2013-11-28 00:52:11 -06:00
William A. Kennington III
5d713a5fb9 Update cpufrequtils hash to sha256 2013-11-28 00:52:11 -06:00
William A. Kennington III
43594f121b Update consoletools from 1.4.3 -> 1.4.6 2013-11-28 00:52:11 -06:00
William A. Kennington III
0e4937ce4c Upgrade cifs-utils from 5.7 -> 6.2
Additonally remove the systemd-ask-password patch since this was fixed
upstream.
2013-11-28 00:52:11 -06:00
William A. Kennington III
19478d83e4 Upgrade busybox from 1.20.2 -> 1.21.1 2013-11-28 00:52:10 -06:00
William A. Kennington III
21b3591136 Update acpid from 2.0.17 -> 2.0.20 2013-11-27 23:15:37 -06:00
William A. Kennington III
07b7c179bc Update acpi from 1.6 -> 1.7 2013-11-27 23:15:37 -06:00
Ricardo M. Correia
89789e4719 linux: Update to 3.12.1 (close #1281) 2013-11-27 21:52:51 +01:00
Ricardo M. Correia
2106191003 grsecurity: Fix module loading during boot due to path restrictions 2013-11-27 01:32:50 +01:00
Ricardo M. Correia
36955aa721 grsecurity: Update to 3.0-3.2.52-201311261307 and add patch for 3.12 2013-11-27 01:32:14 +01:00
Eelco Dolstra
139c5b5069 linux: Update to 3.4.70 2013-11-26 11:46:41 +01:00
Domen Kožar
4f199ef7bb alienfx: also build on i686 2013-11-24 15:20:38 +01:00
Thomas Bereknyei
f2581d2894 Add alienfx. Only tested with M11x Made some corrections. Added meta-data Use more of the original makefile 2 space indent 2013-11-24 15:19:54 +01:00
cillianderoiste
d0ce0f836f Merge pull request #1268 from cillianderoiste/tuxonice
TuxOnIce: Add a 3.10 linux kernel with the TuxOnIce hibernation patch
2013-11-23 08:33:36 -08:00
Cillian de Róiste
a34354ef81 TuxOnIce: Add a 3.10 linux kernel with the TuxOnIce hibernation patch 2013-11-23 17:21:19 +01:00
Arvin Moezzi
2fed56b42f autofs: upgrade 5.0.5 -> 5.0.8
* upstream: patches have been moved into the patches-5.0.x directory
* disable autofs preparing and then moving mount points

  "With the introduction of systemd the root filesystem is now usually
  marked as shared instead of private as part of the systemd sandbox
  functionality. As a consequence moving a mount from one mount point to
  another is not allowed."
2013-11-21 21:49:47 +01:00
Ricardo M. Correia
a65ecb6382 linux: Update to 3.11.8 (close #1243) 2013-11-20 22:48:12 +01:00
Cillian de Róiste
67e3258ab5 hibernate: upgrade from 1.98.1 to 2.0 2013-11-19 21:33:43 +01:00
William A. Kennington III
0eeb78d74c nvidia: Update to version 331.20
We no longer need the patches applied for the previous version so they
are removed.
2013-11-16 17:10:45 +01:00
Eelco Dolstra
af7162b7a3 linux: Update to 3.4.69 2013-11-13 17:33:58 +01:00
Evgeny Egorochkin
829b29153b clean up git revision handling in several packages 2013-11-13 12:46:55 +02:00
Vladimír Čunát
91028bd151 upower: fix Xfce via --enable-deprecated
Also drop older libusb1 version which is no longer needed with newer upower.
2013-11-12 10:05:57 +01:00
Bjørn Forsman
d4e210539b alsa: bump 1.0.26 -> 1.0.27 (close #1198)
Basically, bump all alsa projects to their latest version as per
http://www.alsa-project.org/main/index.php/Main_Page
2013-11-11 22:32:28 +01:00
Evgeny Egorochkin
6f6d611a06 upower: update to 0.9.23 2013-11-11 22:16:34 +02:00
Moritz Ulrich
7fded05cbe New package: LDM - Lightweight device mounter
Signed-off-by: Moritz Ulrich <moritz@tarn-vedra.de>
2013-11-10 15:08:44 +01:00
Ricardo M. Correia
e8361c3523 linux: Update to 3.11.7 2013-11-09 18:46:29 +01:00
Eelco Dolstra
5098d53db1 linux: Update to 3.10.18 2013-11-06 10:31:53 +01:00
Eelco Dolstra
07ccfe6af8 linux: Update to 3.4.68 2013-11-06 10:29:27 +01:00
Shea Levy
d2de64cc66 Fix broken meta.platforms for manual-config kernel
Signed-off-by: Shea Levy <shea@shealevy.com>
2013-11-05 07:19:38 -05:00
Eelco Dolstra
da426c7df5 Fix some meta.platforms attributes to build more stuff on Darwin 2013-11-05 10:46:59 +01:00
Eelco Dolstra
c88055e1a2 Set meta.hydraPlatforms instead of meta.platforms for some packages 2013-11-05 00:06:10 +01:00
Eelco Dolstra
a2cbc77e4f Only show/build a package on the platforms listed in meta.platforms
The function ‘mkDerivation’ now checks whether the current platform
type is included in a package's meta.platform field.  If not, it
throws an exception:

  $ nix-build -A linux --argstr system x86_64-darwin
  error: user-thrown exception: the package ‘linux-3.10.15’ is not supported on ‘x86_64-darwin’

These packages also no longer show up in ‘nix-env -qa’ output.  This
means, for instance, that the number of packages shown on
x86_64-freebsd has dropped from 9268 to 4764.

Since meta.platforms was also used to prevent Hydra from building some
packages, there now is a new attribute meta.hydraPlatforms listing the
platforms on which Hydra should build the package (which defaults to
meta.platforms).
2013-11-05 00:06:10 +01:00
Eelco Dolstra
a0e21fd1ca Mark more packages as broken 2013-11-04 21:11:00 +01:00
Shea Levy
268bb64b68 Linux 3.12 release
Signed-off-by: Shea Levy <shea@shealevy.com>
2013-11-03 20:14:48 -05:00
Shea Levy
504ea7662c Remove EOL'd kernels
Signed-off-by: Shea Levy <shea@shealevy.com>
2013-11-01 11:10:05 -04:00
Ricardo M. Correia
57e9fd8bcf grsecurity: Update to 2.9.1-3.2.52-201310271550 2013-10-29 13:32:53 +01:00
Ricardo M. Correia
69513d1480 linux: Update to 3.2.52 2013-10-29 13:32:53 +01:00
Evgeny Egorochkin
f17ba15f41 microcode-intel: update to 20130906 2013-10-27 06:24:48 +02:00
Eelco Dolstra
8c65a2a181 linux: Update to 3.4.67 2013-10-24 14:52:09 +02:00
Michael Raskin
23479e1e25 Adding desktop side of GfxTablet tablet-as-input-device Android app 2013-10-22 09:30:49 +04:00
Michael Raskin
6e3b2c49e0 Fix license attribute in ttysnoop 2013-10-20 21:15:14 +04:00
Michael Raskin
e8773c4139 Adding forktty terminal connection/disconnection helper 2013-10-20 20:27:50 +04:00
Michael Raskin
cb82eaffb8 Adding ttysnoop pty redirector 2013-10-20 18:42:53 +04:00
Michael Raskin
e5e17e73e3 Add conspy Linux console proxy 2013-10-20 18:02:07 +04:00
Aristid Breitkreuz
81ef604ae0 linux 3.11.6 2013-10-20 11:42:37 +02:00
Ricardo M. Correia
d32636dac4 grsecurity: Update to 2.9.1-3.2.51-201309281102 2013-10-20 08:14:28 +03:00
Ricardo M. Correia
90a2341300 grsecurity: generate linuxPackages and declare that apparmor is included 2013-10-20 08:14:28 +03:00
Evgeny Egorochkin
73449533ba linux 3.12: fix url to match hash 2013-10-19 10:52:16 +03:00
Evgeny Egorochkin
a3757a2f67 i7z: update to 0.27.2, cleanup build, add git repository to metadata. 2013-10-18 23:05:22 +03:00
Eelco Dolstra
fc593e719d linux: Update to 3.4.66
CVE-2013-2015
2013-10-14 12:52:22 +02:00
Eelco Dolstra
d55b8a10ee systemd: Apply a bunch of upstream fixes
For all changes relative to v203, see
https://github.com/edolstra/systemd/tree/nixos-v203.

Fixes #1072.
2013-10-14 12:47:05 +02:00
Eelco Dolstra
15f293e0e6 usbutils: Update USB IDs
Also, don't install update-usbids.sh (doesn't make sense) and fix
lsusb.py.
2013-10-14 12:47:04 +02:00
Mathijs Kwik
ab94b3b863 linux-3.0: upgrade to 3.0.99 2013-10-06 20:17:02 +02:00
Mathijs Kwik
c242863da8 linux-3.4: upgrade to 3.4.65 2013-10-06 20:17:01 +02:00
Mathijs Kwik
07fd8c87ab linux-3.10: upgrade to 3.10.15 2013-10-06 20:17:01 +02:00
Mathijs Kwik
2af2f26034 linux-3.11: upgrade to 3.11.4 2013-10-06 20:17:01 +02:00