Commit graph

811 commits

Author SHA1 Message Date
Samuel Dionne-Riel
76552e95cc
stdenv: Fix regression on ARM+static when enabling hardening (#115363)
4e9dc46dea re-enabled hardening for Musl,
which is good.

Though static builds for ARM fail in various ways

 - cross armv7l static does not build
 - cross aarch64 static produces segfaulting dynamically linked binaries
 - native aarch64 static also produces segfaulting dynamically linked binaries

It seems that for native x86_64-linux, static builds are fine though.

This works around the issue by removing PIE from the hardening flags,
keeping all other hardening flags. This is an improvement (I think) from
before 4e9dc46d.

Fixes #114953
2021-03-23 18:45:48 -04:00
Andrew Childs
d16a8753d9 stdenv: set CMAKE_OSX_ARCHITECTURES appropriately 2021-03-02 17:21:07 +09:00
WORLDofPEACE
4b10920ed1
stdenv/check-meta: change to allowlist and blocklist (#114127)
* stdenv/check-meta: change to allowlist and blocklist

* Update pkgs/stdenv/generic/check-meta.nix

Co-authored-by: Graham Christensen <graham@grahamc.com>
2021-02-23 10:25:18 -05:00
github-actions[bot]
402b752521
Merge master into staging-next 2021-02-11 18:16:48 +00:00
Ben Siraphob
4da3c5ab1e stdenv/generic: recommend lib instead of pkgs.lib in place of stdenv.lib 2021-02-11 11:34:06 +07:00
github-actions[bot]
30dddce5e8
Merge master into staging-next 2021-02-09 06:16:02 +00:00
Bernardo Meurer
129ec8a4a5
stdenv: remove mention of flashplayer (in comments) 2021-02-08 09:38:43 -08:00
github-actions[bot]
194e4e6f80
Merge master into staging-next 2021-02-07 06:16:10 +00:00
Cole Helbling
c7942b0f8b stdenv/generic: allowAliases should default to true if unset
Since the deprecation is fairly recent, we should warn by default.

Also fix the wording of the comment: stdenv.lib will be removed for the 21.11
release, not just deprecated (as it already is deprecated).
2021-02-06 21:30:34 -08:00
Cole Helbling
afbeed62bb stdenv/generic: allowAliases should default to false if unset
Mostly because config.allowAliases doesn't exist unless it's set.
2021-02-06 19:44:30 -08:00
Edmund Wu
5b278c2f48
stdenv/generic: allowAlises -> allowAliases 2021-02-06 22:15:00 -05:00
Ben Siraphob
66e92385b9 stdenv/generic: throw when using stdenv.lib and disallowing aliases 2021-01-31 18:40:19 +07:00
github-actions[bot]
f92395cf3c
Merge staging-next into staging 2021-01-31 06:19:43 +00:00
John Ericson
6717246373
Merge pull request #111284 from siraben/remove-new-stdenv-lib
stdenv: warn about use of inherited lib
2021-01-30 22:28:05 -05:00
Ben Siraphob
227693ed69
Update pkgs/stdenv/generic/default.nix
Co-authored-by: John Ericson <git@JohnEricson.me>
2021-01-31 03:03:11 +00:00
Matthew Bauer
048e0d3f87
Merge pull request #108518 from 4z3/env-vars
stdenv: mute errors when failing to write env-vars
2021-01-30 18:37:10 -06:00
Guillaume Girol
a6840c55c2
Merge pull request #101606 from utsl42/master
Fix hardening default for pkgsMusl to reenable -pie
2021-01-30 15:19:12 +00:00
Ben Siraphob
32e8cec5d9 stdenv: warn about use of inherited lib 2021-01-30 18:42:48 +07:00
John Ericson
9c213398b3 lib: Clean up how linux and gcc config is specified
Second attempt of 8929989614589ee3acd070a6409b2b9700c92d65; see that
commit for details.

This reverts commit 0bc275e634.
2021-01-23 10:01:28 -05:00
Jonathan Ringer
0bc275e634
Revert "lib: Clean up how linux and gcc config is specified"
This is a stdenv-rebuild, and should not be merged
into master

This reverts commit 8929989614.
2021-01-22 14:07:06 -08:00
John Ericson
8929989614 lib: Clean up how linux and gcc config is specified
The `platform` field is pointless nesting: it's just stuff that happens
to be defined together, and that should be an implementation detail.

This instead makes `linux-kernel` and `gcc` top level fields in platform
configs. They join `rustc` there [all are optional], which was put there
and not in `platform` in anticipation of a change like this.

`linux-kernel.arch` in particular also becomes `linuxArch`, to match the
other `*Arch`es.

The next step after is this to combine the *specific* machines from
`lib.systems.platforms` with `lib.systems.examples`, keeping just the
"multiplatform" ones for defaulting.
2021-01-21 22:44:09 -05:00
tv
659da9b738 stdenv: mute errors when failing to write env-vars 2021-01-05 22:23:37 +01:00
John Ericson
73425f6c3b Merge remote-tracking branch 'upstream/master' into staging 2020-11-28 21:33:03 -05:00
Daiderd Jordan
788f61cf3e
Merge pull request #85545 from LnL7/meta-available-flags
meta: expose availability flags in derivation metadata
2020-11-28 18:57:47 +01:00
Robert Hensing
c8ae3d870c setup.sh: export XDG_DATA_DIRS for consistency
By exporting it, we always make the new directories available
to subprocesses, regardless of whether the environment
variable existed before `nix-shell` was invoked.
2020-11-25 08:44:04 -08:00
Robert Hensing
84c58abdc4 setup.sh: Only load XDG_DATA_DIRS for executable inputs
This avoids the scenario where strictDeps is off and cross-compiled
XDG_DATA_DIRS content is brought into the environment.

While probably harmless for data like manpages and completion scripts,
this would cause issues when XDG_DATA_DIRS is used to find executables
or plugins. The Qt framework is known to behave like this and might
have run into incompatibilities.
2020-11-25 08:44:04 -08:00
Robert Hensing
0f13cccb95 setup.sh: Support XDG_DATA_DIRS
XDG_DATA_DIRS is to /share as PATH is to /bin.

It was defined as part of the XDG basedir specification.
https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html

While it originated from the X Desktop Group, it is not limited to
the X11 ecosystem, as evidenced by its use in bash-completion.

The removal of ` && -d "$pkg/bin"` is ok, because this optimization is
already performed by `addToSearchPath`.
2020-11-25 08:44:04 -08:00
Andreas Rammhold
278b273d9a
Merge pull request #102251 from andir/random-seed
stdenv: introduce -frandom-seed
2020-11-19 01:07:28 +01:00
Frederik Rietdijk
4076ffe580 Merge staging-next into staging 2020-11-11 16:00:34 +01:00
Arnout Engelen
f6650152bd
Promote allowUnfreePredicate in remediation message 2020-11-09 17:26:02 +01:00
Frederik Rietdijk
8aaf2e60e5 Merge staging-next into staging 2020-11-09 14:49:10 +01:00
Joachim Breitner
d92a19b039 stdenv: Fix error message when checkPhase is missing 2020-11-07 10:37:37 -08:00
Andreas Rammhold
83f0bccc89 stdenv: add -frandom-seed to NIX_CFLAGS_COMPILE for reproducibility
This adds -frandom-seed to each compiler invocation in stdenv. The
object here is to make the compierl invocations produce the same output
every time they are called (for the same derivation). When the
-frandom-seed option is not set the compiler will use a combination of
random numbers (in GCC's case from /dev/urandom) and the durrent time to
produce a "random" input per file. This can (among other things) lead to
different ordering of symbols in the produced object files.

For reason of reproducibility we prefer having the same derivation
produce the exact same outputs. This is not a silver bullet but one way
to tame the compiler.
2020-11-01 19:40:12 +01:00
Markus S. Wamser
4a26f177c9 stdenv/check-meta: add hint to NIXPKGS_ALLOW_* for unfree/broken/unsupported system 2020-10-27 10:01:32 +01:00
Nathan Hawkins
4e9dc46dea stdenv: Fix hardening default for pkgsMusl to reenable -pie
defaultHardeningFlags is set to enable pie for Musl, but is not
actually used because the default is never put into
NIX_HARDENING_ENABLE. That still works for cases other than Musl
only because NIX_HARDENING_ENABLE is defaulted in the binutils and
cc-wrapper setup-hook.sh scripts.
2020-10-25 12:33:58 +00:00
Robert Helgesson
fbc5093649
hooks: add moveSystemdUserUnitsHook
This hook moves systemd user service file from `lib/systemd/user` to
`share/systemd/user`. This is to allow systemd to find the user
services when installed into a user profile. The `lib/systemd/user`
path does not work since `lib` is not in `XDG_DATA_DIRS`.
2020-09-12 18:29:46 +02:00
Silvan Mosberger
560bb92473
Merge pull request #76794 from dudebout/document-nix-env-multiple-output-install-bug
document nix-env bug relating to multiple output installation
2020-09-05 15:40:26 +02:00
Nicolas Dudebout
611258f063 document nix-env bug relating to multiple output installation 2020-09-05 05:31:54 -04:00
Silvan Mosberger
911497988f
Merge pull request #95536 from Infinisil/inputDerivation
mkDerivation: Introduce .inputDerivation for shell.nix build convenience
2020-08-31 15:46:41 +02:00
Matthew Bauer
a378ae61e2
Merge pull request #95129 from aaronjanse/aj-fix-llvm-for-redox
mkDerivation: use `Generic` as system name for Redox in cmakeFlags
2020-08-19 15:07:20 -05:00
Silvan Mosberger
3e1a40df75
mkDerivation: Introduce .inputDerivation for shell.nix build convenience
This introduces the .inputDerivation attribute on all derivations
created with mkDerivation. This is another derivation that can always
build successfully and whose runtime dependencies are the build time
dependencies of the original derivation.

This allows easy building and distributing of all derivations needed to
enter a nix-shell with

  nix-build shell.nix -A inputDerivation
2020-08-16 00:24:48 +02:00
Aaron Janse
eb970b6241 mkDerivation: handle Redox in cmakeFlags 2020-08-10 19:52:54 -07:00
Jörg Thalheim
f6a30fcac5
Merge pull request #89794 from Mic92/source-date-epoch 2020-08-01 10:08:18 +01:00
Ben Wolsieffer
18c8866f77 stdenv: correctly make stdenv.system refer to the host platform
This was supposed to be done in 773233ca77, but was not due to a small
mistake.
2020-07-11 16:06:08 -04:00
zowoq
b78a0348d3 stdenv/check-meta: alignment/width 2020-06-11 12:35:11 +10:00
Vladimír Čunát
a5f5d020c6
Merge branch 'staging-next' 2020-06-10 16:13:48 +02:00
Geoffrey Huntley
ffa5137278
docs: increase awareness of NIXPKGS_ALLOW_INSECURE=1
496bc90c6c/doc/using/configuration.xml (L190)
2020-06-10 18:16:31 +10:00
Jörg Thalheim
bc4927a526
stdenv: set SOURCE_DATE_EPOCH to a value python supports
in nix-shell this value breaks the build because python's
packaging refuses to build timestamps that date before 1980.
2020-06-08 11:54:46 +01:00
John Ericson
162c0c3e61 mkDerivation: Don't need to specify pkg-config for meson any more
Env var will work fine.
2020-05-27 16:07:58 +00:00
John Ericson
1ac5398589 *-wrapper; Switch from infixSalt to suffixSalt
I hate the thing too even though I made it, and rather just get rid of
it. But we can't do that yet. In the meantime, this brings us more
inline with autoconf and will make it slightly easier for me to write a
pkg-config wrapper, which we need.
2020-05-12 00:44:44 -04:00