The package was originally broken as reported in #38940 and
facebook/osquery#4257. The latest version (3.x) contains several
important fixes for GCC 7, so now we can compile without a much less
complicated patches.
The following changes were needed to fix the derivation:
* Upgrade `osquery/third-party` to the latest rev to be compliant with
osquery 3.
* Keep using an override for the AWS SDK (for a lower closure size and
less compile time), but make the `ec2` API available.
* Added the dependencies `fpm`, `zstd`, `rdkafka`, `rapidjson` to the
build. `linenoise-ng` is obsolete as it's directly bundled with
`osquery/third-party`.
* Fixed the linking issue with `gflags` as recommended in the mailing
list: https://groups.google.com/d/msg/nix-devel/l1blj-mWxtI/J3CwPATBCAAJ
* Dropped the obsolete dependencies `cpp-netlib`, `lz4`, `apt` and
`devicemapper` (thanks @Infinisil).
* Override `OSQUERY_PLATFORM` to provide `nixos:version`
for sandbox and non-NixOS based builds. The `platform-nixos.patch`
file is now obsolete (thanks @flokli).
The patch was rebased against the 3.x branch of `osquery` and contains
mostly old changes. Additionally several testing targets were skipped as
they broke the build.
The functionality has been testing using the following command:
```
mkdir /tmp/osq.log/
./result/bin/osqueryd --pidfile /tmp/osq.pid \
--database_path /tmp/test.db --logger_path /tmp/osq.log
```
With the daemon running the database can be queried easily using
`./result/bin/osqueryi`.
Fixes ticket #38940
See ticket #36453
Further reference can be gathered from the affected Hydra logs for
the master branch: https://hydra.nixos.org/job/nixos/trunk-combined/nixpkgs.osquery.x86_64-linux
Semi-automatic update. These checks were done:
- built on NixOS
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/optimize_local_ssd -h` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/optimize_local_ssd --help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/optimize_local_ssd help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/set_multiqueue -h` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/set_multiqueue --help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/set_multiqueue help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/set_multiqueue -V` and found version 20180129
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/set_multiqueue -v` and found version 20180129
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/set_multiqueue --version` and found version 20180129
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/set_multiqueue version` and found version 20180129
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/set_multiqueue -h` and found version 20180129
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/set_multiqueue --help` and found version 20180129
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/set_multiqueue help` and found version 20180129
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/.google_accounts_daemon-wrapped -h` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/.google_accounts_daemon-wrapped --help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/google_accounts_daemon -h` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/google_accounts_daemon --help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/.google_instance_setup-wrapped -h` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/.google_instance_setup-wrapped --help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/google_instance_setup -h` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/google_instance_setup --help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/.google_network_setup-wrapped -h` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/.google_network_setup-wrapped --help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/google_network_setup -h` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/google_network_setup --help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/.google_ip_forwarding_daemon-wrapped -h` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/.google_ip_forwarding_daemon-wrapped --help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/.google_ip_forwarding_daemon-wrapped help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/google_ip_forwarding_daemon -h` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/google_ip_forwarding_daemon --help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/google_ip_forwarding_daemon help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/.google_clock_skew_daemon-wrapped -h` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/.google_clock_skew_daemon-wrapped --help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/.google_clock_skew_daemon-wrapped help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/google_clock_skew_daemon -h` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/google_clock_skew_daemon --help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/google_clock_skew_daemon help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/.google_metadata_script_runner-wrapped -h` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/.google_metadata_script_runner-wrapped --help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/google_metadata_script_runner -h` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/google_metadata_script_runner --help` got 0 exit code
- found 20180129 with grep in /nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129
- found 20180129 in filename of file in /nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129
only build on Linux
When using diskrsync over SSH, on the remote machine it calls an executable
equal to argv0. Typically, this is just diskrsync but now that diskrsync is
wrapped, the wrapper uses absolute path to diskrsync and that path doesn't most
likely work on the remote machine. Thus, we need to force argv0 to "diskrsync"
so that it works on the remote machine.
aka 5.01+coreboot-001+
The version maintained by coreboot project is superior to Debian, it
integrates all the Debian patches and fixes a bunch more bugs.
In particular, it fixes SMP freezes and apparent memory errors when
running under coreboot ROM.
With hardening enabled it reports errors on known-good memory modules
on my Thinkpad X230 (Ivy Bridge). It's the same bug as reported in
https://bugs.launchpad.net/ubuntu/+source/memtest86+/+bug/1071209 but
memtest86+ fails on test #9 instead of test #7 (because #7 in 4.20
became #9 in 5.01) and with all the addresses multiplied by 2 (I guess
the bug was reported for i686, and I test on x86_64, it was 2012 after
all).
