Commit graph

158162 commits

Author SHA1 Message Date
Daniël de Kok
1f21fc5e47 cargo-asm: fix build on macOS Mojave
Building cargo-asm on Mojave fails with

ld: framework not found Security

Add Security as a build input.
2018-11-03 08:47:18 +01:00
gnidorah
fc96e53587 maxx: fix urls 2018-11-03 10:43:39 +03:00
aszlig
c64624b843
autoPatchelfHook: Correctly detect PIE binaries
I originally thought it would just be enough to just check for an INTERP
section in isExecutable, however this would mean that we don't detect
statically linked ELF files, which would break our recent improvement to
gracefully handle those.

In theory, we are only interested in ELF files that have an INTERP
section, so checking for INTERP would be enough. Unfortunately the
isExecutable function is already used outside of autoPatchelfHook, so we
can't easily get rid of it now, so let's actually strive for more
correctness and make isExecutable actually match ELF files that are
executable.

So what we're doing instead now is to check whether either the ELF type
is EXEC *or* we have an INTERP section and if one of them is true we
should have an ELF executable, even if it's statically linked.

Along the way I also set LANG=C for the invocations of readelf, just to
be sure we don't get locale-dependent output.

Tested this with the following command (which contains almost[1] all the
packages using autoPatchelfHook), checking whether we run into any
library-related errors:

  nix-build -E 'with import ./. { config.allowUnfree = true; };
    runCommand "test-executables" {
      drvs = [
        anydesk cups-kyodialog3 elasticsearch franz gurobi
        masterpdfeditor oracle-instantclient powershell reaper
        sourcetrail teamviewer unixODBCDrivers.msodbcsql17 virtlyst
        vk-messenger wavebox zoom-us
      ];
    } ("for i in $drvs; do for b in $i/bin/*; do " +
       "[ -x \"$b\" ] && timeout 10 \"$b\" || :; done; done")
  '

Apart from testing against library-related errors I also compared the
resulting store paths against the ones prior to this commit. Only
anydesk and virtlyst had the same as they didn't have self-references,
everything else differed only because of self-references, except
elasticsearch, which had the following PIE binaries:

  * modules/x-pack/x-pack-ml/platform/linux-x86_64/bin/autoconfig
  * modules/x-pack/x-pack-ml/platform/linux-x86_64/bin/autodetect
  * modules/x-pack/x-pack-ml/platform/linux-x86_64/bin/categorize
  * modules/x-pack/x-pack-ml/platform/linux-x86_64/bin/controller
  * modules/x-pack/x-pack-ml/platform/linux-x86_64/bin/normalize

These binaries were now patched, which is what this commit is all about.

[1]: I didn't include the "maxx" package (MaXX Interactive Desktop)
     because the upstream URLs are no longer existing and I couldn't
     find them elsewhere on the web.

Signed-off-by: aszlig <aszlig@nix.build>
Fixes: https://github.com/NixOS/nixpkgs/issues/48330
Cc: @gnidorah (for MaXX Interactive Desktop)
2018-11-03 08:07:42 +01:00
Matthew Bauer
370ce8fcd3 stage.nix: throw error on incorrect pkgsi686Linux usage
pkgsi686Linux now throws an error with a message as opposed to the
previous assertion.
2018-11-03 00:58:58 -05:00
Matthew Bauer
4a8fc5b9aa treewide: remove pkgs_i686
This was getting evaluated eagerly causing assertion failures in
aarch64 systems. We can replace usages of pkgs_i686 with
pkgs.pkgsi686Linux.
2018-11-03 00:56:39 -05:00
Matthew Bauer
b3ab4d1f8e Revert "Revert "stage.nix: pkgsi686Linux only works on x86 family""
This reverts commit 08b5cffe87.
2018-11-03 00:52:14 -05:00
Matthew Bauer
08b5cffe87 Revert "stage.nix: pkgsi686Linux only works on x86 family"
This reverts commit 78ca6d885f.

Broke eval on aarch64
2018-11-03 00:47:39 -05:00
Wael M. Nasreddine
e09e5297d3
vim-plugins: vim-go: provide the binaries required for the plugin to be functional 2018-11-02 22:04:44 -07:00
Wael M. Nasreddine
e2355c6973
iferr: init unstable at 2018-06-15 2018-11-02 22:04:44 -07:00
Wael M. Nasreddine
fce50a7880
impl: init unstable at 2018-02-27 2018-11-02 22:04:44 -07:00
Wael M. Nasreddine
6a09bfc8bc
gometalinter: init at 2.0.11 2018-11-02 22:04:44 -07:00
Wael M. Nasreddine
a1faa70368
gosec: init at 1.1.0 2018-11-02 22:04:43 -07:00
Wael M. Nasreddine
cfa5c7f896
maligned: init unstable at 2018-07-07 2018-11-02 22:04:43 -07:00
Wael M. Nasreddine
ed31a46727
interfacer: init at unstable 2018-08-31 2018-11-02 22:04:43 -07:00
Wael M. Nasreddine
1efe4d9005
gocyclo: init unstable at 2015-02-08 2018-11-02 22:04:43 -07:00
Wael M. Nasreddine
f10fcf202b
go-check: init unstable at 2018-09-12 2018-11-02 22:04:43 -07:00
Wael M. Nasreddine
fe83c5c3f5
goconst: init at 1.1.0 2018-11-02 22:04:42 -07:00
Wael M. Nasreddine
63d9863394
unconvert: init at unstable 2018-07-03 2018-11-02 22:04:42 -07:00
Wael M. Nasreddine
df46a94d8b
ineffassign: init at unstable 2018-09-09 2018-11-02 22:04:38 -07:00
Wael M. Nasreddine
d225933b4e
go-tools: init at 2017.2.2 2018-11-02 21:58:09 -07:00
Wael M. Nasreddine
9795ad34dd
deadcode: init at unstable 2016-07-24 2018-11-02 21:58:09 -07:00
Wael M. Nasreddine
f5e4939277
gogetdoc: init at unstable 2018-10-25 2018-11-02 21:58:09 -07:00
Wael M. Nasreddine
f6e78e49fa
reftools: init at unstable 2018-09-14 2018-11-02 21:58:09 -07:00
Wael M. Nasreddine
6d7413e54a
errcheck: init at 1.1.0 2018-11-02 21:58:08 -07:00
Wael M. Nasreddine
126e64e658
asmfmt: init at 1.1 2018-11-02 21:58:08 -07:00
Jörg Thalheim
5ea21ad32a
Merge pull request #49629 from marsam/feature/fixes-pyre
pyre: 0.0.14 -> 0.0.17
2018-11-03 02:32:16 +00:00
Matthew Bauer
78ca6d885f stage.nix: pkgsi686Linux only works on x86 family
aarch64 cpus are going to break on pkgsi686Linux packages.

See this error:

https://hydra.nixos.org/build/82962379/
2018-11-02 21:24:55 -05:00
Matthew Bauer
e9db1e2917 grpc: disable werror for unknown warning option
This seems silly to do an error for. It breaks clang builds.
2018-11-02 21:24:55 -05:00
Matthew Bauer
3085f5fcb8 libobjc2: mark aarch64 as bad platform
Apparently some assembly has not been ported. This commit should fix
it:

b952a21abe (diff-e49aa4e60f8ccec1be46afc5e6ffcee5)

But no release has been made by the gnustep team yet!
2018-11-02 21:24:55 -05:00
Matthew Bauer
8bae7d328e
gsasl: disable check on darwin 2018-11-02 20:41:38 -05:00
Matthew Bauer
0923607ff7
gemrb: add libiconv
https://hydra.nixos.org/build/83508053/
2018-11-02 20:39:40 -05:00
Will Dietz
7959f77fad bup: 0.29.1 -> 0.29.2
https://github.com/bup/bup/blob/master/note/0.29.2-from-0.29.1.md
2018-11-02 20:10:03 -05:00
Florian Klink
9e491f732a gitlab: 11.4.3 -> 11.4.4
SSRF in Kubernetes integration
The GitLab Kubernetes integration was vulnerable to a SSRF issue which could allow an attacker to make requests to access any internal URLs. The issue is now mitigated in the latest release and is assigned CVE-2018-18843.
2018-11-03 01:49:49 +01:00
Florian Klink
93f8ff68ea
Merge pull request #49658 from mayflower/gitlab-refactor
gitlab: refactor and fix test
2018-11-03 01:49:23 +01:00
Jörg Thalheim
469cce069b
Merge pull request #49661 from dywedir/bat
bat: fix build on darwin
2018-11-03 00:22:22 +00:00
Matthew Bauer
791e98eb90
Add myself to a few CODEOWNERS paths 2018-11-02 19:07:08 -05:00
Vladyslav Mykhailichenko
d87a2481d2
bat: fix build on darwin 2018-11-03 02:06:08 +02:00
lewo
3fb4eb1c43 nixos/dockerPreloader: preload docker images (#49379)
This module permits to preload Docker image in a VM in order to reduce
OIs on file copies. This module has to be only used in testing
environments, when the test requires several Docker images such as in
Kubernetes tests. In this case,
`virtualisation.dockerPreloader.images` can replace the
`services.kubernetes.kubelet.seedDockerImages` options.

The idea is to populate the /var/lib/docker directory by mounting qcow
files (we uses qcow file to avoid permission issues) that contain images.

For each image specified in
config.virtualisation.dockerPreloader.images:
1. The image is loaded by Docker in a VM
2. The resulting /var/lib/docker is written to a QCOW file

This set of QCOW files can then be used to populate the
/var/lib/docker:
1. Each QCOW is mounted in the VM
2. Symlink are created from these mount points to /var/lib/docker
3. A /var/lib/docker/image/overlay2/repositories.json file is generated
4. The docker daemon is started.
2018-11-03 01:00:53 +01:00
zimbatm
f9bf6cef54
terraform_0_11: 0.11.8 -> 0.11.10 2018-11-03 00:52:24 +01:00
Arian van Putten
13effc913d terraform-providers: Bump all releases (#49582)
Does what it says on the tin. Auto-generated.
2018-11-03 00:50:35 +01:00
Matthew Bauer
29b4ac8e41 release-corss.nix: fix ppc-embedded name
s/powerpc-embedded/ppc-embedded
2018-11-02 18:42:58 -05:00
Thilo Uttendorfer
a3739a908c ansible-lint: fix install tests 2018-11-03 00:11:24 +01:00
Thilo Uttendorfer
c0d30e5f03 ansible_2_7: init at 2.7.1 2018-11-03 00:11:24 +01:00
Thilo Uttendorfer
e63509a651 ansible_2_6: 2.6.2 -> 2.6.7 2018-11-03 00:11:24 +01:00
Thilo Uttendorfer
de8a3e3125 ansible_2_5: 2.5.2 -> 2.5.11 2018-11-03 00:11:24 +01:00
Eric Wolf
79dace1b30 haskellPackages.sdl2: test-suite needs x server, so deactivate it 2018-11-03 00:11:11 +01:00
Renaud
4e8bed52ce
Merge pull request #49352 from talyz/master
nomachine-client: init at 6.3.6_1
2018-11-03 00:01:10 +01:00
Kevin Quick
411c665f33
yices: 2.6.0 -> 2.6.1 2018-11-02 15:49:09 -07:00
Robert Helgesson
1851203c7b
comfortaa: 2.004 -> 3.001 2018-11-02 23:38:37 +01:00
Robert Helgesson
6b9e570bc2
open-dyslexic: 2014-11-11 -> 2016-06-23 2018-11-02 23:29:29 +01:00