The current version of v8 breaks builds of nodejs, mongodb and
rethinkdb. So let's bring back the old package with annoying _3_14
version suffix so hopefully the corresponding maintainers will get rid
of that dependency :-)
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This currently only passes through the arguments and is nothing more
than the foundation of the new structure. In essence, I want to have a
really small default.nix which is then going down into the respective
subparts that are isolated from each other.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This is needed by Chromium and is part of the zlib source tree in
contrib/, so let's propagate the version of zlib and use the same source
tree.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Note that systemd no longer depends on dbus, so we're rid of the
cyclic dependency problem between systemd and dbus.
This commit incorporates from wkennington's systemd branch
(203dcff45002a63f6be75c65f1017021318cc839,
1f842558a95947261ece66f707bfa24faf5a9d88).
This module implements a significant refactoring in grsecurity
configuration for NixOS, making it far more usable by default and much
easier to configure.
- New security.grsecurity NixOS attributes.
- All grsec kernels supported
- Allows default 'auto' grsec configuration, or custom config
- Supports custom kernel options through kernelExtraConfig
- Defaults to high-security - user must choose kernel, server/desktop
mode, and any virtualisation software. That's all.
- kptr_restrict is fixed under grsecurity (it's unwriteable)
- grsecurity patch creation is now significantly abstracted
- only need revision, version, and SHA1
- kernel version requirements are asserted for sanity
- built kernels can have the uname specify the exact grsec version
for development or bug reports. Off by default (requires
`security.grsecurity.config.verboseVersion = true;`)
- grsecurity sysctl support
- By default, disabled.
- For people who enable it, NixOS deploys a 'grsec-lock' systemd
service which runs at startup. You are expected to configure sysctl
through NixOS like you regularly would, which will occur before the
service is started. As a result, changing sysctl settings requires
a reboot.
- New default group: 'grsecurity'
- Root is a member by default
- GRKERNSEC_PROC_GID is implicitly set to the 'grsecurity' GID,
making it possible to easily add users to this group for /proc
access
- AppArmor is now automatically enabled where it wasn't before, despite
implying features.apparmor = true
The most trivial example of enabling grsecurity in your kernel is by
specifying:
security.grsecurity.enable = true;
security.grsecurity.testing = true; # testing 3.13 kernel
security.grsecurity.config.system = "desktop"; # or "server"
This specifies absolutely no virtualisation support. In general, you
probably at least want KVM host support, which is a little more work.
So:
security.grsecurity.enable = true;
security.grsecurity.stable = true; # enable stable 3.2 kernel
security.grsecurity.config = {
system = "server";
priority = "security";
virtualisationConfig = "host";
virtualisationSoftware = "kvm";
hardwareVirtualisation = true;
}
This module has primarily been tested on Hetzner EX40 & VQ7 servers
using NixOps.
Signed-off-by: Austin Seipp <aseipp@pobox.com>
- mark llvm34 as broken on darwin (so it doesn't install by default with nix-env)
- don't use our gcc for llvm_34 (might fix the build)
- switch also clang default to 3.3 on darwin (llvm was before)
Lockdep doesn't *really* require the kernel package - just the kernel
sources. It's really a user-space tool just compiled from some portable
code within the kernel, nothing more.
Signed-off-by: Austin Seipp <aseipp@pobox.com>
NB: This currently doesn't add a working musl-wrapper around musl-gcc to
allow it to work properly (musl has its own dynamic linker as well as
libc too which must be accounted for). But at the moment it builds fine,
and I plan on working more on it in the future. So lets get it
integrated and building on Hydra.
Signed-off-by: Austin Seipp <aseipp@pobox.com>
There are two versions here because beginning with 1.6.0, Boolector has
a more restrictive, unfree license which disallows commercial use.
As a result, Boolector 1.5 is the default 'boolector' expression.
Signed-off-by: Austin Seipp <aseipp@pobox.com>
- Vte, add gtk3 support, enable introspection, update to 0.35.90
- Spice-gtk, add gtk3 support
- gtk-vnc, add gtk3 support
- Add libvirt-glib (thanks @bjornfor)
- Add usbredir
- qemu, enable usbredir
- spice-gtk, enable usbredir
- virt-manager, update to 1.0.1
[Bjørn:
* Set namePrefix = "" to preserve package name "virt-manager"
(instead of "python2.7-virt-manager")
* Add dconf to GIO_EXTRA_MODULES to get persistent settings in
virt-manager. Without it:
GLib-GIO-Message: Using the 'memory' GSettings backend. Your settings will not be saved or shared with other applications.
* Add ${gtk3}/share to XDG_DATA_DIRS to unbreak "Take Screenshot"
feature (fixes "Settings schema 'org.gtk.Settings.FileChooser' is not installed")
* gtk-vnc: don't pull "pkgs" attrset for optionalString, use stdenv.lib.optionalString instead.
]
Lockdep is the kernel's locking validation/debugging tool and has seen
heavy pro-active usage and development. In Linux 3.14, it's now
available directly to userspace for the same purpose. It comes with a
convenient utility to LD_PRELOAD a shared library for validation, or a
user-space API to link to directly.
Signed-off-by: Austin Seipp <aseipp@pobox.com>
These are packages for precompiled ARM microcontroller compilers from
https://launchpad.net/gcc-arm-embedded.
[Bjørn: modify commit message (add paragraph).]
- Make dhcp work, use dhcpcd without udev in container
- Make login shell work, patch getty to not wait for /dev/tty0
- Make ssh work, sshd/pam do not start session
By default the jenkins server is executed under the user "jenkins". Which can be configured using
users.jenkins.* options. If a different user is requested by changing services.jenkins.user then
none of the users.jenkins options apply.
This patch does not include jenkins slave configuration. Some config options will probably change
when this is implemented.
Aspects like the user and environment are typically identical between slave and master. The service
configs are different. The design is for users.jenkins to cover the shared aspects while
services.jenkins and services.jenkins-slave cover the master and slave specific aspects,
respectively.
Another option would be to place everything under services.jenkins and have a config that selects
master vs slave.
Both branches have quite a lot in common, so it's time for a merge and
do the cleanups with respect to both implementations and also generalize
both implementations as much as possible.
This also closes#1876.
Conflicts:
pkgs/development/interpreters/lua-5/5.2.nix
pkgs/development/libraries/SDL/default.nix
pkgs/development/libraries/glew/default.nix
pkgs/top-level/all-packages.nix
At the moment, this includes only dyldinfo, dwarfdump and dsymutil, but
we'll see whether we need more of these utilities later.
Tho reason those are wrapped in cctools-port is because it is the
binutils used to cross-compile for Mac OS X.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This provides a port of Mac OS X's CoreFoundation and is needed if we
want to be able to run dsymutil using maloader.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Let's finally hook everything into the existing cross-building
infrastructure. We're using --with-sysroot instead of --with-headers
here, because the XCode SDK contains references to /usr/lib.
I've tried to patch those references, but unfortunately (at least with
install_name_tool) it isn't possible to change those refernces in stub
dylibs.
So after bugging @tpoechtrager with annoying questions (thanks again), I
think my initial approach (patching the SDK itself and/or regenerating
the dylib stubs) was way to complicated so I ended up with this
implementation.
Also, I've added a condition to binutilsCross to use cctools if the libc
is set to libSystem. This might need some cleanups someday, mainly to
figure out how to properly bridge cctools and binutils.
So, as an example on how to cross-compile GNU Hello to Darwin, you can
use something like this:
(import <nixpkgs> {
crossSystem = {
config = "x86_64-apple-darwin13";
arch = "x86_64";
libc = "libSystem";
platform = {};
};
}).hello.crossDrv
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This basically is binutils for Mac OS X, but ported to work on
(GNU/)Linux and FreeBSD.
And it's up-to-date as well! I'm mentioning this, because it was quite
hard to find a recent port of it and I just accidentally stumbled on it
while trying to do the port by myself.
So thanks to @tpoechtrager for doing this.
Also, I've added two more patches, which essentially are:
* ld-rpath-nonfinal:
This allows -rpath to be used for linking non-final builds, which
was allowed for earlier versions of cctools and got a check for
that in more recent versions.
* ld-ignore-rpath-link:
Ignores the -rpath-link option, because the cross-wrapper uses it
in different places. Unfortunately, the cctools linker doesn't
support it, so we might need to implement this later if it's
possible (I'm not a Mach-O man^H^H^Hexpert).
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This package provides the SDK and standard library needed for
cross-compiling to Mac US X. We're using xpwn here to extract the DMG.
Also, this version (XCode 5.0.2) only contains the SDKs for version 10.9
and 10.8, so we might need to add requireFile directives for older
versions as well.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This really hase some nice utilities for coping with HFS+ and DMG
format. We're going to use it for extracting the xcode DMG, but it could
be used for more, even generating DMGs.
The reason I'm using the fork instead of the repository from
@planetbeing is thet the fork contains a few fixes, especially for
dealing with symlinks in HFS+ images.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
I.e. append a suffix *before* the version, rather than after. So we
get "sqlite-interactive-3.8.0.2" instead of
"sqlite-3.8.0.2-interactive". The latter is broken since nix-env just
sees it the suffix as part of the version, so "nix-env -u" will
happily upgrade "sqlite-3.8.0.2-interactive" to "sqlite-3.9".
- import pkgs.lib by default, there's no reason why not
- Define `isPy*` helper functions for all python versions
- Define `pythonName` that returns unique python name based on `isPy*`
helpers
- Fix `python2.7` version detection
- Fix pythonPackages importing(with) for `python2.7` only packages
CAN userspace utilities and tools (for use with Linux SocketCAN).
There is no real "homepage" for this project (the only thing I could
find was the gitorious page) and they haven't produced any proper
releases (source archives and/or git tags), even though git history goes
back to 2006 and things seem stable.
Gqrx is a software defined radio receiver powered by GNU Radio and the Qt
GUI toolkit. It can process I/Q data from many types of input devices,
including Funcube Dongle Pro/Pro+, rtl-sdr, HackRF, and Universal
Software Radio Peripheral (USRP) devices.
http://gqrx.dk/
This is primarily going to be used for vmTools.runInWindowsVM, but in
theory, it could also work with Nix on CygWin which I haven't tested.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Mingw(32) is rather poorly maintaned and has quite a lot of bugs. And
because our Windows cross builds were also poorly maintained and most of
the cross-tests were broken as well, I'm just taking this step and try
to switch to mingw-w64 for everything "cross Windows".
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
The winpthreads library is part of the same source package, so let's
just override the name and the source directory.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Add 'keybinder' and 'python-notify' as dependencies. Fixes this:
$ terminator
[...]
Warning: python-keybinder is not installed. This means the hide_window shortcut will be unavailable
[...]
ActivityWatch plugin unavailable: please install python-notify
keybinder is a library for registering global keyboard shortcuts.
keybinder works with GTK-based applications using the X Window System.
https://github.com/engla/keybinder/
The bsddb module is apparently not compatible with db5 (or db48), so switch
back to db44. Fixes the following build error:
$ nix-build -A python26.modules
these derivations will be built:
/nix/store/5zcqmpa4iby0aa342psjph0byiyikm6h-python-bsddb-2.6.8.drv
building path(s) `/nix/store/qpsjyx7nmxhm9zq40674wr67dx8w6ycl-python-bsddb-2.6.8'
building /nix/store/qpsjyx7nmxhm9zq40674wr67dx8w6ycl-python-bsddb-2.6.8
unpacking sources
unpacking source archive /nix/store/2qwc1kd8allnaljm1z360lv9jsf8cfqy-Python-2.6.8.tar.bz2
source root is Python-2.6.8
patching sources
applying patch /nix/store/cfk04ans56xql9l6waqhqzzd60g9rzxi-search-path.patch
patching file setup.py
Hunk #1 succeeded at 424 (offset 145 lines).
applying patch /nix/store/dxscwf37hgq0xafs54h0c8xx47vg6d5g-nix-store-mtime.patch
patching file Python/import.c
Hunk #1 succeeded at 747 (offset -4 lines).
configuring
building
running build_ext
INFO: Can't locate Tcl/Tk libs and/or headers
Traceback (most recent call last):
File "./setup.py", line 2037, in <module>
main()
File "./setup.py", line 2032, in main
'Lib/smtpd.py']
File "/nix/store/xxzwak31qql6vq7v35xmq68zmjpfr5py-python-2.6.8/lib/python2.6/distutils/core.py", line 152, in setup
dist.run_commands()
File "/nix/store/xxzwak31qql6vq7v35xmq68zmjpfr5py-python-2.6.8/lib/python2.6/distutils/dist.py", line 975, in run_commands
self.run_command(cmd)
File "/nix/store/xxzwak31qql6vq7v35xmq68zmjpfr5py-python-2.6.8/lib/python2.6/distutils/dist.py", line 995, in run_command
cmd_obj.run()
File "/nix/store/xxzwak31qql6vq7v35xmq68zmjpfr5py-python-2.6.8/lib/python2.6/distutils/command/build_ext.py", line 340, in run
self.build_extensions()
File "./setup.py", line 249, in build_extensions
longest = max([len(e.name) for e in self.extensions])
ValueError: max() arg is an empty sequence
builder for `/nix/store/5zcqmpa4iby0aa342psjph0byiyikm6h-python-bsddb-2.6.8.drv' failed with exit code 1
error: build of `/nix/store/5zcqmpa4iby0aa342psjph0byiyikm6h-python-bsddb-2.6.8.drv' failed
Currently, the berkeley databases resuses a lot of the same code for the
expressions of each version. This consolidates all of the build routines
similar to that of the linux kernel.
This patch also adds version 6 of BDB.
