Charles Strahan
fc46895e86
hardening: allow user supplied flags to override
...
Put hardening flags before user supplied flags.
2018-03-06 00:30:09 -05:00
Charles Strahan
cc7ce57f86
hardening: clarify the whitelist logic
...
Per @Ericson2314's suggestion [1], make it more clear that the active
hardenings are decided via whitelist; the blacklist is merely for the
debug messages.
1: 36d5ce41d4 (r133279731)
2018-03-06 00:30:09 -05:00
Charles Strahan
9920923cde
hardening: fix careless bugs
...
I got a substitution backwards (used '+' instead of '-').
Also, this now works under `set -u` (had to fix a couple unbound
variable references).
2018-03-06 00:30:08 -05:00
Charles Strahan
0937df463f
hardening: fix bug/typo
2018-03-06 00:30:08 -05:00
Charles Strahan
9fe17b2153
hardening: fix #18995
2018-03-06 00:30:00 -05:00
Vladimír Čunát
a373fe8322
makeInitrd: explain why we don't use closureInfo
...
/cc #36268 .
2018-03-05 13:04:55 +01:00
Eelco Dolstra
165b32d386
Revert "makeInitrd: Use closureInfo"
...
This reverts commit 776a5e6ebf
.
Fixes #36268 .
2018-03-05 12:49:59 +01:00
Franz Pletz
0f78afdf25
Merge pull request #32248 from awakesecurity/parnell/fetchdocker
...
Support fetching docker images from V2 registries
2018-03-04 17:10:27 +00:00
Vladimír Čunát
b70c93f211
Merge branch 'master' into nix-2.0
2018-03-03 18:02:35 +01:00
Shea Levy
95579af5ec
Merge remote-tracking branch 'origin/staging' into cross-nixos
2018-03-01 14:56:58 -05:00
Tuomas Tynkkynen
b8b2225f6b
Merge remote-tracking branch 'upstream/master' into staging
2018-03-01 06:09:20 +02:00
Shea Levy
6a32291523
makeModulesClosure: Fix cross-compilation
2018-02-28 15:01:32 -05:00
Shea Levy
7f623cfa45
callCabal2nix: Fix filtering for non-cleanSourceable sources.
...
What was here before wasn't correct anyway, and now it works in
restricted mode.
Fixes #35207
2018-02-28 14:22:19 -05:00
Tuomas Tynkkynen
34f95d92a2
Merge remote-tracking branch 'upstream/master' into staging
...
Conflicts:
pkgs/applications/misc/pytrainer/default.nix
pkgs/development/tools/pew/default.nix
pkgs/tools/misc/you-get/default.nix
2018-02-28 20:52:49 +02:00
Will Dietz
f14ff86ec9
bintools-wrapper: fix breakage on aarch64, where "isArm" is false
...
Unintentionally changed in #35247
2018-02-28 09:42:13 -06:00
John Ericson
dfc5d7835d
Merge pull request #35247 from telent/mips32
...
lib, treewide: Add missing MIPS arches, and fix existing usage
2018-02-27 14:01:15 -05:00
Eelco Dolstra
0d00215880
Cleanup
2018-02-27 19:59:26 +01:00
John Ericson
4a29081a94
Merge pull request #35071 from oxij/stdenv/infopages
...
stdenv, bash: fixing info pages and stuff
2018-02-26 18:06:11 -05:00
Jan Malakhovski
f1074211ce
cc-wrapper: allow building without documentation, propagate info pages
2018-02-26 22:42:33 +00:00
Jan Malakhovski
0ab1067d12
bintools-wrapper: allow building without documentation
2018-02-26 22:42:32 +00:00
Vladimír Čunát
f5ce8f86df
Revert "Merge staging at '8d490ca9934d0' into master"
...
This reverts commit fc23242220
, reversing
changes made to 754816b84b
.
We don't have many binaries yet. Comment on the original merge commit.
2018-02-26 22:53:18 +01:00
Frederik Rietdijk
fc23242220
Merge staging at '8d490ca9934d0c01e1e9ade455657e54e2e843c0' into master
2018-02-26 13:05:32 +01:00
Frederik Rietdijk
4f08b0fbac
Merge remote-tracking branch 'upstream/master' into HEAD
2018-02-26 10:50:18 +01:00
Jan Tojnar
a31d98f312
tree-wide: autorename gnome packages to use dashes
2018-02-25 17:41:16 +01:00
Jörg Thalheim
de87c0348c
Merge pull request #35176 from abbradar/update-vm
...
vmTools: update distributions
2018-02-24 10:08:17 +00:00
Daniel Barlow
9c50ae6898
lib, treewide: Add missing MIPS arches, and fix existing usage
...
Existing "mips64el" should be "mipsel".
This is just the barest minimum so that nixpkgs can recognize them as
systems - although required for building individual derivations onto
MIPS boards, it is not sufficient if you want to actually build nixos on
those targets
2018-02-23 20:43:42 -05:00
Eelco Dolstra
8c6f9223d0
Merge pull request #35402 from shlevy/closure-info-total-size
...
closureInfo: Report the total closure size.
2018-02-23 17:02:33 +01:00
Shea Levy
adf8074abe
closureInfo: Report the total closure size.
...
This can be useful for e.g. preallocating disk image sizes.
2018-02-23 10:52:37 -05:00
Nikolay Amiantov
a984be41ab
Merge branch 'master' into staging
2018-02-23 18:51:08 +03:00
Eelco Dolstra
776a5e6ebf
makeInitrd: Use closureInfo
2018-02-23 16:41:31 +01:00
Yurii Rashkovskii
e1aecec4cd
build-support/rust: make use of abandoned cargoUpdateHook
...
Previously, cargoUpdateHook was meaningful as it was used
in
[`cargo-fetch-deps`](19d3cf81d3/pkgs/build-support/rust/fetch-cargo-deps (L71)
).
However, this entire file was removed in
5f8cf0048e
. As far as I can
tell, nothing in the code is using it, but it is still
being passed around:
https://github.com/NixOS/nixpkgs/search?q=cargoUpdateHook&type=Code&utf8=%E2%9C%93
There are, however, legitimate use cases for it. For example,
in some software, some dependencies are not locked in Cargo.toml
and this causes Cargo to try fetching another version of them.
This doesn't work well with vendoring crates.
This hook allows to inject patching or whatever necessary workarounds
in the crate vendoring process. I suppose that's what it was for
in there in the first place.
This patch restores this hook and makes it usable again.
2018-02-23 11:17:03 +07:00
Eelco Dolstra
d12c9911df
Merge remote-tracking branch 'origin/master' into nix-2.0
2018-02-22 17:28:51 +01:00
John Ericson
e42e6d2f0e
Merge pull request #35266 from abbradar/cc-bools
...
cc-wrapper: fix bool handling for empty and zero values
2018-02-21 17:00:42 -05:00
Nikolay Amiantov
9a9c2e6579
cc-wrapper: fix bool handling for empty and zero values
...
Before the code would fail silently for zero values and with some output for
empties. We now currently handle both via defaulting value to zero and making
`let` return success error code when there's no syntax error.
2018-02-21 23:54:31 +03:00
Nikolay Amiantov
c811c35b9c
vmTools: update distributions
...
Drop currently unsupported releases.
Add Fedora 26 and 27.
Update CentOS.
Add Debian 9.
Add Ubuntu 17.10.
2018-02-21 15:41:46 +03:00
Nikolay Amiantov
430e0f4a80
buildBazelPackage: init
...
A separate function for building Bazel-bazed packages. Internally it splits the
build into two phases, fetching and building.
Users are expected to provide `fetchArgs.sha256` -- checksum of fetched
dependencies. Local dependencies should be removed in `fetchArgs.preInstall`.
Overall `fetchArgs` and `buildArgs` can be used to add specific steps to fetch
and build.
2018-02-20 20:39:49 +03:00
Jörg Thalheim
c7aa4fd65b
Merge pull request #35177 from abbradar/fix-debbuild
...
debBuild: install all packages at once to avoid dependency management
2018-02-20 11:07:44 +00:00
Jörg Thalheim
f61e8d98ff
rust: 1.22.1 -> 1.24.0
2018-02-20 09:59:26 +00:00
Pierre-Etienne Meunier
8e5ab6e7ac
BuildRustCrate: more general overrides, and handling the "dylib" crate type ( #35171 )
...
* buildRustCrate: adding a symlink from libblah-xxxxx.so to libblah.so
* BuildRustCrate: overriding phases
* Carnix: 0.6.5 -> 0.6.6
* Fixing symlink_dependencies --buildDep
* Shorter symlink_dependencies
* running `runHook postBuild` *after* the build
2018-02-20 08:55:04 +01:00
Nikolay Amiantov
c55b2fa7cd
debBuild: install all packages at once to avoid dependency management
2018-02-19 16:07:40 +03:00
Jan Malakhovski
a89899ce4e
fetchurl: cleanup, better errors
...
Also fix what seems like bugs in uncommon `stdenv`s.
2018-02-18 14:24:53 +00:00
Vladimír Čunát
b5aaaf87a7
Merge staging and PR #35021
...
It's the last staging commit (mostly) built on Hydra,
and a minimal fix for Darwin regression in pysqlite.
2018-02-16 09:13:12 +01:00
Matthew Justin Bauer
a5e28a554e
nix-buffer: make eshell-path-env be inherited
2018-02-15 17:30:59 -06:00
Nikolay Amiantov
56e0943b08
makeModulesClosure: support firmware
...
Link it in stage 1.
2018-02-16 00:11:07 +02:00
Frederik Rietdijk
672bb6b4ab
Merge remote-tracking branch 'upstream/master' into HEAD
2018-02-14 21:30:08 +01:00
Timo Kaufmann
dc53518dc3
buildRustPackage: Restrict find
to files
...
`find -executable` finds everything with the executable bit set,
including directories. Thats not harmful in this scenario as `cp` won't
copy those directories, but it does result in a few warning messages.
2018-02-14 17:27:03 +01:00
Antoine Eiche
ce838e52b9
dockerTools.buildImage: do not add /nix/store in the tar stream
...
Since the /nix/store directory is not immutable, tar can fails if it
has to push it into the layer archive.
Fixes #34137 .
2018-02-14 06:40:41 +01:00
Parnell Springmeyer
0a603ee165
Merge remote-tracking branch 'upstream/master' into parnell/fetchdocker
2018-02-13 17:28:45 -06:00
Stewart Mackenzie
a5cabdb6b1
buildRustCrate: add a postInstall phase ( #34906 )
2018-02-13 17:28:32 +01:00
Will Dietz
d5916a84cf
bintools-wrapper: teach about musl dynamic linkers
2018-02-13 09:44:33 -06:00
Shea Levy
038b893338
Merge branch 'patch-9' of git://github.com/matthewbauer/nixpkgs
2018-02-12 09:33:25 -05:00
Peter Hoeg
8016f9b4c9
Merge pull request #34611 from peterhoeg/p/descent
...
descent 1 & 2: use assets from gog.com with the dxx-rebirth project
2018-02-12 22:31:41 +08:00
Peter Hoeg
126cc690ac
build-support gogUnpackHook: support for unpacking games from gog.com
2018-02-12 22:28:06 +08:00
Matthew Justin Bauer
5b59084e00
Filter nix-buffer packages
...
Null packages cause an error
2018-02-11 21:52:16 -06:00
pe@pijul.org
113591c803
defaultCrateOverrides: add pq-sys
...
fixes #34228
2018-02-10 06:59:56 -06:00
pe@pijul.org
508bf1b318
defaultCrateOverrides: add thrussh-libsodium
2018-02-10 06:59:56 -06:00
aszlig
1cba74dfc1
setup-hooks: Add autoPatchelfHook
...
I originally wrote this for packaging proprietary games in Vuizvui[1]
but I thought it would be generally useful as we have a fair amount of
proprietary software lurking around in nixpkgs, which are a bit tedious
to maintain, especially when the library dependencies change after an
update.
So this setup hook searches for all ELF executables and libraries in the
resulting output paths after install phase and uses patchelf to set the
RPATH and interpreter according to what dependencies are available
inside the builder.
For example consider something like this:
stdenv.mkDerivation {
...
nativeBuildInputs = [ autoPatchelfHook ];
buildInputs = [ mesa zlib ];
...
}
Whenever for example an executable requires mesa or zlib, the RPATH will
automatically be set to the lib dir of the corresponding dependency.
If the library dependency is required at runtime, an attribute called
runtimeDependencies can be used to list dependencies that are added to
all executables that are discovered unconditionally.
Beside this, it also makes initial packaging of proprietary software
easier, because one no longer has to manually figure out the
dependencies in the first place.
[1]: https://github.com/openlab-aux/vuizvui
Signed-off-by: aszlig <aszlig@nix.build>
Closes : #34506
2018-02-10 00:27:24 +05:30
Eelco Dolstra
5193807750
VM tests: Initialize the Nix database with correct NAR hashes/sizes
2018-02-07 15:49:02 +01:00
gnidorah
810a19bab3
way-cooler: 0.6.2 -> 0.8.0
2018-02-04 05:17:53 +03:00
Jörg Thalheim
2a2c8eab26
rust: fix evaluation
2018-02-04 00:09:00 +00:00
Jörg Thalheim
6580b18d3f
cargo-vendor: move to all-packages
2018-02-03 22:35:27 +00:00
pe@pijul.org
8f20e7ce3a
carnix: 0.6.0 -> 0.6.5
2018-02-03 22:31:54 +00:00
Jörg Thalheim
8ee54334e9
Merge pull request #33980 from thefloweringash/cargo-vendor-carnix
...
cargo-vendor: Build from source using carnix
2018-02-03 10:28:57 +00:00
Tuomas Tynkkynen
10c8e6d0c5
Merge remote-tracking branch 'upstream/master' into staging
2018-02-03 02:50:21 +02:00
Vladimír Čunát
2fb4606f38
Merge branch 'master' into staging
...
Haskell rebuild.
Hydra: ?compare=1430378
2018-02-01 09:36:23 +01:00
Shea Levy
943592f698
Add setFunctionArgs lib function.
...
Among other things, this will allow *2nix tools to output plain data
while still being composable with the traditional
callPackage/.override interfaces.
2018-01-31 14:02:19 -05:00
Tuomas Tynkkynen
71631a922b
runInLinuxVM: Use QEMU command line that works on other architectures
...
... by moving the existing definition to qemu-flags.nix and reusing
that.
2018-01-30 16:57:27 +02:00
Tuomas Tynkkynen
8c4f8c51a6
runInLinuxVM: Don't hardcode x86-specific serial device
2018-01-30 16:57:27 +02:00
Vladimír Čunát
2d2dbe083f
Merge branch 'master' into staging
...
Hydra: ?compare=1429281
2018-01-27 09:14:22 +01:00
John Ericson
57b01b1bcf
lib, openssl: Get rid of openssl.system
...
We compute it on the fly, careful to avoid any mass rebuilds for now.
2018-01-26 21:22:00 -05:00
Pierre-Etienne Meunier
6fbaa05dd1
Carnix 0.6 ( #34238 )
2018-01-26 10:53:18 +00:00
Will Dietz
0e95bed017
nix-prefetch-git: fix extraction of submodule hashes on latest git
...
Summary:
According to git-submodule manpage,
"git submodule status" prefixes the hash with a '-' if it is not
initialized, and other chars in other circumstances.
(this is consistent on the various git versions tested)
nix-prefetch-git runs "git submodule init" which does you'd think,
but apparently despite this earlier versions of git before 2.16
would still give the hash the '-' suffix.
In particular this is the behavior when using 2.15 and 2.14.1
from the nixos-17.09 and nixos-17.03 channels respectively.
The script then used awk to drop the first char of the first field
which does the wrong thing when there is no prefix emitted:
while there is a space character before the hash, this is not
part of the field and so we ended up eating the first character
of the hash.
To fix this in a way that also works with the previous behavior,
this commit instead uses awk to grab the hash field
and uses tr to delete any '-' chars should they be present.
This seems to work in my testing, and for example can now
successfully fetch the source for "nginxModules.brotli"
where previously it would generate an error:
fatal: '22564a95d9ab58865a096b8d9f7324ea5f2e03e' is not a commit and a branch 'fetchgit' cannot be created from it
(we dropped a '2' from the beginning of the hash)
2018-01-24 20:18:59 +02:00
Frederik Rietdijk
6b0873440b
Merge remote-tracking branch 'upstream/master' into HEAD
2018-01-22 16:09:11 +01:00
Tuomas Tynkkynen
95880aaf06
nixos/initrd: Don't include some x86-specific modules unconditionally
2018-01-22 12:53:33 +02:00
Tuomas Tynkkynen
44326993f4
build-support/vm: Autodetect kernel filename
...
It's 'Image' on AArch64.
2018-01-22 12:53:24 +02:00
Yegor Timoshenko
4b1b6ee6d1
patchShebangs: preserve times, resolves #33084
...
Close #33281 . Edits by vcunat:
- use Eelco's idea: empty file instead of full copy
- use longer name suffix to decrease the likelihood of collision
2018-01-21 12:09:07 +01:00
John Ericson
5708396f47
Merge pull request #34018 from obsidiansystems/fetchpatch
...
fetchpatch: Add support for an arbitrary extra prefix
2018-01-18 12:39:39 -05:00
John Ericson
9bd437d4b4
fetchpatch: Add support for an arbitrary extra prefix
...
We still ensure the old and new ones start, respectfully, with `a/` and
`b/`. Use with `stripLen` to ensure tha the old `a/` and `/b` are gone
if a new prefix is added.
2018-01-18 12:19:49 -05:00
Andrew Childs
be797f7e1c
cargo-vendor: Build from source using carnix
...
Removes a binary bootstrap, and enables cargo-vendor on aarch64.
2018-01-18 20:44:42 +09:00
Andrew Childs
62dcb3d5d0
buildRustCrate: Allow arbitrary attributes in crateOverrides
2018-01-18 20:42:00 +09:00
Tuomas Tynkkynen
6ed0fe7e45
Merge remote-tracking branch 'upstream/master' into staging
...
Conflicts:
pkgs/build-support/fetchbower/default.nix
pkgs/build-support/fetchdarcs/default.nix
pkgs/build-support/fetchgx/default.nix
pkgs/development/python-modules/botocore/default.nix
pkgs/os-specific/linux/firmware/firmware-linux-nonfree/default.nix
pkgs/tools/admin/awscli/default.nix
2018-01-14 21:18:27 +02:00
Shea Levy
4e78aeb441
callCabal2nix: Fix calling with a path in the store.
2018-01-11 10:17:56 -05:00
John Ericson
e017a027d5
Merge pull request #33681 from obsidiansystems/fixed-output-deps
...
Fixed output deps
2018-01-10 14:28:10 -05:00
Parnell Springmeyer
e4ec980e9c
Merge remote-tracking branch 'upstream/master' into parnell/fetchdocker
2018-01-10 10:13:49 -08:00
John Ericson
888404f11b
treewide: Fix deps in a few other fixed output derivations
2018-01-10 11:18:44 -05:00
John Ericson
940c4fa3f5
treewide: Fetchers should use stdenvNoCC
.
2018-01-10 11:18:44 -05:00
John Ericson
3d59b4d285
treewide: Fixed output fetch* derivations should use nativeBuildInputs
2018-01-09 20:14:46 -05:00
Robin Gloster
7c5430c27c
Revert "rust: store the cargo-vendor config"
...
This reverts commit 0af2c5891b
.
See 0af2c5891b (commitcomment-26737983)
This breaks the cargoSha256 hashes.
2018-01-09 15:03:03 +01:00
Will Dietz
9721ed22e8
schedulingPriority should be an int, fix check-meta type and in-tree use
2018-01-09 07:25:24 -06:00
zimbatm
0af2c5891b
rust: store the cargo-vendor config
...
cargo-vendor generates almost the right cargo config. Store it with the
vendored files and patch it on use.
This allows to re-use the generated config when using git dependencies.
2018-01-09 03:37:53 +01:00
Vladimír Čunát
5837d1a070
Merge branch 'master' into staging
2018-01-08 17:33:31 +01:00
Will Dietz
21f7b2b3f2
vmTools: omit '-drive ...' entirely instead of using /dev/null
...
Fixes #33378 .
2018-01-07 17:50:44 +02:00
Daiderd Jordan
5a02143c20
Merge pull request #33010 from LnL7/cacert-hook
...
cacert: add hook that sets SSL_CERT_FILE
2018-01-07 09:55:15 +01:00
dywedir
10e22d53ad
carnix: 0.5.0 -> 0.5.2
2018-01-06 13:53:23 +01:00
Will Dietz
40b2647b69
gcc-wrapper-old: grab name of dynamicLinker for bintools
2018-01-05 18:55:13 -06:00
Shea Levy
0f925943fd
Fix emacsWithPackages after 7f3ca3e21a
.
...
This is hacky but it does the job, resurrects findInputs from before staging merge
2018-01-04 12:15:55 -05:00
Frederik Rietdijk
1869e7e5b0
Merge remote-tracking branch 'upstream/master' into HEAD
2018-01-01 15:09:55 +01:00
Wei-Ming Yang
70e9b60b33
dockerTools.examples: correct a typo in comments
...
This commit is for correcting a typo in comments.
2018-01-01 16:13:40 +08:00
Vladimír Čunát
1fcd92ce92
Merge branch 'master' into staging
...
A few thousand rebuilds from master, again.
Hydra: ?compare=1422362
2017-12-31 09:53:49 +01:00
John Ericson
64965e8224
Merge pull request #29483 from veprbl/hardening_unsupported_flags
...
cc-wrapper: allow compilers to specify unsupported hardening modes
2017-12-30 23:25:43 -05:00
Yegor Timoshenko
60a133f9d0
Merge pull request #33139 from yegortimoshenko/20171228.053707/chrootenv
...
chrootenv: rewrite on top of GLib
2017-12-31 06:59:31 +03:00
John Ericson
4d2b763817
Merge pull request #26805 from obsidiansystems/cross-elegant
...
Make cross compilation elegant
2017-12-30 22:58:02 -05:00
John Ericson
469fd89832
stdenv-setup: Ease the transition with native builds
...
- All deps go on the PATH
- CC and Bintools wrappers with their host != depender's host still get their
setup hooks run.
- Environment hooks get applied to all packages
This isn't so elegent, but eases the transition on a very significant
PR.
2017-12-30 22:04:23 -05:00
John Ericson
046f091e0d
treewide: Don't use envHook anymore
...
This commits needs a MAJOR audit as I oftentimes just guessed which of
`$hostOffset`, `$targetOffset`, or a fixed offset should be used.
2017-12-30 22:04:22 -05:00
John Ericson
a1cdc2011e
strip setup hook: Learn about only stripping host/target binaries alone
...
`dontStrip` is still a catch-all, but `dontStripHost` and
`dontStripTarget` are also now available for finer-grained disabling.
2017-12-30 22:04:22 -05:00
John Ericson
3a50395ef2
{bintools,cc}-wrapper: extraPackages should be depsTargetTargetPropagated
...
They are libraries used by programs built with these tools, not used by the
tools themselves.
2017-12-30 22:04:21 -05:00
John Ericson
a036473a0a
{bintools,cc}-wrapper: Fix setup hook to respect the role of the cc-compiler
...
We now have the information to properly determine the role the
cc-wrapper dependency has, by taking advantage of `offset`. No longer
use the soon-to-be-deprecated crossConfig environment variable, the
temp hack used before this change.
2017-12-30 22:04:21 -05:00
Yegor Timoshenko
4b1cf5afb8
chrootenv: rewrite on top of GLib
...
Changes:
* doesn't handle root user separately
* doesn't chdir("/") which makes using it seamless
* only bind mounts, doesn't symlink (i.e. files)
Incidentally, fixes #33106 .
It's about two times shorter than the previous version, and much
easier to read/follow through. It uses GLib quite heavily, along with
RAII (available in GCC/Clang).
2017-12-30 22:28:38 +00:00
Dmitry Kalinkin
6d9769663d
cc-wrapper: allow compilers to specify unsupported hardening modes
...
Fixes: 0fd7ef61b2 ('clang_34: Disable hardening bits (#28543 )')
2017-12-30 12:23:25 -05:00
John Ericson
eb27be0731
Merge pull request #33186 from obsidiansystems/cross-binutils
...
binutils: Fix cross, again
2017-12-29 17:42:38 -05:00
John Ericson
cc44e04472
bintools-wrapper: Define fallback default emulation
...
This ensures we by-default cross-compile to the intended platform.
2017-12-29 17:32:28 -05:00
Jörg Thalheim
c333e9b348
Merge pull request #32302 from andir/uwimap-pollution
...
uwimap pollution of `include/`
2017-12-29 00:08:26 +01:00
Yegor Timoshenko
25b35f4ffb
chrootenv: resolve potential race condition
2017-12-28 00:25:02 +00:00
Daiderd Jordan
091c2b9f04
cacert: cleanup exporting SSL_CERT_FILE
2017-12-27 21:36:32 +01:00
Joachim F
e6542d0609
Merge pull request #32916 from jbedo/singularity-2.4
...
singularity: 2.2 -> 2.4
2017-12-25 13:30:42 +00:00
Orivej Desh
c4be328f98
Merge pull request #32814 from fahadsadah/patch-1
...
build-support: clean-up fetchSvn
2017-12-24 01:24:56 +00:00
Yegor Timoshenko
73a0d95b96
chrootenv: code review
...
* Wrap LEN macro in parantheses
* Drop env_filter in favor of stateful environ_blacklist_filter,
use execvp instead of execvpe, don't explicitly use environ
* Add argument error logging wherever it makes sense
* Drop strjoin in favor of asprintf
* char* -> const char* where appropriate
* Handle stat errors
* Print user messages with fputs, not errorf
* Abstract away is_str_in (previously bind_blacklisted)
* Cleanup temporary directory on error
* Some minor syntactic and naming changes
Thanks to Jörg Thalheim and Tuomas Tynkkynen for the code review!
2017-12-22 18:56:13 +03:00
Yegor Timoshenko
710662be94
chrootenv: error on chrootenv-inside-chrootenv, resolves #32802
2017-12-22 18:56:13 +03:00
Yegor Timoshenko
0234cd41b4
chrootenv: replace env whitelist with blacklist, closes #32878
2017-12-22 18:56:13 +03:00
Yegor Timoshenko
c03663a145
chrootenv: bind-mount all dirs in /, symlink files, closes #32877
2017-12-22 18:56:13 +03:00
Yegor Timoshenko
ef1accae91
chrootenv: print sysctl command for Debian users, fixes #32876
2017-12-22 18:56:13 +03:00
Justin Bedo
db927ea35b
singularity: 2.2 -> 2.4
2017-12-21 10:50:06 +11:00
zimbatm
adc5c9b83d
mkShell: add builder ( #30975 )
2017-12-20 23:42:07 +00:00
Orivej Desh
e2c8655405
ld-is-cc-hook: init
...
This hook sets LD to CC, for use with software that works as if LD=$CC when LD
is unset, and does not work when LD=ld.
2017-12-19 01:45:42 +00:00
Orivej Desh
170a964815
makeSetupHook: make the default name "hook" overridable
...
for occasional convenience while looking at drv paths,
such as in the output of nix-build and nix-diff.
2017-12-19 01:41:31 +00:00
Fahad Sadah
60e937b8b2
build-support: tidy fetchSvn
...
Remove old workaround rendered unnecessary by af9db522cf
2017-12-18 15:56:53 +00:00
Orivej Desh
7c58e8dfc2
Merge branch 'master' into staging
...
* master: (125 commits)
scummvm: fix eval
tinycc: 0.9.27pre-20171016 -> 0.9.27
Update terraform provider versions
vscode: 1.18.1 -> 1.19.0
linux: 4.14.6 -> 4.14.7
scummvm: 1.9.0 -> 2.0.0
cmst: 2017.03.18 -> 2017.09.19
albert: 0.14.7 -> 0.14.14
obs-studio: fix vlc plugin
ffmpeg, ffmpeg-full: 3.4 -> 3.4.1
uchiwa: 0.26.3 -> 1.1.0
linux-testing: 4.15-rc3 -> 4.15-rc4
steam: override nss, nspr, fixes #32781
ponyc: 0.20.0 -> 0.21.0
pythonPackages.pwntools: disable tests
gnome3.gnome-tweak-tool: 3.26.3 → 3.26.4
vim-rhubarb: init at 2017-06-28
atom: depend on libsecret
nvidia-settings: Make sure binary can find libXv.so
backblaze-b2: 0.6.2 -> 1.1.0
...
2017-12-18 15:56:03 +00:00
Orivej Desh
eca6ab79f1
Merge pull request #32498 from dylex/patch-1
...
Don't set cxx_stdlib when nativeTools on linux
2017-12-17 04:24:19 +00:00
Dylan Simon
0c62b7cd74
cc-wrapper: don't set cxx_stdlib when nativeTools is true
...
There are no gcc paths on nativeTools, and cc isn't set.
2017-12-17 04:23:54 +00:00
Vladimír Čunát
24d81d6332
Merge branch 'master' into staging
2017-12-15 21:40:23 +01:00
Orivej Desh
76a97fdb31
libredirect: add description
...
Fixes #32675
2017-12-14 19:03:35 +00:00
John Ericson
a0b1ebeee9
Merge remote-tracking branch 'upstream/staging' into binutils-wrapper
2017-12-13 16:14:47 -05:00
John Ericson
7ef4448c97
Merge commit '9d8f9b2e531bf95a700a949d879927fb6996ffc9' into binutils-wrapper
2017-12-13 16:08:36 -05:00
John Ericson
99806c5e12
bintools-wrapper: Create man and info outputs propagated underlying ones
...
These will be installed if the wrappers are. The wrappers aren't very
good to install, but that's another matter.
2017-12-13 16:08:19 -05:00
John Ericson
ef178be597
bintools-wrapper: Support ld.ldd, along with ld.bfd and ld.gold
...
Also make the code more precise in the process
2017-12-13 16:08:18 -05:00
John Ericson
b8a21aa918
misc setup-hooks: Use env vars to refer to binutils programs
...
This is more robust for cross-compilation
2017-12-13 16:08:18 -05:00
John Ericson
2bba929062
bintools-wrapper: Import separately from cc-wrapper
2017-12-13 16:08:18 -05:00
John Ericson
8e557ed2c5
bintools-wrapper: Init
...
Factor a bintools (i.e. binutils / cctools) wrapper out of cc-wrapper. While
only LD is wrapped, the setup hook defines environment variables on behalf of
other utilites.
2017-12-13 16:08:18 -05:00
John Ericson
4f869bccc1
cc-wrapper: Don't treat "-" alone as a flag
...
It means stdin, and is morally equivalent to passing a file. e.g.
$ echo 'int main(void) { return 0; }' | gcc -x c -
will compile and link a binary.
2017-12-13 16:08:17 -05:00
John Ericson
bdd6c037c0
cc-wrapper: Use separate mangler for "bool" variables
...
This avoids any `NIX_FOOBAR=1 1` not triggering conditions.
2017-12-13 16:08:17 -05:00
John Ericson
fc7ed86915
cc-wrapper: Pull variable mangler into utils.sh
...
In preparation for splitting out bintools-wrapper
2017-12-13 16:08:13 -05:00
Graham Christensen
105d9519c1
Merge remote-tracking branch 'origin/master' into staging
2017-12-12 20:06:36 -05:00
Graham Christensen
e5629dc51a
Merge pull request #32365 from vcunat/p/check-meta
...
check meta, treewide
2017-12-12 18:55:23 -05:00
Vladimír Čunát
3a110ea3f9
treewide platform checks: abort
-> throw
...
They aren't meant to be critical (uncatchable) errors.
Tested with nix-env + checkMeta:
[ "x86_64-linux" "i686-linux" "x86_64-darwin" "aarch64-linux" ]
2017-12-12 18:08:10 -05:00
Vladimír Čunát
c2b679516f
Merge branch 'master' into staging
2017-12-12 21:08:16 +01:00
Tuomas Tynkkynen
0d27df280f
build-support/vm: Use devtmpfs, not static device nodes
...
In 2017, there is no reason to create a static /dev.
2017-12-12 14:31:50 +02:00
Eelco Dolstra
2d4fdc1b9e
debian: 8.9 -> 8.10
2017-12-12 13:14:17 +01:00
Pierre-Étienne Meunier
4348b7f2d0
carnix: init at 0.5.0
...
fixes #31150
2017-12-12 04:59:12 -06:00
Pierre-Étienne Meunier
5a0d954156
add buildRustCrate function to build rust crates
2017-12-12 04:58:45 -06:00
Pierre-Étienne Meunier
ea232fe29d
add fetchCrate function to fetch rust crates
2017-12-12 04:58:45 -06:00