diff options
author | Frederik Rietdijk <fridh@fridh.nl> | 2020-11-29 13:51:10 +0100 |
---|---|---|
committer | Frederik Rietdijk <fridh@fridh.nl> | 2020-11-29 13:51:10 +0100 |
commit | 0d8491cb2b045e8a0b52bde121929b15a1d20196 (patch) | |
tree | d3740bc4c45a54ff299cb9a9bb0bc7cb8fa1e02d /pkgs/os-specific | |
parent | 9e062723b2d60d2be85268fb7eebb28abce0b5af (diff) | |
parent | 3a477cf32417b4c81c9fe42fbfb52c40b69fc110 (diff) |
Merge master into staging-next
Diffstat (limited to 'pkgs/os-specific')
-rw-r--r-- | pkgs/os-specific/linux/akvcam/default.nix | 31 | ||||
-rw-r--r-- | pkgs/os-specific/linux/bpftrace/default.nix | 4 | ||||
-rw-r--r-- | pkgs/os-specific/linux/firejail/default.nix | 9 | ||||
-rw-r--r-- | pkgs/os-specific/linux/firejail/fbuilder-call-firejail-on-path.patch | 11 | ||||
-rw-r--r-- | pkgs/os-specific/linux/firejail/mount-nix-dir-on-overlay.patch | 27 | ||||
-rw-r--r-- | pkgs/os-specific/linux/mcelog/default.nix | 4 | ||||
-rw-r--r-- | pkgs/os-specific/linux/sysdig/default.nix | 4 |
7 files changed, 84 insertions, 6 deletions
diff --git a/pkgs/os-specific/linux/akvcam/default.nix b/pkgs/os-specific/linux/akvcam/default.nix new file mode 100644 index 000000000000..9e7450775147 --- /dev/null +++ b/pkgs/os-specific/linux/akvcam/default.nix @@ -0,0 +1,31 @@ +{ lib, stdenv, fetchFromGitHub, kernel, qmake }: + +stdenv.mkDerivation rec { + pname = "akvcam"; + version = "1.1.1"; + + src = fetchFromGitHub { + owner = "webcamoid"; + repo = "akvcam"; + rev = version; + sha256 = "ULEhfF+uC/NcVUGAtmP1+BnrcgRgftNS97nLp81avQ8="; + }; + + nativeBuildInputs = [ qmake ]; + + qmakeFlags = [ + "KERNEL_DIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" + ]; + + installPhase = '' + install -m644 -b -D src/akvcam.ko $out/lib/modules/${kernel.modDirVersion}/akvcam.ko + ''; + + meta = with lib; { + description = "Virtual camera driver for Linux"; + homepage = "https://github.com/webcamoid/akvcam"; + maintainers = with maintainers; [ freezeboy ]; + platforms = platforms.linux; + license = licenses.gpl2; + }; +} diff --git a/pkgs/os-specific/linux/bpftrace/default.nix b/pkgs/os-specific/linux/bpftrace/default.nix index fc7c8ecba2da..9fbeda708e05 100644 --- a/pkgs/os-specific/linux/bpftrace/default.nix +++ b/pkgs/os-specific/linux/bpftrace/default.nix @@ -6,13 +6,13 @@ stdenv.mkDerivation rec { pname = "bpftrace"; - version = "0.11.0"; + version = "0.11.4"; src = fetchFromGitHub { owner = "iovisor"; repo = "bpftrace"; rev = "refs/tags/v${version}"; - sha256 = "02f2r731yj3fdc8341id1ksk4dma9rwm2765n2xgx2ldrrz5823y"; + sha256 = "0y4qgm2cpccrsm20rnh92hqplddqsc5q5zhw9nqn2igm3h9i0z7h"; }; enableParallelBuilding = true; diff --git a/pkgs/os-specific/linux/firejail/default.nix b/pkgs/os-specific/linux/firejail/default.nix index fadf5df7140a..a3be5484a047 100644 --- a/pkgs/os-specific/linux/firejail/default.nix +++ b/pkgs/os-specific/linux/firejail/default.nix @@ -20,6 +20,15 @@ stdenv.mkDerivation { name = "${s.name}.tar.bz2"; }; + patches = [ + # Adds the /nix directory when using an overlay. + # Required to run any programs under this mode. + ./mount-nix-dir-on-overlay.patch + # By default fbuilder hardcodes the firejail binary to the install path. + # On NixOS the firejail binary is a setuid wrapper available in $PATH. + ./fbuilder-call-firejail-on-path.patch + ]; + prePatch = '' # Allow whitelisting ~/.nix-profile substituteInPlace etc/firejail.config --replace \ diff --git a/pkgs/os-specific/linux/firejail/fbuilder-call-firejail-on-path.patch b/pkgs/os-specific/linux/firejail/fbuilder-call-firejail-on-path.patch new file mode 100644 index 000000000000..6016891655b1 --- /dev/null +++ b/pkgs/os-specific/linux/firejail/fbuilder-call-firejail-on-path.patch @@ -0,0 +1,11 @@ +--- a/src/fbuilder/build_profile.c ++++ b/src/fbuilder/build_profile.c +@@ -67,7 +67,7 @@ + errExit("asprintf"); + + char *cmdlist[] = { +- BINDIR "/firejail", ++ "firejail", + "--quiet", + "--noprofile", + "--caps.drop=all", diff --git a/pkgs/os-specific/linux/firejail/mount-nix-dir-on-overlay.patch b/pkgs/os-specific/linux/firejail/mount-nix-dir-on-overlay.patch new file mode 100644 index 000000000000..685314f90758 --- /dev/null +++ b/pkgs/os-specific/linux/firejail/mount-nix-dir-on-overlay.patch @@ -0,0 +1,27 @@ +--- a/src/firejail/fs.c ++++ b/src/firejail/fs.c +@@ -1143,6 +1143,16 @@ + errExit("mounting /dev"); + fs_logger("whitelist /dev"); + ++ // mount-bind /nix ++ if (arg_debug) ++ printf("Mounting /nix\n"); ++ char *nix; ++ if (asprintf(&nix, "%s/nix", oroot) == -1) ++ errExit("asprintf"); ++ if (mount("/nix", nix, NULL, MS_BIND|MS_REC, NULL) < 0) ++ errExit("mounting /nix"); ++ fs_logger("whitelist /nix"); ++ + // mount-bind run directory + if (arg_debug) + printf("Mounting /run\n"); +@@ -1201,6 +1211,7 @@ + free(odiff); + free(owork); + free(dev); ++ free(nix); + free(run); + free(tmp); + } diff --git a/pkgs/os-specific/linux/mcelog/default.nix b/pkgs/os-specific/linux/mcelog/default.nix index f0ef1126154a..2e97f9da1eae 100644 --- a/pkgs/os-specific/linux/mcelog/default.nix +++ b/pkgs/os-specific/linux/mcelog/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "mcelog"; - version = "169"; + version = "173"; src = fetchFromGitHub { owner = "andikleen"; repo = "mcelog"; rev = "v${version}"; - sha256 = "0ghkwfaky026qwj6hmcvz2w2hm8qqj3ysbkxxi603vslmwj56chv"; + sha256 = "1ili11kqacn6jkjpk11vhycgygdl92mymgb1sx22lcwq2x0d248m"; }; postPatch = '' diff --git a/pkgs/os-specific/linux/sysdig/default.nix b/pkgs/os-specific/linux/sysdig/default.nix index bef9231385a0..0433715a5fbc 100644 --- a/pkgs/os-specific/linux/sysdig/default.nix +++ b/pkgs/os-specific/linux/sysdig/default.nix @@ -5,13 +5,13 @@ with stdenv.lib; stdenv.mkDerivation rec { pname = "sysdig"; - version = "0.27.0"; + version = "0.27.1"; src = fetchFromGitHub { owner = "draios"; repo = "sysdig"; rev = version; - sha256 = "0lpp271g0749sx7qgpwl6myi0kgfpsxk1kc4yp3r9k1pynv8bq1b"; + sha256 = "sha256-lYjMvxMIReANNwMr62u881Nugrs9piOaN3EmrvGzRns="; }; nativeBuildInputs = [ cmake perl ]; |