Merge master into staging-next

author: Frederik Rietdijk <fridh@fridh.nl> 2020-11-29 13:51:10 +0100
committer: Frederik Rietdijk <fridh@fridh.nl> 2020-11-29 13:51:10 +0100
commit: 0d8491cb2b045e8a0b52bde121929b15a1d20196 (patch)
tree: d3740bc4c45a54ff299cb9a9bb0bc7cb8fa1e02d /pkgs/os-specific
parent: 9e062723b2d60d2be85268fb7eebb28abce0b5af (diff)
parent: 3a477cf32417b4c81c9fe42fbfb52c40b69fc110 (diff)
7 files changed, 84 insertions, 6 deletions
diff --git a/pkgs/os-specific/linux/akvcam/default.nix b/pkgs/os-specific/linux/akvcam/default.nix
new file mode 100644
index 000000000000..9e7450775147
--- /dev/null
+++ b/pkgs/os-specific/linux/akvcam/default.nix
@@ -0,0 +1,31 @@
+{ lib, stdenv, fetchFromGitHub, kernel, qmake }:
+
+stdenv.mkDerivation rec {
+  pname = "akvcam";
+  version = "1.1.1";
+
+  src = fetchFromGitHub {
+    owner = "webcamoid";
+    repo = "akvcam";
+    rev = version;
+    sha256 = "ULEhfF+uC/NcVUGAtmP1+BnrcgRgftNS97nLp81avQ8=";
+  };
+
+  nativeBuildInputs = [ qmake ];
+
+  qmakeFlags = [
+    "KERNEL_DIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"
+  ];
+
+  installPhase = ''
+    install -m644 -b -D src/akvcam.ko $out/lib/modules/${kernel.modDirVersion}/akvcam.ko
+  '';
+
+  meta = with lib; {
+    description = "Virtual camera driver for Linux";
+    homepage = "https://github.com/webcamoid/akvcam";
+    maintainers = with maintainers; [ freezeboy ];
+    platforms = platforms.linux;
+    license = licenses.gpl2;
+  };
+}
diff --git a/pkgs/os-specific/linux/bpftrace/default.nix b/pkgs/os-specific/linux/bpftrace/default.nix
index fc7c8ecba2da..9fbeda708e05 100644
--- a/pkgs/os-specific/linux/bpftrace/default.nix
+++ b/pkgs/os-specific/linux/bpftrace/default.nix
@@ -6,13 +6,13 @@
 
 stdenv.mkDerivation rec {
   pname = "bpftrace";
-  version = "0.11.0";
+  version = "0.11.4";
 
   src = fetchFromGitHub {
     owner  = "iovisor";
     repo   = "bpftrace";
     rev    = "refs/tags/v${version}";
-    sha256 = "02f2r731yj3fdc8341id1ksk4dma9rwm2765n2xgx2ldrrz5823y";
+    sha256 = "0y4qgm2cpccrsm20rnh92hqplddqsc5q5zhw9nqn2igm3h9i0z7h";
   };
 
   enableParallelBuilding = true;
diff --git a/pkgs/os-specific/linux/firejail/default.nix b/pkgs/os-specific/linux/firejail/default.nix
index fadf5df7140a..a3be5484a047 100644
--- a/pkgs/os-specific/linux/firejail/default.nix
+++ b/pkgs/os-specific/linux/firejail/default.nix
@@ -20,6 +20,15 @@ stdenv.mkDerivation {
     name = "${s.name}.tar.bz2";
   };
 
+  patches = [
+    # Adds the /nix directory when using an overlay.
+    # Required to run any programs under this mode.
+    ./mount-nix-dir-on-overlay.patch
+    # By default fbuilder hardcodes the firejail binary to the install path.
+    # On NixOS the firejail binary is a setuid wrapper available in $PATH.
+    ./fbuilder-call-firejail-on-path.patch
+  ];
+
   prePatch = ''
     # Allow whitelisting ~/.nix-profile
     substituteInPlace etc/firejail.config --replace \
diff --git a/pkgs/os-specific/linux/firejail/fbuilder-call-firejail-on-path.patch b/pkgs/os-specific/linux/firejail/fbuilder-call-firejail-on-path.patch
new file mode 100644
index 000000000000..6016891655b1
--- /dev/null
+++ b/pkgs/os-specific/linux/firejail/fbuilder-call-firejail-on-path.patch
@@ -0,0 +1,11 @@
+--- a/src/fbuilder/build_profile.c
++++ b/src/fbuilder/build_profile.c
+@@ -67,7 +67,7 @@
+ 		errExit("asprintf");
+ 
+ 	char *cmdlist[] = {
+-	  BINDIR "/firejail",
++	  "firejail",
+ 	  "--quiet",
+ 	  "--noprofile",
+ 	  "--caps.drop=all",
diff --git a/pkgs/os-specific/linux/firejail/mount-nix-dir-on-overlay.patch b/pkgs/os-specific/linux/firejail/mount-nix-dir-on-overlay.patch
new file mode 100644
index 000000000000..685314f90758
--- /dev/null
+++ b/pkgs/os-specific/linux/firejail/mount-nix-dir-on-overlay.patch
@@ -0,0 +1,27 @@
+--- a/src/firejail/fs.c
++++ b/src/firejail/fs.c
+@@ -1143,6 +1143,16 @@
+ 		errExit("mounting /dev");
+ 	fs_logger("whitelist /dev");
+ 
++	// mount-bind /nix
++	if (arg_debug)
++		printf("Mounting /nix\n");
++	char *nix;
++	if (asprintf(&nix, "%s/nix", oroot) == -1)
++		errExit("asprintf");
++	if (mount("/nix", nix, NULL, MS_BIND|MS_REC, NULL) < 0)
++		errExit("mounting /nix");
++	fs_logger("whitelist /nix");
++
+ 	// mount-bind run directory
+ 	if (arg_debug)
+ 		printf("Mounting /run\n");
+@@ -1201,6 +1211,7 @@
+ 	free(odiff);
+ 	free(owork);
+ 	free(dev);
++	free(nix);
+ 	free(run);
+ 	free(tmp);
+ }
diff --git a/pkgs/os-specific/linux/mcelog/default.nix b/pkgs/os-specific/linux/mcelog/default.nix
index f0ef1126154a..2e97f9da1eae 100644
--- a/pkgs/os-specific/linux/mcelog/default.nix
+++ b/pkgs/os-specific/linux/mcelog/default.nix
@@ -2,13 +2,13 @@
 
 stdenv.mkDerivation rec {
   pname = "mcelog";
-  version = "169";
+  version = "173";
 
   src = fetchFromGitHub {
     owner  = "andikleen";
     repo   = "mcelog";
     rev    = "v${version}";
-    sha256 = "0ghkwfaky026qwj6hmcvz2w2hm8qqj3ysbkxxi603vslmwj56chv";
+    sha256 = "1ili11kqacn6jkjpk11vhycgygdl92mymgb1sx22lcwq2x0d248m";
   };
 
   postPatch = ''
diff --git a/pkgs/os-specific/linux/sysdig/default.nix b/pkgs/os-specific/linux/sysdig/default.nix
index bef9231385a0..0433715a5fbc 100644
--- a/pkgs/os-specific/linux/sysdig/default.nix
+++ b/pkgs/os-specific/linux/sysdig/default.nix
@@ -5,13 +5,13 @@
 with stdenv.lib;
 stdenv.mkDerivation rec {
   pname = "sysdig";
-  version = "0.27.0";
+  version = "0.27.1";
 
   src = fetchFromGitHub {
     owner = "draios";
     repo = "sysdig";
     rev = version;
-    sha256 = "0lpp271g0749sx7qgpwl6myi0kgfpsxk1kc4yp3r9k1pynv8bq1b";
+    sha256 = "sha256-lYjMvxMIReANNwMr62u881Nugrs9piOaN3EmrvGzRns=";
   };
 
   nativeBuildInputs = [ cmake perl ];
author	Frederik Rietdijk <fridh@fridh.nl>	2020-11-29 13:51:10 +0100
committer	Frederik Rietdijk <fridh@fridh.nl>	2020-11-29 13:51:10 +0100
commit	0d8491cb2b045e8a0b52bde121929b15a1d20196 (patch)
tree	d3740bc4c45a54ff299cb9a9bb0bc7cb8fa1e02d /pkgs/os-specific
parent	9e062723b2d60d2be85268fb7eebb28abce0b5af (diff)
parent	3a477cf32417b4c81c9fe42fbfb52c40b69fc110 (diff)