;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2012-2022 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2013 Cyril Roelandt <tipecaml@gmail.com>
;;; Copyright © 2014, 2015, 2016, 2018, 2019, 2020 Mark H Weaver <mhw@netris.org>
-;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2020, 2021 Eric Bavier <bavier@posteo.net>
+;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2020, 2021, 2022 Eric Bavier <bavier@posteo.net>
;;; Copyright © 2015, 2016 Taylan Ulrich Bayırlı/Kammer <taylanbayirli@gmail.com>
;;; Copyright © 2015 Alex Sassmannshausen <alex.sassmannshausen@gmail.com>
;;; Copyright © 2015 Eric Dvorsak <eric@dvorsak.fr>
;;; Copyright © 2016 Peter Feigl <peter.feigl@nexoid.at>
;;; Copyright © 2016 John J. Foerch <jjfoerch@earthlink.net>
;;; Copyright © 2016, 2017 Nikita <nikita@n0.is>
-;;; Copyright © 2016–2021 Tobias Geerinckx-Rice <me@tobias.gr>
+;;; Copyright © 2016–2022 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2016 John Darrington <jmd@gnu.org>
;;; Copyright © 2017 Ben Sturmfels <ben@sturm.com.au>
;;; Copyright © 2017 Ethan R. Jones <doubleplusgood23@gmail.com>
;;; Copyright © 2019 Jakob L. Kreuze <zerodaysfordays@sdf.org>
;;; Copyright © 2019 Hartmut Goebel <h.goebel@crazy-compilers.com>
;;; Copyright © 2019 Alex Griffin <a@ajgrf.com>
-;;; Copyright © 2019, 2021 Guillaume Le Vaillant <glv@posteo.net>
+;;; Copyright © 2019, 2021, 2022 Guillaume Le Vaillant <glv@posteo.net>
;;; Copyright © 2019, 2020, 2021 Mathieu Othacehe <m.othacehe@gmail.com>
;;; Copyright © 2020 Oleg Pykhalov <go.wigust@gmail.com>
;;; Copyright © 2020 Jan (janneke) Nieuwenhuizen <janneke@gnu.org>
-;;; Copyright © 2020, 2021 Michael Rohleder <mike@rohleder.de>
+;;; Copyright © 2020, 2021, 2022 Michael Rohleder <mike@rohleder.de>
;;; Copyright © 2020 Vincent Legoll <vincent.legoll@gmail.com>
;;; Copyright © 2020 Morgan Smith <Morgan.J.Smith@outlook.com>
;;; Copyright © 2021 Maxim Cournoyer <maxim.cournoyer@gmail.com>
;;; Copyright © 2021 Brice Waegeneire <brice@waegenei.re>
;;; Copyright © 2021 Maxim Cournoyer <maxim.cournoyer@gmail.com>
;;; Copyright © 2021 Maxime Devos <maximedevos@telenet.be>
+;;; Copyright © 2021 muradm <mail@muradm.net>
+;;; Copyright © 2021 pineapples <guixuser6392@protonmail.com>
;;; Copyright © 2021 Petr Hodina <phodina@protonmail.com>
;;; Copyright © 2021 Artyom V. Poptsov <poptsov.artyom@gmail.com>
+;;; Copyright © 2022 Wamm K. D. <jaft.r@outlook.com>
+;;; Copyright © 2022 Roman Riabenko <roman@riabenko.com>
;;;
;;; This file is part of GNU Guix.
;;;
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
(define-module (gnu packages admin)
+ #:use-module (guix build-system cargo)
#:use-module (guix build-system cmake)
#:use-module (guix build-system emacs)
#:use-module (guix build-system glib-or-gtk)
#:use-module (gnu packages c)
#:use-module (gnu packages check)
#:use-module (gnu packages compression)
+ #:use-module (gnu packages crates-io)
#:use-module (gnu packages cross-base)
#:use-module (gnu packages crypto)
#:use-module (gnu packages cryptsetup)
+ #:use-module (gnu packages curl)
#:use-module (gnu packages cyrus-sasl)
#:use-module (gnu packages dns)
#:use-module (gnu packages elf)
#:use-module (gnu packages file)
#:use-module (gnu packages flex)
+ #:use-module (gnu packages freedesktop)
#:use-module (gnu packages gawk)
#:use-module (gnu packages gettext)
#:use-module (gnu packages gl)
#:use-module (gnu packages groff)
#:use-module (gnu packages gtk)
#:use-module (gnu packages guile)
+ #:use-module (gnu packages guile-xyz)
#:use-module (gnu packages hurd)
#:use-module (gnu packages image)
#:use-module (gnu packages imagemagick)
#:use-module (gnu packages mcrypt)
#:use-module (gnu packages mpi)
#:use-module (gnu packages ncurses)
+ #:use-module (gnu packages networking)
#:use-module (gnu packages openldap)
#:use-module (gnu packages patchutils)
#:use-module (gnu packages pciutils)
#:use-module (gnu packages ruby)
#:use-module (gnu packages selinux)
#:use-module (gnu packages serialization)
+ #:use-module (gnu packages sqlite)
#:use-module (gnu packages ssh)
#:use-module (gnu packages sphinx)
#:use-module (gnu packages tcl)
and provides a \"top-like\" mode (monitoring).")
(license license:gpl3+)))
-(define-public shepherd
+(define-public shepherd-0.8
(package
(name "shepherd")
(version "0.8.1")
(license license:gpl3+)
(home-page "https://www.gnu.org/software/shepherd/")))
-(define-public guile2.2-shepherd
+;; Update on the next rebuild cycle.
+(define-public shepherd shepherd-0.8)
+
+(define-public shepherd-0.9
(package
(inherit shepherd)
+ (version "0.9.1")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "mirror://gnu/shepherd/shepherd-"
+ version ".tar.gz"))
+ (sha256
+ (base32
+ "0l2arn6gsyw88xk9phxnyplvv1mn8sqp3ipgyyb0nszdzvxlgd36"))
+ (modules '((guix build utils)))
+ (snippet
+ ;; Avoid continuation barriers so (@ (fibers) sleep) can be
+ ;; called from a service's 'stop' method
+ '(substitute* "modules/shepherd/service.scm"
+ (("call-with-blocked-asyncs") ;in 'stop' method
+ "(lambda (thunk) (thunk))")
+ (("\\(for-each-service\n") ;in 'shutdown-services'
+ "((lambda (proc)
+ (for-each proc
+ (fold-services cons '())))\n")))))
+ (arguments
+ (list #:configure-flags #~'("--localstatedir=/var")
+ #:make-flags #~'("GUILE_AUTO_COMPILE=0")
+ #:phases (if (%current-target-system)
+ #~(modify-phases %standard-phases
+ (add-before 'configure 'set-fibers-directory
+ (lambda _
+ ;; When cross-compiling, refer to the target
+ ;; Fibers, not the native one.
+ (substitute* '("herd.in" "shepherd.in")
+ (("%FIBERS_SOURCE_DIRECTORY%")
+ #$(file-append
+ (this-package-input "guile-fibers")
+ "/share/guile/site/3.0"))
+ (("%FIBERS_OBJECT_DIRECTORY%")
+ #$(file-append
+ (this-package-input "guile-fibers")
+ "/lib/guile/3.0/site-ccache"))))))
+ #~%standard-phases)))
+ (native-inputs (list pkg-config guile-3.0
+ guile-fibers-1.1)) ;for cross-compilation
+ (inputs (list guile-3.0 guile-fibers-1.1))))
+
+(define-public guile2.2-shepherd
+ (package
+ (inherit shepherd-0.9)
(name "guile2.2-shepherd")
- (native-inputs
- (list pkg-config guile-2.2))
- (inputs
- (list guile-2.2 guile2.2-readline))))
+ (native-inputs (list pkg-config guile-2.2))
+ (inputs (list guile-2.2 guile2.2-fibers))))
(define-public guile2.0-shepherd
(package
(define-public cloud-utils
(package
(name "cloud-utils")
- (version "0.32")
+ (version "0.33")
(source
(origin
(method url-fetch)
"0xxdi55lzw7j91zfajw7jhd2ilsqj2dy04i9brlk8j3pvb5ma8hk"))))
(build-system gnu-build-system)
(arguments
- '(#:make-flags
+ '(#:modules
+ ((guix build gnu-build-system)
+ (guix build utils)
+ (srfi srfi-26))
+ #:make-flags
(let ((out (assoc-ref %outputs "out")))
(list (string-append "BINDIR=" out "/bin")
(string-append "MANDIR=" out "/share/man/man1")
(let ((growpart (string-append (assoc-ref outputs "out")
"/bin/growpart")))
(wrap-program growpart
- `("PATH" ":" prefix (,(dirname (which "sfdisk"))
- ,(dirname (which "readlink"))))))
- #t)))))
+ `("PATH" ":" prefix
+ ,(map dirname
+ (map (cut search-input-file inputs <>)
+ (list "bin/readlink"
+ "sbin/sfdisk")))))))))))
(inputs
- (list python util-linux)) ; contains sfdisk for growpart
+ (list coreutils ; for readlink
+ python
+ util-linux)) ; sfdisk for growpart
(home-page "https://launchpad.net/cloud-utils")
(synopsis "Set of utilities for cloud computing environments")
(description
(base32 "0w4g0iyssyw7dd0061881z8s5czcl01mz6v00znax57zfxjqpvnm"))))
(build-system gnu-build-system)
(arguments '(#:tests? #f)) ; No tests available.
- (home-page "http://software.clapper.org/daemonize/")
+ (home-page "https://software.clapper.org/daemonize/")
(synopsis "Command line utility to run a program as a daemon")
(description
"daemonize runs a command as a Unix daemon. It will close all open file
(define-public htop
(package
(name "htop")
- (version "3.1.2")
+ (version "3.2.1")
(source
(origin
(method git-fetch)
(url "https://github.com/htop-dev/htop")
(commit version)))
(sha256
- (base32 "024qhrlmqgwmn6bwb5yiff9bhhdabryiphzx8y654k8r8vqi59j4"))
+ (base32 "0yfmkw3y4qyd42svhpiijif7krvmnb8z88y6h9g4fwf7sfynq2rk"))
(file-name (git-file-name name version))))
(build-system gnu-build-system)
(inputs
(define-public shadow
(package
(name "shadow")
- (version "4.8.1")
+ (version "4.9")
(source (origin
(method url-fetch)
(uri (string-append
"https://github.com/shadow-maint/shadow/releases/"
- "download/" version "/shadow-" version ".tar.xz"))
- (patches (search-patches "shadow-hurd-pctrl.patch"))
+ "download/v" version "/shadow-" version ".tar.xz"))
(sha256
(base32
- "0qmfq50sdhz6xilgxvinblll8j2iqfl7hwk45bq744y4plq4dbd3"))))
+ "0i4iijbshnwnsrskxzrh18xgmzff0hdpsnnkmyc2gdn1x4n1zv7y"))))
(build-system gnu-build-system)
(arguments
`(;; Assume System V `setpgrp (void)', which is the default on GNU
'("--with-libpam"))
"shadow_cv_logdir=/var/log"
"ac_cv_func_setpgrp_void=yes")
-
#:phases
(modify-phases %standard-phases
+ (add-after 'unpack 'fix-linking-to-pam
+ (lambda _
+ ;; There's a build system problem in 4.9 that causes link
+ ;; failures with the pam libraries (see:
+ ;; https://github.com/shadow-maint/shadow/issues/407).
+ (substitute* "libsubid/Makefile.in"
+ (("\\$\\(LIBTCB\\)" all)
+ (string-append all " $(LIBPAM)")))))
,@(if (%current-target-system)
'((add-before 'configure 'set-runtime-shell
(lambda* (#:key inputs #:allow-other-keys)
"libc"))))
(substitute* "lib/nscd.c"
(("/usr/sbin/nscd")
- (string-append libc "/sbin/nscd")))
- #t)))
+ (string-append libc "/sbin/nscd"))))))
(add-after 'install 'remove-groups
(lambda* (#:key outputs #:allow-other-keys)
;; Remove `groups', which is already provided by Coreutils.
(bin (string-append out "/bin"))
(man (string-append out "/share/man")))
(delete-file (string-append bin "/groups"))
- (for-each delete-file (find-files man "^groups\\."))
- #t))))))
-
+ (for-each delete-file (find-files man "^groups\\."))))))))
(inputs
`(,@(if (hurd-target?)
'()
"Shadow provides a number of authentication-related tools, including:
login, passwd, su, groupadd, and useradd.")
+ (properties '((hidden? . #t))) ;see below
+
;; The `vipw' program is GPLv2+.
;; libmisc/salt.c is public domain.
(license license:bsd-3)))
+(define-public shadow-with-man-pages
+ ;; TODO: Merge with 'shadow' on the next core-updates cycle.
+ (package/inherit shadow
+ (properties '()) ;not hidden
+ (arguments
+ (substitute-keyword-arguments (package-arguments shadow)
+ ((#:phases phases '%standard-phases)
+ `(modify-phases ,phases
+ (add-after 'install 'install-man-pages
+ (lambda _
+ ;; The top-level Makefile.am wrongfully has "SUBDIRS += man"
+ ;; under "if ENABLE_REGENERATE_MAN", even though prebuilt man
+ ;; pages are available. Thus, install them manually.
+ (invoke "make" "-C" "man" "install")))))))))
+
(define-public mingetty
(package
(name "mingetty")
(define-public netcat-openbsd
(package
(name "netcat-openbsd")
- (version "1.218-2")
+ (version "1.218-5")
(source (origin
(method git-fetch)
(uri (git-reference
(file-name (git-file-name name version))
(sha256
(base32
- "1rj4nx0jdism1idc4fghahqbafhv72cpk7zlyq9czgvbps10d1kh"))))
+ "0hpbmz9m2q22a6qgbn9590z2x96xgffim8g0m1v47mariz3pqhlc"))))
(build-system gnu-build-system)
(arguments
`(#:tests? #f ; no test suite
(license (list license:bsd-3
license:bsd-2)))) ; atomicio.*, socks.c
+(define-public nmon
+ (package
+ (name "nmon")
+ (version "16n")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "mirror://sourceforge/nmon/lmon" version ".c"))
+ (sha256
+ (base32 "1wpm2f30414b87kpbr9hbidblr5cmfby5skwqd0fkpi5v712q0f0"))))
+ (build-system gnu-build-system)
+ (arguments
+ (list #:tests? #f ; no test suite
+ #:phases
+ #~(modify-phases %standard-phases
+ (replace 'unpack
+ (lambda _
+ (copy-file #$(package-source this-package) "lmon.c")))
+ (delete 'configure) ; no build system
+ (replace 'build
+ ;; There is an example ‘Makefile’ in the .c file.
+ (lambda _
+ ;; These #defines aren't well-documented and, e.g., POWER was
+ ;; not actually tested on every possible TARGET-POWERPC?.
+ (let* ((system #$(cond ((target-x86?) "X86")
+ ((target-arm?) "ARM")
+ ((target-powerpc?) "POWER")
+ (else "CROSS_FINGERS"))))
+ (format #t "Building for ~a~%" system)
+ (invoke #$(cc-for-target) "-o" "nmon" "lmon.c"
+ "-g" "-Wall" "-D" system
+ "-lncurses" "-lm"))))
+ (replace 'install
+ (lambda _
+ (let ((bin (string-append #$output "/bin"))
+ (man1 (string-append #$output "/share/man/man1")))
+ (install-file "nmon" bin)
+ (mkdir-p man1)
+ (copy-file #$(this-package-native-input "man-page")
+ (string-append man1 "/nmon.1"))))))))
+ (native-inputs
+ (list `("man-page"
+ ,(origin
+ ;; There is no man page upstream, so install Debian's.
+ (method url-fetch)
+ (uri (string-append "https://salsa.debian.org/carnil/nmon/"
+ "-/raw/debian/" version "+debian-1/"
+ "debian/nmon.1"))
+ (sha256
+ (base32
+ "1gpvd2kjyhs18sh6sga5bk9wj8s78blfd4c0m38r0wl92jx2yv1b"))))))
+ (inputs
+ (list ncurses))
+ (home-page "http://nmon.sourceforge.net/")
+ (synopsis
+ "Monitor system performance in a terminal or to a @file{.csv} log file")
+ (description
+ "@acronym{Nmon, Nigel's performance monitor} is yet another system monitor
+useful in systems administration, debugging, tuning, and benchmarking.
+
+The configurable ncurses interface displays all the classic resource usage
+statistics (CPU, memory, network, disk, ...) as real-time graphs or numbers.
+It can also list the processes responsible in a @command{top}-like table.
+
+A less common nmon feature is its ability to create highly detailed log files
+in @acronym{CSV, comma-separated values} format. These can be imported into
+spreadsheets or fed straight into an @acronym{RRD, round-robin database} using
+@command{rrdtool} for further analyisis, or to create colourful graphs.")
+ (license license:gpl3+)))
+
(define-public sipcalc
(package
(name "sipcalc")
(define-public isc-dhcp
(let* ((bind-major-version "9")
(bind-minor-version "11")
- (bind-patch-version "36")
+ (bind-patch-version "37")
(bind-release-type "") ; for patch release, use "-P"
(bind-release-version "") ; for patch release, e.g. "6"
(bind-version (string-append bind-major-version
bind-release-version)))
(package
(name "isc-dhcp")
- (version "4.4.2-P1")
+ (version "4.4.3")
(source (origin
(method url-fetch)
(uri (string-append "https://ftp.isc.org/isc/dhcp/"
version "/dhcp-" version ".tar.gz"))
- (patches (search-patches "isc-dhcp-gcc-compat.patch"))
(sha256
(base32
- "06jsr0cg5rsmyibshrpcb9za0qgwvqccashdma7mlm1rflrh8pmh"))))
+ "062q2g8cj2zv0zv22x6pg21m21bdlscxkg3li0ac0pm0qasccghf"))))
(build-system gnu-build-system)
(arguments
`(#:parallel-build? #f
(("^RELEASETYPE=.*")
(format #f "RELEASETYPE=~a\n" ,bind-release-type))
(("^RELEASEVER=.*")
- (format #f "RELEASEVER=~a\n" ,bind-release-version)))
- #t))
+ (format #f "RELEASEVER=~a\n" ,bind-release-version)))))
,@(if (%current-target-system)
'((add-before 'configure 'fix-bind-cross-compilation
(lambda _
"--host=$host_alias"))
;; BIND needs a native compiler because the DHCP
;; build system uses the built 'gen' executable.
- (setenv "BUILD_CC" "gcc")
- #t)))
+ (setenv "BUILD_CC" "gcc"))))
'())
+ (add-before 'build 'update-config-scripts
+ (lambda* (#:key native-inputs inputs #:allow-other-keys)
+ (for-each (lambda (file)
+ (install-file
+ (search-input-file
+ (or native-inputs inputs)
+ (string-append "/bin/" file)) "."))
+ '("config.guess" "config.sub"))
+ (for-each (lambda (file)
+ (install-file
+ (search-input-file
+ (or native-inputs inputs)
+ (string-append "/bin/" file))
+ (string-append "bind/bind-" ,bind-version)))
+ '("config.guess" "config.sub"))))
(add-after 'configure 'post-configure
(lambda* (#:key outputs #:allow-other-keys)
;; Point to the right client script, which will be
"--owner=root:0"
"--group=root:0")))))
(add-after 'install 'post-install
- ;; TODO(core-updates): native-inputs isn't required anymore.
- (lambda* (#:key ,@(if (%current-target-system)
- '(native-inputs)
- '())
- inputs outputs #:allow-other-keys)
+ (lambda* (#:key inputs outputs #:allow-other-keys)
;; Install the dhclient script for GNU/Linux and make sure
;; if finds all the programs it needs.
(let* ((out (assoc-ref outputs "out"))
,(map (lambda (dir)
(string-append dir "/bin:"
dir "/sbin"))
- (list inetutils net-tools coreutils sed))))
- ;; TODO(core-updates): should not be required anymore,
- ;; once <https://issues.guix.gnu.org/49290> has been merged.
- ,@(if (%current-target-system)
- '((for-each
- (lambda (file)
- (substitute* file
- (((assoc-ref native-inputs "bash"))
- (assoc-ref inputs "bash"))))
- (list (string-append libexec
- "/dhclient-script")
- (string-append libexec
- "/.dhclient-script-real"))))
- '())
- #t))))))
+ (list inetutils net-tools coreutils sed))))))))))
(native-inputs
- (list perl file))
+ (list config perl file))
(inputs `(("inetutils" ,inetutils)
- ;; TODO(core-updates): simply make this unconditional
- ,@(if (%current-target-system)
- ;; for wrap-program
- `(("bash" ,(canonical-package bash-minimal)))
- '())
+ ("bash" ,(canonical-package bash-minimal)) ;for wrap-program
,@(if (hurd-target?) '()
`(("net-tools" ,net-tools)
("iproute" ,iproute)))
"/bind-" bind-version ".tar.gz"))
(sha256
(base32
- "108nh7hha4r0lb5hf1fn7lqaascvhsrghpz6afm5lf9vf2vgqly9"))))
+ "1zsszgxs9043dfpxb6xs1iwk9jg7nxkl5pbawj8dlshnxkkzp3hd"))))
("coreutils*" ,coreutils)
("sed*" ,sed)))
(lambda* (#:key inputs #:allow-other-keys)
(substitute* "rc/weekly"
(("/bin/kill")
- (string-append (assoc-ref inputs "coreutils*")
- "/bin/kill"))
+ (search-input-file inputs "/bin/kill"))
(("syslogd\\.pid")
;; The file is called 'syslog.pid' (no 'd').
- "syslog.pid"))
- #t))
+ "syslog.pid"))))
(add-after 'install 'install-info
(lambda _
(invoke "make" "install-info"))))))
(native-inputs (list texinfo automake util-linux)) ; for 'cal'
- (inputs `(("coreutils*" ,coreutils)
- ("mailutils" ,mailutils)))
+ (inputs (list coreutils mailutils))
(home-page "https://www.gnu.org/software/rottlog/")
(synopsis "Log rotation and management")
(description
(define-public sudo
(package
(name "sudo")
- (version "1.9.8p2")
+ (version "1.9.11p3")
(source (origin
(method url-fetch)
(uri
version ".tar.gz")))
(sha256
(base32
- "0b8gd15l2g22w4fhhz0gzmq5c8370klanmy2c1p3px6yly6qnfwy"))
+ "0w0z9w4vnhjsc4jjghi6wlyv4v055hsy38ncb67p08b7yp9fg1s6"))
(modules '((guix build utils)))
(snippet
'(begin
(define-public opendoas
(package
(name "opendoas")
- (version "6.8.1")
+ (version "6.8.2")
(source (origin
(method git-fetch)
(uri (git-reference
(file-name (git-file-name name version))
(sha256
(base32
- "0gfcssm21vdfg6kcrcc7hz1h4jmhy2zv29rfqyrrj3a6r9b5ah8p"))))
+ "1qrin7x9vcprk5pwjbr3w8z2qj8hk6xbvxicdhlk27xr6vcr1qzn"))))
(build-system gnu-build-system)
(arguments
`(#:phases
(lambda* (#:key outputs #:allow-other-keys)
(substitute* "GNUmakefile"
(("^\tchown.*$") ""))
- ;; OpenDoas look for binaries in safepath when a rule specify a
+ ;; OpenDoas looks for binaries in safepath when a rule specifies a
;; relative command, such as “permit keepenv :wheel cmd guix”.
(substitute* "doas.c"
(("safepath =" match)
"/run/setuid-programs:"
"/run/current-system/profile/bin:"
"/run/current-system/profile/sbin:"
- "\" ")))
- #t))
+ "\" ")))))
(replace 'configure
;; The configure script doesn't accept most of the default flags.
(lambda* (#:key configure-flags #:allow-other-keys)
(define-public wpa-supplicant-minimal
(package
(name "wpa-supplicant-minimal")
- (version "2.9")
+ (version "2.10")
(source (origin
(method url-fetch)
(uri (string-append
version ".tar.gz"))
(sha256
(base32
- "05qzak1mssnxcgdrafifxh9w86a4ha69qabkg4bsigk499xyxggw"))
+ "0bvvw7bx149a57llzrwzlpggyym84f8jdd4abwsk0f2b2pjpmpr0"))
(modules '((guix build utils)))
(snippet
'(begin
;; Disable D-Bus to save ~14MiB on the closure size.
(("^CONFIG_CTRL_IFACE_DBUS" line _)
(string-append "#" line)))
- #t))
- (patches
- (search-patches "wpa-supplicant-CVE-2021-27803.patch"
- "wpa-supplicant-CVE-2021-30004.patch"))))
+ #t))))
(build-system gnu-build-system)
(arguments
`(#:phases
(add-after 'install-documentation 'install-dbus-conf
(lambda* (#:key outputs #:allow-other-keys)
(let* ((out (assoc-ref outputs "out"))
- (dir (string-append out "/etc/dbus-1/system.d")))
- (mkdir-p dir)
+ (interfaces (string-append out "/etc/dbus-1/system.d"))
+ (services (string-append out
+ "/share/dbus-1/system-services")))
+ (mkdir-p interfaces)
(copy-file "dbus/dbus-wpa_supplicant.conf"
- (string-append dir "/wpa_supplicant.conf")))
+ (string-append interfaces "/wpa_supplicant.conf"))
+ (mkdir-p services)
+ (copy-file "dbus/fi.w1.wpa_supplicant1.service"
+ (string-append services
+ "/fi.w1.wpa_supplicant1.service")))
#t))))))))
(define-public wpa-supplicant-gui
(inherit wpa-supplicant)
(name "wpa-supplicant-gui")
(inputs (modify-inputs (package-inputs wpa-supplicant)
- (prepend qtbase-5 qtsvg)))
+ (prepend qtbase-5 qtsvg-5)))
(native-inputs
;; For icons.
(modify-inputs (package-native-inputs wpa-supplicant)
- (prepend imagemagick inkscape)))
+ (prepend imagemagick inkscape/stable)))
(arguments
`(#:phases (modify-phases %standard-phases
(add-after 'unpack 'chdir
(replace 'install
(lambda* (#:key inputs outputs #:allow-other-keys)
(let ((out (assoc-ref outputs "out"))
- (qt '("qtbase" "qtsvg")))
+ (qt '("qtbase" "qtsvg-5")))
(install-file "wpa_gui" (string-append out "/bin"))
(install-file "wpa_gui.desktop"
(string-append out "/share/applications"))
(define-public hostapd
(package
(name "hostapd")
- (version "2.9")
+ (version "2.10")
(source (origin
(method url-fetch)
(uri (string-append "https://w1.fi/releases/hostapd-" version
".tar.gz"))
(sha256
(base32
- "1mrbvg4v7vm7mknf0n29mf88k3s4a4qj6r4d51wq8hmjj1m7s7c8"))
- (patches
- (search-patches "wpa-supplicant-CVE-2021-27803.patch"
- "wpa-supplicant-CVE-2021-30004.patch"))))
+ "0pcik0a6yin9nib02frjhaglmg44hwik086iwg1751b7kdwpqvi0"))))
(build-system gnu-build-system)
(arguments
- `(#:phases
- (modify-phases %standard-phases
- (replace 'configure
- (lambda _
- ;; This is mostly copied from 'wpa-supplicant' above.
- (chdir "hostapd")
- (copy-file "defconfig" ".config")
- (let ((port (open-file ".config" "al")))
- (display "
- CONFIG_LIBNL32=y
- CONFIG_IEEE80211R=y
- CONFIG_IEEE80211N=y
- CONFIG_IEEE80211AC=y\n" port)
- (close-port port))
- #t))
- (add-after 'unpack 'patch-pkg-config
- (lambda _
- (substitute* "src/drivers/drivers.mak"
- (("pkg-config")
- (or (which "pkg-config")
- (string-append ,(%current-target-system)
- "-pkg-config"))))
- #t))
- (add-after 'install 'install-man-pages
- (lambda* (#:key outputs #:allow-other-keys)
- (let* ((out (assoc-ref outputs "out"))
- (man (string-append out "/share/man"))
- (man1 (string-append man "/man1"))
- (man8 (string-append man "/man8")))
- (define (copy-man-page target)
- (lambda (file)
- (install-file file target)))
-
- (for-each (copy-man-page man1)
- (find-files "." "\\.1"))
- (for-each (copy-man-page man8)
- (find-files "." "\\.8"))
- #t))))
-
- #:make-flags (list (string-append "CC=" ,(cc-for-target))
- (string-append "BINDIR=" (assoc-ref %outputs "out")
- "/sbin")
- (string-append "LIBDIR=" (assoc-ref %outputs "out")
- "/lib"))
- #:tests? #f))
+ (list #:phases
+ #~(modify-phases %standard-phases
+ (replace 'configure
+ (lambda _
+ ;; This is mostly copied from 'wpa-supplicant' above.
+ (chdir "hostapd")
+ (copy-file "defconfig" ".config")
+ (let ((port (open-file ".config" "al")))
+ (display "CONFIG_LIBNL32=y
+ CONFIG_IEEE80211R=y
+ CONFIG_IEEE80211N=y
+ CONFIG_IEEE80211AC=y\n" port)
+ (close-port port))))
+ (add-after 'unpack 'patch-pkg-config
+ (lambda _
+ (substitute* "src/drivers/drivers.mak"
+ (("pkg-config")
+ #$(pkg-config-for-target)))))
+ (add-after 'install 'install-man-pages
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((man (string-append #$output "/share/man"))
+ (man1 (string-append man "/man1"))
+ (man8 (string-append man "/man8")))
+ (define (copy-man-page target)
+ (lambda (file)
+ (install-file file target)))
+ (for-each (copy-man-page man1)
+ (find-files "." "\\.1"))
+ (for-each (copy-man-page man8)
+ (find-files "." "\\.8"))))))
+ #:make-flags
+ #~(list (string-append "CC=" #$(cc-for-target))
+ (string-append "BINDIR=" #$output "/sbin")
+ (string-append "LIBDIR=" #$output "/lib"))
+ #:tests? #f))
(native-inputs (list pkg-config))
;; There's an optional dependency on SQLite.
(define-public dmidecode
(package
(name "dmidecode")
- (version "3.3")
+ (version "3.4")
(source
(origin
(method url-fetch)
(uri (string-append "mirror://savannah/dmidecode/dmidecode-"
version ".tar.xz"))
(sha256
- (base32 "0m8lzg9rf1qssasiix672bxk5qwms90561g8hfkkhk31h2kkgiw2"))))
+ (base32 "04i2ahvqinkrnzfsbswplv9wff36xf9b3snvriwrjz26v18sijs3"))))
(build-system gnu-build-system)
(arguments
- `(#:tests? #f ; no 'check' target
- #:make-flags
- (list (string-append "CC=" ,(cc-for-target))
- (string-append "prefix="
- (assoc-ref %outputs "out")))
- #:phases
- (modify-phases %standard-phases
- (delete 'configure)))) ; no configure script
+ (list #:tests? #f ; no 'check' target
+ #:make-flags
+ #~(list (string-append "CC=" #$(cc-for-target))
+ (string-append "prefix=" #$output))
+ #:phases
+ #~(modify-phases %standard-phases
+ (delete 'configure)))) ; no configure script
(home-page "https://www.nongnu.org/dmidecode/")
(synopsis "Read hardware information from the BIOS")
(description
(define-public acpica
(package
(name "acpica")
- (version "20211217")
+ (version "20220331")
(source (origin
(method url-fetch)
(uri (string-append
version ".tar.gz"))
(sha256
(base32
- "0521hmaw2zhi0mpgnaf2i83dykfgql4bx98cg7xqy8wmj649z194"))))
+ "0yjcl00nnnlw01sz6a1i5d3v75gr17mkbxkxfx2v344al33abk8w"))))
(build-system gnu-build-system)
(native-inputs (list flex bison))
(arguments
characters can be replaced as well, as can UTF-8 characters.")
(license license:bsd-3)))
-(define-public testdisk
- (package
- (name "testdisk")
- (version "7.1")
- (source (origin
- (method url-fetch)
- (uri (string-append "https://www.cgsecurity.org/testdisk-"
- version ".tar.bz2"))
- (sha256
- (base32
- "1zlh44w67py416hkvw6nrfmjickc2d43v51vcli5p374d5sw84ql"))))
- (build-system gnu-build-system)
- (inputs
- (list ntfs-3g
- `(,util-linux "lib")
- openssl
- ;; FIXME: add reiserfs.
- zlib
- e2fsprogs
- libjpeg-turbo
- ncurses))
- (home-page "https://www.cgsecurity.org/wiki/TestDisk")
- (synopsis "Data recovery tool")
- (description
- "TestDisk is a program for data recovery, primarily designed to help
-recover lost partitions and/or make non-booting disks bootable again.")
- (license license:gpl2+)))
-
(define-public tree
(package
(name "tree")
- (version "2.0.1")
+ (version "2.0.2")
(source (origin
(method url-fetch)
(uri (string-append
"http://mama.indstate.edu/users/ice/tree/src/tree-"
version ".tgz"))
- (patches (search-patches "tree-disable-stddata.patch"))
(sha256
- (base32 "0f92vx6gpz7v29wi9clklzah57v7lgx5kv0m1w4b9xjc35d9qcz3"))))
+ (base32 "1bzfkr3kmn2v5x7ljir691fr9hhjvjxqsfz0fc5fgi6ki0fklsbx"))))
(build-system gnu-build-system)
(arguments
(list
(define-public libcap-ng
(package
(name "libcap-ng")
- (version "0.8.2")
+ (version "0.8.3")
(source (origin
(method url-fetch)
(uri (string-append
version ".tar.gz"))
(sha256
(base32
- "1sasp1n154aqy9fz0knlb966svm7xg1zjhg1vr4q839bgjvq7h2j"))))
+ "0ba9dfga7chwf6lf7a03x1a30fgdy2pb4r7pnn1jzfr2is2gdmmy"))))
(build-system gnu-build-system)
(arguments
`(#:configure-flags
- (list "--without-python")))
+ (list "--disable-static"
+ "--without-python")))
(home-page "https://people.redhat.com/sgrubb/libcap-ng/")
(synopsis "Library for more easily working with POSIX capabilities")
(description
(base32
"1mlc25sd5rgj5xmzcllci47inmfdw7cp185fday6hc9rwqkqmnaw"))))
(build-system gnu-build-system)
+ (arguments
+ (list #:make-flags
+ #~(list "BUILD_INFO=\"(Guix)\"")))
(inputs (list libcap-ng))
(home-page "https://www.smartmontools.org/")
(synopsis "S.M.A.R.T. harddisk control and monitoring tools")
specified directories.")
(license license:expat)))
-(define-public graphios
- (package
- (name "graphios")
- (version "2.0.3")
- (source
- (origin
- (method url-fetch)
- (uri (pypi-uri "graphios" version))
- (sha256
- (base32
- "1h87hvc315wg6lklbf4l7csd3n5pgljwrfli1p3nasdi0izgn66i"))))
- (build-system python-build-system)
- (arguments
- ;; Be warned: Building with Python 3 succeeds, but the build process
- ;; throws a syntax error that is ignored.
- `(#:python ,python-2
- #:phases
- (modify-phases %standard-phases
- (add-before 'build 'fix-setup.py
- (lambda* (#:key outputs #:allow-other-keys)
- ;; Fix hardcoded, unprefixed file names.
- (let ((out (assoc-ref outputs "out")))
- (substitute* '("setup.py")
- (("/etc") (string-append out "/etc"))
- (("/usr") out)
- (("distro_ver = .*") "distro_ver = ''"))
- #t))))))
- (home-page "https://github.com/shawn-sterling/graphios")
- (synopsis "Emit Nagios metrics to Graphite, Statsd, and Librato")
- (description
- "Graphios is a script to emit nagios perfdata to various upstream metrics
-processing and time-series systems. It's currently compatible with Graphite,
-Statsd, Librato and InfluxDB. Graphios can emit Nagios metrics to any number
-of supported upstream metrics systems simultaneously.")
- (license license:gpl2+)))
-
(define-public ansible-core
(package
(name "ansible-core")
(build-system python-build-system)
(propagated-inputs
(list ansible-core))
- ;; The Ansible collections are found by ansible-core via PYTHONPATH; the
- ;; following search path ensures that they are found even when Python is
- ;; not present in the profile.
+ ;; The Ansible collections are found by ansible-core via the Python search
+ ;; path; the following search path ensures that they are found even when
+ ;; Python is not present in the profile.
(native-search-paths
;; XXX: Attempting to use (package-native-search-paths python)
;; here would cause an error about python being an unbound
;; variable in the tests/cpan.scm test.
(list (search-path-specification
- (variable "PYTHONPATH")
+ (variable "GUIX_PYTHONPATH")
(files (list "lib/python3.9/site-packages")))))
(home-page "https://www.ansible.com/")
(synopsis "Radically simple IT automation")
(commit (string-append "v" version))))
(file-name (git-file-name name version))
(sha256
- (base32 "1dz045yhcsw1rdamzpz4bk8mw888in7fyqk1q1b3m1yk4pd1ahkh"))))
+ (base32 "1dz045yhcsw1rdamzpz4bk8mw888in7fyqk1q1b3m1yk4pd1ahkh"))
+ (patches (search-patches "cpulimit-with-glib-2.32.patch"))))
(build-system gnu-build-system)
(arguments
`(#:phases (modify-phases %standard-phases
(list openssl libgcrypt))
(build-system gnu-build-system)
(arguments
- '(#:configure-flags
+ `(#:configure-flags
(list "--localstatedir=/var"
(string-append "--with-pkgconfigdir="
- (assoc-ref %outputs "out") "/lib/pkgconfig"))
+ (assoc-ref %outputs "out") "/lib/pkgconfig")
+ (string-append "--with-libgcrypt-prefix="
+ (assoc-ref %build-inputs "libgcrypt"))
+ ,@(if (%current-target-system)
+ ;; Assume yes on pipes when cross compiling.
+ `("ac_cv_file__dev_spx=yes"
+ "x_ac_cv_check_fifo_recvfd=yes")
+ '()))
#:phases
(modify-phases %standard-phases
;; XXX Many test series fail. Some might be fixable, others do no-no
(package
(name "audit")
(home-page "https://people.redhat.com/sgrubb/audit/")
- (version "3.0.6")
+ (version "3.0.8")
(source (origin
(method url-fetch)
(uri (string-append home-page "audit-" version ".tar.gz"))
(sha256
(base32
- "0pnc9wzslks9p6kxw0llp1n8h8yg0frcxl3x84fl0hisa5vlvr63"))))
+ "04w9m9ffvi58z11i344wa1hji9ba68cdklrkizhiwf39mnwxkx5m"))))
(build-system gnu-build-system)
(arguments
`(#:configure-flags (list "--with-python=no"
(,(python-path ndiff)))))))
;; These are the tests that do not require network access.
(replace 'check
- (lambda _ (invoke "make"
- "check-nse"
- "check-ndiff"
- "check-dns"))))
+ (lambda* (#:key tests? #:allow-other-keys)
+ (when tests?
+ (invoke "make"
+ "check-nse"
+ "check-ndiff"
+ "check-dns")))))
;; Nmap can't cope with out-of-source building.
#:out-of-source? #f))
(home-page "https://nmap.org/")
you are running, what theme or icon set you are using, etc.")
(license license:expat)))
+(define-public hyfetch
+ (package
+ (name "hyfetch")
+ (version "1.0.2")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (pypi-uri "HyFetch" version))
+ (sha256
+ (base32 "1bfkycdhsyzkk6q24gdy1xwvyz0rvkr7xk2khbn74b3nk6kp83r2"))))
+ (build-system python-build-system)
+ (inputs (list python-hypy-utils python-typing-extensions))
+ (arguments `(#:phases (modify-phases %standard-phases
+ (add-before 'build 'set-HOME
+ (lambda _ ;; Tries to set files in .config
+ (setenv "HOME" "/tmp"))))))
+ (home-page "https://github.com/hykilpikonna/HyFetch")
+ (synopsis "@code{neofetch} with pride flags <3")
+ (description "HyFetch is a command-line system information tool fork of
+@code{neofetch}. HyFetch displays information about your system next to your
+OS logo in ASCII representation. The ASCII representation is then colored in
+the pattern of the pride flag of your choice. The main purpose of HyFetch is to
+be used in screenshots to show other users what operating system or distribution
+you are running, what theme or icon set you are using, etc.")
+ (license license:expat)))
+
(define-public screenfetch
(package
(name "screenfetch")
(define-public nnn
(package
(name "nnn")
- (version "4.4")
+ (version "4.6")
(source
(origin
(method url-fetch)
(uri (string-append "https://github.com/jarun/nnn/releases/download/v"
version "/nnn-v" version ".tar.gz"))
(sha256
- (base32 "0lqn7pyy8c1vy29vn8ad4x23cw67cy1d21ghns6f3w9a1h7kyjp0"))))
+ (base32 "0gvyvynw957yirvc1aj65flzni7niaj5bvyk82ka5dfgi2dazb0m"))))
(build-system gnu-build-system)
(inputs
(list ncurses readline))
(native-inputs
(list pkg-config))
(arguments
- `(#:tests? #f ; no tests
- #:phases
- (modify-phases %standard-phases
- (delete 'configure)) ; no configure script
- #:make-flags
- (list
- (string-append "PREFIX="
- (assoc-ref %outputs "out"))
- (string-append "CC=" ,(cc-for-target))
- (string-append "PKG_CONFIG=" ,(pkg-config-for-target)))))
+ (list #:tests? #f ; no tests
+ #:make-flags
+ #~(list
+ (string-append "PREFIX=" #$output)
+ (string-append "CC=" #$(cc-for-target))
+ (string-append "PKG_CONFIG=" #$(pkg-config-for-target)))
+ #:phases
+ #~(modify-phases %standard-phases
+ (delete 'configure)))) ; no configure script
(home-page "https://github.com/jarun/nnn")
(synopsis "Terminal file browser")
(description
(let ((out (assoc-ref %outputs "out")))
(list (string-append "--with-dbus-sys-dir="
out "/etc/dbus-1/system.d")
- "--localstatedir=/var"))
+ "--localstatedir=/var"
+ "--disable-werror"))
#:make-flags
(list "V=1") ; log build commands
#:phases
(let ((real-name "inxi"))
(package
(name "inxi-minimal")
- (version "3.3.11-1")
+ (version "3.3.19-1")
(source
(origin
(method git-fetch)
(commit version)))
(file-name (git-file-name real-name version))
(sha256
- (base32 "1nk3q2xg0myykq1myasxhvhhr0vk8qv3m7pb3icw81r3ydasnls0"))))
+ (base32 "0g5m43cj4534gb181zy1hwjz5il88xibf8psxw8a4s6jnaq1zdlk"))))
(build-system trivial-build-system)
(inputs
`(("bash" ,bash-minimal)
(string-append dir "/lib/perl5/site_perl"))
(_ ""))
%build-inputs)))))
- (invoke "gzip" "inxi.1")
+ (invoke "gzip" "-n" "inxi.1")
(install-file "inxi.1.gz"
(string-append %output "/share/man/man1"))))))
(home-page "https://smxi.org/docs/inxi.htm")
(package
(name "lynis")
;; Also update the ‘lynis-sdk’ input to the commit matching this release.
- (version "3.0.6")
+ (version "3.0.8")
(source
(origin
(method git-fetch)
(commit version)))
(file-name (git-file-name name version))
(sha256
- (base32 "1a1n8alcq6zil1rwk9940cg3x2nz3igcxfad99505pdh7ccz9324"))
+ (base32 "19kz1ffbbd431cdfw7fjcl5hjkks3gfkwk3w2zkwsxgyiky1gx3w"))
(modules '((guix build utils)))
(snippet
'(begin
(method git-fetch)
(uri (git-reference
(url "https://github.com/CISOfy/lynis-sdk")
- (commit "1c4e5f60a03e29a1525ca9ec17c793461058253d")))
+ (commit "dffe5d352e4d6029ea95a84d50604ccd97cb8999")))
(file-name (git-file-name "lynis-sdk" version))
(sha256
- (base32 "060k8k1q4c7nvrv3cwscxq8md2v75q3nrwwim1hgfw20divw3npy"))))))
+ (base32 "05qq4395x8f0kyl1ppm74npsf8sb3hhgz0ck4fya91sy6a26b4ja"))))))
(arguments
`(#:phases
(modify-phases %standard-phases
+ (replace 'unpack
+ ;; XXX Remove after fixing <https://issues.guix.gnu.org/55287>.
+ (lambda* (#:key source #:allow-other-keys)
+ (mkdir "source")
+ (chdir "source")
+ (copy-recursively source "."
+ #:keep-mtime? #t)))
(replace 'configure
(lambda* (#:key inputs outputs #:allow-other-keys)
(substitute* "lynis"
(define-public jc
(package
(name "jc")
- (version "1.13.4")
+ (version "1.19.0")
(source
(origin
;; The PyPI tarball lacks the test suite.
(commit (string-append "v" version))))
(file-name (git-file-name name version))
(sha256
- (base32 "0rwvyyrdnw43pixp8h51rncq2inc9pbbj1j2191y5si00pjw34zr"))))
+ (base32 "021zk0y8kb6v3qf3hwfg8qjzzmrca039nz3fjywiy2njmbhr8hyi"))))
(build-system python-build-system)
+ (arguments
+ (list #:phases
+ #~(modify-phases %standard-phases
+ ;; XXX Guix's America/Los_Angeles time zone is somehow broken.
+ (add-before 'check 'hack-time-zone
+ (lambda _
+ (substitute* (find-files "tests" "^test.*\\.py$")
+ (("America/Los_Angeles") "PST8PDT")))))))
(propagated-inputs
(list python-pygments python-ruamel.yaml python-xmltodict))
(home-page "https://github.com/kellyjonbrazil/jc")
(define-public atop
(package
(name "atop")
- (version "2.6.0")
+ (version "2.7.1")
(source (origin
(method url-fetch)
(uri (string-append "https://www.atoptool.nl/download/atop-"
version ".tar.gz"))
(sha256
(base32
- "0wlg0n0h9vwpjp2dcb623jvvqck422jrjpq9mbpzg4hnawxcmhly"))))
+ "0kjwgf94skbrndv1krlmsrq34smzi3iwk73fbsnyw787gvqx4j6a"))))
(build-system gnu-build-system)
(arguments
- `(#:tests? #f ; no test suite
+ (list
+ #:tests? #f ; no test suite
#:make-flags
- (list (string-append "CC=" ,(cc-for-target))
- ;; The installer requires a choice between systemd or SysV.
- "systemdinstall"
- (string-append "DESTDIR=" (assoc-ref %outputs "out"))
- (string-append "BINPATH=/bin")
- (string-append "SBINPATH=/sbin")
- (string-append "SYSDPATH=/etc/systemd/system")
- (string-append "PMPATHD=/etc/systemd/system-sleep")
- (string-append "MAN1PATH=/share/man/man1")
- (string-append "MAN5PATH=/share/man/man5")
- (string-append "MAN8PATH=/share/man/man8")
- ;; Or else it tries to create /var/log/atop...
- (string-append "LOGPATH="))
+ #~(list (string-append "CC=" #$(cc-for-target))
+ (string-append "DESTDIR=" #$output)
+ (string-append "SYSDPATH=/etc/systemd/system")
+ (string-append "PMPATHD=/etc/systemd/system-sleep")
+ ;; Or else it tries to create /var/log/atop...
+ (string-append "LOGPATH="))
#:phases
- (modify-phases %standard-phases
- (delete 'configure) ; No ./configure script
- (add-before 'build 'patch-build
- (lambda* (#:key outputs #:allow-other-keys)
- (substitute* "Makefile"
- ;; We don't need to chown things in the build environment.
- (("chown.*$") "")
- ;; We can't toggle the setuid bit in the build environment.
- (("chmod 04711") "chmod 0711")
- ;; Otherwise, it creates a blank configuration file as a "default".
- (("touch.*DEFPATH)/atop") "")
- (("chmod.*DEFPATH)/atop") ""))
- #t)))))
+ #~(modify-phases %standard-phases
+ (delete 'configure) ; No ./configure script
+ (add-before 'build 'patch-build
+ (lambda _
+ (substitute* "Makefile"
+ ;; Don't use /usr as a prefix.
+ (("/usr") "")
+ ;; Otherwise, it creates a blank configuration file as a "default".
+ (("touch.*DEFPATH)/atop") "")
+ (("chmod.*DEFPATH)/atop") "")))))))
(inputs
- `(("ncurses" ,ncurses)
- ("python" ,python-wrapper) ; for `atopgpud`
- ("zlib" ,zlib)))
+ (list ncurses
+ python-wrapper ; for `atopgpud`
+ zlib))
(home-page "https://www.atoptool.nl/")
(synopsis "Linux performance monitoring console")
(description "Atop is an ASCII full-screen performance monitor for Linux
to the CPU, memory, swap, disks (including LVM) and network layers, and for
every process (and thread) it shows e.g. the CPU utilization, memory growth,
disk utilization, priority, username, state, and exit code.")
+ (properties
+ `((release-monitoring-url . "https://www.atoptool.nl/downloadatop.php")))
(license license:gpl2+)))
;; TODO: Unvendor u-root (pkg: forth, golang, testutil).
(install-file "novena-eeprom" out-bin)
(install-file "novena-eeprom.8" out-share-man)))))))
(inputs
- (list i2c-tools))
+ (list i2c-tools-3))
(synopsis "Novena EEPROM editor")
(description "This package provides an editor for the Novena EEPROM.
Novena boards contain a device-dependent descriptive EEPROM that defines
(define-public nq
(package
(name "nq")
- (version "0.4")
+ (version "0.5")
(source
(origin
(method git-fetch)
(commit (string-append "v" version))))
(file-name (git-file-name name version))
(sha256
- (base32 "0sdamjzvmf6cxhjmd1rjvn7zm6k10fp5n6vabyxd3yl30cgrxw2i"))))
+ (base32 "0szbndvwl6ghwjzb165s09977s0r1yq8h0ziknm0h6xndkcjspl3"))))
(build-system gnu-build-system)
(native-inputs
(list perl))
(arguments
- `(#:make-flags (list (string-append "CC=" ,(cc-for-target))
- (string-append "PREFIX=" (assoc-ref %outputs "out")))
- #:phases
- (modify-phases %standard-phases
- (delete 'configure))))
+ (list #:make-flags
+ #~(list (string-append "CC=" #$(cc-for-target))
+ (string-append "PREFIX=" #$output))
+ #:phases
+ #~(modify-phases %standard-phases
+ (delete 'configure))))
(synopsis "Unix command line queue utility")
(description
"@code{nq} can create very lightweight job queue systems which require no
(define-public udpcast
(package
(name "udpcast")
- (version "20200328")
+ (version "20211207")
(source
(origin
(method url-fetch)
;; XXX: Original server is at https://www.udpcast.linux.lu is not
;; reliable.
(uri (list (string-append
- "http://sources.buildroot.net/udpcast/udpcast-"
- version ".tar.gz")
- (string-append
"https://fossies.org/linux/privat/udpcast-"
version ".tar.gz")
(string-append
"https://www.udpcast.linux.lu/download/udpcast-"
version ".tar.gz")))
(sha256
- (base32 "06pj86nbi9hx7abbb0z2c5ynhfq0rv89b7nmy0kq3xz2lsxfw6cw"))))
+ (base32 "0l6hck694szrrvz85nm48rwb7mzvg2z2bwa50v51pkvym3kvxkm3"))))
(build-system gnu-build-system)
(native-inputs
(list autoconf automake m4 perl))
(home-page "https://www.udpcast.linux.lu")
(license license:gpl2+)))
+(define-public greetd
+ (package
+ (name "greetd")
+ (version "0.8.0")
+ (home-page "https://git.sr.ht/~kennylevinsen/greetd")
+ (source (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url home-page)
+ (commit version)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32 "0x5c3jkw09kvj2grcxm899y2n6ws8p990cyp9cs0fy6lm4fzlh6v"))))
+ (build-system cargo-build-system)
+ (arguments
+ `(#:cargo-inputs
+ (("rust-nix" ,rust-nix-0.19)
+ ("rust-pam-sys" ,rust-pam-sys-0.5)
+ ("rust-rpassword" ,rust-rpassword-5)
+ ("rust-users" ,rust-users-0.11)
+ ("rust-serde" ,rust-serde-1)
+ ("rust-serde-json" ,rust-serde-json-1)
+ ("rust-libc" ,rust-libc-0.2)
+ ("rust-tokio" ,rust-tokio-1)
+ ("rust-getopts" ,rust-getopts-0.2)
+ ("rust-thiserror" ,rust-thiserror-1)
+ ("rust-async-trait" ,rust-async-trait-0.1)
+ ("rust-enquote" ,rust-enquote-1))
+ #:phases
+ (modify-phases %standard-phases
+ (delete 'package)
+ (add-after 'build 'build-man-pages
+ (lambda* (#:key inputs #:allow-other-keys)
+ (define (scdoc-cmd doc lvl)
+ (system (string-append "scdoc < "
+ doc "-" lvl ".scd > "
+ doc "." lvl)))
+ (with-directory-excursion "man"
+ (scdoc-cmd "greetd" "1")
+ (scdoc-cmd "greetd" "5")
+ (scdoc-cmd "greetd-ipc" "7")
+ (scdoc-cmd "agreety" "1"))))
+ (replace 'install
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (bin (string-append out "/bin"))
+ (sbin (string-append out "/sbin"))
+ (share (string-append out "/share"))
+ (man (string-append share "/man"))
+ (man1 (string-append man "/man1"))
+ (man5 (string-append man "/man5"))
+ (man7 (string-append man "/man7"))
+ (release "target/release")
+ (greetd-bin (string-append release "/greetd"))
+ (agreety-bin (string-append release "/agreety")))
+ (install-file greetd-bin sbin)
+ (install-file agreety-bin bin)
+ (with-directory-excursion "man"
+ (install-file "greetd.1" man1)
+ (install-file "greetd.5" man5)
+ (install-file "greetd-ipc.7" man7)
+ (install-file "agreety.1" man1))))))))
+ (native-inputs
+ `(("linux-pam" ,linux-pam)
+ ("scdoc" ,scdoc)))
+ (synopsis "minimal and flexible login manager daemon")
+ (description
+ "greetd is a minimal and flexible login manager daemon
+that makes no assumptions about what you want to launch.
+
+If you can run it from your shell in a TTY, greetd can start it.
+
+If it can be taught to speak a simple JSON-based IPC protocol,
+then it can be a greeter.")
+ (license license:gpl3+)))
+
+(define-public greetd-pam-mount
+ (package
+ (inherit pam-mount)
+ (name "greetd-pam-mount")
+ (arguments
+ (substitute-keyword-arguments (package-arguments pam-mount)
+ ((#:configure-flags flags ''())
+ #~(cons* "--with-rundir=/run/greetd" #$flags))
+ ((#:phases phases)
+ #~(modify-phases #$phases
+ (add-after 'unpack 'patch-config-file-name
+ (lambda* (#:key inputs #:allow-other-keys)
+ (substitute* "src/pam_mount.c"
+ ((".*define CONFIGFILE .*$")
+ "#define CONFIGFILE \"/etc/security/greetd_pam_mount.conf.xml\"\n")
+ (("pam_mount_config") "greetd_pam_mount_config")
+ (("pam_mount_system_authtok") "greetd_pam_mount_system_authtok"))))))))
+ (synopsis "pam-mount specifically compiled for use with greetd")
+ (description
+ "Pam-mount is a PAM module that can mount volumes when a user logs in.
+It supports mounting local filesystems of any kind the normal mount utility
+supports. It can also mount encrypted LUKS volumes using the password
+supplied by the user when logging in.
+
+This package inherits pam-mount in the way that it is compiled specifically
+for use with greetd daemon. It uses different configuration location and
+name space for storing data in PAM.
+
+greetd-pam-mount is used in configuration of greetd to provide
+auto-(mounting/unmounting) of XDG_RUNTIME_DIR in the way that it will not
+interfere with default pam-mount configuration.")))
+
+(define-public libseat
+ (package
+ (name "libseat")
+ (version "0.7.0")
+ (source (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://git.sr.ht/~kennylevinsen/seatd")
+ (commit version)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32
+ "10f8387yy5as547xjjhl0cna6iywdgjmw0iq2nvcs8q6vlpnik4v"))))
+ (build-system meson-build-system)
+ (arguments
+ `(#:configure-flags '("-Dlibseat-logind=elogind"
+ "-Dserver=disabled")))
+ (native-inputs
+ `(("pkg-config" ,pkg-config)))
+ (propagated-inputs
+ `(("elogind" ,elogind)))
+ (home-page "https://sr.ht/~kennylevinsen/seatd")
+ (synopsis "Seat management library")
+ (description
+ "This package provides a universal seat management library that
+allows applications to use whatever seat management is available.")
+ (license license:expat)))
+
+(define-public seatd
+ (package
+ (inherit libseat)
+ (name "seatd")
+ (arguments
+ `(#:configure-flags '("-Dlibseat-logind=elogind")
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'install 'remove-libs
+ (lambda* (#:key outputs #:allow-other-keys)
+ (with-directory-excursion (assoc-ref outputs "out")
+ (for-each delete-file-recursively '("lib" "include"))))))))
+ (native-inputs
+ `(("pkg-config" ,pkg-config)
+ ("scdoc" ,scdoc)))
+ (inputs '())
+ (synopsis "Seat management daemon")
+ (description
+ "This package provides a minimal seat management daemon whose task is to
+mediate access to shared devices, such as graphics and input, for applications
+that require it.")
+ (license license:expat)))
+(define-public fail2ban
+ (package
+ (name "fail2ban")
+ (version "0.11.2")
+ (source (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/fail2ban/fail2ban")
+ (commit version)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32
+ "00d9q8m284q2wy6q462nipzszplfbvrs9fhgn0y3imwsc24kv1db"))
+ (modules '((guix build utils)))
+ (snippet
+ '(begin
+ ;; Get rid of absolute file names.
+ (substitute* "setup.py"
+ (("/etc/fail2ban")
+ "etc/fail2ban")
+ (("/var/lib/fail2ban")
+ "var/lib/fail2ban")
+ (("\"/usr/bin/\"")
+ "\"usr/bin/\"")
+ (("\"/usr/lib/fail2ban/\"")
+ "\"usr/lib/fail2ban/\"")
+ (("'/usr/share/doc/fail2ban'")
+ "'usr/share/doc/fail2ban'"))
+ ;; disable tests performing unacceptable side-effects
+ (let ((make-suite (lambda (t)
+ (string-append
+ "tests.addTest.unittest.makeSuite."
+ t ".."))))
+ (substitute* "fail2ban/tests/utils.py"
+ (((make-suite "actiontestcase.CommandActionTest"))
+ "")
+ (((make-suite "misctestcase.SetupTest"))
+ "")
+ (((make-suite
+ "filtertestcase.DNSUtilsNetworkTests"))
+ "")
+ (((make-suite "filtertestcase.IgnoreIPDNS"))
+ "")
+ (((make-suite "filtertestcase.GetFailures"))
+ "")
+ (((make-suite
+ "fail2banclienttestcase.Fail2banServerTest"))
+ "")
+ (((make-suite
+ "servertestcase.ServerConfigReaderTests"))
+ "")))))
+ (patches (search-patches
+ "fail2ban-0.11.2_fix-setuptools-drop-2to3.patch"
+ "fail2ban-python310-server-action.patch"
+ "fail2ban-python310-server-actions.patch"
+ "fail2ban-python310-server-jails.patch"
+ "fail2ban-0.11.2_fix-test-suite.patch"
+ "fail2ban-0.11.2_CVE-2021-32749.patch"
+ "fail2ban-paths-guix-conf.patch"))))
+ (build-system python-build-system)
+ (arguments
+ '(#:phases (modify-phases %standard-phases
+ (add-before 'build 'invoke-2to3
+ (lambda _
+ (invoke "./fail2ban-2to3")))
+ (add-before 'install 'fix-default-config
+ (lambda* (#:key outputs #:allow-other-keys)
+ (substitute* '("config/paths-common.conf"
+ "fail2ban/tests/utils.py"
+ "fail2ban/client/configreader.py"
+ "fail2ban/client/fail2bancmdline.py"
+ "fail2ban/client/fail2banregex.py")
+ (("/etc/fail2ban")
+ (string-append (assoc-ref outputs "out")
+ "/etc/fail2ban")))))
+ (add-after 'fix-default-config 'set-action-dependencies
+ (lambda* (#:key inputs #:allow-other-keys)
+ ;; deleting things that are not feasible to fix
+ ;; or won't be used any way
+ (with-directory-excursion "config"
+ (for-each delete-file
+ '("paths-arch.conf"
+ "paths-debian.conf"
+ "paths-fedora.conf"
+ "paths-freebsd.conf"
+ "paths-opensuse.conf"
+ "paths-osx.conf")))
+ (with-directory-excursion "config/action.d"
+ (for-each delete-file
+ '("apf.conf"
+ "bsd-ipfw.conf"
+ "dshield.conf"
+ "ipfilter.conf"
+ "ipfw.conf"
+ "firewallcmd-allports.conf"
+ "firewallcmd-common.conf"
+ "firewallcmd-ipset.conf"
+ "firewallcmd-multiport.conf"
+ "firewallcmd-new.conf"
+ "firewallcmd-rich-logging.conf"
+ "firewallcmd-rich-rules.conf"
+ "osx-afctl.conf"
+ "osx-ipfw.conf"
+ "pf.conf"
+ "nginx-block-map.conf"
+ "npf.conf"
+ "shorewall.conf"
+ "shorewall-ipset-proto6.conf"
+ "ufw.conf")))
+ (let* ((lookup-cmd (lambda (i)
+ (search-input-file inputs i)))
+ (bin (lambda (i)
+ (lookup-cmd (string-append "/bin/" i))))
+ (sbin (lambda (i)
+ (lookup-cmd (string-append "/sbin/" i))))
+ (ip (sbin "ip"))
+ (sendmail (sbin "sendmail")))
+ (substitute* (find-files "config/action.d" "\\.conf$")
+ ;; TODO: deal with geoiplookup ..
+ (("(awk|curl|dig|jq)" all cmd)
+ (bin cmd))
+ (("(cat|echo|grep|head|printf|wc) " all
+ cmd)
+ (string-append (bin cmd) " "))
+ ((" (date|rm|sed|tail|touch|tr) " all
+ cmd)
+ (string-append " "
+ (bin cmd) " "))
+ (("cut -d")
+ (string-append (bin "cut") " -d"))
+ (("`date`")
+ (string-append "`"
+ (bin "date") "`"))
+ (("id -")
+ (string-append (bin "id") " -"))
+ (("ip -([46]) addr" all ver)
+ (string-append ip " -" ver " addr"))
+ (("ip route")
+ (string-append ip " route"))
+ (("ipset ")
+ (string-append (sbin "ipset") " "))
+ (("(iptables|ip6tables) <" all cmd)
+ (string-append (sbin cmd) " <"))
+ (("/usr/bin/nsupdate")
+ (bin "nsupdate"))
+ (("mail -E")
+ (string-append sendmail " -E"))
+ (("nftables = nft")
+ (string-append "nftables = " (sbin "nft")))
+ (("perl -e")
+ (string-append (bin "perl") " -e"))
+ (("/usr/sbin/sendmail")
+ sendmail)
+ (("test -e")
+ (string-append (bin "test") " -e"))
+ (("_whois = whois")
+ (string-append "_whois = " (bin "whois")))))
+ (substitute* "config/jail.conf"
+ (("before = paths-debian.conf")
+ "before = paths-guix.conf"))))
+ (add-after 'install 'copy-man-pages
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((man (string-append (assoc-ref outputs "out")
+ "/man"))
+ (install-man (lambda (m)
+ (lambda (f)
+ (install-file (string-append f
+ "." m)
+ (string-append man
+ "/man" m)))))
+ (install-man1 (install-man "1"))
+ (install-man5 (install-man "5")))
+ (with-directory-excursion "man"
+ (for-each install-man1
+ '("fail2ban"
+ "fail2ban-client"
+ "fail2ban-python"
+ "fail2ban-regex"
+ "fail2ban-server"
+ "fail2ban-testcases"))
+ (for-each install-man5
+ '("jail.conf")))))))))
+ (inputs (list gawk
+ coreutils-minimal
+ curl
+ grep
+ jq
+ iproute
+ ipset
+ iptables
+ `(,isc-bind "utils")
+ nftables
+ perl
+ python-pyinotify
+ sed
+ sendmail
+ sqlite
+ whois))
+ (home-page "http://www.fail2ban.org")
+ (synopsis "Daemon to ban hosts that cause multiple authentication errors")
+ (description
+ "Fail2Ban scans log files like @file{/var/log/auth.log} and bans IP
+addresses conducting too many failed login attempts. It does this by updating
+system firewall rules to reject new connections from those IP addresses, for a
+configurable amount of time. Fail2Ban comes out-of-the-box ready to read many
+standard log files, such as those for sshd and Apache, and is easily
+configured to read any log file of your choosing, for any error you wish.
+
+Though Fail2Ban is able to reduce the rate of incorrect authentication
+attempts, it cannot eliminate the risk presented by weak authentication. Set
+up services to use only two factor, or public/private authentication
+mechanisms if you really want to protect services.")
+ (license license:gpl2+)))
HCoop / jackhill / guix / guix.git / blobdiff