;;; Copyright © 2016, 2017, 2018 Marius Bakke <mbakke@fastmail.com>
;;; Copyright © 2016 Rene Saavedra <rennes@openmailbox.org>
;;; Copyright © 2016 Carlos Sánchez de La Lama <csanchezdll@gmail.com>
-;;; Copyright © 2016, 2017 ng0 <ng0@infotropique.org>
-;;; Copyright © 2017 Leo Famulari <leo@famulari.name>
+;;; Copyright © 2016, 2017 Nils Gillmann <ng0@n0.is>
+;;; Copyright © 2017, 2018 Leo Famulari <leo@famulari.name>
;;; Copyright © 2017 José Miguel Sánchez García <jmi2k@openmailbox.com>
;;; Copyright © 2017 Gábor Boskovits <boskovits@gmail.com>
;;; Copyright © 2017 Mathieu Othacehe <m.othacehe@gmail.com>
("bc" ,bc)
("openssl" ,openssl)
("kmod" ,kmod)
+ ("elfutils" ,elfutils) ; Needed to enable CONFIG_STACK_VALIDATION
+ ("flex" ,flex)
+ ("bison" ,bison)
;; On x86, build with GCC-7 for full retpoline support.
;; FIXME: Remove this when our default compiler has retpoline support.
,@(match (system->linux-architecture
(ice-9 match))
#:phases
(modify-phases %standard-phases
+ (add-after 'unpack 'patch-/bin/pwd
+ (lambda _
+ (substitute* (find-files "." "^Makefile(\\.include)?$")
+ (("/bin/pwd") "pwd"))
+ #t))
(replace 'configure
(lambda* (#:key inputs native-inputs target #:allow-other-keys)
;; Avoid introducing timestamps
;; supports qemu "virt" machine and possibly a large number of ARM boards.
;; See : https://wiki.debian.org/DebianKernel/ARMMP.
-(define %linux-libre-version "4.15.7")
-(define %linux-libre-hash "1h17wc12lvva5vcm2z06cf57ywxb6i2snm9vxixw1lwibnksrb6l")
+(define %linux-libre-version "4.16.2")
+(define %linux-libre-hash "04sma28djhr2llffnd8pmpb1jfwaqcg2sipp0jnnj1llpwj3rah7")
(define-public linux-libre
(make-linux-libre %linux-libre-version
%linux-compatible-systems
#:configuration-file kernel-config))
-(define %linux-libre-4.14-version "4.14.24")
-(define %linux-libre-4.14-hash "1i14djw3rmxb6syl6vfd5w76rjksbbaviynwj2dwwp9ki1h6p1hr")
+(define %linux-libre-4.14-version "4.14.34")
+(define %linux-libre-4.14-hash "11gmvxngjfx4w24a1yjc98hhdl8zfh87byrslgy94faybj8dl938")
(define-public linux-libre-4.14
(make-linux-libre %linux-libre-4.14-version
#:configuration-file kernel-config))
(define-public linux-libre-4.9
- (make-linux-libre "4.9.86"
- "0fqixx3yyvznianygk8bfxzfqj8zpnjcalifhpfyb7rm3dyvi3wd"
+ (make-linux-libre "4.9.94"
+ "1ff6g1pq16l95bpw4bfagdg4dd49mgfrg9z7l7s6r9z7qp14cd7m"
%intel-compatible-systems
#:configuration-file kernel-config))
(define-public linux-libre-4.4
- (make-linux-libre "4.4.120"
- "17zk5dbpa3kilf8m8i6r2jifjgi4yjim42gyk9j6n4218jjcszv6"
+ (make-linux-libre "4.4.128"
+ "1aqz5skyz534bcpnn6w9madg6kadgyjjypah9dhmqf841rygb6rk"
%intel-compatible-systems
#:configuration-file kernel-config))
(define-public linux-libre-4.1
- (make-linux-libre "4.1.49"
- "0dklmqj6ayjlkz97b811zdvpgb3yppahinji9l9jmkz4ssi7a1gs"
+ (make-linux-libre "4.1.51"
+ "0l8lpwjpckp44hjyx5qrxqdwwi97gyyc1n6pmk66cr3fpdhnk540"
%intel-compatible-systems
#:configuration-file kernel-config))
(license (list license:gpl3+ license:gpl2+ license:gpl2 license:lgpl2.0+
license:bsd-4 license:public-domain))))
+;; The patch 'util-linux-CVE-2018-7738.patch' fixes a security bug in
+;; the Bash completions for `mount`. Since this bug doesn't affect
+;; other programs that link against libraries from util-linux, we don't
+;; need to use a graft to make the fix available. Instead, users
+;; installing util-linux will get the fix in this newer version, and
+;; (@ (gnu system) %base-packages) takes care to use this package.
+;; This solution was suggested here:
+;; <https://debbugs.gnu.org/cgi/bugreport.cgi?bug=30827#13>
+(define-public util-linux-2.31.1
+ (package
+ (inherit util-linux)
+ (name "util-linux")
+ ;; XXX Don't update this without also updating %base-packages!
+ (version "2.31.1")
+ (source (origin
+ (inherit (package-source util-linux))
+ (uri (string-append "mirror://kernel.org/linux/utils/"
+ name "/v" (version-major+minor version) "/"
+ name "-" version ".tar.xz"))
+ (sha256
+ (base32
+ "04fzrnrr3pvqskvjn9f81y0knh0jvvqx4lmbz5pd4lfdm5pv2l8s"))
+ (patches
+ (append (origin-patches (package-source util-linux))
+ (search-patches "util-linux-CVE-2018-7738.patch")))))))
+
(define-public ddate
(package
(name "ddate")
(define-public strace
(package
(name "strace")
- (version "4.21")
+ (version "4.22")
+ (home-page "https://strace.io")
(source (origin
(method url-fetch)
- (uri (string-append "https://github.com/strace/strace/releases/"
- "download/v" version "/strace-" version ".tar.xz"))
+ (uri (string-append home-page "/files/" version
+ "/strace-" version ".tar.xz"))
(sha256
(base32
- "0dsw6xcfrmygidp1dj2ch8cl8icrar7789snkb2r8gh78kdqhxjw"))))
+ "17dkpnsjxmys1ydidm9wcvc3wscsz44fmlxw3dclspn9cj9d1306"))))
(build-system gnu-build-system)
(arguments
'(#:phases
(("/bin/sh") (which "sh")))
#t)))))
(native-inputs `(("perl" ,perl)))
- (home-page "https://strace.io/")
(synopsis "System call tracer for Linux")
(description
"strace is a system call tracer, i.e. a debugging tool which prints out a
(define-public alsa-plugins
(package
(name "alsa-plugins")
- (version "1.1.4")
+ (version "1.1.5")
(source (origin
(method url-fetch)
(uri (string-append "ftp://ftp.alsa-project.org/pub/plugins/"
name "-" version ".tar.bz2"))
(sha256
(base32
- "12hsvm6rpinjkg06pa9hzndkdrbfw6wk6yk00cm8y1gbv8xiq3ak"))))
+ "073zpgvj4pldmzqq97l40wngvbqnvrkc8yw153mgny9kypwaazbr"))))
(build-system gnu-build-system)
;; TODO: Split libavcodec and speex if possible. It looks like they can not
;; be split, there are references to both in files.
This package also includes @command{ip6tables}, which is used to configure the
IPv6 packet filter.
-Both commands are targeted at system administrators.
-")
+Both commands are targeted at system administrators.")
(license license:gpl2+)))
(define-public ebtables
(define-public iproute
(package
(name "iproute2")
- (version "4.15.0")
+ (version "4.16.0")
(source (origin
(method url-fetch)
(uri (string-append
version ".tar.xz"))
(sha256
(base32
- "0mc3g4kj7h3jhwz2b2gdf41gp6bhqn7axh4mnyvhkdnpk5m63m28"))))
+ "02pfalg319jpbjz273ph725br8dnkzpfvi98azi9yd6p1w128p0c"))))
(build-system gnu-build-system)
(arguments
`(#:tests? #f ; no test suite
(define-public archivemount
(package
(name "archivemount")
- (version "0.8.7")
+ (version "0.8.9")
(source
(origin
(method url-fetch)
"archivemount-" version ".tar.gz"))
(sha256
(base32
- "1diiw6pnlnrnikn6l5ld92dx59lhrxjlqms8885vwbynsjl5q127"))))
+ "0v4si1ri6lhnq9q87gkx7fsh6lv6xz4bynknwndqncpvfp5cy1jg"))))
(build-system gnu-build-system)
- (inputs `(("fuse", fuse)
- ("libarchive", libarchive)))
- (native-inputs `(("pkg-config", pkg-config)))
+ (inputs `(("fuse" ,fuse)
+ ("libarchive" ,libarchive)))
+ (native-inputs `(("pkg-config" ,pkg-config)))
(home-page "http://www.cybernoia.de/software/archivemount")
(synopsis "Tool for mounting archive files with FUSE")
(description "archivemount is a FUSE-based file system for Unix variants,
("docbook-xml" ,docbook-xml-4.2)
("docbook-xsl" ,docbook-xsl)
("libxml2" ,libxml2) ;for $XML_CATALOG_FILES
- ("xsltproc", libxslt)))
+ ("xsltproc" ,libxslt)))
(inputs
;; When linked against libblkid, eudev can populate /dev/disk/by-label
;; and similar; it also installs the '60-persistent-storage.rules' file,
(define-public hdparm
(package
(name "hdparm")
- (version "9.54")
+ (version "9.55")
(source (origin
(method url-fetch)
(uri (string-append "mirror://sourceforge/" name "/" name "/"
name "-" version ".tar.gz"))
(sha256
(base32
- "0ghnhdj7wfw6acfyhdawpfa5n9kvkvzgi1fw6i7sghgbjx5nhyjd"))))
+ "1ivdvrzimaayiq03by8mcq0mhmdljndj06h012zkdpw34irnpixm"))))
(build-system gnu-build-system)
(arguments
`(#:make-flags (let ((out (assoc-ref %outputs "out")))
;; Upstream uses the "ninja" build system and encourage distros
;; to do the same for consistency. They also recommend using the
;; "Release" build type.
- #:configure-flags (list "-GNinja"
- "-DCMAKE_BUILD_TYPE=Release")
+ #:build-type "Release"
+ #:configure-flags (list "-GNinja")
#:phases
(modify-phases %standard-phases
(replace 'build
(inputs
`(("acl" ,acl)
("libuuid" ,util-linux)
- ("lzo", lzo)
+ ("lzo" ,lzo)
("zlib" ,zlib)))
(build-system gnu-build-system)
(arguments
(define-public radeontop
(package
(name "radeontop")
- (version "1.0")
+ (version "1.1")
(home-page "https://github.com/clbr/radeontop/")
(source (origin
(method url-fetch)
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
- "1z38nibirqxrbsfyhfcrnzlcw16cqjp4ds6qnjfxalwayf9fm5x9"))))
+ "1fv06j5c99imvzkac3j40lgjhr5b2i77fnyffhlvj92bli1fm1c6"))))
(build-system gnu-build-system)
(arguments
`(#:phases (modify-phases %standard-phases
(define-public efivar
(package
(name "efivar")
- (version "34")
+ (version "35")
(source (origin
(method url-fetch)
(uri (string-append "https://github.com/rhinstaller/" name
"-" version ".tar.bz2"))
(sha256
(base32
- "09a31y6sl3b33myy42gl9k732k1f440ycd07l6ac5d5l53kk8zhv"))))
+ "153k2ifyl4giz5fkryxhz8z621diqjy7v25hfga4z94rs32ks0qy"))))
(build-system gnu-build-system)
(arguments
`(;; Tests require a UEFI system and is not detected in the chroot.
(define-public efibootmgr
(package
(name "efibootmgr")
- (version "14")
+ (version "16")
(source (origin
(method url-fetch)
(uri (string-append "https://github.com/rhinstaller/" name
"-" version ".tar.bz2"))
(sha256
(base32
- "1n3sydvpr6yl040hhf460k7mrxby7laqd9dqs6pq0js1hijc2zip"))))
+ "0pzn67vxxaf7jna4cd0i4kqm60h04kb21hckksv9z82q9gxra1wm"))))
(build-system gnu-build-system)
(arguments
`(#:tests? #f ; No tests.
#:make-flags (list (string-append "prefix=" %output)
(string-append "libdir=" %output "/lib")
+ ;; EFIDIR denotes a subdirectory relative to the
+ ;; EFI System Partition where the loader will be
+ ;; installed (known as OS_VENDOR in the code).
+ ;; GRUB overrides this, as such it's only used if
+ ;; nothing else is specified on the command line.
+ "EFIDIR=gnu"
;; Override CFLAGS to add efivar include directory.
(string-append "CFLAGS=-O2 -g -flto -I"
(assoc-ref %build-inputs "efivar")
"/include/efivar"))
- #:phases
- (modify-phases %standard-phases
- (add-after 'unpack 'branding
- ;; Replace default loader path with something more familiar.
- (lambda _
- (substitute* "src/efibootmgr.c"
- (("EFI\\\\\\\\redhat") ; Matches 'EFI\\redhat'.
- "EFI\\\\gnu"))
- #t))
- (delete 'configure))))
+ #:phases (modify-phases %standard-phases (delete 'configure))))
(native-inputs
`(("pkg-config" ,pkg-config)))
(inputs
(base32
"1i1gfy8l7qyhc5vlrpp63s0n5kybmc9pi4dywiq8rmkhrrnddsla"))))
(build-system gnu-build-system)
- (inputs `(("bison", bison)
- ("flex", flex)
- ("gmp", gmp)
- ("libmnl", libmnl)
- ("libnftnl", libnftnl)
- ("readline", readline)))
- (native-inputs `(("pkg-config", pkg-config)))
+ (inputs `(("bison" ,bison)
+ ("flex" ,flex)
+ ("gmp" ,gmp)
+ ("libmnl" ,libmnl)
+ ("libnftnl" ,libnftnl)
+ ("readline" ,readline)))
+ (native-inputs `(("pkg-config" ,pkg-config)))
(home-page "http://www.nftables.org")
(synopsis "Userspace utility for Linux packet filtering")
(description "nftables is the project that aims to replace the existing
Also included is @command{fbgrab}, a wrapper around @command{fbcat} that
emulates the behaviour of Gunnar Monell's older fbgrab utility.")
(license license:gpl2)))
+
+(define-public libcgroup
+ (package
+ (name "libcgroup")
+ (version "0.41")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append
+ "mirror://sourceforge/libcg/" name "/"
+ version "/" name "-" version ".tar.bz2"))
+ (sha256
+ (base32 "0lgvyq37gq84sk30sg18admxaj0j0p5dq3bl6g74a1ppgvf8pqz4"))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:tests? #f))
+ (native-inputs
+ `(("bison" ,bison)
+ ("flex" ,flex)))
+ (inputs
+ `(("linux-pam" ,linux-pam)))
+ (home-page "https://sourceforge.net/projects/libcg/")
+ (synopsis "Control groups management tools")
+ (description "Control groups is Linux kernel method for process resource
+restriction, permission handling and more. This package provides userspace
+interface to this kernel feature.")
+ (license license:lgpl2.1)))