X-Git-Url: https://git.hcoop.net/jackhill/guix/guix.git/blobdiff_plain/613ef763a52d7825f062eb7b58354504b64d2869..08fda9c6c0e15c223225e780e8aa1dc5a8546ee7:/gnu/packages/linux.scm diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index 875f110622..385b5d7920 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -18,8 +18,8 @@ ;;; Copyright © 2016, 2017, 2018 Marius Bakke ;;; Copyright © 2016 Rene Saavedra ;;; Copyright © 2016 Carlos Sánchez de La Lama -;;; Copyright © 2016, 2017 ng0 -;;; Copyright © 2017 Leo Famulari +;;; Copyright © 2016, 2017 Nils Gillmann +;;; Copyright © 2017, 2018 Leo Famulari ;;; Copyright © 2017 José Miguel Sánchez García ;;; Copyright © 2017 Gábor Boskovits ;;; Copyright © 2017 Mathieu Othacehe @@ -284,6 +284,9 @@ for ARCH and optionally VARIANT, or #f if there is no such configuration." ("bc" ,bc) ("openssl" ,openssl) ("kmod" ,kmod) + ("elfutils" ,elfutils) ; Needed to enable CONFIG_STACK_VALIDATION + ("flex" ,flex) + ("bison" ,bison) ;; On x86, build with GCC-7 for full retpoline support. ;; FIXME: Remove this when our default compiler has retpoline support. ,@(match (system->linux-architecture @@ -308,6 +311,11 @@ for ARCH and optionally VARIANT, or #f if there is no such configuration." (ice-9 match)) #:phases (modify-phases %standard-phases + (add-after 'unpack 'patch-/bin/pwd + (lambda _ + (substitute* (find-files "." "^Makefile(\\.include)?$") + (("/bin/pwd") "pwd")) + #t)) (replace 'configure (lambda* (#:key inputs native-inputs target #:allow-other-keys) ;; Avoid introducing timestamps @@ -383,8 +391,8 @@ It has been modified to remove all non-free binary blobs.") ;; supports qemu "virt" machine and possibly a large number of ARM boards. ;; See : https://wiki.debian.org/DebianKernel/ARMMP. -(define %linux-libre-version "4.15.7") -(define %linux-libre-hash "1h17wc12lvva5vcm2z06cf57ywxb6i2snm9vxixw1lwibnksrb6l") +(define %linux-libre-version "4.16.2") +(define %linux-libre-hash "04sma28djhr2llffnd8pmpb1jfwaqcg2sipp0jnnj1llpwj3rah7") (define-public linux-libre (make-linux-libre %linux-libre-version @@ -392,8 +400,8 @@ It has been modified to remove all non-free binary blobs.") %linux-compatible-systems #:configuration-file kernel-config)) -(define %linux-libre-4.14-version "4.14.24") -(define %linux-libre-4.14-hash "1i14djw3rmxb6syl6vfd5w76rjksbbaviynwj2dwwp9ki1h6p1hr") +(define %linux-libre-4.14-version "4.14.34") +(define %linux-libre-4.14-hash "11gmvxngjfx4w24a1yjc98hhdl8zfh87byrslgy94faybj8dl938") (define-public linux-libre-4.14 (make-linux-libre %linux-libre-4.14-version @@ -402,20 +410,20 @@ It has been modified to remove all non-free binary blobs.") #:configuration-file kernel-config)) (define-public linux-libre-4.9 - (make-linux-libre "4.9.86" - "0fqixx3yyvznianygk8bfxzfqj8zpnjcalifhpfyb7rm3dyvi3wd" + (make-linux-libre "4.9.94" + "1ff6g1pq16l95bpw4bfagdg4dd49mgfrg9z7l7s6r9z7qp14cd7m" %intel-compatible-systems #:configuration-file kernel-config)) (define-public linux-libre-4.4 - (make-linux-libre "4.4.120" - "17zk5dbpa3kilf8m8i6r2jifjgi4yjim42gyk9j6n4218jjcszv6" + (make-linux-libre "4.4.128" + "1aqz5skyz534bcpnn6w9madg6kadgyjjypah9dhmqf841rygb6rk" %intel-compatible-systems #:configuration-file kernel-config)) (define-public linux-libre-4.1 - (make-linux-libre "4.1.49" - "0dklmqj6ayjlkz97b811zdvpgb3yppahinji9l9jmkz4ssi7a1gs" + (make-linux-libre "4.1.51" + "0l8lpwjpckp44hjyx5qrxqdwwi97gyyc1n6pmk66cr3fpdhnk540" %intel-compatible-systems #:configuration-file kernel-config)) @@ -634,6 +642,32 @@ block devices, UUIDs, TTYs, and many other tools.") (license (list license:gpl3+ license:gpl2+ license:gpl2 license:lgpl2.0+ license:bsd-4 license:public-domain)))) +;; The patch 'util-linux-CVE-2018-7738.patch' fixes a security bug in +;; the Bash completions for `mount`. Since this bug doesn't affect +;; other programs that link against libraries from util-linux, we don't +;; need to use a graft to make the fix available. Instead, users +;; installing util-linux will get the fix in this newer version, and +;; (@ (gnu system) %base-packages) takes care to use this package. +;; This solution was suggested here: +;; +(define-public util-linux-2.31.1 + (package + (inherit util-linux) + (name "util-linux") + ;; XXX Don't update this without also updating %base-packages! + (version "2.31.1") + (source (origin + (inherit (package-source util-linux)) + (uri (string-append "mirror://kernel.org/linux/utils/" + name "/v" (version-major+minor version) "/" + name "-" version ".tar.xz")) + (sha256 + (base32 + "04fzrnrr3pvqskvjn9f81y0knh0jvvqx4lmbz5pd4lfdm5pv2l8s")) + (patches + (append (origin-patches (package-source util-linux)) + (search-patches "util-linux-CVE-2018-7738.patch"))))))) + (define-public ddate (package (name "ddate") @@ -908,14 +942,15 @@ Zerofree requires the file system to be unmounted or mounted read-only.") (define-public strace (package (name "strace") - (version "4.21") + (version "4.22") + (home-page "https://strace.io") (source (origin (method url-fetch) - (uri (string-append "https://github.com/strace/strace/releases/" - "download/v" version "/strace-" version ".tar.xz")) + (uri (string-append home-page "/files/" version + "/strace-" version ".tar.xz")) (sha256 (base32 - "0dsw6xcfrmygidp1dj2ch8cl8icrar7789snkb2r8gh78kdqhxjw")))) + "17dkpnsjxmys1ydidm9wcvc3wscsz44fmlxw3dclspn9cj9d1306")))) (build-system gnu-build-system) (arguments '(#:phases @@ -926,7 +961,6 @@ Zerofree requires the file system to be unmounted or mounted read-only.") (("/bin/sh") (which "sh"))) #t))))) (native-inputs `(("perl" ,perl))) - (home-page "https://strace.io/") (synopsis "System call tracer for Linux") (description "strace is a system call tracer, i.e. a debugging tool which prints out a @@ -960,7 +994,7 @@ intercept and print the system calls executed by the program.") (define-public alsa-lib (package (name "alsa-lib") - (version "1.1.4.1") + (version "1.1.5") (source (origin (method url-fetch) (uri (string-append @@ -968,7 +1002,7 @@ intercept and print the system calls executed by the program.") version ".tar.bz2")) (sha256 (base32 - "0xjvi381105gldhv0z872a0x58sghznyx19j45lw5iyi2h68gfwi")))) + "1rhacnlj0grvfagjx5qzsnbhw7m7lyccghqs4jsv0dnsqv9qmxpl")))) (build-system gnu-build-system) (home-page "https://www.alsa-project.org/") (synopsis "The Advanced Linux Sound Architecture libraries") @@ -980,14 +1014,14 @@ MIDI functionality to the Linux-based operating system.") (define-public alsa-utils (package (name "alsa-utils") - (version "1.1.4") + (version "1.1.5") (source (origin (method url-fetch) (uri (string-append "ftp://ftp.alsa-project.org/pub/utils/" name "-" version ".tar.bz2")) (sha256 (base32 - "17cxih9ibjp1193dyd79j50pyfa9dvrs6r9kpwrvzicjvr2110x7")))) + "1s727md6mb408y2cfwzjkx23abxhampyrjdkgpyygdhxx62x42rj")))) (build-system gnu-build-system) (arguments ;; XXX: Disable man page creation until we have DocBook. @@ -1027,14 +1061,14 @@ MIDI functionality to the Linux-based operating system.") (define-public alsa-plugins (package (name "alsa-plugins") - (version "1.1.4") + (version "1.1.5") (source (origin (method url-fetch) (uri (string-append "ftp://ftp.alsa-project.org/pub/plugins/" name "-" version ".tar.bz2")) (sha256 (base32 - "12hsvm6rpinjkg06pa9hzndkdrbfw6wk6yk00cm8y1gbv8xiq3ak")))) + "073zpgvj4pldmzqq97l40wngvbqnvrkc8yw153mgny9kypwaazbr")))) (build-system gnu-build-system) ;; TODO: Split libavcodec and speex if possible. It looks like they can not ;; be split, there are references to both in files. @@ -1120,8 +1154,7 @@ configure the Linux 2.4.x and later IPv4 packet filtering ruleset This package also includes @command{ip6tables}, which is used to configure the IPv6 packet filter. -Both commands are targeted at system administrators. -") +Both commands are targeted at system administrators.") (license license:gpl2+))) (define-public ebtables @@ -1182,7 +1215,7 @@ that the Ethernet protocol is much simpler than the IP protocol.") (define-public iproute (package (name "iproute2") - (version "4.15.0") + (version "4.16.0") (source (origin (method url-fetch) (uri (string-append @@ -1190,7 +1223,7 @@ that the Ethernet protocol is much simpler than the IP protocol.") version ".tar.xz")) (sha256 (base32 - "0mc3g4kj7h3jhwz2b2gdf41gp6bhqn7axh4mnyvhkdnpk5m63m28")))) + "02pfalg319jpbjz273ph725br8dnkzpfvi98azi9yd6p1w128p0c")))) (build-system gnu-build-system) (arguments `(#:tests? #f ; no test suite @@ -1758,7 +1791,7 @@ file system is as easy as logging into the server with an SSH client.") (define-public archivemount (package (name "archivemount") - (version "0.8.7") + (version "0.8.9") (source (origin (method url-fetch) @@ -1766,11 +1799,11 @@ file system is as easy as logging into the server with an SSH client.") "archivemount-" version ".tar.gz")) (sha256 (base32 - "1diiw6pnlnrnikn6l5ld92dx59lhrxjlqms8885vwbynsjl5q127")))) + "0v4si1ri6lhnq9q87gkx7fsh6lv6xz4bynknwndqncpvfp5cy1jg")))) (build-system gnu-build-system) - (inputs `(("fuse", fuse) - ("libarchive", libarchive))) - (native-inputs `(("pkg-config", pkg-config))) + (inputs `(("fuse" ,fuse) + ("libarchive" ,libarchive))) + (native-inputs `(("pkg-config" ,pkg-config))) (home-page "http://www.cybernoia.de/software/archivemount") (synopsis "Tool for mounting archive files with FUSE") (description "archivemount is a FUSE-based file system for Unix variants, @@ -2024,7 +2057,7 @@ from the module-init-tools project.") ("docbook-xml" ,docbook-xml-4.2) ("docbook-xsl" ,docbook-xsl) ("libxml2" ,libxml2) ;for $XML_CATALOG_FILES - ("xsltproc", libxslt))) + ("xsltproc" ,libxslt))) (inputs ;; When linked against libblkid, eudev can populate /dev/disk/by-label ;; and similar; it also installs the '60-persistent-storage.rules' file, @@ -2530,14 +2563,14 @@ thanks to the use of namespaces.") (define-public hdparm (package (name "hdparm") - (version "9.54") + (version "9.55") (source (origin (method url-fetch) (uri (string-append "mirror://sourceforge/" name "/" name "/" name "-" version ".tar.gz")) (sha256 (base32 - "0ghnhdj7wfw6acfyhdawpfa5n9kvkvzgi1fw6i7sghgbjx5nhyjd")))) + "1ivdvrzimaayiq03by8mcq0mhmdljndj06h012zkdpw34irnpixm")))) (build-system gnu-build-system) (arguments `(#:make-flags (let ((out (assoc-ref %outputs "out"))) @@ -2991,7 +3024,7 @@ Bluetooth audio output devices like headphones or loudspeakers.") (define-public bluez (package (name "bluez") - (version "5.48") + (version "5.49") (source (origin (method url-fetch) (uri (string-append @@ -2999,7 +3032,7 @@ Bluetooth audio output devices like headphones or loudspeakers.") version ".tar.xz")) (sha256 (base32 - "140fjyxa2q4y35d9n52vki649jzb094pf71hxkkvlrpgf8q75a5r")))) + "15ffsaz7l3fgdg03l7g1xx9jw7xgs6pc548zxqsxawsca5x1sc1k")))) (build-system gnu-build-system) (arguments `(#:configure-flags @@ -3394,8 +3427,8 @@ The package provides additional NTFS tools.") ;; Upstream uses the "ninja" build system and encourage distros ;; to do the same for consistency. They also recommend using the ;; "Release" build type. - #:configure-flags (list "-GNinja" - "-DCMAKE_BUILD_TYPE=Release") + #:build-type "Release" + #:configure-flags (list "-GNinja") #:phases (modify-phases %standard-phases (replace 'build @@ -3697,7 +3730,7 @@ are exceeded.") (inputs `(("acl" ,acl) ("libuuid" ,util-linux) - ("lzo", lzo) + ("lzo" ,lzo) ("zlib" ,zlib))) (build-system gnu-build-system) (arguments @@ -3742,7 +3775,7 @@ developers.") (define-public radeontop (package (name "radeontop") - (version "1.0") + (version "1.1") (home-page "https://github.com/clbr/radeontop/") (source (origin (method url-fetch) @@ -3750,7 +3783,7 @@ developers.") (file-name (string-append name "-" version ".tar.gz")) (sha256 (base32 - "1z38nibirqxrbsfyhfcrnzlcw16cqjp4ds6qnjfxalwayf9fm5x9")))) + "1fv06j5c99imvzkac3j40lgjhr5b2i77fnyffhlvj92bli1fm1c6")))) (build-system gnu-build-system) (arguments `(#:phases (modify-phases %standard-phases @@ -3784,7 +3817,7 @@ under OpenGL graphics workloads.") (define-public efivar (package (name "efivar") - (version "34") + (version "35") (source (origin (method url-fetch) (uri (string-append "https://github.com/rhinstaller/" name @@ -3792,7 +3825,7 @@ under OpenGL graphics workloads.") "-" version ".tar.bz2")) (sha256 (base32 - "09a31y6sl3b33myy42gl9k732k1f440ycd07l6ac5d5l53kk8zhv")))) + "153k2ifyl4giz5fkryxhz8z621diqjy7v25hfga4z94rs32ks0qy")))) (build-system gnu-build-system) (arguments `(;; Tests require a UEFI system and is not detected in the chroot. @@ -3817,7 +3850,7 @@ interface to the variable facility of UEFI boot firmware.") (define-public efibootmgr (package (name "efibootmgr") - (version "14") + (version "16") (source (origin (method url-fetch) (uri (string-append "https://github.com/rhinstaller/" name @@ -3825,26 +3858,23 @@ interface to the variable facility of UEFI boot firmware.") "-" version ".tar.bz2")) (sha256 (base32 - "1n3sydvpr6yl040hhf460k7mrxby7laqd9dqs6pq0js1hijc2zip")))) + "0pzn67vxxaf7jna4cd0i4kqm60h04kb21hckksv9z82q9gxra1wm")))) (build-system gnu-build-system) (arguments `(#:tests? #f ; No tests. #:make-flags (list (string-append "prefix=" %output) (string-append "libdir=" %output "/lib") + ;; EFIDIR denotes a subdirectory relative to the + ;; EFI System Partition where the loader will be + ;; installed (known as OS_VENDOR in the code). + ;; GRUB overrides this, as such it's only used if + ;; nothing else is specified on the command line. + "EFIDIR=gnu" ;; Override CFLAGS to add efivar include directory. (string-append "CFLAGS=-O2 -g -flto -I" (assoc-ref %build-inputs "efivar") "/include/efivar")) - #:phases - (modify-phases %standard-phases - (add-after 'unpack 'branding - ;; Replace default loader path with something more familiar. - (lambda _ - (substitute* "src/efibootmgr.c" - (("EFI\\\\\\\\redhat") ; Matches 'EFI\\redhat'. - "EFI\\\\gnu")) - #t)) - (delete 'configure)))) + #:phases (modify-phases %standard-phases (delete 'configure)))) (native-inputs `(("pkg-config" ,pkg-config))) (inputs @@ -4127,13 +4157,13 @@ used by nftables.") (base32 "1i1gfy8l7qyhc5vlrpp63s0n5kybmc9pi4dywiq8rmkhrrnddsla")))) (build-system gnu-build-system) - (inputs `(("bison", bison) - ("flex", flex) - ("gmp", gmp) - ("libmnl", libmnl) - ("libnftnl", libnftnl) - ("readline", readline))) - (native-inputs `(("pkg-config", pkg-config))) + (inputs `(("bison" ,bison) + ("flex" ,flex) + ("gmp" ,gmp) + ("libmnl" ,libmnl) + ("libnftnl" ,libnftnl) + ("readline" ,readline))) + (native-inputs `(("pkg-config" ,pkg-config))) (home-page "http://www.nftables.org") (synopsis "Userspace utility for Linux packet filtering") (description "nftables is the project that aims to replace the existing @@ -4536,3 +4566,30 @@ text-mode or graphical applications that don't use a display server. Also included is @command{fbgrab}, a wrapper around @command{fbcat} that emulates the behaviour of Gunnar Monell's older fbgrab utility.") (license license:gpl2))) + +(define-public libcgroup + (package + (name "libcgroup") + (version "0.41") + (source + (origin + (method url-fetch) + (uri (string-append + "mirror://sourceforge/libcg/" name "/" + version "/" name "-" version ".tar.bz2")) + (sha256 + (base32 "0lgvyq37gq84sk30sg18admxaj0j0p5dq3bl6g74a1ppgvf8pqz4")))) + (build-system gnu-build-system) + (arguments + `(#:tests? #f)) + (native-inputs + `(("bison" ,bison) + ("flex" ,flex))) + (inputs + `(("linux-pam" ,linux-pam))) + (home-page "https://sourceforge.net/projects/libcg/") + (synopsis "Control groups management tools") + (description "Control groups is Linux kernel method for process resource +restriction, permission handling and more. This package provides userspace +interface to this kernel feature.") + (license license:lgpl2.1)))