In order to update wine packages more easily, the source derivations are
collected into a single sources.nix, so hashes can be updated like
`nix-prefetch-url pkgs/misc/emulators/wine/sources.nix -A stable`
This update was generated by hackage2nix v20151217-10-ga610b1b using the following inputs:
- Nixpkgs: e9a140b725
- Hackage: 346d9f8466
- LTS Haskell: 6661045692
- Stackage Nightly: 0ad9eda835
CipherScan is a simple way to find out which SSL ciphersuites are
supported by a target.
It can take advantage of the extra features in Peter Mosmans' openssl
fork (which is also included in this commit).
Currently the check against FHS paths in the rule files is only checking
against the original paths from in services.udev.packages.
However we do fix up some of these paths in the udev rules generator and
the warning is against the unfixed rule files and therefore prints a lot
of false positives.
This pull request not only improves this warning but also makes the
rules generator fail if there are FHS still left in one of the rules
file.
Addresses #12722 as well so we can assure that this won't happen again
in the future.
Partially reverts the following commits:
9f2a61c59c9c13fe6604
As @edolstra pointed out, it would make more sense to do this by default
instead of having that allowImpurePaths option. This of course might
break systems which add extra packages to udev, but on the upside it's
hard to miss one of these paths now because it won't get buried in the
ocean of build output lines.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
With 9f2a61c in place, let's actually use this in the installer tests to
make sure we won't shovel FHS paths down the throad of unstable channel
users.
I've tested this by running all of the installer tests for x86_64-linux
and they all succeeded.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
So far we were merely printing a warning if there are still references
to (/usr)/s?bin, but we actually want to make sure that we fix those
paths, especially on updates of packages that come with udev rules.
This adds a new option allowImpurePaths, which when set to false will
cause the "udev-rules" derivation to fail.
I've set this to true by default, to not break existing systems too much
and the intention is to set it to false for a few NixOS VM tests.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
We were trying to find FHS references in all of the rules found in
services.udev.packages. Unfortunately we're still fixing up paths in the
same derivation where we are checking those references, so for example
references to /sbin/modprobe were still printed to be needed to fixup
even though they were already fixed at the time.
So now we're printing a more helpful warning message which is also
conditional (before the warning message was printed regardless of
whether there are any rules that need fixup) and is based off the rules
that were already fixed up.
The new warning message not only contains the build-local rule files but
also the original files from other store paths and the FHS path
references that were still found.
With 8ecd3a5e1d reverted, we now get this:
/nix/store/...-udev-rules/63-md-raid-arrays.rules (originally from
/nix/store/...-mdadm-3.3.4/lib/udev/rules.d/63-md-raid-arrays.rules)
contains references to /usr/bin/readlink and /usr/bin/basename.
Which is now more accurate to what is not yet fixed and where it's
coming from.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
