Fixes CVE-2023-32205, CVE-2023-32206, CVE-2023-32207, CVE-2023-32208,
CVE-2023-32209, CVE-2023-32210, CVE-2023-32211, CVE-2023-32212,
CVE-2023-32213, CVE-2023-32214, CVE-2023-32215, CVE-2023-32216 and
MFSA-TMP-2023-0002.
* nongnu/packages/mozilla.scm (firefox): Update to 113.0.
(rust-firefox): Set to `rust` as this is now `rust-1.67`.
The needed library libstdc++ was no longer found with the gcc updates in Guix.
* nongnu/packages/messaging.scm (signal-desktop)[inputs]: Remove gcc:lib. Add
libgccjit and libstdc++.
[phases]{wrap-where-patchelf-does-not-work}: Adjust for these inputs.
* nongnu/packages/steam-client.scm (steam-client-libs): Rename
fontconfig-fixed to fontconfig. The upstream bug has not been fixed but expat
has been ungrafted in core-updates so we no longer need to rewrite fontconfig.
Remove fontconfig-fixed as expat/fixed no longer exists in core-updates.
Piggy-back off of the patch list in Nixpkgs instead of maintaining our
own. This should make it easier to keep up to date so there's no need to
advise users to stick with Linux LTS releases any longer.
Though our existing patch list and Nixpkgs' differ the cumulative effect
is exactly the same except for two patches we have that Nix doesn't,
neither of which seem critical:
- broadcom-sta-debian-fix-kernel-warnings.patch
- broadcom-sta-fix_mac_profile_discrepancy.patch
Closes#246
* nongnu/packages/linux.scm (broadcom-sta): Replace patches
with code to fetch them from Nixpkgs.
[arguments]: Replace `linux-lts` with `linux`.
[description]: Remove Linux LTS recommendation.
* nongnu/packages/patches/broadcom-sta-debian-fix-kernel-warnings.patch: Remove.
* nongnu/packages/patches/broadcom-sta-fix_mac_profile_discrepancy.patch: Remove.
* nongnu/packages/patches/broadcom-sta-gcc.patch: Remove.
* nongnu/packages/patches/broadcom-sta-license.patch: Remove.
* nongnu/packages/patches/broadcom-sta-linux-4.11.patch: Remove.
* nongnu/packages/patches/broadcom-sta-linux-4.12.patch: Remove.
* nongnu/packages/patches/broadcom-sta-linux-4.15.patch: Remove.
* nongnu/packages/patches/broadcom-sta-linux-4.7.patch: Remove.
* nongnu/packages/patches/broadcom-sta-linux-4.8.patch: Remove.
* nongnu/packages/patches/broadcom-sta-linux-5.1.patch: Remove.
* nongnu/packages/patches/broadcom-sta-linux-5.10.patch: Remove.
* nongnu/packages/patches/broadcom-sta-linux-5.6.patch: Remove.
* nongnu/packages/patches/broadcom-sta-linux-5.9.patch: Remove.
* nongnu/packages/patches/broadcom-sta-null-pointer-fix.patch: Remove.
* nongnu/packages/patches/broadcom-sta-rdtscl.patch: Remove.
* README.org (Broadcom Wireless): Removed recommendation from
Broadcom Wireless section.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
There is a long list of libraries for LD_LIBRARY_PATH that could be refactored
into a LET form, but alas could not figure out with the many quotes and gexps
how right now. Or aomhost may only need a subset of these.
* nongnu/packages/messaging.scm (zoom)[patchelf-plan]: Add aomhost.
[phases]{wrap-where-patchelf-does-not-work}: Wrap it.
Adding linux@6.2 but not changing the default linux to this version until
upstream does as well.
* nongnu/packages/linux.scm (linux-6.2): New variable.
This allows access to the "configs" keyword argument from the 'corrupt-linux'
procedure. This simplifies creation of kernels with custom modules.
* nongnu/packages/linux.scm (corrupt-linux): Add 'configs' argument.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
* nongnu/packages/linux.scm (linux-firmware)[source]: Use mirror://kernel.org
instead and switch to xz compressed tarball.
Downloading tarball from https://git.kernel.org is
too slow in some country.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
* nongnu/packages/wasm.scm (llvm-monorepo): New variable.
(wasm32-wasi-libcxx): Update to 15.
[source]: Use llvm-monorepo.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
* nongnu/packages/wasm.scm (wasm32-wasi-clang-runtime): Update to 15.
[native-inputs]: Use clang-15.
[inputs]: Use llvm-15.
[arguments]<#:configure-flags>: Adapt path to LLVM monorepo.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
* nongnu/packages/linux.scm (linux-urls): Rename to ...
(linux-url): ... this. Return single url with mirror prefix like guix does.
(corrupt-linux): Use implementation details to dig up original hash of
upstream linux kernel sources.
It was already present as revision 8.
* nongnu/packages/linux.scm (rtl8821ce-linux-module)[revision]: Raise to 9.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
* nongnu/packages/linux.scm (rtl8812au-aircrack-ng-linux-module): Update to
5.6.4.2-10.08589e2.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
* nongnu/packages/firmware.scm (rtl8723bt-firmware): New variable.
Co-authored-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
* nongnu/packages/firmware.scm (ov5640-firmware): New variable.
Co-authored-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
* nongnu/packages/music.scm: New file.
* nongnu/packages/music.scm (reaper): New variable.
Co-authored-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
Upstream Guix will be removing linux-libre@6.0 and defaulting to
linux-libre@6.1. Do likewise here.
* nongnu/packages/linux.scm (linux-6.0): Remove variable.
(linux): Set to linux-6.1.
Fixes guix pull as the hunspell package has moved from (gnu packages
libreoffice) to (gnu packages hunspell)
* nongnu/packages/mozilla.scm: Remove the libreoffice module and use the new
hunspell module.
This replaces 'xdg-utils' with 'flatpak-xdg-utils' so that the steam container
will call out to the host to open URLs and properly handle steam:// URLs as
well. This requires portals on the host, e.g. xdg-desktop-portal-gtk.
* nongnu/packages/steam-client.scm (steam-client-libs): Replace 'xdg-utils'
with 'flatpak-xdg-utils'.
Adding linux@6.1 but not changing the default linux to this version until
upstream does as well.
* nongnu/packages/linux.scm (linux-6.1): New variable.
The main point of this patch is to make Chrome rely as little as
possible on the environment it's run into, allowing for easier
debugging. The next step would probably be to generate this list from
the input package-name.
* nongnu/packages/chrome.scm (google-chrome-stable): Update to 108.0.5359.124;
[arguments]{patchelf-inputs}: move to outer scope;
{LD_LIBRARY_PATH}: wrap the entrypoint with all of Chrome's input, this
should prevent loading libraries that are not listed as inputs from the
outer environment;
[inputs]: add some inputs following Nix's package definition to try and
fix#215.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
The raw-initrd contains a "references" file that is used to keep the static
guile used in the initrd alive. This file is not part of the combined-initrd.
It means that during garbage collection, the static guile could be collected
making the system unbootable because the static guile is then not part of the
store once the root is switched.
In the combined-initrds procedure, make sure to concatenate all the possible
references files of the underlying initrds into a top-level references file.
Fixes: <https://gitlab.com/nonguix/nonguix/issues/111>
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
This reverts commit 370749ab7b, reinstating
commit 3d53be2c5c now that 1.4.0 has been
released.
Original commit message:
This simplifies our linux package definitions to not need hash updates as they
simply follow from the inherited part of the source field. The newly added
'customize-linux' procedure from Guix is the preferred way to customize the
kernel as well.
* nongnu/packages/linux.scm (corrupt-linux): No longer take 'version' or
'hash' arguments. Inherit from 'customize-linux' as a starting package. Remove
patch for now removed 'build-doc' phase.
(linux-6.0, linux-5.15, linux-5.10, linux-5.4, linux4.19, linux-4.14,
linux-4.9, linux-arm64-generic-6.0, linux-arm64-generic-5.15): Remove version
and hash strings.
* nongnu/packages/nvidia.scm (nvidia-libs): Remove package definition and deprecate the variable.
Co-authored-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
* nongnu/packages/nvidia.scm (nvda): Use nvidia-driver as base.
[inputs]: Adjusted accordingly.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
* nongnu/packages/nvidia.scm (nvda)[arguments]: Avoid hardcoding inputs and
locate them via relative paths instead.
[description]: Adjust style.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
* nongnu/services/nvidia.scm: New file.
(<nvidia-configuration>): New data type.
(nvidia-shepherd-service,nvidia-service-type): New variables.
* nongnu/packages/nvidia.scm (nvidia-driver)[description]: Adjust accordingly.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
* nongnu/packages/nvidia.scm (nvidia-driver)[arguments]<#:phases>: Split
post-install phase into patch-elf and create-short-name-symlinks phases.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
This is the proprietary Nvidia kernel module.
* nongnu/packages/nvidia.scm (nvidia-module): New variable.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
* nongnu/packages/nvidia.scm (computed-origin-method,make-nvidia-source)
(nvidia-source): New variables.
(nvidia-driver)[source]: Use nvidia-source instead.
[arguments]<#:phases>: Remove unpack phase.
[native-inputs]: Remove perl, python-2, which and xz.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
* nongnu/packages/nvidia.scm (nvidia-driver)[arguments]<#:modules>: Moved out
from <#:phases>.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
* nongnu/packages/nvidia.scm (nvidia-driver)[arguments]<#:phases>: Rewrite
logic for creating short name symbolic links, utilizing patchelf.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
* nongnu/packages/nvidia.scm (nvidia-driver)[arguments]<#:phases>: Use
G-expression and don't hardcode inputs when possible.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
This reverts commit 3d53be2c5c.
It depends on changes which are not available on the upstream
version-1.4.0 branch. I will add this back after the 1.4.0 release.
This simplifies our linux package definitions to not need hash updates as they
simply follow from the inherited part of the source field. The newly added
'customize-linux' procedure from Guix is the preferred way to customize the
kernel as well.
* nongnu/packages/linux.scm (corrupt-linux): No longer take 'version' or
'hash' arguments. Inherit from 'customize-linux' as a starting package. Remove
patch for now removed 'build-doc' phase.
(linux-6.0, linux-5.15, linux-5.10, linux-5.4, linux4.19, linux-4.14,
linux-4.9, linux-arm64-generic-6.0, linux-arm64-generic-5.15): Remove version
and hash strings.
Fixes#217. Builds of the linux kernel were failing without a recently added
patch from Guix to add an infodocs target for make. See commit
82c43b276dd5e60c81ad2c040a9d945befc4bc88. We now use this patch for
applicable kernels (version 5.10 or greater) so the 'build-doc' phase
succeeds.
* nongnu/package/linux.scm (corrupt-linux)[source]: Add patches with
"linux-libre-infodocs-target.patch" depending on version with the procedure
doc-supported? from (gnu packages linux).
Fixes https://gitlab.com/nonguix/nonguix/-/issues/211
* nongnu/packages/linux.scm (sof-firmware): Update to 2.2.
[source]: Switch from git checkout to prebuilt archives.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
Upstream Guix now has rust-1.61 (and more), so remove unneeded bootstrapping.
* nongnu/packages/mozilla.scm (rust-uri, rust-bootstrapped-package,
rust-firefox-1.61): Remove variables.
(rust-firefox): Set to be rust-1.61.
* nongnu/packages/benchmark.scm: New file.
* nongnu/packages/benchmark.scm (geekbench5): New variable.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
This also fixes the firefox package. VA-API runs in the RDD (Remote Data
Decoder) sandbox in firefox and thus needs to have specified everything it
needs access to. Using commit b7a0935420ee630a29b7e5ac73a32ba1eb24f00b of
Guix's icecat package, we can get all the dependencies needed and add that to
LD_LIBRARY_PATH. These are then accessible in the RDD sandbox, allowing
VA-API to fully load and work for hardware video decoding support.
* nongnu/package/mozilla.scm (firefox-esr)[modules]: Add (srfi srfi-1), (rnrs
bytevectors), (rnrs io ports), (guix elf), and (guix build gremlin).
[phases]{wrap-program}: New functions RUNPATH-OF and RUNPATHS-OF-INPUT. Use
these for RDD-WHITELIST, the runpaths of mesa and ffmpeg. Add this list to
LD_LIBRARY_PATH.
Now supports Linux 6.x series.
* nongnu/packages/linux.scm (rtl8821ce-linux-module): Update to 0.0.0-8-50c1b12.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
* nongnu/packages/linux.scm (linux-arm64-generic-5.19): Remove variable.
(linux-arm64-generic-6.0): New variable.
(linux-arm64-generic): Set to linux-arm64-linux-6.0.
Upstream Guix now defaults to rust 1.60, so remove unneeded bootstrapping.
* nongnu/packages/mozilla.scm (rust-firefox-1.58, rust-firefox-1.59,
rust-firefox-1.60): Remove variables.
(rust-firefox-1.61): Bootstrap from rust instead of rust-firefox-1.60.
(furst-firefox-esr): Set to be rust.
* nongnu/packages/messaging.scm (zoom)[phases]{rename-binary}: New phase.
Rename the binary that is called by the wrapper. The binary name must end in
"zoom" in order for IPC to work (for single sign-on and handling links from a
browser).
* nongnu/packages/dotnet.scm (dotnet): Update to 6.0.401.
[source]: New url.
(dotnet-sdk-version): Update to 6.0.9.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
