This brings in Chromium 27 as the new stable version.
Specific versions of the updated channels:
stable: 26.0.1410.63 -> 27.0.1453.93 (builds fine, tested)
beta: 27.0.1453.81 -> 28.0.1500.20 (builds fine, tested)
dev: 28.0.1500.11 -> 29.0.1516.3 (builds fine, tested)
We now can finally drop the following patches:
* glibc-2.16-use-siginfo_t.patch
* pulseaudio_array_bounds.patch
These were for version 26 only and thus are no longer needed.
In addition, we no longer have to use the pre/post attributes, as there is just
_one_ place that uses version specific stuff (path to webcore.gyp).
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Wanted to do this a long time ago, but never had a reason to do it. But with
Chromium 29 having no make target for chrome_sandbox, we now use ninja as well
as the official build and most other distributions.
The whole build/make flags cruft is now integrated into one buildPhase override
and we just call ninja there by exporting the specific variables.
And this also makes enableParallelBuilding obsolete, as we use NIX_BUILD_CORES
directly now.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Actually a "*[0-9]" wildcard isn't enough for some unrelated icons to slip into
the derivation output, so let's explicitely check again within the for loop.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This patch adds support for unprivileged user namespaces found in kernel
versions 3.8.0 and later. In case of Nix, this is especially useful to prevent
having to set up setuid wrappers.
The implementation details about this patch can be found at the top of the file
"sandbox_userns.patch". My first attempt of creating this patch was by modifying
the SUID sandbox. Unfortunately this didn't work out well, because in the event
of a sandbox failure, the host zygote process waits for an answer of the inner
zygote with no timeout. Even if I'd have set a timeout, this would have been
very ugly, giving users which don't have unprivileged user namespaces a delay on
startup.
An alternative approach to the mentioned problem would be to use select() on the
host zygote, watching for changes stdout or stderr and the synchronization
socket. But even that approach isn't feasible because it requires a whole bunch
of even more patching.
Patch was tested with older kernels (3.2.x, 3.7.x) and kernels without user
namespace support enabled, where in case the feature is unavailable it reverts
back to the previous behaviour (no zygote sandbox, only seccomp BPF).
In order to support all Chromium channels, I manually changed the first hunk of
the patch to not include the starting context of the diff, because there is a
whitespace change in more recent versions of the Chromium source tree.
See SVN revision 199882 for the change (revert in this case) in detail:
http://src.chromium.org/viewvc/chrome?view=revision&revision=199882
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This is no feature change and only makes the installPhase look nicer and it now
doesn't exceed 80 characters in width anymore.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This updates the following channels to the latest upstream versions:
beta: 27.0.1453.65 -> 27.0.1453.81 (builds fine, tested)
dev: 28.0.1485.0 -> 28.0.1500.5 (builds fine, tested)
For version 28, the reference to /usr/bin/gcc is now located in
third_party/WebKit/Source/core/core.gypi instead of the previous
third_party/WebKit/Source/core/core.gyp/core.gyp.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
See #490 discussion.
This reverts commit 1278859d31, reversing
changes made to 0c020c98f9.
Conflicts:
pkgs/desktops/xfce/core/xfce4-session.nix (take master)
pkgs/lib/misc.nix (auto)
This updates the channels to the following new versions:
beta: 27.0.1453.47 -> 27.0.1453.65 (builds fine, tested)
dev: 27.0.1453.47 -> 28.0.1485.0 (builds fine, tested)
As we now don't have any version below 26, this update drops all references to
all older versions as well.
In addition to that, the /usr/bin/gcc reference from:
third_party/WebKit/Source/core/core.gyp/core.gyp
Can now - starting at version 28 - be found in:
third_party/WebKit/Source/WebCore/WebCore.gyp/WebCore.gyp
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
stable: 26.0.1410.43 -> 26.0.1410.63 (builds fine, tested)
beta/dev: 27.0.1453.15/27.0.1453.12 -> 27.0.1453.47 (builds fine, tested)
This should bring beta and dev in par, as dev was older than the beta version.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
beta: 26.0.1410.43 -> 27.0.1453.15 (builds fine and tested)
dev: 27.0.1448.0 -> 27.0.1453.12 (builds fine and tested)
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
stable: 25.0.1364.152 -> 26.0.1410.43 (builds fine, tested)
beta: 26.0.1410.28 -> 26.0.1410.43 (builds fine, tested)
dev: 26.0.1410.28 -> 27.0.1448.0 (build fixed and tested)
For version 27, this introduces a new dependency on libXtst and removes the
patch for siginfo_t and the pulseaudio array bounds error.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This patch was introduced before (7e5109a) the stdenv-updates merge and is no
longer needed, as the current C library doesn't use this flag anymore.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
The updater was actually getting the -lite version, which our expression won't
build with, except if we switch some bundled dependencies to those in nixpkgs.
Of course the problem with fetching version 27 was me being stupid and using a
case statement in the updater, as if there won't be any version after 26 ;-)
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This updates all release channels to the latest versions:
stable: 25.0.1364.97 -> 25.0.1364.152 (builds fine, untested)
beta: 26.0.1410.12 -> 26.0.1410.28 (builds fine, tested)
dev: 26.0.1410.12 -> 26.0.1410.28 (builds fine, tested)
Still, we should have version 27 already for the dev channel, so we might look
about where to find the newest tarball.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This was missing in the previous update as well, and no one seemed to notice it,
including myself? Anyway, it's now fixed.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This gets rid of the patch for newer pulseaudio library versions.
In addition, we now have protobuf and pciutils in default dependencies, as those
are required (or better: optional, but recommended and thus activated by the
default gyp options) by versions >= 25.
Also, we now no longer depend on libpng, but I'm not dropping this, as we want
to get back to libpng from nixpkgs again 'real soon'.
The stack-protector flag is now disabled by default accross all versions, and
probably didn't hurt back in version 24, but at least we're now no longer add it
dependant on a particular version.
And those pesky post/onlyXX version booleans are now pre/postXX, to ensure
better clarity.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
So, after searching for days in the wrong spot, eventually discovering that
postPatch isn't run on Hydra, we're now set to move forward to version 25, YAY!
Build has been tested locally (not that this would mean anything for Hydra, as
we've seen) and the output has been actively used for browsing by me :-)
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This is needed in order to ensure that the postPatch hook is executed, which is
not when the patches list is empty.
It is fixed by 82f94df719 in stdenv-updates.
So as soon as the branch gets merged, we can get rid of this hack as well.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This reverts commit b7cbb4da11.
The main reason behind this - apart from looking ugly - is that it didn't really
solve anything, see:
http://hydra.nixos.org/build/4198299
So, we need a different and less hacky approach...
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
So, chromium 25 is now stable, so we really need to get the build fixed on Hydra
as soon as possible. And let's hope without nasty workarounds.
This commits updates dev and beta channels to version 26.0.1410.12, because
version 27.0.1423.0 seems to be unavailable right now. Build is running
successfully on my machine, and the browser works as well on the sites I usually
visit.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Conflicts:
pkgs/applications/networking/browsers/chromium/default.nix
pkgs/top-level/all-packages.nix
Merge conflicts seemed trivial, but a look from viric and aszlig would be nice.
So, this is our sledgehammer, forcing -fno-stack-protector for every gcc/g++ in
the univ... Chromium build. Of course this is a somewhat nasty fix and there
should be a real fix somewhere in Chromium 26. But instead of wandering around
and picking cherries, we now go out for the slaughter until someone brings us
the damn cherries because we are FUURRRIII... no well... time for sleep :-)
May the mighty Hydra be with us!
Thanks to our great fellow @cillianderoiste, for joining the battle with his
almighty battle axe, crushing and burning some CPUs.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Tested-by: Cillian de Róiste <cillian.deroiste@gmail.com>
This should at least mitigate our build error to only occur in v8 anymore.
Unfortunately we can't use v8 from nixpkgs right now, so we're going to put out
our sledgehammer in the next commit. Meanwhile, it doesn't hurt to get rid of
the bundled protobuf library, so let's do it.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>