From a9bd908709826ef1d1319cb4001a8088e97ab5bb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=94=D0=B0=D0=BC=D1=98=D0=B0=D0=BD=20=D0=93=D0=B5=D0=BE?= =?UTF-8?q?=D1=80=D0=B3=D0=B8=D0=B5=D0=B2=D1=81=D0=BA=D0=B8?= Date: Thu, 30 Mar 2023 14:05:20 +0200 Subject: [PATCH 1/2] systemd: 253.1 -> 253.2 https://github.com/systemd/systemd-stable/compare/v253.1...v253.2 Commits: 81 Files changed: 113 --- pkgs/os-specific/linux/systemd/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index 22a0d9fc8728..38052ed4768d 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -139,7 +139,7 @@ assert withHomed -> withPam; let wantCurl = withRemote || withImportd; wantGcrypt = withResolved || withImportd; - version = "253.1"; + version = "253.2"; # Bump this variable on every (major) version change. See below (in the meson options list) for why. # command: @@ -156,7 +156,7 @@ stdenv.mkDerivation (finalAttrs: { owner = "systemd"; repo = "systemd-stable"; rev = "v${version}"; - hash = "sha256-PyAhkLxDkT5gVocCXh8bst6PBgguASjnA82xinQOtjw="; + hash = "sha256-gtJEHLSeJoOSFnutn/+wM27sV9JiV5afsykyUd+XDKQ="; }; # On major changes, or when otherwise required, you *must* reformat the patches, From 617813243c052e0b9e8ae57362de234523d61524 Mon Sep 17 00:00:00 2001 From: Lily Foster Date: Thu, 30 Mar 2023 11:40:35 -0400 Subject: [PATCH 2/2] systemd: fix ukify script The script requires a python3 shebang with an environment that includes python3Packages.pefile at runtime. --- pkgs/os-specific/linux/systemd/default.nix | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index 38052ed4768d..2e129c1075fa 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -117,6 +117,7 @@ , withTimedated ? true , withTimesyncd ? true , withTpm2Tss ? true +, withUkify ? false # adds python to closure which is too much by default , withUserDb ? true , withUtmp ? !stdenv.hostPlatform.isMusl # tests assume too much system access for them to be feasible for us right now @@ -349,7 +350,7 @@ stdenv.mkDerivation (finalAttrs: { # when cross-compiling. + '' shopt -s extglob - patchShebangs tools test src/!(rpm|kernel-install) src/kernel-install/test-kernel-install.sh + patchShebangs tools test src/!(rpm|kernel-install|ukify) src/kernel-install/test-kernel-install.sh ''; outputs = [ "out" "man" "dev" ]; @@ -414,6 +415,7 @@ stdenv.mkDerivation (finalAttrs: { ++ lib.optionals (withHomed || withCryptsetup) [ libfido2 ] ++ lib.optionals withLibBPF [ libbpf ] ++ lib.optional withTpm2Tss tpm2-tss + ++ lib.optional withUkify (python3Packages.python.withPackages (ps: with ps; [ pefile ])) ; #dontAddPrefix = true; @@ -510,11 +512,10 @@ stdenv.mkDerivation (finalAttrs: { # more frequent development builds "-Dman=true" - # Temporary disable the ukify tool. see https://github.com/NixOS/nixpkgs/pull/216826#issuecomment-1465228824 - "-Dukify=false" - "-Defi=${lib.boolToString withEfi}" "-Dgnu-efi=${lib.boolToString withEfi}" + + "-Dukify=${lib.boolToString withUkify}" ] ++ lib.optionals withEfi [ "-Defi-libdir=${toString gnu-efi}/lib" "-Defi-includedir=${toString gnu-efi}/include/efi"