Done with the help of https://github.com/Mindavi/nixpkgs-mark-broken
Tool is still WIP but this is one of the first results.
I manually audited the results and removed some results that were not valid.
Note that some of these packages maybe should have more constrained platforms set
instead of broken set, but I think not being perfectly correct is better than
just keep trying to build all these things and never succeeding.
Some observations:
- Some darwin builds require XCode tools
- aarch64-linux builds sometimes suffer from using gcc9
- gcc9 is getting older and misses some new libraries/features
- Sometimes tools try to do system detection or expect some explicit settings for
platforms that are not x86_64-linux
Fixes sd-boot on (some?) Intel Macbooks, as reported in
https://github.com/NixOS/nixpkgs/pull/201558#issuecomment-1348823127.
Full log:
```
13de548fca network: manage addresses in the way the kernel does
fcc174cbdd import: wire up SYSTEMD_IMPORT_BTRFS_{SUBVOL,QUOTA} to importd
6cb0724a06 machine-pool: simplify return values from setup_machine_directory()
1c9e7fc8f2 boot: Only do full driver initialization in VMs
79b97ec652 boot: improve support for qemu (helpers only)
87add68b39 boot: Make sure all partitions drivers are connected
989f0c52e1 boot: Use EFI_BOOT_MANAGER_POLICY_PROTOCOL to connect console devices
b89be71bf4 network: unset Link.ndisc_configured only when a new address or route is requested
fc4f804b07 network: fix indentation
fc60072926 dissect: rework DISSECT_IMAGE_ADD_PARTITION_DEVICES + DISSECT_IMAGE_OPEN_PARTITION_DEVICES
1267b35273 fuzz: shorten filename of testcase
7fc478f751 resolve: optimize conversion of TXT fields to json
772e89452e hexdecoct: fix NULL pointer dereferences in hexmem()
002fc46688 hexdecoct: add missing NULL check
be1088b7a0 test: add tests for base64_append()
acb0414a1f hexdecoct: several cleanups for base64_append()
9410eb20eb cryptsetup: retry TPM2 unseal operation if it fails with TPM2_RC_PCR_CHANGED
1c8abb343a man: mention that DefaultRouteOnDevice= create the IPv4 default route
6c869ad3bd selinux: accept the fact that getxyzcon() can return success and NULL
0fdeb7c640 oomd: print dry run output at INFO level
4119d25e62 journald: prevent segfault on empty attr/current
6fdf196f99 core: use correct scope of looking up units
6d7b0dacc6 test-network: add test for bond mac address config
6405eba4b6 network: Fix set bond device MAC address failed
dbc59253ec test-fs-util: Add relative path chase_symlinks() tests
6e99f9c8fb chase-symlink: when converting directory O_PATH fd to real fd, don't bother with /proc/
bc6fc812fd test: add basic tests for octescape()
2ea5de7881 escape: fix wrong octescape of bad character
8999727a82 network: drop REMOVING flag when a netlink message is sent to kernel
a064abff76 dissect: show color in log output
278a97708b log: Switch logging to runtime when FS becomes read-only
44984e15bb resolve: format zero-length RDATA according to rfc3597
d59009dc1d manager: do not append '\n' when writing sysctl settings
2a66b4c894 test: check if we can use SHA1 MD for signing before using it
d0b80bf81e dissect-image: log expected UUID for /var
b0b97848e8 bootspec: fix null-dereference-read
0ba8e9ecff virt: Support detection of LMHS SRE guests
787b2c32f3 terminal-util: Set OPOST when setting ONLCR
c7bf13b2d9 units: change Requires=systemd-networkd.service → BindsTo= one more time
e3d9376692 core/device: verify device syspath on switching root
9523f85b2e core/device: also serialize/deserialize device syspath
10b3ce781b core/device: update comment
2505010178 sd-netlink: fix segfault
4b885f3591 test: Add tests for systemd-cgtop args parsing
b97c1c427c cgtop: Do not rewrite -P or -k options
6cbf72a8d9 logind: Properly unescape names of lingering users
01a39e96b5 units: Use BindsTo=systemd-networkd in systemd-networkd-wait-online.service
b0c39ffc54 resolved: remove inappropriate assert()
e0521346ec stub: Detect empty LoadOptions when run from EFI shell
7ca40a8b08 stub: Fix cmdline handling
b39f2ab98f boot: Use xstr8_to_16 for path conversion
6387a74d2c boot: Use xstr8_to_16
ff7469af96 boot: Add xstrn8_to_16
475c130003 core: update audit messages
c74bc2cd49 dissect: fix fsck
ce55eb4ebd process-util: add new FORK_CLOEXEC_OFF flag for disabling O_CLOEXEC on remaining fds
36c3c4172d fd-util: add new fd_cloexec_many() helper
57b4329b38 fd-util: make fd_in_set() (and thus close_all_fds()) handle invalidated fds in the array
12c41564cd tmpfiles: log at info level when some allowed failures occur
77f524dda0 find-esp: include device sysname in the log message
8d23210a2e find-esp: downgrade and ignore error on retrieving PART_ENTRY_SCHEME when searching
eea92b179d sd-bus: Use goto finish instead of return in bus_add_match_full
0916514b8c strv: Make sure strv_make_nulstr() always returns a valid nulstr
2ddd7b5def bootctl: rework how we handle referenced but absent EFI boot entries
2daecc7179 bootctl: downgrade log message when firmware reports non-existent or invalid boot entry
9a7186e92a bootctl: make boot entry id logged in hex
62f58d94f8 dissect-image: do not try to close invalid fd
c1dd021d16 boot: Silence driver reconnect errors
a09a41c2f7 meson: install test-kernel-install only when -Dkernel-install=true
9b6f12262f udev: make sure auto-root logic also works in UKIs booted from XBOOTLDR
d5e3625a61 repart: respect --discard=no also for block devices
79f161ac65 portable: add a few more useful debug log messages
bcd42b3c88 oomd: fix unreachable test case in test-oomd-util
2bdf5b0382 oomd: always allow root-owned cgroups to set ManagedOOMPreference
da01d83ab4 network: wifi: try to reconfigure when connected
595dd9b2b9 resolved: Fix OpenSSL error messages
2ecb8fc841 basic/strv: check printf arguments to strv_extendf()
81e2c87a47 manager: fix format strings for trigger metadata
d337ac02d6 resolved: when configuring 127.0.0.1 as per-interface DNS server, contact it via "lo" always
813d52dbf8 resolved: use right conditionalization when setting unicast ifindex on UDP sockets
2b52748d45 nspawn: allow sched_rr_get_interval_time64 through seccomp filter
5c34bc9bc3 boot/measure: fix oom check
f68be4fd79 fuzz: fuzz-compress: fix copy-and-paste error: buf -> buf2 (#25431)
132f0ec7de Handle MACHINE_ID=uninitialized
25fcbdae7e shared/tpm2-util: Fix "Error: Esys invalid ESAPI handle (40000001)" warning
6189505d79 boot: Correctly handle @saved default patterns
148b2d8ad3 Revert "journal: Make sd_journal_previous/next() return 0 at HEAD/TAIL"
d34ea410f4 Fix reading /etc/machine-id in kernel-install (#25388)
7b99f68f1c systemctl: do not show unit properties with --all
f791ecd0c5 ac-power: check battery existence and status
c2620a6bdb pid1: skip cleanup if root is not tmpfs/ramfs
83a772aae2 Revert "initrd: extend SYSTEMD_IN_INITRD to accept non-ramfs rootfs"
4d11c9b3cd networkd-ipv4acd.c: Use net/if.h for getting IFF_LOOPBACK definition
aff1caf3fd boot: Replace firmware security hooks directly
f9d9a68ecc boot: Rework security arch override
c6d7b4014c boot: Manually convert filepaths if needed
c8c5b79fb6 boot: Do not require a loaded image path
5894d4bd79 boot: Fix memory leak
5c0b918c02 boot: Fix error message
542dbc623e tpm2: add some extra validation of device string before using it
b3228085ba tpm2-util: force default TCTI to be "device" with parameter "/dev/tpmrm0"
31c2abd305 Create CNAME
2ec3187d6c test: compile test-utmp.c only if UTMP is enabled
````
`
Currently, the sgx-sdk.runTestsHW attribute fails to build due to
linking errors. It looks like OpenSSL versions are mixed up.
And indeed sgx-sdk pulls in OpenSSL 3 while ipp-crypto pulls in
OpenSSL 1.1.
Fix by pinning the OpenSSL version for the SGX SDK to OpenSSL 1.1 as
well.
Expose the uniwill-wmi module in addition to the already exported modules.
That module is required to run the Tuxedo Control Center
and as a dependency of the tuxedo-keyboard module.
Co-authored-by: Robin Gloster <mail@glob.in>
stdenv: print message if structuredAttrs is enabled
stdenv: add _append
reduces the chance of a user doing it wrong
fix nix develop issue
output hooks don't work yet in nix develop though
making $outputs be the same on non-structuredAttrs and structuredAttrs
is too much trouble.
lets instead make a function that gets the output names
reading environment file '/nix/store/2x7m69a2sm2kh0r6v0q5s9z1dh41m4xf-xz-5.2.5-env-bin'
nix: src/nix/develop.cc:299: std::string Common::makeRcScript(nix::ref<nix::Store>, const BuildEnvironment&, const Path&): Assertion `outputs != buildEnvironment.vars.end()' failed.
use a function to get all output names instead of using $outputs
copy env functionality from https://github.com/NixOS/nixpkgs/pull/76732/commits
5.15 is the current stable rt kernel[^1]. I've defined it but I didn't
change `stable` or `latest` since I assumed we'd want a testing period.
I didn't see a pre-existing `next` or `testing` type label to use.
[^1]: https://wiki.linuxfoundation.org/realtime/start
Changes sgx-psw to append `aesm` to `LD_LIBRARY_PATH`:
- Append instead of prepend to allow for overriding in service config
- As we already add a wrapper to add `aesm` to `LD_LIBRARY_PATH` it is
not necessary to also set in `LD_LIBRARY_PATH` of the systemd service.
Co-authored-by: Vincent Haupert <mail@vincent-haupert.de>
Enables the following kernel config options for AMD CPUs on x86_64:
- `CRYPTO_DEV_CCP`: Enables offloading of crypto operations to AMD's
Cryptographic Coprocessor (CCP). Also required by `KVM_AMD_SEV`.
- `AMD_MEM_ENCRYPT`: Enables support for Secure Memory Encryption (SME).
Please note that `AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT` is not enabled;
yet, you you can enable memory encryption by passing `mem_encrypt=on`
as a kernal command line option.
- `KVM_AMD_SEV`: Enables launching Encrypted VMs (SEV) and Secure VMs
with Encrypted State (SEV-ES).
- `SEV_GUEST`: Enables support for AMD Secure Encrypted Virtualization
with Secure Nested Paging (SEV-SNP). Built as module.
Enabling these options is in line with other distros, e.g., Debian,
Fedora or Arch Linux.
Without the change build frequently fails on `gnumake-4.4` as:
x86_64-w64-mingw32-dlltool: cannot delete libmsvcr120d_defs02133.o: No such file or directory
x86_64-w64-mingw32-dlltool: cannot delete libmsvcr120d_defs02134.o: No such file or directory
Pull upstream patches that fix temporary file collisions and add
missing dll dependencies.
* set ENA_PHC_INCLUDE=1 during build to enable ptp hardware stamping
* add sielicki to maintainers
* remove kernel 5.17 broken marker
Signed-off-by: Nicholas Sielicki <nix@opensource.nslick.com>
Upstream did changes on the udev rules to fix training in chrome/chromium.
With the current stable release the keyboard is not picked up for training.
If there is later on a stable release after this date, its safe to udate to that version.
