-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fixup for your WIP on mptcp. #1
Conversation
Merci c'est vraiment super. Je préfère me mettre comme co-mainteneur dans un premier temps ?! Je suis en train de compiler puis je reboot. Si ca crash pas, je maj ma PR. PS: j'espère que tu te prépares bien pour les 24h vélo de LLN :p |
Le build du kernel est parallèle, mais tous les paquets ne le sont pas par défaut. Longue histoire...
Et oui, les 24h approchent ;-) |
kde-applications: 17.08.3 -> 17.12.0
nixos/k8s: Enable Node authorizer and NodeRestriction by default
This fix is required for the raspherry pi 3 with glibc 2.27, otherwise the kernel panics in initrd with: ``` <<< NixOS Stage 1 >>> loading module dm_mod... running udev... kbd_mode: KDSKBMODE: Inappropriate ioctl for device Gstarting device mapper and LVM... [ 1.969164] Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b [ 1.969164] [ 1.978476] CPU: 0 PID: 1 Comm: init Not tainted 4.16.8 #1-NixOS [ 1.984580] Hardware name: Raspberry Pi 3 Model B (DT) [ 1.989801] Call trace: [ 1.992301] dump_backtrace+0x0/0x1c8 [ 1.996025] show_stack+0x24/0x30 [ 1.999396] dump_stack+0x9c/0xc0 [ 2.002766] panic+0x124/0x294 [ 2.005872] complete_and_exit+0x0/0x30 [ 2.009771] do_group_exit+0x40/0xa8 [ 2.013406] get_signal+0x280/0x5b0 [ 2.016954] do_signal+0x88/0x240 [ 2.020325] do_notify_resume+0xd8/0x130 [ 2.024311] work_pending+0x8/0x10 [ 2.027774] SMP: stopping secondary CPUs [ 2.031763] Kernel Offset: disabled [ 2.035308] CPU features: 0x0802004 [ 2.038850] Memory Limit: none [ 2.041963] ---[ end Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b [ 2.041963] [ 2.865264] random: crng init done ``` Suse has done the same to circumvent crashes with hostname resolving in glibc 2.27 on aarch64.
This adds some initial values for .dir-locals.el. Mainly this is useful for using bug-reference-mode. So if you have bug-reference-mode enabled - > M-x bug-reference-mode You will see as clickable text like this: Fixes NixOS#15 (NixOS#12) Closed NixOS#1252 issue #1
The sed expression actually caused an error on hydra: ``` sed: -e expression #1, char 18: Invalid collation character ``` It seems to build fine without it however.
roundcube: tests - add space to db password, check setup script worked
diffoscope-190 already contains the fix: applying patch /nix/store/icfygfs9d249x7if0w7004vimzkj4082-fix-uimage-on-file-5.41.patch patching file tests/comparators/test_uimage.py Hunk #1 FAILED at 98. 1 out of 1 hunk FAILED -- saving rejects to file tests/comparators/test_uimage.py.re
$ diffoscope '...-hdf5-1.12.1' '...-hdf5-1.12.1.check' --- ...-hdf5-1.12.1/lib/libhdf5.settings +++ ...-hdf5-1.12.1.check/lib/libhdf5.settings -1,17 +1,17 @@ HDF5 Version: 1.12.1 - Configured on: Thu Oct 28 17:42:30 UTC 2021 + Configured on: Sat Nov 6 19:02:02 UTC 2021 Configured by: nixbld@ Host system: x86_64-unknown-linux-gnu - Uname information: Linux localhost 5.10.76 #1-NixOS SMP Wed Oct 27 07:56:57 UTC 2021 x86_64 GNU/Linux + Uname information: Linux localhost 5.14.15 #1-NixOS SMP Wed Oct 27 07:59:56 UTC 2021 x86_64 GNU/Linux The patch removes `Configured on`, `Configured by` and `Uname information` fields.
Without the change build fails as: patch -p0 < patches/zkc-3.4.5-gcc-8.patch 2>&1 patching file zkc-3.4.5/c/src/zookeeper.c Hunk #1 FAILED at 3418. 1 out of 1 hunk FAILED -- saving rejects to file zkc-3.4.5/c/src/zookeeper.c.rej
The test failed with > Test "test5 user should not be able to run commands under root" failed with > error: "invalid literal for int() with base 10: ''" since 2492da8. The reason for this is that `sudo(8)` writes the lecture to the tty[1] and only as a fallback to stdout[2]. This means that the `base64 --wrap 0` executed by `machine.execute()` doesn't affect the text written to the terminal, however the lecture is part of the string that's read from the VM via `shell.recv()`. I confirmed the problem in an interactive test session[3]: >>> command = "sudo -u test5 sudo -n -u root true" >>> out_command = f"( set -euo pipefail; {command} ) | (base64 --wrap 0; echo)\n" >>> machine.shell.send(out_command.encode()) 84 >>> machine # [ 99.015512] sudo[877]: root : TTY=hvc0 ; PWD=/tmp ; USER=test5 ; COMMAND=/run/wrappers/bin/sudo -n -u root true machine # [ 99.019373] sudo[877]: pam_unix(sudo:session): session opened for user test5(uid=1005) by (uid=0) machine # [ 99.038692] sudo[879]: pam_unix(sudo:auth): conversation failed machine # sudo: a password is required machine # [ 99.041860] sudo[879]: pam_unix(sudo:auth): auth could not identify password for [test5] machine # [ 99.046901] sudo[877]: pam_unix(sudo:session): session closed for user test5 >>> >>> x=machine._next_newline_closed_block_from_shell() >>> print(x) <newline> We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: <newline> #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. <newline> <newline> <newline> >>> Since the lecture isn't strictly necessary to confirm that `security.sudo` works as expected, I decided to disable lecturing inside the test, however we may want to fix the underlying problem in the test-driver at some point. [1] https://github.com/sudo-project/sudo/blob/SUDO_1_9_9/plugins/sudoers/check.c#L275-L283 [2] https://github.com/sudo-project/sudo/blob/SUDO_1_9_9/src/conversation.c#L95-L120 [3] I replaced each empty line with `<newline>` to make sure these aren't swallowed by git.
This effectively fixes the majority of all VM tests which were broken because `/dev/vda` (or any other block device) wasn't mountable: machine # mounting /dev/vda on /... machine # mount: mounting /dev/vda on /mnt-root/ failed: No such device[ 2.820976] Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000100 machine # [ 2.821757] CPU: 0 PID: 1 Comm: init Not tainted 5.10.72 #1-NixOS machine # [ 2.821757] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 machine # [ 2.821757] Call Trace: machine # [ 2.821757] dump_stack+0x6b/0x83 machine # [ 2.821757] panic+0x101/0x2c8 machine # [ 2.821757] do_exit.cold+0x14/0xb3 machine # [ 2.821757] do_group_exit+0x33/0xa0 machine # [ 2.821757] __x64_sys_exit_group+0x14/0x20 machine # [ 2.821757] do_syscall_64+0x33/0x40 machine # [ 2.821757] entry_SYSCALL_64_after_hwframe+0x44/0xa9 machine # [ 2.821757] RIP: 0033:0x7f67ec2800f6 machine # [ 2.821757] Code: 00 4c 8b 0d 2c 5d 11 00 eb 19 66 2e 0f 1f 84 00 00 00 00 00 89 d7 89 f0 0f 05 48 3d 00 f0 ff ff 77 22 f4 89 d7 44 89 c0 0f 05 <48> 3d 00 f0 ff ff 76 e2 f7 d8 64 41 89 01 eb da 66 2e 0f 1f 84 00 machine # [ 2.821757] RSP: 002b:00007fff8f5a71d8 EFLAGS: 00000202 ORIG_RAX: 00000000000000e7 machine # [ 2.821757] RAX: ffffffffffffffda RBX: 0000000000699704 RCX: 00007f67ec2800f6 machine # [ 2.821757] RDX: 0000000000000001 RSI: 000000000000003c RDI: 0000000000000001 machine # [ 2.821757] RBP: 0000000000000004 R08: 00000000000000e7 R09: ffffffffffffff80 machine # [ 2.821757] R10: 00007f67ec33f3e0 R11: 0000000000000202 R12: 000000000000000b machine # [ 2.821757] R13: 00007fff8f5a75a8 R14: 0000000000000000 R15: 00000000004fc198 machine # [ 2.821757] Kernel Offset: 0x31e00000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) machine # [ 2.821757] Rebooting in 1 seconds.. This happened because the kernel failed to load modules such as `ext4` from `boot.initrd.availableKernelModules`[1] on e.g. a `mount(2)` syscall. The problem is that `kmod` isn't linked against `libpthread.so.0` anymore because it got merged into `libc.so.6` (however, the .so still exists), but still needs it: machine # newfstatat(AT_FDCWD, "/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-glibc-2.34-36/lib/x86_64", 0x7ffd951114c0, 0) = -1 ENOENT (No such file or directory) machine # openat(AT_FDCWD, "/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-glibc-2.34-36/lib/x86_64/libpthread.so.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) machine # newfstatat(AT_FDCWD, "/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-glibc-2.34-36/lib/x86_64", 0x7ffd951114c0, 0) = -1 ENOENT (No such file or directory) machine # openat(AT_FDCWD, "/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-glibc-2.34-36/lib/libpthread.so.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) machine # newfstatat(AT_FDCWD, "/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-glibc-2.34-36/lib", 0x7ffd951114c0, 0) = -1 ENOENT (No such file or directory) machine # openat(AT_FDCWD, "/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-glibc-2.34-36/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) machine # writev(2, [{iov_base="/nix/store/kdc9n48ksdc1a8y8w512w"..., iov_len=69}, {iov_base=": ", iov_len=2}, {iov_base="error while loading shared libra"..., iov_len=36}, {iov_base=": ", iov_len=2}, {iov_base="libpthread.so.0", iov_len=15}, {iov_base=": ", iov_len=2}, {iov_base="cy machine # ) = 184 machine # exit_group(127) = ? machine # +++ exited with 127 +++ machine # mount: mounting /dev/vda on /mnt-root/ failed: No such device machine # [ 19.167180] Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000100 machine # [ 19.167711] CPU: 0 PID: 1 Comm: init Not tainted 5.10.72 #1-NixOS This is not a problem * inside stage-1 because `LD_LIBRARY_PATH` points to `$out/lib` of extra-utils where `libpthread.so.6` also exists. * on a running system because `${pkgs.glibc}/lib` is part of kmod's rpath. However this is a problem inside the kernel which calls `modprobe` (in our case `kmod`) to load modules and doesn't know about `LD_LIBRARY_PATH`. Also, the rpath-reference was nuked. To work around this, the kernel's `modprobe` (i.e. `/proc/sys/kernel/modprobe`) now points to a wrapper which explicitly declares `LD_LIBRARY_PATH`. We can't use `makeWrapper` here because `modprobe` itself must not be renamed. Otherwise, `kmod` (which is the link-target of `modprobe`) won't work because it expects `argv[0] == "modprobe"` to perform modprobe's tasks. [1] https://nixos.org/manual/nixos/stable/options.html#opt-boot.initrd.availableKernelModules
SQLAlchemy-Utils v0.36.6 package override build is failing. This is due to a patch in the original SQLAlchemy-Utils package which broke the build of this package override: ```bash > applying patch /nix/store/pd6anhwbf0in3r3jhi3sbn5v2fjs0mf2-skip-database-tests.patch > patching file conftest.py > Hunk #1 FAILED at 61. > Hunk #2 succeeded at 98 (offset -10 lines). ``` These SQLAlchemy package overrides were originaly added to fix incompatibilities with Flask-Admin. See commit 05ae01f However with Flask-Admin >= v1.5.6, several SQLAlchemy compatibility patches were added: * https://flask-admin.readthedocs.io/en/latest/changelog/ We can now safely remove these package overrides to make bukuserver work again.
This reverts commit 246216e. 3.9.1 does not compile due to patch collision: > applying patch /nix/store/sickncxw0s730j6gfrnlsi5ndgysi6la-libxml2-cmake-find-package.patch > patching file CMakeLists.txt > Hunk #1 FAILED at 42. Fixing it is not trivial as upstream started bundling libxml2: NixOS#182941 (comment) Let's revert the update for now.
Without this change it segfaults when trying to play any media: $ jellyfinmediaplayer Warning: Ignoring XDG_SESSION_TYPE=wayland on Gnome. Use QT_QPA_PLATFORM=wayland to run on Wayland anyway. libpng warning: iCCP: known incorrect sRGB profile Logging to /home/bf/.local/share/jellyfinmediaplayer/logs/jellyfinmediaplayer.log Cannot load libcuda.so.1 Segmentation fault (core dumped) The backtrace shows pipewire being at fault: $ coredumpctl debug [...] Program terminated with signal SIGSEGV, Segmentation fault. #0 0x00007f711428c9bb in core_event_demarshal_remove_id () from /nix/store/nhffrd7f15dhfbkwzgayq7hhzmdvdy19-pipewire-0.3.63-lib/lib/pipewire-0.3/libpipewire-module-protocol-native.so [Current thread is 1 (Thread 0x7f6ffdc87640 (LWP 1360949))] (gdb) bt #0 0x00007f711428c9bb in core_event_demarshal_remove_id () from /nix/store/nhffrd7f15dhfbkwzgayq7hhzmdvdy19-pipewire-0.3.63-lib/lib/pipewire-0.3/libpipewire-module-protocol-native.so #1 0x00007f711428886c in process_remote () from /nix/store/nhffrd7f15dhfbkwzgayq7hhzmdvdy19-pipewire-0.3.63-lib/lib/pipewire-0.3/libpipewire-module-protocol-native.so #2 0x00007f7114288e68 in on_remote_data () from /nix/store/nhffrd7f15dhfbkwzgayq7hhzmdvdy19-pipewire-0.3.63-lib/lib/pipewire-0.3/libpipewire-module-protocol-native.so #3 0x00007f7114310efe in loop_iterate () from /nix/store/nhffrd7f15dhfbkwzgayq7hhzmdvdy19-pipewire-0.3.63-lib/lib/spa-0.2/support/libspa-support.so #4 0x00007f71266fe7f2 in do_loop () from /nix/store/nhffrd7f15dhfbkwzgayq7hhzmdvdy19-pipewire-0.3.63-lib/lib/libpipewire-0.3.so.0 NixOS#5 0x00007f7128b08e86 in start_thread () from /nix/store/ayfr5l52xkqqjn3n4h9jfacgnchz1z7s-glibc-2.35-224/lib/libc.so.6 NixOS#6 0x00007f7128b8fce0 in clone3 () from /nix/store/ayfr5l52xkqqjn3n4h9jfacgnchz1z7s-glibc-2.35-224/lib/libc.so.6 (gdb) Standalone mpv doesn't segfault (when directly playing the underlying media files). I don't know why. Fixes: b97cda7 ("mpv-unwrapped: 0.34.1 -> 0.35.0") Fixes NixOS#205141 Ref jellyfin/jellyfin-media-player#341
Previously, hashcat was unable to use CUDA at runtime, and would warn: > Failed to initialize the NVIDIA main driver CUDA runtime library. > Failed to initialize NVIDIA RTC library. > * Device #1: CUDA SDK Toolkit not installed or incorrectly installed. > CUDA SDK Toolkit required for proper device support and utilization. > Falling back to OpenCL runtime. This remedies that, at least on NixOS.
1.2.1: Bug fix release: Single bug fix (#1) that fixes regression in `perf` tool caused by libbpf resetting its custom catch-all `SEC()` handler on explicit `bpf_program__set_type()` call. Given setting custom `SEC()` handlers is rarely used and pretty esoteric feature of libbpf, most users should not be affected. 1.2.2: One more fix: - Fix (#2) possible double-free in USDT-related libbpf code, which happens when libbpf runs out of space in `__bpf_usdt_specs` map due to having too many unique USDT specs. Running out of space can be mitigated by bumping up `BPF_USDT_MAX_SPEC_CNT` define before including `bpf/usdt.bpf.h` header in BPF-side code. This will prevent the double-free as a side effect (and will make it possible to successfully attach all requested USDTs), which is a recommended work-around for libbpf versions prior to v1.2.2. Link: libbpf/libbpf@e4d3827 #1 Link: libbpf/libbpf@f117080 #2
had to use clangStdenv because /nix/store/1qa12idg59nlxjjdrw4hfyxdkhfd3nrq-clang-wrapper-11.1.0/bin/ar: CMakeFiles/ananicy_cpp_bpf_c.dir/src/bpf_program_utils.c.o: plugin needed to handle lto object ananicy-cpp> /nix/store/1qa12idg59nlxjjdrw4hfyxdkhfd3nrq-clang-wrapper-11.1.0/bin/ranlib: libananicy_cpp_bpf_c.a(bpf_program_utils.c.o): plugin needed to handle lto object ananicy-cpp> [100%] Linking CXX executable ananicy-cpp ananicy-cpp> /nix/store/zsvpmlddl2i5mpzm031a99xfpn410m5b-binutils-2.40/bin/ld: /build/cchtSHrR.ltrans5.ltrans.o: in function `ProcessQueue::stop()': ananicy-cpp> <artificial>:(.text+0x2274): undefined reference to `destroy_bpf_program' ananicy-cpp> /nix/store/zsvpmlddl2i5mpzm031a99xfpn410m5b-binutils-2.40/bin/ld: /build/cchtSHrR.ltrans5.ltrans.o: in function `ProcessQueue::init()': ananicy-cpp> <artificial>:(.text+0x8460): undefined reference to `initialize_bpf_program' ananicy-cpp> /nix/store/zsvpmlddl2i5mpzm031a99xfpn410m5b-binutils-2.40/bin/ld: <artificial>:(.text+0x846c): undefined reference to `bpf_program_init_events' ananicy-cpp> /nix/store/zsvpmlddl2i5mpzm031a99xfpn410m5b-binutils-2.40/bin/ld: <artificial>:(.text+0x8486): undefined reference to `destroy_bpf_program' ananicy-cpp> /nix/store/zsvpmlddl2i5mpzm031a99xfpn410m5b-binutils-2.40/bin/ld: /build/cchtSHrR.ltrans5.ltrans.o: in function `std::thread::_State_impl<std::thread::_Invoker<std::tuple<ProcessQueue::start()::{lambda(std::stop_token const&)#1}, std::stop_token> > >::_M_run() [clone .lto_priv.0]': ananicy-cpp> <artificial>:(.text+0x861d): undefined reference to `destroy_bpf_program' ananicy-cpp> collect2: error: ld returned 1 exit status ananicy-cpp> make[2]: *** [CMakeFiles/ananicy-cpp.dir/build.make:325: ananicy-cpp] Error 1 ananicy-cpp> make[1]: *** [CMakeFiles/Makefile2:100: CMakeFiles/ananicy-cpp.dir/all] Error 2 ananicy-cpp> make: *** [Makefile:136: all] Error 2
Upstream supports php 8.0/8.1 for the 3.3.0 release. The upgrade to 8.2 caused a type mismatch in carbon. > PHP message: Exception: Code: 0, Message: Carbon\Carbon::setLastErrors(): Argument #1 ($lastErrors) must be of type array, bool given, called in /nix/store/2prnw9qya9kaks2rwvd6fkrz0c7l5ygd-engelsystem-3.3.0/share/engelsystem/vendor/nesbot/carbon/src/Carbon/Traits/Creator.php on line 98, File: vendor/nesbot/carbon/src/Carbon/Traits/Creator.php:928
duckdb 0.9.0 without git deepcopy and hash version.
Since ba83271 the build fails with applying patch /nix/store/46rxbbvl2l3mrxb50y9rzy7ahgx0lraj-d741901dddd731895346636c0d3556c6fa51fbe6.patch patching file tests/hazmat/primitives/test_aead.py Hunk #1 FAILED at 56. Hunk #2 FAILED at 197. Hunk #3 FAILED at 378. Hunk #4 FAILED at 525. Hunk NixOS#5 FAILED at 700. Hunk NixOS#6 FAILED at 844. 6 out of 6 hunks FAILED -- saving rejects to file tests/hazmat/primitives/test_aead.py.rej
Without the change `unnethack` startup crashes as: (gdb) bt #0 __pthread_kill_implementation (threadid=<optimized out>, signo=signo@entry=6, no_tid=no_tid@entry=0) at pthread_kill.c:44 #1 0x00007f734250c0e3 in __pthread_kill_internal (signo=6, threadid=<optimized out>) at pthread_kill.c:78 #2 0x00007f73424bce06 in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26 #3 0x00007f73424a58f5 in __GI_abort () at abort.c:79 #4 0x00007f73424a67a1 in __libc_message (fmt=fmt@entry=0x7f734261e2f8 "*** %s ***: terminated\n") at ../sysdeps/posix/libc_fatal.c:150 NixOS#5 0x00007f734259b1d9 in __GI___fortify_fail (msg=msg@entry=0x7f734261e2df "buffer overflow detected") at fortify_fail.c:24 NixOS#6 0x00007f734259ab94 in __GI___chk_fail () at chk_fail.c:28 NixOS#7 0x00000000005b2ac5 in strcpy (__src=0x7ffe68838b00 "Shall I pick a character's race, role, gender and alignment for you? [YNTQ] (y)", __dest=0x7ffe68838990 "\001") at /nix/store/B0S2LKF593R3585038WS4JD3LYLF2WDX-glibc-2.38-44-dev/include/bits/string_fortified.h:79 NixOS#8 curses_break_str (str=str@entry=0x7ffe68838b00 "Shall I pick a character's race, role, gender and alignment for you? [YNTQ] (y)", width=width@entry=163, line_num=line_num@entry=1) at ../win/curses/cursmisc.c:275 NixOS#9 0x00000000005b3f51 in curses_character_input_dialog (prompt=prompt@entry=0x7ffe68838cf0 "Shall I pick a character's race, role, gender and alignment for you?", choices=choices@entry=0x7ffe68838d70 "YNTQ", def=def@entry=121) at ../win/curses/cursdial.c:211 NixOS#10 0x00000000005b9ca0 in curses_choose_character () at ../win/curses/cursinit.c:556 NixOS#11 0x0000000000404eb1 in main (argc=<optimized out>, argv=<optimized out>) at ./../sys/unix/unixmain.c:309 which corresponds to `gcc` warning: ../win/curses/cursmisc.c: In function 'curses_break_str': ../win/curses/cursmisc.c:275:5: warning: '__builtin___strcpy_chk' writing one too many bytes into a region of a size that depends on 'strlen' [-Wstringop-overflow=] 275 | strcpy(substr, str); | ^ I did not find a single small upstream change that fixes it. Let's disable `fortify3` until next release. Closes: NixOS#292113
Please squash everything together in your PR with
git rebase -i --autosquash
You can also take the ownership of the package if you want.