alioth/nixpkgs
3
0
Fork 0
forked from mirrors/nixpkgs
Code Releases Activity

Merge remote-tracking branch 'upstream/master' into staging

Browse source
This commit is contained in:
Tuomas Tynkkynen 2018-01-18 00:24:33 +02:00
parent 57da1b6f02 3eb311ebac
commit 61a75a1d22
32 changed files with 784 additions and 485 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
lib/maintainers.nix
View file

@ -384,6 +384,7 @@
lovek323 = "Jason O'Conal <jason@oconal.id.au>";
lowfatcomputing = "Andreas Wagner <andreas.wagner@lowfatcomputing.org>";
lsix = "Lancelot SIX <lsix@lancelotsix.com>";
lschuermann = "Leon Schuermann <leon.git@is.currently.online>";
ltavard = "Laure Tavard <laure.tavard@univ-grenoble-alpes.fr>";
lucas8 = "Luc Chabassier <luc.linux@mailoo.org>";
ludo = "Ludovic Courtès <ludo@gnu.org>";
@ -442,6 +443,7 @@
mjanczyk = "Marcin Janczyk <m@dragonvr.pl>";
mjp = "Mike Playle <mike@mythik.co.uk>"; # github = "MikePlayle";
mlieberman85 = "Michael Lieberman <mlieberman85@gmail.com>";
mmahut = "Marek Mahut <marek.mahut@gmail.com>";
moaxcp = "John Mercier <moaxcp@gmail.com>";
modulistic = "Pablo Costa <modulistic@gmail.com>";
mog = "Matthew O'Gorman <mog-lists@rldn.net>";

129
nixos/modules/security/sudo.nix
View file

@ -8,6 +8,22 @@ let
inherit (pkgs) sudo;
toUserString = user: if (isInt user) then "#${toString user}" else "${user}";
toGroupString = group: if (isInt group) then "%#${toString group}" else "%${group}";
toCommandOptionsString = options:
"${concatStringsSep ":" options}${optionalString (length options != 0) ":"} ";
toCommandsString = commands:
concatStringsSep ", " (
map (command:
if (isString command) then
command
else
"${toCommandOptionsString command.options}${command.command}"
) commands
);
in
{
@ -47,6 +63,97 @@ in
'';
};
security.sudo.extraRules = mkOption {
description = ''
Define specific rules to be in the <filename>sudoers</filename> file.
'';
default = [];
example = [
# Allow execution of any command by all users in group sudo,
# requiring a password.
{ groups = [ "sudo" ]; commands = [ "ALL" ]; }
# Allow execution of "/home/root/secret.sh" by user `backup`, `database`
# and the group with GID `1006` without a password.
{ users = [ "backup" ]; groups = [ 1006 ];
commands = [ { command = "/home/root/secret.sh"; options = [ "SETENV" "NOPASSWD" ]; } ]; }
# Allow all users of group `bar` to run two executables as user `foo`
# with arguments being pre-set.
{ groups = [ "bar" ]; runAs = "foo";
commands =
[ "/home/baz/cmd1.sh hello-sudo"
{ command = ''/home/baz/cmd2.sh ""''; options = [ "SETENV" ]; } ]; }
];
type = with types; listOf (submodule {
options = {
users = mkOption {
type = with types; listOf (either string int);
description = ''
The usernames / UIDs this rule should apply for.
'';
default = [];
};
groups = mkOption {
type = with types; listOf (either string int);
description = ''
The groups / GIDs this rule should apply for.
'';
default = [];
};
host = mkOption {
type = types.string;
default = "ALL";
description = ''
For what host this rule should apply.
'';
};
runAs = mkOption {
type = with types; string;
default = "ALL:ALL";
description = ''
Under which user/group the specified command is allowed to run.
A user can be specified using just the username: <code>"foo"</code>.
It is also possible to specify a user/group combination using <code>"foo:bar"</code>
or to only allow running as a specific group with <code>":bar"</code>.
'';
};
commands = mkOption {
description = ''
The commands for which the rule should apply.
'';
type = with types; listOf (either string (submodule {
options = {
command = mkOption {
type = with types; string;
description = ''
A command being either just a path to a binary to allow any arguments,
the full command with arguments pre-set or with <code>""</code> used as the argument,
not allowing arguments to the command at all.
'';
};
options = mkOption {
type = with types; listOf (enum [ "NOPASSWD" "PASSWD" "NOEXEC" "EXEC" "SETENV" "NOSETENV" "LOG_INPUT" "NOLOG_INPUT" "LOG_OUTPUT" "NOLOG_OUTPUT" ]);
description = ''
Options for running the command. Refer to the <a href="https://www.sudo.ws/man/1.7.10/sudoers.man.html">sudo manual</a>.
'';
default = [];
};
};
}));
};
};
});
};
security.sudo.extraConfig = mkOption {
type = types.lines;
default = "";
@ -61,10 +168,16 @@ in
config = mkIf cfg.enable {
security.sudo.extraRules = [
{ groups = [ "wheel" ];
commands = [ { command = "ALL"; options = (if cfg.wheelNeedsPassword then [ "SETENV" ] else [ "NOPASSWD" "SETENV" ]); } ];
}
];
security.sudo.configFile =
''
# Don't edit this file. Set the NixOS options security.sudo.configFile
# or security.sudo.extraConfig instead.
# or security.sudo.extraRules instead.
# Keep SSH_AUTH_SOCK so that pam_ssh_agent_auth.so can do its magic.
Defaults env_keep+=SSH_AUTH_SOCK
@ -72,8 +185,18 @@ in
# "root" is allowed to do anything.
root ALL=(ALL:ALL) SETENV: ALL
# Users in the "wheel" group can do anything.
%wheel ALL=(ALL:ALL) ${if cfg.wheelNeedsPassword then "" else "NOPASSWD: ALL, "}SETENV: ALL
# extraRules
${concatStringsSep "\n" (
lists.flatten (
map (
rule: if (length rule.commands != 0) then [
(map (user: "${toUserString user} ${rule.host}=(${rule.runAs}) ${toCommandsString rule.commands}") rule.users)
(map (group: "${toGroupString group} ${rule.host}=(${rule.runAs}) ${toCommandsString rule.commands}") rule.groups)
] else []
) cfg.extraRules
)
)}
${cfg.extraConfig}
'';

1
nixos/release.nix
View file

@ -337,6 +337,7 @@ in rec {
tests.smokeping = callTest tests/smokeping.nix {};
tests.snapper = callTest tests/snapper.nix {};
tests.statsd = callTest tests/statsd.nix {};
tests.sudo = callTest tests/sudo.nix {};
tests.switchTest = callTest tests/switch-test.nix {};
tests.taskserver = callTest tests/taskserver.nix {};
tests.tomcat = callTest tests/tomcat.nix {};

5
nixos/tests/misc.nix
View file

@ -115,11 +115,6 @@ import ./make-test.nix ({ pkgs, ...} : {
$machine->succeed("nix-store -qR /run/current-system | grep nixos-");
};
# Test sudo
subtest "sudo", sub {
$machine->succeed("su - sybil -c 'sudo true'");
};
# Test sysctl
subtest "sysctl", sub {
$machine->waitForUnit("systemd-sysctl.service");

93
nixos/tests/sudo.nix Normal file
View file

@ -0,0 +1,93 @@
# Some tests to ensure sudo is working properly.
let
password = "helloworld";
in
import ./make-test.nix ({ pkgs, ...} : {
name = "sudo";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ lschuermann ];
};
machine =
{ config, lib, pkgs, ... }:
with lib;
{
users.extraGroups = { foobar = {}; barfoo = {}; baz = { gid = 1337; }; };
users.users = {
test0 = { isNormalUser = true; extraGroups = [ "wheel" ]; };
test1 = { isNormalUser = true; password = password; };
test2 = { isNormalUser = true; extraGroups = [ "foobar" ]; password = password; };
test3 = { isNormalUser = true; extraGroups = [ "barfoo" ]; };
test4 = { isNormalUser = true; extraGroups = [ "baz" ]; };
test5 = { isNormalUser = true; };
};
security.sudo = {
enable = true;
wheelNeedsPassword = false;
extraRules = [
# SUDOERS SYNTAX CHECK (Test whether the module produces a valid output;
# errors being detected by the visudo checks.
# These should not create any entries
{ users = [ "notest1" ]; commands = [ ]; }
{ commands = [ { command = "ALL"; options = [ ]; } ]; }
# Test defining commands with the options syntax, though not setting any options
{ users = [ "notest2" ]; commands = [ { command = "ALL"; options = [ ]; } ]; }
# CONFIGURATION FOR TEST CASES
{ users = [ "test1" ]; groups = [ "foobar" ]; commands = [ "ALL" ]; }
{ groups = [ "barfoo" 1337 ]; commands = [ { command = "ALL"; options = [ "NOPASSWD" "NOSETENV" ]; } ]; }
{ users = [ "test5" ]; commands = [ { command = "ALL"; options = [ "NOPASSWD" "SETENV" ]; } ]; runAs = "test1:barfoo"; }
];
};
};
testScript =
''
subtest "users in wheel group should have passwordless sudo", sub {
$machine->succeed("su - test0 -c \"sudo -u root true\"");
};
subtest "test1 user should have sudo with password", sub {
$machine->succeed("su - test1 -c \"echo ${password} | sudo -S -u root true\"");
};
subtest "test1 user should not be able to use sudo without password", sub {
$machine->fail("su - test1 -c \"sudo -n -u root true\"");
};
subtest "users in group 'foobar' should be able to use sudo with password", sub {
$machine->succeed("sudo -u test2 echo ${password} | sudo -S -u root true");
};
subtest "users in group 'barfoo' should be able to use sudo without password", sub {
$machine->succeed("sudo -u test3 sudo -n -u root true");
};
subtest "users in group 'baz' (GID 1337) should be able to use sudo without password", sub {
$machine->succeed("sudo -u test4 sudo -n -u root echo true");
};
subtest "test5 user should be able to run commands under test1", sub {
$machine->succeed("sudo -u test5 sudo -n -u test1 true");
};
subtest "test5 user should not be able to run commands under root", sub {
$machine->fail("sudo -u test5 sudo -n -u root true");
};
subtest "test5 user should be able to keep his environment", sub {
$machine->succeed("sudo -u test5 sudo -n -E -u test1 true");
};
subtest "users in group 'barfoo' should not be able to keep their environment", sub {
$machine->fail("sudo -u test3 sudo -n -E -u root true");
};
'';
})

4
pkgs/applications/editors/atom/beta.nix
View file

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
name = "atom-beta-${version}";
version = "1.24.0-beta2";
version = "1.24.0-beta3";
src = fetchurl {
url = "https://github.com/atom/atom/releases/download/v${version}/atom-amd64.deb";
sha256 = "1s5zfccpiyg3nqq3a93dg5sr6pk8gvwf8assq9g78l7qkryqr4ac";
sha256 = "02nnjjwlkxafi2fbi4gz276nqkmi92kf3q414vw1k3kc8q5zvxrs";
name = "${name}.deb";
};

4
pkgs/applications/editors/atom/default.nix
View file

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
name = "atom-${version}";
version = "1.23.2";
version = "1.23.3";
src = fetchurl {
url = "https://github.com/atom/atom/releases/download/v${version}/atom-amd64.deb";
sha256 = "04shnmy80ixjrc8d57i5w23xfxw1dmxj7kbygsal9l8kxgd76k7h";
sha256 = "0vq0pics8ajjqwqlk396dxl10k80059f9bik0j4wj2cals42bifc";
name = "${name}.deb";
};

23
pkgs/applications/editors/eclipse/plugins.nix
View file

@ -102,6 +102,29 @@ rec {
};
};
ansi-econsole = buildEclipsePlugin rec {
name = "ansi-econsole-${version}";
version = "1.3.5.201612301822";
srcFeature = fetchurl {
url = "https://mihnita.github.io/ansi-econsole/install/features/net.mihai-nita.ansicon_${version}.jar";
sha256 = "086ylxpsrlpbvwv5mw7v6b44j63cwzgi8apg2mq058ydr5ak6hxs";
};
srcPlugin = fetchurl {
url = "https://mihnita.github.io/ansi-econsole/install/plugins/net.mihai-nita.ansicon.plugin_${version}.jar";
sha256 = "1j42l0xxzs89shqkyn91lb0gia10mifzy0i73c3n7gj7sv2ddbjq";
};
meta = with stdenv.lib; {
homepage = "https://mihai-nita.net/java/#ePluginAEC";
description = "Adds support for ANSI escape sequences in the Eclipse console";
license = licenses.asl20;
platforms = platforms.all;
maintainers = [ maintainers.rycee ];
};
};
anyedittools = buildEclipsePlugin rec {
name = "anyedit-${version}";
version = "2.7.1.201709201439";

6
pkgs/applications/misc/kdeconnect/default.nix
View file

@ -19,12 +19,12 @@
stdenv.mkDerivation rec {
pname = "kdeconnect";
version = "1.2";
version = "1.2.1";
name = "${pname}-${version}";
src = fetchurl {
url = "mirror://kde/stable/${pname}/${version}/src/${pname}-kde-${version}.tar.xz";
sha256 = "0w3rdldnr6md70r4ch255vk712d37vy63ml7ly2fhr4cfnk2i1ay";
url = "mirror://kde/stable/${pname}/${version}/src/${pname}-kde-v${version}.tar.xz";
sha256 = "01v432p9ylwss9gl6fvby8954bnjd91dni5jk1i44vv7x26yn8zg";
};
buildInputs = [

31
pkgs/applications/misc/mencal/default.nix Normal file
View file

@ -0,0 +1,31 @@
{ stdenv, fetchurl, perl }:
stdenv.mkDerivation rec {
name = "mencal-3.0";
src = fetchurl {
url = "http://kyberdigi.cz/projects/mencal/files/${name}.tar.gz";
sha256 = "9328d0b2f3f57847e8753c5184531f4832be7123d1b6623afdff892074c03080";
};
installPhase = ''
mkdir -p $out/bin
cp mencal $out/bin/
'';
buildInputs = [ perl ];
meta = with stdenv.lib; {
description = "Menstruation calendar";
longDescription = ''
Mencal is a simple variation of the well-known unix command cal.
The main difference is that you can have some periodically repeating
days highlighted in color. This can be used to track
menstruation (or other) cycles conveniently.
'';
homepage = "http://www.kyberdigi.cz/projects/mencal/english.html";
license = licenses.gpl2;
maintainers = [ maintainers.mmahut ];
platforms = platforms.all;
};
}

780
pkgs/applications/networking/browsers/firefox-bin/devedition_sources.nix
View file

File diff suppressed because it is too large Load diff

5
pkgs/applications/networking/mailreaders/notmuch/muchsync.nix
View file

@ -2,19 +2,20 @@
, notmuch, openssl, pkgconfig, sqlite, xapian, zlib
}:
stdenv.mkDerivation rec {
version = "2";
version = "5";
name = "muchsync-${version}";
passthru = {
inherit version;
};
src = fetchurl {
url = "http://www.muchsync.org/src/${name}.tar.gz";
sha256 = "1dqp23a043kkzl0g2f4j3m7r7lg303gz7a0fsj0dm5ag3kpvp5f1";
sha256 = "1k2m44pj5i6vfhp9icdqs42chsp208llanc666p3d9nww8ngq2lb";
};
nativeBuildInputs = [ pkgconfig ];
buildInputs = [ notmuch openssl sqlite xapian zlib ];
meta = {
description = "Synchronize maildirs and notmuch databases";
homepage = "http://www.muchsync.org/";
platforms = stdenv.lib.platforms.unix;
maintainers = with stdenv.lib.maintainers; [ ocharles ];
license = stdenv.lib.licenses.gpl2Plus;

4
pkgs/development/compilers/kotlin/default.nix
View file

@ -1,14 +1,14 @@
{ stdenv, fetchurl, makeWrapper, jre, unzip }:
let
version = "1.2.10";
version = "1.2.20";
in stdenv.mkDerivation rec {
inherit version;
name = "kotlin-${version}";
src = fetchurl {
url = "https://github.com/JetBrains/kotlin/releases/download/v${version}/kotlin-compiler-${version}.zip";
sha256 = "1qr61i5fjd5p7bi05hplagmcxgb05k4xdh5yjjvaq8cij5l4b1wm";
sha256 = "0mx047j98jaw0smpk150ipfbb922il2kqqp3fmsz6hvvygcx6qzv";
};
propagatedBuildInputs = [ jre ] ;

20
pkgs/development/compilers/openjdk/8.nix
View file

@ -21,42 +21,42 @@ let
else
throw "openjdk requires i686-linux or x86_64 linux";
update = "152";
build = "16";
update = "162";
build = "12";
baseurl = "http://hg.openjdk.java.net/jdk8u/jdk8u";
repover = "jdk8u${update}-b${build}";
paxflags = if stdenv.isi686 then "msp" else "m";
jdk8 = fetchurl {
url = "${baseurl}/archive/${repover}.tar.gz";
sha256 = "12r5v6srwbm5hcfwz5kib7419a72cppls1d1xkrh5pjlina74zpf";
sha256 = "1c8miw4zw5l4mwjpi386knz91lzj3kv74jgpnm1znyxf9grmblbs";
};
langtools = fetchurl {
url = "${baseurl}/langtools/archive/${repover}.tar.gz";
sha256 = "002f0nfw2g3q41iy8cvaqyiglcy1fx9dglgik8gv067c2zslwwqm";
sha256 = "1v19fsa3f84ng0inpi91iwnsn4zrhi9agh5gwzjnqg8ir7fy3nmh";
};
hotspot = fetchurl {
url = "${baseurl}/hotspot/archive/${repover}.tar.gz";
sha256 = "0mnck2c3ky4hbcjfy6p3z831dxm1y2fkxq5k94zbswm4wcvlkzia";
sha256 = "1x4acvmyiq9shnnhzrzljd0x5c5x3iv2w9q6wagavqdpkqgfs54n";
};
corba = fetchurl {
url = "${baseurl}/corba/archive/${repover}.tar.gz";
sha256 = "1xl3mc3hd5lwh1bxzck4hw60d678h3mjh144kq90iz8kfi197hpj";
sha256 = "125z4kvw9i535zvcs22pqviw46a64vli06rr92gg1zvvxz9lfmyl";
};
jdk = fetchurl {
url = "${baseurl}/jdk/archive/${repover}.tar.gz";
sha256 = "1hsfgjhp5nrsy4v6c282wq6cv37hgpm8l51cls0rnpbfqvd2cw16";
sha256 = "03g4mffd7bj50c2034885x69kbn6s29h9qwbmhbligfmz08zq28q";
};
jaxws = fetchurl {
url = "${baseurl}/jaxws/archive/${repover}.tar.gz";
sha256 = "07ispgrzcf39nxs7a9yn6gkbq0ygdzlzyq32sfk57w6vy1mrgwjh";
sha256 = "1pkd4mn3awjn0rdqdkwap96xl6ifz07ds14r1hd0fj7571h30xn5";
};
jaxp = fetchurl {
url = "${baseurl}/jaxp/archive/${repover}.tar.gz";
sha256 = "1kj5w6gk579wh1iszq2bn6k1ib7kjpjf1lp46p5rqkx0qin79sn9";
sha256 = "1m0nivgnywmpq5xc3rcaihk0xd6p6fm5y6y8cs3dg4lra722np64";
};
nashorn = fetchurl {
url = "${baseurl}/nashorn/archive/${repover}.tar.gz";
sha256 = "1j9r5r8rihp02n0ciwqr01c07d91z1hs0069rd8hk6i03dkkhk84";
sha256 = "15l2xg8pv1m632gy57bhh2if2k9v32jag76y9dg0acn3f1w9va5q";
};
openjdk8 = stdenv.mkDerivation {
name = "openjdk-8u${update}b${build}";

18
pkgs/development/compilers/openjdk/9.nix
View file

@ -21,42 +21,42 @@ let
else
throw "openjdk requires i686-linux or x86_64 linux";
update = "9.0.1";
update = "9.0.4";
build = "11";
baseurl = "http://hg.openjdk.java.net/jdk-updates/jdk9u";
repover = "jdk-${update}+${build}";
paxflags = if stdenv.isi686 then "msp" else "m";
jdk9 = fetchurl {
url = "${baseurl}/archive/${repover}.tar.gz";
sha256 = "13zqai3kpk5yi7yg3f7n2ss8spzyq0zy9431y97ni0j72h8ddsvy";
sha256 = "1y8sq0fxvj5s5gx5qm2mbr710xqrgv3d200k6bv71bawjh57v3xx";
};
langtools = fetchurl {
url = "${baseurl}/langtools/archive/${repover}.tar.gz";
sha256 = "1w2djchv3dr8hv815kxfi1458n1nbq23yzv4p8rxpl1fzxrcd5pm";
sha256 = "1n6aqmph6a9spxyfi40k8g5hy2bnfd499gr6jkmq49phdb2qg7wy";
};
hotspot = fetchurl {
url = "${baseurl}/hotspot/archive/${repover}.tar.gz";
sha256 = "1kb4h9w0xbxvndi5rk3byv3v95883nkqdzjadbw1cvqvzp3kgaw8";
sha256 = "1i34k3pc2slnjk469zskqq1z0jna1xg2zzjdk7zjrhrfgsrgvfsh";
};
corba = fetchurl {
url = "${baseurl}/corba/archive/${repover}.tar.gz";
sha256 = "0hqzmlg6dmr67ghrlh515iam34d9jx4jcdbhchbl2ny00q42diy2";
sha256 = "1k6r5yxf5h1m451vlwzk9zqkmdlln3ky3kir5qjgan4hz892f297";
};
jdk = fetchurl {
url = "${baseurl}/jdk/archive/${repover}.tar.gz";
sha256 = "0km0k9hi8wfv2d10i08jgb4kf0l8jhp1174dsmmc9yh0ig1vij08";
sha256 = "0gafc0jx8fx13y6iir9zxmqrsw1a3w71xgdvjx9rk64acc24piy2";
};
jaxws = fetchurl {
url = "${baseurl}/jaxws/archive/${repover}.tar.gz";
sha256 = "1crsr3hcq4j0xbmn1jcsw0m6hxqqkxxsib86i63vvcha94336iyp";
sha256 = "1bw3z346mna6pgz76phcmfm0ykydcwagqxhffj0mzbdll7ysw25p";
};
jaxp = fetchurl {
url = "${baseurl}/jaxp/archive/${repover}.tar.gz";
sha256 = "1w9i1zl72nq7aw9l50fc7dlggiy7iq52p8xh44hv50mdvn0xsa4k";
sha256 = "063fhnmm2g83jrdv2bl968glr46vvgjpyk9rjmh2fwfplzclb51s";
};
nashorn = fetchurl {
url = "${baseurl}/nashorn/archive/${repover}.tar.gz";
sha256 = "0rm50mk6935iqx2rla6j8j8kjs0p4f7rff0wsp0qvbf6g0pwwks1";
sha256 = "0wyx76nd4v6xy4vmp94anxwk9bfqyb0l4n3hqhfqyz6azi8pqk66";
};
openjdk9 = stdenv.mkDerivation {
name = "openjdk-${update}-b${build}";

10
pkgs/development/compilers/oraclejdk/jdk8cpu-linux.nix
View file

@ -1,11 +1,11 @@
import ./jdk-linux-base.nix {
productVersion = "8";
patchVersion = "151";
patchVersion = "161";
downloadUrl = http://www.oracle.com/technetwork/java/javase/downloads/jdk8-downloads-2133151.html;
sha256.i686-linux = "0w1snn9hxwvdnk77frhdzbsm6v30v99dy5zmpy8ij7yxd57z6ql0";
sha256.x86_64-linux = "0zq2dxbxmshz080yskhc8y2wbqi0y0kl9girxjbb4rwk837010n7";
sha256.armv7l-linux = "0fdkvg1al7g9lqbq10rlw400aqr0xxi2a802319sw5n0zipkrjic";
sha256.aarch64-linux = "1xva22cjjpwa95h7x3xzyymn1bgxp1q67j5j304kn6cqah4k31j1";
sha256.i686-linux = "1p6p93msn3bsg9775rq171kd4160w4w8z57p0qpjdjycfix62sfg";
sha256.x86_64-linux = "07h2wah80qr78y0f821z12lbdmsv90xbckdn3glnj2riwfh5dg3d";
sha256.armv7l-linux = "0mngw2lnhx3hzgp444advybhjn5hjk3mi14y72km4kp03gh82a7x";
sha256.aarch64-linux = "18l5fny7yxhpj5c935rnlq4pvwadyr5zkid6yh9x87frl401shy7";
jceName = "jce_policy-8.zip";
jceDownloadUrl = http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html;
sha256JCE = "0n8b6b8qmwb14lllk2lk1q1ahd3za9fnjigz5xn65mpg48whl0pk";

10
pkgs/development/compilers/oraclejdk/jdk8psu-linux.nix
View file

@ -1,11 +1,11 @@
import ./jdk-linux-base.nix {
productVersion = "8";
patchVersion = "152";
patchVersion = "162";
downloadUrl = http://www.oracle.com/technetwork/java/javase/downloads/jdk8-downloads-2133151.html;
sha256.i686-linux = "0gjc7kcfx40f43z1w1qsn1fqxdz8d46wml2g11qgm55ishhv2q7w";
sha256.x86_64-linux = "1gv1348hrgna9l3sssv3g9jzs37y1lkx05xq83chav9z1hs3p2r1";
sha256.armv7l-linux = "1w0hwslsd3z0kvb3z7gmbh20xsyiz73vglmdqz2108y7alim7arm";
sha256.aarch64-linux = "13qpxa8nxsnikmm7h6ysnsdqg5vl8j7hzfa8kgh20z8a17fhj9kk";
sha256.i686-linux = "097vlvvj1vr7815rgarf5x97lagi4q0kai0x4lvd4y3wrzdqikzf";
sha256.x86_64-linux = "0mq2d0lj53gzn4qqdjdgbwl0h857k2rnsnr2hkmvihnrgza85v38";
sha256.armv7l-linux = "0xzsgdmpgs1n1g70hgly0mpxflhjrmq3vxwx8gl0kmqdiv4hqwjp";
sha256.aarch64-linux = "19ykcsmvkf7sdq2lqwvyi60nhb8v7f88dqjycimrsar9y4r7skf8";
jceName = "jce_policy-8.zip";
jceDownloadUrl = http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html;
sha256JCE = "0n8b6b8qmwb14lllk2lk1q1ahd3za9fnjigz5xn65mpg48whl0pk";

27
pkgs/development/compilers/oraclejdk/jdk9-linux.nix
View file

@ -7,7 +7,6 @@
, xorg ? null
, packageType ? "JDK" # JDK, JRE, or ServerJRE
, pluginSupport ? true
, installjce ? false
, glib
, libxml2
, ffmpeg_2
@ -30,20 +29,10 @@ assert stdenv.system == "x86_64-linux";
assert swingSupport -> xorg != null;
let
version = "9.0.1";
version = "9.0.4";
downloadUrlBase = http://www.oracle.com/technetwork/java/javase/downloads;
jce =
if installjce then
requireFile {
name = "jce_policy-8.zip";
url = "${downloadUrlBase}/jce8-download-2133166.html";
sha256 = "0n8b6b8qmwb14lllk2lk1q1ahd3za9fnjigz5xn65mpg48whl0pk";
}
else
"";
rSubPaths = [
"lib/jli"
"lib/server"
@ -63,24 +52,23 @@ let result = stdenv.mkDerivation rec {
requireFile {
name = "jdk-${version}_linux-x64_bin.tar.gz";
url = "${downloadUrlBase}/jdk9-downloads-3848520.html";
sha256 = "0560dc3icrwb0ifykshvzkr04b1jr153m26x1r8rp0nhjbzz1nic";
sha256 = "18nsjn64wkfmyb09wf2k7lvhazf83cs3dyichr038vl1gs3ymi4h";
}
else if packageType == "JRE" then
requireFile {
name = "jre-${version}_linux-x64_bin.tar.gz";
url = "${downloadUrlBase}/jre9-downloads-3848532.html";
sha256 = "11pfcck8am48yv7riaj10g6h79xdiy8lm5a9wjqbm3g9cls9ar1w";
sha256 = "01fp079mr04nniyf06w8vd47qxr6rly1lbh8dqkddb8fp9h6a79k";
}
else if packageType == "ServerJRE" then
requireFile {
name = "serverjre-${version}_linux-x64_bin.tar.gz";
url = "${downloadUrlBase}/server-jre9-downloads-3848530.html";
sha256 = "1biyks6jy0a2kksaj9qbsjifv34ym5mdw8akibmkwr1xh0wavygc";
sha256 = "1jlpa4mn306hx0p9jcw3i6cpdvnng29dwjsymgcan56810q6p6yj";
}
else abort "unknown package Type ${packageType}";
nativeBuildInputs = [ file ]
++ stdenv.lib.optional installjce unzip;
nativeBuildInputs = [ file ];
buildInputs = [ makeWrapper ];
@ -108,11 +96,6 @@ let result = stdenv.mkDerivation rec {
fi
done
if test -n "${jce}"; then
unzip ${jce}
cp -v UnlimitedJCEPolicy*/*.jar $out/lib/security
fi
if test -z "$pluginSupport"; then
rm -f $out/bin/javaws
fi

4
pkgs/development/tools/build-managers/gradle/default.nix
View file

@ -52,12 +52,12 @@ rec {
};
gradle_latest = gradleGen rec {
name = "gradle-4.4";
name = "gradle-4.4.1";
nativeVersion = "0.14";
src = fetchurl {
url = "http://services.gradle.org/distributions/${name}-bin.zip";
sha256 = "0bqaksrxrshqjwba0wj72gbcxvcchjavlj39xh18qpkz5jp76j7s";
sha256 = "12b3d0cyj9wdk1m6pdi3500fzvgfks8x6wgm8hf0rhyzacc7vkz7";
};
};

8
pkgs/games/2048-in-terminal/default.nix
View file

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
name = "2048-in-terminal-${version}";
version = "2015-01-15";
version = "2017-11-29";
src = fetchFromGitHub {
sha256 = "1fdfmyhh60sz0xbilxkh2y09lvbcs9lamk2jkjkhxhlhxknmnfgs";
rev = "3e4e44fd360dfe114e81e6332a5a058a4b287cb1";
sha256 = "1cqv5z1i5zcrvj0w6pdfnnff8m6kjndqxwkwsw5ma9jz503bmyc6";
rev = "4e525066b0ef3442e92d2ba8dd373bdc205ece28";
repo = "2048-in-terminal";
owner = "alewmoose";
};
@ -18,7 +18,7 @@ stdenv.mkDerivation rec {
preInstall = ''
mkdir -p $out/bin
'';
installFlags = [ "DESTDIR=$(out)" ];
installFlags = [ "DESTDIR=$(out)/bin" ];
meta = with stdenv.lib; {
inherit (src.meta) homepage;

8
pkgs/os-specific/linux/firejail/default.nix
View file

@ -3,11 +3,11 @@ let
s = # Generated upstream information
rec {
baseName="firejail";
version="0.9.50";
version="0.9.52";
name="${baseName}-${version}";
hash="005q7f1h7z4c1wg8vzb1zh0xi4msz6z0fcph0y3ywhlbxjvpam61";
url="https://vorboss.dl.sourceforge.net/project/firejail/firejail/firejail-0.9.50.tar.xz";
sha256="005q7f1h7z4c1wg8vzb1zh0xi4msz6z0fcph0y3ywhlbxjvpam61";
hash="0w8l8z4j7iph8fp7rchhnfsrik3f00f9v5xr191fp38fphzcj56s";
url="https://vorboss.dl.sourceforge.net/project/firejail/firejail/firejail-0.9.52.tar.xz";
sha256="0w8l8z4j7iph8fp7rchhnfsrik3f00f9v5xr191fp38fphzcj56s";
};
buildInputs = [
which

4
pkgs/os-specific/linux/kernel/linux-4.14.nix
View file

@ -3,7 +3,7 @@
with stdenv.lib;
import ./generic.nix (args // rec {
version = "4.14.13";
version = "4.14.14";
# modDirVersion needs to be x.y.z, will automatically add .0 if needed
modDirVersion = concatStrings (intersperse "." (take 3 (splitString "." "${version}.0")));
@ -13,6 +13,6 @@ import ./generic.nix (args // rec {
src = fetchurl {
url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz";
sha256 = "0wjpwhrnnvf6l3zpkkxk34dl722w9yp8j3vnh0xzi3hgb8dnvd2a";
sha256 = "0jh46bfxfiw9kg36r4zvfrqlhnsqw8zikrw0b5am5qasnlp3d5lb";
};
} // (args.argsOverride or {}))

4
pkgs/os-specific/linux/kernel/linux-4.4.nix
View file

@ -1,11 +1,11 @@
{ stdenv, buildPackages, hostPlatform, fetchurl, perl, buildLinux, ... } @ args:
import ./generic.nix (args // rec {
version = "4.4.111";
version = "4.4.112";
extraMeta.branch = "4.4";
src = fetchurl {
url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz";
sha256 = "0260gvby59n550ijm9q43cnzw1gqizll28nv3vsv8qmgiqp2h0d2";
sha256 = "1k8ys7zxdbz9vkhhrb6p85dpsl5ljzy1hsn72mhqj8nhxv5l4jsl";
};
} // (args.argsOverride or {}))

4
pkgs/os-specific/linux/kernel/linux-4.9.nix
View file

@ -1,11 +1,11 @@
{ stdenv, buildPackages, hostPlatform, fetchurl, perl, buildLinux, ... } @ args:
import ./generic.nix (args // rec {
version = "4.9.76";
version = "4.9.77";
extraMeta.branch = "4.9";
src = fetchurl {
url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz";
sha256 = "1pl7x1fnyhvwbdxgh0w5fka9dyysi74n8lj9fkgfmapz5hrr8axq";
sha256 = "0p3hnfj0597vznvvjcb4ynciafnmvmnphkk6izcj67kgp4zvqabw";
};
} // (args.argsOverride or {}))

4
pkgs/os-specific/linux/kernel/linux-hardened-copperhead.nix
View file

@ -3,9 +3,9 @@
with stdenv.lib;
let
version = "4.14.13";
version = "4.14.14";
revision = "a";
sha256 = "08fvb1lllb0xkckw2y66g0j5z88kp877r51jj3kksfkvjfibjr0j";
sha256 = "1jaln2xa6hhnd3vy6zmvhzq0hli2df3kw0ivcyrbrpw7p6h5z4ds";
# modVersion needs to be x.y.z, will automatically add .0 if needed
modVersion = concatStrings (intersperse "." (take 3 (splitString "." "${version}.0")));

7
pkgs/servers/squid/4.nix
View file

@ -10,8 +10,8 @@ stdenv.mkDerivation rec {
};
buildInputs = [
perl openldap pam db cyrus_sasl libcap expat libxml2 openssl
];
perl openldap db cyrus_sasl expat libxml2 openssl
] ++ stdenv.lib.optionals stdenv.isLinux [ libcap pam ];
configureFlags = [
"--enable-ipv6"
@ -19,11 +19,12 @@ stdenv.mkDerivation rec {
"--disable-arch-native"
"--with-openssl"
"--enable-ssl-crtd"
"--enable-linux-netfilter"
"--enable-storeio=ufs,aufs,diskd,rock"
"--enable-removal-policies=lru,heap"
"--enable-delay-pools"
"--enable-x-accelerator-vary"
] ++ stdenv.lib.optionals stdenv.isLinux [
"--enable-linux-netfilter"
];
meta = with stdenv.lib; {

7
pkgs/servers/squid/default.nix
View file

@ -10,8 +10,8 @@ stdenv.mkDerivation rec {
};
buildInputs = [
perl openldap pam db cyrus_sasl libcap expat libxml2 openssl
];
perl openldap db cyrus_sasl expat libxml2 openssl
] ++ stdenv.lib.optionals stdenv.isLinux [ libcap pam ];
configureFlags = [
"--enable-ipv6"
@ -19,11 +19,12 @@ stdenv.mkDerivation rec {
"--disable-arch-native"
"--with-openssl"
"--enable-ssl-crtd"
"--enable-linux-netfilter"
"--enable-storeio=ufs,aufs,diskd,rock"
"--enable-removal-policies=lru,heap"
"--enable-delay-pools"
"--enable-x-accelerator-vary"
] ++ stdenv.lib.optionals stdenv.isLinux [
"--enable-linux-netfilter"
];
meta = with stdenv.lib; {

4
pkgs/tools/misc/mbuffer/default.nix
View file

@ -3,12 +3,12 @@
} :
stdenv.mkDerivation rec {
version = "20170806";
version = "20171011";
name = "mbuffer-${version}";
src = fetchurl {
url = "http://www.maier-komor.de/software/mbuffer/mbuffer-${version}.tgz";
sha256 = "0kbvxrd1k0509whgyl7w20cmqn5q16vjjh7d9glpl2j4lfd66ljw";
sha256 = "1z6is359dnlf61n6ida9ivghafzz5m8cf4hzdhma8nxv12brfbzb";
};
buildInputs = [ openssl ];

31
pkgs/tools/misc/woof/default.nix Normal file
View file

@ -0,0 +1,31 @@
{ stdenv, fetchurl, python }:
stdenv.mkDerivation rec {
version = "2012-05-31";
name = "woof-${version}";
src = fetchurl {
url = "http://www.home.unix-ag.org/simon/woof-${version}.py";
sha256 = "d84353d07f768321a1921a67193510bf292cf0213295e8c7689176f32e945572";
};
buildInputs = [ python ];
unpackPhase = "true";
installPhase =
''
mkdir -p $out/bin
cp $src $out/bin/woof
chmod +x $out/bin/woof
'';
meta = with stdenv.lib; {
homepage = http://www.home.unix-ag.org/simon/woof.html;
description = "Web Offer One File - Command-line utility to easily exchange files over a local network";
license = stdenv.lib.licenses.gpl2Plus;
platforms = stdenv.lib.platforms.unix;
maintainers = with maintainers; [ lschuermann ];
};
}

4
pkgs/tools/package-management/dpkg/default.nix
View file

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
name = "dpkg-${version}";
version = "1.19.0.4";
version = "1.19.0.5";
src = fetchurl {
url = "mirror://debian/pool/main/d/dpkg/dpkg_${version}.tar.xz";
sha256 = "02lrwrkl2g1jwj71088rwswx07a1zq1jkq7193lbvy8jj2qnp9lq";
sha256 = "1dc5kp3fqy1k66fly6jfxkkg7w6d0jy8szddpfyc2xvzga94d041";
};
configureFlags = [

4
pkgs/tools/security/keybase/default.nix
View file

@ -2,7 +2,7 @@
buildGoPackage rec {
name = "keybase-${version}";
version = "1.0.33";
version = "1.0.39";
goPackagePath = "github.com/keybase/client";
subPackages = [ "go/keybase" ];
@ -13,7 +13,7 @@ buildGoPackage rec {
owner = "keybase";
repo = "client";
rev = "v${version}";
sha256 = "1zgvriyir2ga0p4ah9ia1sbl9ydnrnw5ggq4c1ya8gcfgn8vzdsf";
sha256 = "0b64h536xp8r1q7fa23mf1p8ybnh0fz1n468fp56mvh98vmqys5b";
};
buildFlags = [ "-tags production" ];

4
pkgs/top-level/all-packages.nix
View file

@ -3459,6 +3459,8 @@ with pkgs;
memo = callPackage ../applications/misc/memo/default.nix { };
mencal = callPackage ../applications/misc/mencal/default.nix { } ;
metamorphose2 = callPackage ../applications/misc/metamorphose2 { };
metar = callPackage ../applications/misc/metar { };
@ -5116,6 +5118,8 @@ with pkgs;
woff2 = callPackage ../development/web/woff2 { };
woof = callPackage ../tools/misc/woof { };
wsmancli = callPackage ../tools/system/wsmancli {};
wolfebin = callPackage ../tools/networking/wolfebin {