3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

90980 commits

Author SHA1 Message Date
obadz 4876c7362b stun: 0.96 -> 0.97 2016-09-07 18:25:59 +01:00
Peter Simons 3520aab773 Merge pull request #18397 from LnL7/haskell-ghc710x-texmath
haskellPackages.texmath: fix ghc710x build inputs
2016-09-07 19:20:09 +02:00
Daiderd Jordan cc38535845
haskellPackages: cleanup ghc710x 2016-09-07 19:17:33 +02:00
Daiderd Jordan 985a260a12
haskellPackages.texmath: fix ghc710x build inputs 2016-09-07 19:15:47 +02:00
aszlig dd98b6fb9f
nixos/stage2: Fix mounting special filesystems
This partially reverts commit ab9537ca22.

From the manpage of systemd-nspawn(1):

  Note that systemd-nspawn will mount file systems private to the
  container to /dev, /run and similar.

Testing this in a shell turns out:

$ sudo systemd-nspawn --bind-ro=/nix/store "$(readlink "$(which ls)")" /proc
Spawning container aszlig on /home/aszlig.
Press ^] three times within 1s to kill container.
/etc/localtime does not point into /usr/share/zoneinfo/, not updating
container timezone.
1          execdomains  kpageflags    stat
acpi       fb           loadavg       swaps
asound     filesystems  locks         sys
buddyinfo  fs           meminfo       sysrq-trigger
bus        interrupts   misc          sysvipc
cgroups    iomem        modules       thread-self
cmdline    ioports      mounts        timer_list
config.gz  irq          mtrr          timer_stats
consoles   kallsyms     net           tty
cpuinfo    kcore        pagetypeinfo  uptime
crypto     key-users    partitions    version
devices    keys         scsi          vmallocinfo
diskstats  kmsg         self          vmstat
dma        kpagecgroup  slabinfo      zoneinfo
driver     kpagecount   softirqs
Container aszlig exited successfully.

So the test on whether PID 1 exists in /proc is enough, because if we
use PID namespaces there actually _is_ a PID 1 (as shown above) and the
special file systems are already mounted. A test on the $containers
variable actually mounts them twice.

This unbreaks NixOS containers and I've tested this against the
containers-imperative NixOS test.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @rickynils, @shlevy, @edolstra
2016-09-07 18:10:08 +02:00
Michael Raskin 6795952149 libchop: a hack to work around broken guile path detection 2016-09-07 18:06:53 +02:00
Eelco Dolstra 039ac38d1e minio-client: Init at 20160821 2016-09-07 17:41:53 +02:00
Eelco Dolstra 2597562d42 minio: Init at 20160821 2016-09-07 17:41:53 +02:00
Eelco Dolstra 587348743c go: Remove unused version 2016-09-07 17:41:53 +02:00
Michael Raskin 16ce4fa511 pythonPackages.pyqt4: actually use dbus-python to build dbus.mainloop.qt; fixes ffadoFull build 2016-09-07 17:32:52 +02:00
Domen Kožar e986cb3425 Revert "travis: only fetch top commit"
This reverts commit 3c0fdefd84.

We have to keep more history because travis build could be
triggered after new commit is made, meaning it won't be able
to checkout the repository.
2016-09-07 17:14:38 +02:00
Rob Vermaas 2410608814 NixOS 17.03 will be called Gorilla 2016-09-07 15:05:00 +00:00
Domen Kožar 1697f9c130 xulrunner: set to firefox-unwrapped
(cherry picked from commit ef9e2154e2)
Signed-off-by: Domen Kožar <domen@dev.si>
2016-09-07 16:52:05 +02:00
Domen Kožar 4c22a048d7 Revert "Revert "xulrunner: Remove""
This reverts commit 5041cae5b7.

This is fixed in follow up commit.
2016-09-07 16:51:38 +02:00
aszlig 75efdc6502
nixos/tests/blivet: Fix btrfs-related tests
The loopback-based tests use a storage size of 102400 blocks (one block
is 1024 bytes), which doesn't seem to fit for btrfs volumes in recent
btrfs versions. I'm setting this to 409600 (400 MB) now so that it
should be enough for later versions in case they need even more space
for subvolumes.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-09-07 16:32:12 +02:00
Eelco Dolstra 5041cae5b7 Revert "xulrunner: Remove"
This reverts commit 8c3e9ea53e.
2016-09-07 15:17:39 +02:00
aszlig fb46df8a9a
nixos: Fix ordering of firewall.service
Follow-up to the following commits:

  abdc5961c3cdf9f5893ea1e91ba08ff5089f53a4: Fix starting the firewall
  e090701e2d09aec3e8866ab9a8e53c37973ffeb4: Order before sysinit

Solely use sysinit.target here instead of multi-user.target because we
want to make sure that the iptables rules are applied *before* any
socket units are started.

The reason I've dropped the wantedBy on multi-user.target is that
sysinit.target is already a part of the dependency chain of
multi-user.target.

To make sure that this holds true, I've added a small test case to
ensure that during switch of the configuration the firewall.service is
considered as well.

Tested using the firewall NixOS test.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @edolstra
2016-09-07 15:11:24 +02:00
Bjørn Forsman 10b335992e Fix eval (due to xulrunner removal) 2016-09-07 15:08:13 +02:00
Domen Kožar 72f4bc9cf9 Merge pull request #18394 from groxxda/gazebo
gazeboSimulator: fix builds
2016-09-07 14:57:15 +02:00
Eelco Dolstra 8c3e9ea53e xulrunner: Remove 2016-09-07 14:43:29 +02:00
Eelco Dolstra 445a39a23b chatzilla: 0.9.91 -> 0.9.92 2016-09-07 14:42:55 +02:00
Eelco Dolstra e090701e2d firewall: Order before sysinit
Suggested by @aszlig.
2016-09-07 14:42:30 +02:00
Eelco Dolstra abdc5961c3 Fix starting the firewall
Probably as a result of 992c514a20, it
was not being started anymore.

My understanding of systemd.special(7) (section "Special passive
system units") is that the firewall should want network-pre.target,
rather than the other way around (not very intuitive...). This in
itself does not cause the firewall to be wanted, which is why the
wanted-by relationship with multi-user.target is necessary.

http://hydra.nixos.org/build/39965589
2016-09-07 14:30:11 +02:00
Alexander Ried 7a623aec47 ignition-transport: fix cmake file 2016-09-07 14:24:18 +02:00
Alexander Ried b6be650608 gazebo.sdformat: fix cmake file 2016-09-07 14:23:33 +02:00
Eelco Dolstra d8625f6d25 Make the NFSv4 tests release-critical
We can probably drop NFSv3...
2016-09-07 14:15:57 +02:00
Eelco Dolstra 58b028f9ee nfs module: Fix dependency on statd and idmapd
http://hydra.nixos.org/build/40038016
2016-09-07 14:15:57 +02:00
Eelco Dolstra 015c984537 nfs module: Improve descriptions 2016-09-07 14:15:57 +02:00
Eelco Dolstra d0857bb1e6 openresolv: 3.7.0 -> 3.8.1 2016-09-07 14:15:57 +02:00
Alexey Shmalko b7237abc08 avahi-daemon: remove default browse-domains
These domains are not actually default but examples. See
https://github.com/lathiat/avahi/blob/master/avahi-daemon/avahi-daemon.conf#L24
for default config.
2016-09-07 13:58:21 +02:00
Rahul Gopinath 3ddf76c00a mono: init at 4.6 2016-09-07 12:42:48 +02:00
Tuomas Tynkkynen c57d6821aa perlPackages.MozillaLdap: Reference correct output of openldap 2016-09-07 13:00:56 +03:00
aszlig 1187b00e58
qtkeychain: Allow building with Qt 5
So far we don't yet need the Qt 5 build for qtkeychain because the two
packages that depend on it are still using Qt 4. However, the next
upstream version of Tomahawk for example already uses Qt 5, so let's
prepare for that.

Tested building against Tomahawk Git master with qt5.qtkeychain.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-09-07 11:43:39 +02:00
aszlig eeebc13e03
qtkeychain: 0.4.0 -> 0.7.0
Upstream changes since version 0.4.0:

  * version 0.5.0 (release 2015-05-04):
    - Added support for KWallet5 (KDE5/KF)
  * version 0.6.0 (release 2016-03-18)
    - Added support for the Windows Credential Store
  * version 0.6.1 (release 2016-03-31)
    - Fix KWallet not working (regressions in 0.6.0)
  * version 0.6.2 (release 2016-04-04)
    - KWallet: Fixes a crash when storing passwords, seen on Debian/KDE4
  * version 0.7.0 (release 2016-05-23)
    - Bump SO version due to 0.6 being binary-incompatible to previous
      releases

Tomahawk and owncloud-client depend on this library, both are still
building fine after this update.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-09-07 11:43:36 +02:00
aszlig da24fbd0ec
qtkeychain: Fix install of translations
The following doesn't seem to be quite right and I have missed this when
I was introducing qtkeychain in the first place:

-- Installing: /nix/store/...-qtkeychain-0.4.0/$out/share/qt/translations/qtkeychain_de.qm
-- Installing: /nix/store/...-qtkeychain-0.4.0/$out/share/qt/translations/qtkeychain_ro.qm

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-09-07 11:43:32 +02:00
Shea Levy 03b888e205 Merge branch 'stage2-generalise-containers' of https://github.com/rickynils/nixpkgs 2016-09-07 05:39:22 -04:00
Eelco Dolstra 70be99c645 Merge pull request #18365 from NixOS/fix-sshd-failure
Make /var/empty immutable (with chattr +i)
2016-09-07 11:18:49 +02:00
Domen Kožar 8f95e6f6aa hardcode e2fsprogs, idempotent chmod, remove care condition 2016-09-07 10:49:27 +02:00
Peter Simons 4a265a68bd Merge pull request #18381 from siddharthist/dovecot/mailUser
dovecot service: require mail{User,Group} with sieveScripts
2016-09-07 10:16:17 +02:00
Rickard Nilsson ab9537ca22 nixos: Generalise the container tests in stage-2 boot
This way, stage-2 behaves correctly also for libvirt-lxc containers.

Some more discussion on this:
a7a08188bf
bfe46a653b
2016-09-07 07:50:04 +00:00
Franz Pletz 5f6557d437
charybdis: 3.5.1 -> 3.5.3 (security)
Fixes CVE-2016-7143 (certificate fingerprint spoofing through crafted
SASL messages).
2016-09-07 08:12:02 +02:00
Franz Pletz 5929399527
graphicsmagick: 1.3.24 -> 1.3.25 (security)
Includes some security fixes, see

  http://www.graphicsmagick.org/NEWS.html#september-5-2016
2016-09-07 07:08:51 +02:00
Joachim F 526746d874 Merge pull request #18383 from peterhoeg/lw
ledger-web: we have bundlerEnv, let us use it
2016-09-07 07:08:17 +02:00
Edward Tjörnhammar e051ac665c
android-studio: add 32bit zlib for api 22 2016-09-07 06:47:40 +02:00
Franz Pletz 6a11b816ff Merge pull request #17386 from vrthra/ruby
ruby: 2.2.3 -> 2.2.5 and 2.1.7 -> 2.1.10
2016-09-07 06:37:18 +02:00
Rahul Gopinath 3b9b8726bd ruby: 2.1.7 -> 2.1.10 2016-09-06 21:14:00 -07:00
Rahul Gopinath 7163bab78f ruby: 2.2.3 -> 2.2.5 2016-09-06 21:13:59 -07:00
Peter Hoeg 222d084927 ledger-web: we have bundlerEnv, let us use it 2016-09-07 11:17:12 +08:00
Franz Pletz 7949e69382
chromium: update to latest channel releases (security)
Fixes the following security problems:

- CVE-2016-5147: Universal XSS in Blink
- CVE-2016-5148: Universal XSS in Blink
- CVE-2016-5149: Script injection in extensions
- CVE-2016-5150: Use after free in Blink
- CVE-2016-5151: Use after free in PDFium
- CVE-2016-5152: Heap overflow in PDFium
- CVE-2016-5153: Use after destruction in Blink
- CVE-2016-5154: Heap overflow in PDFium
- CVE-2016-5155: Address bar spoofing
- CVE-2016-5156: Use after free in event bindings
- CVE-2016-5157: Heap overflow in PDFium
- CVE-2016-5158: Heap overflow in PDFium
- CVE-2016-5159: Heap overflow in PDFium
- CVE-2016-5160: Extensions web accessible resources bypass
- CVE-2016-5161: Type confusion in Blink.
- CVE-2016-5162: Extensions web accessible resources bypass
- CVE-2016-5163: Address bar spoofing
- CVE-2016-5164: Universal XSS using DevTools
- CVE-2016-5165: Script injection in DevTools
- CVE-2016-5166: SMB Relay Attack via Save Page As
- CVE-2016-5167: Various fixes from internal audits, fuzzing and other initiatives
2016-09-07 04:49:56 +02:00
Peter Hoeg d4eac0278c calibre: 2.64.0 -> 2.66.0 (#18311)
A few additional changes:

1. We load patches from debian for improving privacy and security
2. Now with QT 5.6 instead of 5.5
3. We strip bundled python code and use proper upstream instead
2016-09-07 04:32:06 +02:00