3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

6228 commits

Author SHA1 Message Date
Eelco Dolstra a82810c7a7
linux: Apply 9p veryloose patch to 4.9 2017-01-24 13:05:02 +01:00
Franz Pletz 7c5324f29a
nftables: disable broken xtables support 2017-01-24 11:47:34 +01:00
Daiderd Jordan adfb7e1f13
kwm: init at 1.1.4 2017-01-24 08:31:11 +01:00
Shea Levy 4f9f00fcc9 Add function to build a ghc standalone archive (OSX/iOS only) 2017-01-23 18:35:03 -05:00
Daiderd Jordan 0f91cdc45f
kwm: init at 4.0.4 2017-01-23 21:45:01 +01:00
Daiderd Jordan 034d39b244
darwin: update shas, some sources where re-released with different metadata 2017-01-23 19:39:03 +01:00
Shea Levy b82d6b3a0a ios-cross: Expose the SDK directory via ccCross 2017-01-23 08:23:43 -05:00
Franz Pletz e10cd27269
Merge branch 'staging' 2017-01-23 11:06:41 +01:00
Tim Steinbach fc8233a64f
kernel: 4.4.43 -> 4.4.44 2017-01-22 12:11:50 -05:00
Franz Pletz b1e9acfb18 Merge pull request #21990 from Mic92/utillinux
utillinux: undo seccomp sandbox and improve purity
2017-01-22 14:15:01 +01:00
Franz Pletz f09c5c9c45
nftables: 0.6 -> 0.7, enable xtables support 2017-01-22 13:01:01 +01:00
Franz Pletz 210f894c12
iptables: split out dev output 2017-01-22 13:01:01 +01:00
Franz Pletz 016a194ac8
conntrack_tools: 1.4.3 -> 1.4.4 2017-01-22 13:01:01 +01:00
Jörg Thalheim 7cb14d4353 Merge pull request #22020 from Mic92/zfs
ZfsUnstable: 0.7.0-rc2 -> 0.7.0-rc3
2017-01-21 23:50:28 +01:00
Franz Pletz 56c6a4391f
zfs: add hint to try unstable version, fix typo 2017-01-21 23:35:55 +01:00
Franz Pletz 61caacbf47
linux: 4.1.36 -> 4.1.38 2017-01-21 20:41:38 +01:00
Franz Pletz ce3b98d08b
linux: 3.18.45 -> 3.18.47 2017-01-21 20:41:36 +01:00
Jörg Thalheim adecd56871
splUnstable: 0.7.0-rc2 -> 0.7.0-rc3 2017-01-21 18:18:33 +01:00
Jörg Thalheim c33e1e06fa
zfsUnstable: 0.7.0-rc2 -> 0.7.0-rc3 2017-01-21 18:18:17 +01:00
Michael Raskin dc6413399c eudev: fix build with a fresh gperf 2017-01-21 08:55:17 +01:00
Daiderd Jordan c7d49e5f69
darwin: fixed eval of frameworks 2017-01-21 01:01:46 +01:00
Robert Helgesson ba4687c3ea
radeontop: 2016-07-04 -> 2016-10-28
This is actually version 1.0 but to support `nix-env -u` we continue
using the release date.
2017-01-20 23:14:53 +01:00
Shea Levy e70dcf6818 ios-cross: Bump sdk version, verify sdk install at build time 2017-01-20 14:10:15 -05:00
Vladimír Čunát 6b6553c768
Merge branch 'staging'
It contains security updates.  I somehow forgot to push this yesterday.
2017-01-20 16:33:59 +01:00
Shea Levy 34c52896d1 linux 4.9.4 -> 4.9.5 2017-01-20 09:36:04 -05:00
Nikolay Amiantov d75a3cfb29 Merge pull request #21995 from abbradar/opencl
Fix OpenCL support
2017-01-20 12:09:17 +03:00
Nikolay Amiantov 05eee18e7a linuxPackages.nvidia_x11: fix OpenCL support
* Move OpenCL .icd file to the right place;
* Remove libOpenCL.so (we use ocl-icd instead).
2017-01-20 03:37:51 +03:00
Robin Gloster a6ebca448e
iproute: update fan patches 2017-01-19 17:28:22 +01:00
Jörg Thalheim 104a37a9fb
util-linux: improve purity by using login from shadow
replacing shutdown in postPatch phase is not necessary as rtcwake was already
patched to use the search path (the only user of shutdown)
2017-01-19 15:13:38 +01:00
Jörg Thalheim 4b9b1fa945
util-linux: remove seccomp sandbox for CVE-2016-2279
the patch for CVE-2016-2779 was reverted by upstream and was not adopted
by any other downstream distributions. Upstream waits for a better fix
in the kernel:
https://www.kernel.org/pub/linux/utils/util-linux/v2.28/v2.28-ReleaseNotes
2017-01-19 15:10:18 +01:00
Vladimír Čunát 40003aa2ed
Merge branch 'master' into staging 2017-01-18 15:54:04 +01:00
Tuomas Tynkkynen 9fc3ce73d1 kernel config: Enable BONDING and TMPFS_POSIX_ACL
Yet again something that's lacking on other platforms than x86.
2017-01-18 01:21:08 +02:00
Eelco Dolstra e9109b1b97
linux: 4.4.42 -> 4.4.43 2017-01-17 12:02:46 +01:00
Eelco Dolstra 9a9be9296f
linux: 4.9.3 -> 4.9.4 2017-01-17 12:02:46 +01:00
Tuomas Tynkkynen 08ddb16865 linux_testing: 4.10-rc2 -> 4.10-rc4 2017-01-16 11:41:13 +02:00
Thomas Tuegel 04d11637cb
linux_4_9: enable support for amdgpu on older chipsets
Linux 4.9 includes experimental amdgpu support for AMD Southern Islands
chipsets. (By default, only Sea Islands and newer chipsets are supported.)
Southern Islands chips will still use radeon by default, but daring users may
set `services.xserver.videoDrivers = [ "amdgpu" ];` to try the experimental
driver.
2017-01-15 16:29:50 -06:00
Jörg Thalheim 12b2830446
wireguard: 0.0.20170105 -> 0.0.20170115 2017-01-15 17:33:54 +01:00
Daiderd Jordan d6517b6e5e Merge pull request #21898 from matthewbauer/darwintools
DarwinTools: init at 1
2017-01-15 10:11:39 +01:00
Jörg Thalheim 2ab883c9da
sysdig: patch for linux >= 4.9.1 2017-01-15 00:08:12 +01:00
Tim Steinbach e8d3c74b49
util-linux: 2.28.1 -> 2.29 2017-01-14 12:57:58 -05:00
Tim Steinbach afb73be9f7 busybox: 1.26.1 -> 1.26.2 2017-01-14 17:19:43 +01:00
Tim Steinbach 295337ead5
linux: 4.9.2 -> 4.9.3 2017-01-14 11:02:26 -05:00
Tim Steinbach 9158b89fd3
linux: 4.4.41 -> 4.4.42 2017-01-14 11:01:52 -05:00
Franz Pletz 44efd447b6 Merge pull request #21816 from NeQuissimus/linux_4_8_removal
linux: Remove 4.8
2017-01-12 10:22:29 +01:00
Graham Christensen d20d38e68d
nvidia_x11_legacy340: 340.96 -> 340.101 for CVE-2016-7382, CVE-2016-7389, CVE-2016-8826 2017-01-11 20:11:20 -05:00
Graham Christensen 9837dce6d2
nvidia_x11_legacy304: 304.131 -> 304.134 for CVE-2016-7382, CVE-2016-7389, CVE-2016-8826 2017-01-11 20:11:14 -05:00
Tim Steinbach d483a871d1
linux: Remove 4.8 2017-01-11 16:59:29 -05:00
Jude Taylor 3f49c4f3ce reattach-to-user-namespace: fix version 2017-01-10 12:21:43 -08:00
Jude Taylor f2713ce805 update reattach-to-user-namespace 2017-01-10 11:51:03 -08:00
David McFarland b2da3d3050 amdgpu-pro: 16.40 -> 16.50 (#21502) 2017-01-10 15:24:21 +01:00
Michael Raskin 5b9d80646b mdadm4: init at 4.0
Would be just mdadm: 3.3.4 -> 4.0, but it doesn't look like there are
urgent bugfixes, and it is a major release, and wrong RAID handling
kills data, so let's let the early adopters test it a bit.
2017-01-10 14:09:20 +01:00
Franz Pletz 6b01b229c2
linux: 4.9.1 -> 4.9.2 2017-01-10 07:45:19 +01:00
Franz Pletz 3b17823187
linux: 4.8.16 -> 4.8.17 2017-01-10 07:45:19 +01:00
Franz Pletz 4c43937af0
linux: 4.4.40 -> 4.4.41 2017-01-10 07:45:18 +01:00
Pascal Wittmann 18c0b54981
linuxConsoleTools: 1.4.9 -> 1.6.0 2017-01-09 22:08:30 +01:00
Vladimír Čunát c82baee8ac
sssd: fixup build after bind output changes #21685 2017-01-09 20:24:01 +01:00
Jörg Thalheim 87e1c49298
android-udev-rules: 20170106 -> 20170109 2017-01-09 13:40:31 +01:00
Jörg Thalheim adbcb37db5
android-udev-rules: 20161014 -> 20170106 2017-01-08 23:40:40 +01:00
Michael Raskin 9653be493a firejail: 0.9.44.2 -> 0.9.44.4 2017-01-08 13:58:24 +01:00
Matthew Bauer 6f72be9962
DarwinTools: init at 1 2017-01-08 02:28:44 -06:00
Joachim Fasting d6ff445f10
grsecurity: 4.8.15-201612301949 -> 4.8.16-201701062021 2017-01-07 08:01:41 +01:00
Tim Steinbach c1d20ea50c
kernel: 4.9.0 -> 4.9.1 2017-01-06 16:15:18 -05:00
Tim Steinbach ecf87b11f2
kernel: 4.8.15 -> 4.8.16 2017-01-06 16:15:02 -05:00
Tim Steinbach 8fda707027
kernel: 4.4.39 -> 4.4.40 2017-01-06 16:14:30 -05:00
Vladimír Čunát 07bf828bd9
Merge branch 'staging'; security /cc #21642 2017-01-06 16:32:47 +01:00
Jörg Thalheim ca0d747d6d Merge pull request #21578 from Mic92/zfs
zfs: add unstable variant
2017-01-05 12:52:56 +01:00
Jason A. Donenfeld 1ba9a3cd9b wireguard: 0.0.20161230 -> 0.0.20170105
Version bump that contains some new tools.

fixes #21666
2017-01-05 10:38:58 +00:00
Jörg Thalheim 4029470a6f
zfs: add unstable variant
Until now nixos only delivered the latest zfs release. This release is often not
compatible with the latest mainline kernel. Therefor an unstable variant is
added, which might be based on testing releases or git revisions.

fixes #21359
2017-01-05 08:40:50 +01:00
Franz Pletz 08d1f28818
Revert "iproute: remove broken fan patch"
This reverts commit 0d5a5307be because it
breaks evaluation. See #21561.
2017-01-04 22:30:55 +01:00
Jörg Thalheim 0779fdb3e4 Merge pull request #21561 from Mic92/iproute
iproute: remove broken fan patch
2017-01-04 21:47:54 +01:00
Daiderd Jordan 27660cfdc0
Merge branch 'master' into staging 2017-01-04 01:42:26 +01:00
Alexander Kahl 61d125b842 sssd: init at 1.14.2
perlPackages.TextWrapI18N: init at 0.06
perlPackages.Po4a: init at 0.47
jade: init at 1.2.1
ding-libs: init at 0.6.0

Switch nscd to no-caching mode if SSSD is enabled.

abbradar: disable jade parallel building.

Closes #21150
2017-01-04 03:07:20 +03:00
Daiderd Jordan 6158604d8a Merge pull request #21603 from abuibrahim/master
ofp: init at 2.0.0
2017-01-04 00:12:58 +01:00
Ruslan Babayev f3e2feb057 ofp: init at 2.0.0 2017-01-03 10:28:46 -08:00
Tim Steinbach 92d0a977d9 Merge pull request #21614 from NeQuissimus/busybox_1_26_1
busybox: 1.25.1 -> 1.26.1
2017-01-03 13:09:35 -05:00
Daiderd Jordan 538d1b688a stdenv: bootstrap cmake and python on darwin 2017-01-03 18:01:47 +01:00
Tim Steinbach 9bd93ac6e0
busybox: 1.25.1 -> 1.26.1 2017-01-03 08:40:32 -05:00
Tuomas Tynkkynen 2a4c8313e4 linux_testing: 4.10-rc1 -> 4.10-rc2 2017-01-03 13:51:23 +02:00
Michael Raskin 237629a090 eudev: 3.2 -> 3.2.1 2017-01-02 20:18:49 +01:00
Michael Raskin 11bfe01846 firejail: 0.9.42 -> 0.9.44.2 2017-01-02 20:18:47 +01:00
Balletie 66c745e30d
pommed-light: init at 1.50lw 2017-01-02 19:40:43 +01:00
Jörg Thalheim 1fa75a5bb7
sysdig: 0.12.0 -> 0.13.0 2017-01-02 08:10:47 +01:00
Daiderd Jordan 5a67b130b9
Merge branch 'master' into staging 2017-01-02 00:54:17 +01:00
Ruslan Babayev 1bead81275 pktgen: fix runtime paths
The Lua and lscpu path substitution got accidentally removed in
with commit 605b8095ca
2017-01-01 15:44:21 -08:00
Jörg Thalheim f3052035ee
wireguard: 0.0.20161223 -> 0.0.20161230
fixes #21572
2017-01-01 21:24:33 +01:00
Jörg Thalheim db8c9ef3ff
bcc: git-2016-08-30 -> 0.2.0 2017-01-01 10:29:17 +01:00
Joachim Fasting 75ce714818
grsecurity: 4.8.15-201612151923 -> 201612301949 2017-01-01 06:01:04 +01:00
Jörg Thalheim 0d5a5307be
iproute: remove broken fan patch 2017-01-01 05:17:53 +01:00
Ruslan Babayev 605b8095ca pktgen: 3.0.13 -> 3.1.0 2016-12-31 16:43:11 -08:00
Ruslan Babayev aeb41bbf75 odp-dpdk: 2016-08-16 -> 1.12.0.0 2016-12-31 16:23:47 -08:00
Ruslan Babayev dd45691fe0 dpdk: 16.07 -> 16.07.2 2016-12-31 16:22:52 -08:00
Vladimír Čunát 6bded45883
flex: 2.6.1 -> 2.6.3
This resolves some warnings and errors introduced in 2.6.x.
2016-12-30 23:17:08 +01:00
Aneesh Agrawal 652a87018b
googleAuthenticator: 1.0 -> 1.03 2016-12-30 06:49:17 -05:00
Eelco Dolstra bbd03e236a
Use looser 9pfs caching in VM tests/builds
This can give significant speed ups, see
7e20254412.
2016-12-29 21:26:16 +01:00
Robin Gloster 3fcdbedbef
iproute: 4.8.0 -> 4.9.0 2016-12-29 02:52:55 +01:00
Franz Pletz 1cbb04e72e
iproute: 4.7.0 -> 4.8.0 2016-12-29 02:52:55 +01:00
Robin Gloster 3e8bb7237d
cryptsetup: 1.7.1 -> 1.7.3 2016-12-29 02:52:54 +01:00
Franz Pletz c2a979fbfd
cryptsetup: 1.7.0 -> 1.7.1 2016-12-29 02:52:54 +01:00
Nikolay Amiantov cdf306909f udev182: remove 2016-12-29 00:11:40 +03:00
Nikolay Amiantov a36a2412ee libudev0-shim: init at 1 2016-12-29 00:11:40 +03:00
Tuomas Tynkkynen 45338a3077 fuse: Minor cleanup 2016-12-28 17:37:10 +02:00
Franz Pletz c6bcc485de
linux_4_8: add patch to fix CVE-2016-9919 2016-12-28 06:35:11 +01:00
Tuomas Tynkkynen 5ba7f33e3a linux_testing: 4.9-rc8 -> 4.10-rc1 2016-12-27 01:35:10 +02:00
Tuomas Tynkkynen e60bb86d00 kexectools: 2.0.13 -> 2.0.14
ARM patch is included upstream now.
2016-12-26 18:54:34 +02:00
Michael Raskin 2c616b0473 xf86-input-wacom: 0.32.0 -> 0.34.0 2016-12-25 22:56:32 +01:00
aszlig 6af6cec8b2
Revert "thin-provisioning-tools: init at 0.6.1"
This reverts commit 55b18ac486.

There is already a "thin-provisioning-tools" package (see
cd1ec18b42).

Although this one was committed earlier, I'm reverting it because it's
not only older, but it's unreferenced within <nixpkgs>.

Apart from that the packaging of the other package is of higher
packaging quality (maintainer and license, doesn't use "descriptionS",
uses autoreconfHook).

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @globin, @dwe11er, @jagajaga
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-12-25 02:05:49 +01:00
Tuomas Tynkkynen 0e3b56c7b9 alsa-lib: Remove unnecessary crossAttrs
It's breaking the cross build.
2016-12-24 22:41:32 +02:00
Jörg Thalheim c98f3ffea8
wireguard: 0.0.20161218 -> 0.0.20161223 2016-12-24 13:55:32 +01:00
Vladimír Čunát c655399126
Merge branch 'staging' 2016-12-24 10:50:49 +01:00
Frederik Rietdijk 9f6bd82364 nvidia-x11: 375.20 -> 375.26 2016-12-23 10:57:28 +01:00
Vladimír Čunát 2e03ae274d Merge branch 'master' into staging 2016-12-22 11:28:56 +01:00
Graham Christensen 3ffb5ba60c
linux:3.18.44 -> 3.18.45 2016-12-21 21:08:47 -05:00
Graham Christensen 53e21529d4
linux:3.12.68 -> 3.12.69 2016-12-21 21:08:47 -05:00
Jason A. Donenfeld 77588ca442 wireguard: 20161209 -> 20161218 (#21288) 2016-12-22 03:04:55 +01:00
Joachim Fasting 6758d157d2
multipath-tools: ensure gzip does not capture timestamp
gzip is originally called as 'gzip -9 -c'

This is a port of
a8e7ddd1df

Note that it does not seem to make a difference to `nix-build --check`.
2016-12-20 15:31:55 +01:00
Aristid Breitkreuz bb18e10ba0 Merge remote-tracking branch 'origin/master' into staging 2016-12-20 14:05:30 +01:00
Dan Peebles 377cef8d16 apple-sdk: 10.9 -> 10.11 2016-12-19 19:47:24 -05:00
Rok Garbas b7cfbf96d6 tp_smapi: updateScript added 2016-12-18 16:45:33 +01:00
Franz Pletz eb559d2b07
batman-adv: 2016.4 -> 2016.5 2016-12-18 05:23:38 +01:00
aszlig ffe71cbe19
kexec-tools: Add patch to fix build on ARM
Building on ARM fails with the following error:

kexec/arch/arm/phys_to_virt.o kexec/arch/arm/phys_to_virt.c
kexec/arch/arm/phys_to_virt.c:3:26: fatal error: phys_to_virt.h: No such file or directory

The patch I'm using is from Fedora:

http://pkgs.fedoraproject.org/cgit/rpms/kexec-tools.git/tree/kexec-tools-2.0.13-fix-armv7-build-failure.patch?id=97581f1a435aafa298a4d0bbcfaf40c63a41ce92

It has been reported upstream as well:

http://lists.infradead.org/pipermail/kexec/2016-September/017352.html

I'm adding the patch for all architectures, so that the next person to
upgrade kexec-tools doesn't forget that even while on x86.

Tested building with i686-linux, x86_64-linux and armv7l-linux.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-12-18 04:49:39 +01:00
Vladimír Čunát 86e4c9ed46
Merge branch 'master' into staging 2016-12-17 20:29:25 +01:00
Tim Steinbach 0e8e4a08f3
linux: 4.8.14 -> 4.8.15 2016-12-16 08:16:45 -05:00
Tim Steinbach cb9ff3f7f9
linux: 4.4.38 -> 4.4.39 2016-12-16 08:16:22 -05:00
Joachim Fasting f0e77cd07d
grsecurity: 4.8.14-201612110933 -> 4.8.15-201612151923 2016-12-16 12:46:44 +01:00
Franz Pletz a4586f87dc
wireguard: 20161129 -> 20161209 2016-12-16 12:16:39 +01:00
Will Dietz be24f1d364 musl: 1.1.11 -> 1.1.15, add security patch. (#21023) 2016-12-16 11:32:28 +01:00
Daiderd Jordan a01a5ed925
darwin.libunwind: fix source
Fixes #20977

since this was the same sha as the linux package nix just used that instead.
2016-12-15 21:11:04 +01:00
Jörg Thalheim 4714ca8b56 kexec-tools: 2.0.12 -> 2.0.13 (#21158)
also fix kexec by removing faulty hardeningFlags
2016-12-15 20:48:03 +01:00
Daiderd Jordan 87b3918d0b Merge pull request #21133 from matthewbauer/shell_cmds
shell_cmds: init at 198
2016-12-15 17:53:09 +01:00
Daniel Peebles 0f17a2ba1e Merge pull request #21167 from matthewbauer/remove-coreosmakefiles
darwin.CoreOSMakefiles: remove
2016-12-15 09:27:22 -05:00
Matthew Bauer ac4f27666e
darwin.CoreOSMakefiles: remove
This wasn't being used and it was causing an error when evaluating:

error: attribute ‘CoreOSMakefiles’ missing, at /Users/mbauer/Projects/nixpkgs2/pkgs/os-specific/darwin/apple-source-releases/default.nix:140:71
2016-12-14 23:45:19 -06:00
Matthew Bauer 83c7660279
shell_cmds: init at 187
fixes #11707
2016-12-14 21:18:09 -06:00
Daiderd Jordan 14bf940610
Revert "darwin.libunwind: fix install phase"
This reverts commit 76125722f0.
2016-12-15 00:37:37 +01:00
Daniel Peebles e6d28d6643 Merge pull request #21003 from LnL7/darwin-libunwind
darwin.libunwind: fix install phase
2016-12-14 18:03:24 -05:00
Graham Christensen 01d022e16b Merge pull request #21118 from grahamc/fix-rsa-build-failure
linux_{4_8,grsec_nixos}: patch to fix build failure
2016-12-13 09:15:50 -05:00
Joachim Fasting d918c80e13
grsecurity: disable verbose initify
Not as useful/informative as I had hoped.
2016-12-13 15:12:34 +01:00
Graham Christensen 7a813d3f6d
linux_{4_8,grsec_nixos}: patch to fix build failure
crypto/rsa_helper.c:18:28: fatal error: rsapubkey-asn1.h: No such file or directory
2016-12-13 07:25:46 -05:00
Jörg Thalheim 7c8d4cd9a9
wireguard: 0.0.20161116.1 -> 0.0.20161129 2016-12-12 14:41:43 +01:00
Shea Levy f6daae391f linux: add 4.9 2016-12-11 19:33:05 -05:00
Joachim Fasting 601058e0e2
grsecurity: 4.8.13-201612082118 -> 4.8.14-201612110933 2016-12-11 19:09:16 +01:00
Tim Steinbach f576c490e3
linux: 4.4.37 -> 4.4.38 2016-12-10 15:18:52 -05:00
Tim Steinbach b69822c505
linux: 4.8.13 -> 4.8.14 2016-12-10 15:15:44 -05:00
Tuomas Tynkkynen bdab6fe5a1 kernel: Use built-in dtbs_install target instead of rolling our own
In particular, on aarch64 all the .dtb files will be in subdirectories
and *.dtb won't match anything.
2016-12-10 20:24:08 +02:00
Franz Pletz 9074d9859e
linux: add patch to fix CVE-2016-8655
See https://lwn.net/Articles/708319/ for more information.
2016-12-10 17:08:42 +01:00
Frederik Rietdijk 033525c6b8 dstat: fix bad interpreter: No such file 2016-12-10 14:21:51 +01:00
Vladimír Čunát 0fa8ead76c
Merge #21029: nghttp2: 1.16.1 -> 1.17.0 2016-12-10 00:52:26 +01:00
Bjørn Forsman 2077385421 kernel: enable CONFIG_DYNAMIC_DEBUG (like Fedora and Ubuntu)
It was useful in tracking down CIFS + DFS issue, and it's apparently
enabled by default in two major distros.
2016-12-10 00:01:21 +02:00
Bjørn Forsman d429520b13 kernel: add CONFIG_CIFS_* like Fedora, Ubuntu
The plan is to fix mounting DFS shares on NixOS (for which some of these
options are needed), but I figured it might be a good idea to enable all
CONFIG_CIFS_* like Fedora 24 and Ubuntu 16.04 while at it. Ubuntu even
has CONFIG_CIFS_SMB311, but as Fedora do not, I left it out.

Mounting DFS shares still doesn't work; need to configure cifs.upcall
and /etc/request-key.conf. Until then, using GVFS as a workaround.
2016-12-10 00:01:21 +02:00
Bjørn Forsman fc6d82cf76 cifs-utils: add 'talloc' to buildInputs, to build cifs.upcall
Fixes this ./configure symptom:

  configure: WARNING: talloc.h not found, consider installing libtalloc-devel. Disabling cifs.upcall.

and is needed to (eventually) fix CIFS + DFS kernel mount on NixOS.
2016-12-10 00:01:21 +02:00
Vladimír Čunát b05b120779
Merge branch 'master' into staging 2016-12-09 19:11:05 +01:00
Joachim Fasting d1a5dc0b1c
grsecurity: 4.8.12-201612062306 -> 4.8.13-201612082118 2016-12-09 15:31:02 +01:00
Joachim Fasting 9a63779d64
grsecurity: use upstream url as the primary source 2016-12-09 15:31:00 +01:00
Joachim Fasting ca7cc96ee8
grsecurity: enable PAX_INITIFY
Uses gcc plugin to detect more instances where memory used during init
can be freed.
2016-12-09 15:30:40 +01:00
Tim Steinbach bfffbb5ea6
linux: 4.8.12 -> 4.8.13 2016-12-09 08:27:11 -05:00
Tim Steinbach e861a5f7af
linux: 4.4.36 -> 4.4.37 2016-12-09 08:26:46 -05:00
Daiderd Jordan 76125722f0
darwin.libunwind: fix install phase 2016-12-09 00:08:58 +01:00
Joachim Fasting af1202434a
ndiswrapper: mark as broken
Build fails across all our kernels.  There is a new version 1.60, but
it, too, fails to build.  Until somebody comes along to patch around it,
we might as well mark this as broken.
2016-12-08 23:12:32 +01:00
Joachim Fasting 5fd4ffe00f
grsecurity: 4.8.12-201612031658 -> 201612062306 2016-12-08 12:22:13 +01:00
Dmytro Rets e8220d3264
Update broadcom URL for broadcom-sta driver. 2016-12-08 11:50:31 +02:00
Anthony Cowley 1712366bac
apple-sdk: Include system cups libraries
The SDK includes cups header files, but not the libraries. The
`nixpkgs.cups` definition doesn't build on darwin due to the SDK being
too old. This change symlinks the system cups libraries into the old
SDK.
2016-12-07 23:14:38 +01:00
Tim Steinbach c9d1d430ec
linux: 4.9-rc7 -> 4.9-rc8 2016-12-05 19:40:11 -05:00
Joachim Fasting 9578299bbe
grsecurity: 4.8.11-201611271225 -> 4.8.12-201612031658 2016-12-06 01:24:32 +01:00
Joachim Fasting cc396697a6
grsecurity: enable ability to lock in readonly mounts 2016-12-06 01:24:12 +01:00
Joachim Fasting 0e765c72e5
grsecurity: enable module hardening 2016-12-06 01:23:58 +01:00
Joachim Fasting 071fbcda24
grsecurity: enable optional sysfs restrictions
Fairly severe, but can be disabled at bootup via
grsec_sysfs_restrict=0. For the NixOS module we ensure that it is
disabled, for systemd compatibility.
2016-12-06 01:23:36 +01:00
Joachim Fasting 8c1f5afdf3
grsecurity: delay toggling of sysctls until system is up
We generally trust init, so there's little point in having these enabled
during early bootup; it accomplishes little except fill our logs with
spam.
2016-12-06 01:22:53 +01:00
Tuomas Tynkkynen f91458ca38 reattach-to-user-namespace: Set platforms 2016-12-05 02:36:54 +02:00
Tuomas Tynkkynen 9ccc14b1bc linux_rpi: Add some feature flags
Copied from linux_4_4 (except for the EFI stub thing).

Otherwise the firewall module fails to evaluate:
Failed assertions:
- This kernel does not support rpfilter
2016-12-04 18:18:06 +02:00
Jörg Thalheim e00632e200 Merge pull request #20858 from Mic92/lxcfs
lxcfs: init at 2.0.4
2016-12-04 11:33:07 +01:00
Tim Steinbach 4f8b74b401 Merge pull request #20866 from NeQuissimus/linux_4_8_12
linux: 4.8.11 -> 4.8.12
2016-12-02 18:28:46 -05:00
Tim Steinbach 853b6493c8
linux: 4.8.11 -> 4.8.12 2016-12-02 14:29:00 -05:00
Tim Steinbach 654f5df5dc
linux: 4.4.35 -> 4.4.36 2016-12-02 14:28:26 -05:00
Jörg Thalheim af609b0254
lxcfs: init at 2.0.4 2016-12-02 13:52:03 +01:00
Tim Steinbach 5afc6b506c
linux: 4.1.35 -> 4.1.36 2016-12-01 20:34:02 -05:00
Joachim F 85ecde87c8 Merge pull request #20804 from danbst/fix-shadow
shadow: fix collision with coreutils (man groups.1.gz)
2016-12-01 23:08:30 +01:00
danbst ac51528df8 shadow: fix collision with coreutils (man groups.1.gz)
The `groups.1.gz` collides with one from coreutils. The code to fix this
was already present in expression, but wrongly assumes that share/man/man1
directory will be copied to `man` output after `installPhase`.

It turned out, that man directory is set at configure step, so we should
remove file from `man` output.
2016-11-30 01:44:28 +02:00
Tim Steinbach 18a3225dac
linux: 3.12.67 -> 3.12.68 2016-11-29 17:40:17 -05:00
Tuomas Tynkkynen 8a4d6516ee Merge remote-tracking branch 'upstream/staging' into master 2016-11-30 00:34:23 +02:00
Franz Pletz e43f2fc868
Revert "lxc: 2.0.4 -> 2.0.6"
This reverts commit 5d804566df.

This was an error on my part. I had the commit sitting on my local master
and pulled upstream to rebase my commit before pushing. I didn't notice
there was a commit bumping lxc and the auto-merge on the rebase.
2016-11-29 15:42:37 +01:00
Matt McHenry f0bdca82c0 linuxPackages.ati_drivers_x11: patch for kernel 4.7+ (#19810) 2016-11-28 19:56:50 +01:00
Franz Pletz 5d804566df
lxc: 2.0.4 -> 2.0.6
Fixes CVE-2016-8649.

See https://lists.linuxcontainers.org/pipermail/lxc-users/2016-November/012597.html.
2016-11-28 19:04:42 +01:00
Peter Simons 21a5532c57 Merge pull request #20766 from avnik/update/lxc
lxc: 2.0.4 -> 2.0.6 (security)
2016-11-28 15:13:10 +01:00
Alexander V. Nikolaev a8eeef62e6 lxc: 2.0.4 -> 2.0.6 (security)
https://security-tracker.debian.org/tracker/CVE-2016-8649
2016-11-28 15:17:06 +02:00
Alexander V. Nikolaev 121da5e938 lxc: fix sandbox builds
Package attempt to write /etc/bash_completion.d, I directed it to
"${out}/etc/bash_completion.d" as it was suggested.
2016-11-28 15:17:05 +02:00
Graham Christensen 04edf297cc Merge pull request #20676 from matthewbauer/file_cmds
file_cmds: init at 264.1.1
2016-11-28 06:48:18 -05:00
Joachim Fasting 5da1394a58
Revert "gradm: fix using gradm while the RBAC system is active"
This reverts commit fdbf7dc8b3.

Unfortunately, while gradm now works when the RBAC system is enabled,
gradm still fails when full system learning is enabled, so I probably
need to try again later.
2016-11-28 11:41:12 +01:00
Joachim Fasting b90ed0cc80
grsecurity: 4.8.10-201611232213 -> 4.8.11-201611271225 2016-11-28 11:41:10 +01:00
Joachim Fasting 4c7323545b
Revert "grsecurity: work around for #20490"
This reverts commit e38b74ba89.

I failed to notice f19c961b4e461da045f2e72e73701059e5117be0; better
use that fix instead.
2016-11-28 11:40:55 +01:00
Matthew Bauer bd57e32312
file_cmds: init at 264.1.1 2016-11-27 21:58:07 -06:00
Tim Steinbach eecf76eaa2
linux: 4.9-rc6 -> 4.9-rc7 2016-11-27 19:48:24 -05:00
Tuomas Tynkkynen 86ea3126bc linux_rpi: 1.20160620 -> 1.20161020 2016-11-28 00:24:00 +02:00
Tuomas Tynkkynen 25d6bfa258 raspberrypifw: 1.20160620 -> 1.20161020 2016-11-28 00:23:40 +02:00
Tim Steinbach b47307bd74
linux: 4.8.10 -> 4.8.11 2016-11-26 16:29:23 -05:00
Tim Steinbach cc77360bed
linux: 4.4.34 -> 4.4.35 2016-11-26 16:28:58 -05:00
Jörg Thalheim 01172c2ccf Merge pull request #20591 from NeQuissimus/linux_4_9_rc6
linux: 4.9-rc5 -> 4.9-rc6
2016-11-26 16:00:16 +01:00
Vladimír Čunát 925b335607
Merge branch 'master' into staging 2016-11-26 11:27:09 +01:00
Frederik Rietdijk 231cd277df nvidia-x11: 367.57 -> 375.20 2016-11-26 09:31:10 +01:00
Joachim Fasting fdbf7dc8b3
gradm: fix using gradm while the RBAC system is active
The built-in ACL prevents the gradm binary from loading dynamic
libraries from the Nix store.  Thus, once the RBAC system is activated,
the gradm binary cannot be used.

Fix by patching in rules to allow references to the Nix store where
appropriate.
2016-11-26 02:59:35 +01:00
Frederik Rietdijk 6a8c708d6d cryptsetup: use python2 2016-11-24 22:28:04 +01:00
Frederik Rietdijk d8b0096704 dstat: use python2 2016-11-24 22:28:03 +01:00
Joachim Fasting f9d787c67b
grsecurity: 4.8.10-201611210813 -> 201611232213 2016-11-24 12:08:12 +01:00
Nikolay Amiantov be95ceaff2 treewide: quote URLs in my packages 2016-11-24 01:17:52 +03:00
Franz Pletz 7974d7493a
linux: compress kernel image with xz 2016-11-23 02:24:13 +01:00
Tim Steinbach e4a1b76457
linux: 4.8.9 -> 4.8.10 2016-11-21 18:07:17 -05:00
Tim Steinbach d62069aca4
linux: 4.4.33 -> 4.4.34 2016-11-21 18:06:57 -05:00
Joachim Fasting 96194467e6
grsecurity: 4.8.8-201611150756 -> 4.8.10-201611210813 2016-11-21 23:15:14 +01:00
Tim Steinbach f6bbc6c477
linux: 4.9-rc5 -> 4.9-rc6 2016-11-20 17:23:32 -05:00
Joachim Fasting 6d428242a9
linuxPackages.spl: now builds against grsecurity kernel 2016-11-20 23:01:34 +01:00
Joachim Fasting 0df3553a38
paxtest: 0.9.14 -> 0.9.15 2016-11-20 23:01:31 +01:00
Joachim Fasting 32c71c06d2
pax-utils: 1.1.6 -> 1.1.7 2016-11-20 23:01:28 +01:00
Pascal Wittmann f7e0bc2ae7
Make all meta.maintainers attributes lists 2016-11-20 18:06:03 +01:00
Franz Pletz 1fec301ac5
zfs: remove zfs-tests
Removes runtime dependency on gcc and reduces closure size by more than 110MB.
2016-11-20 04:49:42 +01:00
Franz Pletz 94731510c4
wireguard: 0.0.20161110 -> 0.0.20161116.1 2016-11-20 04:48:56 +01:00
Shea Levy 12cc39514e ios-cross: Document known prefixes 2016-11-19 10:29:01 -05:00
Tim Steinbach 13491f9f48 Merge pull request #20552 from NeQuissimus/linux_4_8_9
linux: 4.8.8 -> 4.8.9
2016-11-19 09:03:00 -05:00
Tim Steinbach d3b8a77834
linux: 4.4.32 -> 4.4.33 2016-11-19 08:56:31 -05:00
Tim Steinbach 250224bf01
linux: 4.8.8 -> 4.8.9 2016-11-19 08:55:57 -05:00
Vladimír Čunát b69f568f4c
Merge branch 'staging'
Hydra rebuild looks fine; only a few Darwin jobs is queued:
http://hydra.nixos.org/eval/1304891?compare=1304807
2016-11-19 04:35:51 +01:00
Shea Levy 6f1d4149d5 ios-cross: Fix for simulator 2016-11-18 18:14:20 -05:00
Shea Levy 64ec4dd87b Add haskell packages set for cross ghc 2016-11-18 10:44:53 -05:00
Joachim Fasting e38b74ba89
grsecurity: work around for #20490
In `scripts/Makefile.modinst`, the code that generates the list of
modules to install passes file names via the command line.  When
installing a grsecurity kernel, this list appears to exceed the
shell's argument list limit, as in

    make[2]: execvp: /nix/store/[...]-bash-4.3-p46/bin/bash: Argument list too long

The build does not fail, however, but the list of modules to be installed ends
up being empty.  Thus, the resulting kernel package output contains no modules,
rendering it useless.

We work around this by patching the makefile to use `find -exec` to
process files.  Why this would occur for grsecurity and not other
kernels is unknown, most likely there's something *else* that is
actually causing this behaviour, so this is a temporary fix until that
cause is found.

Fixes https://github.com/NixOS/nixpkgs/issues/20490
2016-11-18 16:14:26 +01:00
Vladimír Čunát 8b565d6478
Merge #20081: update alsa lib, plugins and utils 2016-11-17 11:26:00 +01:00
Vladimír Čunát 5af7b82336
Merge branch 'master' into staging
To incorporate some larger security rebuilds (jasper).
2016-11-17 11:14:05 +01:00
Franz Pletz ba73dbbda6
batman-adv: 2016.3 -> 2016.4 2016-11-17 08:14:18 +01:00
Daniel Peebles f6a7296499 Merge pull request #16540 from matthewbauer/xcbuild
xcbuild: add wrapper
2016-11-16 12:11:15 -05:00
Matthew Bauer fc1f6f55ea
xcbuild: Get rid of developer.nix, move to wrapper
also:

- add custom outputs "specs" for xcbuild
- get rid of unneeded tools
- update xcbuild
- add more comments
- fixup xcbuild derivations

Affected xcbuild derivations include:

- adv_cmds
- network_cmds
- basic_cmds
2016-11-15 19:13:23 -06:00
Matthew Bauer 4685bd7853
xcbuild: update meta and comments 2016-11-15 19:13:22 -06:00
Matthew Bauer 25485ece2a
xcbuild: add name to platform.nix 2016-11-15 18:58:13 -06:00
Matthew Bauer 9f46587841
network_cmds: init at 481.20.1
Fixes #16764
2016-11-15 18:58:13 -06:00
Matthew Bauer 3b17d9e35e
developer_cmds: init at 62 2016-11-15 18:58:13 -06:00
Matthew Bauer 823772b056
Librpcsvc: init at 26 2016-11-15 18:58:12 -06:00
Matthew Bauer 4a01a37051
basic_cmds: init at 55 2016-11-15 18:58:12 -06:00
Matthew Bauer a35b330f30
adv_cmds: move from all-packages
Use the old way with pkgs/os-specific/darwin/apple-source-releases/defuault.nix.
2016-11-15 18:58:11 -06:00
Matthew Bauer 1ee8685ee7
adv_cmds: add custom install phase 2016-11-15 18:58:10 -06:00
Matthew Bauer f1897116d0
xcbuild: temporarily fix cflags/ldflags
This gets everything to build.

adv_cmds: remove NIX_LDFLAGS

- unneeded
2016-11-15 18:58:09 -06:00
Matthew Bauer 6c1858a93d
adv_cmds: Disable pkill.
pkill isn't building because of some missing headers:

- xpc/xpc.h
- os/base_private.h
- _simple.h

They are all available somewhere but not set up correctly in the Darwin
stdenv.

TODO: add pkill back in!
2016-11-15 18:58:09 -06:00
Matthew Bauer 8e301fab50
adv_cmds: add xcode derivation 2016-11-15 18:58:08 -06:00
Tim Steinbach a4cd6f1378 Merge pull request #20441 from NeQuissimus/linux_4_4_32
linux: 4.4.31 -> 4.4.32
2016-11-15 17:49:00 -05:00
Tim Steinbach 819884119c Merge pull request #20439 from NeQuissimus/linux_4_8_8
linux: 4.8.7 -> 4.8.8
2016-11-15 17:48:07 -05:00
Joachim Fasting 0d4e1b5edd
grsecurity: 4.8.7-201611142350 -> 4.8.8-201611150756 2016-11-15 22:57:25 +01:00
Shea Levy 7df3d7446f Add initial basic support for cross-compiling to iOS 2016-11-15 16:31:55 -05:00
Tim Steinbach 24c342fde7
linux: 4.4.31 -> 4.4.32 2016-11-15 12:31:27 -05:00
Tim Steinbach 9e851d3b11
linux: 4.8.7 -> 4.8.8 2016-11-15 12:30:55 -05:00
Joachim Fasting afab1a948e
grsecurity: 4.8.7-201611102210 -> 201611142350 2016-11-15 13:11:47 +01:00
Franz Pletz c9bd751a16 Merge pull request #20405 from Mic92/wireguard
wireguard: 2016-10-25 -> 0.0.20161110
2016-11-15 01:54:17 +01:00
Vladimír Čunát b5e89fe9bf
Merge branch 'master' into staging 2016-11-15 00:20:19 +01:00
John Wiegley aa23309a39
Add a patch for cctools to work with Xcode 8 2016-11-14 13:30:28 -08:00
Thomas Tuegel ad7d59c59f Merge pull request #20369 from asymmetric/bluez
bluez: 5.40 -> 5.43
2016-11-14 15:27:41 -06:00
Daiderd Jordan 52d4599b52
Revert "Update hash for xnu 3248.60.10, the tarball changed upstream, it seems."
This reverts commit 328ad17858.
2016-11-14 16:21:59 +01:00
Tim Steinbach f7fd568678 Merge pull request #20413 from NeQuissimus/linux_4_9_rc5
linux: 4.9-rc4 -> 4.9-rc5
2016-11-14 10:05:20 -05:00