1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-12-12 07:34:36 +00:00
Commit graph

2339 commits

Author SHA1 Message Date
Franz Pletz 8a6fce5431 ndjbdns: 1.05.9 -> 1.06 2016-07-17 17:15:23 +02:00
Eelco Dolstra 211bed46c4 Merge pull request #17004 from rickynils/openssh_privsep_dir
openssh: Use the default privilege separation dir (/var/empty)
2016-07-17 13:28:44 +02:00
Joachim F 5c837e952d Merge pull request #17001 from womfoo/fix/vtun
vtun: add debian gcc5 fix
2016-07-16 21:26:50 +02:00
Kranium Gikos Mendoza 16cc4dd3a3 vtun: add debian gcc5 fix 2016-07-16 21:07:21 +08:00
Joachim F 0fdd630965 Merge pull request #16726 from womfoo/bump/proxychains-4.2.0
proxychains: 4.0.1-head -> 4.2.0
2016-07-16 13:19:26 +02:00
Rickard Nilsson 4f8f1c30cb openssh: Use the default privilege separation dir (/var/empty)
(This is a rewritten version of the reverted commit
a927709a35, that disables the creation of
/var/empty during build so that sandboxed builds also works. For more
context, see https://github.com/NixOS/nixpkgs/pull/16966)

If running NixOS inside a container where the host's root-owned files
and directories have been mapped to some other uid (like nobody), the
ssh daemon fails to start, producing this error message:

fatal: /nix/store/...-openssh-7.2p2/empty must be owned by root and not group or world-writable.

The reason for this is that when openssh is built, we explicitly set
`--with-privsep-path=$out/empty`. This commit removes that flag which
causes the default directory /var/empty to be used instead. Since NixOS'
activation script correctly sets up that directory, the ssh daemon now
also works within containers that have a non-root-owned nix store.
2016-07-16 10:15:58 +02:00
Frederik Rietdijk 2e986016d0 Merge pull request #16946 from phanimahesh/fix-16198
Fix typo: s/propogate/propagate/
2016-07-15 15:00:01 +02:00
Bjørn Forsman 2ad0a84751 Revert "openssh: Use the default privilege separation dir (/var/empty)"
This reverts commit a927709a35 because it
doesn't build:

$ nix-build -A openssh
...
mkdir /nix/store/yl2xap8n1by3dqxgc4rmrc4s753676a3-openssh-7.2p2/libexec
(umask 022 ; ./mkinstalldirs /var/empty)
mkdir /var
mkdir: cannot create directory '/var': Permission denied
mkdir /var/empty
mkdir: cannot create directory '/var/empty': No such file or directory
make: *** [Makefile:304: install-files] Error 1
builder for ‘/nix/store/ifygp4mqpv7l8cgp0njp8w7lmrl6brpp-openssh-7.2p2.drv’ failed with exit code 2
2016-07-15 12:42:37 +02:00
Rickard Nilsson a927709a35 openssh: Use the default privilege separation dir (/var/empty)
If running NixOS inside a container where the host's root-owned files
and directories have been mapped to some other uid (like nobody), the
ssh daemon fails to start, producing this error message:

fatal: /nix/store/...-openssh-7.2p2/empty must be owned by root and not group or world-writable.

The reason for this is that when openssh is built, we explicitly set
`--with-privsep-path=$out/empty`. This commit removes that flag which
causes the default directory /var/empty to be used instead. Since NixOS'
activation script correctly sets up that directory, the ssh daemon now
also works within containers that have a non-root-owned nix store.
2016-07-14 20:54:06 +02:00
zimbatm dc6306a69d zerotierone: 1.1.6 -> 1.1.12 2016-07-14 14:02:54 +01:00
J Phani Mahesh ac19f09122 wicd: propogatedBuildInputs -> propagatedBuildInputs 2016-07-14 17:23:06 +05:30
Ioannis Koutras d861911263 ocproxy: init at 1.50 2016-07-13 17:15:23 +03:00
Robert Helgesson c9b9619636 nethogs: 0.8.1 -> 0.8.5 2016-07-13 13:17:24 +02:00
Arseniy Seroka a7f87bd518 Merge pull request #16904 from womfoo/fix-bump/smbldaptools-0.9.11
smbldaptools: 0.9.10 -> 0.9.11
2016-07-13 14:52:07 +04:00
Kranium Gikos Mendoza d5e70a2adc smbldaptools: 0.9.10 -> 0.9.11 2016-07-13 09:01:25 +08:00
joachifm 3df7f3cbc3 Merge pull request #16831 from womfoo/fix-bump/gtkgnutella-1.1.9
gtk-gnutella: fix build and 1.1.5 -> 1.1.9
2016-07-12 16:21:36 +02:00
joachifm 7a54a71c9e Merge pull request #16808 from 4z3/urlwatch
urlwatch: 2.1 -> 2.2
2016-07-12 16:20:17 +02:00
Gabriel Ebner 51e1b2508c Merge pull request #16878 from womfoo/bump/siege-4.0.2
siege: 4.0.1 -> 4.0.2
2016-07-12 08:23:15 +02:00
Kranium Gikos Mendoza e54223e8bb siege: 4.0.1 -> 4.0.2 2016-07-12 13:31:31 +08:00
Gabriel Ebner ad41b8fa19 mu: fix build of webkit support and re-enable it 2016-07-11 10:37:31 +02:00
Jookia ba2232f1f2 srelay: init at 0.4.8b6 (#16833) 2016-07-11 03:41:02 +02:00
Franz Pletz bdf4c0d21f ntp: 4.2.8p6 -> 4.2.8p8 (security)
Fixes CVE-2016-4953, CVE-2016-4954, CVE-2016-4955, CVE-2016-4956.
2016-07-10 10:48:11 +02:00
Franz Pletz 033e593a4f dnsmasq: 2.75 -> 2.76 (security)
Fixes CVE-2015-8899.
2016-07-10 10:48:10 +02:00
Franz Pletz b8ecb949e6 haproxy: 1.6.5 -> 1.6.6 (security)
Fixes at least CVE-2016-5360.
2016-07-10 10:46:22 +02:00
Franz Pletz f1f6dc9b87 shadowsocks-libev: polarssl is now called mbedtls 2016-07-10 10:26:14 +02:00
Kranium Gikos Mendoza f854c7d4f4 gtk-gnutella: 1.1.5 -> 1.1.9 2016-07-10 11:21:28 +08:00
Matthias Beyer 340a5d6fbf openvpn: 2.3.10 -> 2.3.11
Taken from #15856.
2016-07-09 15:04:55 +02:00
Miguel Madrid 57e1a6c48d traceroute: 2.0.21 -> 2.1.0 (#16809) 2016-07-09 14:40:14 +02:00
tv 93b246287b urlwatch: 2.1 -> 2.2 2016-07-09 12:16:30 +02:00
Kranium Gikos Mendoza 796ced26aa proxychains: 4.0.1-head -> 4.2.0 2016-07-05 19:24:21 +08:00
Rahul Gopinath 27a9ef8709 mailutils: fix build break
See #14606 for the breakage. It is fixed by using default guile 2.0
Also addes support for fribidi, sasl, and gssapi
2016-07-03 22:50:39 -07:00
zimbatm 17d6abb771 Merge pull request #16676 from mpscholten/maphosts2
maphosts: Don't provide bundler anymore
2016-07-03 18:10:33 +01:00
Marc Scholten a11f780274 maphosts: Don't provide bundler anymore 2016-07-03 17:59:23 +02:00
Joachim Fasting 291c454d5e Merge pull request #16594 from mpscholten/maphosts2
maphosts: init at 1.1.1
2016-07-02 14:05:09 +02:00
Daniel Fullmer 3f4f3c4005 zerotierone: 1.1.4 -> 1.1.6 2016-06-29 21:45:40 -04:00
Marc Scholten 479c08750a maphosts: init at 1.1.1 2016-06-29 13:31:54 +02:00
Franz Pletz 85d0570d14 haproxy: 1.6.4 -> 1.6.5 2016-06-27 00:11:16 +02:00
Franz Pletz 815d2a0583 iperf3: 3.1 -> 3.1.3 2016-06-27 00:11:16 +02:00
obadz e13a76f978 Merge pull request #16467 from groxxda/bump/networkmanager
networkmanager: cleanup
2016-06-23 23:41:44 +01:00
obadz 24520af0fa network-manager/l2tp: remove workaround that's now in main repo 2016-06-23 23:35:43 +01:00
Alexander Ried a6a11b3852 network-manager-applet: remove unused dbus_glib dependency 2016-06-23 23:12:41 +02:00
Alexander Ried 64a9dc4dd7 networkmanager: cleanup 2016-06-23 23:12:41 +02:00
Alexander Ried c1319572d4 networkmanager: Dependency on avahi-autoipd has been dropped.
Native IPv4 link-local addressing configuration based on systemd network library is now used instead.
2016-06-23 23:12:41 +02:00
obadz a709f60d7b networkmanager/l2tp: fix format error on x86/32bit 2016-06-23 12:32:59 +01:00
zimbatm b0487cb402 Merge pull request #16408 from arpa2/unbound
unbound: 1.5.8 -> 1.5.9
2016-06-22 21:44:54 +01:00
Joachim Fasting 1d98608e43 Merge pull request #16362 from womfoo/aria2
aria2: 1.23.0 -> 1.24.0
2016-06-22 19:04:18 +02:00
obadz f540e09a8b Merge pull request #16412 from obadz/networkmanager-1.2
NetworkManager & plugins: upgrade to 1.2
2016-06-22 15:12:23 +01:00
obadz a9e995d679 network-manager & plugins: no longer remove -Werror and friends
Code using deprecated APIs has been removed
See comment by @dkosovic on the matter:
https://github.com/xelerance/xl2tpd/issues/108#issuecomment-227621314
2016-06-22 03:16:20 +01:00
obadz 2cf9b5a6c0 network-manager/vpnc: 1.0.12 -> 1.2.2 2016-06-22 03:16:20 +01:00
obadz f337c2cf9c network-manager/openconnect: 1.0.2 -> 1.2.2 2016-06-22 03:16:20 +01:00