1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-12-25 03:17:13 +00:00
Commit graph

5890 commits

Author SHA1 Message Date
Tim Steinbach eecf76eaa2
linux: 4.9-rc6 -> 4.9-rc7 2016-11-27 19:48:24 -05:00
Tuomas Tynkkynen 86ea3126bc linux_rpi: 1.20160620 -> 1.20161020 2016-11-28 00:24:00 +02:00
Tuomas Tynkkynen 25d6bfa258 raspberrypifw: 1.20160620 -> 1.20161020 2016-11-28 00:23:40 +02:00
Tim Steinbach b47307bd74
linux: 4.8.10 -> 4.8.11 2016-11-26 16:29:23 -05:00
Tim Steinbach cc77360bed
linux: 4.4.34 -> 4.4.35 2016-11-26 16:28:58 -05:00
Jörg Thalheim 01172c2ccf Merge pull request #20591 from NeQuissimus/linux_4_9_rc6
linux: 4.9-rc5 -> 4.9-rc6
2016-11-26 16:00:16 +01:00
Vladimír Čunát 925b335607
Merge branch 'master' into staging 2016-11-26 11:27:09 +01:00
Frederik Rietdijk 231cd277df nvidia-x11: 367.57 -> 375.20 2016-11-26 09:31:10 +01:00
Joachim Fasting fdbf7dc8b3
gradm: fix using gradm while the RBAC system is active
The built-in ACL prevents the gradm binary from loading dynamic
libraries from the Nix store.  Thus, once the RBAC system is activated,
the gradm binary cannot be used.

Fix by patching in rules to allow references to the Nix store where
appropriate.
2016-11-26 02:59:35 +01:00
Frederik Rietdijk 6a8c708d6d cryptsetup: use python2 2016-11-24 22:28:04 +01:00
Frederik Rietdijk d8b0096704 dstat: use python2 2016-11-24 22:28:03 +01:00
Joachim Fasting f9d787c67b
grsecurity: 4.8.10-201611210813 -> 201611232213 2016-11-24 12:08:12 +01:00
Nikolay Amiantov be95ceaff2 treewide: quote URLs in my packages 2016-11-24 01:17:52 +03:00
Franz Pletz 7974d7493a
linux: compress kernel image with xz 2016-11-23 02:24:13 +01:00
Tim Steinbach e4a1b76457
linux: 4.8.9 -> 4.8.10 2016-11-21 18:07:17 -05:00
Tim Steinbach d62069aca4
linux: 4.4.33 -> 4.4.34 2016-11-21 18:06:57 -05:00
Joachim Fasting 96194467e6
grsecurity: 4.8.8-201611150756 -> 4.8.10-201611210813 2016-11-21 23:15:14 +01:00
Tim Steinbach f6bbc6c477
linux: 4.9-rc5 -> 4.9-rc6 2016-11-20 17:23:32 -05:00
Joachim Fasting 6d428242a9
linuxPackages.spl: now builds against grsecurity kernel 2016-11-20 23:01:34 +01:00
Joachim Fasting 0df3553a38
paxtest: 0.9.14 -> 0.9.15 2016-11-20 23:01:31 +01:00
Joachim Fasting 32c71c06d2
pax-utils: 1.1.6 -> 1.1.7 2016-11-20 23:01:28 +01:00
Pascal Wittmann f7e0bc2ae7
Make all meta.maintainers attributes lists 2016-11-20 18:06:03 +01:00
Franz Pletz 1fec301ac5
zfs: remove zfs-tests
Removes runtime dependency on gcc and reduces closure size by more than 110MB.
2016-11-20 04:49:42 +01:00
Franz Pletz 94731510c4
wireguard: 0.0.20161110 -> 0.0.20161116.1 2016-11-20 04:48:56 +01:00
Tim Steinbach 13491f9f48 Merge pull request #20552 from NeQuissimus/linux_4_8_9
linux: 4.8.8 -> 4.8.9
2016-11-19 09:03:00 -05:00
Tim Steinbach d3b8a77834
linux: 4.4.32 -> 4.4.33 2016-11-19 08:56:31 -05:00
Tim Steinbach 250224bf01
linux: 4.8.8 -> 4.8.9 2016-11-19 08:55:57 -05:00
Vladimír Čunát b69f568f4c
Merge branch 'staging'
Hydra rebuild looks fine; only a few Darwin jobs is queued:
http://hydra.nixos.org/eval/1304891?compare=1304807
2016-11-19 04:35:51 +01:00
Joachim Fasting e38b74ba89
grsecurity: work around for #20490
In `scripts/Makefile.modinst`, the code that generates the list of
modules to install passes file names via the command line.  When
installing a grsecurity kernel, this list appears to exceed the
shell's argument list limit, as in

    make[2]: execvp: /nix/store/[...]-bash-4.3-p46/bin/bash: Argument list too long

The build does not fail, however, but the list of modules to be installed ends
up being empty.  Thus, the resulting kernel package output contains no modules,
rendering it useless.

We work around this by patching the makefile to use `find -exec` to
process files.  Why this would occur for grsecurity and not other
kernels is unknown, most likely there's something *else* that is
actually causing this behaviour, so this is a temporary fix until that
cause is found.

Fixes https://github.com/NixOS/nixpkgs/issues/20490
2016-11-18 16:14:26 +01:00
Vladimír Čunát 8b565d6478
Merge #20081: update alsa lib, plugins and utils 2016-11-17 11:26:00 +01:00
Franz Pletz ba73dbbda6
batman-adv: 2016.3 -> 2016.4 2016-11-17 08:14:18 +01:00
Tim Steinbach a4cd6f1378 Merge pull request #20441 from NeQuissimus/linux_4_4_32
linux: 4.4.31 -> 4.4.32
2016-11-15 17:49:00 -05:00
Tim Steinbach 819884119c Merge pull request #20439 from NeQuissimus/linux_4_8_8
linux: 4.8.7 -> 4.8.8
2016-11-15 17:48:07 -05:00
Joachim Fasting 0d4e1b5edd
grsecurity: 4.8.7-201611142350 -> 4.8.8-201611150756 2016-11-15 22:57:25 +01:00
Tim Steinbach 24c342fde7
linux: 4.4.31 -> 4.4.32 2016-11-15 12:31:27 -05:00
Tim Steinbach 9e851d3b11
linux: 4.8.7 -> 4.8.8 2016-11-15 12:30:55 -05:00
Joachim Fasting afab1a948e
grsecurity: 4.8.7-201611102210 -> 201611142350 2016-11-15 13:11:47 +01:00
Franz Pletz c9bd751a16 Merge pull request #20405 from Mic92/wireguard
wireguard: 2016-10-25 -> 0.0.20161110
2016-11-15 01:54:17 +01:00
Thomas Tuegel ad7d59c59f Merge pull request #20369 from asymmetric/bluez
bluez: 5.40 -> 5.43
2016-11-14 15:27:41 -06:00
Tim Steinbach f7fd568678 Merge pull request #20413 from NeQuissimus/linux_4_9_rc5
linux: 4.9-rc4 -> 4.9-rc5
2016-11-14 10:05:20 -05:00
Tim Steinbach a87c8ad05f
linux: 4.9-rc4 -> 4.9-rc5 2016-11-14 09:40:27 -05:00
Tim Steinbach 91ae568ec7
broadcom_sta: Fix hash 2016-11-14 09:36:06 -05:00
Jörg Thalheim c0f9bc9b4e
wireguard: 2016-10-25 -> 0.0.20161110 2016-11-14 09:29:58 +01:00
Joachim Fasting cad9212813
grsecurity: 4.7.10-201611011946 -> 4.8.7-201611102210 2016-11-14 00:16:19 +01:00
Vladimír Čunát 1ac5869907
Merge #19936: vulkan / amdgpu-pro update 2016-11-13 20:06:40 +01:00
David McFarland 3d4a280c35 amdgpu-pro: 16.30.3-315407 -> 16.40-348864 2016-11-13 12:44:28 -04:00
David McFarland e1a25aeb65 amdgpu-pro: fix kernel module for linux-4.8 2016-11-13 12:44:28 -04:00
David McFarland 6bf27c2cae vulkan-loader: allow validation layers to be enabled
The loader now uses XDK_DATA_DIRS to find drivers and layers.
2016-11-13 12:44:27 -04:00
Lorenzo Manacorda b83c0783d3 bluez: 5.40 -> 5.43 2016-11-12 18:12:10 +01:00
Joachim Fasting 081a871771
Revert "Merge pull request #20302 from spacekitteh/patch-10"
This reverts commit e02173c70c, reversing
changes made to c2b4a0d266.

Breaks all grsec packages; Not having binary substitutes for no good
reason is disruptive to my workflow, so I'll just revert this for now.
2016-11-12 14:02:20 +01:00
Tim Steinbach e02173c70c Merge pull request #20302 from spacekitteh/patch-10
grsecurity_testing: 4.7.10 -> 4.8.7
2016-11-11 22:03:39 -05:00
Sophie Taylor fa180d0d63 grsec: 4.8.6 -> 4.8.7 2016-11-12 12:54:47 +10:00
Tim Steinbach c2b4a0d266 Merge pull request #20327 from NeQuissimus/linux_4_9_rc4
linux: 4.9-rc3 -> 4.9-rc4
2016-11-11 18:11:02 -05:00
Tim Steinbach 52cc30cd87 Merge pull request #20326 from NeQuissimus/linux_3_12_67
linux: 3.12.66 -> 3.12.67
2016-11-11 18:10:16 -05:00
Tim Steinbach 933dfca167 Merge pull request #20322 from NeQuissimus/linux_4_8_7
linux: 4.8.6 -> 4.8.7
2016-11-10 21:12:06 -05:00
Tim Steinbach ad19b9bde5
linux: 4.9-rc3 -> 4.9-rc4 2016-11-10 21:08:28 -05:00
Tim Steinbach 0a1f39eb91
linux: 4.8.6 -> 4.8.7 2016-11-10 21:07:56 -05:00
Tim Steinbach 579f5fd9dd
linux: 4.4.30 -> 4.4.31 2016-11-10 21:07:24 -05:00
Tim Steinbach cc62ecc2d9
linux: 3.12.66 -> 3.12.67 2016-11-10 21:06:54 -05:00
Tuomas Tynkkynen 74ecbbe4e3 kernel config: Ensure SECCOMP_FILTER is enabled
As noted in a97db109a2, SECCOMP_FILTER must be enabled or systemd gets
very unhappy.
2016-11-11 02:10:20 +02:00
Peter Hoeg cb93b34999 SMB2 support for CIFS
[tuomas: removed unneeded kernel version check]
Signed-off-by: Tuomas Tynkkynen <tuomas@tuxera.com>
2016-11-11 02:10:20 +02:00
Sophie Taylor 6476f11f40 grsecurity patch update to kernel 4.8.6 2016-11-10 12:44:22 +10:00
Tim Digel 4a7cf195a4 molly-guard: init at 0.6.3 2016-11-09 14:39:44 +01:00
Tobias Geerinckx-Rice ea301adfd1
pagemon: 0.01.08 -> 0.01.10 2016-11-09 02:24:50 +01:00
Tobias Geerinckx-Rice 11dacb7e2c
mcelog: 142 -> 144 2016-11-09 02:24:45 +01:00
Kjetil Ørbekk 0d5caf138a tpacpi-bat: init at 3.0 (#20213) 2016-11-08 02:46:34 +01:00
Guillaume Maudoux eb9d126d2c linux_mptcp: 0.91 -> 0.91.2 2016-11-07 14:15:33 +01:00
Joachim Fasting ae5d404509
lttng-modules: 2.8.0 -> 2.8.3
Fixes build against linux >=4.8

Full changelog at
https://git.lttng.org/?p=lttng-tools.git;a=blob_plain;f=ChangeLog;hb=13dc409a5ea439b96b805c3c71886a3fcfad18e8

Tested with nix-build -A linuxPackages.lttng-modules -A linuxPackages_latest.lttng-modules
2016-11-06 13:57:34 +01:00
Lorenzo Manacorda 98fb9ded4e light: 0.9 -> 1.0 (#20193)
Update to version 1.0
2016-11-06 03:47:22 +01:00
Tobias Geerinckx-Rice cd2d81ab52
mcelog: 138 -> 142 2016-11-05 18:44:10 +01:00
Tim Steinbach cc7c28332b
Remove ttysnoop
No longer exists
2016-11-04 11:18:52 -04:00
Tim Steinbach 20c2980640
Remove cryopid
No longer builds / exists
2016-11-03 21:43:17 -04:00
Yochai Meir e70560ff98 rtl8812au: compiles on linux 4.8 2016-11-03 19:53:37 +02:00
Bjørn Forsman a6283c1126 devmem2: init at 2004-08-05
A simple program to read/write from/to any location in memory.

Unfortunately the homepage doesn't have a versioned source code download
URL. On the other hand, the program is pretty stable, with no change for
the last 12 years...
2016-11-03 15:44:56 +01:00
Joachim Fasting d9b5cd41c5
grsecurity: 4.7.10-201610262029 -> 201611011946 2016-11-03 13:55:23 +01:00
Bart Brouns af0f12299b alsa-utils: 1.1.0 -> 1.1.2 2016-11-02 13:07:28 +01:00
Bart Brouns 01fe648552 alsa-plugins: 1.1.0 -> 1.1.1 2016-11-02 13:07:21 +01:00
Bart Brouns 2e1871fdd9 alsa-lib: 1.1.1 -> 1.1.2 2016-11-02 13:07:15 +01:00
Tim Steinbach 874abe694a
linux: 4.8.5 -> 4.8.6 2016-11-01 08:58:53 -04:00
Shea Levy 2dbaf3a336 lksctp-tools: init at 1.0.17 2016-11-01 07:28:41 -04:00
Eelco Dolstra ef1a188e07 linux: 4.4.28 -> 4.4.30 2016-11-01 11:31:00 +01:00
Franz Pletz cbd4c9f78b
iputils: install manpage for traceroute6 2016-10-31 14:33:59 +01:00
Moritz Ulrich 7e4c7d6af0 wpa_supplicant_gui: Add forgotten patch. 2016-10-30 22:29:44 +01:00
Moritz Ulrich 19bdc31ed6 wpa_supplicant_gui: Replace inkscape with imagemagick in build process. 2016-10-30 22:28:08 +01:00
Vladimír Čunát 3be635b9b5
Merge linux kernel maintenance updates
PRs: #19995 #19996 #19997
2016-10-30 17:29:43 +01:00
Jörg Thalheim c1b0ec5266
android-udev-rules: 20160805 -> 20161014 2016-10-30 17:05:11 +01:00
Tim Steinbach f154459cf4
linux: 4.9-rc2 -> 4.9-rc3 2016-10-30 10:30:07 -04:00
Tim Steinbach 1af5b2a80c
linux: 4.4.27 -> 4.4.28 2016-10-30 10:29:37 -04:00
Tim Steinbach 8073430d95
linux: 4.8.4 -> 4.8.5 2016-10-30 10:28:55 -04:00
Tim Steinbach 4a70445fff Merge pull request #19903 from carlsverre/update/sysdig
sysdig: 0.10.0 -> 0.12.0
2016-10-27 14:10:39 -04:00
Tim Steinbach 81b0db3915 Merge pull request #19910 from NeQuissimus/busybox_1_25_1
busybox: 1.24.2 -> 1.25.1
2016-10-27 12:47:46 -04:00
Tim Steinbach a5c1985fef
busybox: 1.24.2 -> 1.25.1 2016-10-27 09:31:21 -04:00
Joachim Fasting dfdaea1240
grsecurity: 4.7.10-201610222037 -> 201610262029 2016-10-27 15:03:27 +02:00
Graham Christensen 2f3b62375f Merge pull request #19891 from NeQuissimus/kernel_4_9_rc2
kernel: 4.9-rc1 -> 4.9-rc2
2016-10-27 08:36:23 -04:00
Graham Christensen ad2deee7d1 Merge pull request #19894 from NeQuissimus/kernel_3_18_44
kernel: 3.18.42 -> 3.18.44
2016-10-27 08:36:17 -04:00
Graham Christensen c654ec0f25 Merge pull request #19893 from NeQuissimus/kernel_3_12_66
kernel: 3.12.63 -> 3.12.66
2016-10-27 08:36:10 -04:00
Graham Christensen 00e2bc22db Merge pull request #19890 from NeQuissimus/kernel_3_10_104
kernel: 3.10.103 -> 3.10.104
2016-10-27 08:35:54 -04:00
Tim Steinbach b86310fccf wpa_supplicant: 2.5 -> 2.6 (#19913) 2016-10-27 13:57:56 +02:00
Tim Steinbach b02646f93b
kernel: 3.18.42 -> 3.18.44 2016-10-26 19:23:43 -04:00
Tim Steinbach e5e84ecbbd
kernel: 3.12.63 -> 3.12.66 2016-10-26 19:17:46 -04:00
Tim Steinbach e4773819f4
kernel: 3.10.103 -> 3.10.104 2016-10-26 19:13:21 -04:00
Vladimír Čunát 6404a30afb
Merge #19892: kernel: 4.1.33 -> 4.1.35 2016-10-26 22:11:30 +02:00
Carl Sverre 96a3e00929 sysdig: 0.10.0 -> 0.12.0 2016-10-26 11:19:41 -07:00
Franz Pletz 6e17ee638c
wireguard: 2016-10-01 -> 2016-10-25 2016-10-26 16:49:52 +02:00
Tim Steinbach e9a5cf3f6f
kernel: 4.9-rc1 -> 4.9-rc2 2016-10-26 09:11:00 -04:00
Tim Steinbach 89cd922a6a
kernel: 4.1.33 -> 4.1.35 2016-10-26 09:04:37 -04:00
Frederik Rietdijk 7077a270bf Merge remote-tracking branch 'upstream/master' into HEAD 2016-10-26 13:06:43 +02:00
Tim Steinbach b3f7d626c1
kernel: remove 4.7 2016-10-24 21:30:00 -04:00
Joachim Fasting 5440c1a64c
grsecurity: 4.7.9-201610200819 -> 4.7.10-201610222037
Notably, this pulls in the dirtycow fix from upstream (but I've been
unable to execute the POC exploits on grsec kernels without that fix
...)
2016-10-23 17:14:40 +02:00
Tim Steinbach a3989b87df Merge pull request #19772 from NeQuissimus/linux_4_8_4
linux: 4.8.3 -> 4.8.4
2016-10-22 12:14:59 -04:00
Tim Steinbach 72d91f95cb Merge pull request #19771 from NeQuissimus/linux_4_7_10
linux: 4.7.9 -> 4.7.10
2016-10-22 12:14:26 -04:00
Tim Steinbach 8d0ca31849
linux: 4.8.3 -> 4.8.4 2016-10-22 12:11:37 -04:00
Tim Steinbach adbe0e0a13
linux: 4.7.9 -> 4.7.10 2016-10-22 12:11:09 -04:00
Tim Steinbach 4489454b83
linux: 4.4.26 -> 4.4.27 2016-10-22 12:10:34 -04:00
Frederik Rietdijk e56832d730 Merge remote-tracking branch 'upstream/master' into HEAD 2016-10-22 17:23:24 +02:00
Joachim Fasting ed5d146e9d
grsecurity: 4.7.7-201610101902 -> 4.7.9-201610200819 2016-10-21 01:50:53 +02:00
Vladimír Čunát 4d5b893002 Merge #19081: gnome-3.22
Also master commits are brought in.
2016-10-20 23:04:10 +02:00
Vladimír Čunát fabfb0a900 Merge #19725: kernel: 4.7.8 -> 4.7.9 2016-10-20 19:45:25 +02:00
Tim Steinbach 963804ba8e
kernel: 4.7.8 -> 4.7.9 2016-10-20 13:08:53 -04:00
Tim Steinbach 0c3e5217fc
kernel: 4.8.2 -> 4.8.3 2016-10-20 13:06:03 -04:00
Eelco Dolstra 76a57d83b5 linux: 4.4.25 -> 4.4.26 2016-10-20 13:37:19 +02:00
Tim Steinbach dac481d999 Merge pull request #19648 from NeQuissimus/linux_4_7_8
linux_4_7: 4.7.7 -> 4.7.8
2016-10-19 14:48:47 -04:00
Tim Steinbach 84e4dcb34b Merge pull request #19649 from NeQuissimus/linux_4_8_2
linux_4_8: 4.8.1 -> 4.8.2
2016-10-19 14:38:11 -04:00
Tim Steinbach 70c8de0536 Merge pull request #19652 from NeQuissimus/linux_4_9_rc1
linux_testing: 4.8-rc6 -> 4.9-rc1
2016-10-19 14:35:21 -04:00
Eelco Dolstra 13f43c7ebc linux: 4.4.24 -> 4.4.25 2016-10-19 17:11:53 +02:00
Tuomas Tynkkynen 59f12d9394 kernel config: Add some filesystem options
Enable encryption support for both F2FS and ext4. For ext4 this is a bit
tricky, since pre-4.8 the way to enable it as a module was just
"EXT4_ENCRYPTION=m" but after that it changed to "FS_ENCRYPTION=m &&
EXT4_ENCRYPTION=y".

Also make sure UDF is enabled.
2016-10-19 16:44:08 +03:00
Frederik Rietdijk 58c41ecd35 crda: use python2 2016-10-18 23:16:08 +02:00
Frederik Rietdijk e9f8ee3ab4 iotop: use python2 2016-10-18 23:14:35 +02:00
Tuomas Tynkkynen ba42683e9a libselinux: Fix ARM build failure
Avoid this warning (which is in turn an error via -Werror):
````
avc_internal.c: In function 'avc_netlink_receive':
avc_internal.c:105:25: error: cast increases required alignment of target type [-Werror=cast-align]
 struct nlmsghdr *nlh = (struct nlmsghdr *)buf;
                        ^
````

The code allocates abuffer with "__attribute__ ((aligned))",
then passes it via a 'char*' parameter, which is then finally cast,
causing the warning. So the code is ok but compiler is not smart
enough to see it.

It seems that -Wcast-align is a no-op on x86, so this shows up on ARM
only.
2016-10-18 23:54:29 +03:00
Tim Steinbach 51c9c2f851
linux_testing: 4.8-rc6 -> 4.9-rc1 2016-10-18 11:19:46 -04:00
Tim Steinbach 0acfbaa5b2
linux_4_8: 4.8.1 -> 4.8.2 2016-10-18 10:13:02 -04:00
Tim Steinbach 55adff59f1
linux_4_7: 4.7.7 -> 4.7.8 2016-10-18 10:12:26 -04:00
Graham Christensen 3bd1e62a6d Merge pull request #19578 from grahamc/facetimehd
facetimehd: 2016-05-02 -> 2016-10-09
2016-10-17 17:11:18 -04:00
Jörg Thalheim 756a6949f8 Merge pull request #19603 from aneeshusa/adopt-google-authenticator
[WIP] Adopt google authenticator
2016-10-16 22:06:40 +02:00
Nikolay Amiantov 40547dd4c4 cachefilesd: init at 0.10.9 2016-10-16 19:58:29 +03:00
Aneesh Agrawal 31b4fcd0b7 google-authenticator: adopt package 2016-10-16 12:42:51 -04:00
Graham Christensen 634a098940
linuxPackages.nvidia_x11: Remove us prefix from mirror
At the time of the last upgrade, the new driver wasn't available on
anything but their US mirror. Pinning to the US mirror isn't
recommended or preferable, but I did it anyway to be able to get the
upgrade out.
2016-10-16 11:08:17 -04:00
Graham Christensen 37bc2c0bbf
broadcom-sta: Support linux-4.8 2016-10-15 08:06:30 -04:00
Graham Christensen 2525a3d682
facetimehd: 2016-05-02 -> 2016-10-09 2016-10-15 07:42:08 -04:00
Tim Steinbach b43c0dab8e
conky: 1.10.3 -> 1.10.5 2016-10-14 23:16:45 -04:00
Vladimír Čunát 061758490f Merge branch 'master' into staging
... to get the openssl mass rebuild: 942dbf89c.
2016-10-14 13:16:11 +02:00
Vladimír Čunát 6eeea6effd Python: more evaluation fixups. 2016-10-14 00:03:12 +02:00
Franz Pletz f30f7d0cff
powertop: add homepage, cleanup 2016-10-14 00:02:30 +02:00
Graham Christensen 88a47f1950 Merge pull request #19467 from grahamc/nvidia-x11-master
nvidia-x11: 367.35 -> 367.57
2016-10-12 19:07:29 -04:00
Graham Christensen b98c0a668e
nvidia-x11: 367.35 -> 367.57 2016-10-11 19:43:58 -04:00
Vladimír Čunát 9d1dfc9ed0 Merge #18861: add AMDGPU-PRO driver 2016-10-11 19:57:30 +02:00
David McFarland 3b4ce62451 amdgpu-pro: Init at 16.30.3-315407 2016-10-11 14:19:38 -03:00
Joachim Fasting ce73a3ea0f grsecurity: 4.7.6-201609301918 -> 4.7.7-201610101902 2016-10-11 13:15:16 +02:00
Eelco Dolstra 88f10ad409 aggregateModules: Preserve kernel's modules.{builtin,order}
Fixes #19426.
2016-10-11 11:42:41 +02:00
sternenseemann 3fb2993cb3 maintainers: rename lukasepple according to github account name 2016-10-09 22:04:22 +02:00
Aneesh Agrawal f0602d2d36 kernel: Make SECURITY_YAMA optional
It's highly recommended, but not required to run NixOS.
2016-10-08 17:46:33 +02:00
Aneesh Agrawal a000ed181c linux config: enable the Yama LSM (#14392)
The Yama Linux Security Module restricts the use of ptrace so that
processes cannot ptrace processes that are not their children. This
prevents attackers from compromising one user-level processes and
snooping on the memory and runtime state of other processes owned
by the same user.
2016-10-08 16:40:12 +02:00
Tim Steinbach a699eb4798 linux: 4.4.23 -> 4.4.24 (#19346) 2016-10-08 07:02:07 +02:00
Tim Steinbach 9481edec56 linux: 4.7.6 -> 4.7.7 (#19345) 2016-10-08 07:01:51 +02:00
Tim Steinbach 07e67b33af linux: 4.8.0 -> 4.8.1 (#19344) 2016-10-08 07:01:27 +02:00
Marco Maggesi 435673b948 Revert "Revert "linux*: remove 3.14, as it's no longer maintained""
In the end, it is too dangerous to have an unmaintained kernel in
nixpkgs.  Revert the revert.

This reverts commit e921725176.
2016-10-07 23:26:32 +02:00
Marco Maggesi e921725176 Revert "linux*: remove 3.14, as it's no longer maintained"
This is the simplest way to reenable the use of BLCR
(which at present requires linux version >3.12 <3.18)
until we find a better solution.

This reverts commit 6a9e765e27.
2016-10-07 14:31:24 +02:00
Thomas Tuegel 2e255a2edd
Merge branch 'staging' 2016-10-06 09:51:02 -05:00
Eelco Dolstra a8b61b0aad Merge pull request #19278 from anderspapitto/local
perf: add dependency on libaudit
2016-10-06 11:45:54 +02:00
Anders Papitto aa44330963 perf: add dependency on libaudit
the `trace` subcommand of perf is only enabled when libaudit is
available at compile time
2016-10-05 17:59:44 -07:00
Jörg Thalheim 638d4b4d71 Merge pull request #19265 from Mic92/rtkit
rtkit: apply security relevant patch
2016-10-06 00:07:35 +02:00
Eelco Dolstra f084274eeb Merge pull request #19251 from groxxda/patch-2
kernel: Disable RT_GROUP_SCHED
2016-10-05 20:05:18 +02:00
Vladimír Čunát 30f551d8b2 Merge branch 'master' into staging 2016-10-05 19:02:48 +02:00
Jörg Thalheim c684eb756a
rtkit: *security* Pass uid of caller to polkit
Otherwise, we force polkit to look up the uid itself in /proc, which is racy if
they execve() a setuid binary.
2016-10-05 18:11:02 +02:00
Alexander Ried 96fbdf8594 kernel: Disable RT_GROUP_SCHED
Follow systemd recommendation
fd74fa791f/README (L96-L103)
2016-10-05 12:52:45 +02:00
Alexander Ried 4e91e8cb3d rtkit: add patch from debian to remove ControlGroup stanza
fixes log clutter:
systemd[1]: [/nix/store/....-rtkit-0.11/etc/systemd/system/rtkit-daemon.service:32] Unknown lvalue 'ControlGroup' in section 'Service'
2016-10-05 11:23:11 +02:00
Thomas Tuegel d067b7bd35
Merge branch 'kde-5' into staging 2016-10-04 21:50:17 -05:00
Shea Levy e54313d183 Revert "Revert "Linux 4.8""
Now featuring @aszlig's modinst_arg_list_too_long patch.

This reverts commit 43bedb970d.

Fixes #19213
2016-10-04 10:10:36 -04:00
Shea Levy 43bedb970d Revert "Linux 4.8"
This reverts commit e4958d54b1.
2016-10-03 22:04:43 -04:00
Vladimír Čunát 1525568c74 util-linux: fixup patch hash from grandparent merge
And name the file, too.
2016-10-03 23:06:51 +02:00
Jörg Thalheim 45f64a37c9 Merge pull request #19175 from Mic92/util-linux
util-linux: workaround CVE-2016-2779
2016-10-03 22:53:21 +02:00
Jörg Thalheim 888f6a1280 Merge pull request #19199 from wizeman/u/fix-help2man-hash
help2man: fix hash
2016-10-03 19:26:44 +02:00
Franz Pletz beca8946ee
jool: 3.4.5 -> 3.5.0 2016-10-03 18:25:28 +02:00
Shea Levy e4958d54b1 Linux 4.8 2016-10-03 08:45:45 -04:00
Eric Sagnes 58d44a376e wireguard: 2016-08-08 -> 2016-10-01 2016-10-03 17:06:11 +09:00
Jörg Thalheim ba00ba65eb
util-linux: workaround CVE-2016-2779
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2779
2016-10-03 08:49:56 +02:00
Joachim Fasting 9a9237e0aa
grsecurity: revamp nixos kernel config
Cleanup:
- Restructure & add some commentary
- Remove redundant option specs given the auto config
  constraints (some are left in for documentation purposes)

Changes:
- GRKERNSEC_CONFIG_VIRT_HOST -> GUEST
  The former deselects paravirtualization and friends
- PAX_LATENT_ENTROPY n -> y (implied by auto)
- GRKERNSEC_ACL_HIDEKERN y -> n
  Possibly useless with redistribution
2016-10-02 19:25:58 +02:00
Joachim Fasting 1bb7b44cd7
grsecurity: make GRKERNSEC y and PAX y implicit
These options should always be specified. Note, an implication of this
change is that not specifying any grsec/PaX options results in a build
failure.
2016-10-02 19:25:58 +02:00
Tuomas Tynkkynen 19225bf5cc Merge remote-tracking branch 'upstream/master' into staging 2016-10-02 10:36:47 +03:00
Tuomas Tynkkynen f5dd3a703d treewide: Fix more lib.optional misuses 2016-10-02 00:44:10 +03:00
Aneesh Agrawal fcee1d0b28
Remove redundant -DCMAKE_BUILD_TYPE=Release flags
Since commit 183d05a0 in 2012, this is the default.

fixes #18000
2016-10-01 16:13:41 +02:00
Joachim Fasting 2ec9a1a955
grsecurity: 4.7.5-201609261522 -> 4.7.6-201609301918 2016-10-01 08:47:30 +02:00
Joachim Fasting 22108b7a10
linux_4_7: 4.7.5 -> 4.7.6 2016-10-01 08:46:31 +02:00
Eelco Dolstra 613a12a8bd linux: 4.4.22 -> 4.4.23 2016-09-30 14:41:19 +02:00
Eelco Dolstra 8b09ba32d3 systemd: Apply various upstream bug fixes
This includes the fix for the assertion failure in
https://github.com/systemd/systemd/issues/4234.
2016-09-30 11:23:51 +02:00
rnhmjoj 7cf7572734
btfs: 2.11 -> 2.12 2016-09-30 01:23:16 +02:00
Eelco Dolstra fe9e5f9f55 pam_usb: Fix evaluation 2016-09-29 20:35:40 +02:00
Eelco Dolstra 518340624d Merge remote-tracking branch 'origin/master' into staging 2016-09-29 13:06:14 +02:00
Eelco Dolstra c5ddb7dd56 Move useSetUID to pam_usb, the only place where it's used 2016-09-29 13:05:28 +02:00
Yochai ca9c21b0ab rtl8812au: 4.2.2-1 -> 4.3.20 2016-09-29 09:29:22 +03:00
Graham Christensen ff5cf3abff linux-3.10: fix build by upstream patch 2016-09-28 19:18:34 +02:00
Vladimír Čunát 77604964b6 Merge branch 'master' into staging 2016-09-28 17:13:59 +02:00
Vladimír Čunát 3e1afeaa5b libsepol: temporary fixup after flex security update
/cc #18909.
2016-09-28 11:12:05 +02:00
Alexander Ried d666196a44
iproute2: fix bash completion
apparently bash expects only files in its completion folder and not
subfolders.
2016-09-27 18:20:07 +02:00
Joachim Fasting 98a9d815e0
grsecurity: 4.7.4-201609211951 -> 4.7.5-201609261522 2016-09-27 01:43:50 +02:00
zimbatm 0e91a0bbe7 Merge pull request #18943 from Mic92/busybox
busybox: 1.23.2 -> 1.24.2
2016-09-26 12:23:22 +01:00
Frederik Rietdijk 3ba16c8234 Do not use top-level buildPythonPackage or buildPythonApplication
but instead use the one in pythonPackages.
2016-09-26 11:10:51 +02:00
Joachim Fasting e1395365ea
spl: fix eval
xref: 30ae939142
2016-09-25 16:16:33 +02:00
Alexander Ried 7615d6385a iproute2: 4.5.0 -> 4.7.0 (#18435)
iproute now packages a bash-completion file which it installs to
$BASH_COMPDIR.

* fanpatch: adjust for new version

- The patch did not apply because the code around the additions changed.
- The patch uses functions that got changed [1] & [2], I adjusted the
  patch to use the safe version. Probably not needed but better safe
  than sorry.
[1] format_host: http://git.kernel.org/cgit/linux/kernel/git/shemminger/iproute2.git/commit/?id=a418e451643e77fe36861e53359587ba8aa41873
[2] rt_addr_n2a: http://git.kernel.org/cgit/linux/kernel/git/shemminger/iproute2.git/commit/?id=7faf1588a755edb9c9cabbe1d3211265e9826d28
2016-09-25 15:07:03 +02:00
Franz Pletz 30ae939142
linuxPackages.spl: don't mark as broken on kernel >= 4.7
Compatibility added in c8c688b0c9.
2016-09-25 14:55:45 +02:00
Franz Pletz 6e063a49b1
linuxPackages.jool: 3.4.4 -> 3.4.5 2016-09-25 14:20:46 +02:00
Franz Pletz c8c688b0c9
linuxPackages.zfs: 0.6.5.7 -> 0.6.5.8
Adds compatibility for 4.7 & 4.8 Linux kernels.
2016-09-25 14:20:46 +02:00
Franz Pletz 3a4a425728
linux: 4.7.4 -> 4.7.5 2016-09-25 14:20:46 +02:00
Franz Pletz c83f8a536a
linux: 4.4.20 -> 4.4.22 2016-09-25 14:20:46 +02:00
Franz Pletz fdf239fb83
linux: 4.1.31 -> 4.1.33 2016-09-25 14:20:45 +02:00
Franz Pletz 17402fc4a3
linux: 3.18.40 -> 3.18.42 2016-09-25 14:20:45 +02:00
Franz Pletz 31ff655e46
kernelPatches: remove unneeded patches 2016-09-25 14:20:45 +02:00
Franz Pletz 01f465c82b
linux: 3.12.62 -> 3.12.63 2016-09-25 14:20:45 +02:00
Franz Pletz b1029abe56
linux: 3.10.102 -> 3.10.103 2016-09-25 14:20:45 +02:00
Franz Pletz e8cd27dd8a
linux_4_6: remove, not maintained anymore 2016-09-25 14:20:39 +02:00
Jörg Thalheim 74876b0cad
busybox: 1.23.2 -> 1.24.2
fixes https://lwn.net/Vulnerabilities/696815/
2016-09-25 13:21:29 +02:00
Nikolay Amiantov ea4d517eb8 Merge pull request #18661 from NeQuissimus/kernel/zbud
kernel-common: Add ZBUD
2016-09-25 12:33:08 +04:00
Joachim Fasting 64816cd972
grsecurity: 4.7.4-201609152234 -> 201609211951 2016-09-22 23:40:50 +02:00
Joachim F fc4751eccc Merge pull request #18751 from TvoroG/rtlwifi
rtlwifi_new: init at 2016-09-12
2016-09-22 22:50:46 +02:00
Luca Bruno cf6815275a Merge pull request #18814 from tavyc/nvme-cli
nvme-cli: init at 0.9
2016-09-22 21:47:57 +01:00
Octavian Cerna b26dff4ea5 nvme-cli: init at 0.9 2016-09-21 21:45:38 +03:00
Domen Kožar d199d5041a ena: mark as broken on chromiumos
(cherry picked from commit bc06f19efb)
Signed-off-by: Domen Kožar <domen@dev.si>
2016-09-21 12:04:17 +02:00
Marsel 52dd323047 rtlwifi_new: init at 2016-09-12 2016-09-20 16:18:24 +03:00
Kirill Boltaev d2bbc631ff pktgen: disable parallel building 2016-09-19 05:28:43 +03:00
Joachim Fasting e2659de1b2
kernelPatches: remove legacy grsecurity attrs 2016-09-18 15:26:57 +02:00
Charles Strahan d5e24d3f80
fanctl: 0.9.0 -> 0.12.0 2016-09-17 22:37:39 -04:00
Vladimír Čunát 6a9e765e27 linux*: remove 3.14, as it's no longer maintained 2016-09-17 02:10:53 +02:00
Vladimír Čunát 12a45a8496 Merge #18237: ati_drivers_x11: patch for kernel 4.6 2016-09-17 01:29:27 +02:00
rushmorem 7be7620e51 fuse: 2.9.5 -> 2.9.7 2016-09-16 22:28:14 +02:00
Tuomas Tynkkynen f5c9c4f18a Merge pull request #18659 from layus/fix-mptcp
linux_mptcp: fix config options broken by b4a4a63cc4
2016-09-16 21:06:54 +03:00
aszlig a0b643ed06
linux-testing: 4.8-rc4 -> 4.8-rc6
Built successfully on my machine, no runtime tests performed.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Verified-with-PGP: ABAF 11C6 5A29 70B1 30AB E3C4 79BE 3E43 0041 1886
2016-09-16 17:57:32 +02:00
Tim Steinbach 77e1be36b9
kernel-common: Add ZBUD, move ZSMALLOC into module space 2016-09-16 15:31:51 +00:00
Guillaume Maudoux f0e519d26a linux_mptcp: fix config options broken by b4a4a63cc4 2016-09-16 13:15:50 +02:00
Joachim Fasting d082a7c0fd
grsecurity: 4.7.3-201609072139 -> 4.7.4-201609152234 2016-09-16 11:18:42 +02:00
Joachim Fasting 2050f12f4e
linux_4_7: 4.7.3 -> 4.7.4 2016-09-16 11:18:42 +02:00
Domen Kožar 77a67189ef lttng-modules: broken on chromiumos
(cherry picked from commit 3f4d94a4c2)
Signed-off-by: Domen Kožar <domen@dev.si>
2016-09-16 11:12:29 +02:00
aszlig 1781e95577
Merge pull request #18567 (VirtualBox 5.1.6)
This introduces VirtualBox version 5.1.6 along with a few refactored
stuff, notably:

  * Kernel modules and user space applications are now separate
    derivations.
  * If config.pulseaudio doesn't exist in nixpkgs config, the default is
    now to build with PulseAudio modules.
  * A new updater to keep VirtualBox up to date.

All subtests in nixos/tests/virtualbox.nix succeed on my machine and
VirtualBox was reported to be working by @DamienCassou (although with
unrelated audio problems for another fix/branch) and @calbrecht.
2016-09-14 02:20:16 +02:00
Kirill Boltaev 0f37287df5 treewide: explicitly specify gtk version 2016-09-13 21:09:24 +03:00
Tuomas Tynkkynen 0c0188c5d2 kernel config: Explicitly enable some NLS-related things
Doesn't affect x86, but ARM can't mount VFAT filesystems without this on
a 3.18 kernel.
2016-09-13 17:06:13 +03:00
Tuomas Tynkkynen b4a4a63cc4 kernel generate-config.pl: Properly support string options
Or we get something like:

option not set correctly: NLS_DEFAULT (wanted 'utf8', got '"utf8"')
2016-09-13 17:06:13 +03:00
Tuomas Tynkkynen 246bd302ec kernel generate-config.pl: Be more verbose on errors 2016-09-13 17:06:13 +03:00
Nikolay Amiantov 4748709926 Merge commit 'refs/pull/18498/head' of git://github.com/NixOS/nixpkgs 2016-09-13 12:51:34 +03:00
Franz Pletz 05357f098c Merge pull request #18486 from aske/mba6x_bl
linuxPackages.mba6x_bl: 2016-02-12 -> 2016-04-22
2016-09-13 07:28:59 +02:00
aszlig 8bd89c922d
virtualbox: Split kernel modules into own package
Putting the kernel modules into the same output path as the main
VirtualBox derivation causes all of VirtualBox to be rebuilt on every
single kernel update.

The build process of VirtualBox already outputs the kernel module source
along with the generated files for the configuration of the main
VirtualBox package. We put this into a different output called "modsrc"
which we re-use from linuxPackages.virtualbox, which is now only
containing the resulting kernel modules without the main user space
implementation.

This not only has the advantage of decluttering the Nix expression for
the user space portions but also gets rid of the need to nuke references
and the need to patch out "depmod -a".

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-09-13 06:12:38 +02:00
Nikolay Amiantov 9b26cb92e3 Merge branch 'displaylink'
Close #18041
2016-09-13 01:59:47 +03:00
Nikolay Amiantov fbf6a97b04 linuxPackages.displaylink: init at 1.1.62 2016-09-13 00:30:35 +03:00
Kirill Boltaev bccd75094f treewide: explicitly specify gtk and related package versions 2016-09-12 18:26:06 +03:00
Michael Raskin 11bc6ea4ae firejail: 0.9.42-rc1 -> 0.9.42 2016-09-12 13:01:34 +02:00
Tuomas Tynkkynen 2b0eace6cf Merge remote-tracking branch 'upstream/staging' into master 2016-09-11 11:41:18 +03:00
aske 0628215f9e linuxPackages.mba6x_bl: 2016-02-12 -> 2016-04-22 2016-09-10 20:27:49 +03:00
Tuomas Tynkkynen 35ec0e72e3 util-linux: Split 'dev' 2016-09-10 19:05:05 +03:00
Joachim Fasting 91674b75d3
grsecurity: 4.7.2-201608312326 -> 4.7.3-201609072139 2016-09-10 17:06:42 +02:00
Ruslan Babayev 7b51c79ccd pktgen: 3.0.04 -> 3.0.13 (#18477) 2016-09-10 12:06:13 +02:00
Vladimír Čunát 07facfc49f broadcom-sta: don't (claim to) maintain anymore
I haven't used the driver for years.
2016-09-10 10:57:48 +02:00
Franz Pletz c513e2ab39
multipath-tools: 0.5.0 -> 0.6.2, fixes build
Was broken due to 78178d5854.
2016-09-09 23:14:16 +02:00
Tuomas Tynkkynen fcec24334e Merge remote-tracking branch 'upstream/staging' into master 2016-09-09 11:41:31 +03:00
Joachim Fasting 099584a27c
busybox: fix static build
The static build fails with undefined references to __memcpy_chk when
the fortify hardening is enabled.
2016-09-09 04:46:00 +02:00
Tuomas Tynkkynen 290db94f04 Merge remote-tracking branch 'upstream/master' into staging 2016-09-09 02:40:47 +03:00
Jörg Thalheim e2991cc70b bcc: install documentation not as an executable
in bcc/tools documentation was wrapped as an executable
2016-09-08 20:39:24 +02:00
Jörg Thalheim c58f6e62de bcc: git-2016-05-18 -> git-2016-08-30 2016-09-08 20:39:24 +02:00
Eelco Dolstra bc7e4e390a linux: 4.4.19 -> 4.4.20 2016-09-08 13:58:05 +02:00
Tim Steinbach 4829cd7f65
kernel: 4.7.2 -> 4.7.3 2016-09-08 01:51:28 +00:00
Bjørn Forsman 2bf421d197 mcelog: add utillinux as dependency
Fixes this:

  $ sudo mcelog
  ...
  unknown-error-trigger: line 21: logger: command not found
  unknown-error-trigger: line 22: logger: command not found
2016-09-06 20:30:47 +02:00
Franz Pletz 9a2065ff2a
batman-adv: 2016.2 -> 2016.3 2016-09-06 03:59:43 +02:00
Eelco Dolstra 78178d5854 systemd: Separate lib output
This moves libsystemd.so and libudev.so into systemd.lib, and gets rid
of libudev (which just contained a copy of libudev.so and the udev
headers). It thus reduces the closure size of all packages that
(indirectly) depend on libsystemd, of which there are quite a few (for
instance, PulseAudio and dbus). For example, it reduces the closure of
Blender from 430.8 to 400.8 MiB.
2016-09-05 19:17:14 +02:00
Eelco Dolstra e8315cb1ca shadow: Separate man output
This removes ~2 MiB from the minimal config.
2016-09-05 14:53:27 +02:00
Eelco Dolstra ff7368e944 audit: Move z/OS plugin to a separate output
This prevents the NixOS base system from pulling in openldap,
cyris-sasl, and libkrb5.
2016-09-05 14:53:27 +02:00
Eelco Dolstra 8295089e6a utillinuxMinimal: Make more minimal
This removes locales, bash completion and crap like that. This cuts
6.5 MiB from the NixOS system closure (which unfortunately contains
two copies of util-linux, because of the need to break a dependency
cycle with systemd).
2016-09-05 13:45:59 +02:00
Matt McHenry 7bc91ffe41 patch ati-drivers for kernel 4.6
this uses the patch from
https://github.com/manjaro/packages-extra/commit/ddae91f2 to account
for https://github.com/torvalds/linux/commit/d4edcf0d and the patch
from https://www.virtualbox.org/ticket/15298 to account for
https://github.com/torvalds/linux/commit/09cbfeaf
2016-09-03 21:29:52 -04:00
Joachim Fasting 65786ba322
odp-dpdk: 10.10.1.0 -> 2016-08-16
Fixes build against dpdk 16.06

Tested build against linux, linux_latest, linux_3_18, linux_4_1,
linux_4_6, linux_grsec_nixos, linux_chromiumos_3_18.

While this is pre-release, the delta since 10.10.1.0 seems to contain
primarily fixes or internal improvements.

Also cleanup build inputs while we're at it.
2016-09-03 21:20:52 +02:00
Joachim F f8b447a6e4 dpdk: 16.04 -> 16.07, fix build against linux 4.7 (#18256)
Tested build against linux_latest and linux_grsec_nixos.
2016-09-03 17:40:27 +02:00
Joachim Fasting ca465eeeb1
wireguard: disable build against -grsec kernels
Looks to be incompatible with the PaX constification plugin:

> /tmp/nix-build-wireguard-unstable-2016-08-08.drv-0/WireGuard-experimental-0.0.20160808/src/device.c:329:29: error: constified variable 'link_ops' placed into writable section ".data..read_mostly"
 static struct rtnl_link_ops link_ops __read_mostly = {

https://hydra.nixos.org/build/39671573/log/raw

See also https://github.com/NixOS/nixpkgs/issues/18209
2016-09-03 14:50:07 +02:00
Vladimír Čunát 4745341c69 spl: fix evaluation after the parent commit
This doesn't fully fix the tarball job.
2016-09-03 14:34:55 +02:00
Rok Garbas 3698f321ef
spl: mark it broken on kernels higher then 4.7
until new spl version is release
2016-09-03 14:07:49 +02:00
Franz Pletz a1c24ab976
systemd: apply patch to fix #18158
See:
 - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834367
 - https://github.com/systemd/systemd/issues/3842
2016-09-02 23:39:19 +02:00
Shea Levy ce0043bf4c phc-intel: 0.4.0rev19 -> 0.4.0rev22
Fixes build on linux 4.7
2016-09-02 07:41:42 -04:00
Parnell Springmeyer 98c058a1ee Adapting everything for the merged permissions wrappers work. 2016-09-01 19:21:06 -05:00
Tuomas Tynkkynen 3364230d56 Disable bunch of non-compiling packages on Darwin
These ones have a "Last successful build" timestamp in the 2014s or
2015s. Presumably no one will notice if we now stop building them.

softether_4_18              2015-09-20  http://hydra.nixos.org/build/39418483
lensfun                     2014-09-30  http://hydra.nixos.org/build/39394104
net_snmp                    2015-09-20  http://hydra.nixos.org/build/39410553
djview                      2015-08-11  http://hydra.nixos.org/build/39413233
libmusicbrainz2             2015-09-20  http://hydra.nixos.org/build/39410106
fox_1_6                     2014-05-07  http://hydra.nixos.org/build/39410858
libofx                      2015-09-24  http://hydra.nixos.org/build/39423507
yacas                       2014-09-30  http://hydra.nixos.org/build/39393150
iomelt                      2014-09-30  http://hydra.nixos.org/build/39408486
softether                   2015-09-20  http://hydra.nixos.org/build/39425800
mp4v2                       2014-09-30  http://hydra.nixos.org/build/39421899
virtuoso7                   2014-09-21  http://hydra.nixos.org/build/39415206
man_db                      2015-04-23  http://hydra.nixos.org/build/39404236
libdiscid                   2014-09-30  http://hydra.nixos.org/build/39412202
zabbix22.agent              2014-09-21  http://hydra.nixos.org/build/39412149
vidalia                     2015-08-06  http://hydra.nixos.org/build/39411500
libmtp                      2015-09-20  http://hydra.nixos.org/build/39419199
wxGTK29                     2015-09-20  http://hydra.nixos.org/build/39415296
ncmpcpp                     2015-11-06  http://hydra.nixos.org/build/39404455
libtorrent                  2014-09-21  http://hydra.nixos.org/build/39394646
shishi                      2014-03-21  http://hydra.nixos.org/build/39418874
ocaml_3_12_1                2014-09-30  http://hydra.nixos.org/build/39392996
djview4                     2015-08-11  http://hydra.nixos.org/build/39427799
vimNox                      2014-05-23  http://hydra.nixos.org/build/39397012
ttfautohint                 2015-08-06  http://hydra.nixos.org/build/39398330
libraw                      2015-09-24  http://hydra.nixos.org/build/39402271
wxGTK30                     2015-09-20  http://hydra.nixos.org/build/39401871
sbcl_1_2_5                  2015-09-20  http://hydra.nixos.org/build/39426091
prover9                     2014-09-30  http://hydra.nixos.org/build/39406476
rcs                         2015-08-25  http://hydra.nixos.org/build/39392037
gpac                        2015-09-24  http://hydra.nixos.org/build/39399470
virtuoso6                   2014-09-30  http://hydra.nixos.org/build/39398651
xlslib                      2015-09-24  http://hydra.nixos.org/build/39410387
ucommon                     2015-03-27  http://hydra.nixos.org/build/39414040
commoncpp2                  2014-09-30  http://hydra.nixos.org/build/39420117
virtuoso                    2014-09-21  http://hydra.nixos.org/build/39399978
miniHttpd                   2014-09-30  http://hydra.nixos.org/build/39392925
mpack                       2014-09-26  http://hydra.nixos.org/build/39399535
nbd                         2014-09-26  http://hydra.nixos.org/build/39401367
newsbeuter-dev              2014-07-29  http://hydra.nixos.org/build/39406259
gimp_2_8                    2015-09-20  http://hydra.nixos.org/build/39436271
gimp                        2015-09-20  http://hydra.nixos.org/build/39435976
zabbix20.agent              2014-09-30  http://hydra.nixos.org/build/39393242
gst_all_1.gst-plugins-good  2015-09-20  http://hydra.nixos.org/build/39408506
ocaml_4_00_1                2014-09-30  http://hydra.nixos.org/build/39399526
inadyn                      2014-09-30  http://hydra.nixos.org/build/39426389
gst_all_1.gst-plugins-bad   2015-09-20  http://hydra.nixos.org/build/39392970
zabbix.agent                2014-09-30  http://hydra.nixos.org/build/39421412
cmake-2_8                   2015-09-24  http://hydra.nixos.org/build/39399443
liblastfm                   2015-08-06  http://hydra.nixos.org/build/39421812
newsbeuter                  2014-07-29  http://hydra.nixos.org/build/39396605
sdcv                        2014-09-26  http://hydra.nixos.org/build/39412928
2016-09-01 20:39:33 +03:00
Eelco Dolstra e05c4c6541 libapparmor: Move python stuff to a separate output
This prevents systemd and by extension a zillion other packages from
having Python 2.7 in their closure. For example, the closure of
systemd dropped from 133 MiB to 85 MiB.
2016-09-01 18:57:43 +02:00
Joachim Fasting 0ce7b31b09
grsecurity: 4.7.2-201608211829 -> 201608312326 2016-09-01 14:51:33 +02:00
Joachim F 8c90b7db89 Merge pull request #18073 from joachifm/rtl8723bs
rtl8723bs: 6918e9b2ff29 -> 2016-04-11, fix build against 4.7
2016-09-01 14:48:51 +02:00
Tuomas Tynkkynen 8c4aeb1780 Merge staging into master
Brings in:
    - changed output order for multiple outputs:
      https://github.com/NixOS/nixpkgs/pull/14766
    - audit disabled by default
      https://github.com/NixOS/nixpkgs/pull/17916

 Conflicts:
	pkgs/development/libraries/openldap/default.nix
2016-09-01 13:27:27 +03:00
Franz Pletz 003ab1d9fd
nftables: 0.5 -> 0.6 2016-09-01 12:25:14 +02:00
Tuomas Tynkkynen 20ab753e35 libaudit: Split into multiple outputs 2016-08-31 23:15:28 +03:00
Graham Christensen 24f7946489 Merge pull request #18154 from womfoo/fix/mbpfan-buffer-overflow
mbpfan: include buffer overflow patch
2016-08-31 08:16:57 -04:00
Kranium Gikos Mendoza bbafdefd86 mbpfan: include buffer overflow patch 2016-08-31 19:25:28 +08:00
Philip Potter 66726acfae sysklogd: fix compile error (#18133)
sysklogd was failing to build because it didn't know the size of the
`union wait` type.

Running `git bisect` showed 9744c7768d,
which bumped glibc from 2.23 to 2.24, as the likely suspect.  This is
corroborated by evidence such as this email:
https://lists.debian.org/debian-glibc/2016/08/msg00069.html

Linux from scratch recommends changing `union wait` to `int`:
http://www.linuxfromscratch.org/lfs/view/development/chapter06/sysklogd.html

Therefore, that's what this commit does.
2016-08-31 00:05:07 +02:00
Nikolay Amiantov 0987f2ff6a Merge pull request #18100 from Mic92/android-udev-rules
android-udev-rules: usage example
2016-08-30 23:09:56 +04:00
Octavian Cerna 938b993091 raspberrypifw: Don't strip ELF files
Stripping breaks raspivid and other executables.
2016-08-30 17:34:16 +03:00
Tuomas Tynkkynen d3dc3d4130 Merge remote-tracking branch 'dezgeg/shuffle-outputs' into staging
https://github.com/NixOS/nixpkgs/pull/14766
2016-08-30 12:43:37 +03:00
aszlig f19c961b4e
linux-testing: Fix arg list too long in modinst
With the default kernel and thus with the build I have tested in
74ec94bfa2, we get an error during
modules_install:

make[2]: execvp: /nix/store/.../bin/bash: Argument list too long

I haven't noticed this build until I actually tried booting using this
kernel because make didn't fail here.

The reason this happens within Nix and probably didn't yet surface in
other distros is that programs only have a limited amount of memory
available for storing the environment and the arguments.

Environment variables however are quite common on Nix and thus we
stumble on problems like this way earlier - in this case Linux 4.8 - but
I have noticed this in 4.7-next as well already.

The fix is far from perfect and suffers performance overhead because we
now run grep for every *.mod file instead of passing all *.mod files
into one single invocation of grep.

But comparing the performance overhead (around 1s on my machine) with
the overall build time of the kernel I think the overhead really is
neglicible.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-08-30 06:55:52 +02:00
Jörg Thalheim ec20540a1a
android-udev-rules: usage example 2016-08-29 23:40:13 +02:00
aszlig 74ec94bfa2
linux/kernel/testing: 4.8-rc3 -> 4.8-rc4
Tested by only building the linux_testing attribute, but haven't yet
tested it in production.

I've also fixed the extraMeta.branch attribute.

Verified-with-PGP: ABAF 11C6 5A29 70B1 30AB E3C4 79BE 3E43 0041 1886
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-08-29 20:52:19 +02:00
aszlig 42e1ec215e
linux/kernel: Remove MLX4_EN_VXLAN for 4.8
This option is no longer needed and has been removed in upstream commit
torvalds/linux@a831274a13.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-08-29 20:52:19 +02:00
aszlig 0bce188ec1
linux/kernel: Remove KVM_APIC_ARCHITECTURE for 4.8
The option is no longer needed and has been removed upstream in
torvalds/linux@557abc40d1.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-08-29 20:52:19 +02:00
Robin Gloster 6a04de991c
linuxPackages_3_12.ena: fix build 2016-08-29 16:35:13 +00:00
obadz 0e9d355397 musl: disable stackprotector hardening
Prevents busybox segfault
2016-08-29 13:04:29 +01:00
Tuomas Tynkkynen 0e26cf84fc kernel: Remove propagatedBuildOutputs
Not needed after the shuffle.
2016-08-29 14:49:52 +03:00
Tuomas Tynkkynen a17216af4c treewide: Shuffle outputs
Make either 'bin' or 'out' the first output.
2016-08-29 14:49:51 +03:00
obadz b74793bd1c Merge branch 'master' into staging
Conflicts:
	pkgs/tools/system/facter/default.nix
2016-08-29 12:44:17 +01:00
Joachim Fasting 898edb0fbc lttng-modules: 2.6.3 -> 2.8.0
Full changelog at
https://git.lttng.org/?p=lttng-modules.git;a=blob_plain;f=ChangeLog;hb=4d484e547c486f902a60216dc421cb891b772431

Built against linux and linux_latest

cc @bjornfor
2016-08-29 11:39:44 +02:00
Joachim Fasting e5c3a52afc
grsecurity: fix features.grsecurity
Previously, features.grsecurity wasn't actually set due to a bug in the
grsec builder. We now rely on the generic kernel builder to set features
from kernelPatches.
2016-08-29 04:09:40 +02:00
Joachim Fasting b56f7acc78
batman-adv: mark as broken on -grsec
Looks to be incompatible with the PaX constification plugin:

> /tmp/nix-build-batman-adv-2016.2-4.7.2.drv-0/batman-adv-2016.2/net/batman-adv/soft-interface.c:1065:22:
error: constified variable 'batadv_link_ops' placed into writable
section ".data..read_mostly"
 struct rtnl_link_ops batadv_link_ops __read_mostly = {

https://hydra.nixos.org/build/39312033/log/raw
2016-08-29 04:09:40 +02:00
Joachim Fasting fcf5a24d8c
kernel config: set DEBUG_STACKOVERFLOW regardless of features.grsecurity
features.grsecurity has actually been unset for a long time, with no
ill effect on grsec kernel builds so this conditional looks useless.
2016-08-29 04:08:39 +02:00
Kranium Gikos Mendoza 268cb1a08b forkstat: 0.01.13 -> 0.01.14 (#18076) 2016-08-29 01:38:01 +00:00
Joachim Fasting e0ee5dc04f
rtl8723bs: 6918e9b2ff29 -> 2016-04-11, fix build against 4.7
Upstream
e71a5fc58c
adds linux 4.7 support; all subsequent commits are error fixes so we
bump to current HEAD for good measure.

Built against linux and linux_latest.

Mark as broken on -grsec, seems incompatible with PaX
constification:
> 76fb2-src/hal/rtl8723b_hal_init.c:2186:26: error: assignment of member
'free_hal_data' in read-only object
  pHalFunc->free_hal_data = &rtl8723b_free_hal_data;

and so on.
2016-08-29 03:31:14 +02:00
Robin Gloster e17bc25943
Merge remote-tracking branch 'upstream/master' into staging 2016-08-29 00:24:47 +00:00
Tuomas Tynkkynen c004c6e14d kernel config: Explicitly enable some stuff not enabled by 'make alldefconfig'
List of what to enable taken from https://lwn.net/Articles/672587/.
This doesn't change the resulting x86 configs, but is more useful for
other architectures. For instance, POSIX_MQUEUE is currently missing
on ARM.
2016-08-29 03:07:11 +03:00
obadz 3de6e5be50 Merge branch 'master' into staging
Conflicts:
      pkgs/applications/misc/navit/default.nix
      pkgs/applications/networking/mailreaders/alpine/default.nix
      pkgs/applications/networking/mailreaders/realpine/default.nix
      pkgs/development/compilers/ghc/head.nix
      pkgs/development/libraries/openssl/default.nix
      pkgs/games/liquidwar/default.nix
      pkgs/games/spring/springlobby.nix
      pkgs/os-specific/linux/kernel/perf.nix
      pkgs/servers/sip/freeswitch/default.nix
      pkgs/tools/archivers/cromfs/default.nix
      pkgs/tools/graphics/plotutils/default.nix
2016-08-27 23:54:54 +01:00
Bjørn Forsman daa9d5edca perf: unbreak build since glibc 2.24 upgrade
glibc 2.24 deprecated readdir_r, breaking the perf build:

  $ nix-build -A linuxPackages.perf
  ...
    CC       util/event.o
    CC       util/evlist.o
  util/event.c: In function '__event__synthesize_thread':
  util/event.c:448:2: error: 'readdir_r' is deprecated [-Werror=deprecated-declarations]
    while (!readdir_r(tasks, &dirent, &next) && next) {
    ^
  In file included from /nix/store/8ic0jwg3p5vcwx52k4781n987hmv0bks-glibc-2.24-dev/include/features.h:368:0,
                   from /nix/store/8ic0jwg3p5vcwx52k4781n987hmv0bks-glibc-2.24-dev/include/stdint.h:25,
                   from /nix/store/jsazxc1b86g2ww569ziwhhvkz8z43vjd-gcc-5.4.0/lib/gcc/x86_64-unknown-linux-gnu/5.4.0/include/stdint.h:9,
                   from /tmp/nix-build-perf-linux-4.4.19.drv-0/linux-4.4.19/tools/include/linux/types.h:6,
                   from util/event.c:1:
  /nix/store/8ic0jwg3p5vcwx52k4781n987hmv0bks-glibc-2.24-dev/include/dirent.h:189:12: note: declared here
   extern int __REDIRECT (readdir_r,
              ^
  util/event.c: In function 'perf_event__synthesize_threads':
  util/event.c:586:2: error: 'readdir_r' is deprecated [-Werror=deprecated-declarations]
    while (!readdir_r(proc, &dirent, &next) && next) {

Fix by adding -Wno-error=deprecated-declarations compile flag.
2016-08-27 10:21:57 +02:00
Gabriel Ebner 131cd8f45d Merge pull request #18005 from gebner/kernel-amd-powerplay
kernel: config: enable DRM_AMD_POWERPLAY
2016-08-26 19:04:54 +02:00
Franz Pletz f75ab31234
sysklogd: fix broken build caused by new glibc version 2016-08-26 15:03:19 +02:00
Franz Pletz 40e0e5fb0b
linux_testing: 4.7-rc7 -> 4.8-rc3 2016-08-26 14:47:45 +02:00
Franz Pletz aacf6651c1
linux: 4.4.18 -> 4.4.19 2016-08-26 14:47:45 +02:00
Franz Pletz 90251478ec
linux: 4.1.30 -> 4.1.31 2016-08-26 14:47:45 +02:00
Franz Pletz 377c851395
linux: 3.18.36 -> 3.18.40 2016-08-26 14:47:45 +02:00
Franz Pletz dc37edb36c
linux: 3.14.73 -> 3.14.77 2016-08-26 14:47:45 +02:00
Franz Pletz 458d477215
linux: 3.12.61 -> 3.12.62 2016-08-26 14:47:45 +02:00
Michael Raskin 7e631101b9 lxc: 2.0.3 -> 2.0.4 2016-08-26 13:43:35 +02:00
Gabriel Ebner 7b01df18a2 kernel: config: enable DRM_AMD_POWERPLAY 2016-08-26 08:45:49 +02:00
Shea Levy 2b1fa9da8b Add initial patches for CPU Controller on Control Group v2 2016-08-25 13:01:40 -04:00
Lancelot SIX 7fd44eafa6 Merge pull request #17817 from mbrock/libselinux-fix
libselinux: fix Python binding

Built and tested locally.
2016-08-25 12:43:19 +02:00
Robin Gloster eddc0a5549
treewide: fix darwin builds by using getOutput
This fixes eval for pkgs referring to optional static output
2016-08-25 08:44:20 +00:00
Franz Pletz df275f5b85 treewide: fix darwin builds by referring to stdenv's libc 2016-08-25 02:56:25 +02:00
Franz Pletz 29ec1c6b09 audit: 2.4.4 -> 2.6.6 2016-08-25 01:56:36 +02:00
Franz Pletz f0f95d03ca utillinux: 2.28 -> 2.28.1 2016-08-25 01:55:42 +02:00
Franz Pletz 3ce7b77517 libnl: 3.2.27 -> 3.2.28 2016-08-25 01:55:41 +02:00
Franz Pletz a30bf645f2 sinit: 0.9.2 -> 1.0, fix glibc static linking 2016-08-24 21:31:02 +02:00
Franz Pletz d5189fb7ad lxc: 2.0.3 -> 2.0.4, fixes hardened build 2016-08-24 21:31:02 +02:00
Robin Gloster c26de11551 linuxPackages.perf: fix build with new glibc and remove hack
elfutils now adds a eu- prefix to avoid collisions
2016-08-24 19:19:02 +00:00
Robin Gloster 9e47acb89d otpw: disable stackprotector hardening 2016-08-24 17:19:43 +00:00
obadz 0e8d2725dc Merge branch 'master' into staging 2016-08-23 18:50:06 +01:00
Joachim Fasting cf592a8969
grsecurity: 4.7.1-201608161813 -> 4.7.2-201608211829 2016-08-23 01:49:34 +02:00
obadz 24a9183f90 Merge branch 'hardened-stdenv' into staging
Closes #12895

Amazing work by @globin & @fpletz getting hardened compiler flags by
enabled default on the whole package set
2016-08-22 01:19:35 +01:00
obadz ba50fd7170 Merge branch 'master' into staging 2016-08-22 01:18:11 +01:00
Tim Steinbach 175028582c
linux: 4.7.1 -> 4.7.2 2016-08-21 13:56:45 +00:00
Mikael Brockman 1f50e2412f libselinux: fix Python binding
Applies unreleased patch from upstream.
2016-08-19 19:06:25 +03:00
Nikolay Amiantov 2abe917f18 kmod: 22 -> 23, add /lib/modules to module directories 2016-08-19 17:57:08 +03:00
Nikolay Amiantov ff22705793 treewide: replace several /sbin paths by /bin 2016-08-19 17:56:45 +03:00
Nikolay Amiantov 30c9aa2698 kmod: add patch to allow searching for modules in several directories 2016-08-19 17:56:39 +03:00
obadz 1047ed49d9 Merge branch 'master' into staging
Conflicts: pkgs/os-specific/linux/kmod/default.nix cc @abbradar
2016-08-19 15:28:58 +01:00
Tuomas Tynkkynen bd68309643 kernel config: Enable SECCOMP
This is used by systemd >= 231 and is not enabled in the ARM
multiplatform defconfig.
2016-08-18 16:33:46 +03:00
Joachim Fasting 66a3f0e988
gradm: 3.1-201607172312 -> 3.1-201608131257 2016-08-17 15:19:33 +02:00
Joachim Fasting ba20363f11
grsecurity: 4.7-201608151842 -> 4.7.1-201608161813 2016-08-17 15:19:27 +02:00
Franz Pletz 2571438988 linux: 4.7 -> 4.7.1 2016-08-17 05:46:00 +02:00
Franz Pletz 7a4407461b linux: 4.6.6 -> 4.6.7
Fixes CVE-2016-5696.
2016-08-17 05:45:59 +02:00
Franz Pletz da95fb368c linux: 4.4.17 -> 4.4.18
Fixes CVE-2016-5696.
2016-08-17 05:45:59 +02:00
Franz Pletz 2104d28bcd linux: 4.1.27 -> 4.1.30
Fixes CVE-2016-5696.
2016-08-17 05:45:59 +02:00
Frederik Rietdijk 5a501bd828 Remove top-level dbus_python and pythonDBus.
See #11567.

Furthermore, it renames pythonPackages.dbus to pythonPackages.dbus-
python as that's the name upstream uses.

There is a small rebuild but I couldn't figure out the actual cause.
2016-08-16 22:52:37 +02:00
Domen Kožar 40da4e6ce7 fix eval 2016-08-16 22:30:15 +02:00
Robert Helgesson f396a0b4d0
hd-idle: init at 1.05 2016-08-16 21:59:14 +02:00
Joachim Fasting d82ddd6dc0
grsecurity: 4.7-201608131240 -> 4.7-201608151842 2016-08-16 17:50:37 +02:00
Joachim Fasting b1cceeda84
grsecurity: enable pax size overflow plugin 2016-08-16 17:50:36 +02:00
Joachim Fasting 3fcb9e6f57
grsecurity: support non-enforcing mode
Until we've made sure that most things actually work out of the box, we
need to give people a way of continuing to use the system without
completely disabling grsecurity.

Set sysctl kernel.pax.softmode=1 or boot with pax.softmode=1
2016-08-16 17:50:36 +02:00
Robin Gloster 33e1c78ae3 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-08-16 07:54:01 +00:00