Bjørn Forsman
ebe67d69d0
collectd service: change /var/lib/collectd perms: 700 -> 755
...
The collectd service runs as an unprivileged user by default, so it does
not leak more information to its data directory than any user can obtain
elsewhere by other means.
If people are running it as root and are worried about information leak,
we can add collectd group and set perms to 750.
CC @offlinehacker.
Fixes #21198 .
2016-12-16 23:04:42 +01:00
Peter Simons
e18dac705a
Merge pull request #21214 from NixOS/haskell-parallel-builds
...
Haskell generic builder: enable parallel builds for GHC 8.0.2
2016-12-16 22:27:41 +01:00
Domen Kožar
d0250ad884
Haskell generic builder: enable parallel builds for GHC 8.0.2
...
This reverts https://github.com/NixOS/nixpkgs/pull/4554
2016-12-16 22:25:40 +01:00
Antoine Eiche
086e5d09a1
nixos/keystone: add test in release.nix
2016-12-16 20:53:32 +01:00
Antoine Eiche
a932f68d9c
nixos/keystone: secrets can be read from files
...
A secret can be stored in a file. It is written at runtime in the
configuration file.
Note it is also possible to write them in the nix store for dev
purposes.
2016-12-16 20:53:32 +01:00
Antoine Eiche
415c9ff90b
nixos/keystone: init at liberty version
...
This commit introduces a nixos module for the Openstack Keystone
service. It also provides a optional bootstrap step that creates some
basic initial resources (tenants, endpoints,...).
The provided test starts Keystone by enabling bootstrapping and checks
if user creation works well.
This commit is based on initial works made by domenkozar.
2016-12-16 20:53:32 +01:00
michael bishop
656cc3acaf
fix 2 xml errors in the description of boot.loader.grub.efiInstallAsRemovable
2016-12-16 20:39:40 +01:00
Dan Peebles
1eb9fe3696
awscli, boto{core,3}: update to 1.11.30, 1.4.87, and 1.4.2, respectively
...
These packages like being updated together which is why I put all three
of them into the same commit.
2016-12-16 12:39:08 -05:00
michael bishop
e5cefadef7
fix indentation in several nixos option descriptions
2016-12-16 18:29:25 +01:00
Fatih Altinok
1946e872c0
flow: 0.36.0 -> 0.37.1
2016-12-16 16:02:27 +00:00
Franz Pletz
f97bfcec99
rspamd: 1.2.7 -> 1.4.1
2016-12-16 15:52:27 +01:00
Franz Pletz
60d29f526d
rmilter: 1.8.5 -> 1.10.0
2016-12-16 15:52:27 +01:00
Franz Pletz
3d1206dfcc
ragel: add stable version, default to stable
2016-12-16 15:52:27 +01:00
Nikolay Amiantov
664cc49b19
gbenchmark: init at 1.1.0
2016-12-16 17:44:21 +03:00
Tim Steinbach
0e8e4a08f3
linux: 4.8.14 -> 4.8.15
2016-12-16 08:16:45 -05:00
Tim Steinbach
cb9ff3f7f9
linux: 4.4.38 -> 4.4.39
2016-12-16 08:16:22 -05:00
aszlig
38ea64e867
qemu_test: Make chown() calls to the store a no-op
...
The "misc" NixOS test is using Nix to query the store and it tries to
change the ownership of it while doing so.
This fails if Nix is not in a seccomp-sandboxed userid namespace, so
let's make chown() a no-op when applied to store paths.
Fixes the misc test (and possibly future tests) on older Nix versions.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-12-16 13:06:25 +01:00
Joachim Fasting
f0e77cd07d
grsecurity: 4.8.14-201612110933 -> 4.8.15-201612151923
2016-12-16 12:46:44 +01:00
Joachim F
7aa8fa28ae
Merge pull request #21190 from mdorman/emacs-updates
...
Emacs package updates: 2016-12-15
2016-12-16 12:34:09 +01:00
Profpatsch
52c34f626c
liquibase: improve external jar integration ( #20818 )
...
This replaces the upstream wrapper script with one tailored for nixpkgs.
We gain the ability to selectively enable/disable jdbc backends.
2016-12-16 12:19:59 +01:00
Bart Brouns
3fc60ec351
remove mutt-kz: deprecated in favor of neomutt
...
Removed reference in all-packages.nix. Fixes #20952 .
2016-12-16 12:16:39 +01:00
Franz Pletz
a4586f87dc
wireguard: 20161129 -> 20161209
2016-12-16 12:16:39 +01:00
Domen Kožar
8b9ced0181
rocksdb: build also static lib for rocksdb-haskell
2016-12-16 12:01:14 +01:00
Maximilian Güntner
dec91d3b19
gem-config: add postgresql buildInput for sequel_pg ( #20981 )
...
Signed-off-by: Maximilian Güntner <code@klandest.in>
2016-12-16 11:36:05 +01:00
Will Dietz
be24f1d364
musl: 1.1.11 -> 1.1.15, add security patch. ( #21023 )
2016-12-16 11:32:28 +01:00
Luis Pedro Coelho
f3108c5bd2
pythonPackages.natbib: fix for Python 3.5 ( #21114 )
...
pathlib is part of the standard library starting in version 3.5.
2016-12-16 11:22:06 +01:00
Paul Liu
1b6e2b9a19
Fix netpbm installation for OS X ( #21194 )
...
* Update meta.platform to linux ++ darwin for netpbm
2016-12-16 09:30:50 +00:00
Graham Christensen
96c05c1400
Merge pull request #21193 from tsaeger/patch-1
...
Fixup description of ripgrep.
2016-12-15 20:17:20 -05:00
Tom Saeger
e0e1bdc25c
Fixup description of ripgrep.
2016-12-15 17:41:22 -06:00
Jascha Geerds
2bcdc8c913
pythonPackages.virtualenvwrapper: Fix post install ( closes #21168 )
2016-12-16 00:31:35 +01:00
John Ericson
63bf5f3ba3
Merge pull request #21189 from Ericson2314/mea-culpa
...
Mea culpa. Tests should pass now
2016-12-15 17:59:24 -05:00
Michael Alan Dorman
8cd481b5fd
org-packages: 2016-12-15
2016-12-15 17:55:56 -05:00
Michael Alan Dorman
01d5fda8c1
melpa-stable-packages: 2016-12-15
...
Removals:
- dummy-h-mode: github account no longer exists
- judge-indent: github account no longer exists
2016-12-15 17:55:56 -05:00
Michael Alan Dorman
c5e64ba4c8
melpa-packages: 2016-12-15
...
Removals:
- cursor-in-brackets: github account no longer exists
- dummy-h-mode: github account no longer exists
- general-close: removed from melpa
- judge-indent: github account no longer exists
2016-12-15 17:55:55 -05:00
Michael Alan Dorman
994b243dd3
elpa-packages: 2016-12-15
2016-12-15 17:55:55 -05:00
Jascha Geerds
4af2328e5c
discord: Fix missing desktop entry ( closes #21045 )
2016-12-15 23:52:50 +01:00
Daiderd Jordan
891e391cdb
go: 1.7.3 -> 1.7.4
2016-12-15 17:17:58 -05:00
Graham Christensen
8800ea7617
zabbix22: 2.2.2 -> 2.2.16 for CVE-2016-4338 CVE-2016-9140
2016-12-15 17:17:58 -05:00
Graham Christensen
503c57237f
go_1_6: 1.6.3 -> 1.6.4 for DoS vector
2016-12-15 17:17:58 -05:00
Graham Christensen
5cbb0f7fbf
unzip: patch for CVE-2014-9913 and CVE-2016-9844
2016-12-15 17:17:58 -05:00
Graham Christensen
4fa5237984
libgsf: 1.14.36 -> 1.14.41 for CVE-2016-9888
2016-12-15 17:17:57 -05:00
Graham Christensen
971ae27526
perlPackages.DBDmysql: 4.039 -> 4.041 for CVE-2016-1251
2016-12-15 17:17:57 -05:00
Graham Christensen
ca6463ef90
sqlite: 3.15.0 -> 3.15.2 for null pointer dereference
...
https://sqlite.org/releaselog/3_15_2.html
2016-12-15 17:17:57 -05:00
Graham Christensen
eb7ea181f1
jasper: 1.900.28 -> 2.0.6
2016-12-15 17:17:57 -05:00
John Ericson
19fbe80c3d
top-level: avoid another assert false
while we're at it
2016-12-15 17:09:46 -05:00
John Ericson
7960a1b1b8
linux stdenv: Avoid assert false
...
On one hand, don't want to pass garbage that affects hash, on the other
hand footguns are bad.
Now, factored out the derivation so only need to pass in what is used.
2016-12-15 17:09:29 -05:00
John Ericson
670256dc39
linux stdenv: Rename the bootstrap
directory to bootstrap-files
2016-12-15 17:05:39 -05:00
Jascha Geerds
f92544fe12
falcon: Fix typo in derivation name ( closes #21112 )
2016-12-15 22:47:45 +01:00
John Ericson
a94af71da7
linux stdenv: Fix assert that broke tests...and hydra
2016-12-15 16:45:08 -05:00
romildo
2e7105467b
lxqt: better organize system packages
...
Split packages in three categories, all of them going into the system
package list:
- pre-requisite packages
- core packages
- optional packages
Add a new configuration option 'environment.lxqt.excludePackages' to
specify optional LXQt packages that should be excluded from system
packages.
Add 'gvfs' as a pre-requisite package, needed by 'pcmanfm-qt' to
handle virtual places, like "Computer" and "Network".
2016-12-15 22:45:06 +01:00