nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-02 07:31:26 +00:00
Code Issues Packages Projects Releases Wiki Activity
100,226 Commits 216 Branches 122 Tags 7.7 GiB
0ca7e01bed
Commit Graph

6072 Commits

Author SHA1 Message Date
Daiderd Jordan
76125722f0
darwin.libunwind: fix install phase 2016-12-09 00:08:58 +01:00
Joachim Fasting
af1202434a
ndiswrapper: mark as broken 
Build fails across all our kernels.  There is a new version 1.60, but
it, too, fails to build.  Until somebody comes along to patch around it,
we might as well mark this as broken.
 2016-12-08 23:12:32 +01:00
Joachim Fasting
5fd4ffe00f
grsecurity: 4.8.12-201612031658 -> 201612062306 2016-12-08 12:22:13 +01:00
Dmytro Rets
e8220d3264
Update broadcom URL for broadcom-sta driver. 2016-12-08 11:50:31 +02:00
Anthony Cowley
1712366bac
apple-sdk: Include system cups libraries 
The SDK includes cups header files, but not the libraries. The
`nixpkgs.cups` definition doesn't build on darwin due to the SDK being
too old. This change symlinks the system cups libraries into the old
SDK.
 2016-12-07 23:14:38 +01:00
Tim Steinbach
c9d1d430ec
linux: 4.9-rc7 -> 4.9-rc8 2016-12-05 19:40:11 -05:00
Joachim Fasting
9578299bbe
grsecurity: 4.8.11-201611271225 -> 4.8.12-201612031658 2016-12-06 01:24:32 +01:00
Joachim Fasting
cc396697a6
grsecurity: enable ability to lock in readonly mounts 2016-12-06 01:24:12 +01:00
Joachim Fasting
0e765c72e5
grsecurity: enable module hardening 2016-12-06 01:23:58 +01:00
Joachim Fasting
071fbcda24
grsecurity: enable optional sysfs restrictions 
Fairly severe, but can be disabled at bootup via
grsec_sysfs_restrict=0. For the NixOS module we ensure that it is
disabled, for systemd compatibility.
 2016-12-06 01:23:36 +01:00
Joachim Fasting
8c1f5afdf3
grsecurity: delay toggling of sysctls until system is up 
We generally trust init, so there's little point in having these enabled
during early bootup; it accomplishes little except fill our logs with
spam.
 2016-12-06 01:22:53 +01:00
Tuomas Tynkkynen
f91458ca38 reattach-to-user-namespace: Set platforms 2016-12-05 02:36:54 +02:00
Tuomas Tynkkynen
9ccc14b1bc linux_rpi: Add some feature flags 
Copied from linux_4_4 (except for the EFI stub thing).

Otherwise the firewall module fails to evaluate:
Failed assertions:
- This kernel does not support rpfilter
 2016-12-04 18:18:06 +02:00
Jörg Thalheim
e00632e200 Merge pull request #20858 from Mic92/lxcfs 
lxcfs: init at 2.0.4
 2016-12-04 11:33:07 +01:00
Tim Steinbach
4f8b74b401 Merge pull request #20866 from NeQuissimus/linux_4_8_12 
linux: 4.8.11 -> 4.8.12
 2016-12-02 18:28:46 -05:00
Tim Steinbach
853b6493c8
linux: 4.8.11 -> 4.8.12 2016-12-02 14:29:00 -05:00
Tim Steinbach
654f5df5dc
linux: 4.4.35 -> 4.4.36 2016-12-02 14:28:26 -05:00
Jörg Thalheim
af609b0254
lxcfs: init at 2.0.4 2016-12-02 13:52:03 +01:00
Tim Steinbach
5afc6b506c
linux: 4.1.35 -> 4.1.36 2016-12-01 20:34:02 -05:00
Joachim F
85ecde87c8 Merge pull request #20804 from danbst/fix-shadow 
shadow: fix collision with coreutils (man groups.1.gz)
 2016-12-01 23:08:30 +01:00
danbst
ac51528df8 shadow: fix collision with coreutils (man groups.1.gz) 
The `groups.1.gz` collides with one from coreutils. The code to fix this
was already present in expression, but wrongly assumes that share/man/man1
directory will be copied to `man` output after `installPhase`.

It turned out, that man directory is set at configure step, so we should
remove file from `man` output.
 2016-11-30 01:44:28 +02:00
Tim Steinbach
18a3225dac
linux: 3.12.67 -> 3.12.68 2016-11-29 17:40:17 -05:00
Tuomas Tynkkynen
8a4d6516ee Merge remote-tracking branch 'upstream/staging' into master 2016-11-30 00:34:23 +02:00
Franz Pletz
e43f2fc868
Revert "lxc: 2.0.4 -> 2.0.6" 
This reverts commit 5d804566df.

This was an error on my part. I had the commit sitting on my local master
and pulled upstream to rebase my commit before pushing. I didn't notice
there was a commit bumping lxc and the auto-merge on the rebase.
 2016-11-29 15:42:37 +01:00
Matt McHenry
f0bdca82c0 linuxPackages.ati_drivers_x11: patch for kernel 4.7+ (#19810) 2016-11-28 19:56:50 +01:00
Franz Pletz
5d804566df
lxc: 2.0.4 -> 2.0.6 
Fixes CVE-2016-8649.

See https://lists.linuxcontainers.org/pipermail/lxc-users/2016-November/012597.html.
 2016-11-28 19:04:42 +01:00
Peter Simons
21a5532c57 Merge pull request #20766 from avnik/update/lxc 
lxc: 2.0.4 -> 2.0.6 (security)
 2016-11-28 15:13:10 +01:00
Alexander V. Nikolaev
a8eeef62e6 lxc: 2.0.4 -> 2.0.6 (security) 
https://security-tracker.debian.org/tracker/CVE-2016-8649
 2016-11-28 15:17:06 +02:00
Alexander V. Nikolaev
121da5e938 lxc: fix sandbox builds 
Package attempt to write /etc/bash_completion.d, I directed it to
"${out}/etc/bash_completion.d" as it was suggested.
 2016-11-28 15:17:05 +02:00
Graham Christensen
04edf297cc Merge pull request #20676 from matthewbauer/file_cmds 
file_cmds: init at 264.1.1
 2016-11-28 06:48:18 -05:00
Joachim Fasting
5da1394a58
Revert "gradm: fix using gradm while the RBAC system is active" 
This reverts commit fdbf7dc8b3.

Unfortunately, while gradm now works when the RBAC system is enabled,
gradm still fails when full system learning is enabled, so I probably
need to try again later.
 2016-11-28 11:41:12 +01:00
Joachim Fasting
b90ed0cc80
grsecurity: 4.8.10-201611232213 -> 4.8.11-201611271225 2016-11-28 11:41:10 +01:00
Joachim Fasting
4c7323545b
Revert "grsecurity: work around for #20490" 
This reverts commit e38b74ba89.

I failed to notice f19c961b4e461da045f2e72e73701059e5117be0; better
use that fix instead.
 2016-11-28 11:40:55 +01:00
Matthew Bauer
bd57e32312
file_cmds: init at 264.1.1 2016-11-27 21:58:07 -06:00
Tim Steinbach
eecf76eaa2
linux: 4.9-rc6 -> 4.9-rc7 2016-11-27 19:48:24 -05:00
Tuomas Tynkkynen
86ea3126bc linux_rpi: 1.20160620 -> 1.20161020 2016-11-28 00:24:00 +02:00
Tuomas Tynkkynen
25d6bfa258 raspberrypifw: 1.20160620 -> 1.20161020 2016-11-28 00:23:40 +02:00
Tim Steinbach
b47307bd74
linux: 4.8.10 -> 4.8.11 2016-11-26 16:29:23 -05:00
Tim Steinbach
cc77360bed
linux: 4.4.34 -> 4.4.35 2016-11-26 16:28:58 -05:00
Jörg Thalheim
01172c2ccf Merge pull request #20591 from NeQuissimus/linux_4_9_rc6 
linux: 4.9-rc5 -> 4.9-rc6
 2016-11-26 16:00:16 +01:00
Vladimír Čunát
925b335607
Merge branch 'master' into staging 2016-11-26 11:27:09 +01:00
Frederik Rietdijk
231cd277df nvidia-x11: 367.57 -> 375.20 2016-11-26 09:31:10 +01:00
Joachim Fasting
fdbf7dc8b3
gradm: fix using gradm while the RBAC system is active 
The built-in ACL prevents the gradm binary from loading dynamic
libraries from the Nix store.  Thus, once the RBAC system is activated,
the gradm binary cannot be used.

Fix by patching in rules to allow references to the Nix store where
appropriate.
 2016-11-26 02:59:35 +01:00
Frederik Rietdijk
6a8c708d6d cryptsetup: use python2 2016-11-24 22:28:04 +01:00
Frederik Rietdijk
d8b0096704 dstat: use python2 2016-11-24 22:28:03 +01:00
Joachim Fasting
f9d787c67b
grsecurity: 4.8.10-201611210813 -> 201611232213 2016-11-24 12:08:12 +01:00
Nikolay Amiantov
be95ceaff2 treewide: quote URLs in my packages 2016-11-24 01:17:52 +03:00
Franz Pletz
7974d7493a
linux: compress kernel image with xz 2016-11-23 02:24:13 +01:00
Tim Steinbach
e4a1b76457
linux: 4.8.9 -> 4.8.10 2016-11-21 18:07:17 -05:00
Tim Steinbach
d62069aca4
linux: 4.4.33 -> 4.4.34 2016-11-21 18:06:57 -05:00
Joachim Fasting
96194467e6
grsecurity: 4.8.8-201611150756 -> 4.8.10-201611210813 2016-11-21 23:15:14 +01:00
Tim Steinbach
f6bbc6c477
linux: 4.9-rc5 -> 4.9-rc6 2016-11-20 17:23:32 -05:00
Joachim Fasting
6d428242a9
linuxPackages.spl: now builds against grsecurity kernel 2016-11-20 23:01:34 +01:00
Joachim Fasting
0df3553a38
paxtest: 0.9.14 -> 0.9.15 2016-11-20 23:01:31 +01:00
Joachim Fasting
32c71c06d2
pax-utils: 1.1.6 -> 1.1.7 2016-11-20 23:01:28 +01:00
Pascal Wittmann
f7e0bc2ae7
Make all meta.maintainers attributes lists 2016-11-20 18:06:03 +01:00
Franz Pletz
1fec301ac5
zfs: remove zfs-tests 
Removes runtime dependency on gcc and reduces closure size by more than 110MB.
 2016-11-20 04:49:42 +01:00
Franz Pletz
94731510c4
wireguard: 0.0.20161110 -> 0.0.20161116.1 2016-11-20 04:48:56 +01:00
Shea Levy
12cc39514e ios-cross: Document known prefixes 2016-11-19 10:29:01 -05:00
Tim Steinbach
13491f9f48 Merge pull request #20552 from NeQuissimus/linux_4_8_9 
linux: 4.8.8 -> 4.8.9
 2016-11-19 09:03:00 -05:00
Tim Steinbach
d3b8a77834
linux: 4.4.32 -> 4.4.33 2016-11-19 08:56:31 -05:00
Tim Steinbach
250224bf01
linux: 4.8.8 -> 4.8.9 2016-11-19 08:55:57 -05:00
Vladimír Čunát
b69f568f4c
Merge branch 'staging' 
Hydra rebuild looks fine; only a few Darwin jobs is queued:
http://hydra.nixos.org/eval/1304891?compare=1304807
 2016-11-19 04:35:51 +01:00
Shea Levy
6f1d4149d5 ios-cross: Fix for simulator 2016-11-18 18:14:20 -05:00
Shea Levy
64ec4dd87b Add haskell packages set for cross ghc 2016-11-18 10:44:53 -05:00
Joachim Fasting
e38b74ba89
grsecurity: work around for #20490 
In `scripts/Makefile.modinst`, the code that generates the list of
modules to install passes file names via the command line.  When
installing a grsecurity kernel, this list appears to exceed the
shell's argument list limit, as in

    make[2]: execvp: /nix/store/[...]-bash-4.3-p46/bin/bash: Argument list too long

The build does not fail, however, but the list of modules to be installed ends
up being empty.  Thus, the resulting kernel package output contains no modules,
rendering it useless.

We work around this by patching the makefile to use `find -exec` to
process files.  Why this would occur for grsecurity and not other
kernels is unknown, most likely there's something *else* that is
actually causing this behaviour, so this is a temporary fix until that
cause is found.

Fixes https://github.com/NixOS/nixpkgs/issues/20490
 2016-11-18 16:14:26 +01:00
Vladimír Čunát
8b565d6478
Merge #20081: update alsa lib, plugins and utils 2016-11-17 11:26:00 +01:00
Vladimír Čunát
5af7b82336
Merge branch 'master' into staging 
To incorporate some larger security rebuilds (jasper).
 2016-11-17 11:14:05 +01:00
Franz Pletz
ba73dbbda6
batman-adv: 2016.3 -> 2016.4 2016-11-17 08:14:18 +01:00
Daniel Peebles
f6a7296499 Merge pull request #16540 from matthewbauer/xcbuild 
xcbuild: add wrapper
 2016-11-16 12:11:15 -05:00
Matthew Bauer
fc1f6f55ea
xcbuild: Get rid of developer.nix, move to wrapper 
also:

- add custom outputs "specs" for xcbuild
- get rid of unneeded tools
- update xcbuild
- add more comments
- fixup xcbuild derivations

Affected xcbuild derivations include:

- adv_cmds
- network_cmds
- basic_cmds
 2016-11-15 19:13:23 -06:00
Matthew Bauer
4685bd7853
xcbuild: update meta and comments 2016-11-15 19:13:22 -06:00
Matthew Bauer
25485ece2a
xcbuild: add name to platform.nix 2016-11-15 18:58:13 -06:00
Matthew Bauer
9f46587841
network_cmds: init at 481.20.1 
Fixes #16764
 2016-11-15 18:58:13 -06:00
Matthew Bauer
3b17d9e35e
developer_cmds: init at 62 2016-11-15 18:58:13 -06:00
Matthew Bauer
823772b056
Librpcsvc: init at 26 2016-11-15 18:58:12 -06:00
Matthew Bauer
4a01a37051
basic_cmds: init at 55 2016-11-15 18:58:12 -06:00
Matthew Bauer
a35b330f30
adv_cmds: move from all-packages 
Use the old way with pkgs/os-specific/darwin/apple-source-releases/defuault.nix.
 2016-11-15 18:58:11 -06:00
Matthew Bauer
1ee8685ee7
adv_cmds: add custom install phase 2016-11-15 18:58:10 -06:00
Matthew Bauer
f1897116d0
xcbuild: temporarily fix cflags/ldflags 
This gets everything to build.

adv_cmds: remove NIX_LDFLAGS

- unneeded
 2016-11-15 18:58:09 -06:00
Matthew Bauer
6c1858a93d
adv_cmds: Disable pkill. 
pkill isn't building because of some missing headers:

- xpc/xpc.h
- os/base_private.h
- _simple.h

They are all available somewhere but not set up correctly in the Darwin
stdenv.

TODO: add pkill back in!
 2016-11-15 18:58:09 -06:00
Matthew Bauer
8e301fab50
adv_cmds: add xcode derivation 2016-11-15 18:58:08 -06:00
Tim Steinbach
a4cd6f1378 Merge pull request #20441 from NeQuissimus/linux_4_4_32 
linux: 4.4.31 -> 4.4.32
 2016-11-15 17:49:00 -05:00
Tim Steinbach
819884119c Merge pull request #20439 from NeQuissimus/linux_4_8_8 
linux: 4.8.7 -> 4.8.8
 2016-11-15 17:48:07 -05:00
Joachim Fasting
0d4e1b5edd
grsecurity: 4.8.7-201611142350 -> 4.8.8-201611150756 2016-11-15 22:57:25 +01:00
Shea Levy
7df3d7446f Add initial basic support for cross-compiling to iOS 2016-11-15 16:31:55 -05:00
Tim Steinbach
24c342fde7
linux: 4.4.31 -> 4.4.32 2016-11-15 12:31:27 -05:00
Tim Steinbach
9e851d3b11
linux: 4.8.7 -> 4.8.8 2016-11-15 12:30:55 -05:00
Joachim Fasting
afab1a948e
grsecurity: 4.8.7-201611102210 -> 201611142350 2016-11-15 13:11:47 +01:00
Franz Pletz
c9bd751a16 Merge pull request #20405 from Mic92/wireguard 
wireguard: 2016-10-25 -> 0.0.20161110
 2016-11-15 01:54:17 +01:00
Vladimír Čunát
b5e89fe9bf
Merge branch 'master' into staging 2016-11-15 00:20:19 +01:00
John Wiegley
aa23309a39
Add a patch for cctools to work with Xcode 8 2016-11-14 13:30:28 -08:00
Thomas Tuegel
ad7d59c59f Merge pull request #20369 from asymmetric/bluez 
bluez: 5.40 -> 5.43
 2016-11-14 15:27:41 -06:00
Daiderd Jordan
52d4599b52
Revert "Update hash for xnu 3248.60.10, the tarball changed upstream, it seems." 
This reverts commit 328ad17858.
 2016-11-14 16:21:59 +01:00
Tim Steinbach
f7fd568678 Merge pull request #20413 from NeQuissimus/linux_4_9_rc5 
linux: 4.9-rc4 -> 4.9-rc5
 2016-11-14 10:05:20 -05:00
Tim Steinbach
a87c8ad05f
linux: 4.9-rc4 -> 4.9-rc5 2016-11-14 09:40:27 -05:00
Tim Steinbach
91ae568ec7
broadcom_sta: Fix hash 2016-11-14 09:36:06 -05:00
Jörg Thalheim
c0f9bc9b4e
wireguard: 2016-10-25 -> 0.0.20161110 2016-11-14 09:29:58 +01:00
Rob Vermaas
328ad17858 Update hash for xnu 3248.60.10, the tarball changed upstream, it seems. 
(cherry picked from commit 5ddaca179c)
 2016-11-14 08:16:00 +00:00
Joachim Fasting
cad9212813
grsecurity: 4.7.10-201611011946 -> 4.8.7-201611102210 2016-11-14 00:16:19 +01:00
Vladimír Čunát
1ac5869907
Merge #19936: vulkan / amdgpu-pro update 2016-11-13 20:06:40 +01:00
David McFarland
3d4a280c35 amdgpu-pro: 16.30.3-315407 -> 16.40-348864 2016-11-13 12:44:28 -04:00
David McFarland
e1a25aeb65 amdgpu-pro: fix kernel module for linux-4.8 2016-11-13 12:44:28 -04:00
David McFarland
6bf27c2cae vulkan-loader: allow validation layers to be enabled 
The loader now uses XDK_DATA_DIRS to find drivers and layers.
 2016-11-13 12:44:27 -04:00
Lorenzo Manacorda
b83c0783d3 bluez: 5.40 -> 5.43 2016-11-12 18:12:10 +01:00
Joachim Fasting
081a871771
Revert "Merge pull request #20302 from spacekitteh/patch-10" 
This reverts commit e02173c70c, reversing
changes made to c2b4a0d266.

Breaks all grsec packages; Not having binary substitutes for no good
reason is disruptive to my workflow, so I'll just revert this for now.
 2016-11-12 14:02:20 +01:00
Tim Steinbach
e02173c70c Merge pull request #20302 from spacekitteh/patch-10 
grsecurity_testing: 4.7.10 -> 4.8.7
 2016-11-11 22:03:39 -05:00
Sophie Taylor
fa180d0d63 grsec: 4.8.6 -> 4.8.7 2016-11-12 12:54:47 +10:00
Tim Steinbach
c2b4a0d266 Merge pull request #20327 from NeQuissimus/linux_4_9_rc4 
linux: 4.9-rc3 -> 4.9-rc4
 2016-11-11 18:11:02 -05:00
Tim Steinbach
52cc30cd87 Merge pull request #20326 from NeQuissimus/linux_3_12_67 
linux: 3.12.66 -> 3.12.67
 2016-11-11 18:10:16 -05:00
Tim Steinbach
933dfca167 Merge pull request #20322 from NeQuissimus/linux_4_8_7 
linux: 4.8.6 -> 4.8.7
 2016-11-10 21:12:06 -05:00
Tim Steinbach
ad19b9bde5
linux: 4.9-rc3 -> 4.9-rc4 2016-11-10 21:08:28 -05:00
Tim Steinbach
0a1f39eb91
linux: 4.8.6 -> 4.8.7 2016-11-10 21:07:56 -05:00
Tim Steinbach
579f5fd9dd
linux: 4.4.30 -> 4.4.31 2016-11-10 21:07:24 -05:00
Tim Steinbach
cc62ecc2d9
linux: 3.12.66 -> 3.12.67 2016-11-10 21:06:54 -05:00
Tuomas Tynkkynen
74ecbbe4e3 kernel config: Ensure SECCOMP_FILTER is enabled 
As noted in a97db109a2, SECCOMP_FILTER must be enabled or systemd gets
very unhappy.
 2016-11-11 02:10:20 +02:00
Peter Hoeg
cb93b34999 SMB2 support for CIFS 
[tuomas: removed unneeded kernel version check]
Signed-off-by: Tuomas Tynkkynen <tuomas@tuxera.com>
 2016-11-11 02:10:20 +02:00
Sophie Taylor
6476f11f40 grsecurity patch update to kernel 4.8.6 2016-11-10 12:44:22 +10:00
Daiderd Jordan
16a90832cd
darwin.Libsystem: export _mach_init_routine 2016-11-09 20:01:54 +01:00
Tim Digel
4a7cf195a4 molly-guard: init at 0.6.3 2016-11-09 14:39:44 +01:00
Tobias Geerinckx-Rice
ea301adfd1
pagemon: 0.01.08 -> 0.01.10 2016-11-09 02:24:50 +01:00
Tobias Geerinckx-Rice
11dacb7e2c
mcelog: 142 -> 144 2016-11-09 02:24:45 +01:00
Kjetil Ørbekk
0d5caf138a tpacpi-bat: init at 3.0 (#20213) 2016-11-08 02:46:34 +01:00
Guillaume Maudoux
eb9d126d2c linux_mptcp: 0.91 -> 0.91.2 2016-11-07 14:15:33 +01:00
Joachim Fasting
ae5d404509
lttng-modules: 2.8.0 -> 2.8.3 
Fixes build against linux >=4.8

Full changelog at
https://git.lttng.org/?p=lttng-tools.git;a=blob_plain;f=ChangeLog;hb=13dc409a5ea439b96b805c3c71886a3fcfad18e8

Tested with nix-build -A linuxPackages.lttng-modules -A linuxPackages_latest.lttng-modules
 2016-11-06 13:57:34 +01:00
Lorenzo Manacorda
98fb9ded4e light: 0.9 -> 1.0 (#20193) 
Update to version 1.0
 2016-11-06 03:47:22 +01:00
Tobias Geerinckx-Rice
cd2d81ab52
mcelog: 138 -> 142 2016-11-05 18:44:10 +01:00
Tim Steinbach
cc7c28332b
Remove ttysnoop 
No longer exists
 2016-11-04 11:18:52 -04:00
Tim Steinbach
20c2980640
Remove cryopid 
No longer builds / exists
 2016-11-03 21:43:17 -04:00
Yochai Meir
e70560ff98 rtl8812au: compiles on linux 4.8 2016-11-03 19:53:37 +02:00
Bjørn Forsman
a6283c1126 devmem2: init at 2004-08-05 
A simple program to read/write from/to any location in memory.

Unfortunately the homepage doesn't have a versioned source code download
URL. On the other hand, the program is pretty stable, with no change for
the last 12 years...
 2016-11-03 15:44:56 +01:00
Joachim Fasting
d9b5cd41c5
grsecurity: 4.7.10-201610262029 -> 201611011946 2016-11-03 13:55:23 +01:00
Bart Brouns
af0f12299b alsa-utils: 1.1.0 -> 1.1.2 2016-11-02 13:07:28 +01:00
Bart Brouns
01fe648552 alsa-plugins: 1.1.0 -> 1.1.1 2016-11-02 13:07:21 +01:00
Bart Brouns
2e1871fdd9 alsa-lib: 1.1.1 -> 1.1.2 2016-11-02 13:07:15 +01:00
Tim Steinbach
874abe694a
linux: 4.8.5 -> 4.8.6 2016-11-01 08:58:53 -04:00
Shea Levy
2dbaf3a336 lksctp-tools: init at 1.0.17 2016-11-01 07:28:41 -04:00
Eelco Dolstra
ef1a188e07 linux: 4.4.28 -> 4.4.30 2016-11-01 11:31:00 +01:00
Franz Pletz
cbd4c9f78b
iputils: install manpage for traceroute6 2016-10-31 14:33:59 +01:00
Moritz Ulrich
7e4c7d6af0 wpa_supplicant_gui: Add forgotten patch. 2016-10-30 22:29:44 +01:00
Moritz Ulrich
19bdc31ed6 wpa_supplicant_gui: Replace inkscape with imagemagick in build process. 2016-10-30 22:28:08 +01:00
Vladimír Čunát
3be635b9b5
Merge linux kernel maintenance updates 
PRs: #19995 #19996 #19997
 2016-10-30 17:29:43 +01:00
Jörg Thalheim
c1b0ec5266
android-udev-rules: 20160805 -> 20161014 2016-10-30 17:05:11 +01:00
Tim Steinbach
f154459cf4
linux: 4.9-rc2 -> 4.9-rc3 2016-10-30 10:30:07 -04:00
Tim Steinbach
1af5b2a80c
linux: 4.4.27 -> 4.4.28 2016-10-30 10:29:37 -04:00
Tim Steinbach
8073430d95
linux: 4.8.4 -> 4.8.5 2016-10-30 10:28:55 -04:00
Tim Steinbach
4a70445fff Merge pull request #19903 from carlsverre/update/sysdig 
sysdig: 0.10.0 -> 0.12.0
 2016-10-27 14:10:39 -04:00
Tim Steinbach
81b0db3915 Merge pull request #19910 from NeQuissimus/busybox_1_25_1 
busybox: 1.24.2 -> 1.25.1
 2016-10-27 12:47:46 -04:00
Tim Steinbach
a5c1985fef
busybox: 1.24.2 -> 1.25.1 2016-10-27 09:31:21 -04:00
Joachim Fasting
dfdaea1240
grsecurity: 4.7.10-201610222037 -> 201610262029 2016-10-27 15:03:27 +02:00
Graham Christensen
2f3b62375f Merge pull request #19891 from NeQuissimus/kernel_4_9_rc2 
kernel: 4.9-rc1 -> 4.9-rc2
 2016-10-27 08:36:23 -04:00
Graham Christensen
ad2deee7d1 Merge pull request #19894 from NeQuissimus/kernel_3_18_44 
kernel: 3.18.42 -> 3.18.44
 2016-10-27 08:36:17 -04:00
Graham Christensen
c654ec0f25 Merge pull request #19893 from NeQuissimus/kernel_3_12_66 
kernel: 3.12.63 -> 3.12.66
 2016-10-27 08:36:10 -04:00
Graham Christensen
00e2bc22db Merge pull request #19890 from NeQuissimus/kernel_3_10_104 
kernel: 3.10.103 -> 3.10.104
 2016-10-27 08:35:54 -04:00
Tim Steinbach
b86310fccf wpa_supplicant: 2.5 -> 2.6 (#19913) 2016-10-27 13:57:56 +02:00
Tim Steinbach
b02646f93b
kernel: 3.18.42 -> 3.18.44 2016-10-26 19:23:43 -04:00
Tim Steinbach
e5e84ecbbd
kernel: 3.12.63 -> 3.12.66 2016-10-26 19:17:46 -04:00
Tim Steinbach
e4773819f4
kernel: 3.10.103 -> 3.10.104 2016-10-26 19:13:21 -04:00
Vladimír Čunát
6404a30afb
Merge #19892: kernel: 4.1.33 -> 4.1.35 2016-10-26 22:11:30 +02:00
Carl Sverre
96a3e00929 sysdig: 0.10.0 -> 0.12.0 2016-10-26 11:19:41 -07:00
Franz Pletz
6e17ee638c
wireguard: 2016-10-01 -> 2016-10-25 2016-10-26 16:49:52 +02:00
Tim Steinbach
e9a5cf3f6f
kernel: 4.9-rc1 -> 4.9-rc2 2016-10-26 09:11:00 -04:00
Tim Steinbach
89cd922a6a
kernel: 4.1.33 -> 4.1.35 2016-10-26 09:04:37 -04:00
Frederik Rietdijk
7077a270bf Merge remote-tracking branch 'upstream/master' into HEAD 2016-10-26 13:06:43 +02:00
Tim Steinbach
b3f7d626c1
kernel: remove 4.7 2016-10-24 21:30:00 -04:00
Joachim Fasting
5440c1a64c
grsecurity: 4.7.9-201610200819 -> 4.7.10-201610222037 
Notably, this pulls in the dirtycow fix from upstream (but I've been
unable to execute the POC exploits on grsec kernels without that fix
...)
 2016-10-23 17:14:40 +02:00
Tim Steinbach
a3989b87df Merge pull request #19772 from NeQuissimus/linux_4_8_4 
linux: 4.8.3 -> 4.8.4
 2016-10-22 12:14:59 -04:00
Tim Steinbach
72d91f95cb Merge pull request #19771 from NeQuissimus/linux_4_7_10 
linux: 4.7.9 -> 4.7.10
 2016-10-22 12:14:26 -04:00
Tim Steinbach
8d0ca31849
linux: 4.8.3 -> 4.8.4 2016-10-22 12:11:37 -04:00
Tim Steinbach
adbe0e0a13
linux: 4.7.9 -> 4.7.10 2016-10-22 12:11:09 -04:00
Tim Steinbach
4489454b83
linux: 4.4.26 -> 4.4.27 2016-10-22 12:10:34 -04:00
Frederik Rietdijk
e56832d730 Merge remote-tracking branch 'upstream/master' into HEAD 2016-10-22 17:23:24 +02:00
Joachim Fasting
ed5d146e9d
grsecurity: 4.7.7-201610101902 -> 4.7.9-201610200819 2016-10-21 01:50:53 +02:00
Vladimír Čunát
4d5b893002 Merge #19081: gnome-3.22 
Also master commits are brought in.
 2016-10-20 23:04:10 +02:00
Vladimír Čunát
fabfb0a900 Merge #19725: kernel: 4.7.8 -> 4.7.9 2016-10-20 19:45:25 +02:00
Tim Steinbach
963804ba8e
kernel: 4.7.8 -> 4.7.9 2016-10-20 13:08:53 -04:00
Tim Steinbach
0c3e5217fc
kernel: 4.8.2 -> 4.8.3 2016-10-20 13:06:03 -04:00
Eelco Dolstra
76a57d83b5 linux: 4.4.25 -> 4.4.26 2016-10-20 13:37:19 +02:00
Tim Steinbach
dac481d999 Merge pull request #19648 from NeQuissimus/linux_4_7_8 
linux_4_7: 4.7.7 -> 4.7.8
 2016-10-19 14:48:47 -04:00
Tim Steinbach
84e4dcb34b Merge pull request #19649 from NeQuissimus/linux_4_8_2 
linux_4_8: 4.8.1 -> 4.8.2
 2016-10-19 14:38:11 -04:00
Tim Steinbach
70c8de0536 Merge pull request #19652 from NeQuissimus/linux_4_9_rc1 
linux_testing: 4.8-rc6 -> 4.9-rc1
 2016-10-19 14:35:21 -04:00
Eelco Dolstra
13f43c7ebc linux: 4.4.24 -> 4.4.25 2016-10-19 17:11:53 +02:00
Tuomas Tynkkynen
59f12d9394 kernel config: Add some filesystem options 
Enable encryption support for both F2FS and ext4. For ext4 this is a bit
tricky, since pre-4.8 the way to enable it as a module was just
"EXT4_ENCRYPTION=m" but after that it changed to "FS_ENCRYPTION=m &&
EXT4_ENCRYPTION=y".

Also make sure UDF is enabled.
 2016-10-19 16:44:08 +03:00
Frederik Rietdijk
58c41ecd35 crda: use python2 2016-10-18 23:16:08 +02:00
Frederik Rietdijk
e9f8ee3ab4 iotop: use python2 2016-10-18 23:14:35 +02:00
Tuomas Tynkkynen
ba42683e9a libselinux: Fix ARM build failure 
Avoid this warning (which is in turn an error via -Werror):
````
avc_internal.c: In function 'avc_netlink_receive':
avc_internal.c:105:25: error: cast increases required alignment of target type [-Werror=cast-align]
 struct nlmsghdr *nlh = (struct nlmsghdr *)buf;
                        ^
````

The code allocates abuffer with "__attribute__ ((aligned))",
then passes it via a 'char*' parameter, which is then finally cast,
causing the warning. So the code is ok but compiler is not smart
enough to see it.

It seems that -Wcast-align is a no-op on x86, so this shows up on ARM
only.
 2016-10-18 23:54:29 +03:00
Tim Steinbach
51c9c2f851
linux_testing: 4.8-rc6 -> 4.9-rc1 2016-10-18 11:19:46 -04:00
Tim Steinbach
0acfbaa5b2
linux_4_8: 4.8.1 -> 4.8.2 2016-10-18 10:13:02 -04:00
Tim Steinbach
55adff59f1
linux_4_7: 4.7.7 -> 4.7.8 2016-10-18 10:12:26 -04:00
Graham Christensen
3bd1e62a6d Merge pull request #19578 from grahamc/facetimehd 
facetimehd: 2016-05-02 -> 2016-10-09
 2016-10-17 17:11:18 -04:00
Dan Peebles
4f8a1094bd cctools: add patch I forgot 2016-10-17 08:51:48 -04:00
Dan Peebles
ead2424981 cctools: fix triple for the assembler 
This was breaking `boost155` and would probably break anything else that
calls `as` with no explicit architecture.
 2016-10-16 20:46:36 -04:00
Dan Peebles
b91d64463f Libsystem: update to 10.11.6 version 
This actually has no effect but it bugged me to keep seeing an old version
in the package names :) and since we're making a bunch of stdenv changes
at once, I might as well.
 2016-10-16 20:44:14 -04:00
Jörg Thalheim
756a6949f8 Merge pull request #19603 from aneeshusa/adopt-google-authenticator 
[WIP] Adopt google authenticator
 2016-10-16 22:06:40 +02:00
Nikolay Amiantov
40547dd4c4 cachefilesd: init at 0.10.9 2016-10-16 19:58:29 +03:00
Aneesh Agrawal
31b4fcd0b7 google-authenticator: adopt package 2016-10-16 12:42:51 -04:00
Graham Christensen
634a098940
linuxPackages.nvidia_x11: Remove us prefix from mirror 
At the time of the last upgrade, the new driver wasn't available on
anything but their US mirror. Pinning to the US mirror isn't
recommended or preferable, but I did it anyway to be able to get the
upgrade out.
 2016-10-16 11:08:17 -04:00
Graham Christensen
37bc2c0bbf
broadcom-sta: Support linux-4.8 2016-10-15 08:06:30 -04:00
Graham Christensen
2525a3d682
facetimehd: 2016-05-02 -> 2016-10-09 2016-10-15 07:42:08 -04:00
Tim Steinbach
b43c0dab8e
conky: 1.10.3 -> 1.10.5 2016-10-14 23:16:45 -04:00
Vladimír Čunát
061758490f Merge branch 'master' into staging 
... to get the openssl mass rebuild: 942dbf89c.
 2016-10-14 13:16:11 +02:00
Daniel Peebles
9615afa04b Merge pull request #19517 from dipinhora/darwin-yosemite-support 
Re-enable support for OS X 10.10 for darwin.
 2016-10-13 22:46:33 -04:00
Vladimír Čunát
6eeea6effd Python: more evaluation fixups. 2016-10-14 00:03:12 +02:00
Franz Pletz
f30f7d0cff
powertop: add homepage, cleanup 2016-10-14 00:02:30 +02:00
dipinhora
6152c1ea7f Re-enable support for OS X 10.10 for darwin. 2016-10-13 11:09:37 -04:00
Graham Christensen
88a47f1950 Merge pull request #19467 from grahamc/nvidia-x11-master 
nvidia-x11: 367.35 -> 367.57
 2016-10-12 19:07:29 -04:00
Daniel Peebles
77d1fb94f1 Merge pull request #19470 from copumpkin/fix-sierra 
Fix Darwin stdenv to work on Sierra
 2016-10-12 19:04:03 -04:00
Dan Peebles
d8a0307a5d [darwin.stdenv] Fix to work on Sierra 
This reinstates the libSystem selective symbol export machinery we used
to have, but locks it to the symbols that were present in 10.11 and skips
the actual compiled code we put into that library in favor of the system
initialization code. That should make it more stable and less likely to
do weird stuff than the last time we did this.
 2016-10-12 00:08:13 -04:00
Graham Christensen
b98c0a668e
nvidia-x11: 367.35 -> 367.57 2016-10-11 19:43:58 -04:00
Vladimír Čunát
9d1dfc9ed0 Merge #18861: add AMDGPU-PRO driver 2016-10-11 19:57:30 +02:00
David McFarland
3b4ce62451 amdgpu-pro: Init at 16.30.3-315407 2016-10-11 14:19:38 -03:00
Joachim Fasting
ce73a3ea0f grsecurity: 4.7.6-201609301918 -> 4.7.7-201610101902 2016-10-11 13:15:16 +02:00
Eelco Dolstra
88f10ad409 aggregateModules: Preserve kernel's modules.{builtin,order} 
Fixes #19426.
 2016-10-11 11:42:41 +02:00
sternenseemann
3fb2993cb3 maintainers: rename lukasepple according to github account name 2016-10-09 22:04:22 +02:00
Aneesh Agrawal
f0602d2d36 kernel: Make SECURITY_YAMA optional 
It's highly recommended, but not required to run NixOS.
 2016-10-08 17:46:33 +02:00
Aneesh Agrawal
a000ed181c linux config: enable the Yama LSM (#14392) 
The Yama Linux Security Module restricts the use of ptrace so that
processes cannot ptrace processes that are not their children. This
prevents attackers from compromising one user-level processes and
snooping on the memory and runtime state of other processes owned
by the same user.
 2016-10-08 16:40:12 +02:00
Tim Steinbach
a699eb4798 linux: 4.4.23 -> 4.4.24 (#19346) 2016-10-08 07:02:07 +02:00
Tim Steinbach
9481edec56 linux: 4.7.6 -> 4.7.7 (#19345) 2016-10-08 07:01:51 +02:00
Tim Steinbach
07e67b33af linux: 4.8.0 -> 4.8.1 (#19344) 2016-10-08 07:01:27 +02:00
Marco Maggesi
435673b948 Revert "Revert "linux*: remove 3.14, as it's no longer maintained"" 
In the end, it is too dangerous to have an unmaintained kernel in
nixpkgs.  Revert the revert.

This reverts commit e921725176.
 2016-10-07 23:26:32 +02:00
Marco Maggesi
e921725176 Revert "linux*: remove 3.14, as it's no longer maintained" 
This is the simplest way to reenable the use of BLCR
(which at present requires linux version >3.12 <3.18)
until we find a better solution.

This reverts commit 6a9e765e27.
 2016-10-07 14:31:24 +02:00
Jude Taylor
3dee596ed1 reinstate libiconv/libcharset wrapper 2016-10-06 11:56:32 -07:00
Thomas Tuegel
2e255a2edd
Merge branch 'staging' 2016-10-06 09:51:02 -05:00
Eelco Dolstra
a8b61b0aad Merge pull request #19278 from anderspapitto/local 
perf: add dependency on libaudit
 2016-10-06 11:45:54 +02:00
Anders Papitto
aa44330963 perf: add dependency on libaudit 
the `trace` subcommand of perf is only enabled when libaudit is
available at compile time
 2016-10-05 17:59:44 -07:00
Jörg Thalheim
638d4b4d71 Merge pull request #19265 from Mic92/rtkit 
rtkit: apply security relevant patch
 2016-10-06 00:07:35 +02:00
Eelco Dolstra
f084274eeb Merge pull request #19251 from groxxda/patch-2 
kernel: Disable RT_GROUP_SCHED
 2016-10-05 20:05:18 +02:00
Vladimír Čunát
30f551d8b2 Merge branch 'master' into staging 2016-10-05 19:02:48 +02:00
Jörg Thalheim
c684eb756a
rtkit: *security* Pass uid of caller to polkit 
Otherwise, we force polkit to look up the uid itself in /proc, which is racy if
they execve() a setuid binary.
 2016-10-05 18:11:02 +02:00
Alexander Ried
96fbdf8594 kernel: Disable RT_GROUP_SCHED 
Follow systemd recommendation
fd74fa791f/README (L96-L103)
 2016-10-05 12:52:45 +02:00
Alexander Ried
4e91e8cb3d rtkit: add patch from debian to remove ControlGroup stanza 
fixes log clutter:
systemd[1]: [/nix/store/....-rtkit-0.11/etc/systemd/system/rtkit-daemon.service:32] Unknown lvalue 'ControlGroup' in section 'Service'
 2016-10-05 11:23:11 +02:00
Thomas Tuegel
d067b7bd35
Merge branch 'kde-5' into staging 2016-10-04 21:50:17 -05:00
Shea Levy
e54313d183 Revert "Revert "Linux 4.8"" 
Now featuring @aszlig's modinst_arg_list_too_long patch.

This reverts commit 43bedb970d.

Fixes #19213
 2016-10-04 10:10:36 -04:00
Shea Levy
43bedb970d Revert "Linux 4.8" 
This reverts commit e4958d54b1.
 2016-10-03 22:04:43 -04:00
Vladimír Čunát
1525568c74 util-linux: fixup patch hash from grandparent merge 
And name the file, too.
 2016-10-03 23:06:51 +02:00
Jörg Thalheim
45f64a37c9 Merge pull request #19175 from Mic92/util-linux 
util-linux: workaround CVE-2016-2779
 2016-10-03 22:53:21 +02:00
Jörg Thalheim
888f6a1280 Merge pull request #19199 from wizeman/u/fix-help2man-hash 
help2man: fix hash
 2016-10-03 19:26:44 +02:00
Franz Pletz
beca8946ee
jool: 3.4.5 -> 3.5.0 2016-10-03 18:25:28 +02:00
Shea Levy
e4958d54b1 Linux 4.8 2016-10-03 08:45:45 -04:00
Eric Sagnes
58d44a376e wireguard: 2016-08-08 -> 2016-10-01 2016-10-03 17:06:11 +09:00
Jörg Thalheim
ba00ba65eb
util-linux: workaround CVE-2016-2779 
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2779
 2016-10-03 08:49:56 +02:00
Joachim Fasting
9a9237e0aa
grsecurity: revamp nixos kernel config 
Cleanup:
- Restructure & add some commentary
- Remove redundant option specs given the auto config
  constraints (some are left in for documentation purposes)

Changes:
- GRKERNSEC_CONFIG_VIRT_HOST -> GUEST
  The former deselects paravirtualization and friends
- PAX_LATENT_ENTROPY n -> y (implied by auto)
- GRKERNSEC_ACL_HIDEKERN y -> n
  Possibly useless with redistribution
 2016-10-02 19:25:58 +02:00
Joachim Fasting
1bb7b44cd7
grsecurity: make GRKERNSEC y and PAX y implicit 
These options should always be specified. Note, an implication of this
change is that not specifying any grsec/PaX options results in a build
failure.
 2016-10-02 19:25:58 +02:00
Tuomas Tynkkynen
19225bf5cc Merge remote-tracking branch 'upstream/master' into staging 2016-10-02 10:36:47 +03:00
Tuomas Tynkkynen
f5dd3a703d treewide: Fix more lib.optional misuses 2016-10-02 00:44:10 +03:00
Aneesh Agrawal
fcee1d0b28
Remove redundant -DCMAKE_BUILD_TYPE=Release flags 
Since commit 183d05a0 in 2012, this is the default.

fixes #18000
 2016-10-01 16:13:41 +02:00
Joachim Fasting
2ec9a1a955
grsecurity: 4.7.5-201609261522 -> 4.7.6-201609301918 2016-10-01 08:47:30 +02:00
Joachim Fasting
22108b7a10
linux_4_7: 4.7.5 -> 4.7.6 2016-10-01 08:46:31 +02:00
Eelco Dolstra
613a12a8bd linux: 4.4.22 -> 4.4.23 2016-09-30 14:41:19 +02:00
Eelco Dolstra
8b09ba32d3 systemd: Apply various upstream bug fixes 
This includes the fix for the assertion failure in
https://github.com/systemd/systemd/issues/4234.
 2016-09-30 11:23:51 +02:00