Commit Graph

2197 Commits

Author SHA1 Message Date
gfrascadorio
a54bc9b671
docker: fix systemd unit files (#120019)
* docker: fix systemd unit files

Add missing docker.socket file and patch ExecStart in docker.service
so these units are useful on non-nixos systems using systemd.
(issue #70407)

* moved systemd units under: optionalString (stdenv.isLinux)
2021-04-26 02:43:09 +02:00
Robert Scott
5b0b678a31 qemu: patches: use correct CVE numbers for CVE-2021-20221 & CVE-2021-20181 2021-04-25 19:09:36 +01:00
Robert Scott
3f2857f782 qemu: add patches for many CVEs
CVE-2020-27821
CVE-2020-20221
CVE-2020-20181
CVE-2020-35517
CVE-2021-20263
CVE-2021-3416
CVE-2021-3409
CVE-2021-3392
2021-04-25 01:09:01 +01:00
Thiago Franco de Moraes
387665f616
Ignite: init at 0.9.0 2021-04-24 12:33:54 -03:00
R. RyanTM
29d94a7abe charliecloud: 0.22 -> 0.23 2021-04-22 07:23:39 +00:00
zowoq
bde376538e podman: 3.1.1 -> 3.1.2
https://github.com/containers/podman/releases/tag/v3.1.2
2021-04-22 06:46:01 +10:00
Sascha Grunert
84471cd0aa crun: 0.19 -> 0.19.1
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
2021-04-21 06:04:53 +10:00
Sandro
1f91e319e2
Merge pull request #119734 from LeSuisse/spice-vdagent-0.21.0
spice-vdagent: 0.20.0 -> 0.21.0
2021-04-19 10:22:19 +02:00
Daniel Fullmer
26fb5f75ad looking-glass-client: B2 -> B3 2021-04-17 20:21:17 -07:00
Thomas Gerbet
a9964ef276 spice-vdagent: 0.20.0 -> 0.21.0
Fixes CVE-2020-25650, CVE-2020-25651, CVE-2020-25652 and
CVE-2020-25653.

Changelog:
https://gitlab.freedesktop.org/spice/linux/vd_agent/-/blob/spice-vdagent-0.21.0/CHANGELOG.md
2021-04-17 19:54:21 +02:00
Mario Rodas
67c4ab77be podman: 3.1.0 -> 3.1.1
https://github.com/containers/podman/releases/tag/v3.1.1
2021-04-17 16:02:58 +10:00
Mario Rodas
5f84ac20bc docker-slim: 1.34.0 -> 1.35.0
https://github.com/docker-slim/docker-slim/releases/tag/1.35.0
2021-04-15 04:20:00 +00:00
Austin Seipp
99c55b865d
firecracker: 0.23.0 -> 0.24.2
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2021-04-15 12:50:29 -05:00
Sascha Grunert
b3d70196ea cri-o: 1.20.1 -> 1.21.0
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
2021-04-14 18:24:07 +10:00
Ryan Mulligan
594ae4c2a0
Merge pull request #119163 from r-ryantm/auto-update/singularity
singularity: 3.7.2 -> 3.7.3
2021-04-12 19:56:30 -07:00
sternenseemann
b126d5436a docker: move makeWrapper to nativeBuildInputs
This fixes evaluation of docker when cross compiling. Reproducer:

```
nix-repl> (import ./. { crossOverlays = [ (_: _: {}) ]; }).docker
```

Fails on master, resolved with this PR.
2021-04-12 19:06:02 +02:00
R. RyanTM
782638c04a singularity: 3.7.2 -> 3.7.3 2021-04-11 15:54:29 +00:00
Richard Marko
c520a26b7e cntr: add passthru.tests 2021-04-07 20:27:18 +02:00
Martin Weinelt
e6a9df050a
umoci: 0.4.6 -> 0.4.7
Fixes: CVE-2021-29136
2021-04-07 00:15:04 +02:00
zowoq
286a6ca9ab crun: 0.18 -> 0.19
https://github.com/containers/crun/releases/tag/0.19
2021-04-06 18:15:09 +10:00
Sandro
7c932296e0
Merge pull request #116335 from SuperSandro2000/move-aliases.nix 2021-04-05 04:07:15 +02:00
Alyssa Ross
5fa10aa313 cloud-hypervisor: 0.8.0 -> 0.14.1 2021-04-04 22:08:50 +00:00
Sandro Jäckel
9378fdf87e
iproute: deprecate alias 2021-04-04 01:43:46 +02:00
Jonathan Rudenberg
6dce2c059f libnvidia-container: 1.3.1 -> 1.3.3 2021-04-02 13:00:46 -04:00
Pascal Bach
700511ed3c
Merge pull request #117372 from r-ryantm/auto-update/docker-compose
docker-compose: 1.28.5 -> 1.28.6
2021-03-31 22:31:18 +02:00
zowoq
5490b3b224 runc: add phase hooks 2021-03-31 21:06:23 +10:00
zowoq
974ee55b16 podman: add phase hooks 2021-03-31 21:06:23 +10:00
zowoq
e579194d15 cri-o: add phase hooks 2021-03-31 21:06:23 +10:00
zowoq
d4c3f5f929 conmon: add phase hooks 2021-03-31 21:06:23 +10:00
zowoq
083c46aabe podman: 3.0.1 -> 3.1.0
https://github.com/containers/podman/releases/tag/v3.1.0
2021-03-31 16:44:38 +10:00
Alyssa Ross
8e71416e5d qemu: set localstatedir
Otherwise qemu-qa, qemu-pr-helper, and virtiofsd, try to write to
$out/var at runtime.

Fixes: https://github.com/NixOS/nixpkgs/issues/113909
Fixes: https://github.com/NixOS/nixpkgs/pull/112886
2021-03-29 17:19:06 +00:00
Frederik Rietdijk
43675726a7 seabios: use python3 2021-03-25 10:16:52 +01:00
R. RyanTM
276739da7a docker-compose: 1.28.5 -> 1.28.6 2021-03-23 16:01:26 +00:00
zowoq
5a251359a8 catatonit: add passthru.tests and teams.podman 2021-03-22 15:35:05 +10:00
Andrey Golovizin
be38dc44f3 catatonit: init at 0.1.5
Signed-off-by: Andrey Golovizin <ag@sologoc.com>
2021-03-21 20:57:27 +01:00
Sandro Jäckel
0246a1d337
docker-compose: don't require backports_ssl_match_hostname on >= 3.8 2021-03-17 22:55:12 +01:00
Ryan Mulligan
3b4d6238c9
Merge pull request #116197 from r-ryantm/auto-update/singularity
singularity: 3.7.1 -> 3.7.2
2021-03-14 15:13:26 -07:00
Lancelot SIX
44c21068ae spike: fix build 2021-03-14 00:58:50 -05:00
R. RyanTM
5f41ef7d78 singularity: 3.7.1 -> 3.7.2 2021-03-13 13:50:35 +00:00
R. RyanTM
a624b04b3f docker-compose: 1.28.3 -> 1.28.5 2021-03-10 09:33:46 +00:00
zowoq
2c0bc880a3 conmon: 2.0.26 -> 2.0.27
https://github.com/containers/conmon/releases/tag/v2.0.27
2021-03-09 07:43:54 +10:00
Lassulus
bf7df30785
Merge pull request #112482 from r-ryantm/auto-update/charliecloud
charliecloud: 0.21 -> 0.22
2021-03-07 18:26:40 +01:00
Jörg Thalheim
c3b9c62eba
Merge pull request #112881 from alyssais/qemu-stack
qemu: re-enable stack protection
2021-03-07 11:40:24 +00:00
zowoq
f2ed6d87a4 containerd: 1.4.3 -> 1.4.4
https://github.com/containerd/containerd/releases/tag/v1.4.4
2021-03-07 06:33:26 +10:00
Jörg Thalheim
4a87776b9a
Merge pull request #115080 from r-ryantm/auto-update/cntr
cntr: 1.5.0 -> 1.5.1
2021-03-05 07:49:07 +00:00
Ozan Sener
78f322f2d0 dockerTools: fix build on Darwin
Fixes #110665

Introduced by #109420
2021-03-04 16:17:48 +01:00
R. RyanTM
fb570e3c66 cntr: 1.5.0 -> 1.5.1 2021-03-04 13:49:05 +00:00
Sandro Jäckel
0f78e1772f
aqemu: mark broken 2021-03-03 16:23:55 +01:00
Sandro Jäckel
238ce01f85
qtemu: remove unused input 2021-03-03 16:23:54 +01:00
Sandro Jäckel
993fb95e78
qemu: remove not require enableParallelBuild 2021-03-03 16:23:53 +01:00
zowoq
71a28ca2c1 crun: 0.17 -> 0.18
https://github.com/containers/crun/releases/tag/0.18
2021-03-03 18:08:13 +10:00
R. RyanTM
45ec1b13c5 cntr: 1.4.1 -> 1.5.0 2021-03-02 20:20:38 +00:00
Sandro
c1d529dbb1
Merge pull request #114768 from SuperSandro2000/fix-collection19 2021-03-02 16:59:03 +01:00
Sandro
8958b4fdae
Merge pull request #114735 from andresilva/virtualbox-linux-511
virtualbox: fix build on linux 5.11
2021-03-02 13:50:58 +01:00
Sandro Jäckel
4ad340f37c
Revert "qemu: guard desktop file removal"
This reverts commit e74ae54da5.

rm -f ignores if the file exists or not.
2021-03-01 18:32:39 +01:00
jD91mZM2
3a6ba9ea5b
remove me as maintainer
I don't use these tools anymore, so it makes sense I shouldn't have an
opinion on PRs that change/update them. I know it's always unfortunate
losing a reviewer, but I'm not very active anymore anyway,
unfortunately. Apologies.

From now on, I'm trying not to add too many packages into nixpkgs, since
flakes are available. I guess when I first started using Nix I got
overexcited by how easy it was to contribute, so I added things for the
sake of adding things (not because I necessarily used them).
2021-03-01 12:32:20 +01:00
André Silva
4499318712
virtualbox: fix build on linux 5.11 2021-03-01 10:12:27 +00:00
Sandro Jäckel
1497f9151d
singularity: remove unused inputs 2021-03-01 10:46:57 +01:00
Frederik Rietdijk
c456a2512f Merge master into staging-next 2021-02-26 10:25:13 +01:00
Mario Rodas
bbfe875327
Merge pull request #114413 from r-ryantm/auto-update/cri-o
cri-o-unwrapped: 1.20.0 -> 1.20.1
2021-02-25 23:57:43 -05:00
R. RyanTM
da17b1acdf cri-o-unwrapped: 1.20.0 -> 1.20.1 2021-02-25 21:47:20 +00:00
Mario Rodas
d53a7eb7ac
Merge pull request #113526 from r-ryantm/auto-update/docker-compose
docker-compose: 1.28.2 -> 1.28.3
2021-02-23 20:30:46 -05:00
github-actions[bot]
abe7db36a4
Merge staging-next into staging 2021-02-20 00:36:40 +00:00
zowoq
0bff5a7843 containerd: move completion to installPhase
docker uses containerd 1.4 since b451286b1f
2021-02-20 08:07:44 +10:00
Ben Siraphob
e03c068af5 treewide: makeWrapper buildInputs to nativeBuildInputs 2021-02-19 20:09:16 +07:00
zowoq
92f9b27c12 podman: 3.0.0 -> 3.0.1
https://github.com/containers/podman/releases/tag/v3.0.1
2021-02-19 10:51:30 +10:00
R. RyanTM
0a7c4f6a32 docker-compose: 1.28.2 -> 1.28.3 2021-02-17 22:57:11 +00:00
Sandro Jäckel
b02c411492
virtualbox:
virtualbox: remove unused input
2021-02-17 23:12:25 +01:00
Bernardo Meurer
052f58b7fa
Merge pull request #113243 from baloo/baloo/ovmf/http-boot
OVMF: add support for http boot
2021-02-16 19:34:57 +00:00
Jörg Thalheim
3f2321e5c1
Merge pull request #112440 from bobrik/ivan/qemu-aarch64-darwin-prep 2021-02-16 06:49:16 +00:00
Arthur Gautier
a964b3cb6f OVMF: add support for http boot
Signed-off-by: Arthur Gautier <baloo@superbaloo.net>
2021-02-16 00:46:00 +00:00
Florian Klink
c70a8c8d92
Merge pull request #113189 from nix-things-mobile/fix/qemu-repair
qemu: guard desktop file removal
2021-02-15 21:54:29 +01:00
daniel
e74ae54da5 qemu: guard desktop file removal
The qemu.desktop file should only be attempted to be removed if available.
2021-02-15 09:33:18 +01:00
WORLDofPEACE
971a85d2c1
Merge pull request #112954 from TredwellGit/qemu
qemu: set sysconfdir
2021-02-14 05:58:54 -05:00
adisbladis
4c9e23d6ad
Merge pull request #113049 from adisbladis/crun-criu-supported-platforms
crun: Only build with criu support on criu supported platforms
2021-02-13 23:29:04 +01:00
adisbladis
a3d0f7818a
crun: Only build with criu support on criu supported platforms 2021-02-13 23:07:53 +01:00
zowoq
369f20924a cri-o: prefer to build wrapper locally
Same as 9c98282609
2021-02-14 07:58:28 +10:00
zowoq
8c8d4f3398 podman: install systemd files
- install podman service and socket
- install podman tmpfile
2021-02-14 06:57:38 +10:00
adisbladis
9c98282609
podman: Prefer to build wrapper locally
This build is basically just creating 2 symlinks and a wrapper script.
Downloading it from a cache is not efficient.
2021-02-13 15:51:33 +01:00
adisbladis
a62f04d38e
podman: Fix sha256
For some reason the archive sha256 has changed..
2021-02-13 15:14:31 +01:00
adisbladis
304617494b
podman: Remove unconfigured runtime warnings
It doesn't make sense as we promote using the podman wrapper where runtime paths will vary because they are nix store paths.
2021-02-13 14:39:02 +01:00
TredwellGit
dd441204f6 qemu: set sysconfdir
Fixes https://github.com/NixOS/nixpkgs/issues/111675 and https://github.com/NixOS/nixpkgs/issues/110142.
2021-02-13 00:25:28 +00:00
Mario Rodas
c831e4e9e4 podman: 2.2.1 -> 3.0.0
https://github.com/containers/podman/releases/tag/v3.0.0
2021-02-11 04:20:00 +00:00
Sascha Grunert
c2ef7b1cbf
crun: add criu support
Adding the criu dependency allows using the feature, too:

```
> ./result/bin/crun --version
crun version 0.17
commit: 0.17
spec: 1.0.0
+SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +YAJL
```

Signed-off-by: Sascha Grunert <mail@saschagrunert.de>
2021-02-11 13:58:58 +01:00
Alyssa Ross
8f0bd879da
qemu: re-enable stack protection
5e25995295 ("qemu: 2.6.1 -> 2.7.0") added this, because the QEMU
build failed without it.  That's no longer the case, so we can bring
back stack protection.
2021-02-09 21:26:43 +00:00
R. RyanTM
74c9af1c7c charliecloud: 0.21 -> 0.22 2021-02-09 07:52:17 +00:00
Ivan Babrou
251add14cf qemu: only apply autoPatchelfHook on linux
It fails on darwin due to missing `patchelf` and the missing ELFs:

```
/nix/store/...-auto-patchelf-hook/nix-support/setup-hook: line 220: -l: command not found
```
2021-02-08 13:48:16 -08:00
Ivan Babrou
d29e8f0e59 qemu: rename VERSION to QEMU_VERSION to avoid name clash
In libc++ starting with LLVM8 there's `<version>` include in `cstddef`:

The following things also align:

* QEMU has a file called `VERSION` in repo root
* QEMU prepends repo root to include path in build
* macOS has a case-insensetive filesystem

All of this combined means that `VERSION` file is included as a header.

Working around this be renaming `VERSION` -> `QEMU_VERSION` to resolve ambiguity.

The problem really only appears on `aarch64-darwin`, since on `x86_64-darwin`
there are no C++ files to compile. The workaround is harmless enough to apply.
2021-02-08 13:45:47 -08:00
Ivan Babrou
bb475b01d2 qemu: do not force x86_64 cpu on darwin
This change produces the following warning:

```
... configure: line 619: sysctl: command not found
```

It's benign and sysctl is only useful on MacOS X Leopard:

* https://github.com/qemu/qemu/blob/v5.2.0/configure#L615-L621

Leopard is 13 years old and is not supported by Nix.

The sysctl check is removed in qemu master branch already.

Plus aarch64-darwin is coming in #105026, so there's no reason to force x86_64.
2021-02-08 13:39:10 -08:00
Sandro
8a4a984fd5
Merge pull request #105439 from avdv/bazel_3.7.1 2021-02-04 20:15:45 +01:00
Sascha Grunert
c1b7380700
runc: 1.0.0-rc92 -> 1.0.0-rc93
Signed-off-by: Sascha Grunert <mail@saschagrunert.de>
2021-02-04 10:29:07 +01:00
R. RyanTM
e87a8406c6 conmon: 2.0.25 -> 2.0.26 2021-02-04 04:40:30 +00:00
Claudio Bley
6d8c431eb0 bazel: 3.7.1 -> 3.7.2
* update sha256 for gvisor, tensorflow{,WithCuda}, bazel-watcher, bazel-remote
  and envoy
2021-02-03 10:44:07 +01:00
Sandro
b881f100f6
Merge pull request #111625 from jbedo/singularity
singularity: 3.7.0 -> 3.7.1
2021-02-02 13:11:41 +01:00
Justin Bedo
efd372d82c
singularity: 3.7.0 -> 3.7.1 2021-02-02 14:05:34 +11:00
Andreas Rammhold
ad5f23870c
Merge pull request #110847 from andir/docker-overrides
docker: allow overriding package inputs per docker package
2021-02-01 00:55:22 +01:00
Claudio Bley
71cda4f111 bazel: 3.3.1 -> 3.7.1
* remove python-shebang patch since it was integrated upstream[1]

[1]: https://github.com/bazelbuild/bazel/pull/11535/files
2021-01-29 21:53:25 +01:00
Mario Rodas
75fbbeeaa9 docker-slim: 1.33.0 -> 1.34.0
https://github.com/docker-slim/docker-slim/releases/tag/1.34.0
2021-01-29 04:20:00 +00:00
R. RyanTM
0449f1e8f2 docker-compose: 1.28.0 -> 1.28.2 2021-01-28 00:45:55 +00:00
Andreas Rammhold
ed46383416 docker: allow overriding package inputs per docker package
Previously we could not override the input packages to docker at all as
that had been shadowed due to the usage of inherit in all-package.nix.

We are now mixing the "variable" variables for the build and the
dependency declarations for the package and using callPackage as if each
of the docker packages would be separate files that we evaluate.

This now enables overriding e.g. iptables for a single verison of
docker which previously was not feasible without importing the
default.nix again (and passing different arguments).

> pkgs.docker.override { iptables = pkgs.iptables-nftables-compat; }
2021-01-26 13:08:25 +01:00
Milan
b7871c3f2d
qemu: fix build when desktop file does not exist (#110721)
The qemu-user variants as used by binfmt emulation through
`(lib.systems.elaborate lib.systems.examples.aarch64-multiplatform).emulator pkgs`
does not install a .desktop file since qemu 5.2.0. This change allows
the build to continue if deletion of the desktop file fails.
2021-01-25 19:24:32 +01:00
Pavol Rusnak
a6ce00c50c
treewide: remove stdenv where not needed 2021-01-25 18:31:47 +01:00
Florian Klink
68b6d6ca8e
Merge pull request #110550 from bryanasdev000/package-virtualbox-6.1.18
virtualbox: 6.1.16 -> 6.1.18
2021-01-25 16:36:05 +01:00
volth
bc0d605cf1 treewide: fix double quoted strings in meta.description
Signed-off-by: Ben Siraphob <bensiraphob@gmail.com>
2021-01-24 19:56:59 +07:00
John Ericson
12881a7aa7
Merge pull request #110544 from Ericson2314/no-platform
top-level, lib: Remove platform attribute of platforms
2021-01-23 16:32:36 -05:00
Sandro
cba0c7e756
Merge pull request #110543 from bobrik/ivan/buildx-path
docker: correct substitution path with buildx enabled
2021-01-23 20:32:55 +01:00
John Ericson
9c213398b3 lib: Clean up how linux and gcc config is specified
Second attempt of 8929989614589ee3acd070a6409b2b9700c92d65; see that
commit for details.

This reverts commit 0bc275e634.
2021-01-23 10:01:28 -05:00
Florian Klink
994e221f16
Merge pull request #106988 from drewrisinger/dr-pr-qemu-bump
qemu: 5.1.0 -> 5.2.0
2021-01-23 00:20:06 +01:00
Bryan A. S
72e688c973 virtualbox: 6.1.16 -> 6.1.18
Signed-off-by: Bryan A. S <bryanasdev000@gmail.com>
2021-01-22 19:36:45 -03:00
Maximilian Bosch
c6d4197e4f
Merge pull request #110283 from r-ryantm/auto-update/docker-compose
docker-compose: 1.27.4 -> 1.28.0
2021-01-22 23:25:29 +01:00
Jonathan Ringer
0bc275e634
Revert "lib: Clean up how linux and gcc config is specified"
This is a stdenv-rebuild, and should not be merged
into master

This reverts commit 8929989614.
2021-01-22 14:07:06 -08:00
Ivan Babrou
aea19f284a docker: correct substitution path with buildx enabled
Starting with Docker 20.10, the client repo moved and the path changed.
2021-01-22 13:43:30 -08:00
John Ericson
d95aebbe0e
Merge pull request #107214 from Ericson2314/linux-config-cleanup
lib: Clean up how linux and gcc config is specified
2021-01-22 15:15:58 -05:00
Sandro
0c096b67dc
Merge pull request #107302 from bobrik/ivan/docker-buildx 2021-01-22 12:50:25 +01:00
John Ericson
8929989614 lib: Clean up how linux and gcc config is specified
The `platform` field is pointless nesting: it's just stuff that happens
to be defined together, and that should be an implementation detail.

This instead makes `linux-kernel` and `gcc` top level fields in platform
configs. They join `rustc` there [all are optional], which was put there
and not in `platform` in anticipation of a change like this.

`linux-kernel.arch` in particular also becomes `linuxArch`, to match the
other `*Arch`es.

The next step after is this to combine the *specific* machines from
`lib.systems.platforms` with `lib.systems.examples`, keeping just the
"multiplatform" ones for defaulting.
2021-01-21 22:44:09 -05:00
zowoq
722c5a8316 crun: 0.16 -> 0.17
https://github.com/containers/crun/releases/tag/0.17
2021-01-22 08:06:10 +10:00
Ivan Babrou
deb0d298a2 docker: add buildx support to docker client 2021-01-21 12:52:46 -08:00
Ivan Babrou
e431ff7e2e docker-buildx: init at 0.5.1
Installing docker-buildx enables buildx subcommand on the client:

* https://github.com/docker/buildx
2021-01-21 12:52:45 -08:00
zowoq
30ab92ea31 conmon: 2.0.24 -> 2.0.25
https://github.com/containers/conmon/releases/tag/v2.0.25
2021-01-21 18:35:16 +10:00
R. RyanTM
a17adff3e9 docker-compose: 1.27.4 -> 1.28.0 2021-01-21 07:50:25 +00:00
Mario Rodas
369e772cda
Merge pull request #109955 from r-ryantm/auto-update/dumb-init
dumb-init: 1.2.4 -> 1.2.5
2021-01-20 21:24:40 -05:00
R. RyanTM
63d650556b open-vm-tools: 11.2.0 -> 11.2.5 2021-01-20 15:02:45 +00:00
zowoq
31f5dd3f36 treewide: editorconfig fixes
- remove trailing whitespace
- use spaces for indentation
2021-01-20 09:11:11 +10:00
Drew Risinger
9e403b19a1 qemu: 5.1.0 -> 5.2.0
Updates to latest version of QEMU.
The build system has changed to ninja.
There are several configuration flags that aren't enabled. I will
defer to maintainers on those.

Adds autoPatchelfHook for patching output dynamically linked binaries.

qemu: use Nix's meson vs bundled

qemu: remove custom directory locations

It appears that these directories are no longer automatically prefixed
with $out/, so they are now trying to write to the system /etc/, /var/
directories, which is not permitted in sandbox.
The default directories seem to work OK, so using those.
2021-01-19 14:06:28 -05:00
R. RyanTM
2ed911999c dumb-init: 1.2.4 -> 1.2.5 2021-01-19 12:17:33 +00:00
R. RyanTM
d71bca5967
cri-o-unwrapped: 1.19.0 -> 1.20.0 (#109920) 2021-01-19 18:58:49 +10:00
Sandro
1afec60627
Merge pull request #95274 from misuzu/qemu-iscsi 2021-01-17 20:16:06 +01:00
Ben Siraphob
5d566c43b4 pkgs/applications: pkgconfig -> pkg-config 2021-01-16 23:49:59 -08:00
Jörg Thalheim
f3042e3078
Merge pull request #108862 from cpcloud/refactor-nvidia-containers 2021-01-15 11:10:09 +00:00
Ben Siraphob
108bdac3d9 pkgs/applications: stdenv.lib -> lib 2021-01-15 14:24:03 +07:00
zowoq
93e5d99592 conmon: 2.0.22 -> 2.0.24
https://github.com/containers/conmon/releases/tag/v2.0.24
2021-01-15 13:03:08 +10:00
zowoq
8a4b39330f Revert "conmon: 2.0.22 -> 2.0.23"
This reverts commit 59d4583cf3.

Broken release.
2021-01-15 04:44:13 +10:00
Sascha Grunert
59d4583cf3 conmon: 2.0.22 -> 2.0.23
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
2021-01-14 08:03:25 -08:00
Mark Vainomaa
b451286b1f
docker: 19.03.4 -> 20.10.2 (#108960)
This commit refactors the build process to handle Docker engine and
CLI split.
2021-01-13 11:33:14 +01:00
Sandro
e12409de89
Merge pull request #108959 from mikroskeem/docker-proxy-update
docker-proxy: 7b2b1fe -> fa125a3
2021-01-13 09:18:19 +01:00
Profpatsch
4a7f99d55d treewide: with stdenv.lib; in meta -> with lib;
Part of: https://github.com/NixOS/nixpkgs/issues/108938

meta = with stdenv.lib;

is a widely used pattern. We want to slowly remove
the `stdenv.lib` indirection and encourage people
to use `lib` directly. Thus let’s start with the meta
field.

This used a rewriting script to mostly automatically
replace all occurances of this pattern, and add the
`lib` argument to the package header if it doesn’t
exist yet.

The script in its current form is available at
https://cs.tvl.fyi/depot@2f807d7f141068d2d60676a89213eaa5353ca6e0/-/blob/users/Profpatsch/nixpkgs-rewriter/default.nix
2021-01-11 10:38:22 +01:00
Mark Vainomaa
855bf1a311
docker-proxy: 7b2b1fe -> fa125a3 2021-01-10 17:31:10 +02:00
Phillip Cloud
4cd4468144 nvidia-container-toolkit: remove unused input 2021-01-10 08:54:38 -05:00
Phillip Cloud
5af3dd4a96 nvidia-container-toolkit: fix license 2021-01-10 08:54:38 -05:00
Phillip Cloud
8f33bef20f nvidia-container-runtime: fix license 2021-01-10 08:54:38 -05:00
Phillip Cloud
7eed27754c libnvidia-container: fix license 2021-01-10 08:54:38 -05:00
Phillip Cloud
8169d5c644 nvidia-container-toolkit: pass nvidia-container-runtime into drv 2021-01-10 08:54:38 -05:00
Phillip Cloud
f91f9eacd6 nvidia-container-toolkit: format 2021-01-10 08:54:37 -05:00
Phillip Cloud
bc43141b48 nvidia-container-runtime: format 2021-01-10 08:54:37 -05:00
Phillip Cloud
b0b92e598d libnvidia-container: remove line break 2021-01-10 08:54:37 -05:00
Phillip Cloud
d93754bb40 nvidia-docker: fix lib access 2021-01-10 08:54:37 -05:00
Phillip Cloud
e94a0228c5 nvidia-docker: clean up drv inputs 2021-01-10 08:54:37 -05:00
Phillip Cloud
6b5b64173f nvidia-docker: no longer perform templating of container runtime config files 2021-01-10 08:54:37 -05:00
Phillip Cloud
91b47ae43c nvidia-docker: podman-config.toml -> nvidia-podman/config.toml 2021-01-10 08:54:37 -05:00
Phillip Cloud
e67c679649 nvidia-docker: split out nvidia-container-toolkit into separate drv 2021-01-10 08:54:37 -05:00
Phillip Cloud
610ec202dc nvidia-docker: split out nvidia-container-runtime into separate drv 2021-01-10 08:54:37 -05:00
Phillip Cloud
27cd42fd6d nvidia-docker: use pname for repo attribute 2021-01-10 08:54:37 -05:00
Phillip Cloud
b578c28217 nvidia-docker: split out libnvidia-container into separate drv 2021-01-10 08:54:37 -05:00
Michael Weiss
8ae8602bf7
Merge branch 'master' into staging-next
Manually resolved a conflict in
pkgs/development/libraries/libbladeRF/default.nix.
2021-01-09 12:16:11 +01:00
Phillip Cloud
7115e5ac8d nvidia-docker: fix pname of nvidia-container-runtime 2021-01-08 09:29:56 -05:00
Phillip Cloud
890a298409 nvidia-docker: wrapProgram to pickup needed runc executable 2021-01-08 09:29:56 -05:00
Phillip Cloud
df43c0f9da nvidia-docker: install podman config 2021-01-08 09:29:56 -05:00
Jan Tojnar
e6c0c98940
Merge branch 'master' into staging-next
zynaddsubfx conflict has been updated to 3.0.1, which conflicted with rewrite after 3.0.5 update on a different branch.
2021-01-08 02:07:34 +01:00
Phillip Cloud
976c3999a2 nvidia-docker: fix VERSION reporting bug 2021-01-07 15:56:08 -05:00
github-actions[bot]
5c072a088d
Merge master into staging-next 2021-01-07 18:40:50 +00:00
Phillip Cloud
6468f2cb69 nvidia-docker: 2.0.3 -> 2.5.0 2021-01-07 07:50:01 -05:00
Ben Siraphob
b04fc593e7 treewide: cmake buildInputs to nativeBuildInputs, minor cleanups 2021-01-01 11:52:33 +07:00
Jörg Thalheim
f91d7cf059
cntr: 1.2.1 -> 1.4.1 2020-12-30 07:09:54 +01:00
misuzu
c5dd597870 qemu: libiscsi support 2020-12-29 16:19:42 +02:00
Florian Klink
f13837054b
Merge pull request #107778 from zowoq/containerd
containerd: misc fixes
2020-12-29 01:04:10 +01:00
zowoq
824cfdd019 docker: disable containerd completion
not available in containerd prior to 1.4
2020-12-29 09:33:28 +10:00
zowoq
d7d6f5507c containerd: misc fixes
- build man during buildPhase
- use `src.rev` for `commit`
- install completion
2020-12-29 09:33:28 +10:00
freezeboy
8ab8ada2f5 charliecloud: 0.20 -> 0.21 2020-12-27 22:34:18 +01:00
zowoq
70bcf62c05 conmon: 2.0.21 -> 2.0.22
https://github.com/containers/conmon/releases/tag/v2.0.22
2020-12-21 05:28:42 +10:00
Michael Weiss
52424415bc
vpcs: 0.8 -> 0.8.1
Thanks to Repology / Alpine Linux I noticed that the GNS3 team continued
the development. From their README:
> This is a continuation of VPCS, based on the last development version
> and improved with patches wrote by various people from the community.
> The original VPCS code, which is unfortunately not maintained anymore,
> can be viewed on https://sourceforge.net/p/vpcs/code/
2020-12-18 20:45:54 +01:00
Mario Rodas
9c8a7716d3 docker-slim: 1.32.0 -> 1.33.0
https://github.com/docker-slim/docker-slim/releases/tag/1.33.0
2020-12-15 13:45:00 -05:00
R. RyanTM
4cddb0930d dumb-init: 1.2.3 -> 1.2.4 2020-12-10 15:01:17 +00:00
zowoq
cfbc1af189 podman: 2.2.0 -> 2.2.1
https://github.com/containers/podman/releases/tag/v2.2.1
2020-12-09 05:37:31 +10:00
R. RyanTM
bbbb6dfa36 dumb-init: 1.2.2 -> 1.2.3 2020-12-04 10:05:05 +00:00
Maximilian Bosch
ccb3f1c9dd
Merge pull request #105591 from mweinelt/qemu
qemu: fix CVE-2020-28916
2020-12-02 21:14:16 +01:00
Sergey Lukjanov
b999879206 docker: 19.03.13 -> 19.03.14 2020-12-01 23:34:59 -08:00
Martin Weinelt
2d55b8def4 containerd: update commit id for version indicator
I forogt to update the `commit` value in 8884729, which is why this the
version output was wrong:

```
❯ ./result/bin/containerd -v
containerd github.com/containerd/containerd v1.4.3 7ad184331fa3e55e52b890ea95e65ba581ae3429
```

This change corrects it.

```
❯ ./result/bin/containerd -v
containerd github.com/containerd/containerd v1.4.3 269548fa27e0089a8b8278fc4fc781d7f65a939b
```
2020-12-01 18:55:01 +01:00
Martin Weinelt
8884729f19
containerd: 1.4.2 -> 1.4.3
Access controls for the shim’s API socket verified that the connecting
process had an effective UID of 0, but did not otherwise restrict
access to the abstract Unix domain socket. This would allow malicious
containers running in the same network namespace as the shim, with an
effective UID of 0 but otherwise reduced privileges, to cause new
processes to be run with elevated privileges.

Fixes: CVE-2020-15257
2020-12-01 17:10:19 +01:00
Martin Weinelt
c3f268000e
qemu: fix CVE-2020-28916
While receiving packets via e1000e_write_packet_to_guest an infinite
loop could be triggered if the receive descriptor had a NULL buffer
address.

A privileged guest user could use this to induce a DoS Scenario.

Fixes: CVE-2020-28916
2020-12-01 16:54:21 +01:00
Sascha Grunert
bd6067cd5d podman: 2.1.0 -> 2.2.0
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
2020-12-01 22:20:11 +10:00
Martin Weinelt
3200eaef74
Merge pull request #105157 from mweinelt/libslirp
libslirp: fix CVE-2020-29129
2020-11-30 15:56:09 +01:00
Martin Weinelt
bd3ce46719
qemu: fix CVE-2020-29129, CVE-2020-29130 in vendored libslirp
Fixes out-of-bounds access in libslirp while processing ARP/NCSI packets.

Fixes: CVE-2020-29129, CVE-2020-29130
2020-11-28 02:47:44 +01:00
Sandro
1542fd8e8d
Merge pull request #77421 from Shados/xen-build-efi-binaries 2020-11-27 23:49:07 +01:00
Sandro
e6126df5d9
Merge pull request #105132 from r-ryantm/auto-update/containerd
containerd: 1.4.1 -> 1.4.2
2020-11-27 13:15:31 +01:00
R. RyanTM
706ed34eb3 containerd: 1.4.1 -> 1.4.2 2020-11-27 10:28:11 +00:00
Sandro
d3badf3b43
Merge pull request #105075 from r-ryantm/auto-update/singularity
singularity: 3.6.4 -> 3.7.0
2020-11-26 23:10:50 +01:00
Florian Klink
1cdbdc3278
Merge pull request #104545 from zowoq/runc
runc: add wrapper for systemd
2020-11-26 22:16:53 +01:00
R. RyanTM
1b0e3aa842 singularity: 3.6.4 -> 3.7.0 2020-11-26 20:28:31 +00:00
Sandro
3d4e98ea6e
Merge pull request #103466 from CheariX/open-vm-tools-11.2.0 2020-11-25 11:25:26 +01:00
Graham Christensen
bc49a0815a
utillinux: rename to util-linux 2020-11-24 12:42:06 -05:00
Sascha Grunert
52271f44b1 crun: 0.15.1 -> 0.16
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
2020-11-24 19:35:46 +10:00
zowoq
50e24b8e0a runc: add wrapper for procps, systemd
for cgroupsv2 it needs `busctl` and `systemctl` in its PATH.
2020-11-23 08:46:34 +10:00
zowoq
a82d8ca64d runc: add docker to passthru.tests 2020-11-23 08:43:08 +10:00
zowoq
cdf6ffdf2e docker: add passthru.tests 2020-11-23 08:43:08 +10:00
zowoq
fe78178e09 containerd: add passthru.tests 2020-11-23 08:43:08 +10:00
zowoq
90bb6fbb24 singularity: drop unneeded removeReferencesTo 2020-11-18 08:13:34 +10:00
zowoq
33822cb12f docker: drop redundant removeReferencesTo 2020-11-18 08:13:34 +10:00
Oleksii Filonenko
512c3c0a05 maintainers: rename filalex77 -> Br1ght0ne 2020-11-17 13:09:31 +02:00
Austin Seipp
a83e5c4245
firecracker: 0.22.0 -> 0.23.0
Closes #102789.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2020-11-15 21:28:29 -06:00
Christian Mainka
44e2d0d402 open-vm-tools: 11.1.5 -> 11.2.0 2020-11-11 16:22:41 +01:00
Alexander Bich
fae02c06b8 ocaml-libvirt: 0.6.1.4.2017-11-08-unstable -> 0.6.1.5 2020-11-10 05:57:39 +01:00
Maximilian Bosch
50957910fc
Merge pull request #102481 from mweinelt/qemu/cve-2020-27617
qemu: apply patch for CVE-2020-27617
2020-11-09 23:51:22 +01:00
Jörg Thalheim
feeda77ec2
Merge pull request #101820 from Chiiruno/dev/looking-glass
looking-glass-client: B1 -> B2
2020-11-09 14:43:27 +01:00
Okina Matara
56fb786f82
looking-glass-client: B1 -> B2 2020-11-07 02:41:16 -06:00
markuskowa
b580137d40
Merge pull request #100777 from jbedo/singularity
singularity: 3.6.3 -> 3.6.4
2020-11-06 00:13:36 +01:00
Sascha Grunert
d48026dc5b crun: 0.15 -> 0.15.1
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
2020-11-04 08:28:22 +10:00
Phillip Cloud
ea270c00b0
bug: fix libnvidia-container build (#101665) 2020-11-03 13:17:06 +01:00
R. RyanTM
2702aced5e charliecloud: 0.19 -> 0.20 2020-11-02 08:19:19 -08:00
Martin Weinelt
0c54b757e9
qemu: apply patch for CVE-2020-27617
An assert(3) failure issue was found in the networking helper functions of QEMU. It could occur in the eth_get_gso_type() routine, if a packet does not have a valid networking L3 protocol (ex. IPv4, IPv6) value. A guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario.

Fixes: CVE-2020-27617
2020-11-02 14:01:01 +01:00
WORLDofPEACE
f2d8aebe8e
Merge pull request #101493 from Magicloud/vbox6116
virtualbox: 6.1.14 -> 6.1.16
2020-10-27 12:37:16 -04:00
Milan Pässler
0dc4ced3eb docker: 19.03.12 -> 19.03.13
Added libseccomp and pkgconfig inputs to containerd, because 1.3.x requires them.
However containerd 1.2.x and 1.4.x do not.
2020-10-27 12:48:51 +01:00
R. RyanTM
6a42a70023 open-vm-tools: 11.1.0 -> 11.1.5 2020-10-25 09:39:40 +01:00
Magicloud
e416dc89a1 virtualbox: 6.1.14 -> 6.1.16
6.1.16 is the latest release of Virtualbox. And it is necessary to have it when using Linux 5.9 kernel.
2020-10-24 02:53:08 +08:00
Sandro Jäckel
e44cc1404b docker: use upstream repo for containerd
http://github.com/docker/containerd is archived and redirects to
https://github.com/docker-archive/containerd.

To make updates easier track the upstream repo which Docker uses.
2020-10-24 00:12:06 +10:00
Josh Holland
802e9ea3a6 open-vm-tools: fix build w/glibc-2.32 2020-10-21 14:21:49 +01:00
Andreas Rammhold
2451796b49
qemu: make ncurses optional for the test runner
This shaves another 3MB off the closure size of QEMU.
2020-10-19 17:49:31 +02:00
Andreas Rammhold
e79eed4840
qemu: strip down the features for the test runner
This allows much faster VM-test based systemd testing as the closure of
qemu suddenly shrinks to reasonable sizes again.
2020-10-19 17:39:47 +02:00
Justin Bedo
8a788b8587
singularity: 3.6.3 -> 3.6.4
Important security release addressing CVE-2020-15229.
2020-10-19 09:11:34 +11:00
R. RyanTM
ffde8a8e1e
seabios: 1.13.0 -> 1.14.0 (#96616) 2020-10-14 11:09:21 +02:00
Julius Marozas
4eae3ac1ec
virt-manager: 2.2.1 -> 3.1.0 2020-10-12 19:54:03 +03:00
Alexei Robyn
22fdd2465c xen: Build Xen EFI binary 2020-10-10 22:09:31 +11:00
Alexei Robyn
6048a3c1f5 xen: Remove unsupported Xen version (4.8) 2020-10-10 22:09:26 +11:00
Maximilian Bosch
1b05fccf81
Merge pull request #99383 from fadenb/virt-manager-qt_fix
virt-manager-qt: Add patch to rename variables
2020-10-10 20:28:17 +02:00
Tim Steinbach
9ef0ac8fe9
docker: Remove maintainer nequissimus 2020-10-08 11:00:14 -04:00
Tristan Helmich (omniIT)
643bdb404e virt-manager-qt: Add patch to rename variables
KDE/krdc@56a0222b51 renamed some
variables resulting in a build failure. The added patch renames the
variables in virt-manager-qt accordingly.
2020-10-02 12:20:32 +00:00
Maximilian Bosch
fd28991cd7
Merge pull request #98993 from r-ryantm/auto-update/docker-compose
docker-compose: 1.26.2 -> 1.27.4
2020-09-30 16:09:58 +02:00
R. RyanTM
b10b4d6947 docker-compose: 1.26.2 -> 1.27.4 2020-09-28 08:00:40 +00:00
zowoq
bbeed7ecf8 podman: 2.1.0 -> 2.1.1
https://github.com/containers/podman/releases/tag/v2.1.1
2020-09-26 12:44:38 +10:00
Ryan Mulligan
bb77b5cae7
Merge pull request #98699 from r-ryantm/auto-update/charliecloud
charliecloud: 0.18 -> 0.19
2020-09-25 08:45:15 -07:00
Ryan Mulligan
6f6a81c435
Merge pull request #98705 from r-ryantm/auto-update/containerd
containerd: 1.4.0 -> 1.4.1
2020-09-25 08:44:26 -07:00
Maximilian Bosch
76dcad0282
Merge pull request #97411 from Magicloud/vbox6114
virtualbox: 6.1.10 -> 6.1.14
2020-09-25 15:07:21 +02:00
Maximilian Bosch
579404c4a5
virtualbox: re-add support for virtio
For some reason the original source tarball for version 6.1.14 didn't
bundle the sources for `virtio`-support causing a build-failure.

After this was reported, a new tarball named
`VirtualBox-6.1.14a.tar.bz2` was published which fixes the issue[1].

[1] https://www.virtualbox.org/ticket/19862
2020-09-25 12:37:39 +02:00
R. RyanTM
625ba8ed5e containerd: 1.4.0 -> 1.4.1 2020-09-25 03:58:04 +00:00
R. RyanTM
ae421104f8 charliecloud: 0.18 -> 0.19 2020-09-25 02:03:11 +00:00
Sascha Grunert
dcb8c26e43
crun: 0.14.1 -> 0.15
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
2020-09-23 17:19:15 +02:00
Sascha Grunert
5c27f0dd65 podman: 2.0.6 -> 2.1.0
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
2020-09-23 07:10:18 +10:00
Austin Seipp
5a71d9619a
firecracker: 0.21.1 -> 0.22.0
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2020-09-21 16:54:48 -05:00
Justin Bedo
efa99abf28
singularity: 3.6.2 -> 3.6.3 2020-09-21 12:07:38 +10:00
Ryan Burns
9d58eb47f2 docker_18_09: fix build
The cross-compilation patch introduced in
https://github.com/NixOS/nixpkgs/pull/92140
fixes an issue introduced in Docker CE 19.03,
and will not apply to (and is not needed for)
previous versions.
2020-09-19 20:29:26 -07:00
Sascha Grunert
1e8324291e cri-o: 1.18.3 -> 1.19.0
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
2020-09-17 17:50:57 +10:00
zowoq
d3875340df conmon: 2.0.20 -> 2.0.21
https://github.com/containers/conmon/releases/tag/v2.0.21
2020-09-11 06:48:48 +10:00
Magicloud
e1538e43b9 virtualbox: 6.1.10 -> 6.1.14
6.1.14 is the latest release of Virtualbox.

Also disabled VirtIO since the source tarball does not include necessary source code.
2020-09-09 19:58:36 +08:00
zowoq
f3623b8435 singularity: use upstream vendor 2020-09-08 16:32:39 +10:00
zowoq
ee0d559dae oci-seccomp-bpf-hook: move to linuxPackages 2020-09-02 20:14:22 +10:00
Sascha Grunert
7bb51c2a60 podman: 2.0.5 -> 2.0.6
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
2020-09-02 07:33:34 +10:00
Linus Heckemann
bba8571c39
Merge pull request #96538 from Mic92/go-references
buildGoModule/buildGoPackage: Remove go references from lib,libexec
2020-08-30 16:44:08 +02:00
Mario Rodas
0c447a3bc0
Merge pull request #96521 from marsam/fix-docker-darwin
docker: fix build on darwin
2020-08-28 23:05:56 -05:00
Daniël de Kok
192ed0a00e
Merge pull request #95888 from bzizou/charliecloud18
charliecloud: 0.12 -> 0.18
2020-08-28 16:34:57 +02:00
Bruno Bzeznik
1601ff7dd4 charliecloud: 0.12 -> 0.18 (docker + ch-grow support) 2020-08-28 14:39:21 +02:00
Jörg Thalheim
dee0f69844
singularity: remove remove-references-to call 2020-08-28 13:19:12 +01:00