nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-01-05 20:43:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
518,784 Commits 165 Branches 125 Tags 6.4 GiB
52374770b0
Commit Graph

6720 Commits

Author SHA1 Message Date
Franz Pletz
da37904672
Merge pull request #246772 from R-VdP/nixos-user-expiry 
nixos/update-users-groups: add support for account expiry
 2023-08-26 02:41:34 +02:00
Franz Pletz
fe907aa37e
Merge pull request #242365 from h7x4/add-mysqld-exporter 
services/prometheus/exporters: add mysqld
 2023-08-25 23:56:22 +02:00
Ryan Lahfa
4fb9aeae23
Merge pull request #250843 from RaitoBezarius/listmonk 2023-08-24 10:59:58 +02:00
Pierre Bourdon
4428f3a79a
Revert "nixos/security/wrappers: simplifications and a fix for #98863" 2023-08-24 08:35:11 +02:00
Mario Rodas
8720d96225
Merge pull request #248395 from adamcstephens/lxd/tests 
nixos/tests/lxd: move into subdir, use minimal init, remove sleeps
 2023-08-24 00:37:04 -05:00
Nick Cao
8d524e610b
Merge pull request #249502 from oddlama/feat-influxdb-provision-full 
nixos/influxdb2: add provisioning and nixos tests
 2023-08-24 08:55:38 +08:00
Pierre Bourdon
0930308453
Merge pull request #199599 from robryk/suidwrapnoreal 
nixos/security/wrappers: simplifications and a fix for #98863
 2023-08-24 01:09:36 +02:00
Felix Bühler
fb6665f4de
Merge pull request #250970 from alyssais/virtualbox-test-eval 
nixosTests.virtualbox: fix eval
 2023-08-23 22:02:34 +02:00
Emily
73a060e7ca
Merge pull request #244626 from Sohalt/caddy-rfc42 
nixos/caddy: Add rfc42 settings option
 2023-08-23 20:36:46 +02:00
Benjamin Staffin
5b198578db
Merge pull request #239801 from benley/hddfancontrol 
hddfancontrol: init at 1.5.1 (plus nixos module)
 2023-08-23 13:32:37 -04:00
Benjamin Staffin
12b3178bd2 nixos/hddfancontrol: initial module & test 2023-08-23 13:25:29 -04:00
Raito Bezarius
ffdeabbadf listmonk: perform tests only linux supported platforms 
Otherwise, Darwin will try to run them and fail.
 2023-08-23 17:50:28 +02:00
Alyssa Ross
42f1b5c6db
nixosTests.os-prober: add bintools to the VM 
machine # warning: error: unable to download 'https://ftpmirror.gnu.org/bash/bash-5.2.tar.gz': Couldn't resolve host name (6); retrying in 329 ms
machine # warning: error: unable to download 'https://ftpmirror.gnu.org/bash/bash-5.2.tar.gz': Couldn't resolve host name (6); retrying in 530 ms
machine # warning: error: unable to download 'https://ftpmirror.gnu.org/bash/bash-5.2.tar.gz': Couldn't resolve host name (6); retrying in 1066 ms
machine # warning: error: unable to download 'https://ftpmirror.gnu.org/bash/bash-5.2.tar.gz': Couldn't resolve host name (6); retrying in 2544 ms
machine # [ 1283.199545] GUEST-test1[1465]: [  414.478221] stage-1-init: [Wed Aug 23 13:26:29 UTC 2023] + loadkmap
machine # error:
machine #        … writing file '/nix/store/v28dv6l0qk3j382kp40bksa1v6h7dx9p-bash-5.2.tar.gz'
machine #
machine #        error: unable to download 'https://ftpmirror.gnu.org/bash/bash-5.2.tar.gz': Couldn't resolve host name (6)
machine # error: builder for '/nix/store/5jrd75v747s76s16zxk59384xfcjqn58-bash-5.2.tar.gz.drv' failed with exit code 1
machine # error: 1 dependencies of derivation '/nix/store/0cgj4m2h51hjhmz5h4440pd73kv5lm5v-bash-5.2-p15.drv' failed to build
machine # error: 1 dependencies of derivation '/nix/store/d2x66i0dfv9w81gl1w3nbkn0nz7mawaz-bash-5.2-p15.drv' failed to build
machine # error: 1 dependencies of derivation '/nix/store/lcz1v3h1nsbyz2fp7xkp113jvyjqq0sx-bash-5.2-p15.drv' failed to build
machine # building '/nix/store/20d5pi1a5i9jj041i0gvr9zcs7bjbw46-binutils-2.40.tar.bz2.drv'...
machine # error: 1 dependencies of derivation '/nix/store/zb0ykvcllgc8l9ki38fdv9n8xp3rnphb-gcc-12.3.0.drv' failed to build
machine # error: 1 dependencies of derivation '/nix/store/7kxjnzmc79sickp7hiyp8v169idyw8f2-gettext-0.21.1.drv' failed to build
machine # error: 1 dependencies of derivation '/nix/store/wp7hpglhgwljl3fsfyx8caaakh4a1r72-xgcc-12.3.0.drv' failed to build
machine # error: 1 dependencies of derivation '/nix/store/f7glbcn7n59k22b911bx1vyy13g4bdxh-binutils-2.40.drv' failed to build
machine # error: 1 dependencies of derivation '/nix/store/q7yvprjmnqprx743ikkcz4kqx2mjdas4-binutils-wrapper-2.40.drv' failed to build
machine # building '/nix/store/vks3aqqal1rjvrsbj61nl1yh7r5shhdh-builder.pl.drv'...
machine # error: 1 dependencies of derivation '/nix/store/qmdff14r0l31mzx8al7h1kp9h5pck5wr-extra-utils.drv' failed to build
machine # error: 1 dependencies of derivation '/nix/store/rdlk4188b2jp4ac38w94qazdaxk6sga9-stage-1-init.sh.drv' failed to build
machine # error: 1 dependencies of derivation '/nix/store/rq15acvd6hcr52a5dlmk1p7mlyzjack0-initrd-linux-6.1.46.drv' failed to build
machine # error: 1 dependencies of derivation '/nix/store/h1rch2zqjacijnn0szq2hgwmd6v1r1ld-nixos-system-nixos-23.11pre-git.drv' failed to build
 2023-08-23 13:50:44 +00:00
oddlama
8b5b7def91
nixos/influxdb2: add org, bucket, users and auth provisioning 2023-08-23 14:46:52 +02:00
Alyssa Ross
2d66a9db22
nixosTests.virtualbox: fix eval 
There's no "lib" in scope here.  The test uses "with pkgs.lib;", so
this failed to evaluate.

Fixes: 6672dde558 ("treewide: use optionalAttrs instead of 'else {}'")
 2023-08-23 12:25:34 +00:00
Raito Bezarius
b4658cada3 listmonk: revamp the tests 
Previously, the transactional template was in id=2.
It is now id=3.

I moved a bit the code to improve the ability to load templates and subscribers properly.
I am planning to upstream `type` for templates API request so we can easily filter out
and select the accordingly template.
 2023-08-23 00:25:47 +02:00
sohalt
c01874615b nixos/caddy: Add rfc42 settings option 2023-08-22 20:14:35 +02:00
Benjamin Staffin
63e9b2f8c0
Merge pull request #246354 from minijackson/netbox-fixes 
netbox: 3.5.6 -> 3.5.7 + migration fixes + upgrade NixOS test
 2023-08-21 16:22:38 -04:00
Martin Weinelt
7c75694db9
Merge pull request #240982 from rnhmjoj/pr-jool 
nixos/jool: add service for setting up SIIT/NAT64
 2023-08-19 23:32:05 +02:00
Adam Stephens
f1c0589e4c
nixos/tests/lxd: move into subdir, use minimal init, remove sleeps 2023-08-17 21:02:08 -04:00
Manuel Bärenz
bad4b37c7e Remove turion (myself) as maintainer from some packages 
I have removed myself as maintainer from those packages that:

* Have at least one other maintainer
* Are outside of my actual expertise,
  i.e. I wouldn't really know how to fix them if they broke
 2023-08-17 17:20:18 +02:00
Arnout Engelen
46d051737d
Merge pull request #248011 from onny/opensnitch-test 
nixos/opensnitch: add test
 2023-08-17 12:43:42 +02:00
Bobby Rong
888d0bb9fa
Merge pull request #249561 from bobby285271/fix/fail-test-when-coredump 
nixosTests.pantheon, nixosTests.budgie: Fail the test when coredump happens
 2023-08-17 15:33:25 +08:00
Bobby Rong
ba96b6bdaa
nixosTests.budgie: Re-add checks for budgie-wm 
This is the shell of the desktop, it is still a good idea to do something with it.
 2023-08-16 23:33:52 +08:00
Bobby Rong
d86dc7c016
nixosTests.pantheon: Ensure the test fails when gala coredumps 
It can be possible that pgrep failed to catch this. See the GNOME 45 PR.
 2023-08-16 23:20:38 +08:00
Maciej Krüger
56700d64b1
Merge pull request #226821 from enc0urage/memtest 2023-08-16 15:31:32 +02:00
Nick Cao
2dadab4889
Merge pull request #249211 from oddlama/feat-influxdb-provision 
nixos/influxdb2: automatic initial setup and nixos tests
 2023-08-16 21:29:16 +08:00
oddlama
b4d718f14a
nixos/influxdb2: add initial setup automation and nixos tests 2023-08-16 14:31:49 +02:00
Janne Heß
bc9b484db8
Merge pull request #232230 from oddlama/fix-activation-template-unit-specializations 
Fix detection of changed template unit specializations in switch-to-configuration.pl
 2023-08-16 13:46:45 +02:00
Robert Obryk
46c9aed62b nixos/security/wrappers: add one regression test for #98863 
Note that this regression test checks only s[gu]id wrappers. The issue
for capability wrappers is not fixed yet.
 2023-08-16 11:33:22 +02:00
WilliButz
da5c3bde30
Merge pull request #248405 from fpletz/pkgs/mediamtx-1.0.0 
mediamtx: 0.23.8 -> 1.0.0, refactor module, add test
 2023-08-16 11:30:18 +02:00
Nikolay Korotkiy
6f46c37d92
nixosTests.agate: switch to using gemget 2023-08-16 01:26:54 +04:00
Maximilian Bosch
2b42b842ed
nixos/prometheus-exporters: fix smartctl test 2023-08-15 15:44:45 +02:00
Nick Cao
fecb8c7752
nixosTests.fcitx5: make use of the newly added settings option 2023-08-15 08:36:07 +08:00
Maximilian Bosch
a471325eaf
Merge pull request #221318 from mweinelt/synapse-extras 
nixos/matrix-synapse: Allow passing extras, discover extras from config
 2023-08-14 18:43:05 +02:00
Robert Hensing
8fe5918d06
Merge pull request #248138 from hercules-ci/update-nixops_unstable 
nixops_unstable: update
 2023-08-14 11:00:44 +02:00
enc0urage
00d7065913 nixos/systemd-boot: Replace proprietary memtest86 with free memtest86+ in UEFI 2023-08-14 03:05:24 +00:00
h7x4
66de20bc45
tests/prometheus-exporters: add test for mysqld exporter 2023-08-13 19:47:19 +02:00
Jonas Heinrich
5e6e949e84 nixos/opensnitch: add test 2023-08-13 17:49:19 +02:00
Janne Heß
7937c5816d
nixos/switchTest: Also check for base unit modifications 2023-08-13 14:25:24 +02:00
Franz Pletz
4fc07e7b48
nixos/tests/mediamtx: init 2023-08-10 20:43:26 +02:00
Ryan Lahfa
ec409e6f79
Merge pull request #231673 from symphorien/suid_wrappers_userns 2023-08-10 11:52:59 +02:00
Franz Pletz
6574d90239
Merge pull request #248154 from onny/nextcloud-tests-fix 
nixos/tests/nextcloud: Fix deprecation warning
 2023-08-10 04:18:27 +02:00
Franz Pletz
50e7a02e67
nixos/chrony: add simple test 2023-08-10 03:04:04 +02:00
Franz Pletz
8e372c19d1
Merge pull request #245286 from codec/add-prometheus-idrac-exporter 
prometheus-idrac-exporter: init at unstable-2023-06-29
 2023-08-10 00:58:03 +02:00
Jonas Heinrich
14f7b1161d nixos/tests/nextcloud: Fix deprecation warning 2023-08-09 16:57:57 +02:00
Robert Hensing
4b51c5360f nixops_unstable: Fix tests attribute 
The .overrideAttrs part is ok now, but a "passthru' workaround is
necessary now. See https://github.com/NixOS/nixpkgs/pull/247520
 2023-08-09 15:47:13 +02:00
Franz Pletz
dcafb07ed8
Merge pull request #232250 from YBeaugnon/libvirt-hooks 
nixos/libvirtd: hooks support
 2023-08-09 15:07:52 +02:00
Guillaume Girol
0e4b8a05b2 nixos/wrappers: allow setuid and setgid wrappers to run in user namespaces 
In user namespaces where an unprivileged user is mapped as root and root
is unmapped, setuid bits have no effect. However setuid root
executables like mount are still usable *in the namespace* as the user
already has the required privileges. This commit detects the situation
where the wrapper gained no privileges that the parent process did not
already have and in this case does less sanity checking. In short there
is no need to be picky since the parent already can execute the foo.real
executable themselves.

Details:
man 7 user_namespaces:
   Set-user-ID and set-group-ID programs
       When a process inside a user namespace executes a set-user-ID
       (set-group-ID) program, the process's effective user (group) ID
       inside the namespace is changed to whatever value is mapped for
       the user (group) ID of the file.  However, if either the user or
       the group ID of the file has no mapping inside the namespace, the
       set-user-ID (set-group-ID) bit is silently ignored: the new
       program is executed, but the process's effective user (group) ID
       is left unchanged.  (This mirrors the semantics of executing a
       set-user-ID or set-group-ID program that resides on a filesystem
       that was mounted with the MS_NOSUID flag, as described in
       mount(2).)

The effect of the setuid bit is that the real user id is preserved and
the effective and set user ids are changed to the owner of the wrapper.
We detect that no privilege was gained by checking that euid == suid
== ruid. In this case we stop checking that euid == owner of the
wrapper file.

As a reminder here are the values of euid, ruid, suid, stat.st_uid and
stat.st_mode & S_ISUID in various cases when running a setuid 42 executable as user 1000:

Normal case:
ruid=1000 euid=42 suid=42
setuid=2048, st_uid=42

nosuid mount:
ruid=1000 euid=1000 suid=1000
setuid=2048, st_uid=42

inside unshare -rm:
ruid=0 euid=0 suid=0
setuid=2048, st_uid=65534

inside unshare -rm, on a suid mount:
ruid=0 euid=0 suid=0
setuid=2048, st_uid=65534
 2023-08-09 12:00:00 +00:00
Robert Hensing
bc9d2d6a7c
Merge pull request #247520 from Atemu/fix/kernel-passthru.tests 
kernel: fix passthru.tests
 2023-08-08 21:29:19 +02:00