Commit Graph

35718 Commits

Author SHA1 Message Date
Oliver Charles
99d8ef0673 haskellPackages.snapCORS: New expression 2014-04-12 16:04:40 +01:00
William A. Kennington III
4fea09ca4c google_api_python_client: Add package
Closes #2178

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-12 08:11:46 -05:00
Aristid Breitkreuz
c62b9e56f8 perl: Finance::Quote 1.29 2014-04-12 14:40:03 +02:00
Cillian de Róiste
6c1ac8159b oxygen_gtk: update from 1.4.4 to 1.4.5 2014-04-12 11:59:03 +02:00
Cillian de Róiste
02e693c400 synthv1: update from 0.4.0 to 0.4.1 2014-04-12 11:58:29 +02:00
Cillian de Róiste
440a174e2d samplv1: update from 0.4.0 to 0.4.1 2014-04-12 11:58:13 +02:00
Cillian de Róiste
aee930586f drumkv1: update from 0.4.0 to 0.4.1 2014-04-12 11:57:43 +02:00
Vladimír Čunát
83cb0354e9 clang_34: make it evaluate to 3.4 even on Darwin 2014-04-12 09:46:37 +02:00
Austin Seipp
172dc1336f nixos: add grsecurity module (#1875)
This module implements a significant refactoring in grsecurity
configuration for NixOS, making it far more usable by default and much
easier to configure.

 - New security.grsecurity NixOS attributes.
   - All grsec kernels supported
   - Allows default 'auto' grsec configuration, or custom config
   - Supports custom kernel options through kernelExtraConfig
   - Defaults to high-security - user must choose kernel, server/desktop
     mode, and any virtualisation software. That's all.
   - kptr_restrict is fixed under grsecurity (it's unwriteable)
 - grsecurity patch creation is now significantly abstracted
   - only need revision, version, and SHA1
   - kernel version requirements are asserted for sanity
   - built kernels can have the uname specify the exact grsec version
     for development or bug reports. Off by default (requires
     `security.grsecurity.config.verboseVersion = true;`)
 - grsecurity sysctl support
   - By default, disabled.
   - For people who enable it, NixOS deploys a 'grsec-lock' systemd
     service which runs at startup. You are expected to configure sysctl
     through NixOS like you regularly would, which will occur before the
     service is started. As a result, changing sysctl settings requires
     a reboot.
 - New default group: 'grsecurity'
   - Root is a member by default
   - GRKERNSEC_PROC_GID is implicitly set to the 'grsecurity' GID,
     making it possible to easily add users to this group for /proc
     access
 - AppArmor is now automatically enabled where it wasn't before, despite
   implying features.apparmor = true

The most trivial example of enabling grsecurity in your kernel is by
specifying:

    security.grsecurity.enable          = true;
    security.grsecurity.testing         = true;      # testing 3.13 kernel
    security.grsecurity.config.system   = "desktop"; # or "server"

This specifies absolutely no virtualisation support. In general, you
probably at least want KVM host support, which is a little more work.
So:

    security.grsecurity.enable = true;
    security.grsecurity.stable = true; # enable stable 3.2 kernel
    security.grsecurity.config = {
      system   = "server";
      priority = "security";
      virtualisationConfig   = "host";
      virtualisationSoftware = "kvm";
      hardwareVirtualisation = true;
    }

This module has primarily been tested on Hetzner EX40 & VQ7 servers
using NixOps.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-11 22:43:51 -05:00
Austin Seipp
cf24cf1184 capstone: attempt to fix Linux build, remove Darwin build
The Darwin build seems fixable but I can't test right now.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-11 21:41:14 -05:00
Austin Seipp
036a7708a2 libseccomp: attempt to fix Hydra build
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-11 21:37:19 -05:00
Austin Seipp
acd5a9d8b4 spiped: attempt to fix linux Hydra build
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-11 21:35:08 -05:00
Austin Seipp
71d7bec227 p0f: build fix attempt for Hydra
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-11 21:32:30 -05:00
Mathijs Kwik
b21853f255 Fix initrd breaking by recent repeatable-builds changes
See the comments at f67015cae4
for more information.

Please note: this makes initrd unrepeatable again, but most people will prefer that above an unbootable system.
2014-04-12 00:06:30 +02:00
Mathijs Kwik
5a3fa7f88f nvidia-x11: patch for kernel 3.14 support 2014-04-11 23:40:16 +02:00
Peter Simons
50b1a8ea0b haskell-diagrams-postscript: update to version 1.0.2.4 2014-04-11 22:33:12 +02:00
Peter Simons
d2e61750df haskell-diagrams-lib: update to version 1.1.0.6 2014-04-11 22:33:11 +02:00
Peter Simons
ce15e84af3 haskell-diagrams-contrib: update to version 1.1.1.4 2014-04-11 22:33:11 +02:00
Peter Simons
716cffc1bb haskell-language-c-inline: re-generate with cabal2nix 2014-04-11 22:33:11 +02:00
Peter Simons
f32be2da85 haddock: update to version 2.14.2 2014-04-11 22:33:11 +02:00
Peter Simons
86177f06e9 haskell-haskell-src: add version 1.0.1.6 2014-04-11 22:33:11 +02:00
Peter Simons
f5dd4d383b haskell-HTTP: update to version 4000.2.12 2014-04-11 22:33:11 +02:00
Peter Simons
fd376138b2 haskell-yesod-core: update to version 1.2.12 2014-04-11 22:33:11 +02:00
Peter Simons
e77f2cd689 haskell-texmath: update to version 0.6.6.1 2014-04-11 22:33:11 +02:00
Peter Simons
43a77ee1ab haskell-monoid-extras: update to version 0.3.3.2 2014-04-11 22:33:11 +02:00
Peter Simons
2379850cad haskell-monad-logger: update to version 0.3.6 2014-04-11 22:33:11 +02:00
Peter Simons
ecbb36caf1 haskell-hxt: update to version 9.3.1.4 2014-04-11 22:33:11 +02:00
Peter Simons
35e8034716 haskell-hxt-unicode: update to version 9.0.2.2 2014-04-11 22:33:11 +02:00
Peter Simons
7cc83c8c74 haskell-dual-tree: update to version 0.2.0.2 2014-04-11 22:33:11 +02:00
Peter Simons
c203d9c5fa haskell-cereal-conduit: update to version 0.7.2.1 2014-04-11 22:33:11 +02:00
Peter Simons
a0264d3db8 haskell-active: update to version 0.1.0.12 2014-04-11 22:33:11 +02:00
Peter Simons
e1bdc5c164 haskell-statistics: add version 0.11.0.0 2014-04-11 22:33:11 +02:00
Peter Simons
ea95516bf8 haskell-parsers: add version 0.11 2014-04-11 22:33:11 +02:00
Peter Simons
4604d52df4 GHC version 7.8.1 has been deprecated because of a serious bug.
We'll have version 7.8.2 out soon.

http://www.haskell.org/pipermail/ghc-devs/2014-April/004605.html
http://www.haskell.org/pipermail/ghc-devs/2014-April/004616.html
2014-04-11 22:33:11 +02:00
Peter Simons
5b211b9a9b Merge pull request #2207 from jwiegley/master
Add c2hsc to haskell-packages.nix
2014-04-11 22:30:49 +02:00
Domen Kožar
baf2a4d4b9 ugly tarball fix for llvmPackages support on Darwin 2014-04-11 21:28:43 +02:00
John Wiegley
8026caec43 Add c2hsc to haskell-packages.nix 2014-04-11 10:34:56 -05:00
Ricardo M. Correia
b8a6eef6fa gradm: Attempt to fix build failure by using older flex
Thanks to @thoughtpolice for noticing and suggesting the fix!
2014-04-11 16:38:24 +02:00
Peter Simons
2396e9d036 perlPackages.PackageStash: Revert "update from 0.34 to 0.36"
This reverts commit 5adbf4d447. The update broke
the test suite of perl-Moose [1], which is required by Hydra.

[1] http://hydra.nixos.org/build/10268974
2014-04-11 15:23:34 +02:00
Mathijs Kwik
d87ae02fc1 synergy: upgrade to 1.4.17 2014-04-11 14:09:07 +02:00
Mathijs Kwik
62521d9ec6 openttd: upgrade to 1.4.0 2014-04-11 13:49:19 +02:00
Eelco Dolstra
ed82f188f9 nix-repl: Update 2014-04-11 12:54:54 +02:00
Oliver Charles
3befd72618 Merge pull request #2201 from offlinehacker/pkgs/postgresql93/darwin_fix
postgresql93: fix darwin builds
2014-04-11 11:38:49 +01:00
Eelco Dolstra
2da09363bf nix: Update to 1.7 2014-04-11 12:24:48 +02:00
Peter Simons
b5773eeccb R: update to version 3.1.0 2014-04-11 12:07:00 +02:00
Peter Simons
9818422bc0 Merge pull request #2203 from fmap/language-c-inline
New derivation: language-c-inline (haskell)
2014-04-11 11:45:45 +02:00
Peter Simons
846906fc53 ipsec-tools: fix build by passing old version of flex 2014-04-11 11:09:59 +02:00
Peter Simons
e35c2f6d4c all-packages.nix: drop trailing whitespace 2014-04-11 10:06:19 +02:00
Peter Simons
6913650adc maude: use old flex version; the new one causes build errors
This issue has been fixed in the latest alpha release.
2014-04-11 10:06:18 +02:00
Peter Simons
f741be954c Offer consistently named attributes for the two available flex versions. 2014-04-11 10:06:18 +02:00