We're propagating the plugin flags by importing from another Nix
expression file, which in turn exports the Nix path to the wrapper. This
causes that the store path isn't referenced in the wrapper and the path
isn't recognized by scanning the wrapper script (only those already
referenced at build time are).
So let's add the activated plugins to the buildInputs of the wrapper.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This brings a new stable version 40.0.2214.91 along with a beta update
to version 41.0.2272.16, the dev channel is still stuck at version
41.0.2272.12 and within the next days will jump to version 42.
For this reason, I've done some cheating here and brought the beta
channel in par with the dev channel, because dev is older than beta on
OmahaProxy.
Here's an overview of the channel upgrades:
stable: 39.0.2171.65 -> 40.0.2214.91 [1]
beta: 40.0.2214.10 -> 41.0.2272.16 [1] [2] [3]
dev: 41.0.2224.3 -> 41.0.2272.16 [1] [2] [3]
[1]: We needed to patch in locations of lib{pci,udev}.so, because
Chromium tries to load them at runtime. For version 41 startup will
fail if it is unable to load libudev, but it also has the advantage
that this fixes GPU detection using libpci in the stable version,
which in turn could fix a few bugs on NixOS.
[2]: The upstream Debian package for the binary plugins now uses XZ
compression for the enclosed data tarball.
[3]: Chromium 41 needs {shapshot,natives}_blob.bin in order to start up,
so let's cp it among with the .pak files to avoid adding a
conditional for version 40.
The release annoucement of the stable channel update can be found here:
http://googlechromereleases.blogspot.de/2015/01/stable-update.html
Note that this release contains 62 security fixes(!) and I'm hereby
apologizing for the delay of this update.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
The repo has been split into smaller repos and it will require some more
work to get it building again and to figure out which ports and plugins
to include.
Even though we build from git tag 3.5.403, `ardour --version` reports
3.5-380-g2f6065b. Fix it.
(Another way to fix this is to clone the whole git repo, preserve the
.git/ directory and add git as buildInput so that Ardour can figure out
all this version info stuff by itself.)
Attrnames and package names should be as close as possible to avoid confusion.
I took care not to confuse the two mpc things during the mass-replace,
so hopefully I suceeded (tarball still builds).
This ensures that git is added as a run-time dependency of tig and
allows tig to find the git command even if git is not installed in the
user environment. Fixes#5741.
This adds enhanced-ctorrent (ctorrent) which is a CLI-based bittorrent
client written in C++. It is very fast for those times when one wants to
simply add a torrent quick'n'dirty-style.
Writing the gid_map is already non-fatal, but the actual sandbox process
still tries to setresgid() to nogroup (usually 65534). This however
fails, because if user namespace sandboxing is present, the namespace
doesn't have CAP_SETGID at this point.
Fortunately, the effective GID is already 65534, so we just need to
check whether the target gid matches and only(!) setresgid() if it
doesn't.
So if someone would run a SUID version of the sandbox, it would still
work nonetheless without a negative impact on security.
Fixes#5730, thanks to @wizeman for reporting and initial debugging.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
The dependency on sqlite was propagated through to miro by libsoup, but
with f570f97, it's no longer propagated anymore so we need to pass it to
the miro derivation directly.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
The build script is a shell script which has a shebang using
/usr/bin/env, which isn't available in a chrooted Nix daemon.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
The following vulnerabilities have been fixed.
- wnpa-sec-2015-01
The WCCP dissector could crash. (Bug 10720, Bug 10806) CVE-2015-0559,
CVE-2015-0560
- wnpa-sec-2015-02
The LPP dissector could crash. (Bug 10773) CVE-2015-0561
- wnpa-sec-2015-03
The DEC DNA Routing Protocol dissector could crash. (Bug 10724) CVE-2015-0562
- wnpa-sec-2015-04
The SMTP dissector could crash. (Bug 10823) CVE-2015-0563
- wnpa-sec-2015-05
Wireshark could crash while decypting TLS/SSL sessions. Discovered by Noam
Rathaus. CVE-2015-0564
See more at https://www.wireshark.org/docs/relnotes/wireshark-1.12.3.html
This add profanity and dependencies and a few cleanups from me for the
profanity package expression.
Thanks to @devhell and apologies for pestering him with my nitpicking.
* Commit summary:
profanity: Add option for autoAwaySupport.
profanity: Clean up package expression file.
profanity: Add libnotifySupport config option
all-packages: Add libnotify option to profanity
profanity: Add "platforms" meta information
profanity: Add libXScrnSaver and libX11 buildInputs
libstrophe: Add "platforms" meta information
libstrophe: Fix typo
profanity: Add profanity, a ncurses XMPP client
libstrophe: Add new package
Actually, two dependencies used for notifySupport are for
autoAwaySupport and have nothing to do with notifications, so let's
split them apart.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
No real changes in functionality, other than renaming libnotifySupport
to just notifySupport.
I've wrapped the lines to a maximum of 80 characters in width, so the
file looks less cluttered up. Which includes setting apart the attribute
for notifySupport and its respective dependencies from the main
dependencies.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Originally I had in mind to introduce an attribute like "enableGPG", but
it seems that other distro include it per default, so I guess most users
coming from other distros would expect it that way. And so it is now.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Here, I present a new level of hierarchy on Nixpkgs: the Altcoins.
The idea is to put a single cryptocurrency per file, and build them
using expressions like altcoins.bitcoin. I believe this ordering is
clearer and more maintainable that the current one.
This makes the Eclipse internal web browser work.
The internal web browser is the default browser, and Eclipse requires
manual configuration for any other (external) web browser. To me this
means the internal browser should be working by default, unless users
will get an error popup if they click any links.
This change increases the closure size from 714 to 880 MiB
(attribute eclipses.eclipse_cpp_43).
Makes beets actually usable (and configurable) on Nix(OS), if you want
to use more plugins rather than just plain lookup of tracks based on
(fuzzy) string matching.
This also changes the derivation name from "python2.7-beets" to just
"beets".
* Commit summary:
beets: Check dependencies on activated plugins.
beets: Check plugin definitions against package.
beets: Use audiotools backend for replaygain.
beets: Allow to configure plugin dependencies.
beets: Switch to using fetchFromGitHub.
python: Add new package audiotools.
python: Add new package discogs_client.
python: Add pyacoustid and dependencies.
python/mutagen: Update to upstream version 1.27.
mp3gain: Fix output path bin directory.
beets: Add myself to maintainers.
beets: Update to new upstream version 1.3.9.
beets: Move into its own package directory.
This is more of an attempt rather than a real fix (or maybe it is? let's
see) for the corrupted .pyc files during build. I believe the reason we
get these are likely due to several instances of the Python interpreter
that run in parallel and one of these processes might still be writing
the .pyc file.
So, rather than deleting all .pyc files, we now precompile then in order
to avoid any build process trying to generate any .pyc file.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Because:
1. It is a mere alias of `pythonPackages.sip`
2. It is usually not needed since propagated by `pyqt4`
3. It makes it easy to have a packages depend on two different versions
of sip
This commit eliminates a patch which hard-coded an example configuration file as the program's default settings and prevented the program from reading a user's configuration file.
Introduces a video/audio information utility, both CLI and GUI.
Thanks to @devhell.
* devhell-mediainfo:
libzen: Add --enable-shared to configureFlags.
mediainfo-gui: Add package
mediainfo: Add myself to meta.maintainers.
mediainfo: Add package and dependencies
Name has been changed in c9282c65f4.
Users would probably expect "nix-env -i picard" to work, and as picard
isn't a library it doesn't make sense to set a prefix.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Because we have to rely on setuid wrappers on NixOS, we can't easily
hardcode the executable paths and set it 4755. So for all calls, we need
to change the runtime path executable directory to /var/setuid-wrappers/
and for verification we need to retain the executable directory.
Also note, that usually VBoxNetAdpCtl, VBoxNetDHCP, VBoxNetNAT, VBoxSDL
and VBoxVolInfo don't reside in directories that are commonly in PATH,
but in /usr/lib/virtualbox in most mainstream distros. But because the
names of these executables are distinctive enough to not cause
collisions with other setuid programs, I'll leave it like that and not
patch up setuid-wrappers.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Not really changes anything in functionality, but makes it easier to
change the build type to "debug", for example.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Fixes the following bugs:
* Helper tool crashes when service checks elevation state
* Zeroconf on server advertises bogus IP address
* Drag file causes client crash on Mac (10.10)
Introduces the following enhancements:
* Optional Bonjour requirement for Windows
* Automatic Bonjour download and install
* Auto-config available servers combo box
* More user friendly dialog when client is detected
* Minimize auto config message box usage
* Firewall exception for GUI (needed for Bonjour)
* Consistent naming for auto config feature
Full changelog with bug IDs can be found at:
http://synergy-project.org/changelog/
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Just accidentally found this while debugging and it's needed for
fetching a few interface details, not sure however whether because of
this anything has been broken so far.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Instead of coping it to $out and later deleting it, we now exclude the
src directory during copy. Also, we no longer cd into the release
directory during installPhase, which should make sure that we are
constantly in $sourceRoot.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
- Move lgi to luaPackages
- Use luaPackages in awesome and passthru lua
- Allow to pass lua modules to the awesome WM so that those can be used in the configuration
Fixes this error, as seen when trying to open a guest VM when
virt-viewer is accessed over ssh with X forwarding:
GLib-GIO-ERROR **: Settings schema 'org.gnome.system.proxy' is not installed
A similar issue was fixed for virt-manager in commit
fb8a2b3be7 ("virt-manager: fix missing
schema error")
We divert to the $out/share/virtualbox directory only if we have
hardening enabled, so let's put the extension pack into
$out/libexec/virtualbox instead if we're compiling without hardening.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
* Add missing dependency on 'spice_protocol'
* Fix new build error which came now that ./configure enables SPICE support:
building virt-viewer
CCLD virt-viewer
/nix/store/b8qhjrwf8sf9ggkjxqqav7f1m6w83bh0-binutils-2.23.1/bin/ld: cannot find -lgdbm
/nix/store/b8qhjrwf8sf9ggkjxqqav7f1m6w83bh0-binutils-2.23.1/bin/ld: cannot find -lcap
collect2: error: ld returned 1 exit status
Fix by adding gddbm and libcap as inputs. Yes, libcap is needed
_in addition_ to libcap_ng (I tested removing libcap_ng, it failed).
Without this change, virt-viewer cannot be used with guests machines
that uses SPICE.
Yes, this is only on the package level, so it's possible to use
VirtualBox for example installed by nix-env -i, which of course doesn't
have access to the functionality provided by the various VirtualBox
kernel modules.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Before we do substitutions, the Exec= line is (currently)
"Exec=libreofficedev4.3 --some-arg". Our substitution logic doesn't handle
that, resulting in broken "Exec=$out/bin/sofficedev4.3 --some-arg"
($out/bin/sofficedev4.3 doesn't exist).
Looking at libreoffice source, the .desktop files refer to a UNIXBASISROOTNAME
variable which come from instsetoo_native/util/openoffice.lst.in. Currently, it
can have one of two values, presumably depending on whether the build is
"normal" or "development":
libreoffice${major}.${minor}
libreofficedev${major}.${minor}
Handle both these cases, and also leave the old non-versioned substitution
around, just in case.
Fixes issue #3463.
It turns out that installing therubytracer, with dependency on old v8, even
when using source libv8 version is problematic.
(see
http://stackoverflow.com/questions/21666379/problems-installing-gitlab-on-odroid-v8-lib-not-available).
But wait, rails does not even need therubytracer, just any kind of javascript
server side execution framework like nodejs. Well just use that, as also
suggested from different internet sources (look link above), it works just
fine.