Commit Graph

1431 Commits

Author SHA1 Message Date
Eelco Dolstra
0979db0c19 thunderbird: Update to 17.0.6
Includes lots of security fixes.
2013-05-17 14:55:45 +02:00
aszlig
c06c636604
chromium: Add patch for user namespace sandboxing.
This patch adds support for unprivileged user namespaces found in kernel
versions 3.8.0 and later. In case of Nix, this is especially useful to prevent
having to set up setuid wrappers.

The implementation details about this patch can be found at the top of the file
"sandbox_userns.patch". My first attempt of creating this patch was by modifying
the SUID sandbox. Unfortunately this didn't work out well, because in the event
of a sandbox failure, the host zygote process waits for an answer of the inner
zygote with no timeout. Even if I'd have set a timeout, this would have been
very ugly, giving users which don't have unprivileged user namespaces a delay on
startup.

An alternative approach to the mentioned problem would be to use select() on the
host zygote, watching for changes stdout or stderr and the synchronization
socket. But even that approach isn't feasible because it requires a whole bunch
of even more patching.

Patch was tested with older kernels (3.2.x, 3.7.x) and kernels without user
namespace support enabled, where in case the feature is unavailable it reverts
back to the previous behaviour (no zygote sandbox, only seccomp BPF).

In order to support all Chromium channels, I manually changed the first hunk of
the patch to not include the starting context of the diff, because there is a
whitespace change in more recent versions of the Chromium source tree.

See SVN revision 199882 for the change (revert in this case) in detail:

http://src.chromium.org/viewvc/chrome?view=revision&revision=199882

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2013-05-16 21:03:07 +02:00
aszlig
0353c8225a
chromium: Don't repeat full paths in installPhase.
This is no feature change and only makes the installPhase look nicer and it now
doesn't exceed 80 characters in width anymore.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2013-05-16 21:03:07 +02:00
aszlig
3fec0fed02
chromium: Update beta and dev channels.
This updates the following channels to the latest upstream versions:

beta: 27.0.1453.65 -> 27.0.1453.81 (builds fine, tested)
dev:  28.0.1485.0  -> 28.0.1500.5  (builds fine, tested)

For version 28, the reference to /usr/bin/gcc is now located in
third_party/WebKit/Source/core/core.gypi instead of the previous
third_party/WebKit/Source/core/core.gyp/core.gyp.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2013-05-16 21:03:06 +02:00
Eelco Dolstra
ea919f29a9 hipchat: Fix desktop item 2013-05-14 14:30:15 +02:00
Domen Kozar
f3855919f3 btsync: unredistributable 2013-05-13 00:05:06 +02:00
Evgeny Egorochkin
cef9ee5aab Merge pull request #513 from offlinehacker/firefox_libcanberra
firefoxWrapper: Add libcanberra gtk module to firefox
2013-05-11 14:29:38 -07:00
Bjørn Forsman
3b6a347bea wireshark: update homepage URL 2013-05-11 20:31:24 +02:00
Bjørn Forsman
8c108024ab wireshark: bump to version 1.8.6
Multiple vulnerabilities and many bugs have been fixed. See the release
notes for details:

  http://www.wireshark.org/docs/relnotes/wireshark-1.8.6.html
2013-05-11 20:31:13 +02:00
Domen Kozar
7044fd8e05 btsync: upgrade to 1.0.132 2013-05-11 09:31:25 +02:00
Evgeny Egorochkin
c3767704f4 KWebKitPart: new package 2013-05-10 05:03:54 +03:00
Jaka Hudoklin
09f342edc9 firefoxWrapper: Add libcanberra gtk module to firefox 2013-05-10 00:44:03 +00:00
Vladimír Čunát
ec3965d8d0 Revert Merge x-updates into master due to mesa bloat
See #490 discussion.

This reverts commit 1278859d31, reversing
changes made to 0c020c98f9.

Conflicts:
	pkgs/desktops/xfce/core/xfce4-session.nix (take master)
	pkgs/lib/misc.nix (auto)
2013-05-09 14:03:35 +02:00
Vladimír Čunát
1278859d31 Merge branch 'master' into x-updates
Conflicts (just splitting version from name):
	pkgs/os-specific/linux/systemd/default.nix
2013-05-08 13:46:46 +02:00
Evgeny Egorochkin
083637896d Removing konq-plugins, since they have been included in kdebase in all KDE versions we have currently
packaged.
2013-05-07 10:18:35 +03:00
Phreedom
5603d11da8 Merge pull request #482 from coroa/notmuch-gpg2
notmuch: patch source to use full path of gpg2
2013-05-03 11:34:29 -07:00
Vladimír Čunát
8fc5fb6ecc Merge branch 'master' into x-updates 2013-05-01 08:14:15 +02:00
Vladimír Čunát
42f70220ef firefox20Pkgs: use system jpeg now
I was using this for a few days without a problem.
2013-05-01 07:48:35 +02:00
Domen Kozar
197ca4d677 add bittorrent sync 2013-04-27 18:43:43 +02:00
Peter Simons
00101b66fe filezilla: strip trailing whitespace 2013-04-26 22:40:40 +02:00
Peter Simons
41dc6930cd filezilla: cosmetic changes to meta section 2013-04-26 22:40:29 +02:00
Peter Simons
2451e405c2 filezilla: update build to latest version of sqlite 2013-04-26 22:39:20 +02:00
aszlig
e7b1dfdc39
chromium: Update beta and dev channels to latest.
This updates the channels to the following new versions:

beta: 27.0.1453.47 -> 27.0.1453.65 (builds fine, tested)
dev:  27.0.1453.47 -> 28.0.1485.0  (builds fine, tested)

As we now don't have any version below 26, this update drops all references to
all older versions as well.

In addition to that, the /usr/bin/gcc reference from:

third_party/WebKit/Source/core/core.gyp/core.gyp

Can now - starting at version 28 - be found in:

third_party/WebKit/Source/WebCore/WebCore.gyp/WebCore.gyp

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2013-04-26 08:10:45 +02:00
aszlig
47a14e3d36
google-talk-plugin: Update to version 3.17.0.0.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2013-04-26 08:10:44 +02:00
Vladimír Čunát
bde20f3e88 Merge branch 'master' into x-updates
Conflicts (just taken x-updates):
	pkgs/servers/x11/xorg/overrides.nix
2013-04-24 06:29:09 +00:00
Jonas Hoersch
089404358d notmuch: patch source to use full path of gpg2
gets rid of the dependency on the old gnupg1. and enables decryption
even if the gpg binary is not in the users environment.

warning: i don't know whether the switch from gnupg1 to gnupg
introduces any incompatibilities. this is a works for me patch.
2013-04-22 10:39:48 +02:00
Lluís Batlle i Rossell
9d818bebd8 Fixing the startup script of freenet; I forgot the shebang 2013-04-21 10:59:20 +04:00
Vladimír Čunát
e8710f30e2 linphone: fix build via ignoring deprecations 2013-04-18 10:17:41 +02:00
Lluís Batlle i Rossell
cce9e298b8 Changing the source of skype4pidgin
This github fork works fine, while the previous (original) only segfaults.
2013-04-16 14:53:59 +02:00
Lluís Batlle i Rossell
9216b0598c Adding skype4pidgin. It crashes. 2013-04-16 14:53:59 +02:00
Lluís Batlle i Rossell
e60cb1713f pidgin: update to 2.10.7 2013-04-15 22:02:35 +02:00
Lluís Batlle i Rossell
37b1937704 pidgin-otr: update to 4.0.0 2013-04-15 21:35:26 +02:00
Michael Raskin
2974309fbd Merge pull request #461 from orbitz/bitlbee-3.2
Upgrade bitlbee to 3.2
2013-04-14 23:02:39 -07:00
Lluís Batlle i Rossell
50f3625f70 irssi-otr: updating to a fork more up to date 2013-04-13 18:27:47 +02:00
Lluís Batlle i Rossell
5f2a1806e5 Adding irssi-otr. 2013-04-13 17:17:47 +02:00
Lluís Batlle i Rossell
4837874840 gnunet: update to 0.9.5a (minor bugfixes) 2013-04-13 17:17:16 +02:00
Lluís Batlle i Rossell
9069b8152b freenet: adding a missing jar in the classpath
It was crashing while running, without it.
2013-04-13 15:24:28 +02:00
Lluís Batlle i Rossell
49d4d308d4 Adding freenet
I don't build freenet_ext or bcprov, I just take the jar.
Freenet irc people told me that freenet_ext barely changes and it's a hell to build.
2013-04-13 15:01:46 +02:00
aszlig
a3fce096af
chromium: Update all channels to latest versions.
stable:   26.0.1410.43              -> 26.0.1410.63 (builds fine, tested)
beta/dev: 27.0.1453.15/27.0.1453.12 -> 27.0.1453.47 (builds fine, tested)

This should bring beta and dev in par, as dev was older than the beta version.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2013-04-13 10:31:36 +02:00
Lluís Batlle i Rossell
dc50bd550a Adding fish (blowfish over irc) for irssi. 2013-04-13 01:35:16 +02:00
Lluís Batlle i Rossell
7b6a4238b1 silc-client: the irssi plugin segfaults on join, with current irssi.
I fix and make it build the standalone client.
2013-04-13 00:24:55 +02:00
Lluís Batlle i Rossell
2080202a34 silc_client: more url problems
It was harder to test, after nix-prefetch-url. Damn it.
2013-04-12 23:48:29 +02:00
Lluís Batlle i Rossell
a0bbfe59dd silc_client: error in url
I should test better before push.
2013-04-12 23:44:29 +02:00
Lluís Batlle i Rossell
acf2979d9c silc_client: Missing file 2013-04-12 23:41:09 +02:00
Lluís Batlle i Rossell
aaf0a34f2a Adding silc-client as irssi plugin
Alone, with its own irssi, doesn't build.
2013-04-12 21:39:07 +02:00
Eelco Dolstra
4adad458e7 Remove the "proprietary" license
We already had "unfree".
2013-04-12 14:37:50 +02:00
Malcolm Matalka
254b4a8a6c Upgrade bitlbee to 3.2 2013-04-12 07:39:58 +02:00
Shea Levy
1c2565a8ef Add hipchat messaging client
Signed-off-by: Shea Levy <shea@shealevy.com>
2013-04-11 14:42:32 -04:00
Lluís Batlle i Rossell
57637d02da offrss: fixing crossbuilding, disabling podofo in that case 2013-04-10 18:26:42 +02:00
Eelco Dolstra
bfa358c76e firefox: Update to 20.0 2013-04-09 18:00:26 +02:00