nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-12-13 01:03:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
26,492 Commits 199 Branches 125 Tags 8.7 GiB
da24027c25
Commit Graph

26122 Commits

Author SHA1 Message Date
aszlig
c06c636604
chromium: Add patch for user namespace sandboxing. 
This patch adds support for unprivileged user namespaces found in kernel
versions 3.8.0 and later. In case of Nix, this is especially useful to prevent
having to set up setuid wrappers.

The implementation details about this patch can be found at the top of the file
"sandbox_userns.patch". My first attempt of creating this patch was by modifying
the SUID sandbox. Unfortunately this didn't work out well, because in the event
of a sandbox failure, the host zygote process waits for an answer of the inner
zygote with no timeout. Even if I'd have set a timeout, this would have been
very ugly, giving users which don't have unprivileged user namespaces a delay on
startup.

An alternative approach to the mentioned problem would be to use select() on the
host zygote, watching for changes stdout or stderr and the synchronization
socket. But even that approach isn't feasible because it requires a whole bunch
of even more patching.

Patch was tested with older kernels (3.2.x, 3.7.x) and kernels without user
namespace support enabled, where in case the feature is unavailable it reverts
back to the previous behaviour (no zygote sandbox, only seccomp BPF).

In order to support all Chromium channels, I manually changed the first hunk of
the patch to not include the starting context of the diff, because there is a
whitespace change in more recent versions of the Chromium source tree.

See SVN revision 199882 for the change (revert in this case) in detail:

http://src.chromium.org/viewvc/chrome?view=revision&revision=199882

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
 2013-05-16 21:03:07 +02:00
aszlig
1aa68dd29f
uqm: Include optional support for 3DO videos. 
This is optional because you have to have an image of a Star Control II 3DO CD
image. I decided to hack together a small OperaFS (that's the proprietary
filesystem used with 3DO CD-ROMs) file extractor, which should possibly make
it as painless as possible to include those videos.

It may be a good idea to split off the haskell package into another attribute
set (possibly haskellPackages?), but I really don't think there is a need for
that, because it's really just UQM and 3DO specific.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
 2013-05-16 21:03:07 +02:00
aszlig
0353c8225a
chromium: Don't repeat full paths in installPhase. 
This is no feature change and only makes the installPhase look nicer and it now
doesn't exceed 80 characters in width anymore.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
 2013-05-16 21:03:07 +02:00
aszlig
3fec0fed02
chromium: Update beta and dev channels. 
This updates the following channels to the latest upstream versions:

beta: 27.0.1453.65 -> 27.0.1453.81 (builds fine, tested)
dev:  28.0.1485.0  -> 28.0.1500.5  (builds fine, tested)

For version 28, the reference to /usr/bin/gcc is now located in
third_party/WebKit/Source/core/core.gypi instead of the previous
third_party/WebKit/Source/core/core.gyp/core.gyp.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
 2013-05-16 21:03:06 +02:00
Domen Kozar
0c4362445f almir: bump to 0.1.8 2013-05-16 20:18:02 +02:00
Jaka Hudoklin
a72ba70641 Add pudb, interactive python debugger 2013-05-16 18:15:04 +00:00
Sander van der Burg
9faa4f4b7b Added async-0.2.8 nodejs package 2013-05-16 18:18:36 +02:00
Marc Weber
87a579dd53 partclone, partimage. both are used by clonezilla and drbl (which I haven't packaged yet) 2013-05-16 17:18:11 +02:00
Peter Simons
187fdf7240 haskell-graphviz: jailbreak to support recent version of polyparse 2013-05-16 13:45:38 +02:00
Peter Simons
9796b43989 haskell-wai-app-static: update to version 1.3.1.3 2013-05-16 13:40:36 +02:00
Peter Simons
77724cdd5f haskell-uu-parsinglib: update to version 2.8.1 2013-05-16 13:40:36 +02:00
Peter Simons
8eb93a7dbf haskell-stm-chans: update to version 2.0.0 2013-05-16 13:40:36 +02:00
Peter Simons
adf10a6d28 haskell-snap: update to version 0.12.0 2013-05-16 13:40:36 +02:00
Peter Simons
89c80be53c haskell-polyparse: update to version 1.9 2013-05-16 13:40:36 +02:00
Peter Simons
09a86e216e haskell-io-choice: update to version 0.0.4 2013-05-16 13:40:35 +02:00
Peter Simons
b0b1b606dc haskell-hs-bibutils: update to version 4.17.1 2013-05-16 13:40:35 +02:00
Peter Simons
87d2cbeb19 haskell-heist: update to version 0.12.0 2013-05-16 13:40:35 +02:00
Peter Simons
59f4b266d8 haskell-haxr: update to version 3000.9.2.1 2013-05-16 13:40:35 +02:00
Peter Simons
5a9d8abf21 haskell-digestive-functors-heist: jailbrak to fix build with recent version of heist 2013-05-16 13:40:35 +02:00
Peter Simons
8cbc3906a3 haskell-HaXml: update to version 1.24 2013-05-16 13:40:35 +02:00
Peter Simons
0163789e02 haskell-ChasingBottoms: update to version 1.3.0.6 2013-05-16 13:40:35 +02:00
Peter Simons
5057310d07 haskell-lenses: add version 0.1.6 2013-05-16 13:40:34 +02:00
Peter Simons
d3963dbebf haskell-uu-options: add version 0.1.0.0 2013-05-16 13:40:34 +02:00
Peter Simons
f191a6eddf haskell-uu-interleaved: add version 0.1.0.0 2013-05-16 13:22:23 +02:00
Peter Simons
aa51bc57f8 haskell-aeson: disable test suite to avoid build error 
See <https://github.com/bos/aeson/issues/122> for further detail.
 2013-05-16 13:21:20 +02:00
Sander van der Burg
64e8c45576 Merge branch 'master' of github.com:NixOS/nixpkgs 2013-05-16 12:18:46 +02:00
Sander van der Burg
259b1f931f Added assert: Node.JS assert module and its dependencies 2013-05-16 12:18:23 +02:00
Domen Kožar
378d975b88 Merge pull request #505 from MarcWeber/submit/linux-3.8-dvb-support 
without these two settings my USB dvb-t stick doesn't work
 2013-05-16 03:16:23 -07:00
Sander van der Burg
098fb6d70d added mocha: simple, flexible, fun test framework for JavaScript and its dependencies 2013-05-16 11:49:21 +02:00
Domen Kozar
3745b458ab pg8000: fix url 2013-05-16 11:04:36 +02:00
Gergely Risko
51c69ea60e oracle jdk/jre: use requireFile instead of fetchurl (merge #537) 
The user has to accept the EULA nowadays on the oracle website.
 2013-05-16 10:58:08 +02:00
Gergely Risko
07b26ce493 fetchUrl: add curlOpts parameter (merge #535) 2013-05-16 10:45:16 +02:00
Domen Kozar
951f5be7d9 pg8000: upgrade to 1.09 to support postgresql 9.1/9.2 2013-05-16 10:05:39 +02:00
Domen Kozar
7bbe5823e8 let hydra mirror unfree firmware 2013-05-15 15:22:50 +02:00
Domen Kožar
d63523c769 Merge pull request #527 from qknight/firmware-linux-0.36-to-0.38 
updated firmware-linux from 0.36-to-0.38
 2013-05-15 06:17:45 -07:00
Domen Kožar
83747f519a Merge pull request #519 from offlinehacker/powerline2 
Add powerline beta, libgit2 and pygit2
 2013-05-15 06:17:23 -07:00
Eelco Dolstra
501833cf55 linux: Re-enable the memory resource controller 
We accidentally lost this in Linux >= 3.5 because the kernel options
were renamed.  (Probably an argument for not using "?" in the kernel
config...)
 2013-05-15 14:53:15 +02:00
Eelco Dolstra
d5c8f4cb60 cacert: Update to 20121229 2013-05-15 13:15:53 +02:00
Eelco Dolstra
e3c641b39a mercurial: Update to 2.6.1 
Also, set a default for web.cacerts so that the system certificates on
NixOS are used.
 2013-05-15 13:15:53 +02:00
Rob Vermaas
000fddd10e Fix hash for linux 3.2.45 2013-05-15 08:37:33 +00:00
Shea Levy
dd42dd480b runInLinuxImage: Fix derivation overriding. 
This only ever worked because runInLinuxVM happened to call
overrideDerivation, which itself erroneously passed arbitrarily-added
attributes to the new call to derivation.

Hopefully this time Eelco won't have to revert my change ;)

Signed-off-by: Shea Levy <shea@shealevy.com>
 2013-05-15 01:15:16 -04:00
Shea Levy
03b6fe7422 Revert "Revert "overrideDerivation: Re-attatch passthru and meta to all outputs"" 
This reverts commit 18df66f466.

I will fix the breakage in upcoming commits.

Signed-off-by: Shea Levy <shea@shealevy.com>
 2013-05-15 00:39:17 -04:00
Shea Levy
05a02c639e Revert "Revert "Revert "Revert "overrideDerivation: Simplify"""" 
This reverts commit abf2d36773.

I will fix the breakage in upcoming commits.

Signed-off-by: Shea Levy <shea@shealevy.com>
 2013-05-15 00:38:03 -04:00
David Guibert
880a386c57 update linux 3.2.45 2013-05-14 21:33:14 +02:00
Lluís Batlle i Rossell
44e99f41be Fixing 'my-env', when without cleanup. 2013-05-14 18:59:50 +02:00
Lluís Batlle i Rossell
48f97bdae0 Some kde wrapper improvements. 2013-05-14 18:51:24 +02:00
David Guibert
c887f9e932 update gnuplot to 4.6.0 2013-05-14 15:42:14 +02:00
Eelco Dolstra
ea919f29a9 hipchat: Fix desktop item 2013-05-14 14:30:15 +02:00
Eelco Dolstra
07d4f26be1 nvidia-x11: Update to 319.17 2013-05-14 13:47:30 +02:00
Eelco Dolstra
b9013993db git: Update to 1.8.2.3 2013-05-14 11:53:28 +02:00
Eelco Dolstra
2ce0e5ef4b mysql: Update to 5.1.69 2013-05-14 11:47:23 +02:00
Eelco Dolstra
602be839a4 mysql: Update to 5.5.31 
CVE-2013-1502, CVE-2013-1511, CVE-2013-1532, CVE-2013-1544,
CVE-2013-2375, CVE-2013-2376, CVE-2013-2389, CVE-2013-2391,
CVE-2013-2392, maybe others.
 2013-05-14 11:47:22 +02:00
Rickard Nilsson
30b3522c14 scala: Remove scalacheck.jar from scala's classpath 2013-05-14 11:28:24 +02:00
Sander van der Burg
bfd5124bde jayschema: JSON schema validator NodeJS package 2013-05-14 11:27:44 +02:00
Andres Loeh
645eb7c3c1 haskell-irc: no longer depends on parsec-2. 2013-05-14 11:06:12 +02:00
Lluís Batlle i Rossell
d4039f99fd go: 1.1 released 2013-05-14 10:58:48 +02:00
Eelco Dolstra
fdd06dc094 nix: Update to 1.5.2 2013-05-14 00:01:38 +02:00
Eelco Dolstra
9f9620f566 Doh 2013-05-13 22:04:33 +02:00
Evgeny Egorochkin
f2098a37cd Merge pull request #531 from errge/master 
download git-annex from github, not kitenet.net
 2013-05-13 10:18:34 -07:00
Domen Kozar
6c56602e55 dunst: upgrade, set maintainers, set default config file 2013-05-13 18:48:42 +02:00
Gergely Risko
972b1a7d50 Download git-annex from github instead of git.kitenet.net 
git.kitenet.net doesn't allow snapshot downloads anymore, the url
just returns 403 Forbidden.
 2013-05-13 18:19:41 +02:00
Eelco Dolstra
278b255388 Restore unintentionally deleted line 2013-05-13 18:15:02 +02:00
Eelco Dolstra
9df603b300 Use Linux 3.9 for VM builds 
This seems to fix CIFS hangs like: http://hydra.nixos.org/build/4916655
 2013-05-13 18:12:12 +02:00
Eelco Dolstra
6fb4c62f25 Fix some old Fedora builds 
http://hydra.nixos.org/build/4949447
 2013-05-13 17:47:20 +02:00
Lluís Batlle i Rossell
a6781e121f libreoffice: update from 3.6.2.2 to 3.6.6.2 2013-05-13 16:07:01 +02:00
Peter Simons
25b7c65b34 haskell-hlint: update to version 1.8.45 2013-05-13 13:43:44 +02:00
Peter Simons
057ec53542 haskell-haskdogs: update to version 0.3.2 2013-05-13 13:43:44 +02:00
Peter Simons
4e359215c5 haskell-uuid: update to version 1.2.13 2013-05-13 13:43:44 +02:00
Peter Simons
6b33985fc7 haskell-unix-time: update to version 0.1.8 2013-05-13 13:43:44 +02:00
Peter Simons
05369891a9 haskell-shake: update to version 0.10.3 2013-05-13 13:43:44 +02:00
Peter Simons
bc50c0f467 haskell-largeword: update to version 1.0.5 2013-05-13 13:43:44 +02:00
Peter Simons
4d545eddcd haskell-ghc-mod: update to version 1.12.5 2013-05-13 13:43:44 +02:00
Peter Simons
9e609d2369 haskell-accelerate: update to version 0.13.0.1 2013-05-13 13:43:44 +02:00
Peter Simons
82759ee4c0 haskell-accelerate-io: update to version 0.13.0.1 2013-05-13 13:43:43 +02:00
Peter Simons
825fc23a63 haskell-accelerate-cuda: update to version 0.13.0.1 2013-05-13 13:43:43 +02:00
Eelco Dolstra
a1a725d20d linux: Set AUDIT_LOGINUID_IMMUTABLE 
This prevents faking the loginuid even by root.
 2013-05-13 11:53:00 +02:00
Rok Garbas
0e29127928 pa-audio: adding hash 2013-05-13 10:10:05 +02:00
Lluís Batlle i Rossell
3810378b79 blender: update to 2.67 2013-05-13 10:03:33 +02:00
Lluís Batlle i Rossell
c48fe0fea6 opencv: update to 2.4.5 2013-05-13 09:18:27 +02:00
Vladimír Čunát
82f5dc59cf lyx: maintenance update, enable check phase 2013-05-13 00:07:15 +02:00
Domen Kozar
f3855919f3 btsync: unredistributable 2013-05-13 00:05:06 +02:00
Mathijs Kwik
3d5121233d mongodb: upgrade to 2.4.3 and use system libraries 2013-05-12 22:46:42 +02:00
Mathijs Kwik
81022e4b0a neoload: upgrade to 4.1.2 2013-05-12 22:46:41 +02:00
Mathijs Kwik
c987cb34c6 x264: upgrade to latest stable 2013-05-12 22:46:41 +02:00
Mathijs Kwik
6c423de052 yasm: upgrade to 1.2.0 2013-05-12 22:46:41 +02:00
David Guibert
0e98cd4a65 update linux versions 2013-05-12 20:28:45 +02:00
Peter Simons
6cfb49954f haskell-type-equality: update to version 0.1.2 2013-05-12 16:13:10 +02:00
Peter Simons
63a048f79c haskell-reactive-banana: update to version 0.7.1.2 2013-05-12 16:13:10 +02:00
Peter Simons
fb86ac1b96 release-haskell.nix: GHC 7.6.x has a Haskell Platform now 2013-05-12 16:13:10 +02:00
Peter Simons
f47d100de7 Switch GHC 7.6.x to Haskell Platform 2013.2.0.0. 2013-05-12 16:13:10 +02:00
Peter Simons
631d59adc3 haskell-platform: add release candidate for 2013.2.0.0 2013-05-12 16:13:10 +02:00
Peter Simons
aec64e12d3 haskell-ChasingBottoms: jailbreak to fix build with recent versions of QuickCheck 2013-05-12 16:13:10 +02:00
Peter Simons
2c96335b6d haskell-case-insensitive: use version 1.0.0.1 for HP 2013.2.0.0 2013-05-12 16:12:59 +02:00
Peter Simons
a6b8852b9a haskell-attoparsec: rename file for inclusion in HP 2013.2.0.0 2013-05-12 16:12:58 +02:00
Peter Simons
480ac921fb haskell-GLURaw: rename file for inclusion in HP 2013.2.0.0 2013-05-12 16:12:58 +02:00
Peter Simons
026700b527 haskell-OpenGLRaw: rename file for inclusion in HP 2013.2.0.0 2013-05-12 16:12:58 +02:00
Peter Simons
1884de2f6f haskell-attoparsec-enumerator: move this package into its own directory 2013-05-12 16:12:58 +02:00
Peter Simons
58b81e21f0 haskell-unordered-containers: use version 0.2.3.0 for HP 2013.2.0.0 2013-05-12 16:12:36 +02:00
Evgeny Egorochkin
0dc48d3bba Merge pull request #526 from bjornfor/tcptrack 
tcptrack: new package
 2013-05-12 05:15:16 -07:00
Bjørn Forsman
df09b7fb5f tcptrack: new package 
tcptrack is a small libpcap based program (with ncurses UI) for live TCP
connection monitoring.

It seems upstream homepage is down, so download the source code from a
fedora server instead.
 2013-05-12 14:03:24 +02:00