Commit graph

88629 commits

Author SHA1 Message Date
Franz Pletz
131bc22b84 gitlab service: add option for db_key_base secret 2016-08-17 13:17:47 +02:00
Franz Pletz
cfb930c985 znapzend: 0.15.5 -> 0.15.7 2016-08-17 13:17:46 +02:00
Langston Barrett
0cc89278a1 ympd: init at 1.3.0 2016-08-17 13:17:41 +02:00
Nikolay Amiantov
1db8403e6f Merge pull request #17792 from jflanglois/stage-1-zram
stage-1: exclude zram devices from resumeDevices
2016-08-17 14:16:20 +04:00
Franz Pletz
32ce20c86b Merge pull request #17791 from ebzzry/emem-0.2.24
emem: 0.2.23 -> 0.2.24
2016-08-17 11:20:02 +02:00
Frederik Rietdijk
80b3a7b128 Revert "pythonPackages.psutil: 3.4.2 -> 4.3.0"
This reverts commit 86caec1be1.

In this commit tests were re-enabled, but without correctly testing whether it could.
When a package builds it doesn't mean the tests are actually run. This is often seen when it says that 0 tests were run.
Typically this is because the test runner was invoked incorrectly.

By re-enabling the tests, a false impression is generated that the package is tested while in fact it isn't. Furthermore, the Python 3.5
package broke because the tests are invoked incorrectly.

cc @abbradar
2016-08-17 10:52:22 +02:00
Lluís Batlle i Rossell
9f9cac34d3 Updating mlt to 6.2.0
(cherry picked from commit 93d8ab8007102e0e4d7f23cf25bb353d1cc5bced)

I checked with kdenlive people, and they say that we should always use the
latest mlt possible; that it should not be any problem, and provide only
improvements.
2016-08-17 10:06:30 +02:00
Julien Langlois
552c30c155 stage-1: exclude zram devices from resumeDevices 2016-08-17 00:21:47 -07:00
Rommel M. Martinez
e5a4afc1b7 emem: 0.2.23 -> 0.2.24 2016-08-17 14:37:37 +08:00
Franz Pletz
efab1cb928 Merge pull request #17782 from Baughn/unifi-fix
Unifi controller fixes
2016-08-17 06:24:55 +02:00
Franz Pletz
2571438988 linux: 4.7 -> 4.7.1 2016-08-17 05:46:00 +02:00
Franz Pletz
7a4407461b linux: 4.6.6 -> 4.6.7
Fixes CVE-2016-5696.
2016-08-17 05:45:59 +02:00
Franz Pletz
da95fb368c linux: 4.4.17 -> 4.4.18
Fixes CVE-2016-5696.
2016-08-17 05:45:59 +02:00
Franz Pletz
2104d28bcd linux: 4.1.27 -> 4.1.30
Fixes CVE-2016-5696.
2016-08-17 05:45:59 +02:00
Franz Pletz
b070a9c439 gitlab: 8.10.3 -> 8.10.6 2016-08-17 05:36:24 +02:00
Frederik Rietdijk
5a501bd828 Remove top-level dbus_python and pythonDBus.
See #11567.

Furthermore, it renames pythonPackages.dbus to pythonPackages.dbus-
python as that's the name upstream uses.

There is a small rebuild but I couldn't figure out the actual cause.
2016-08-16 22:52:37 +02:00
Frederik Rietdijk
6b23bd99a3 Remove top-level pyatspi
See #11567.
2016-08-16 22:52:37 +02:00
Domen Kožar
40da4e6ce7 fix eval 2016-08-16 22:30:15 +02:00
Domen Kožar
584c19b4a5 Merge pull request #17720 from oxij/fix-xen
Fix xen build
2016-08-16 22:06:52 +02:00
Svein Ove Aas
102472b8de unifi: Open required ports by default.
The controller does not work at all if they aren't, with the exception
of special configurations involving L3 or custom ports.
2016-08-16 21:01:49 +01:00
Svein Ove Aas
e3f0a09b6d unifi: chown the data dir as well.
It needs to be writeable.
2016-08-16 21:01:49 +01:00
Robert Helgesson
f396a0b4d0
hd-idle: init at 1.05 2016-08-16 21:59:14 +02:00
Franz Pletz
2709079569 postgresql: security updates for all versions
Fixes CVE-2016-5423 and CVE-2016-5424.

See https://www.postgresql.org/about/news/1688/.
2016-08-16 18:35:22 +02:00
Joachim Fasting
d82ddd6dc0
grsecurity: 4.7-201608131240 -> 4.7-201608151842 2016-08-16 17:50:37 +02:00
Joachim Fasting
b1cceeda84
grsecurity: enable pax size overflow plugin 2016-08-16 17:50:36 +02:00
Joachim Fasting
3fcb9e6f57
grsecurity: support non-enforcing mode
Until we've made sure that most things actually work out of the box, we
need to give people a way of continuing to use the system without
completely disabling grsecurity.

Set sysctl kernel.pax.softmode=1 or boot with pax.softmode=1
2016-08-16 17:50:36 +02:00
Domen Kožar
bab8a2ebe3 netboot: prepare for https://github.com/NixOS/nixos-channel-scripts/issues/6 2016-08-16 17:27:11 +02:00
Eelco Dolstra
859157c36b Merge pull request #17779 from obadz/make-disk-image
nixos/lib/make-disk-image: refactor to use nixos-install
2016-08-16 16:44:12 +02:00
obadz
24f8cf08cc nixos/lib/make-disk-image: refactor to use nixos-install
- Replace hand-rolled version of nixos-install in make-disk-image by an
  actual call to nixos-install
- Required a few cleanups of nixos-install
- nixos-install invokes an activation script which the hand-rolled version
  in make-disk-image did not do. We remove /etc/machine-id as that's
  a host-specific, impure, output of the activation script

Testing:

nix-build '<nixpkgs/nixos/release.nix>' -A tests.installer.simple passes

Also tried generating an image with:

nix-build -E 'let
    pkgs = import <nixpkgs> {};
    lib = pkgs.lib;
    nixos = import <nixpkgs/nixos> {
      configuration = {
        fileSystems."/".device = "/dev/disk/by-label/nixos";
        boot.loader.grub.devices = [ "/dev/sda" ];
        boot.loader.grub.extraEntries = '"''"'
          menuentry "Ubuntu" {
             insmod ext2
             search --set=root --label ubuntu
             configfile /boot/grub/grub.cfg
          }
        '"''"';
      };
    };
  in import <nixpkgs/nixos/lib/make-disk-image.nix> {
    inherit pkgs lib;
    config = nixos.config;
    diskSize = 2000;
    partitioned = false;
    installBootLoader = false;
  }'

Then installed the image:
$ sudo df if=./result/nixos.img of=/dev/sdaX bs=1M
$ sudo resize2fs /dev/disk/by-label/nixos
$ sudo mount /dev/disk/by-label/nixos /mnt
$ sudo mount --rbind /proc /mnt/proc
$ sudo mount --rbind /dev /mnt/dev
$ sudo chroot /mnt /nix/var/nix/profiles/system/bin/switch-to-configuration boot

[ … optionally do something about passwords … ]

and successfully rebooted to that image.

Was doing all this from inside a Ubuntu VM with a single user nix install.
2016-08-16 15:31:16 +01:00
Joachim F
4d1d37014a Merge pull request #17718 from matthewbauer/patch-7
travis: build stdenv also
2016-08-16 15:06:35 +02:00
Franz Pletz
35654b7fc1 Merge pull request #17743 from mayflower/service/mattermost 2016-08-16 14:54:25 +02:00
Eelco Dolstra
38f306f492 Merge pull request #17768 from obadz/nixos-install
nixos-install: cleanups & improvements to run on non-NixOS systems
2016-08-16 13:31:50 +02:00
Eelco Dolstra
16b0724efe Merge pull request #17772 from nathan7/protobuf-3.0.0
protobuf: 3.0.0-beta-3.1 -> 3.0.0
2016-08-16 12:47:41 +02:00
Nathan Zadoks
874e90fd66 protobuf: 3.0.0-beta-3.1 -> 3.0.0 2016-08-16 12:09:36 +02:00
Frederik Rietdijk
6d75bf842b mercurial: pass in pythonPackages 2016-08-16 11:48:09 +02:00
Frederik Rietdijk
888efed972 Doc: fix python examples 2016-08-16 09:47:13 +02:00
Josef Kemetmüller
24ab0460a9 armadillo: Fix failing build (#17764)
The upgrade of cmake to v3.6.0 broke this build. HDF5 now can
only be found if hdf5-cpp is used as buildInput.
However the upgrade made it possible to remove a patch:
CMake can now find openblas on its own.
2016-08-16 06:29:15 +00:00
obadz
806e88c137 nixos-install: cleanups & improvements to run on non-NixOS systems
- Fix --no-bootloader which didn't do what it advertised
- Hardcode nixbld GID so that systems which do not have a nixbld user
  can still run nixos-install (only with --closure since they can't
  build anything)
- Cleanup: get rid of NIX_CONF_DIR(=/tmp)/nix.conf and pass arguments instead
- Cleanup: don't assume that the target system has '<nixpkgs/nixos>' or
  '<nixos-config>' to see if config.users.mutableUsers. Instead check if
  /var/setuid-wrappers/passwd is there

Installing NixOS now works from a Ubuntu host (using --closure).

nix-build -A tests.installer.simple '<nixpkgs/nixos/release.nix>' succeeds ✓
2016-08-16 02:47:49 +01:00
obadz
1759825b34 nixos/tests/ecryptfs: placate some commands causing many builds failure
These commands shouldn't have to be here in the first place as ecryptfs
homes should be automatically unmounted during logoff.
2016-08-16 02:47:08 +01:00
Shea Levy
9adad8612b Revert "Merge branch 'modprobe-fix' of git://github.com/abbradar/nixpkgs"
Was meant to go into staging, sorry

This reverts commit 57b2d1e9b0, reversing
changes made to 760b2b9048.
2016-08-15 19:05:52 -04:00
Shea Levy
57b2d1e9b0 Merge branch 'modprobe-fix' of git://github.com/abbradar/nixpkgs 2016-08-15 19:01:44 -04:00
Nikolay Amiantov
b067b53011 networkmanager098: fix binary paths 2016-08-16 00:19:26 +03:00
Nikolay Amiantov
cd05a8ed00 networkmanager: point to kmod's modprobe 2016-08-16 00:19:26 +03:00
Nikolay Amiantov
1f63958772 nixos treewide: don't set MODULE_DIR 2016-08-16 00:19:25 +03:00
Nikolay Amiantov
b2ebecd9e5 modprobe service: drop kmod wrapper 2016-08-16 00:19:25 +03:00
Nikolay Amiantov
1afd250676 treewide: replace several /sbin paths by /bin 2016-08-16 00:19:25 +03:00
Nikolay Amiantov
131fca0a85 kmod: add patch to allow searching for modules in several directories 2016-08-16 00:19:25 +03:00
obadz
760b2b9048 nixos/make-disk-image: add ability to defer bootloader install until image has been flashed 2016-08-15 20:01:55 +01:00
Joachim Fasting
f9c3076e58
grsecurity docs: mention chromium setuid sandbox 2016-08-15 20:36:47 +02:00
Joachim Fasting
050b7eec16
grsecurity module: systemd-nspawn requires cap_sys_admin
As with 9ca3504a798291fbd7c49fcfeec8b64daa2022ad

Closes https://github.com/NixOS/nixpkgs/issues/17714
2016-08-15 20:36:47 +02:00