BoomMicrophone/nixpkgs-suyu
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
92895 commits 1 branch 0 tags 3.8 GiB
Commit graph

5408 commits

Author SHA1 Message Date
Joachim Fasting
5313f1096a Merge pull request #16510 from womfoo/guvcview 
guvcview: 2.0.2 -> 2.0.4
 2016-06-26 13:24:54 +02:00
Kranium Gikos Mendoza
66073374af guvcview: 2.0.2 -> 2.0.4 2016-06-26 13:44:24 +08:00
Tim Steinbach
125ffff089 kernel: 4.6.2 -> 4.6.3 2016-06-24 22:18:16 +00:00
Vladimír Čunát
6b27ceb006 Merge 'master' into staging and re-revert merge 
... from staging to master, reverted temporarily in aa9a04883e.
 2016-06-23 12:09:03 +02:00
Vladimír Čunát
aa9a04883e Revert "Merge branch 'staging'" due to glibc 
The main output started to retain dependency on bootstrap-tools; see
https://github.com/NixOS/nixpkgs/pull/15867#issuecomment-227949096

This reverts commit c05d829598, reversing
changes made to f073df60d6.
 2016-06-23 09:25:10 +02:00
Joachim Fasting
9d052a2c39
grsecurity: 4.5.7-201606142010 -> 4.5.7-201606202152 2016-06-23 00:55:54 +02:00
Vladimír Čunát
c05d829598 Merge branch 'staging' 2016-06-22 10:49:56 +02:00
Tobias Geerinckx-Rice
eec8d44335
nvidia_x11_legacy*: remove unused nvidia-340.76-kernel-4.0.patch 2016-06-22 03:58:55 +02:00
Gabriel Ebner
0d9bb144d9 dstat: 0.7.2 -> 0.7.3 2016-06-20 18:08:31 +02:00
Bjørn Forsman
bd01fad0ed Captialize meta.description of all packages 
In line with the Nixpkgs manual.

A mechanical change, done with this command:

  find pkgs -name "*.nix" | \
      while read f; do \
          sed -e 's/description\s*=\s*"\([a-z]\)/description = "\u\1/' -i "$f"; \
      done

I manually skipped some:

* Descriptions starting with an abbreviation, a user name or package name
* Frequently generated expressions (haskell-packages.nix)
 2016-06-20 13:55:52 +02:00
Eelco Dolstra
453086a15f linux: 4.4.12 -> 4.4.13 2016-06-20 13:11:55 +02:00
zimbatm
7c32638439 Merge pull request #16259 from layus/update-mptcp 
linux_mptcp: update 0.90 -> 0.90.1
 2016-06-20 09:29:07 +01:00
zimbatm
31c158ad45 Merge pull request #16189 from zimbatm/usershell-config 
User shell config
 2016-06-19 23:36:45 +01:00
Vladimír Čunát
e757404555 Merge branch 'master' into staging 
Hydra nixpkgs: ?compare=1279790
 2016-06-19 12:33:04 +02:00
Vladimír Čunát
97c484a10f treewide: fix #include errors after gcc-5.4 
They were mostly missing <cmath> or <math.h>.
 2016-06-19 10:18:30 +02:00
Aristid Breitkreuz
6a3dcb70bc Merge pull request #16112 from abuibrahim/master 
odp-dpdk: init at 1.8.0.0
 2016-06-18 17:09:13 +02:00
Joachim Fasting
875fd5af73
grsecurity: 4.5.7-201606110914 -> 4.5.7-201606142010 2016-06-16 14:29:12 +02:00
Ruslan Babayev
de67e77e3f odp-dpdk: init at 1.8.0.0 
Signed-off-by: Ruslan Babayev <ruslan@babayev.com>
 2016-06-15 22:17:03 -07:00
Guillaume Maudoux
d73b7d101f linux_mptcp: 0.90 -> 0.90.1 2016-06-15 22:56:11 +02:00
Joachim Fasting
130b06eb0b
grsecurity: 4.5.7-201606080852 -> 4.5.7-201606110914 2016-06-14 14:18:01 +02:00
Franz Pletz
99cc3fa6ca systemd: Disable stackprotector hardening flag 2016-06-14 10:19:05 +00:00
Joachim Fasting
886c03ad2e Merge pull request #16107 from joachifm/grsec-ng 
Rework grsecurity support
 2016-06-14 03:52:50 +02:00
Joachim Fasting
75b9a7beac
grsecurity: implement a single NixOS kernel 
This patch replaces the old grsecurity kernels with a single NixOS
specific grsecurity kernel.  This kernel is intended as a general
purpose kernel, tuned for casual desktop use.

Providing only a single kernel may seem like a regression compared to
offering a multitude of flavors.  It is impossible, however, to
effectively test and support that many options.  This is amplified by
the reality that very few seem to actually use grsecurity on NixOS,
meaning that bugs go unnoticed for long periods of time, simply because
those code paths end up never being exercised.  More generally, it is
hopeless to anticipate imagined needs.  It is better to start from a
solid foundation and possibly add more flavours on demand.

While the generic kernel is intended to cover a wide range of use cases,
it cannot cover everything.  For some, the configuration will be either
too restrictive or too lenient.  In those cases, the recommended
solution is to build a custom kernel --- this is *strongly* recommended
for security sensitive deployments.

Building a custom grsec kernel should be as simple as
```nix
linux_grsec_nixos.override {
  extraConfig = ''
    GRKERNSEC y
    PAX y
    # and so on ...
  '';
}
```

The generic kernel should be usable both as a KVM guest and host.  When
running as a host, the kernel assumes hardware virtualisation support.
Virtualisation systems other than KVM are *unsupported*: users of
non-KVM systems are better served by compiling a custom kernel.

Unlike previous Grsecurity kernels, this configuration disables `/proc`
restrictions in favor of `security.hideProcessInformation`.

Known incompatibilities:
- ZFS: can't load spl and zfs kernel modules; claims incompatibility
  with KERNEXEC method `or` and RAP; changing to `bts` does not fix the
  problem, which implies we'd have to disable RAP as well for ZFS to
  work
- `kexec()`: likely incompatible with KERNEXEC (unverified)
- Xen: likely incompatible with KERNEXEC and UDEREF (unverified)
- Virtualbox: likely incompatible with UDEREF (unverified)
 2016-06-14 00:08:20 +02:00
zimbatm
ae34904ee9 Merge pull request #16160 from vrthra/mupdf 
mupdf: 1.8 -> 1.9
 2016-06-12 23:26:34 +01:00
zimbatm
e2413ad5a8 shadow: add shellPath passthru 
This one is a bit special, it's used to deny users from logging in.
 2016-06-12 20:13:32 +01:00
Christoph Hrdinka
473062c9a7 kmod-debian-aliases: 21-1 -> 22-1.1 2016-06-12 20:15:42 +02:00
Rahul Gopinath
b8a525a8b6 jfbview: update mupdf 1.8 -> 1.9 2016-06-12 09:48:34 -07:00
Joachim Fasting
4ae5eb97f1
kernel: set virtualization options regardless of grsec 
Per my own testing, the NixOS grsecurity kernel works both as a
KVM-based virtualisation host and guest; there appears to be no good
reason to making these conditional on `features.grsecurity`.

More generally, it's unclear what `features.grsecurity` *means*. If
someone configures a grsecurity kernel in such a fashion that it breaks
KVM support, they should know to disable KVM themselves.
 2016-06-10 19:27:59 +02:00
Joachim Fasting
d8e4432fe2
kernel: unconditionally disable /dev/kmem 
This was presumably set for grsecurity compatibility, but now appears
redundant.  Grsecurity does not expect nor require /dev/kmem to be
present and so it makes little sense to continue making its inclusion in
the standard kernel dependent on grsecurity.

More generally, given the large number of possible grsecurity
configurations, it is unclear what `features.grsecurity` even
*means* and its use should be discouraged.
 2016-06-10 19:27:41 +02:00
Shea Levy
4fbafb2395 linux 4.6.1 -> 4.6.2 2016-06-10 09:30:11 -04:00
Robin Gloster
8031cba2ab Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-06-10 09:27:04 +00:00
Joachim Fasting
edc36a0091
grsecurity: 4.5.6-201606051644 -> 4.5.7-201606080852 2016-06-09 15:40:06 +02:00
Vladimír Čunát
20c2ce4954 Merge #16045: kernel: 4.6.0 -> 4.6.1 2016-06-09 14:37:32 +02:00
Vladimír Čunát
c0895be3ee Merge #16044: kernel: 4.1.20 -> 4.1.25 2016-06-09 14:36:31 +02:00
Vladimír Čunát
f9310c2eee Merge #16043: kernel: 4.4.11 -> 4.4.12 2016-06-09 14:34:50 +02:00
Joachim Fasting
7a29c403fd Merge pull request #16046 from NeQuissimus/kernel456 
kernel: 4.5.5 -> 4.5.6
 2016-06-09 13:56:13 +02:00
Ruslan Babayev
ff8362aeb4 pktgen: build with the same CFLAGS as dpdk 2016-06-07 20:11:50 -07:00
Tuomas Tynkkynen
f2e6c25dc9 fusionio: Use makeLibraryPath 2016-06-07 21:18:10 +03:00
Tim Steinbach
269b7d30a7 kernel: 4.6.0 -> 4.6.1 2016-06-07 09:59:19 -04:00
Tim Steinbach
8f4755a0ae kernel: 4.5.5 -> 4.5.6 2016-06-07 09:58:24 -04:00
Tim Steinbach
a57cbf6546 kernel: 4.4.11 -> 4.4.12 2016-06-07 09:57:47 -04:00
Tim Steinbach
f3ebf13762 kernel: 4.1.20 -> 4.1.25 2016-06-07 09:57:07 -04:00
Joachim Fasting
72899d92d0
grsecurity: 4.5.5-201605291201 -> 4.5.6-201606051644 2016-06-07 15:04:24 +02:00
Tobias Geerinckx-Rice
0264d34058
mcelog: 137 -> 138 2016-06-07 12:49:26 +02:00
Tuomas Tynkkynen
bac26e08db Fix lots of fetchgit hashes (fallout from #15469) 2016-06-03 17:17:08 +03:00
Alexander Kjeldaas
4c99d22f19 kernel: set nx bit on module ro segments 
Fixes #4757.
 2016-06-03 15:41:47 +02:00
Joachim Fasting
45c6dee427 Merge pull request #15884 from grahamc/nvidia-x11 
nvidia-x11: 361.42 -> 361.45.11
 2016-06-02 23:26:39 +02:00
Domen Kožar
55b8868baf Merge pull request #15919 from abuibrahim/master 
dpdk: refactor to allow building extapps
 2016-06-02 17:25:53 +01:00
Tuomas Tynkkynen
06c0209d53 systemd: Disable systemd-boot on ARM 
Temporary workaround for the EFI stuff not working.
 2016-06-02 14:54:44 +03:00
Ruslan Babayev
6d3fcd33d7 pktgen: init at 3.0.00 2016-06-02 02:12:06 -07:00
Ruslan Babayev
49b985b241 dpdk: make primary output usable as RTE_SDK 2016-06-02 02:12:06 -07:00
Ruslan Babayev
7334e925b4 dpdk: separate kernel modules 2016-06-02 02:12:06 -07:00
Ruslan Babayev
9f3c0f9716 dpdk: move apps to examples output 2016-06-02 02:12:06 -07:00
Ruslan Babayev
6a7f257e88 dpdk: install examples to bin 2016-06-02 02:12:06 -07:00
Ruslan Babayev
e54ef8bb16 dpdk: add dependencies for vm_power_mgr example 2016-06-02 02:12:06 -07:00
Graham Christensen
180417f385
nvidia-x11: 361.42 -> 361.45.11 2016-05-31 22:23:54 -05:00
Franz Pletz
d3e0849785 batman-adv: 2016.0 -> 2016.1 2016-05-31 20:10:26 +02:00
Eelco Dolstra
66d5ca6f42 systemd: Build EFI image 2016-05-31 17:02:33 +02:00
Robin Gloster
878e24b35a linuxPackages.dpdk: disable pic hardening 2016-05-31 12:35:54 +00:00
Robin Gloster
2d382f3d98 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-05-30 19:39:34 +00:00
Bjørn Forsman
2661511cdb bluez: 5.39 -> 5.40 
A bugfix release:
http://www.bluez.org/release-of-bluez-5-40/

(I've tested this with nox-review; no new breakage.)
 2016-05-30 20:56:59 +02:00
Joachim Fasting
bfefc54bc5
grsecurity: 4.5.5-201605211442 -> 4.5.5-201605291201 2016-05-29 20:34:24 +02:00
Marius Bakke
4561a649f4 openvswitch: 2.3.1 -> 2.5.0 (#15729) 2016-05-28 16:02:04 +02:00
rnhmjoj
862ccab89c
btfs: 2.8 -> 2.9 2016-05-28 15:21:15 +02:00
Thomas Tuegel
fe57d54992 Merge pull request #15733 from mbakke/bluez-5.39 
bluez5: 5.37 -> 5.39
 2016-05-28 07:24:44 -05:00
Vladimír Čunát
e4832c7541 Merge branch 'staging' 
Includes a security update of libxml2.
 2016-05-27 15:58:40 +02:00
Luca Bruno
663beaa79f Revert "Revert "systemd: 229 -> 230"" 
This reverts commit 11894782ed.

cc @edolstra, re-reverting. Looks like it's an intended systemd change.
 2016-05-27 11:07:29 +02:00
Luca Bruno
11894782ed Revert "systemd: 229 -> 230" 
This reverts commit a2f21a54a1.

cc @edolstra the new version does not install many .pc files
like login, journal, daemon, ...
 2016-05-27 11:06:21 +02:00
Joachim Fasting
1c07183dc1 Merge pull request #15728 from grahamc/facetimehd-firmware 
Facetimehd-Firmware: Update,  add update documentation, add myself as maintainer
 2016-05-27 00:21:21 +02:00
Graham Christensen
f993e6543a
facetimehd, facetimehd-firmware: Add grahamc as a maintainer 2016-05-26 14:10:03 -05:00
Graham Christensen
24a87685e2
facetimehd: Document updating the facetimehd-firmware 2016-05-26 14:10:01 -05:00
aszlig
6f8d2d6917
kmscon: Fix build against systemd 230 
From the changelog:

  The compatibility libraries libsystemd-daemon.so,
  libsystemd-journal.so, libsystemd-id128.so, and libsystemd-login.so
  which have been deprecated since systemd-209 have been removed along
  with the corresponding pkg-config files. All symbols provided by those
  libraries are provided by libsystemd.so.

So let's just replace the use of libsystemd-daemon and libsystemd-login
with libsystemd in the configure script until a new version of kmscon
comes along.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
 2016-05-26 21:05:55 +02:00
Graham Christensen
27bf0d203d
facetimehd-firmware: 1.43 -> 1.43_4 2016-05-26 14:05:45 -05:00
Vladimír Čunát
81039713fa Merge branch 'master' into staging 
... to get the systemd update (rebuilding ~7k jobs).
 2016-05-26 16:50:22 +02:00
Eelco Dolstra
a2f21a54a1 systemd: 229 -> 230 
See https://github.com/systemd/systemd/blob/v230/NEWS for details.

The main incompatible change is that processes are now killed by
default when you exit a session. Thus, for example, using nohup in an
SSH session no longer works. You have to use "loginctl enable-linger"
and "systemd-run --user" to create a process that survives logout.
 2016-05-26 16:20:00 +02:00
Marius Bakke
8af730b0a9 bluez5: 5.37 -> 5.39 2016-05-25 20:30:28 +01:00
Tobias Geerinckx-Rice
9efd3d444e
cifs_utils: 6.4 -> 6.5; maintain 2016-05-25 02:06:47 +02:00
Nahum Shalman
5420f7f6e0 spl: 0.6.5.6 -> 0.6.5.7 (#15669) 2016-05-24 16:24:17 +02:00
Joachim Fasting
1badc60338
paxtest: refactoring 
- Use standard phase hooks
- Install test helpers into $out/lib/paxtest instead of dumping
  them into PATH
- Set PAXBIN=paxctl so that the appropriate pax flags are set
 2016-05-24 16:14:41 +02:00
Rok Garbas
66dc2d50dd tp-smapi: 0.41 -> 0.42 2016-05-24 13:26:47 +02:00
Rok Garbas
81eceb14be zfs: 0.6.5.6 -> 0.6.5.7 2016-05-24 12:36:08 +02:00
Franz Pletz
075f36aeda lxc: 2.0.0 -> 2.0.1 2016-05-23 19:30:45 +02:00
Vladimír Čunát
0b192a0976 Merge branch 'master' into staging 
That's to get mesa rebuild from master, as it's nontrivial.
 2016-05-23 09:02:10 +02:00
Eelco Dolstra
3ee6b22dc3 linux: 4.4.10 -> 4.4.11 2016-05-22 23:05:10 +02:00
Vladimír Čunát
c4661e9643 Merge: make dev output references explicit 
This is a rebase of most commits from #14766,
resolving conflicts and a few other evaluation problems.
 2016-05-22 12:09:23 +02:00
Joachim Fasting
5a357d9731
grsecurity: 4.5.5-201605202102 -> 4.5.5-201605211442 2016-05-21 22:28:36 +02:00
Kranium Gikos Mendoza
bc93957bb5 facetimehd: git-20160127 -> git-20160503 
Fixes issues with kernels newer than 4.4.
 2016-05-21 21:19:54 +02:00
Joachim Fasting
79481bd68f
linux: 4.5.4 -> 4.5.5 2016-05-21 07:37:41 +02:00
Joachim Fasting
cdf2ffda9d
grsecurity: 4.5.4-201605131918 -> 4.5.5-201605202102 2016-05-21 07:37:41 +02:00
Edward Tjörnhammar
f7aed7a00d
ati-drivers: migrate some patches from gentoo ati-drivers 
https://anaongit.gentoo.org/git/repo/gentoo.git @ 52dac7bdbb16f2353b15137165b69056034d7ad0
and parents for further source information.
 2016-05-20 13:14:31 +02:00
Nikolay Amiantov
74cba61eb0 linuxPackages.dpdk: force deterministic arch yet again 2016-05-19 13:53:24 +03:00
Vladimír Čunát
c02f0ade90 fix evaluation on darwin, fixing tarball job fully 2016-05-19 10:04:43 +02:00
Tuomas Tynkkynen
1819181726 treewide: Make explicit that 'dev' output of xorgserver is used 2016-05-19 10:04:41 +02:00
Tuomas Tynkkynen
51ca347278 treewide: Make explicit that 'dev' output of libXxf86vm is used 2016-05-19 10:04:40 +02:00
Tuomas Tynkkynen
603dcd6263 treewide: Make explicit that 'dev' output of libnl is used 2016-05-19 10:00:43 +02:00
Tuomas Tynkkynen
e6e1e69b4f Merge pull request #14479 from ragnard/bcc 
bcc: init at git-2016-05-18
 2016-05-19 05:05:18 +03:00
Domen Kožar
a7ca56428a dpdk: set NIX_ENFORCE_NO_NATIVE = 0 to fix build 
Since 0c6db0ca48 the build would fail
since it relies on sse instructions.

cc @abbradar to be sure this is correct fix
 2016-05-18 16:25:57 +01:00
Franz Pletz
f8d481754c
Merge remote-tracking branch 'origin/master' into hardened-stdenv 2016-05-18 17:10:02 +02:00
Tobias Geerinckx-Rice
b71463128c
lm_sensors: add Fedora mirror 
Upstream's down, causing build failures on machines not mine.
Verified against cached upstream tarball in my store.
 2016-05-18 15:58:01 +02:00
Tobias Geerinckx-Rice
311b56b764
lm_sensors: 3.3.5 -> 3.4.0 2016-05-18 15:55:22 +02:00
Ragnar Dahlén
897df5b6a7 bcc: init at git-2016-05-18 2016-05-18 11:09:18 +01:00
Domen Kožar
b49bf121b8 rename iElectric to domenkozar to match GitHub 2016-05-17 13:00:47 +01:00
Tobias Geerinckx-Rice
806ce6323e
mcelog: 136 -> 137 2016-05-17 00:49:57 +02:00
Franz Pletz
e98a0bc9e0 Merge pull request #15476 from matthiasbeyer/update-unmaintained 
Update unmaintained packages
 2016-05-16 23:45:11 +02:00
Peter Simons
8e462995ba Bring my stdenv.lib.maintainers user name in line with my github nick. 2016-05-16 22:49:55 +02:00
Shea Levy
1ea263ef03 linux-4.6: Fix copy-paste error. 
Thanks to @NeQuissimus for the spot
 2016-05-16 13:53:23 -04:00
Shea Levy
0373eb86f1 Linux 4.6 2016-05-16 11:56:39 -04:00
Matthias Beyer
d0abe9fb35 lsscsi: 0.27 -> 0.28 2016-05-16 16:12:22 +02:00
Vladimír Čunát
e5d40c6fa3 Merge branch 'staging' 
Hydra is only half-finished, but we'd better get secure glibc fast.
 2016-05-16 10:15:28 +02:00
Joachim Fasting
f99c86eec1
grsecurity: remove expressions for unsupported versions 
Retain top-level attributes for now but consolidate compatibility
attributes.

Part of ongoing cleanup, doing it all at once is infeasible.
 2016-05-16 09:10:27 +02:00
Joachim Fasting
4cf524e588
udev182: fix build against linux 4.4 headers 
Fix from https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=libudev0
 2016-05-16 01:35:57 +02:00
Vladimír Čunát
024d44dd61 Merge #15449: update default Linux headers 
...to those of the default NixOS kernel
 2016-05-14 22:25:04 +02:00
Vladimír Čunát
26e8e3e654 util-linux: use sha256 instead of sha512 again 
/cc #15048. I believe the usage of sha512 here at this point
brings very little gain and can be quite painful to some users.
 2016-05-14 22:19:28 +02:00
Tuomas Tynkkynen
b7437eb012 tcp_wrappers: Remove separate builder.sh and use standard stdenv phases 
For instance, this means that the binaries get stripped properly
(previously this package retained a reference to glibc headers).
 2016-05-14 21:05:58 +03:00
Joachim Fasting
c9750f5382
linuxHeaders_4_4: init at 4.4.10 2016-05-14 09:14:00 +02:00
Joachim Fasting
77022120f7 Merge pull request #15347 from joachifm/kernel-headers-cleanup 
linuxHeaders cleanup
 2016-05-14 08:53:48 +02:00
Joachim Fasting
6194e9d801
kernelPatches.grsecurity: 4.5.4-201605122039 -> 4.5.4-201605131918 
Also revert to using the grsecurity-scrape mirror; relying on upstream
just isn't viable. Lately, updates have been so frequent that a new
version is released before Hydra even gets around to building the
previous one.
 2016-05-14 05:15:35 +02:00
Joachim Fasting
7fdce2feb0
kernelPatches.grsecurity_4_5: 4.5.4-201605112030 -> 4.5.4-201605122039 2016-05-13 23:11:07 +02:00
Joachim Fasting
10aaca8c1f
grsecurity_4_5: 4.5.3-201605080858 -> 4.5.4-201605112030 2016-05-13 20:11:31 +02:00
Joachim Fasting
ec2ddf284d
systemd: get linuxHeaders from stdenv 
Building against anything other than the headers used to build libc
doesn't really make any sense.
 2016-05-13 19:35:09 +02:00
Franz Pletz
006f6d9437 linux: 4.5.3 -> 4.5.4 2016-05-13 17:27:51 +02:00
Vladimír Čunát
3e387c3e00 Merge branch 'staging' 
Darwin isn't in a perfect state, in particular its bootstrap tools won't
build which will block nixpkgs channel. But on the whole it seems
acceptable.
 2016-05-13 10:14:53 +02:00
Edward Tjörnhammar
046ee5ac3f
ati-drivers: 15.7 -> 15.12 
Also addresses breakage due to the multiple-outputs merge.
 2016-05-12 17:25:36 +02:00
Vladimír Čunát
6c2fbfbd77 Merge branch 'master' into staging 2016-05-12 04:53:38 +02:00
Eelco Dolstra
7a8ea6138e linux: 4.4.9 -> 4.4.10 2016-05-11 20:34:02 +02:00
Dan Peebles
8ca190c496 systemd: add iptables dependency 
This allows nspawn to do interesting firewall things when setting
up a private network.
 2016-05-10 13:57:24 +00:00
Tobias Geerinckx-Rice
20292cb12c
alsaLib: 1.1.0 -> 1.1.1 2016-05-10 04:53:17 +02:00
Joachim Fasting
52477b0a0b
kernelPatches.grsecurity_4_5: 201605060852 -> 201605080858 2016-05-09 16:38:44 +02:00
Tobias Geerinckx-Rice
5b217637f9
cpupower: correct meta.homepage 2016-05-09 02:57:07 +02:00
Vladimír Čunát
65a9fa8cdc Merge branch 'master' into staging 2016-05-08 21:24:48 +02:00
Tobias Geerinckx-Rice
6054c9f217
x86_energy_perf_policy: correct meta.homepage 2016-05-08 19:42:49 +02:00
Vladimír Čunát
717670720f Merge #15048: util-linux: 2.27.1 -> 2.28 2016-05-07 11:16:57 +02:00
Tim Steinbach
f53850bf21 kernel: 4.4.8 -> 4.4.9 (#15276) 2016-05-06 20:25:29 +02:00
Lluís Batlle i Rossell
53a4582552 Adding vmlinux to linux kernel 'dev' derivation. 
It takes some extra 13MB (and in dev, not out), but allows perf to show kernel
symbols when profiling. I think it is worth it.

In my NixOS, I refer to it in the system derivation, for easy telling to perf
through /run/booted-system/vmlinux:

  system.extraSystemBuilderCmds = ''
    ln -s ${config.boot.kernelPackages.kernel.dev}/vmlinux $out/vmlinux
  '';
 2016-05-06 18:11:03 +02:00
Tim Steinbach
02d94d335a
kernel: 4.5.2 -> 4.5.3 2016-05-06 11:12:04 -04:00
Joachim Fasting
27061905bd
linuxPackages_grsec_4_5: 3.1-4.5.2-201604290633 -> 3.1-4.5.3-201605060852 2016-05-06 16:37:25 +02:00
Lluís Batlle i Rossell
2f35e223b1 Adding libuuid (libblkid) to lvm2. 
It wants it to detect if there are filesystems present in block devices, in
case of pvcreate. Otherwise it complaints "lvm built without blkid support" and
lacks the feature of detecting/wiping.
 2016-05-06 15:09:49 +02:00
Tobias Geerinckx-Rice
273e160a12
jfbview: split out jfbpdf (jfbview w/o imlib2) 2016-05-06 13:47:50 +02:00
Tobias Geerinckx-Rice
e7cfdd6c14
jfbview: 0.5.1 -> 0.5.2 2016-05-06 13:47:49 +02:00
Franz Pletz
5c49790be5 Merge pull request #15198 from groxxda/bump/iptables 
iptables: 1.4.21 -> 1.6.0
 2016-05-06 03:18:32 +02:00
Franz Pletz
e478b63b27 Merge pull request #14835 from groxxda/libcap 
libcap: 2.24 -> 2.25, replace old split with multi-output
 2016-05-06 03:15:16 +02:00
Alexander Ried
aae11b1781 iproute2: 4.3.0 -> 4.5.0 (#15193) 2016-05-06 03:09:47 +02:00
Vladimír Čunát
1dc36904d8 Merge #14920: windows improvements, mainly mingw 2016-05-05 08:30:19 +02:00
Joachim Fasting
066949cc35 Merge pull request #15217 from LumiGuide/fix-mdadm-sendmail 
mdadm: call /var/setuid-wrappers/sendmail instead of /usr/sbin/sendmail
 2016-05-04 20:09:02 +02:00
Eelco Dolstra
1f84e43239 Do some large, concurrency-capable builds on dedicated machines 2016-05-04 18:16:27 +02:00
Bas van Dijk
a941c7e27b mdadm: call /var/setuid-wrappers/sendmail instead of /usr/sbin/sendmail 2016-05-04 15:27:53 +02:00
Robin Gloster
9820cb1bf2 use dontBuild instead of hacks 
changes:
 * buildPhase = "true"
 * buildPhase = ":"
 2016-05-04 10:11:04 +00:00
Joachim Fasting
0bd31bce10
grsecurity: drop support for 4.4 kernels 
From now on, only the testing branch of grsecurity will be supported.
Additionally, use only patches from upstream.

It's impossible to provide meaningful support for grsecurity stable.
First, because building and testing \(m \times n \times z) [1], packages
is infeasible.  Second, because stable patches are only available from
upstream for-pay, making us reliant on third-parties for patches. In
addition to creating yet more work for the maintainers, using stable
patches provided by a third-party goes against the wishes of upstream.

nixpkgs provides the tools necessary to build grsecurity kernels for any
version the user chooses, however, provided they pay for, or otherwise
acquire, the patch themselves.

Eventually, we'll want to remove the now obsolete top-level attributes,
but leave them in for now to smoothe migration (they have been removed
from top-level/release.nix, though, because it makes no sense to have
them there).

[1]: where \(m\) is the number of grsecurity flavors, \(n\) is the
number of kernel versions, and z is the size of the `linuxPackages` set
 2016-05-04 01:07:53 +02:00
Tuomas Tynkkynen
aadaa91379 Merge remote-tracking branch 'upstream/master' into staging 
Conflicts:
	pkgs/applications/networking/browsers/vivaldi/default.nix
	pkgs/misc/emulators/wine/base.nix
 2016-05-03 23:12:48 +03:00
Alexander Ried
82c141b999 Revert "iptables: add 1.6 branch (init 1.6.0). Not making it the default this time." 
This reverts commit 74f7916a9a.

Time to make it the default.
 2016-05-03 20:29:52 +02:00
Michael Raskin
0bc13e3af2 iptables: 1.4.21 -> 1.6.0 2016-05-03 20:29:30 +02:00
Alexander Ried
7382afac40 libcap: replace old split with multi-output 2016-05-03 19:52:10 +02:00
Alexander Ried
64ef643833 libcap: 2.24 -> 2.25 2016-05-03 19:52:10 +02:00
Franz Pletz
c3df9b0650 libnl: 3.2.26 -> 3.2.27 2016-05-03 16:15:20 +02:00
Franz Pletz
e027ef7cb8 iw: 4.1 -> 4.3 2016-05-03 16:15:20 +02:00
Robin Gloster
c92bca56f8 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-05-02 22:58:02 +00:00
Lluís Batlle i Rossell
94520a25ad Adding blktrace 
Tool to get traces of operations in block devices on linux.
 2016-05-03 00:26:27 +02:00
Joachim Fasting
7893cb1aea
linuxPackages_grsec_4_1: delete 
Upstream supports 3.14, 4.4, and 4.5
 2016-05-02 11:28:05 +02:00
Joachim Fasting
fecb56fc3f
linuxPackages_grsec_4_5: init at 3.1-4.5.2-201604290633 2016-05-02 11:28:05 +02:00
Louis Taylor
80f923f26f linux-testing: 4.6-rc5 -> 4.6-rc6 2016-05-02 02:29:42 +01:00
Joachim Fasting
43c406fb24 Merge pull request #15069 from NeQuissimus/kernel46rc5 
linux_testing: 4.6-rc4 -> 4.6-rc5
 2016-05-02 03:25:20 +02:00
michael bishop
c32618cd85
openiscsi: fix a file that was broken by upstream changing things to dynamic linking 2016-04-30 15:29:49 -03:00
Tobias Geerinckx-Rice
b8f60085fb
acpid: 2.0.25 -> 2.0.27; maintain 2016-04-30 14:15:33 +02:00
Nikolay Amiantov
a80e94a774 android-udev-rules: 2016-03-03 -> 2016-04-26 2016-04-30 03:12:33 +03:00
Tobias Geerinckx-Rice
1541e1ca6b
sdparm: 1.09 -> 1.10 2016-04-29 21:42:35 +02:00
Joachim Fasting
638e16e623 Merge pull request #15060 from clefru/iscsi-on-master 
iscsiadm can't load modules, so let's update open-iscsi and patch it.
 2016-04-29 17:37:22 +02:00
Clemens Fruhwirth
32d6f7c114 open-iscsi: Use kmod so that iscsiadm loads the tcp transport modules. 2016-04-29 14:02:18 +02:00
Clemens Fruhwirth
e091d27944 open-iscsi: from 2.0.873 to a git snapshot 
The last release was in May 2012 with many fixes hitting git since then.
Also open-iscsi has broken out the open-isns part as extra library, so
we have that as new dependency.
 2016-04-29 14:02:17 +02:00
Clemens Fruhwirth
82dd20a14d open-isns: init at 0.95 2016-04-29 14:02:17 +02:00
Joachim Fasting
b539f8e468 Merge pull request #15050 from ebzzry/consoletools 
consoletools: copy utils to bin
 2016-04-29 05:41:23 +02:00
Rommel M. Martinez
a6ce78130b consoletools: copy utils to bin 2016-04-29 11:12:34 +08:00
Tim Steinbach
c494947676 linux_testing: 4.6-rc4 -> 4.6-rc5 2016-04-28 23:59:52 +00:00
Tuomas Tynkkynen
7276417870 kernel config: Enable BINFMT_MISC 
This is enabled in x86 builds but lacking on ARM.
 2016-04-28 20:46:34 +03:00
Tobias Geerinckx-Rice
dcde0265a8
fatrace: 0.11 -> 0.12 2016-04-28 14:20:18 +02:00
Aneesh Agrawal
279a01d0dc util-linux: 2.27.1 -> 2.28 2016-04-27 23:26:46 -04:00
Tuomas Tynkkynen
4ff8f377af Merge remote-tracking branch 'upstream/master' into staging 2016-04-28 00:13:53 +03:00
Tuomas Tynkkynen
49d1acb50f Merge pull request #14896 from elitak/rtl8723bs 
rtl8723bs: improved build and split off firmware
 2016-04-28 00:04:44 +03:00
Eelco Dolstra
a133a74c89 Remove cruft 2016-04-26 17:31:54 +02:00
Eelco Dolstra
454eefa63b linux: 4.4.7 -> 4.4.8 2016-04-26 16:39:59 +02:00
Thomas Tuegel
70936ce3f8 bluez5: multiple outputs 2016-04-25 19:04:24 -05:00
Thomas Tuegel
e0a2224f1e v4l-utils: multiple outputs 2016-04-25 19:04:24 -05:00
Nikolay Amiantov
5f19542581 Merge commit 'refs/pull/14694/head' of git://github.com/NixOS/nixpkgs into staging 2016-04-25 18:02:23 +03:00
Tobias Geerinckx-Rice
364181b317
fatrace: add patch to fix crash 
Will be included in next release.
 2016-04-25 13:31:48 +02:00
Nikolay Amiantov
ab0a0c004e makeSearchPathOutputs: refactor to makeSearchPathOutput 2016-04-25 13:24:39 +03:00
Eric Litak
62551b5318 rtl8723bs: version bump 2016-04-25 00:41:25 -07:00
Eric Litak
4c415e59a4 rtl8723bs-firmware: init, split off from rtl8723bs 2016-04-25 00:41:25 -07:00
Eric Litak
2f6cd0ce33 rtl8723bs: improved build 2016-04-25 00:41:25 -07:00
Joachim Fasting
4a9ccee78f Merge pull request #14901 from rardiol/lsb_release 
lsb-release: init at 1.4
 2016-04-24 00:28:23 +02:00
Tuomas Tynkkynen
bd18cc3cdc Merge pull request #14888 from dezgeg/pr-kill-module-init-tools 
Delete all usages of module_init_tools and remove the package
 2016-04-23 14:29:41 +03:00
Joachim Fasting
ea9275f312 Merge pull request #14899 from ethanpailes/tomb 
tomb: init at version 2.2
 2016-04-22 23:35:40 +02:00
Ethan Pailes
6a0903597a tomb: init at version 2.2 2016-04-22 17:07:26 -04:00
Ricardo Ardissone
9f4ac8d3f8 lsb-release: init at 1.4 2016-04-22 14:03:27 -03:00
Vladimír Čunát
e9379f7416 Merge branch 'staging' 
This includes a fix to closure-size regression that moved
share/doc/*/ to share/doc/
 2016-04-22 16:49:09 +02:00
Tuomas Tynkkynen
0f8a49bb45 module_init_tools: Remove 
It is deprecated doesn't handle compressed modules, unlike its modern
counterpart kmod.

Add a compatibility alias to kmod for now in case someone is depending
on this in their scripts.
 2016-04-22 10:44:55 +03:00
Tuomas Tynkkynen
01854a850a treewide: Replace module_init_tools -> kmod 
The former is deprecated and doesn't handle compressed kernel modules,
so all current usages of it are broken.
 2016-04-22 10:40:57 +03:00
Domen Kožar
8262cd0244 eval 2016-04-20 23:38:52 +01:00
Domen Kožar
85603d2166 linuxPackages.dpdk: fix build 
(cherry picked from commit a56a9d1b590eb3dcadecf5b65ecabb46ae818d31)
Signed-off-by: Domen Kožar <domen@dev.si>
 2016-04-20 23:09:49 +01:00
Nikolay Amiantov
e282d36143 wpa_supplicant_gui: move to qmake4Hook 2016-04-20 18:55:54 +03:00
Nikolay Amiantov
de1ce6a102 l7z: spaces 2016-04-20 18:55:54 +03:00
Domen Kožar
e6899cc80c add linuxPackages.dpdk: libs and drivers for fast packet processing 2016-04-20 16:11:34 +01:00
Louis Taylor
90cdfb5414 kernel: 4.5.1 -> 4.5.2 2016-04-20 11:55:13 +01:00
Joachim Fasting
002f5e24b4
linuxPackages.klibc: use linuxHeaders 
klibc was the only user of kernelHeaders; it should use the Linux API
headers, however.
 2016-04-19 14:45:36 +02:00
Joachim Fasting
893186f4fd
kernel-headers: mark broken for grsecurity kernels 
Extracting headers from a grsecurity patched kernel triggers additional
build steps that require gcc plugins.  For this to work, we'd need to
add gmp, libmpfr, and libmpc to the build inputs as well as run `make
prepare` before installing the headers (lest the build fail due to
missing files).

Out-of-tree modules use kernel.dev and user space should use the Linux
API headers used to build libc, not headers extracted from random
kernels, so fixing this for grsecurity is pointless.
 2016-04-19 14:45:30 +02:00
Robin Gloster
b59a6aa93a kernel: turn off bindnow hardening 2016-04-19 02:21:57 +00:00
Robin Gloster
d020caa5b2 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-04-18 13:49:22 +00:00
Louis Taylor
ec198e3868 linux-testing: 4.6-rc3 -> 4.6-rc4 (#14803) 2016-04-18 14:11:25 +01:00
Joachim Fasting
192a1ada24
apparmor: cleanups 
- Move build tools to nativeBuildInputs
- capability.h should come from linuxHeaders not glibc
- Delete v2.9
 2016-04-18 02:21:12 +02:00
Tobias Geerinckx-Rice
d99df88efe
mcelog: 135 -> 136 
Adds support to decode MSCOD values for Skylake server.
 2016-04-17 01:14:57 +02:00
Tim Steinbach
ccc3080857 kernel: 4.4.6 -> 4.4.7 (#14690) 2016-04-14 16:30:20 +02:00
Tim Steinbach
af4d84544f kernel: 4.5 -> 4.5.1 (#14691) 2016-04-14 15:57:18 +02:00
Vladimír Čunát
ddb4051bf7 xorg-sys-opengl: fix with multiple outputs 
Fixes #14669.
 2016-04-14 13:43:08 +02:00
Tuomas Tynkkynen
794f07d4e4 treewide: Mass replace 'binutils}/bin' to refer to the correct outputs 2016-04-14 08:32:20 +03:00
Nikolay Amiantov
8b7ebaffeb replace makeSearchPath tree-wise to take care of possible multiple outputs 2016-04-13 22:09:41 +03:00
Octavian Cerna
1e37217b80 raspberrypi-firmware: 20150506 -> 1.20160315 (#14300) 
Cleanup the meta section, add viric and myself as maintainers.
 2016-04-13 20:02:57 +01:00
Herwig Hochleitner
e3d0fe898b criu: 1.3-rc2 -> 2.0 (#14666) 2016-04-13 19:56:52 +01:00
Michael Raskin
74f7916a9a iptables: add 1.6 branch (init 1.6.0). Not making it the default this time. 2016-04-13 14:47:04 +02:00
Michael Raskin
80db55610c firejail: 0.9.38 -> 0.9.40 2016-04-13 14:47:04 +02:00
Michael Raskin
cb3368fcbe conspy: 1.13 -> 1.14 2016-04-13 14:47:04 +02:00
Vladimír Čunát
39ebb01d6e Merge branch 'staging', containing closure-size #7701 2016-04-13 09:25:28 +02:00
obadz
4788ec1372 linux kernel 4.4: fix race during build 
Patch drivers/crypto/qat/qat_common/Makefile so that qat_asym_algs.o
explicitly depends on headers qat_rsaprivkey-asn1.h and qat_rsapubkey-asn1.h

Hopefully fixes #14595
 2016-04-12 22:45:57 +01:00
Franz Pletz
7d9d876140 lxc: 1.1.5 -> 2.0.0 2016-04-12 15:49:54 +02:00
Franz Pletz
42e5be8f55 cgmanager: 0.39 -> 0.41 2016-04-12 15:49:54 +02:00
Eelco Dolstra
dddb62d3e3 Merge pull request #14178 from the-kenny/systemd-cryptsetup-external-generator 
Systemd: Allow specifying external generators
 2016-04-12 11:26:22 +02:00
Markus Hauck
f51f993be2 sysdig: 0.8.0 -> 0.9.0 2016-04-11 21:51:09 +02:00
Tim Steinbach
5e5ef22d73 linux_testing: 4.6-rc2 -> 4.6-rc3 (#14592) 2016-04-11 13:44:34 +01:00
Charles Strahan
ad7b1e24c2 fan-networking: updated patches from Ubuntu 
This pulls in updated Fan Networking patches from Ubuntu.
(https://wiki.ubuntu.com/FanNetworking)

closes #14328
 2016-04-10 16:07:03 -04:00
Vladimír Čunát
30f14243c3 Merge branch 'master' into closure-size 
Comparison to master evaluations on Hydra:
  - 1255515 for nixos
  - 1255502 for nixpkgs
 2016-04-10 11:17:52 +02:00
Moritz Ulrich
5c770c4c0b systemd-cryptsetup-generator: Cleaner install phase. 2016-04-08 14:50:20 +02:00
Moritz Ulrich
7503ee71fc Revert "systemd: Try adding cryptsetup to buildInputs." 
This reverts commit eda8d21d8b0a69e4b7a3bc215e2215ffc6526495.
 2016-04-08 14:50:20 +02:00
Moritz Ulrich
faa79e60cc systemd-cryptsetup-generator: Also build systemd-cryptsetup 2016-04-08 14:50:20 +02:00
Moritz Ulrich
47e5fd9f57 systemd-cryptsetup-generator: Init 2016-04-08 14:50:20 +02:00
Moritz Ulrich
215b5f6282 systemd: Try adding cryptsetup to buildInputs. 2016-04-08 14:50:20 +02:00
Robin Gloster
3e68106afd Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-04-07 21:52:26 +00:00
Vladimír Čunát
d1df28f8e5 Merge 'staging' into closure-size 
This is mainly to get the update of bootstrap tools.
Otherwise there were mysterious segfaults:
https://github.com/NixOS/nixpkgs/pull/7701#issuecomment-203389817
 2016-04-07 14:40:51 +02:00
Domen Kožar
5f028082cc Revert "kernelHeaders: fix build with libmpc" 
This reverts commit b0adde8f8a5f22cf45f32df64bba149f326dec85.

Doesn't fix the issue for grsec kernels.

(cherry picked from commit 22bd9c12fec43bf914cdbec4c3a11cd0d964912a)
Signed-off-by: Domen Kožar <domen@dev.si>
 2016-04-07 11:35:22 +01:00
Eelco Dolstra
4907fc9e8d Merge pull request #14509 from ragnard/bpf-tracing-kernel-config 
linux: kernel config for extended BPF support
 2016-04-07 11:01:34 +02:00
Ragnar Dahlén
961d1e847c linux: kernel config for extended BPF support 
- Enable BPF_SYSCALL and BPF_EVENTS
- Build modules for NET_CLS_BPF and NET_ACT_BPF

With these config options we can leverage the full potential of BPF for
tracing and instrumenting Linux systems, for example using
libraries/tools like those provided by the bcc project.
 2016-04-07 08:14:41 +01:00
Tuomas Tynkkynen
b95274cc90 kernel: Don't patchELF manually 
AFAICT this is done by stdenv nowadays:

bde82098b8/pkgs/development/tools/misc/patchelf/setup-hook.sh (L5)
bde82098b8/pkgs/stdenv/generic/setup.sh (L737)

Might help /be somehow related to these mysterious errors that seem to
occur sometimes (?):

http://hydra.nixos.org/build/34131589/nixlog/1/raw
 2016-04-06 17:19:43 +03:00
Robin Gloster
5ca99ae7a7 kernel.i686-linux: disable bindnow hardening 2016-04-06 14:16:42 +00:00
Eelco Dolstra
59ef7d25c3 nvidia-x11: 358.16 -> 361.42 
This fixes the segfault reported in #13942 caused by missing
libEGL.so.0 and libEGL_nvidia.so.0 symlinks.
 2016-04-06 15:53:14 +02:00
Domen Kožar
c850203487 linuxHeaders: add platforms 2016-04-06 12:42:45 +01:00
Domen Kožar
e9842ea8d7 kernelHeaders: fix build with libmpc 2016-04-06 12:42:35 +01:00
Domen Kožar
b95a1c4f77 kernel: fix build of 3.10 and 3.12 on i686 
(cherry picked from commit 23730413fef4be7fe365f452fcaef16c5f4e4b1b)
Signed-off-by: Domen Kožar <domen@dev.si>
 2016-04-06 10:36:04 +01:00
Robin Gloster
bbbaccfa68 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-04-04 15:24:52 +00:00
Tim Steinbach
5ef5e59c56 linux_testing: 4.6-rc1 -> 4.6-rc2 2016-04-03 19:14:31 +00:00
Robin Gloster
5978109194 syslinux: disable fortify hardening 2016-04-03 12:51:54 +00:00
Robin Gloster
fbb8067aa1 dietlibc.i686-linux: disable pic 2016-04-03 12:49:18 +00:00
Robin Gloster
696d85a62d Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-04-03 11:01:57 +00:00
Patrick Mahoney
e0c225857f update skarnet.org packages 
skalibs:           2.4.7.0 -> 2.3.9.0
execline:          2.1.4.0 -> 2.1.4.5
s6:                2.2.1.0 -> 2.2.4.3
s6-rc:             0.0.1.0 -> 0.0.2.1
s6-portable-utils: 2.0.5.2 -> 2.0.5.3
s6-linux-utils:    2.0.2.0 -> 2.0.2.3
s6-dns:            2.0.0.4 -> 2.0.0.7
s6-networking:     2.1.0.1 -> 2.1.0.4
 2016-04-01 10:38:58 -05:00
Vladimír Čunát
ab15a62c68 Merge branch 'master' into closure-size 
Beware that stdenv doesn't build. It seems something more will be needed
than just resolution of merge conflicts.
 2016-04-01 10:06:01 +02:00
Franz Pletz
2e08d8234e Merge remote-tracking branch 'origin/master' 2016-03-31 10:06:30 +02:00
Ricardo M. Correia
b4fd221f74 Merge pull request #14296 from kragniz/zfs-0.6.5.6 
zfs 0.6.5.6
 2016-03-30 12:17:38 +02:00
Julien Dehos
70af93f0ca fswebcam: init 20140113 2016-03-30 09:48:11 +02:00
Louis Taylor
259eb36205 zfs: 0.6.5.5 -> 0.6.5.6 2016-03-29 13:28:35 +01:00
Louis Taylor
307c073fa3 spl: 0.6.5.5 -> 0.6.5.6 2016-03-29 13:28:20 +01:00
Robin Gloster
4666eca487 linuxPackages.mba6x_bl: disable pic hardening 2016-03-29 10:26:32 +00:00
Robin Gloster
ba3399b92f linuxPackages.rtl8723bs: disable pic hardening 2016-03-29 10:25:06 +00:00
Robin Gloster
8f94246e07 linuxPackages.mxu11x0: disable pic hardening 2016-03-29 10:22:14 +00:00
Robin Gloster
c9ebdd4cac libaio.i686: disable stackprotector hardening 2016-03-29 00:34:20 +00:00
Robin Gloster
f60c9df0ba Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-03-28 15:16:29 +00:00
Domen Kožar
c61445357e Merge pull request #14239 from kragniz/linux-testing-4.6-rc1 
Linux-testing 4.6-rc1
 2016-03-28 15:53:52 +01:00
Tobias Geerinckx-Rice
d5207802fa mcelog: 134 -> 135 2016-03-28 01:27:56 +02:00
Domen Kožar
9c4d3ba841 Merge pull request #14252 from joachifm/lttng-broken 
lttng-modules: mark as broken on kernel version <3.18
 2016-03-27 20:24:16 +01:00
Joachim Fasting
dd16dcbba4 linux_grsec_3_14: mark as broken 
First, The patch is outdated, I failed to find it anywhere in the mirror repos.
Second, the build fails, and while it may be "fixed" by ad-hoc patching (it
appears to simply need some missing includes), this would mean shipping a
potentially insecure software package. Given that the only reason to use
grsecurity is security, this is both misleading and exposes users to undue risk.
Finally, the build has been broken for quite a long time with no complaints,
leading me to believe that the number of actual users is quite low.
 2016-03-27 21:13:41 +02:00
Joachim Fasting
a452b43ee5 lttng-modules: mark as broken on kernel version <3.18 
On linux 3.14, we get errors like
  error: 'struct snd_soc_codec' has no member named 'name'
     __string( name,  codec->CODEC_NAME_FIELD )
indicating that the module is incompatible with the linux API
in this kernel version.

See https://hydra.nixos.org/build/33102405/nixlog/1/raw
 2016-03-27 20:13:21 +02:00
Domen Kožar
b07e7bfc7b Merge remote-tracking branch 'origin/staging' 2016-03-27 13:19:04 +01:00
Joachim Fasting
bd9737cc3e linux_chromiumos: require 64bit build host 
I noticed that almost all the Hydra build failures were on i686. Sure
enough, upstream says that you need an x86_64 machine to build the
kernel.
 2016-03-27 05:35:04 +02:00
Louis Taylor
8b7e150bb9 linux-testing: 4.5-rc7 -> 4.6-rc1 2016-03-27 03:10:19 +01:00
Louis Taylor
695c2e4ee4 kernel-config: do not use NFSD_PNFS on >=4.6 2016-03-27 03:09:30 +01:00
Joachim Fasting
1939256550 lttng-modules: mark as broken on grsec 
All hydra builds against grsec kernels fail; seemingly because
the PaX hardening plugins are incompatible with lttng-modules
(the code writes to locations marked as read-only).
 2016-03-27 01:39:07 +01:00
Joachim Fasting
2182fd52ad rtl8812au: mark as broken on grsec kernels 
All hydra builds against grsec kernels fail; builds against vanilla
kernels work.
 2016-03-27 01:39:07 +01:00
Joachim Fasting
2a097803d4 spl: mark as broken on grsec kernels 
All hydra builds against grsec kernels fail; non-grsec kernels
succeed.
 2016-03-27 01:39:07 +01:00
Domen Kožar
cbdc1bbb98 Merge pull request #14230 from joachifm/jool-kernel-43-most-recent 
jool: mark broken for kernel versions > 4.3
 2016-03-26 20:06:36 +00:00
Joachim Fasting
eeca73dfac jool: mark broken for kernel versions > 4.3 
All hydra builds for kernel version >4.3 fail; the build failure
indicates changes to the kernel API used by the package.
 2016-03-26 20:23:48 +01:00
Joachim Fasting
8f5db83d99 rtl8723bs: only works with kernel 3.19 and later 
See e.g., https://hydra.nixos.org/build/33512583/nixlog/1/raw
 2016-03-26 19:57:51 +01:00
Joachim Fasting
89c6b3c11a perf: fix build 
https://hydra.nixos.org/build/33553564/nixlog/1/raw
 2016-03-26 18:18:40 +01:00
Svintsov Dmitry
64fe4ad82d mxu11x0: init at 1.3.11 2016-03-24 20:19:22 +05:00
Tobias Geerinckx-Rice
40b396a7a4 kexectools: 2.0.11 -> 2.0.12 2016-03-23 14:37:08 +01:00
Domen Kožar
4393e65a44 Merge pull request #14054 from NeQuissimus/kernel310101 
kernel: 3.10.99 -> 3.10.101
 2016-03-23 11:31:21 +00:00
Domen Kožar
2a428566e8 Merge pull request #14055 from NeQuissimus/kernel31257 
kernel: 3.12.55 -> 3.12.57
 2016-03-23 11:31:14 +00:00
Domen Kožar
4b29e2e6cb Merge pull request #14056 from NeQuissimus/kernel31465 
kernel: 3.14.63 -> 3.14.65
 2016-03-23 11:30:59 +00:00
Lluís Batlle i Rossell
40b0538239 Update linux raspberry-pi to 4.1.y. 
I could boot it in pi2; I don't know if I needed new
firmware files in /boot.
 2016-03-22 15:09:57 +01:00
Tobias Geerinckx-Rice
c0a35241f0 mcelog: 133 -> 134 
trigger: Avoid warning from earlier merge
 2016-03-22 00:59:15 +01:00
Tim Steinbach
6476075ccf kernel: 3.18.28 -> 3.18.29 (close #14057) 2016-03-21 12:39:29 +01:00
Tim Steinbach
379709b404 kernel: 4.1.17 -> 4.1.20 (close #14058) 2016-03-21 12:15:25 +01:00
Franz Pletz
b33453bd98 lxc: Add patch to fix bash completion 
Fixes #9616.
 2016-03-21 03:06:19 +01:00
Franz Pletz
4d0d1124ae lxc: 1.1.4 -> 1.1.5 2016-03-21 03:05:59 +01:00
Arseniy Seroka
84ba149e79 Merge pull request #14065 from zimbatm/htop-crossplatform 
htop: merge both implementations
 2016-03-20 21:55:00 +03:00
Joachim Fasting
f59998055b ldm: fix build 
There were two problems:
- because buildPhase is specified directly, preBuild ends up never being
  executed; and
- the source is missing a header, resulting in an undefined reference error
 2016-03-20 16:49:09 +01:00
zimbatm
d9e60e4d43 htop: merge both implementations 
htop 2.0+ is now cross-platform
 2016-03-19 22:20:20 +00:00
Eelco Dolstra
497c828611 fuse: 2.9.3 -> 2.9.5 2016-03-19 21:01:20 +01:00
Tim Steinbach
4274edbe40 kernel: 3.14.63 -> 3.14.65 2016-03-19 18:29:40 +00:00
Tim Steinbach
bf41deb889 kernel: 3.12.55 -> 3.12.57 2016-03-19 18:27:41 +00:00
Tim Steinbach
6f5f855a2e kernel: 3.10.99 -> 3.10.101 2016-03-19 18:25:24 +00:00
Joachim Fasting
3e1ec2b663 criu: fix build 
Would fail due to -Werror; see
https://hydra.nixos.org/build/33217086/nixlog/2/raw
 2016-03-18 23:39:03 +01:00
Eelco Dolstra
4b512321de linux: 4.4.5 -> 4.4.6 
CVE-2016-2143
 2016-03-17 13:05:57 +01:00
Eelco Dolstra
6faa0aea88 linux: 3.18.27 -> 3.18.28 
CVE-2016-2085
 2016-03-17 13:05:13 +01:00
Charles Strahan
7475728593 mbpfan: 1.9.0 -> 1.9.1 2016-03-17 02:02:21 -04:00
Tobias Geerinckx-Rice
0dea3803e7 freefall: inherit kernel package from linuxPackages 
Let's never bump again.
 2016-03-16 21:10:20 +01:00
Vladimír Čunát
a1de225913 Revert "nvidia: 358.16 -> 361.28" to fix #13942 
This reverts commit e0fe8cf204.
Befor updating we need to fixup problems related to GLVND transition.
 2016-03-16 20:08:41 +01:00
Ricardo M. Correia
56f7fb9a04 spl: 0.6.5.4 -> 0.6.5.5 2016-03-15 18:31:07 +01:00
Ricardo M. Correia
413062dff1 Merge pull request #13937 from kragniz/zfs-0.6.5.5 
zfs: 0.6.5.4 -> 0.6.5.5
 2016-03-15 18:30:51 +01:00
Robin Gloster
2ac4dba0fb Merge pull request #13909 from kragniz/linux-4.5 
linux: add 4.5
 2016-03-15 18:12:47 +01:00
Louis Taylor
e99eeb4c3f zfs: 0.6.5.4 -> 0.6.5.5 2016-03-15 15:41:00 +00:00
Robin Gloster
3f45f0948d Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-03-15 01:44:24 +00:00
Louis Taylor
8bdee80d39 linux: add 4.5 2016-03-14 22:34:05 +00:00
Tim Steinbach
a5d8256df4 grsecurity: 4.4.4 -> 4.4.5 2016-03-14 21:29:42 +00:00
Tobias Geerinckx-Rice
a506ebf2ec htop: add licence; myself as a de-facto maintainer 2016-03-14 19:18:43 +01:00
Tobias Geerinckx-Rice
561f93d59c htop: fetchFromGitHub -> fetchurl 
Just call `fetchurl` on the ‘official’ download link.

`fetchFromGitHub` was introduced in 54916ba, and stayed around when
we moved back to a regular release. Which worked fine, but required
keeping `autoreconfHook` and some `postPatch` hackery which can now
both be dropped.

Thanks to @kragniz for drawing my attention to this.
 2016-03-14 19:18:43 +01:00
Joachim Fasting
60a6f4c3f1 macchanger: move build deps to nativeBuildInputs 
Also inline redundant toplevel let bindings
 2016-03-12 18:53:27 +01:00
tg(x)
f3e5ee51bd pax-utils: https urls 2016-03-11 22:36:22 +01:00
tg(x)
184aca3907 pax-utils: 1.1.1 -> 1.1.6 2016-03-11 20:22:17 +01:00
Thomas Tuegel
5ec07e4bf3 module-init-tools: disable on Darwin to fix evaluation error 2016-03-11 09:53:04 -06:00
Vladimír Čunát
17b83a88c3 nvidia-x11*: use mirror-agnostic URLs 2016-03-10 15:56:53 +01:00
Lluís Batlle i Rossell
d6368dbd21 Adding rtl8723bs driver recipe. 
Not tested on hardware.
 2016-03-10 15:32:43 +01:00
Arseniy Seroka
88ca168312 Merge pull request #13804 from grahamc/nvidia_x11_legacy304-master 
nvidia_x11_legacy304: 304.125 -> 304.131
 2016-03-10 16:08:27 +03:00
Graham Christensen
fed36719f6 nvidia_x11_legacy304: 304.125 -> 304.131 
Thanks to the great commit message in 6257425dab
(thank you edwtjo) I was able to go back and find out the patch which
was causing build failures is no longer necessary after upgrading
this legacy driver.
 2016-03-09 19:41:04 -06:00
Tim Steinbach
7c90420119 kernel: 4.4.4 -> 4.4.5 2016-03-10 01:39:17 +00:00
Octavian Cerna
e714c80497 raspberrypifw: Patch the ELF binaries to set the correct dynamic linker and RPATH. 2016-03-08 19:56:22 +02:00
Nikolay Amiantov
fedabe3334 Merge pull request #13745 from zohl/linux-chromiumos 
linux_chromiumos_3_14: kernel option fix
 2016-03-08 13:57:32 +03:00
Vladimír Čunát
09af15654f Merge master into closure-size 
The kde-5 stuff still didn't merge well.
I hand-fixed what I saw, but there may be more problems.
 2016-03-08 09:58:19 +01:00
Franz Pletz
255d710757 grsecurity: 4.4.2 -> 4.4.4 
See #13505.
 2016-03-08 01:03:47 +01:00
Franz Pletz
eb5a897161 Merge remote-tracking branch 'origin/pr/13505' 
Fixes #13505.
 2016-03-08 01:01:44 +01:00
Al Zohali
9d03355bed ChromiumOS kernel option fixup 2016-03-08 01:19:42 +03:00
Tobias Geerinckx-Rice
fedcbfce68 htop: 2.0.0 -> 2.0.1 2016-03-07 23:16:11 +01:00
Svein Ove Aas
e0fe8cf204 nvidia: major update 358.16 -> 361.28 
Beta also gets updated, but even upstream it's older than stable.
vcunat generalized parallel make. Close #12719.
 2016-03-07 23:14:44 +01:00
joachifm
375226ffb9 Merge pull request #13688 from simonvandel/mba6x_bl 
mba6x_bl: init at 2016-02-12
 2016-03-07 22:13:35 +00:00
Franz Pletz
e9fc4e7db6 Merge remote-tracking branch 'origin/master' into hardened-stdenv 2016-03-07 22:08:27 +01:00
Simon Vandel Sillesen
aac309fa95 mba6x_bl: init at 2016-02-12 
This driver fixes backlight after suspend/resume on Macbook Air 6,1
and 6,2.

Added a workaround for https://github.com/patjak/mba6x_bl/issues/43 in
form of a systemd service.

Has been working great on my machine for at least a month now.
 2016-03-07 19:01:55 +01:00
joachifm
f0e5bf02e2 Merge pull request #13726 from NeQuissimus/upower0994 
upower: 0.99.3 -> 0.99.4
 2016-03-07 12:27:16 +00:00
Tim Steinbach
3f3e8ed82b upower: 0.99.3 -> 0.99.4 2016-03-07 02:04:20 +00:00
Louis Taylor
cdb0267efe linux-testing: 4.5-rc6 -> 4.5-rc7 2016-03-07 01:00:33 +00:00
Tobias Geerinckx-Rice
7951dd531e mcelog: 132 -> 133 
Bugfix: no longer hangs on unknown errors in non-daemon mode.
 2016-03-06 01:09:12 +01:00
Tobias Geerinckx-Rice
a90196d4cd nvidia_x11_legacy304: fix evaluation 
nvidia-340.76-kernel-4.0.patch was removed from nvidia_x11_legacy340
54d342add8 but is still needed for 304.

I think. CC @vcunat.
 2016-03-06 01:05:44 +01:00
Vladimír Čunát
54d342add8 nvidia_x11_legacy340: update 340.76 -> 340.94 
Fixes #13658.
 2016-03-05 22:19:14 +01:00
Franz Pletz
3b1f2e070b linux_4_4: 4.4.3 -> 4.4.4 2016-03-05 21:50:03 +01:00
Franz Pletz
af40e356fe linux_3_14: 3.14.61 -> 3.14.63 2016-03-05 21:50:03 +01:00
Franz Pletz
354a1935d3 linux_3_12: 3.12.54 -> 3.12.55 2016-03-05 21:50:03 +01:00
Franz Pletz
5b8361c118 linux_3_10: 3.10.97 -> 3.10.99 2016-03-05 21:50:03 +01:00
Franz Pletz
cb3d27df93 Merge remote-tracking branch 'origin/master' into hardened-stdenv 2016-03-05 18:55:30 +01:00
Franz Pletz
aff1f4ab94 Use general hardening flag toggle lists 
The following parameters are now available:

  * hardeningDisable
    To disable specific hardening flags
  * hardeningEnable
    To enable specific hardening flags

Only the cc-wrapper supports this right now, but these may be reused by
other wrappers, builders or setup hooks.

cc-wrapper supports the following flags:

  * fortify
  * stackprotector
  * pie (disabled by default)
  * pic
  * strictoverflow
  * format
  * relro
  * bindnow
 2016-03-05 18:55:26 +01:00
Nikolay Amiantov
7482f131ed android-udev-rules: 20151209 -> 2016-03-03 2016-03-04 14:46:30 +03:00
Arseniy Seroka
46ecee3a23 Merge pull request #13645 from rnhmjoj/rewritefs 
rewritefs: init at 2016-02-08
 2016-03-03 23:28:10 +03:00
Eelco Dolstra
6bd0c3fe9d ifplugd: Remove 
This package hasn't been updated in 11 years, and isn't really useful
anymore in a modern Linux system.
 2016-03-03 19:43:11 +01:00
Franz Pletz
4927ca8397 Merge pull request #13555 from kragniz/linux-testing-4.5-rc6 
linux-testing: 4.5-rc5 -> 4.5-rc6
 2016-03-03 19:03:17 +01:00
rnhmjoj
85abde52d0 rewritefs: init at 2016-02-08 2016-03-03 17:37:33 +01:00
Robin Gloster
fed49425c5 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-03-03 16:11:55 +00:00
Domen Kožar
ddb5f28544 Merge pull request #13640 from nathan7/musl-dynamic 
musl: pass the correct syslibdir
 2016-03-03 14:22:50 +00:00
Nathan Zadoks
bf18a34f97 musl: pass the correct syslibdir 
This fixes dynamic linking (the specfile contains the correct path, and
the dynamic loader is symlinked in place)
Fixes #8543
 2016-03-03 14:46:44 +01:00
Robin Gloster
d47857c3d9 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-03-01 21:09:17 +00:00
Marko Poikonen
ede005ad3f Enabling Media PCI adapters (needed for PCI DVB cards) 2016-03-01 20:57:46 +01:00
michael bishop
cef37d8de1 openiscsi: fix download url, add platforms 2016-02-29 12:37:20 -04:00
Louis Taylor
3747aef768 linux-testing: 4.5-rc5 -> 4.5-rc6 2016-02-28 19:13:36 +00:00
Robin Gloster
3b4765c9e5 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-02-28 16:32:57 +00:00
tg(x)
be3bd972d5 grsecurity: add 4.1 kernel 2016-02-28 15:00:16 +01:00
tg(x)
38614d3f6a grsecurity: use kernel version instead of testing / stable 2016-02-28 04:10:59 +01:00
rnhmjoj
bd737b105c btfs: 2.7 -> 2.8 2016-02-28 02:39:05 +01:00
tg(x)
4e3d6d3e90 grsecurity: separate fix patches for testing & stable 2016-02-27 19:54:55 +01:00
tg(x)
75f353ffbd grsecurity: decouple from mainline 2016-02-27 19:33:35 +01:00
tg(x)
7547960546 grsecurity: move version information to one place 2016-02-27 18:36:12 +01:00
tg(x)
d95321b83e grsecurity: 4.3.4 -> 4.4.2 2016-02-27 18:36:12 +01:00
zimbatm
17348dc094 Remove all dots at end of descriptions 
Specially crafted for @JagaJaga

    find pkgs -name "*.nix" -exec \
      sed -e 's|\(description.*\)\.";|\1";|g' -i {} \;
 2016-02-27 17:30:29 +00:00
Franz Pletz
73e0c261c2 linux: 4.4.2 -> 4.4.3 2016-02-27 16:34:02 +01:00
Robin Gloster
d3fb7acb3a dietlibc: fix merge failure 2016-02-27 09:29:15 +00:00
Robin Gloster
3477e662e6 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-02-27 00:08:08 +00:00
zimbatm
35ab3d301f Merge remote-tracking branch 'upstream/staging' 2016-02-26 22:37:04 +00:00
Robin Gloster
631c09bbe5 checksec: clean up 2016-02-26 17:26:03 +00:00
Tim Steinbach
7506c58d74 linux_3_10: 3.10.96 -> 3.10.97 (close #13405) 2016-02-25 23:09:08 +01:00
Tuomas Tynkkynen
0e1319f03f linux-3.10: fixup config by a slightly hacky way 
For explanation see:
https://github.com/NixOS/nixpkgs/pull/13405#issuecomment-188357637
 2016-02-25 23:07:47 +01:00
Tobias Geerinckx-Rice
9b3296017f mcelog: 131 -> 132 
Add CPU_ATOM to Intel CPU list.
 2016-02-25 16:19:42 +01:00
Vladimír Čunát
93f6af1071 Merge branch 'master' into staging 2016-02-25 09:01:48 +01:00
Kevin Cox
eead3bc536 util-linux: create -Minimal and utillinux (full) 
Close #12952. Now the full version is used by default,
supporting systemd and curses.
 2016-02-25 08:52:05 +01:00
Emery
b16dc8dcc5 New hdapsd module 2016-02-24 21:51:13 +01:00
Emery Hemingway
8ee44708b2 hdapsd: initial package at version 20141203 2016-02-24 20:44:32 +01:00
Robin Gloster
81bb9407f9 xf86_video_nested: disable fortify hardening 2016-02-24 15:43:35 +00:00
Tim Steinbach
3ef63227dd linux-testing: 4.5-rc4 -> 4.5-rc5 (close #13403) 2016-02-24 08:17:52 +01:00
Tim Steinbach
642517fbda linux_3_12: 3.12.53 -> 3.12.54 (close #13406) 2016-02-24 08:16:47 +01:00
Tim Steinbach
08cf57204f linux_3_14: 3.14.60 -> 3.14.61 (close #13407) 2016-02-24 08:16:18 +01:00
Tim Steinbach
a2bd90650d linux_4_3: 4.3.5 -> 4.3.6 (close #13408) 2016-02-24 08:15:34 +01:00
Frederik Rietdijk
40ca841c5c Merge pull request #13124 from FRidh/buildPythonApplication 
buildPythonApplication: use new function for Python applications
 2016-02-23 16:02:10 +01:00
Robin Gloster
402d57ee8e bootstrap env: disable stackprotector hardening until gcc >=4.9 2016-02-22 18:32:53 +00:00
Franz Pletz
5e0105af9b linux: 4.4.1 -> 4.4.2 2016-02-22 04:52:00 +01:00
Robin Gloster
bb2639aafc Merge branch 'curl-7.15-fixup' of https://github.com/zimbatm/nixpkgs into hardened-stdenv 2016-02-22 01:14:22 +00:00
Robin Gloster
1d713761d9 ldm: add include to fix build 2016-02-22 00:21:26 +00:00
Tuomas Tynkkynen
a6638c62a8 Revert "linux: 4.1.17 -> 4.1.18" 
This reverts commit 6cdf5fe85f.

This version has a crypto regression:
https://lkml.org/lkml/2016/2/19/748 which is blocking the channel update
due to a failing luksroot test: http://hydra.nixos.org/build/32159615
 2016-02-21 17:57:39 +02:00
Robin Gloster
25dfa39fac facetimehd: turn off PIC hardening 2016-02-21 10:40:34 +00:00
Robin Gloster
bc21db3692 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-02-19 21:16:14 +00:00
Robin Gloster
7eb42d9513 setools: turn off format hardening 2016-02-19 21:15:59 +00:00
Frederik Rietdijk
4d06bf70f4 buildPythonApplication: use new function for Python applications 2016-02-19 13:16:41 +01:00
Eelco Dolstra
1ab14aad7a glibc: Drop hurd support 
This hasn't been maintained since 2012.

Also, renamed glibc's kernelHeaders argument to linuxHeaders.
 2016-02-18 21:11:15 +01:00
Michael Alan Dorman
1318ab1246 Fix sha256 for alsa-tools. 2016-02-18 06:41:40 -05:00
Franz Pletz
de5a233a71 firmware-linux-nonfree: 2015-12-04 -> 2016-01-26 2016-02-18 03:49:14 +01:00
Franz Pletz
eff9726d54 linux: 4.3.4 -> 4.3.5 2016-02-18 03:44:19 +01:00
Franz Pletz
6cdf5fe85f linux: 4.1.17 -> 4.1.18 2016-02-18 03:44:12 +01:00
Franz Pletz
d756ff9354 linux: 3.18.26 -> 3.18.27 2016-02-18 03:44:07 +01:00
Vladimír Čunát
e9520e81b3 Merge branch 'master' into staging 2016-02-17 10:06:31 +01:00
Peter Simons
9200a62425 Merge pull request #12979 from heydojo/alsa--1.1.0 
alsa : 1.0.29 -> 1.1.0
 2016-02-15 21:29:17 +01:00
Arseniy Seroka
3b470ef892 Merge pull request #13004 from dwe11er/new-package/thin-provisioning-tools 
thin-provisioning-tools: init at 0.6.1
 2016-02-15 22:12:17 +03:00
Arseniy Seroka
a13f9a708b Merge pull request #12992 from lukasepple/master 
intel2200BGFirmware: init at 3.1
 2016-02-15 22:10:49 +03:00
Franz Pletz
41698c9efa Merge branch 'master' into hardened-stdenv 2016-02-15 20:05:29 +01:00