Commit graph

96855 commits

Author SHA1 Message Date
Joachim Fasting
e99228db30
grsecurity module: force a known good kernel package set
Previously, we would only set a default value, on the theory that
`boot.kernelPackages` could be used to sanely configure a custom grsec
kernel.  Regrettably, this is not the case and users who expect e.g.,
`boot.kernelPackages = pkgs.linuxPackages_latest` to work will end up
with a non-grsec kernel (this problem has come up twice on the bug
tracker recently).

With this patch, `security.grsecurity.enable = true` implies
`boot.kernelPackages = linuxPackages_grsec_nixos` and any customization
must be done via package override or by eschewing the module.
2016-11-28 12:11:04 +01:00
Joachim Fasting
5da1394a58
Revert "gradm: fix using gradm while the RBAC system is active"
This reverts commit fdbf7dc8b3.

Unfortunately, while gradm now works when the RBAC system is enabled,
gradm still fails when full system learning is enabled, so I probably
need to try again later.
2016-11-28 11:41:12 +01:00
Joachim Fasting
b90ed0cc80
grsecurity: 4.8.10-201611232213 -> 4.8.11-201611271225 2016-11-28 11:41:10 +01:00
Joachim Fasting
1915f6908a
linux_grsec_nixos: use the "modinst arg list too long" patch
An alternative to e38b74ba89d3d03e01ee751131d2a6dc316ac33a; see
f19c961b4e for details
2016-11-28 11:41:07 +01:00
Joachim Fasting
4c7323545b
Revert "grsecurity: work around for #20490"
This reverts commit e38b74ba89.

I failed to notice f19c961b4e461da045f2e72e73701059e5117be0; better
use that fix instead.
2016-11-28 11:40:55 +01:00
Moritz Ulrich
bfc187f23a
rustc: Loosen bootstrapping restrictions.
Newer nightlies check a new environment variable that if set will loosen
restrictions on which compiler version can be used for bootstrapping.

Upstream issue is at https://github.com/rust-lang/rust/pull/37265
2016-11-28 11:21:12 +01:00
Moritz Ulrich
e36d243258
rustc: Don't fail if deleting of breaking tests fails. 2016-11-28 11:16:13 +01:00
Lancelot SIX
c77011c6de
nagiosPluginsOfficial: 2.0.3 -> 2.1.4
See https://github.com/nagios-plugins/nagios-plugins/blob/master/NEWS
for release history
2016-11-28 09:58:29 +01:00
Lancelot SIX
5b6d52b4fb
nagios: 4.0.8 -> 4.2.3
This update includes many security related fixes.

Version 4.2.0 fixes:
- CVE-2008-4796
- CVE-2013-4214

Version 4.2.2 fixes:
- CVE-2016-9565

Version 4.2.3 fixes:
- CVE-2016-8641

See https://www.nagios.org/projects/nagios-core/history/4x/ for full
detail changes.
2016-11-28 09:55:17 +01:00
Vincent Laporte
33d49bbfb7 ocamlPackages.ocp-index: 1.1.4 -> 1.1.5 2016-11-28 09:33:28 +01:00
aszlig
83410d9954
beets: 1.3.19 -> 1.4.1
Full upstream release announcement:

https://github.com/beetbox/beets/releases/tag/v1.4.1

I had to rebase the keyfinder-default-bin.patch in order to apply with
the new release.

Other than that I didn't test whether beets works on my machine, as I
have a more or less temporary setup at the moment.

However, since the bump of mutagen to version 1.34 in commit
555928c228, the mediafile tests fail and
thus this commit unbreaks beets.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-11-28 08:58:08 +01:00
Okasu
de925e952e terminus-font-ttf: init at 4.40.1 2016-11-28 10:54:33 +03:00
Matthew Bauer
bd57e32312
file_cmds: init at 264.1.1 2016-11-27 21:58:07 -06:00
Graham Christensen
d1055c0ed7
all-packages.nix: whitespace cleanup 2016-11-27 22:12:06 -05:00
Michael Fellinger
bff2b98290
ruby: 3.2.1 -> 2.3.3 2016-11-27 22:11:49 -05:00
Graham Christensen
540670259c Merge pull request #20549 from proger/ceres-solver-darwin
ceres-solver: glog builds on darwin just fine now
2016-11-27 22:09:17 -05:00
Sophie Taylor
016fa06c71
cjdns: Improving systemd unit description 2016-11-27 22:07:51 -05:00
Rok Garbas
880d616ec0 neovim: 0.1.6 -> 0.1.7 2016-11-28 04:06:19 +01:00
Graham Christensen
cc28a51bc0 Merge pull request #19818 from KoviRobi/xterm-fix-app-defaults
XTerm: fix app-defaults, fixes menu options
2016-11-27 22:02:51 -05:00
Graham Christensen
5cc4f50442 Merge pull request #20113 from johbo/ruby-scrypt-darwin
Adjust ruby gem defaults for scrypt on darwin
2016-11-27 21:58:17 -05:00
Franz Pletz
f38955dd4c Merge pull request #20665 from vdemeester/delve-0.11-alpha
delve: init at 0.11.0-alpha
2016-11-28 03:50:34 +01:00
Graham Christensen
2891256daa
skopeo: fix evaluation, change license from asl2 to asl20 2016-11-27 21:39:02 -05:00
Ruben Maher
9c9a21d525 matrix-synapse service: Make url_preview_enabled optional (#20609) 2016-11-28 03:33:48 +01:00
Michael Weiss
9538176042 sks: init at 1.1.6 (#20717) 2016-11-28 03:28:40 +01:00
William Casarin
dfb354ea7d multi-ghc-travis: git-2015-11-04 -> git-2016-10-23 (#20754)
adds support for ghc8
2016-11-28 03:24:51 +01:00
Graham Christensen
8bee129f48 Merge pull request #20627 from lsix/update_dico
dico: 2.3 -> 2.4
2016-11-27 21:23:30 -05:00
Graham Christensen
8d6490bda1 Merge pull request #20732 from montag451/epiphany-html5-video
epiphany: enable the playing of HTML5 videos
2016-11-27 21:17:13 -05:00
Vincent Demeester
6d47cb4131
skopeo: init at 0.1.16
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2016-11-27 21:06:21 -05:00
Franz Pletz
e394c305a8 Merge pull request #20620 from rnhmjoj/fakeroute
fakeroute: init at 0.3
2016-11-28 03:01:15 +01:00
Graham Christensen
7b5619506b Merge pull request #20250 from guillaumekoenig/add-encryptr-2.0.0
encryptr: init at 2.0.0
2016-11-27 20:59:56 -05:00
Graham Christensen
ff1c76e9eb Merge pull request #20740 from sh01/rogue_mirror
rogue: Add alternative source archive URLs.
2016-11-27 20:47:05 -05:00
Tim Steinbach
eecf76eaa2
linux: 4.9-rc6 -> 4.9-rc7 2016-11-27 19:48:24 -05:00
Tuomas Tynkkynen
86ea3126bc linux_rpi: 1.20160620 -> 1.20161020 2016-11-28 00:24:00 +02:00
Tuomas Tynkkynen
25d6bfa258 raspberrypifw: 1.20160620 -> 1.20161020 2016-11-28 00:23:40 +02:00
Tuomas Tynkkynen
02e1846d62 U-Boot: 2016.05 -> 2016.11 2016-11-28 00:23:12 +02:00
Frederik Rietdijk
5dcf6ecbeb Merge pull request #18532 from peterhoeg/hero
heroku: 3.43.2 -> 3.43.12 and wrap the downloaded binary
2016-11-27 17:45:03 +01:00
pngwjpgh
bcc9a6ac75 infinoted service: init
Service module for the dedicated gobby server included in libinfinity
2016-11-27 17:23:21 +01:00
Pascal Wittmann
bbd39a8057
fbida: 2.11 -> 2.12 2016-11-27 17:07:47 +01:00
Michael Alan Dorman
d24a886419 hoogle: build with newest haskell-src-exts 2016-11-27 17:00:14 +01:00
Michael Alan Dorman
725e44cc04 hindent: fix 5.2.1 build 2016-11-27 17:00:14 +01:00
Peter Simons
1e62dc2929 configuration-hackage2nix.yaml: use latest hindent 2016-11-27 17:00:14 +01:00
Peter Simons
b74d732f67 hackage-packages.nix: automatic Haskell package set update
This update was generated by hackage2nix v2.0.3-8-gcc531ff.
2016-11-27 17:00:04 +01:00
Joachim F
625ec7604d Merge pull request #20751 from elitak/f3
f3: corrected version number
2016-11-27 16:32:28 +01:00
Joachim F
4f701660b3 Merge pull request #20750 from goetzst/youtube-dl
youtube-dl: 2016-11-22 -> 2016-11-27
2016-11-27 16:32:00 +01:00
Pascal Wittmann
e8f7c31dfb
opkg: 0.3.1 -> 0.3.3 2016-11-27 15:58:29 +01:00
Peter Simons
b7deb143b2 Merge pull request #20731 from expipiplus1/fix-ghc-env
ghcWithPackages: fix env NIX_GHC_LIBDIR value
2016-11-27 15:52:45 +01:00
Eric Litak
0a77fc86b2 f3: corrected version number 2016-11-27 06:52:38 -08:00
Pascal Wittmann
f4d163aab7
zsh-navigation-tools: 2.1.16 -> 2.2.7 2016-11-27 15:49:34 +01:00
Jörg Thalheim
5cde30d8d9 Merge pull request #20733 from 2chilled/master
pyload: add send2trash as dep
2016-11-27 15:26:18 +01:00
Stefan Götz
22e9476e59 youtube-dl: 2016-11-22 -> 2016-11-27 2016-11-27 15:06:34 +01:00