Matthew Bauer
3cfdf8eb23
Merge pull request #53539 from matthewbauer/darwin-fixes4
...
Fixes for recent darwin changes
2019-01-07 15:44:21 -06:00
Joachim Fasting
865f7a14b4
Revert "Revert "linux-hardened: Disable GCC_PLUGIN_RANDSTRUCT""
...
This reverts commit c68e8b05f0
.
RANDSTRUCT currently fails to work with out-of-tree modules, as
evinced by
c68e8b05f0 (commitcomment-31850284)
and https://github.com/NixOS/nixpkgs/issues/53522 .
Specifically, loading out-of-tree modules results in modsym version
mismatches, as in
spl: version magic '4.20.0 SMP mod_unload modversions RANDSTRUCT_PLUGIN
from the issue above.
A working hypothesis is that the randstruct seed is not carried over when
building out-of-tree modules but more investigation is needed here.
Closes https://github.com/NixOS/nixpkgs/issues/53522
2019-01-07 19:50:12 +01:00
Tim Steinbach
97aba92bcd
linux: 4.20-rc7 -> 5.0-rc1
2019-01-07 07:57:38 -05:00
Matthew Bauer
ed6148726b
darwin: fix more *_cmds derivation
...
Doh
2019-01-06 22:34:19 -06:00
Matthew Bauer
2bbec30c2e
darwin.diskdev_cmds: fix build with dsymutil
...
xcbuild doesn’t handle dsymutil correctly. fuser.pl does not contain
debug symbols, but xcbuild doesn’t handle this like xcodebuild does.
So, just disable the debug information. We probably should do this in
more places using xcbuild, but it requires some arbitrary patching.
2019-01-06 22:13:11 -06:00
Vladimír Čunát
9ee8cf5177
linuxPackages.nvidia_x11*: unmaintain
...
I now no longer use an nvidia card commonly, so it would be harder for
me to test at least a bit. And I'm overcommited anyway.
Hopefully someone else can be found.
2019-01-06 14:59:03 +01:00
Vladimír Čunát
10a12194e3
Merge #53490 : fix treewide linking errors after #51770
...
Issue #53001 . This might not be all of them, but let's not wait.
2019-01-06 12:14:52 +01:00
Vladimír Čunát
68c3097b96
rtkit: link with librt explicitly
2019-01-06 12:12:49 +01:00
Frederik Rietdijk
e5381cdece
Merge master into staging-next
2019-01-06 09:36:23 +01:00
Will Dietz
2d79465173
Merge pull request #51700 from dtzWill/update/i2c-tools-4.1
...
i2c-tools: 4.0 -> 4.1
2019-01-05 13:46:26 -06:00
Vladimír Čunát
d84a33d85b
Merge branch 'master' into staging-next
...
A few more rebuilds (~1k on x86_64-linux).
2019-01-05 15:02:04 +01:00
R. RyanTM
df834ee56d
sysstat: 12.1.1 -> 12.1.2 ( #52675 )
...
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/sysstat/versions
2019-01-05 14:47:25 +01:00
Joachim Fasting
d62086e6fc
hardened-config: allow slub/slab free poisoning
2019-01-05 14:07:36 +01:00
Joachim Fasting
11840f5c70
hardened-config: explain HARDENED_USERCOPY_FALLBACK n
2019-01-05 14:07:36 +01:00
Joachim Fasting
dfd77a046d
hardened-config: ensure STRICT_KERNEL_RWX
...
This is y in the default config, but enable it explicitly here to catch
situations where it has been disabled (explicitly or implicitly).
2019-01-05 14:07:35 +01:00
Joachim Fasting
1801aad7b8
hardened-config: clarify MODIFY_LDT_SYSCALL
...
This likely never worked; MODIFY_LDT_SYSCALL depends on EXPERT; enabling
EXPERT however seems to introduce quite a few changes that would need to be
properly vetted.
The version guard is unnecessary, however, as this config has been supported
since 4.3.
2019-01-05 14:07:34 +01:00
Joachim Fasting
abc8ed3fca
hardened-config: clarify readonly LSM hooks config
...
SECURITY_WRITABLE_HOOKS is implicitly controlled by SECURITY_SELINUX_DISABLE;
explicitly unsetting results in an error because the configfile builder fails
to detect that it has in fact been unset (reporting it as an unused option).
For now, leave WRITABLE_HOOKS as an "optional" config for documentation
purposes.
2019-01-05 14:07:33 +01:00
Joachim Fasting
c68e8b05f0
Revert "linux-hardened: Disable GCC_PLUGIN_RANDSTRUCT"
...
This reverts commit 5dda1324be
.
Presumably this was done to work around build errors or something but it
works fine now.
2019-01-05 14:07:21 +01:00
Michael Weiss
e7e18206dd
fuse: 2.9.8 -> 2.9.9
2019-01-05 02:26:02 +01:00
Joachim F
893c51bda8
Merge pull request #53369 from delroth/kernel-hardening
...
Re-add security features based on GCC plugins in 4.18+ hardened kernels
2019-01-04 21:49:53 +00:00
Pierre Bourdon
0f7ca26a48
kernel/hardened-config.nix: add STACKLEAK plugin on 4.20+
2019-01-04 22:24:50 +01:00
Pierre Bourdon
9dc0d94896
kernel/hardened-config.nix: re-enable GCC plugins
2019-01-04 22:24:50 +01:00
Pierre Bourdon
c789f642f0
kernel/generic.nix: provide required dependencies for GCC plugins builds
2019-01-04 22:24:50 +01:00
Frederik Rietdijk
9618abe87c
Merge master into staging-next
2019-01-04 21:13:19 +01:00
Matthew Bauer
030f66400d
darwin.adv_cmds: fix build
2019-01-04 10:28:22 -06:00
Dominik Xaver Hörl
b7967e9dc4
dbus-broker: 13 -> 17
2019-01-04 14:36:30 +01:00
Benno Fünfstück
7817aa3641
linux-rpi: set correct hydraPlatforms ( #53325 )
2019-01-03 22:42:14 +01:00
Matthew Bauer
8cb2d35760
darwin: fix typos in install scripts
...
fixes some issues in my commits in:
- basic_cmds
- network_cmds
(cherry picked from commit f283145308aec6aa9a8c3c6cbd4864718ccb7c53)
2019-01-03 15:20:26 -06:00
Matthew Bauer
8505e710e7
Revert "darwin 10.12 commits"
...
Reverts commits bumping to macOS stuff to 10.12:
commit ec1f78d1cb
.
commit d0dc91d24f
.
commit a1d297374d
.
commit 425112151d
.
commit e6f7f2928f
.
2019-01-03 15:20:26 -06:00
Jörg Thalheim
31682848cb
android-udev-rules: 20180112 -> 20181031
2019-01-03 20:56:39 +01:00
Frederik Rietdijk
092e3b50a8
Merge master into staging-next
2019-01-02 21:08:27 +01:00
Joachim F
88c516dd55
Merge pull request #52606 from lopsided98/linux-hardkernel-update
...
linux_hardkernel_4_14: 4.14.85-152 -> 4.14.87-153
2019-01-02 18:16:47 +00:00
David Guibert
d8e907ba18
conky: 1.11.0 -> 1.11.1 ( #53157 )
...
This fixes #52797 .
2019-01-02 09:54:22 +01:00
Jan Tojnar
b2b921bdca
Merge pull request #53149 from jtojnar/qrencode-cleanup
...
qrencode: merge with libqrencode
2019-01-02 02:18:22 +01:00
R. RyanTM
46e7ce0526
lxc: 3.0.2 -> 3.0.3 ( #52239 )
...
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/lxc/versions
2019-01-01 20:35:37 +01:00
Jan Tojnar
c5c2ac4f45
qrencode: merge with libqrencode
2019-01-01 17:19:07 +01:00
Will Dietz
d60806b90b
i2c-toools: touchups, NFCI. (reviewer suggestions, thanks!)
2018-12-31 11:26:07 -06:00
Frederik Rietdijk
070290bda7
Merge master into staging-next
2018-12-31 12:00:36 +01:00
Tim Steinbach
d6805baded
linux: 4.19.12 -> 4.19.13
2018-12-30 09:57:54 -05:00
Tim Steinbach
226eb52715
linux: 4.14.90 -> 4.14.91
2018-12-30 09:57:54 -05:00
Tim Steinbach
a7bd7a38ea
linux: 4.9.147 -> 4.9.148
2018-12-30 09:57:53 -05:00
Matthew Bauer
ec1f78d1cb
darwin.libunwind: fix hash
2018-12-30 00:00:30 -06:00
Matthew Bauer
4f522648cb
darwin: fix *_cmds installation
...
These just copy commands from Products/Release/. But with #52256 we
now build .dsym directories that somehow wind up in Products/Release/.
This makes things more exact by just copying the files in Products/Release/.
2018-12-29 23:58:10 -06:00
Matthew Bauer
d0dc91d24f
darwin: bump apple_sdks to 10.12
...
(cherry picked from commit 0b468bf0335eaa606fccfe98d4a36c3efbe83f2a)
2018-12-29 20:17:05 -06:00
Ivan Kozik
1c8fea18e2
kernel/patches.nix: remove hard tabs
2018-12-28 09:06:56 +01:00
Matthew Bauer
a1d297374d
darwin.hfs: put headers in hfs/ directory
...
This is where they are supposed to go. My mistake in the original
commit.
2018-12-27 11:18:28 -06:00
Frederik Rietdijk
10afccf145
Merge staging-next into staging
2018-12-27 18:11:34 +01:00
Dmitry Kalinkin
3edd5cb227
Merge pull request #51294 from eadwu/nvidia_x11/legacy_390
...
nvidia: expose nvidia_x11_legacy390
2018-12-27 09:08:53 -05:00
markuskowa
98561c789c
Merge pull request #52597 from lopsided98/lvm2-no-parallel
...
lvm2: disable parallel building
2018-12-27 14:21:25 +01:00
Samuel Dionne-Riel
889ef35303
linuxPackages_4_{19,20}: works around bug with overlayfs.
...
See: https://github.com/NixOS/nixpkgs/issues/48828#issuecomment-445208626
2018-12-26 22:51:31 +00:00