This ensures that git is added as a run-time dependency of tig and
allows tig to find the git command even if git is not installed in the
user environment. Fixes#5741.
This adds enhanced-ctorrent (ctorrent) which is a CLI-based bittorrent
client written in C++. It is very fast for those times when one wants to
simply add a torrent quick'n'dirty-style.
Writing the gid_map is already non-fatal, but the actual sandbox process
still tries to setresgid() to nogroup (usually 65534). This however
fails, because if user namespace sandboxing is present, the namespace
doesn't have CAP_SETGID at this point.
Fortunately, the effective GID is already 65534, so we just need to
check whether the target gid matches and only(!) setresgid() if it
doesn't.
So if someone would run a SUID version of the sandbox, it would still
work nonetheless without a negative impact on security.
Fixes#5730, thanks to @wizeman for reporting and initial debugging.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
The dependency on sqlite was propagated through to miro by libsoup, but
with f570f97, it's no longer propagated anymore so we need to pass it to
the miro derivation directly.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
The build script is a shell script which has a shebang using
/usr/bin/env, which isn't available in a chrooted Nix daemon.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
The following vulnerabilities have been fixed.
- wnpa-sec-2015-01
The WCCP dissector could crash. (Bug 10720, Bug 10806) CVE-2015-0559,
CVE-2015-0560
- wnpa-sec-2015-02
The LPP dissector could crash. (Bug 10773) CVE-2015-0561
- wnpa-sec-2015-03
The DEC DNA Routing Protocol dissector could crash. (Bug 10724) CVE-2015-0562
- wnpa-sec-2015-04
The SMTP dissector could crash. (Bug 10823) CVE-2015-0563
- wnpa-sec-2015-05
Wireshark could crash while decypting TLS/SSL sessions. Discovered by Noam
Rathaus. CVE-2015-0564
See more at https://www.wireshark.org/docs/relnotes/wireshark-1.12.3.html
This add profanity and dependencies and a few cleanups from me for the
profanity package expression.
Thanks to @devhell and apologies for pestering him with my nitpicking.
* Commit summary:
profanity: Add option for autoAwaySupport.
profanity: Clean up package expression file.
profanity: Add libnotifySupport config option
all-packages: Add libnotify option to profanity
profanity: Add "platforms" meta information
profanity: Add libXScrnSaver and libX11 buildInputs
libstrophe: Add "platforms" meta information
libstrophe: Fix typo
profanity: Add profanity, a ncurses XMPP client
libstrophe: Add new package
Actually, two dependencies used for notifySupport are for
autoAwaySupport and have nothing to do with notifications, so let's
split them apart.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
No real changes in functionality, other than renaming libnotifySupport
to just notifySupport.
I've wrapped the lines to a maximum of 80 characters in width, so the
file looks less cluttered up. Which includes setting apart the attribute
for notifySupport and its respective dependencies from the main
dependencies.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Originally I had in mind to introduce an attribute like "enableGPG", but
it seems that other distro include it per default, so I guess most users
coming from other distros would expect it that way. And so it is now.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This makes the Eclipse internal web browser work.
The internal web browser is the default browser, and Eclipse requires
manual configuration for any other (external) web browser. To me this
means the internal browser should be working by default, unless users
will get an error popup if they click any links.
This change increases the closure size from 714 to 880 MiB
(attribute eclipses.eclipse_cpp_43).
Makes beets actually usable (and configurable) on Nix(OS), if you want
to use more plugins rather than just plain lookup of tracks based on
(fuzzy) string matching.
This also changes the derivation name from "python2.7-beets" to just
"beets".
* Commit summary:
beets: Check dependencies on activated plugins.
beets: Check plugin definitions against package.
beets: Use audiotools backend for replaygain.
beets: Allow to configure plugin dependencies.
beets: Switch to using fetchFromGitHub.
python: Add new package audiotools.
python: Add new package discogs_client.
python: Add pyacoustid and dependencies.
python/mutagen: Update to upstream version 1.27.
mp3gain: Fix output path bin directory.
beets: Add myself to maintainers.
beets: Update to new upstream version 1.3.9.
beets: Move into its own package directory.
This is more of an attempt rather than a real fix (or maybe it is? let's
see) for the corrupted .pyc files during build. I believe the reason we
get these are likely due to several instances of the Python interpreter
that run in parallel and one of these processes might still be writing
the .pyc file.
So, rather than deleting all .pyc files, we now precompile then in order
to avoid any build process trying to generate any .pyc file.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Because:
1. It is a mere alias of `pythonPackages.sip`
2. It is usually not needed since propagated by `pyqt4`
3. It makes it easy to have a packages depend on two different versions
of sip
This commit eliminates a patch which hard-coded an example configuration file as the program's default settings and prevented the program from reading a user's configuration file.
Introduces a video/audio information utility, both CLI and GUI.
Thanks to @devhell.
* devhell-mediainfo:
libzen: Add --enable-shared to configureFlags.
mediainfo-gui: Add package
mediainfo: Add myself to meta.maintainers.
mediainfo: Add package and dependencies
Name has been changed in c9282c65f4.
Users would probably expect "nix-env -i picard" to work, and as picard
isn't a library it doesn't make sense to set a prefix.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Because we have to rely on setuid wrappers on NixOS, we can't easily
hardcode the executable paths and set it 4755. So for all calls, we need
to change the runtime path executable directory to /var/setuid-wrappers/
and for verification we need to retain the executable directory.
Also note, that usually VBoxNetAdpCtl, VBoxNetDHCP, VBoxNetNAT, VBoxSDL
and VBoxVolInfo don't reside in directories that are commonly in PATH,
but in /usr/lib/virtualbox in most mainstream distros. But because the
names of these executables are distinctive enough to not cause
collisions with other setuid programs, I'll leave it like that and not
patch up setuid-wrappers.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Not really changes anything in functionality, but makes it easier to
change the build type to "debug", for example.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Fixes the following bugs:
* Helper tool crashes when service checks elevation state
* Zeroconf on server advertises bogus IP address
* Drag file causes client crash on Mac (10.10)
Introduces the following enhancements:
* Optional Bonjour requirement for Windows
* Automatic Bonjour download and install
* Auto-config available servers combo box
* More user friendly dialog when client is detected
* Minimize auto config message box usage
* Firewall exception for GUI (needed for Bonjour)
* Consistent naming for auto config feature
Full changelog with bug IDs can be found at:
http://synergy-project.org/changelog/
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Just accidentally found this while debugging and it's needed for
fetching a few interface details, not sure however whether because of
this anything has been broken so far.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Instead of coping it to $out and later deleting it, we now exclude the
src directory during copy. Also, we no longer cd into the release
directory during installPhase, which should make sure that we are
constantly in $sourceRoot.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>