BoomMicrophone/nixpkgs-suyu
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
nixpkgs-suyu/pkgs/tools/networking
History
Ambroz Bizjak 35e0eea053 ntpd: Allow additional syscalls in seccomp filter. 
Fixes issue #21136.

The problem is that the seccomp system call filter configured by ntpd did not
include some system calls that were apparently needed. For example the
program hanged in getpid just after the filter was installed:

prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)  = 0
seccomp(SECCOMP_SET_MODE_STRICT, 1, NULL) = -1 EINVAL (Invalid argument)
seccomp(SECCOMP_SET_MODE_FILTER, 0, {len=41, filter=0x5620d7f0bd90}) = 0
getpid()                                = ?

I do not know exactly why this is a problem on NixOS only, perhaps we have getpid
caching disabled.

The fcntl and setsockopt system calls also had to be added.
2017-04-02 21:44:06 +02:00
..
ahcpd treewide: Add lots of meta.platforms 2016-08-02 21:42:43 +03:00
aiccu aiccu: fix unavailable source url, use debian mirror 2017-01-26 03:52:46 +01:00
aircrack-ng aircrack-ng: 1.2-rc3 -> 1.2-rc4 2017-02-17 00:11:32 +01:00
airfield
altermime altermime: use mkDerivation 2016-01-30 20:31:05 +00:00
argus argus: init at 3.0.8.2 2016-08-22 22:17:14 +02:00
argus-clients argus-clients: init at 3.0.8.2 2016-08-24 00:13:38 +02:00
aria2 aria2: 1.29.0 -> 1.31.0 2017-01-23 19:16:05 -02:00
asynk Remove myself from maintainers 2017-01-31 11:00:14 +01:00
atftp atftp: 0.7 -> 0.7.1 2016-07-21 07:22:17 +03:00
autossh
axel axel: 2.11 -> 2.12 2017-01-09 21:32:30 +01:00
babeld babeld: 1.7.1 -> 1.8.0 2017-02-02 19:19:28 +01:00
badvpn
biosdevname biosdevname: 0.6.1 -> 0.7.2 2017-01-26 03:52:45 +01:00
bsd-finger treewide: Add lots of platforms to packages with no meta 2016-08-02 21:17:44 +03:00
bud Fix lots of fetchgit hashes (fallout from #15469) 2016-06-03 17:17:08 +03:00
bully treewide: Add lots of meta.platforms 2016-08-02 21:42:43 +03:00
burpsuite burpsuite: init at 1.7.06 2016-10-01 14:27:04 +02:00
bwm-ng
cadaver cadaver: fix build against newer versions of openssl 2016-03-24 19:05:14 +01:00
carddav-util treewide: Add lots of meta.platforms 2016-08-02 21:42:43 +03:00
ccnet ccnet: vala -> vala_0_23 2016-08-21 20:17:25 +03:00
chrony chrony: 2.4.1 -> 3.0, enable seccomp 2017-01-26 03:52:45 +01:00
cjdns cjdns: fix build with glibc-2.25 via upstream patch 2017-02-21 13:30:50 +01:00
cksfv
cmst cmst: 2016.04.03 -> 2016.10.03 2016-10-18 15:31:51 -02:00
cntlm
connect connect: 1.104 -> 1.105 2017-03-01 20:09:46 -06:00
connman connman: meta cleanup 2016-09-28 20:01:37 +02:00
connman-notify connman-notify: set platforms = linux 2016-09-17 13:52:00 +02:00
connman_dmenu connman-dmenu: init at git-29-9-2015 2016-02-28 05:18:35 +01:00
connmanui Fix lots of fetchgit hashes (fallout from #15469) 2016-06-03 17:17:08 +03:00
corkscrew treewide: Add lots of meta.platforms 2016-08-02 21:42:43 +03:00
curl curl: Use default trust store of TLS backend 2017-03-22 11:54:20 +01:00
curl-unix-socket
cutter
darkstat treewide: Add lots of meta.platforms 2016-08-02 21:42:43 +03:00
davix davix: 0.4.0 -> 0.6.4 (#18768) 2016-09-21 19:35:50 +02:00
dd-agent dd-agent: fix by adding uptime as dependency. 2017-03-29 14:56:01 +00:00
ddclient ddclient: Fix build after multiple outputs merge 2016-04-28 20:48:33 +03:00
dhcp dhcp: 4.3.3 -> 4.3.4 2016-09-28 10:50:29 +02:00
dhcpcd dhcpcd: 6.11.3 -> 6.11.5 2016-12-04 01:40:26 +01:00
dhcpdump Use general hardening flag toggle lists 2016-03-05 18:55:26 +01:00
dhcping Add version attribute where maintainers |= nckx 2016-01-25 17:35:21 +01:00
dibbler dibbler: init at 1.0.1 2016-08-10 07:12:08 +02:00
dirb dirb: init at 2.22 2016-11-07 00:52:13 +01:00
dnscrypt-proxy dnscrypt-proxy: enable additional plugins 2017-03-16 16:15:33 +01:00
dnscrypt-wrapper dnscrypt-wrapper: 0.2.1 -> 0.2.2 2016-10-29 03:04:03 +02:00
dnsmasq dnsmasq: install launchd plist on darwin 2017-03-09 11:30:50 +13:00
dnsperf dnsperf: init at 2.1.0.0 2017-02-23 14:03:49 +01:00
dnstop treewide: Add lots of meta.platforms 2016-08-02 21:42:43 +03:00
driftnet driftnet: 0.7 -> 1.1.5 2017-03-06 07:58:38 -05:00
dropbear dropbear: 2016.73 -> 2016.74 2016-07-23 21:29:51 +02:00
easyrsa easyrsa: use autoreconfHook 2016-08-24 20:18:52 +00:00
eggdrop eggdrop: fix build 2016-04-04 16:17:14 +00:00
email email: adopt upstream fix for "$cwd undefined in configure" 2016-08-08 23:02:04 -04:00
fakeroute fakeroute: init at 0.3 2016-11-23 15:22:55 +01:00
fastd fastd: fix meta.platforms typo 2016-10-14 00:02:30 +02:00
fdm
ferm ferm: 2.3 -> 2.3.1 2017-01-08 23:40:40 +01:00
filegive
flannel flannel: 0.5.5 -> 0.6.2 2016-10-01 17:04:25 +02:00
flvstreamer
fping fping: 3.15 -> 3.16 2017-02-17 23:44:48 +01:00
gandi-cli gandi-cli: 0.18 -> 0.19 2016-08-03 20:05:40 +02:00
getmail getmail: 4.53.0 -> 4.54.0 2017-03-05 00:48:29 +01:00
gftp treewide: explicitly specify gtk and related package versions 2016-09-12 18:26:06 +03:00
gmvault gmvault: 1.8.1-beta -> 1.9.1 2016-10-06 23:52:33 +02:00
gupnp-tools gupnp-tools: 0.8.8 -> 0.8.13 2017-03-12 20:55:07 -05:00
gvpe gvpe: 2.25 -> 3.0 2017-03-09 03:12:26 +02:00
hans hans: 0.4.4 -> 1.0 2017-03-01 19:18:29 -06:00
haproxy haproxy: added fuzzy-id to the list of maintainers 2017-03-29 12:27:50 +02:00
horst horst: git-2016-03-15 -> 5.0 2017-03-01 19:16:03 -06:00
hping hping: broken on darwin 2016-09-16 09:11:22 +00:00
htpdate htpdate: init at 1.1.3 2016-09-22 14:46:10 +10:00
http-prompt http-prompt: 0.8.0 -> 0.9.1 2017-02-15 13:45:58 +01:00
httpie httpie: 0.9.8 -> 0.9.9 2017-02-27 12:41:51 +01:00
httping httping 2.5: fetch over https + license 2017-03-02 19:20:26 +01:00
httplab httplab: init at 0.1.0 2017-03-03 17:35:31 +01:00
httpstat Merge remote-tracking branch 'upstream/master' into HEAD 2016-10-26 13:06:43 +02:00
httptunnel
hyenae
i2p i2p: 0.9.26 -> 0.9.28 2017-01-02 13:14:42 +01:00
i2pd i2pd: 2.11.0 -> 2.12.0 2017-03-25 21:42:32 +01:00
iftop
imapproxy treewide: Add lots of meta.platforms 2016-08-02 21:42:43 +03:00
imapsync imapsync: add missing dependencies 2016-05-09 16:08:36 +02:00
inadyn inadyn: 1.99.15 -> 2.0 2016-09-19 00:58:54 +02:00
inetutils inetutils: Add patch for Canadian TLD server 2017-03-07 21:30:03 +01:00
iodine
ip2location Add version attribute where maintainers |= nckx 2016-01-25 17:35:21 +01:00
ipcalc
iperf iperf2: 2.0.5 -> 2.0.9 2017-03-26 21:41:22 -04:00
ipv6calc Add version attribute where maintainers |= nckx 2016-01-25 17:35:21 +01:00
isync isyncUnstable: add ttuegel to maintainers 2017-02-16 09:50:31 -06:00
jnettop treewide: Add lots of meta.platforms 2016-08-02 21:42:43 +03:00
jwhois
kea kea: init at 1.1.0 2016-10-24 20:02:23 +02:00
keepalived keepalived: 1.3.4 -> 1.3.5 2017-03-24 00:28:43 +01:00
lftp lftp: 4.7.3 -> 4.7.6 2017-03-06 22:06:43 +01:00
libreswan libreswan: 3.17 -> 3.18 (security) 2016-08-05 04:07:31 +02:00
linkchecker linkchecker: fix darwin build 2017-02-26 12:30:14 +01:00
logmein-hamachi logmein-hamachi: 2.1.0.165 -> 2.1.0.174 2016-11-24 01:17:58 +03:00
lsh lsh: fix gcc5 build 2016-08-23 15:33:32 +00:00
maildrop treewide: Add lots of meta.platforms 2016-08-02 21:42:43 +03:00
mailsend Merge branch 'master' into staging 2016-05-26 16:50:22 +02:00
mailutils Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-07-15 14:41:01 +00:00
maphosts maphosts: use gemdir 2017-01-18 00:52:48 +01:00
megatools megatools: 1.9.97 -> 1.9.98 2017-02-27 22:42:49 +01:00
minidlna minidlna: install manpages 2016-04-08 23:04:12 +02:00
minio-client minio-client: 20160821 -> 20170206 2017-03-28 20:04:53 +02:00
minissdpd minissdpd: 1.5.20160301 -> 1.5.20160301 2016-03-24 21:33:18 +01:00
miniupnpc miniupnpc: switch to old version by default 2017-03-02 19:30:37 +01:00
miniupnpd miniupnpd: 1.9.20160222 -> 2.0 2016-04-22 17:11:20 +02:00
miredo miredo: init at 1.2.6 2016-12-31 21:03:27 +01:00
mitmproxy mitmproxy: 1.0.2 -> 2.0.6 2017-03-04 12:58:29 +02:00
modemmanager treewide: purge maintainers.urkud 2017-03-27 19:52:29 +02:00
mosh mosh: use ssh from nixpkgs 2017-01-28 13:21:24 -05:00
mpack Disable bunch of non-compiling packages on Darwin 2016-09-01 20:39:33 +03:00
mtr mtr: 0.86 -> 0.87 2017-03-13 04:31:00 +00:00
mu mu: run tests 2017-03-06 21:46:25 +08:00
nbd nbd: update to version 3.14 2016-09-19 15:45:12 +02:00
ncftp
ndisc6
ndjbdns ndjbdns: build from latest sources which adds Darwin compatibility 2016-07-29 12:55:35 +02:00
netboot Use general hardening flag toggle lists 2016-03-05 18:55:26 +01:00
netcat-gnu netcat: make netcat-openbsd the default netcat (#19411) 2016-10-30 15:06:04 +01:00
netcat-openbsd netcat-openbsd: install man page 2016-10-30 15:06:16 +01:00
nethogs nethogs: 0.8.1 -> 0.8.5 2016-07-13 13:17:24 +02:00
netkit/tftp
netrw treewide: Add lots of meta.platforms 2016-08-02 21:42:43 +03:00
netselect treewide: Add lots of meta.platforms 2016-08-02 21:42:43 +03:00
netsniff-ng netsniff-ng: 0.6.1 -> 0.6.2 2016-11-09 02:24:45 +01:00
network-manager treewide: purge maintainers.urkud 2017-03-27 19:52:29 +02:00
network-manager-applet treewide: purge maintainers.urkud 2017-03-27 19:52:29 +02:00
ngrep ngrep: fix build due to new libpcap, use debian patches 2017-01-22 14:09:50 +01:00
ngrok buildGoPackage: deps.json -> deps.nix in NIXON 2016-09-16 00:04:55 +01:00
noip treewide: Add lots of meta.platforms 2016-08-02 21:42:43 +03:00
nss-mdns
nss-pam-ldapd treewide: Add lots of meta.platforms 2016-08-02 21:42:43 +03:00
ntopng ntopng: prefer nixpkgs over in-tree deps 2016-05-11 19:33:08 -04:00
ntp ntpd: Allow additional syscalls in seccomp filter. 2017-04-02 21:44:06 +02:00
nuttcp Adding nuttcp. 2017-01-28 20:40:21 +01:00
nylon treewide: Fix meta.platforms related typos 2016-08-02 21:17:44 +03:00
nzbget nzbget: 17.1 -> 18.0 2017-02-26 13:36:36 +01:00
ocproxy ocproxy: 1.50 -> 1.60 2017-03-06 07:50:50 -05:00
offlineimap offlineimap: install man pages 2017-02-14 12:37:35 -06:00
olsrd olsrd: 0.6.6.1 -> 0.9.6.1 2017-03-12 08:38:24 +01:00
openconnect openconnect_openssl: added missing dependecy gmp 2017-02-28 17:57:21 +01:00
openfortivpn openfortivpn: 1.1.4 -> 1.2.0 2017-02-17 00:11:55 +01:00
openntpd openntpd: v6+ requires libressl for constraints 2016-12-28 13:35:42 +10:00
openresolv openresolv: 3.8.1 -> 3.9.0 (#23362) 2017-03-05 21:49:48 +01:00
openssh openssh: update the gssapi patch 2016-12-29 17:04:58 -05:00
openvpn openvpn: 2.3.13 -> 2.4.0 2017-01-02 15:38:46 +01:00
p2p Merge branch 'master' into staging 2017-03-18 11:00:31 +01:00
packetdrill packetdrill: minor packaging tweaks 2017-03-10 23:35:29 +01:00
par2cmdline par2cmdline: 0.6.11 -> 0.6.13 (#23361) 2017-03-02 11:02:08 +01:00
pcapc pcapc: 2015-03.06 -> 1.0.0 2017-03-01 18:01:42 -06:00
pcapfix treewide: Add lots of meta.platforms 2016-08-02 21:42:43 +03:00
pdnsd pdnsd: fix darwin build 2017-03-08 00:25:15 +01:00
pdsh treewide: Lots of meta.hydraPlatforms -> meta.platforms 2016-08-02 21:17:44 +03:00
philter
pingtcp Fix lots of fetchgit hashes (fallout from #15469) 2016-06-03 17:17:08 +03:00
pixiewps pixiewps: init at 1.2.2 2016-11-03 23:45:14 +02:00
polygraph
polysh Add tools/networking/polysh 2016-11-29 17:32:21 +03:00
ppp ppp: add patch to fix CVE-2015-3310 2017-01-25 20:53:43 -05:00
pptp treewide: purge maintainers.urkud 2017-03-27 19:52:29 +02:00
pptpd pptpd: init at 1.4.0 2016-06-18 02:08:07 +01:00
privoxy privoxy: homepage now reachable via https 2016-12-06 15:48:39 +01:00
proxychains proxychains: fix build, add -ldl to LDFLAGS 2016-11-25 12:17:11 +01:00
pssh pssh: init at 2.3.1 2016-12-06 00:46:48 -05:00
pwnat pwnat: 0.3-beta -> 2014-09-08 2016-09-07 23:52:21 +01:00
quicktun quicktun: 2.2.4 -> 2.2.5 2017-03-02 08:19:25 +01:00
radvd radvd: 2.15 -> 2.16 2017-02-02 19:33:21 +01:00
ratools Captialize meta.description of all packages 2016-06-20 13:55:52 +02:00
reaver-wps
reaver-wps-t6x reaverwps-t6x: init at 1.5.2 2016-11-03 23:45:14 +02:00
redir redir: 2.2.1 -> 3.1 2017-02-02 18:59:07 +01:00
redsocks redsocks: init at 0.5 2017-02-05 01:20:03 +01:00
ripmime
rp-pppoe
s3cmd s3cmd: use python2 2016-11-24 22:28:02 +01:00
s3gof3r buildGoPackage: deps.json -> deps.nix in NIXON 2016-09-16 00:04:55 +01:00
s6-dns skarnet.org packages: fix darwin build 2017-03-26 17:30:41 -05:00
s6-networking skarnet.org packages: fix darwin build 2017-03-26 17:30:41 -05:00
samplicator samplicator: 1.3.7-beta6 -> 1.3.8rc1 2017-02-26 10:05:18 +01:00
shadowsocks-libev shadowsocks-libev: 2.5.0 -> 2.5.5 2016-10-16 22:41:50 +08:00
shncpd shncpd: init at 2016-06-22 2016-07-17 17:15:23 +02:00
siege siege: 4.0.1 -> 4.0.2 2016-07-12 13:31:31 +08:00
sipcalc
sipsak treewide: Add lots of meta.platforms 2016-08-02 21:42:43 +03:00
slimrat treewide: Add lots of meta.platforms 2016-08-02 21:42:43 +03:00
smbldaptools treewide: Add lots of meta.platforms 2016-08-02 21:42:43 +03:00
smokeping smokeping: init at 2.6.11 (#17090) 2016-07-21 01:07:59 +02:00
snabb treewide: Use makeBinPath 2016-08-23 01:18:10 +03:00
socat socat: 1.7.3.1 -> 1.7.3.2 2017-02-17 00:11:03 +01:00
speedtest-cli speedtest-cli: 1.0.2 -> 1.0.3 (#24535) 2017-04-01 14:45:58 +01:00
spiped Captialize meta.description of all packages 2016-06-20 13:55:52 +02:00
srelay srelay: switch sf downloads to mirror:// 2016-08-20 19:14:31 +05:30
ssh-ident treewide: Add lots of meta.platforms 2016-08-02 21:42:43 +03:00
sshpass sshpass: 1.05 -> 1.06 2016-10-14 00:58:07 +03:00
ssldump ssldump: init at 09b3 2016-10-19 14:15:42 +00:00
ssmtp treewide: Add lots of platforms to packages with no meta 2016-08-02 21:17:44 +03:00
sstp sstp: 1.0.10 -> 1.0.11 2017-03-01 16:48:07 -06:00
statsd statsd: 0.7.2 -> 0.8.0 2016-10-20 17:35:03 -04:00
strongswan strongswan: enable charon-systemd (#21872) 2017-01-14 20:41:51 +01:00
stun stun: gzip -9 -> gzip -9n 2016-12-20 15:32:14 +01:00
stunnel stunnel: 5.38 -> 5.39 2017-01-26 03:52:50 +01:00
surfraw
swaks swaks:20130209.0 -> 20170101.0 2017-03-02 08:19:41 +01:00
swec treewide: Fix 'lib.optional' misuses 2016-10-01 23:38:06 +03:00
tcpdump tcpdump: 4.8.1 -> 4.9.0 for multiple CVEs 2017-01-31 17:17:12 +01:00
tcpflow tcpflow: 1.4.5 -> 1.4.6 (#15151) 2016-05-03 01:39:46 +01:00
telnet Use general hardening flag toggle lists 2016-03-05 18:55:26 +01:00
tftp-hpa
tgt treewide: Use explicit 'dev' references to glibc 2016-08-30 03:11:09 +03:00
tinc tinc: 1.0.29 -> 1.0.31 2017-01-30 12:38:02 +01:00
tlsdate tlsdate: dont build on darwin 2016-08-16 19:25:45 +00:00
tlspool tlspool: init at 20170123 (#23437) 2017-03-03 17:38:33 +01:00
toxvpn toxvpn: 20160909 -> 20161230 2017-02-14 14:59:59 +08:00
tracebox
traceroute traceroute: 2.0.21 -> 2.1.0 (#16809) 2016-07-09 14:40:14 +02:00
trickle Use general hardening flag toggle lists 2016-03-05 18:55:26 +01:00
ucspi-tcp
udptunnel
uget gst-plugins-base: align attrname with pkgname 2017-02-27 12:16:26 +01:00
unbound unbound: only use the two-phase build on Linux 2017-02-28 22:32:20 +01:00
urlwatch urlwatch: 2.2 -> 2.5 2016-12-02 13:14:22 +09:00
uwimap Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-05-30 19:39:34 +00:00
vde2 vde2: use python2 2016-11-24 22:28:03 +01:00
vlan vlan: disable format hardening 2016-08-04 11:03:28 +02:00
vpnc Captialize meta.description of all packages 2016-06-20 13:55:52 +02:00
vtun vtun: 3.0.3 -> 3.0.4 2016-11-20 16:36:52 +01:00
wakelan wakelan: refactor allow builds on non linux 2016-12-26 15:04:45 -06:00
wavemon
wbox treewide: Add lots of meta.platforms 2016-08-02 21:42:43 +03:00
webalizer treewide: Add lots of platforms to packages with no meta 2016-08-02 21:17:44 +03:00
weighttp treewide: Add lots of platforms to packages with no meta 2016-08-02 21:17:44 +03:00
wget wget: add patch for CVE-2017-6508 2017-03-11 08:18:57 +01:00
whois whois: 5.2.12 -> 5.2.14 2017-02-02 19:19:28 +01:00
wicd wicd: use python2 2017-01-11 18:25:10 +01:00
wol wol: init at 0.7.1 2016-09-28 12:33:46 +02:00
wolfebin
wrk wrk: use packaged openssl, luajit (#24481) 2017-03-30 23:09:42 +01:00
wuzz wuzz: 0.1.0 -> 0.2.0 (#23002) 2017-02-19 19:11:00 +00:00
x11-ssh-askpass
xl2tpd xl2tpd: 1.3.6 -> 1.3.7 2016-04-30 03:12:34 +03:00
zap zap: update 2.4.3 -> 2.5.0 2016-06-08 20:21:39 +02:00
zerotierone zerotierone: 1.1.12 -> 1.1.14 2016-12-27 17:47:41 +00:00