* Add needed dependencies:
coreutils, python, ruby, java and several Perl modules (Time::HiRes
1.9.724 is no longer available, bump to 1.9725)
* Use sha256 instead of md5 (more secure)
* Wrap munin perl scripts so they find their dependencies at runtime
* Rework meta description attributes.
FIXME/TODO: munin is still not usable; it tries to write log files and
web graphs to its installation path.
WildMIDI is a simple software midi player which has a core softsynth
library that can be use with other applications.
I have tested the wildmidi executable with a MIDI file. It works.
freepats is a project to create a free and open set of instrument
patches, in any format, that can be used with softsynths.
I'm adding it because it is needed for WildMIDI, which is needed for
MIDI support in Qmmp (audio player). I'll add WildMIDI and Qmmp in the
next commit(s).
I update it to the latest version, 265. Then I use some patches:
The nss_ldap-265-glibc-2.16.patch is the one that fixes the crash.
The crashes.patch is another one that I took from RH that said to fixes somes
crashes, but it didn't fix the crash I was seeing. But I guess it fixes
something.
With udisks1, I do see my usb/cardreader drives.
With udisks2, I don't.
So this probably needs to be configured at build-time.
As udisks1 does work, I don't care all that much.
This patch adds support for unprivileged user namespaces found in kernel
versions 3.8.0 and later. In case of Nix, this is especially useful to prevent
having to set up setuid wrappers.
The implementation details about this patch can be found at the top of the file
"sandbox_userns.patch". My first attempt of creating this patch was by modifying
the SUID sandbox. Unfortunately this didn't work out well, because in the event
of a sandbox failure, the host zygote process waits for an answer of the inner
zygote with no timeout. Even if I'd have set a timeout, this would have been
very ugly, giving users which don't have unprivileged user namespaces a delay on
startup.
An alternative approach to the mentioned problem would be to use select() on the
host zygote, watching for changes stdout or stderr and the synchronization
socket. But even that approach isn't feasible because it requires a whole bunch
of even more patching.
Patch was tested with older kernels (3.2.x, 3.7.x) and kernels without user
namespace support enabled, where in case the feature is unavailable it reverts
back to the previous behaviour (no zygote sandbox, only seccomp BPF).
In order to support all Chromium channels, I manually changed the first hunk of
the patch to not include the starting context of the diff, because there is a
whitespace change in more recent versions of the Chromium source tree.
See SVN revision 199882 for the change (revert in this case) in detail:
http://src.chromium.org/viewvc/chrome?view=revision&revision=199882
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
