This allows you to turn on debug infor for all the beam packages in the
system with a single change at the top level. This is required for
debugging and dialyzer work. It also allows you to switch it on on a
package by package basis.
I add the nvidia-video-sdk header files, required to make it work.
You have to set nvenct=true to ffmpeg-full and nonfreeLicensing=true to
ffmpeg-full to use this.
Note: You'll need to add the `_rofi` command to your config of rofi-pass
to make this release work. Refer to config.example for an example of
how this might look like. For more information on this change, see
75cf715158.
This patch replaces the old grsecurity kernels with a single NixOS
specific grsecurity kernel. This kernel is intended as a general
purpose kernel, tuned for casual desktop use.
Providing only a single kernel may seem like a regression compared to
offering a multitude of flavors. It is impossible, however, to
effectively test and support that many options. This is amplified by
the reality that very few seem to actually use grsecurity on NixOS,
meaning that bugs go unnoticed for long periods of time, simply because
those code paths end up never being exercised. More generally, it is
hopeless to anticipate imagined needs. It is better to start from a
solid foundation and possibly add more flavours on demand.
While the generic kernel is intended to cover a wide range of use cases,
it cannot cover everything. For some, the configuration will be either
too restrictive or too lenient. In those cases, the recommended
solution is to build a custom kernel --- this is *strongly* recommended
for security sensitive deployments.
Building a custom grsec kernel should be as simple as
```nix
linux_grsec_nixos.override {
extraConfig = ''
GRKERNSEC y
PAX y
# and so on ...
'';
}
```
The generic kernel should be usable both as a KVM guest and host. When
running as a host, the kernel assumes hardware virtualisation support.
Virtualisation systems other than KVM are *unsupported*: users of
non-KVM systems are better served by compiling a custom kernel.
Unlike previous Grsecurity kernels, this configuration disables `/proc`
restrictions in favor of `security.hideProcessInformation`.
Known incompatibilities:
- ZFS: can't load spl and zfs kernel modules; claims incompatibility
with KERNEXEC method `or` and RAP; changing to `bts` does not fix the
problem, which implies we'd have to disable RAP as well for ZFS to
work
- `kexec()`: likely incompatible with KERNEXEC (unverified)
- Xen: likely incompatible with KERNEXEC and UDEREF (unverified)
- Virtualbox: likely incompatible with UDEREF (unverified)
This update was generated by hackage2nix v20160613 using the following inputs:
- Hackage: b9e58743e7
- LTS Haskell: 2a2cddb443
- Stackage Nightly: 4b8c8abac5
The `mk-ca-bundle.pl` script manages quite well using only curl but
fails without LWP being present due to a `use` statement. This removes
the Perl import of the LWP library and adds curl as a build input.
Without this patch, attempts to install at least some of the packages
that start to use setupHaskellDepends (mostly gtk-related packages)
results in collisions:
building path(s) ‘/nix/store/63k5smns43f5r2ad8wcc242x0gwd70m3-ghc-8.0.1’
collision between `/nix/store/k18i1nm5hgnb82y9w2g9hmlwhk3szjld-ghc-8.0.1/lib/ghc-8.0.1/Cabal-1.24.0.0/Distribution/Compat/Binary.dyn_hi' and `/nix/store/0rwhbwsg9kmywgbrib2bs29p2hmi80za-Cabal-1.24.0.0/lib/ghc-8.0.1/Cabal-1.24.0.0/Distribution/Compat/Binary.dyn_hi'
builder for ‘/nix/store/vrjkfpm8sb96m9i5k74h8vn0rwddgy4v-ghc-8.0.1.drv’ failed with exit code 25
This would appear to me to be a consequence of setupHaskellDepends
entries being added to propagateBuildInputs. It is sufficient in the
cases I'm familiar with (taffyBar), and I think correct, to simply add
it to the otherBuildInputs.
also: remove nvidia-cg-toolkit as input for retroarch.
see #15707
darwin is also building but you have to trick it into
thinking it's a desktop app for the GUI to load
platforms is set to "platforms.all".
Rebol is a cross-platform data exchange language and a multi-paradigm dynamic
programming language for network communications and distributed computing.
Previously, the user could only compile using the default version of
GHC in Nixpkgs. Now this can be changed by setting the `ghc` attribute
appropriately.
From the changelog:
```
Version 0.7.86, 2016-05-31
+ Linux/Mac: more output formats (PBCore, EBUCore, FIMS)
+ FFV1 parsing optimization, avoiding by default a too verbose trace
+ Matroska: more elements support and typo fixes in the trace
+ #I172, Trace feature: provide the name of the main parser in the media element
+ Matroska: consider all values below 0x10 EBML names as 1-byte junk
x Matroska: better support (including speed improvement) of huge lossless frames (e.g. 20 MB FFV1 4K)
x #I144, Python binding: Python 2 on Linux does not automatically provide the locale to the shared object
x HTML output: don't escape carriage returns from the input file
x FFV1: some streams were rejected despite the fact they are valid
x Python binding: some errors during call of Get() API with Python3 on Linux/Mac
```
a program for converting UIF files (Universal Image Format, used by MagicISO)
to uncompressed images depending on the input file type:
ISO, BIN/CUE, MDS/MDF, CCD/IMG/SUB and NRG.
The function "callHackage <name> <version>" generates build instructions for
the requested library version on-the-fly. All of Hackage is available. Note:
this code is brand-new, experimental, and it might change in the future. Don't
base production code on this feature yet.
Example usage:
$ nix-shell -p 'haskellPackages.callHackage "cpphs" "1.19.3" {}' --run "cpphs --version"
cpphs 1.19.3
$ nix-shell -p 'haskellPackages.ghcWithPackages (self: [(self.callHackage "hsdns" "1.6.1" {})])' --run "ghc-pkg list hsdns"
/nix/store/p6r81k2vb2pzy4wcvri6z9m492i0hg63-ghc-8.0.1/lib/ghc-8.0.1/package.conf.d
hsdns-1.6.1
