Commit Graph

42252 Commits

Author SHA1 Message Date
Bjørn Forsman
d5775a5ef9 duply: upgrade 1.6.0 -> 1.7.3
Changes since 1.6.0:

1.7.3 (3.4.2014)
- bugfix: test routines, gpg2 asked for passphrase although GPG_PW was set

1.7.2 (1.4.2014 "April,April")
- bugfix: debian Bug#743190 "duply no longer allows restoration without
   gpg passphrase in conf file"
   GPG_AGENT_INFO env var is now needed to trigger --use-agent
- bugfix: gpg keyenc test routines didn't work if GPG_PW was not set

1.7.1 (30.3.2014)
- bugfix: purge-* commands renamed to purgeFull, purgeIncr due to
   incompatibility with new minus batch separator

1.7.0 (20.3.2014)
- disabled gpg key id plausibility check, too many valid possibilities
- featreq 7 "Halt if precondition fails":
   added and(+), or(-) batch command(separator) support
- featreq 26 "pre/post script with shebang line":
   if a script is flagged executable it's executed in a subshell
   now as opposed to sourced to bash, which is the default
- bugfix: do not check if dpbx, swift credentials are set anymore
- bugfix: properly escape profile name, archdir if used as arguments
- add DUPL_PRECMD conf setting for use with e.g. trickle
2014-04-13 21:23:08 +02:00
Bjørn Forsman
9878bb47a4 buildbot{,slave}: bump 0.8.7p1 -> 0.8.8
Build and run tested.
2014-04-13 21:11:49 +02:00
Bjørn Forsman
1d896c47c9 apcupsd: add missing assert 2014-04-13 20:29:33 +02:00
Bjørn Forsman
694eb12f5f apcupsd: bump 3.14.11 -> 3.14.12 (latest stable)
Release notes:
http://sourceforge.net/p/apcupsd/svn/HEAD/tree/tags/Release-3_14_12/ReleaseNotes
2014-04-13 20:29:33 +02:00
Austin Seipp
788d9a13fb grsecurity: stable/vserver/testing updates
- stable:  201404111812            -> 201404131252
 - vserver: vs2.3.2.16-201404111814 -> vs2.3.2.16-201404131253
 - testing: 201404111815            -> 201404131254

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-13 13:11:17 -05:00
Bjørn Forsman
99afbf9e91 sdcc: bump 3.3.0 -> 3.4.0
This new sdcc doesn't need older boost, so switch to nixpkgs default
version (currently 1.55).
2014-04-13 19:46:00 +02:00
Bjørn Forsman
a555ee2412 xmlrpc-c: bump 1.25.26 -> .27
Release 1.25.27 (released March 15, 2014):

  Fix bug: When serializing a very large floating point number, sender
  of an XML-RPC message adds some junk after the decimal point. With
  assertion checking enabled, it just crashes. Broken in 1.15 (June 2008).
2014-04-13 19:16:02 +02:00
Bjørn Forsman
2b9c96878c qmmp: update 0.7.5 -> 0.7.6
Changes since 0.7.5:
 * added libav 10 and ffmpeg 2.2 support;
 * fixed url parsing;
 * fixed freezing on playback resume;
 * fixed random freezing in the mplayer plugin;
 * fixed reset selection of tracks when calling context menu;
 * fixed multimedia keys support under win32.
2014-04-13 19:07:06 +02:00
Michael Raskin
e86e76e560 Adding sysdig system call tracer for Linux 2014-04-13 20:49:37 +04:00
Benno Fünfstück
57a9eaab67 haskell: jailbreak pipes-network 2014-04-13 18:40:59 +02:00
宋文武
e9a8c8417f wildmidi: update to 0.3.6 2014-04-13 18:30:24 +02:00
Cillian de Róiste
83044b788c pytest: fix for py2.6 by adding argparse as an input 2014-04-13 17:21:33 +02:00
Oliver Charles
7f4afcda7e Merge pull request #2235 from bennofs/haskell-monad-extras
haskell: add monad-extras
2014-04-13 12:11:27 +01:00
Bjørn Forsman
6fa1ad04da nixos: extend documentation example for security.setuidOwners
Show that it is possible to set custom permission bits.
2014-04-13 12:31:08 +02:00
Roelof Wobben
0096bb677a new package: cinnamon-settings-daemon (close #2205)
With tiny changes from @vcunat.
2014-04-13 11:57:12 +02:00
Bjørn Forsman
6989b9a3f9 babeltrace: update from 1.1.1 to 1.2.1 2014-04-13 10:47:17 +02:00
Bjørn Forsman
d1f875c6af lttng project: update from 2.3.0 to 2.4.1
(And update liburcu to 0.8.4 according to release notes for lttng 2.4.x.)

In addition to new features and bug fixes, version 2.4.x is needed to build
against Linux 3.12 (our new stable kernel).
2014-04-13 10:47:16 +02:00
Benno Fünfstück
7fed418b24 haskell: add monad-extras 2014-04-13 10:19:30 +02:00
Austin Seipp
2661400d2a cgit: bump git version to 1.9.2
This also updates the download URL to use kernel.org

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-13 00:47:16 -05:00
Domen Kožar
399d7839ef Merge pull request #2233 from ertes/ertes-keepassx-split
keepassx: Renamed KeePassX 2.0 to keepassx2.
2014-04-13 05:15:56 +02:00
James Cook
21cb9c24f0 Patch python32 for CVE-2014-1912. 2014-04-13 05:15:19 +02:00
James Cook
324ade4658 Patch python27 for CVE-2014-1912. 2014-04-13 05:15:19 +02:00
Austin Seipp
a3155a0e2a nixos: add a UID for Hydra
Otherwise the Hydra module can't be used when mutableUsers = false;

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-12 21:20:18 -05:00
Ertugrul Söylemez
a0886ae024 keepassx: Renamed KeePassX 2.0 to keepassx2. 2014-04-13 03:28:20 +02:00
Domen Kožar
7e37e4b5ee Merge pull request #2184 from offlinehacker/pkgs/pythonPacakges/sqlalchemy-imageattach_darwin_fix
pythonPackages: sqlalchemy-imageattach, fix tests on darwin
2014-04-13 00:25:25 +02:00
Domen Kožar
1988bbd990 Merge pull request #2231 from jwiegley/master
Change several package constraints from linux to unix
2014-04-13 00:24:28 +02:00
John Wiegley
010132e302 Change several package constraints from linux to unix
They all build on Darwin.
2014-04-12 16:01:16 -05:00
Oliver Charles
d64fdccaa7 Merge pull request #2230 from bennofs/update-yi
haskell: update yi to 0.8.1
2014-04-12 21:56:25 +01:00
Benno Fünfstück
2fd160f027 haskell: update yi to 0.8.1 2014-04-12 20:33:15 +02:00
Vladimír Čunát
1ae918b0d2 gtk3: bugfix update 3.12.0 -> .1 2014-04-12 20:25:15 +02:00
Austin Seipp
64efd184ed grsecurity: Fix GRKERNSEC_PROC restrictions
Previously we were setting GRKERNSEC_PROC_USER y, which was a little bit
too strict. It doesn't allow a special group (e.g. the grsecurity group
users) to access /proc information - this requires
GRKERNSEC_PROC_USERGROUP y, and the two are mutually exclusive.

This was also not in line with the default automatic grsecurity
configuration - it actually defaults to USERGROUP (although it has a
default GID of 1001 instead of ours), not USER.

This introduces a new option restrictProcWithGroup - enabled by default
- which turns on GRKERNSEC_PROC_USERGROUP instead. It also turns off
restrictProc by default and makes sure both cannot be enabled.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-12 11:16:05 -05:00
John Wiegley
b296895abe Allow lsof to build on darwin (fixes #2219)
Closes #2219, closes #2223

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-12 11:14:18 -05:00
John Wiegley
c3efd1a3f7 Update httrack recipe
Closes #2222

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-12 10:55:01 -05:00
Michael Raskin
97982c4085 Update MDBTools Git version 2014-04-12 19:29:40 +04:00
taku0
c4eadfbac5 add thunderbird-bin: the binary package for Thunderbird mail client 2014-04-13 00:29:14 +09:00
John Wiegley
0ef3c47778 Add recipes for a few Haskell libraries 2014-04-12 10:22:37 -05:00
Oliver Charles
1b7a8e6f5b Merge pull request #2217 from bennofs/haskell-uri
Add uri haskell package
2014-04-12 16:09:46 +01:00
Oliver Charles
3f1af5f709 haskellPackages.bert: Update to 1.2.2.2 2014-04-12 16:06:35 +01:00
Oliver Charles
99d8ef0673 haskellPackages.snapCORS: New expression 2014-04-12 16:04:40 +01:00
Benno Fünfstück
796ea8ee11 haskell: add uri package 2014-04-12 16:59:29 +02:00
William A. Kennington III
4fea09ca4c google_api_python_client: Add package
Closes #2178

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-12 08:11:46 -05:00
Oliver Charles
9bf24c207f Merge pull request #2216 from aristidb/master
perl: Finance::Quote 1.29
2014-04-12 14:09:40 +01:00
Aristid Breitkreuz
c62b9e56f8 perl: Finance::Quote 1.29 2014-04-12 14:40:03 +02:00
Cillian de Róiste
6c1ac8159b oxygen_gtk: update from 1.4.4 to 1.4.5 2014-04-12 11:59:03 +02:00
Cillian de Róiste
02e693c400 synthv1: update from 0.4.0 to 0.4.1 2014-04-12 11:58:29 +02:00
Cillian de Róiste
440a174e2d samplv1: update from 0.4.0 to 0.4.1 2014-04-12 11:58:13 +02:00
Cillian de Róiste
aee930586f drumkv1: update from 0.4.0 to 0.4.1 2014-04-12 11:57:43 +02:00
Vladimír Čunát
83cb0354e9 clang_34: make it evaluate to 3.4 even on Darwin 2014-04-12 09:46:37 +02:00
Austin Seipp
172dc1336f nixos: add grsecurity module (#1875)
This module implements a significant refactoring in grsecurity
configuration for NixOS, making it far more usable by default and much
easier to configure.

 - New security.grsecurity NixOS attributes.
   - All grsec kernels supported
   - Allows default 'auto' grsec configuration, or custom config
   - Supports custom kernel options through kernelExtraConfig
   - Defaults to high-security - user must choose kernel, server/desktop
     mode, and any virtualisation software. That's all.
   - kptr_restrict is fixed under grsecurity (it's unwriteable)
 - grsecurity patch creation is now significantly abstracted
   - only need revision, version, and SHA1
   - kernel version requirements are asserted for sanity
   - built kernels can have the uname specify the exact grsec version
     for development or bug reports. Off by default (requires
     `security.grsecurity.config.verboseVersion = true;`)
 - grsecurity sysctl support
   - By default, disabled.
   - For people who enable it, NixOS deploys a 'grsec-lock' systemd
     service which runs at startup. You are expected to configure sysctl
     through NixOS like you regularly would, which will occur before the
     service is started. As a result, changing sysctl settings requires
     a reboot.
 - New default group: 'grsecurity'
   - Root is a member by default
   - GRKERNSEC_PROC_GID is implicitly set to the 'grsecurity' GID,
     making it possible to easily add users to this group for /proc
     access
 - AppArmor is now automatically enabled where it wasn't before, despite
   implying features.apparmor = true

The most trivial example of enabling grsecurity in your kernel is by
specifying:

    security.grsecurity.enable          = true;
    security.grsecurity.testing         = true;      # testing 3.13 kernel
    security.grsecurity.config.system   = "desktop"; # or "server"

This specifies absolutely no virtualisation support. In general, you
probably at least want KVM host support, which is a little more work.
So:

    security.grsecurity.enable = true;
    security.grsecurity.stable = true; # enable stable 3.2 kernel
    security.grsecurity.config = {
      system   = "server";
      priority = "security";
      virtualisationConfig   = "host";
      virtualisationSoftware = "kvm";
      hardwareVirtualisation = true;
    }

This module has primarily been tested on Hetzner EX40 & VQ7 servers
using NixOps.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-11 22:43:51 -05:00
Austin Seipp
cf24cf1184 capstone: attempt to fix Linux build, remove Darwin build
The Darwin build seems fixable but I can't test right now.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-11 21:41:14 -05:00