Commit Graph

6544 Commits

Author SHA1 Message Date
Phil
4f2935390e nixos/usbguard: create package and module (#28363)
* nixos/usbguard: create package and module

No usbguard module or package existed for NixOS previously. USBGuard
will protect you from BadUSB attacks. (assuming configuration is done
correctly)

* nixos/usbguard: remove extra packages

Users can override this by themselves.

* nixos/usbguard: add maintainer and fix style
2017-08-25 23:35:18 +01:00
Jörg Thalheim
7182b71489 ffado: 2.2.1 -> 2.3.0 2017-08-25 21:43:31 +01:00
John Ericson
3964990a3f Merge pull request #28519 from obsidiansystems/linux-headers-improve
linux-headers: Improve derivation, removing cross arg
2017-08-24 11:35:04 -04:00
John Ericson
791ce593ce linux-headers: Improve derivation, removing cross arg
- Perl is used at build time, so must be in `nativeBuildInputs`. It's
   not used at run time so it should not be in `buildInputs`, too.

 - Don't treat headers like a compiler---use the build and host
   platforms not host and target. Perhaps that would make sense if every
   library's headers could be a separate derivation, but since that is
   not feasible, best to keep the implementation and interface in the
   same stage.

   To do this, we used `stdenvNoCC` to get rid of the normal toolchain,
   and added a dependency for the toolchain targeting the build platform
   --- `buildPackages.stdenv.cc` --- thus everything is effectively slid
   a stage black.
2017-08-24 11:31:56 -04:00
Peter Hoeg
2724f65392 dbus-broker: use the proper license 2017-08-23 23:51:00 +08:00
Peter Hoeg
9f2ef9c25b dbus-broker: init at 3 2017-08-23 22:50:26 +08:00
Matthew Justin Bauer
2eacddf0dc treewide: homepage URL fixes (#28475)
* pgadmin: use https homepage

* msn-pecan: move homepage to github

google code is now unavailable

* pidgin-latex: use https for homepage

* pidgin-opensteamworks: use github for homepage

google code is unavailable

* putty: use https for homepage

* ponylang: use https for homepage

* picolisp: use https for homepage

* phonon: use https for homepage

* pugixml: use https for homepage

* pioneer: use https for homepage

* packer: use https for homepage

* pokerth: usee https for homepage

* procps-ng: use https for homepage

* pycaml: use https for homepage

* proot: move homepage to .github.io

* pius: use https for homepage

* pdfread: use https for homepage

* postgresql: use https for homepage

* ponysay: move homepage to new site

* prometheus: use https for homepage

* powerdns: use https for homepage

* pm-utils: use https for homepage

* patchelf: move homepage to https

* tesseract: move homepage to github

* quodlibet: move homepage from google code

* jbrout: move homepage from google code

* eiskaltdcpp: move homepage to github

* nodejs: use https to homepage

* nix: use https for homepage

* pdf2djvu: move homepage from google code

* game-music-emu: move homepage from google code

* vacuum: move homepae from google code
2017-08-22 20:50:04 +02:00
Tim Steinbach
cd85a704a5
linux: 4.13-rc4 -> 4.13-rc6 2017-08-22 03:23:30 -04:00
Gabriel Ebner
0c36f8569f Merge pull request #28420 from canndrew/intel-microcode
microcode-intel: 2017-05-11 -> 2017-07-07
2017-08-21 14:09:38 +02:00
Tim Steinbach
746979e0fc
busybox: 1.27.1 -> 1.27.2 2017-08-21 03:11:00 -04:00
Frederik Rietdijk
6bbc3a0b24 Merge commit '3b29468313bc8604fe8f85c8d9316fd276d3985c' into HEAD 2017-08-21 04:44:40 +02:00
Vladimír Čunát
7c7c83e233
buildLinux: allow overriding stdenv on each call 2017-08-20 08:24:52 +02:00
Andrew Cann
c19d06b70b microcode-intel: 2017-05-11 -> 2017-07-07 2017-08-20 13:33:01 +08:00
Tim Steinbach
7209ed6d4b
linux-copperhead: 4.12.7.a -> 4.12.8.a 2017-08-18 15:47:03 -04:00
Tim Steinbach
9281b05c7f
linux: 4.12.7 -> 4.12.8 2017-08-18 15:33:53 -04:00
Tim Steinbach
a5f01aa745
linux: 4.9.43 -> 4.9.44 2017-08-18 15:30:37 -04:00
Matthew Bauer
ed180d21ea acpitool: use sourceforge.net for project page
old url was broken
2017-08-17 15:04:40 -07:00
Frederik Rietdijk
8f2ea38f8f Merge remote-tracking branch 'upstream/master' into HEAD 2017-08-17 18:34:17 +02:00
Rickard Nilsson
5f8a45c136 shadow: 4.4 -> 4.5
Fixes CVE-2017-12424
2017-08-17 13:23:56 +02:00
Will Dietz
c20d41de0e Revert "busybox: downgrade 1.27.1 -> 1.26.2"
This reverts commit 9c3702ad35.
2017-08-14 22:40:11 +03:00
Tim Steinbach
b94210b066
linux-copperhead: 4.12.5.a -> 4.12.7.a 2017-08-14 12:51:30 -04:00
Frederik Rietdijk
62dac1bdd9 Merge remote-tracking branch 'upstream/master' into HEAD 2017-08-14 09:34:10 +02:00
Franz Pletz
eb9f427d4e
zfs: use multiple outputs
Some dev headers are especially large.
2017-08-14 07:57:31 +02:00
Frederik Rietdijk
13bbaee21d Merge pull request #27881 from mimadrid/fix/http-https
Update homepage attributes: http -> https
2017-08-13 21:53:20 +02:00
Tim Steinbach
5c29873e99
linux: 4.9.42 -> 4.9.43 2017-08-13 15:42:15 -04:00
Tim Steinbach
59e34685da
linux: 4.12.6 -> 4.12.7 2017-08-13 15:42:15 -04:00
Vladimír Čunát
9c3702ad35
busybox: downgrade 1.27.1 -> 1.26.2
... to fix our bootstrap tools until we find what exactly is wrong.
This effectively reverts 06a513ee05 and 50831d543d.
Discussion thread: #27746.
2017-08-13 21:38:39 +02:00
Vladimír Čunát
34946256a0
Merge #27424: stdenv: Don't put man pages into $doc 2017-08-13 19:32:51 +02:00
Frederik Rietdijk
2a8cd14d5f Merge remote-tracking branch 'upstream/master' into HEAD 2017-08-13 09:50:47 +02:00
Jörg Thalheim
317786c689 zfs: 0.7.0 -> 0.7.1 2017-08-12 19:38:10 +01:00
Jörg Thalheim
758421c0ab spl: 0.7.0 -> 0.7.1 2017-08-12 19:38:10 +01:00
Jörg Thalheim
5839cefb33 Merge pull request #28203 from danielfullmer/rtl8812-fix
rtl8812au driver fixes
2017-08-12 19:31:17 +01:00
Jörg Thalheim
e888cfb130 Merge pull request #27983 from hhomar/openelec-dvb-firmware
openelec-dvb-firmware: init at 0.0.51
2017-08-12 19:17:49 +01:00
Robin Gloster
89ad46d9b4
sysdig: fix build with current curl 2017-08-12 18:38:36 +02:00
Robin Gloster
4502e61c5d
audit: 2.7.6 -> 2.7.7 2017-08-12 18:13:53 +02:00
Vladimír Čunát
e207d1f04a
Merge older staging
There's a security fix for curl.
2017-08-12 09:48:17 +02:00
Daniel Fullmer
c08ceb1df8 rtl8812au: Fixes for newer linux kernels
This includes the patches from the pull requests #42, #43, and #46
submitted to Grawp/rtl8812au_rtl8821au
2017-08-11 23:47:07 -04:00
Daniel Fullmer
afa9031062 rtl8812au: Fix comment typo
The commit 5d693c84d2 cleaned up the
substitute() function in stdenv and caused this line to
fail.
2017-08-11 23:31:12 -04:00
Jörg Thalheim
6c1528c48d Merge pull request #28169 from zx2c4/patch-6
wireguard: 0.0.20170726 -> 0.0.20170810
2017-08-11 22:30:29 +01:00
Joachim Fasting
345e0e6794
hardened-config: enable read-only LSM hooks
Implies that SELinux can no longer be disabled at runtime (only at boot
time, via selinux=0).

See https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=dd0859dccbe291cf8179a96390f5c0e45cb9af1d
2017-08-11 23:27:58 +02:00
Jason A. Donenfeld
decbc7d50e wireguard: 0.0.20170726 -> 0.0.20170810 2017-08-11 21:04:17 +02:00
Tuomas Tynkkynen
1ff422aa23 treewide: Add man & info outputs where necessary (instead of doc)
Because man & info pages won't be going to $doc after the next commit.
Scripted change for the files having one-package-per-file.
2017-08-11 21:32:54 +03:00
Lancelot SIX
e34ce9d1c5 gnupg: 2.1.22 -> 2.1.23
This release in a RC for gnupg-2.2. The main difference as far as
nixpkgs is concerned is that the binary `gpg2` is now called `gpg` and
`gpgv2` is called `gpgv`.

This update fixed all explicit use of `gpg2` and `gpgv2` across nixpkgs,
but there might be some packaged software that internally use `gpg2`
not handeled by this commit.

See http://lists.gnu.org/archive/html/info-gnu/2017-08/msg00001.html
for full release information
2017-08-11 19:24:06 +02:00
Robin Gloster
897eec7d79
linuxHeaders_2_{4,6}: remove 2017-08-11 19:13:09 +02:00
Robin Gloster
05b8cae9ec
linux: remove unused kernel patches 2017-08-11 19:13:09 +02:00
Robin Gloster
9f3f575ab3
linux_4_4: remove
Support ends in Feb 2018
2017-08-11 19:13:09 +02:00
Robin Gloster
0eb9c5bd42
linux_3_10: remove
Support ends in Oct 2017
2017-08-11 19:13:08 +02:00
Tim Steinbach
47d9b48e4d
linux: 4.12.5 -> 4.12.6 2017-08-11 12:14:53 -04:00
Tim Steinbach
f2d420e4c9
linux: 4.9.41 -> 4.9.42 2017-08-11 12:10:10 -04:00
Robin Gloster
28cc2642f0
treewide: use less phases if not necessary
This removes some skipping of e.g. fixupPhase and cleans up occurences
where this led to duplicating code
2017-08-11 11:40:36 +02:00
Tim Steinbach
f40f4f5440 Merge pull request #28120 from NeQuissimus/plymouth_0_9_3
plymouth: 0.9.2 -> 0.9.3
2017-08-10 21:05:29 -04:00
Jörg Thalheim
637cea679d Merge pull request #28109 from womfoo/bump/mbpfan-2.0.1
mbpfan: 1.9.1 -> 2.0.1
2017-08-10 21:22:18 +01:00
Tim Steinbach
ecd4c58d0a
plymouth: 0.9.2 -> 0.9.3 2017-08-10 16:21:24 -04:00
Kranium Gikos Mendoza
151fab911e mbpfan: 1.9.1 -> 2.0.1
removed patch for lsmod/grep as they are no longer used (dgraziotin/mbpfan@5f2da79)
2017-08-11 01:52:04 +10:00
Robin Gloster
60418e9196
edac-utils: fix makeWrapper call 2017-08-10 03:44:03 +02:00
Robin Gloster
46a25ea7ea
linuxPackages.bcc: fix using wrapProgram on .c file 2017-08-09 19:45:05 +02:00
Kranium Gikos Mendoza
725089bb2d powerstat: 0.02.11 -> 0.02.12 2017-08-08 23:46:01 +10:00
Kranium Gikos Mendoza
c943cf7c26 forkstat: 0.01.17 -> 0.02.00 2017-08-08 23:44:25 +10:00
Tim Steinbach
f46f98ad31
Revert 0cf0d7186a
Order common kernel config by functionality
See #27949
2017-08-07 17:34:10 -04:00
Tim Steinbach
fa10497834 Merge pull request #27684 from gnidorah/bfq
linux: BFQ Group Scheduling support
2017-08-07 11:58:45 -04:00
Tim Steinbach
06af1df857
linux: 4.13-rc3 -> 4.13-rc4 2017-08-07 11:40:01 -04:00
Tim Steinbach
ea2a10e143
linux: 4.4.79 -> 4.4.80 2017-08-07 11:35:42 -04:00
Tim Steinbach
4825e4818b
linux: 4.9.40 -> 4.9.41 2017-08-07 11:32:26 -04:00
gnidorah
dc21f1ad65 linux: BFQ Group Scheduling support 2017-08-07 10:12:21 +03:00
Tim Steinbach
1ec7242bc2
linux-copperhead: 4.12.4.a -> 4.12.5.a 2017-08-06 22:04:46 -04:00
Tim Steinbach
ff9479cd54
linux: 4.12.4 -> 4.12.5 2017-08-06 19:22:15 -04:00
Tim Steinbach
0cf0d7186a
linux-common-config: Refactor, clean up 2017-08-06 19:17:30 -04:00
Joachim Fasting
f963014829
linux-hardened-config: various fixups
Note
- the kernel config parser ignores "# foo is unset" comments so they
  have no effect; disabling kernel modules would break *everything* and so
  is ill-suited for a general-purpose kernel anyway --- the hardened nixos
  profile provides a more flexible solution
- removed some overlap with the common config (SECCOMP is *required* by systemd;
  YAMA is enabled by default).
- MODIFY_LDT_SYSCALL is guarded by EXPERT on vanilla so setting it to y breaks
  the build; fix by making it optional
- restored some original comments which I feel are clearer
2017-08-06 23:38:07 +02:00
Heitham Omar
5ac00265a8 linux-common-config: add CONFIG_HOTPLUG_PCI_ACPI 2017-08-06 20:41:28 +02:00
Heitham Omar
d3107e4508 openelec-dvb-firmware: init at 0.0.51 2017-08-06 16:29:09 +01:00
Tim Steinbach
ff10bafd00
linux: Expand hardened config
Based on latest recommendations at
http://kernsec.org/wiki/index.php/Kernel_Self_Protection_Project/Recommended_Settings
2017-08-06 09:58:02 -04:00
Robin Gloster
2b4811887a
kernel: add IP_NF_TARGET_REDIRECT 2017-08-04 08:26:09 +02:00
Jörg Thalheim
3ab208e108 Merge pull request #27924 from carlsverre/wpa_supplicant_bgscan
Enable BGSCAN for wpa_supplicant
2017-08-04 05:51:26 +01:00
Carl Sverre
6b62b566a1 wpa_supplicant: Enable BGSCAN module
Compile wpa_supplicant with the BGSCAN module enabled. This allows the
user to configure an SSID to use the bgscan module.  This module causes
wpa_supplicant to periodically perform a background scan for additional
access points and switch to the one with the highest signal.  This scan
can be kicked off when the current connection drops below a target
threshold signal strength.
2017-08-03 21:37:24 -07:00
Robin Gloster
dc13376ee2
wvdial: remove 2017-08-04 02:24:07 +02:00
mimadrid
09e0cc7cc7
Update homepage attributes: http -> https
Homepage link "http://.../" is a permanent redirect to "https://.../" and should be updated
https://repology.org/repository/nix_stable/problems
2017-08-03 11:56:15 +02:00
Silvan Mosberger
f5fa5fa4d6 pkgs: refactor needless quoting of homepage meta attribute (#27809)
* pkgs: refactor needless quoting of homepage meta attribute

A lot of packages are needlessly quoting the homepage meta attribute
(about 1400, 22%), this commit refactors all of those instances.

* pkgs: Fixing some links that were wrongfully unquoted in the previous
commit

* Fixed some instances
2017-08-01 22:03:30 +02:00
Franz Pletz
4afb3f4ade
ipsecTools: add patch to fix CVE-2016-10396 2017-08-01 10:26:19 +02:00
Franz Pletz
1a4ce79a0d
pam_ldap: 183 -> 186 2017-08-01 08:36:35 +02:00
Franz Pletz
e5e556f19a
irqbalance: 1.1.0 -> 1.2.0 2017-08-01 08:36:33 +02:00
Franz Pletz
9719e43494
jool: 3.5.3 -> 3.5.4 2017-08-01 06:15:59 +02:00
Tuomas Tynkkynen
3db9a2bdff linux_rpi: 1.20170427 -> 1.20170515 2017-07-31 19:47:23 +03:00
Tuomas Tynkkynen
8523ab5e8d raspberrypifw: 1.20170427 -> 1.20170515 2017-07-31 19:47:23 +03:00
Franz Pletz
ee8df19a25
batman-adv: 2017.1 -> 2017.2 2017-07-31 12:23:14 +02:00
aszlig
979817d153
linux-testing: 4.13-rc2 -> 4.13-rc3
Tested via building the linux_testing attribute, but didn't test it at
runtime (yet).

Diffed unpacked tarball against my local git clone and the contents
match.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-07-31 09:39:42 +02:00
Robin Gloster
a974ee0188
tcp_wrappers: fix weird use of STRINGS in the Makefile 2017-07-30 14:03:31 +02:00
Frederik Rietdijk
20b8e4b4cf Merge remote-tracking branch 'upstream/master' into HEAD 2017-07-30 08:09:11 +02:00
Nikolay Amiantov
69e24c044a kbd: fix build 2017-07-30 01:33:26 +03:00
Nikolay Amiantov
373a623daa Revert "Revert "kbd: 2.0.3 -> 2.0.4""
This reverts commit 00bf3a9dca.
2017-07-30 01:21:44 +03:00
Tim Steinbach
06a513ee05 busybox: 1.27.0 -> 1.27.1 2017-07-29 23:15:40 +02:00
Thomas Tuegel
cdb18068cd
zfs: fix invalid use of substituteInPlace
substituteInPlace was invoked with multiple targets on the command line, which
is not supported.

(cherry picked from commit b21defaf51)

Re-applied due to bad merge in b116fa5ff2.
2017-07-29 20:59:08 +02:00
Franz Pletz
65f9631b87
linuxPackages.acpi_call: add patch for 4.12 compat 2017-07-29 18:28:00 +02:00
Aristid Breitkreuz
9d4d963097 wireguard: 0.0.20170706 -> 0.0.20170726 2017-07-29 17:28:18 +02:00
Frederik Rietdijk
b2608b8910 Merge remote-tracking branch 'upstream/master' into HEAD 2017-07-29 13:08:11 +02:00
Tim Steinbach
a918521c1e
linux-copperhead: 4.12.3.a -> 4.12.4.a 2017-07-28 17:54:37 -04:00
Frederik Rietdijk
55357de67a Merge remote-tracking branch 'upstream/master' into HEAD 2017-07-28 19:37:36 +02:00
Frederik Rietdijk
00bf3a9dca Revert "kbd: 2.0.3 -> 2.0.4"
This reverts commit fd43b50877.

```
substitute(): ERROR: Invalid command line argument: /nix/store/8f42syfzv3cpw3jjq96sdzvnclivi783-kbd-2.0.4/bin/unicode_stop
```

@rnhmjoj please check
2017-07-28 16:11:10 +02:00
Franz Pletz
b116fa5ff2
Merge branch 'master' into staging 2017-07-28 16:08:30 +02:00
Tim Steinbach
5a6b5b8daf
linux: 4.4.78 -> 4.4.79 2017-07-28 10:02:29 -04:00
Tim Steinbach
88c0f67ded
linux: 4.9.39 -> 4.9.40 2017-07-28 10:00:25 -04:00