Commit Graph

55 Commits

Author SHA1 Message Date
Derek Kulinski
80b396fa20
salt: 3004.1 - bugfixes (#172129) 2022-05-12 18:32:16 +02:00
7c6f434c
8188f10752
Merge pull request #166430 from alyssais/openssl-static-retry
treewide: use lib.getLib for OpenSSL libraries
2022-04-02 12:59:55 +00:00
Alyssa Ross
fd78240ac8
treewide: use lib.getLib for OpenSSL libraries
At some point, I'd like to make another attempt at
71f1f4884b ("openssl: stop static binaries referencing libs"), which
was reverted in 195c7da07d.  One problem with my previous attempt is
that I moved OpenSSL's libraries to a lib output, but many dependent
packages were hardcoding the out output as the location of the
libraries.  This patch fixes every such case I could find in the tree.
It won't have any effect immediately, but will mean these packages
will automatically use an OpenSSL lib output if it is reintroduced in
future.

This patch should cause very few rebuilds, because it shouldn't make
any change at all to most packages I'm touching.  The few rebuilds
that are introduced come from when I've changed a package builder not
to use variable names like openssl.out in scripts / substitution
patterns, which would be confusing since they don't hardcode the
output any more.

I started by making the following global replacements:

    ${pkgs.openssl.out}/lib -> ${lib.getLib pkgs.openssl}/lib
    ${openssl.out}/lib -> ${lib.getLib openssl}/lib

Then I removed the ".out" suffix when part of the argument to
lib.makeLibraryPath, since that function uses lib.getLib internally.

Then I fixed up cases where openssl was part of the -L flag to the
compiler/linker, since that unambigously is referring to libraries.

Then I manually investigated and fixed the following packages:

 - pycurl
 - citrix-workspace
 - ppp
 - wraith
 - unbound
 - gambit
 - acl2

I'm reasonably confindent in my fixes for all of them.

For acl2, since the openssl library paths are manually provided above
anyway, I don't think openssl is required separately as a build input
at all.  Removing it doesn't make a difference to the output size, the
file list, or the closure.

I've tested evaluation with the OfBorg meta checks, to protect against
introducing evaluation failures.
2022-03-30 15:10:00 +00:00
Flakebi
3657f4033b
salt: 3004 -> 3004.1 2022-03-28 22:03:28 +02:00
Duncan Mac-Vicar P
7efd6c8260
Fix loading of libcrypto when using salt-ssh
When using salt-ssh, Salt would copy itself to the target machine. The libcrypto loading patch included in Nix hardcodes the location, but does not provide any fallback for the target machine, making salt-ssh unusable from a nix environment, which is ironically, one of the coolest use-cases of nix: a self contained git repo with a Saltfile and a shell.nix with dependencies.
2022-01-05 00:50:31 +01:00
Flakebi
235c562c9e
salt: 3003.3 -> 3004 2021-10-23 11:08:19 +02:00
Flakebi
4ad4ae68c4
salt: 3003.2 -> 3003.3 2021-09-03 20:31:14 +02:00
Flakebi
da3e650494
salt: 3003.1 -> 3003.2 2021-08-19 18:28:05 +02:00
Sandro Jäckel
4209fed914
pythonPackages: deprecate pytestcov alias 2021-07-21 13:32:17 +02:00
Flakebi
c0b46c6b59
salt: 3003 -> 3003.1
Need to patch out the contextvars dependency (which is included in
python 3.7+).
The same patch is discussed in arch:
https://bugs.archlinux.org/task/71344
2021-06-25 20:49:39 +02:00
Sandro Jäckel
89d5f4b3d0
treewide: setuptools_scm -> setuptools-scm 2021-06-03 12:44:33 +02:00
Flakebi
3267661fad
salt: 3002.6 -> 3003 2021-04-02 14:32:37 +02:00
Flakebi
2ce3eff490
salt: 3002.5 -> 3002.6 2021-03-23 19:38:14 +01:00
viq
3f8f80375b
salt: update meta (#116557)
Salt rebranded itself from https://saltstack.com to https://saltproject.io - reflect the changes in the URLs
2021-03-17 20:38:16 +01:00
Martin Weinelt
3389b87674
salt: 3002.2 -> 3002.5
https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/

Fixes: CVE-2021-3197, CVE-2021-25281, CVE-2021-25282, CVE-2021-25283,
CVE-2021-25284, CVE-2021-3148, CVE-2020-35662, CVE-2021-3144,
CVE-2020-28972, CVE-2020-28243
2021-02-26 12:57:37 +01:00
Flakebi
edc784b9d5
salt: 3002.1 -> 3002.2 2020-11-21 21:44:17 +01:00
Martin Weinelt
a6540325f4
salt: 3002 -> 3002.1
Fixes: CVE-2020-16846, CVE-2020-17490, CVE-2020-25592
2020-11-03 19:04:53 +01:00
Flakebi
a0d8dd8320
salt: 3001.1 -> 3002 2020-10-23 19:48:48 +02:00
Flakebi
e0ea4826f4
salt: remove aneeshusa and add Flakebi as maintainer 2020-10-23 19:48:48 +02:00
Frederik Rietdijk
58fd044ad0 pepper: use latest tornado, mark as broken
Missing dependency.
2020-08-29 14:33:52 +02:00
Frederik Rietdijk
c23c59594e salt: use latest tornado 2020-08-29 14:33:52 +02:00
Flakebi
a06d4357a1
salt: 3001 -> 3001.1 2020-08-09 23:37:02 +02:00
Flakebi
00e3f026f3
salt: 3000.3 -> 3001 2020-06-18 21:38:54 +02:00
Flakebi
a2f79c3834
salt: 3000.2 -> 3000.3 2020-05-13 23:45:02 +02:00
Flakebi
435713eac2
salt: 2019.2.0 -> 3000.2 2020-04-29 22:13:24 +02:00
Michael Reilly
84cf00f980
treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
Maximilian Bosch
839c0ea7a5
treewide: *Inputs are flat lists 2019-12-31 01:10:02 +01:00
Will Dietz
5f20227855 pepper: python2Packages -> pythonPackages (python3 should work) 2019-04-17 14:09:16 -05:00
Will Dietz
8b185aa31b pepper: 0.5.5 -> 0.7.5 2019-04-17 14:08:45 -05:00
R. RyanTM
f78863170a salt: 2018.3.2 -> 2019.2.0
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/salt/versions
2019-04-02 18:12:03 -07:00
Maximilian Bode
2438ceb5b4 salt: fix darwin build by specifying dependency on tornado 4
/cc ZHF #45961
2018-09-15 10:09:36 +02:00
Robert Schütz
4bbaf453b4 salt: 2018.3.0 -> 2018.3.2 2018-07-08 16:35:01 +02:00
Aneesh Agrawal
f6f03202be salt: be Python version agnostic
As of Salt 2017.7 (Salt Nitrogen), Salt supports Python 3.
Release notes: https://docs.saltstack.com/en/develop/topics/releases/2017.7.0.html#python-3
2018-06-13 23:39:32 -07:00
R. RyanTM
899bb98166 salt: 2017.7.4 -> 2018.3.0
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.

This update was made based on information from https://repology.org/metapackage/salt/versions.

These checks were done:

- built on NixOS
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/.salt-proxy-wrapped -h’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/.salt-proxy-wrapped --help’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/salt-proxy -h’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/salt-proxy --help’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/.salt-run-wrapped -h’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/.salt-run-wrapped --help’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/salt-run -h’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/salt-run --help’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/.salt-minion-wrapped -h’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/.salt-minion-wrapped --help’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/salt-minion -h’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/salt-minion --help’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/.salt-master-wrapped -h’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/.salt-master-wrapped --help’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/salt-master -h’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/salt-master --help’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/.salt-key-wrapped -h’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/.salt-key-wrapped --help’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/.salt-key-wrapped help’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/salt-key -h’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/salt-key --help’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/salt-key help’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/.salt-call-wrapped -h’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/.salt-call-wrapped --help’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/salt-call -h’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/salt-call --help’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/.salt-api-wrapped -h’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/.salt-api-wrapped --help’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/salt-api -h’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/salt-api --help’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/.salt-cp-wrapped -h’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/.salt-cp-wrapped --help’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/salt-cp -h’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/salt-cp --help’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/.salt-syndic-wrapped -h’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/.salt-syndic-wrapped --help’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/salt-syndic -h’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/salt-syndic --help’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/.salt-ssh-wrapped -h’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/.salt-ssh-wrapped --help’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/salt-ssh -h’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/salt-ssh --help’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/.salt-wrapped -h’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/.salt-wrapped --help’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/salt -h’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/salt --help’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/.salt-cloud-wrapped -h’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/.salt-cloud-wrapped --help’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/salt-cloud -h’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/salt-cloud --help’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/.spm-wrapped -h’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/.spm-wrapped --help’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/spm -h’ got 0 exit code
- ran ‘/nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0/bin/spm --help’ got 0 exit code
- found 2018.3.0 with grep in /nix/store/gr9dzi64rs3pyxhxqzac3wkjqzkcrpmd-salt-2018.3.0
- directory tree listing: https://gist.github.com/e33aa60ebbbc7b62d8ac84faff16ce6d
2018-05-12 14:50:15 +02:00
Josef Kemetmüller
b2e9f0fd37 salt: Fix build
We use tornado-4.x until https://github.com/saltstack/salt/issues/45790
is resolved.
2018-05-03 01:02:21 +02:00
Robert Schütz
d72710880c
Merge pull request #35891 from aneeshusa/fix-salt-msgpack-dependency
salt: 2017.7.2 -> 2017.7.4, fix msgpack dependency
2018-04-15 08:08:14 +02:00
Aneesh Agrawal
e797e00913 salt: 2017.7.2 -> 2017.7.4
Release notes: https://docs.saltstack.com/en/2017.7/topics/releases/2017.7.4.html
2018-03-03 23:52:10 -08:00
Pierre Radermecker
9b29c0647d Update salt-pepper from 0.5.0 to 0.5.5 2018-03-03 17:33:45 +01:00
Aneesh Agrawal
ee8495c4c2 salt: fix msgpack dependency 2018-02-27 10:08:20 -08:00
Aneesh Agrawal
98d5aa05cb salt: 2017.7.1 -> 2017.7.2 2017-10-13 13:07:30 +02:00
danbst
a5b8c0c2de salt: 2016.11.5 -> 2017.7.1, patch fix
The libcrypto patch didn't work well with `salt-ssh` (that code failed on
remote machines), so let's make Nix-based library lookup as fallback.

https://github.com/saltstack/salt/issues/43350
2017-09-05 15:54:16 +03:00
Aneesh Agrawal
c392d1f9c9 salt: 2016.11.4 -> 2016.11.5 2017-05-19 05:05:14 -04:00
Aneesh Agrawal
779ae06467 Add salt master module (#25632)
* salt: 2016.11.2 -> 2016.11.4

* salt: Add master NixOS module
2017-05-09 18:20:35 +01:00
Pierre Radermecker
de363e8706 pepper: add 'pierrer' as a maintainer 2017-03-09 10:44:39 +01:00
Jörg Thalheim
83fa5738d5 pepper: disable tests 2017-03-09 08:05:13 +01:00
Pierre Radermecker
ee4e630648 salt-pepper: init at 0.5.0 2017-03-09 00:18:07 +01:00
Graham Christensen
379144f54b
salt: 2016.3.3 -> 2016.11.2 for multiple CVEs
From the Arch Linux advisory:

- CVE-2017-5192 (arbitrary code execution): The
  `LocalClient.cmd_batch()` method client does not accept
  `external_auth` credentials and so access to it from salt-api has
  been removed for now. This vulnerability allows code execution for
  already- authenticated users and is only in effect when running
  salt-api as the `root` user.

- CVE-2017-5200 (arbitrary command execution): Salt-api allows
  arbitrary command execution on a salt-master via Salt's ssh_client.
  Users of Salt-API and salt-ssh could execute a command on the salt
  master via a hole when both systems were enabled.
2017-02-08 21:24:10 -05:00
Robin Gloster
c8982c015c
salt: fix patch after upstream code change
fixes #20458
2016-12-23 12:29:35 +01:00
Aneesh Agrawal
1d9a98cae0 salt: use Python 2 2016-10-18 23:14:36 +02:00
Aneesh Agrawal
7b7d8ddbca salttesting: remove unused package
It was added as a dependency of Salt, which no longer depends on it.
2016-09-27 13:34:22 -04:00