Tim Steinbach
fca0b3602d
linux-copperhead: 4.12.b -> 4.12.c
2017-07-09 18:16:58 -04:00
Tim Steinbach
50831d543d
busybox: 1.26.2 -> 1.27.0
2017-07-08 13:41:27 -04:00
Tim Steinbach
da8bd6df67
Merge pull request #27161 from NeQuissimus/kernel_config_cleanup
...
linux: Clean up kernel config warnings
2017-07-07 09:00:52 -04:00
gnidorah
ff348f4b6d
linux: Enable more I/O schedulers
2017-07-07 11:43:48 +03:00
0xABAB
b89a5b2210
nfs-utils: Replace reference to /bin/true
2017-07-06 20:43:22 +02:00
Tim Steinbach
968e0b2baf
linux-copperhead: 4.11.8.a -> 4.12.b
2017-07-06 11:42:27 -04:00
Tim Steinbach
3ec2a2f476
linux: Clean up kernel config warnings
2017-07-05 20:09:14 -04:00
Franz Pletz
e1b29dd6d6
firmwareLinuxNonfree: 2017-04-16 -> 2017-07-05
...
Fixes #27129 .
2017-07-05 19:00:19 +02:00
Tim Steinbach
a04afd1594
linux: 4.4.75 -> 4.4.76
2017-07-05 12:54:56 -04:00
Tim Steinbach
05bd289ff8
linux: 4.9.35 -> 4.9.36
2017-07-05 12:52:05 -04:00
Tim Steinbach
00f0f7e9f6
linux: 4.11.8 -> 4.11.9
2017-07-05 12:49:56 -04:00
Vladimír Čunát
49250054d2
Merge #27153 : atop: don't chmod u+s
2017-07-05 17:31:16 +02:00
Vladimír Čunát
5328aac7be
Merge branch 'staging'
...
Comparison looks OK; I'll try some fixes on master directly.
http://hydra.nixos.org/eval/1372577?compare=1372497
2017-07-05 08:55:26 +02:00
Tim Steinbach
cd1f998289
Revert "linux-copperhead: 4.11.8.a -> 4.12.a"
...
This reverts commit cb703f1314
.
2017-07-04 20:56:02 -04:00
Jörg Thalheim
0518ec00b5
zfs: update kernel versions constraint for linux 4.12
2017-07-04 17:15:48 +01:00
Tuomas Tynkkynen
a4cf83c9b7
psmisc: 23.0 -> 23.1
2017-07-04 17:30:02 +03:00
Tuomas Tynkkynen
06c61f8cc2
iw: 4.3 -> 4.9
2017-07-04 17:30:02 +03:00
Tim Steinbach
cb703f1314
linux-copperhead: 4.11.8.a -> 4.12.a
2017-07-03 21:03:58 -04:00
Ricardo M. Correia
4e025437d7
atop: don't chmod u+s, otherwise Nix build fails
2017-07-03 21:15:36 +02:00
Tim Steinbach
f130e0027e
linux: Add 4.12
2017-07-03 11:57:40 -04:00
Vladimír Čunát
d1a89ae9d7
Merge branch 'master' into staging
2017-07-03 09:48:58 +02:00
es_github
5d989f4d93
kmod-debian-aliases: Fix source tarball URL.
...
The original URL for this package was pointed at a location that wasn't
longterm-stable, and has by now been removed by Debian.
This commit fixes the URL to point at a debian snapshot entry, which should
stick around for the long run.
Hash is unchanged, so this is safe.
2017-07-03 02:50:24 +01:00
Joachim F
8604630d92
Merge pull request #26939 from dtzWill/fix/perms-fallout-misc-2
...
Fixup various setuid/setgid permission problems, part 2
2017-06-30 18:30:02 +01:00
Vladimír Čunát
ddf864f8aa
Merge branch 'master' into staging
...
Mass rebuilds from master (>7k on x86_64-linux).
2017-06-30 18:16:58 +02:00
John Ericson
95c8277701
misc pkgs: Remove unneeded *Platform == *Platform comparisons
...
PR #26007 used these to avoid causing a mass rebuild. Now that we know
things work, we do that to clean up.
2017-06-30 10:09:31 -04:00
Jörg Thalheim
79ecfb515f
Merge pull request #26972 from zx2c4/patch-5
...
wireguard: 0.0.20170613 -> 0.0.20170629
2017-06-30 08:40:40 +01:00
Tim Steinbach
3130f3ed0a
linux-copperhead: 4.11.7.a -> 4.11.8.a
...
Fixes #26790 by properly including built modules
2017-06-29 23:16:52 -04:00
Jason A. Donenfeld
9ffccc77d9
wireguard: 0.0.20170613 -> 0.0.20170629
...
Simple version bump.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-06-29 22:27:52 +02:00
Tim Steinbach
37bc494949
linux: 4.11.7 -> 4.11.8
2017-06-29 08:29:04 -04:00
Tim Steinbach
d1aff8d2e5
linux: 4.9.34 -> 4.9.35
...
Also, remove XSA-216 patches, the fixes are now integrated upstream
2017-06-29 08:26:25 -04:00
Tim Steinbach
6b35f22e28
linux: 4.4.74 -> 4.4.75
2017-06-29 08:20:06 -04:00
John Ericson
16be434b0b
Merge accepted cross compilation PRs into staging
2017-06-28 23:17:21 -04:00
Tim Steinbach
4cc729644e
Merge pull request #26867 from michalpalka/xen-security-2017.06-new
...
xen: patch for XSAs: 216, 217, 218, 219, 220, 221, 222, and 224
2017-06-28 22:43:46 -04:00
John Ericson
e1faeb574a
Merge pull request #26884 from obsidiansystems/purge-stdenv-cross
...
Purge stdenv cross
2017-06-28 21:39:16 -04:00
hsloan
14d3ed8c38
sysvinit: Rely on cc-wrapper to export this env var
2017-06-28 21:29:07 -04:00
hsloan
a291194d2f
shadow: Don't use stdenv ? cross
2017-06-28 21:28:34 -04:00
hsloan
b8ed3c65bb
propcps: Rely on cc-wrapper to export this env var
2017-06-28 21:24:25 -04:00
hsloan
66e22e1229
mingetty: Rely on cc-wrapper to export this env var
2017-06-28 21:24:24 -04:00
hsloan
5d83d36389
mdadm: Don't use stdenv.cross
2017-06-28 21:24:24 -04:00
hsloan
a210b08d18
klibc: Don't use crossAttrs
2017-06-28 21:24:12 -04:00
hsloan
16781a3892
kernel perf: Don't use stdenv.cross
2017-06-28 20:23:09 -04:00
hsloan
1e3b45cfdb
kernel manual-config: Don't use stdenv.cross
2017-06-28 20:23:09 -04:00
hsloan
459d07d41c
kernel generic: Don't use stdenv.cross
2017-06-28 20:22:59 -04:00
hsloan
c5b4b6c911
kernel-headers: Don't use stdenv.cross
2017-06-28 19:44:04 -04:00
Will Dietz
707145a955
firejail: don't try to set setuid bit
2017-06-28 14:31:47 -05:00
Will Dietz
09d85c49c4
kbdlight: Fix installation permissions
...
Looks like NixOS creates a security wrapper for this already, FWIW.
2017-06-28 14:31:45 -05:00
Eelco Dolstra
32e492251b
systemd: Apply fix for CVE-2017-9445
2017-06-28 14:08:05 +02:00
Trevor Joynson
068341b1c7
iptstate: init at 2.2.6 ( #26878 )
...
* Add iptstate package
* iptstate: nit pick
2017-06-27 18:27:13 +01:00
Tim Steinbach
d2e199ca3c
linux: 4.4.73 -> 4.4.74
2017-06-27 08:14:47 -04:00
Tim Steinbach
c90a4b8541
linux: 4.12-rc6 -> 4.12-rc7
2017-06-26 09:58:37 -04:00
David McFarland
a08024bcb0
procps-ng: allow cygwin
2017-06-26 09:33:09 -03:00
Franz Pletz
b788956239
libcgroup: do not set suid bit in nix store
2017-06-26 09:13:34 +02:00
Michał Pałka
80e0cda7ff
xen: patch for XSAs: 216, 217, 218, 219, 220, 221, 222, and 224
...
XSA-216 Issue Description:
> The block interface response structure has some discontiguous fields.
> Certain backends populate the structure fields of an otherwise
> uninitialized instance of this structure on their stacks, leaking
> data through the (internal or trailing) padding field.
More: https://xenbits.xen.org/xsa/advisory-216.html
XSA-217 Issue Description:
> Domains controlling other domains are permitted to map pages owned by
> the domain being controlled. If the controlling domain unmaps such a
> page without flushing the TLB, and if soon after the domain being
> controlled transfers this page to another PV domain (via
> GNTTABOP_transfer or, indirectly, XENMEM_exchange), and that third
> domain uses the page as a page table, the controlling domain will have
> write access to a live page table until the applicable TLB entry is
> flushed or evicted. Note that the domain being controlled is
> necessarily HVM, while the controlling domain is PV.
More: https://xenbits.xen.org/xsa/advisory-217.html
XSA-218 Issue Description:
> We have discovered two bugs in the code unmapping grant references.
>
> * When a grant had been mapped twice by a backend domain, and then
> unmapped by two concurrent unmap calls, the frontend may be informed
> that the page had no further mappings when the first call completed rather
> than when the second call completed.
>
> * A race triggerable by an unprivileged guest could cause a grant
> maptrack entry for grants to be "freed" twice. The ultimate effect of
> this would be for maptrack entries for a single domain to be re-used.
More: https://xenbits.xen.org/xsa/advisory-218.html
XSA-219 Issue Description:
> When using shadow paging, writes to guest pagetables must be trapped and
> emulated, so the shadows can be suitably adjusted as well.
>
> When emulating the write, Xen maps the guests pagetable(s) to make the final
> adjustment and leave the guest's view of its state consistent.
>
> However, when mapping the frame, Xen drops the page reference before
> performing the write. This is a race window where the underlying frame can
> change ownership.
>
> One possible attack scenario is for the frame to change ownership and to be
> inserted into a PV guest's pagetables. At that point, the emulated write will
> be an unaudited modification to the PV pagetables whose value is under guest
> control.
More: https://xenbits.xen.org/xsa/advisory-219.html
XSA-220 Issue Description:
> Memory Protection Extensions (MPX) and Protection Key (PKU) are features in
> newer processors, whose state is intended to be per-thread and context
> switched along with all other XSAVE state.
>
> Xen's vCPU context switch code would save and restore the state only
> if the guest had set the relevant XSTATE enable bits. However,
> surprisingly, the use of these features is not dependent (PKU) or may
> not be dependent (MPX) on having the relevant XSTATE bits enabled.
>
> VMs which use MPX or PKU, and context switch the state manually rather
> than via XSAVE, will have the state leak between vCPUs (possibly,
> between vCPUs in different guests). This in turn corrupts state in
> the destination vCPU, and hence may lead to weakened protections
>
> Experimentally, MPX appears not to make any interaction with BND*
> state if BNDCFGS.EN is set but XCR0.BND{CSR,REGS} are clear. However,
> the SDM is not clear in this case; therefore MPX is included in this
> advisory as a precaution.
More: https://xenbits.xen.org/xsa/advisory-220.html
XSA-221 Issue Description:
> When polling event channels, in general arbitrary port numbers can be
> specified. Specifically, there is no requirement that a polled event
> channel ports has ever been created. When the code was generalised
> from an earlier implementation, introducing some intermediate
> pointers, a check should have been made that these intermediate
> pointers are non-NULL. However, that check was omitted.
More: https://xenbits.xen.org/xsa/advisory-221.html
XSA-222 Issue Description:
> Certain actions require removing pages from a guest's P2M
> (Physical-to-Machine) mapping. When large pages are in use to map
> guest pages in the 2nd-stage page tables, such a removal operation may
> incur a memory allocation (to replace a large mapping with individual
> smaller ones). If this allocation fails, these errors are ignored by
> the callers, which would then continue and (for example) free the
> referenced page for reuse. This leaves the guest with a mapping to a
> page it shouldn't have access to.
>
> The allocation involved comes from a separate pool of memory created
> when the domain is created; under normal operating conditions it never
> fails, but a malicious guest may be able to engineer situations where
> this pool is exhausted.
More: https://xenbits.xen.org/xsa/advisory-222.html
XSA-224 Issue Description:
> We have discovered a number of bugs in the code mapping and unmapping
> grant references.
>
> * If a grant is mapped with both the GNTMAP_device_map and
> GNTMAP_host_map flags, but unmapped only with host_map, the device_map
> portion remains but the page reference counts are lowered as though it
> had been removed. This bug can be leveraged cause a page's reference
> counts and type counts to fall to zero while retaining writeable
> mappings to the page.
>
> * Under some specific conditions, if a grant is mapped with both the
> GNTMAP_device_map and GNTMAP_host_map flags, the operation may not
> grab sufficient type counts. When the grant is then unmapped, the
> type count will be erroneously reduced. This bug can be leveraged
> cause a page's reference counts and type counts to fall to zero while
> retaining writeable mappings to the page.
>
> * When a grant reference is given to an MMIO region (as opposed to a
> normal guest page), if the grant is mapped with only the
> GNTMAP_device_map flag set, a mapping is created at host_addr anyway.
> This does *not* cause reference counts to change, but there will be no
> record of this mapping, so it will not be considered when reporting
> whether the grant is still in use.
More: https://xenbits.xen.org/xsa/advisory-224.html
2017-06-26 07:01:24 +00:00
Franz Pletz
639b74e7be
Revert "linux: patch CVE-2017-1000364 (stack clash)"
...
This reverts commit aab71b31d5
.
This was integrated into the stable 4.9 and 4.11 kernels.
2017-06-26 02:23:59 +02:00
Franz Pletz
40a04291c9
Merge branch 'master' into staging
2017-06-26 02:23:38 +02:00
Gabriel Ebner
252e9ec84a
microcodeIntel: 20161104 -> 20170511
2017-06-25 17:41:57 +02:00
Tim Steinbach
03aed4cfcf
linux-copperhead: 4.11.6.d -> 4.11.7.a
2017-06-24 14:50:41 -04:00
Jörg Thalheim
d4f45ae393
Merge pull request #26734 from nh2/statifier-1.7.4
...
statifier: 1.7.3 -> 1.7.4
2017-06-24 18:16:25 +01:00
Tim Steinbach
b06cb59fc1
linux: 4.9.33 -> 4.9.34
2017-06-24 11:22:56 -04:00
Tim Steinbach
3a68f0bb78
linux: 4.11.6 -> 4.11.7
2017-06-24 11:20:32 -04:00
Jörg Thalheim
5e2de6d846
iwd: 2017-04-21 -> 2017-06-02
2017-06-24 10:29:14 +01:00
Jörg Thalheim
a087e5a53a
lttng-modules: 2.9.1 -> 2.9.3
2017-06-24 10:26:19 +01:00
John Ericson
87fab3d6a5
Merge some merged cross-compilation PRs into into staging
2017-06-23 20:24:27 -04:00
John Ericson
afd2bdbad2
Merge pull request #26007 from obsidiansystems/cc-wrapper-prefix
...
Get rid of gcc-cross-wrapper
2017-06-23 11:22:34 -04:00
Tim Steinbach
4e08459f9b
linux-hardened-copperhead: 4.11.6c -> 4.11.6d
2017-06-22 21:12:20 -04:00
John Ericson
05b3c87d9d
busybox: Modernize and fix cross
2017-06-22 17:53:53 -04:00
Franz Pletz
aab71b31d5
linux: patch CVE-2017-1000364 (stack clash)
2017-06-22 00:44:28 +02:00
Franz Pletz
6338c50a84
Merge branch 'master' into staging
2017-06-22 00:41:25 +02:00
Franz Pletz
5389caab83
utillinux: 2.29.2 -> 2.30
2017-06-22 00:38:44 +02:00
Franz Pletz
dd3f2e648a
linux_hardened_copperhead: init at 4.11.6.c
2017-06-21 23:49:00 +02:00
Jörg Thalheim
e89e96a755
linux_4_11: renable CONFIG_UPROBE_EVENTS
...
CONFIG_UPROBE_EVENT was renamed to CONFIG_UPROBE_EVENTS.
2017-06-21 17:16:46 +01:00
Niklas Hambüchen
2fe0cd548c
statifier: 1.7.3 -> 1.7.4
2017-06-21 01:12:38 +02:00
Franz Pletz
f4734e75db
libnl: 3.2.29 -> 3.3.0
2017-06-20 07:03:53 +02:00
Franz Pletz
baf28b60e4
libcap_ng: 0.7.7 -> 0.7.8
2017-06-20 05:57:03 +02:00
Franz Pletz
03d1e8a14e
iproute: 4.9.0 -> 4.11.0
2017-06-20 03:56:43 +02:00
Franz Pletz
726645a94f
tpacpi-bat: 3.0 -> 3.1
2017-06-20 03:56:40 +02:00
Franz Pletz
9da4cb176a
lxcfs: 2017-03-02 -> 2.0.7
2017-06-20 03:45:48 +02:00
Franz Pletz
eb8c14751a
lxc: 2.0.7 -> 2.0.8
2017-06-20 03:45:47 +02:00
Franz Pletz
05cb49625d
powertop: 2.8 -> 2.9
2017-06-20 03:45:45 +02:00
Tim Steinbach
2764961b87
linux: 4.12-rc5 -> 4.12-rc6
2017-06-19 21:21:15 -04:00
Bart Brouns
cb7e49b3df
alsa-utils: 1.1.2 -> 1.1.4
2017-06-19 20:00:29 +02:00
Bart Brouns
285a837674
alsa-tools: 1.1.0 -> 1.1.3
2017-06-19 20:00:29 +02:00
Bart Brouns
886f9057e3
alsa-plugins: 1.1.1 -> 1.1.4
2017-06-19 20:00:29 +02:00
Bart Brouns
1837089670
alsa-lib: 1.1.2 -> 1.1.4.1
2017-06-19 20:00:28 +02:00
Vladimír Čunát
629e9c6dc7
Merge branch 'staging'
...
I don't like to wait for the expat-induced rebuild to happen yet another
time on staging.
2017-06-19 07:29:42 +02:00
Thomas Tuegel
c816bbc8a8
qt5: remove makeQtWrapper
2017-06-18 08:44:42 -05:00
Thomas Tuegel
210f688802
qt5: rename qmakeHook to qmake
2017-06-18 08:41:57 -05:00
Jörg Thalheim
abc374f127
ply: add kernel version constraint
2017-06-18 12:52:02 +01:00
Vladimír Čunát
8702fd35e2
Merge branch 'master' into staging
...
... to get in more fixes of setuid/setgid.
2017-06-18 13:22:23 +02:00
Franz Pletz
bbb9182cbc
linux: 4.9.32 -> 4.9.33
2017-06-17 18:45:29 +02:00
Franz Pletz
a470aa0924
linux: 4.4.72 -> 4.4.73
2017-06-17 18:45:29 +02:00
Franz Pletz
c973a4a887
linux: 4.11.5 -> 4.11.6
2017-06-17 18:45:29 +02:00
Franz Pletz
de74d2015f
kernelPackages.zfs: 0.6.5.9 -> 0.6.5.10
2017-06-17 15:51:39 +02:00
Vladimír Čunát
d88c0cf867
Merge #26628 : treewide: setuid/setgid fallout
2017-06-17 13:23:39 +02:00
Jörg Thalheim
878381fd4d
rewritefs: add remark to patch
2017-06-17 10:45:35 +01:00
Vladimír Čunát
304391b2f2
Merge branch 'master' into staging
...
Another couple thousand rebuilds.
2017-06-17 09:58:34 +02:00
Jörg Thalheim
c4037ee92b
Merge pull request #26583 from mbbx6spp/init-ply-package
...
ply: init at v1-beta1(9e810b1)
2017-06-16 23:21:23 +01:00
Vladimír Čunát
2a76b6ad69
Merge #26540 : utillinux: fix "fstrim --all"
2017-06-16 21:43:26 +02:00
Will Dietz
7270b9b425
rewritefs: Don't attempt to set special bits
2017-06-16 07:22:20 -05:00
Jörg Thalheim
f5d98e8e18
ply: fix build
2017-06-15 21:11:35 +01:00
Tim Steinbach
b4576c5108
linux: 4.11.4 -> 4.11.5
2017-06-15 08:54:55 -04:00
Tim Steinbach
a7efc9f0cd
linux: 4.9.31 -> 4.9.32
2017-06-15 08:53:35 -04:00
Tim Steinbach
07edb44d15
linux: 4.4.71 -> 4.4.72
2017-06-15 08:52:26 -04:00
gnidorah
286c36d737
utillinux: fix "fstrim --all"
2017-06-15 14:05:50 +03:00
Susan Potter
fdef885d97
ply: init at v1-beta1(9e810b1)
2017-06-14 17:41:42 -05:00
Charles Strahan
3b1c4fce4f
psensor: init at 1.2.0
...
psensor is a graphical hardware monitoring application for Linux
2017-06-13 18:51:36 -04:00
Will Dietz
b83609add3
psmisc: 22.21 -> 23.0
...
No longer need fuser patch, fixes musl compat.
2017-06-13 22:05:00 +02:00
Jason A. Donenfeld
9d4bf6b155
wireguard: 0.0.20170531 -> 0.0.20170613
...
Simple version bump. Release notes:
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-06-13 15:55:56 +02:00
Vladimír Čunát
ed070354a9
Merge branch 'staging'
2017-06-13 11:22:56 +02:00
Jörg Thalheim
f866cae200
android-udev-rules: 20170305 -> 20170612
2017-06-13 08:07:04 +01:00
timor
d74f8351a5
kernel: enable audio jack reconfiguration
...
Change kernel config to allow for changing the functions of the audio
jacks at run-time as well as at boot time.
2017-06-13 08:50:34 +03:00
Franz Pletz
b733a34e8e
firmwareLinuxNonfree: 2017-03-11 -> 2017-04-16
2017-06-12 17:44:44 +02:00
Franz Pletz
c34299f592
dmidecode: 3.0 -> 3.1
2017-06-12 17:44:43 +02:00
Eelco Dolstra
63e9d1c51e
perf: Fix perf annotate
...
This command requires objdump, so make sure it can find it.
2017-06-12 13:23:18 +02:00
Tim Steinbach
5fbab5dfb3
linux: 4.12-rc4 -> 4.12-rc5
2017-06-11 21:37:46 -04:00
Tuomas Tynkkynen
fbea1265d5
audit: 2.6.6 -> 2.7.6
2017-06-11 19:46:09 +03:00
Tuomas Tynkkynen
370ace4cf0
kernel: Don't build self-test modules
2017-06-11 19:33:24 +03:00
Jörg Thalheim
fe208a1cc8
Merge pull request #26509 from MP2E/musl_update
...
musl: 1.1.15 -> 1.1.16
2017-06-11 12:59:17 +01:00
Cray Elliott
6bdebf252c
musl: 1.1.15 -> 1.1.16
2017-06-10 15:37:40 -07:00
Vladimír Čunát
cb9f953c92
Merge branch 'master' into staging
...
More larger rebuilds.
2017-06-10 10:07:33 +02:00
Joachim Fasting
b1f0af7ef6
linuxPackages.evdi: specify minimum kernel version, per upstream
...
Upstream says 3.16 is the oldest supported kernel. No versions prior to
3.18 build on Hydra. See e.g., https://hydra.nixos.org/build/53599831 .
2017-06-09 12:54:57 +02:00
Vladimír Čunát
10f9fb63f1
nfs-utils: fixup setuid/setgid build problems, hopefully
2017-06-08 20:43:04 +02:00
Vladimír Čunát
ae6df000d0
Merge branch 'master' into staging
2017-06-07 18:11:27 +02:00
Vladimír Čunát
1aac1fe5dd
util-linux: fixup setuid/setgid build problems
...
... hopefully. Also refactor some nix code a little.
2017-06-07 15:17:40 +02:00
Vladimír Čunát
833bc78dcf
shadow: fixup setuid/setgid build problems, hopefully
2017-06-07 14:21:04 +02:00
Tim Steinbach
c7abd6943e
linux: 4.9.30 -> 4.9.31
2017-06-07 08:09:37 -04:00
Tim Steinbach
01fc1a80b3
linux: 4.4.70 -> 4.4.71
2017-06-07 08:07:53 -04:00
Tim Steinbach
66faa421c9
linux: 4.11.3 -> 4.11.4
2017-06-07 08:05:45 -04:00
Eelco Dolstra
338cdea332
Merge branch 'master2' of https://github.com/gnidorah/nixpkgs into staging
2017-06-07 11:46:17 +02:00
Franz Pletz
f0a4e91612
batman-adv: 2017.0 -> 2017.1
2017-06-06 03:58:11 +02:00
Kier Davis
b81124b4fb
Fix hooks not being called when overriding phases in various packages
...
It's necessary to do this in order to fix ckb's compilation, now that
fixupPhase rejects derivation results containing references to the temporary
build directory. It seems like good practice so I've added it to the
other packages that I maintain.
2017-06-05 19:13:19 +01:00
Joachim F
938742fa0b
Merge pull request #26403 from vberger/drbd-fix
...
drbd: Fix incorrect substitution in derivation
2017-06-05 19:02:20 +01:00
Victor Berger
72b9aad4a2
drbd: Fix incorrect substitution in derivation
...
Prior to this, the build failed as the generated udev rules file
refers to a non-existing file, due to an incorrect substitution.
2017-06-05 16:20:56 +02:00
Tim Steinbach
7c476b98df
linux: 4.12-rc3 -> 4.12-rc4
2017-06-05 10:01:53 -04:00
Peter Hoeg
a0598f9b34
tomb: clean up and use gnupg 2 instead of gnupg 1
2017-06-05 18:02:12 +08:00
Jörg Thalheim
2e08839cbe
sysdig: fix unified cgroup handling
2017-06-05 06:13:58 +01:00
Jörg Thalheim
0886c1b321
wireguard: 0.0.20170517 -> 0.0.20170531
2017-06-03 13:23:02 +01:00
Judson Lester
bafcdbbb67
bcc: 0.2.0 -> 0.3.0 ( #26315 )
2017-06-02 22:23:19 +01:00
georgewhewell
daf674491e
broadcom-sta: add patch for kernel 4.11+
2017-06-02 14:19:04 +01:00
Frederik Rietdijk
8b5dc2d67b
Merge remote-tracking branch 'upstream/master' into HEAD
2017-06-01 10:17:38 +02:00
Nikolay Amiantov
7b41780a0e
linuxPackages.nvidia_x11: move patches to specific versions
2017-05-31 16:52:03 +03:00
Nikolay Amiantov
3b4ef34fa0
Merge pull request #26272 from vcunat/p/nvidia-304
...
nvidia 304 fixes
2017-05-31 16:31:51 +03:00
Vladimír Čunát
0c4b91505e
nvidia_x11_legacy304: apply patches from Debian
...
The drivers would build but probably wouldn't work without them.
See #26250 .
2017-05-31 10:48:54 +02:00
Vladimír Čunát
af58f8de55
nvidia_x11_legacy304: 304.134 -> 304.135
2017-05-31 10:02:56 +02:00
Kranium Gikos Mendoza
153e900b39
smemstat: 0.01.16 -> 0.01.17
2017-05-31 01:01:54 +02:00
Kranium Gikos Mendoza
87a800d494
forkstat: 0.01.16 -> 0.01.17
2017-05-31 01:01:54 +02:00
Kranium Gikos Mendoza
2c53d5dea0
fnotifystat: 0.01.16 -> 0.01.17
2017-05-31 01:01:54 +02:00
Kranium Gikos Mendoza
b5a3630050
eventstat: 0.03.03 -> 03.03.04
2017-05-31 01:01:54 +02:00
Vladimír Čunát
983657087b
Merge branch 'master' into staging
2017-05-30 19:39:59 +02:00
gnidorah
a996fe849f
fstrim: Add service
2017-05-30 16:39:27 +03:00
Jörg Thalheim
dfebb66f65
systemd: v232 -> v233
...
Changelog: https://github.com/systemd/systemd/blob/v233/NEWS
Upgrade was pretty smooth. One notably change is the new hybrid cgroup
mode: https://github.com/systemd/systemd/blob/v233/NEWS#L5 It should
provide better compatibility with docker.
2017-05-30 08:47:09 +01:00
Tim Steinbach
a78af5196c
linux: 4.12-rc2 -> 4.12-rc3
2017-05-29 09:32:52 -04:00
Armijn Hemel
0786bb00d2
cifs-utils: 6.5 -> 6.6
2017-05-26 20:56:48 +02:00
Vladimír Čunát
00672dec8a
Merge older staging
...
This still causes some uncached rebuilds, but master(!) and staging
move too fast forward rebuild-wise, so Hydra might never catch up.
(There are also other occasional problems.)
Therefore I merge at this point where the rebuild isn't that bad.
2017-05-26 15:45:43 +02:00
Tim Steinbach
690a83091b
linux: FS_ENCRYPTION only for >= 4.9 kernels
2017-05-25 18:25:08 -04:00
Tim Steinbach
8f0ca4f44a
linux: 4.4.69 -> 4.4.70
2017-05-25 18:21:54 -04:00
Tim Steinbach
446c57fdb2
linux: 4.9.29 -> 4.9.30
2017-05-25 18:19:16 -04:00
Tim Steinbach
f618a6caa1
linux: 4.11.2 -> 4.11.3
2017-05-25 18:16:57 -04:00
Joachim Fasting
f0c08e3cd4
autofs5: 5.1.2 -> 5.1.3
2017-05-25 23:53:34 +02:00
Eelco Dolstra
8a07319e7f
ixgbevf: 4.0.3 -> 4.1.2
...
This fixes
error: assertion failed at /home/eelco/Dev/nixpkgs-stable/pkgs/os-specific/linux/ixgbevf/default.nix:3:1
(use ‘--show-trace’ to show detailed location information)
deploying a >=4.10 kernel to EC2. (We could probably also drop the
ixgbevf package with recent kernels, since the ixgbevf module included
in the kernel source tree is recent enough according to Amazon's
recommendation.)
2017-05-24 14:51:39 +02:00
Vladimír Čunát
8004e79415
Merge branch 'master' into staging
2017-05-24 03:24:06 +02:00
Robin Gloster
f8b0a25983
acpid: 2.0.27 -> 2.0.28
2017-05-23 02:32:39 +02:00
Arseniy Seroka
c734781158
Merge pull request #25958 from Mic92/iwd
...
iwd: init at unstable-2017-04-21
2017-05-22 20:04:04 +03:00
Tim Steinbach
aa73b7df30
linux: 4.12-rc1 -> 4.12-rc2
2017-05-22 11:40:04 -04:00
Frederik Rietdijk
99cfab07b9
Merge remote-tracking branch 'upstream/master' into HEAD
2017-05-22 09:21:40 +02:00
Joachim Fasting
881385dbcb
linuxPackages.phc-intel: remove use of features.grsecurity
...
I believe this is the final reference to features.grsecurity.
See also e6c65ecb12
2017-05-21 18:08:07 +02:00
Jörg Thalheim
a527a47cd3
iwd: init at unstable-2017-04-21
2017-05-21 11:05:35 +01:00
Tim Steinbach
a42c54057f
linux: 4.11.1 -> 4.11.2
2017-05-20 17:17:35 -04:00
Tim Steinbach
a551ca61b7
linux: 4.9.28 -> 4.9.29
2017-05-20 17:17:34 -04:00
Tim Steinbach
82852ac60e
linux: 4.4.68 -> 4.4.69
2017-05-20 17:17:33 -04:00
Tuomas Tynkkynen
de263072b5
kernel: 4.10 is end-of-life
...
https://lkml.org/lkml/2017/5/20/75
2017-05-20 19:54:18 +03:00
Jörg Thalheim
0b21bd9dbd
Merge pull request #25748 from armijnhemel/hwdata
...
hwdata: 0.291 -> 0.300
2017-05-20 17:40:31 +01:00
Vladimír Čunát
5aa530f2a8
Merge branch 'master' into staging
...
A few thousand rebuilds from master.
2017-05-19 08:57:59 +02:00
Nikolay Amiantov
030862f63c
linuxPackages.evdi: init at 1.4.1
2017-05-19 02:53:09 +03:00
Nikolay Amiantov
e17744067a
displaylink: 1.1.62 -> 1.3.52
2017-05-19 02:51:45 +03:00
Joachim Fasting
77ed860114
linux_hardened: enable checks on scatter-gather tables
...
Recommended by kspp
2017-05-18 12:33:42 +02:00
Vladimír Čunát
e9aeb55f3b
Merge branch 'master' into staging
2017-05-18 11:24:18 +02:00
Jörg Thalheim
64acaa1e2d
Merge pull request #25646 from zx2c4/wg-psk-change
...
wireguard: 0.0.20170421 -> 0.0.20170517
2017-05-17 23:58:51 +01:00
Jason A. Donenfeld
ef018d8955
wireguard: 0.0.20170421 - 0.0.20170517
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-17 20:25:06 +02:00
Tim Steinbach
8eb302d6d7
Merge pull request #25792 from NeQuissimus/linux_4_12_rc1
...
linux-testing: 4.11-rc7 -> 4.12-rc1
2017-05-17 08:30:10 -04:00
Vladimír Čunát
515414ed32
Merge branch 'master' into staging
2017-05-16 18:32:43 +02:00
Vladimír Čunát
65ede052fa
treewide: fixup packages with RPATH problems
2017-05-16 18:30:58 +02:00
Tuomas Tynkkynen
a35ec5dda6
linux_rpi: 1.20170303 -> 1.20170427
2017-05-15 11:14:59 +03:00
Tuomas Tynkkynen
f2e2dde681
raspberrypifw: 1.20170303 -> 1.20170427
2017-05-15 11:14:59 +03:00
Tim Steinbach
336b044dcb
linux-testing: 4.11-rc7 -> 4.12-rc1
2017-05-14 22:03:14 -04:00
Tuomas Tynkkynen
ba585648e7
kernel: 4.9.27 -> 4.9.28
2017-05-15 01:28:01 +03:00
Tuomas Tynkkynen
8de08ff145
kernel: 4.4.67 -> 4.4.68
2017-05-15 01:27:50 +03:00
Tuomas Tynkkynen
c230aee121
kernel: 4.11 -> 4.11.1
2017-05-15 01:27:41 +03:00
Tuomas Tynkkynen
2f1e6c8686
kernel: 4.10.15 -> 4.10.16
2017-05-15 01:27:30 +03:00
Tuomas Tynkkynen
eacfdc38f4
cryptsetup: 1.7.3 -> 1.7.5
2017-05-14 22:37:06 +03:00
Joachim Fasting
e6c65ecb12
tree-wide: remove uses of features.grsecurity
2017-05-14 15:08:51 +02:00
Tuomas Tynkkynen
d22b1d0ba1
hdparm: 9.51 -> 9.52
2017-05-14 13:47:29 +03:00
Armijn Hemel
6b9996f523
hwdata: 0.291 -> 0.300
...
webpage change, since fedorahosted is being shut down
2017-05-12 23:28:36 +02:00
Cray Elliott
4f51a1ef32
nvidia-x11: add dbus as a dependency to settings
...
for the latest beta release, the nvidia-settings binary will not compile
without dbus/dbus.h
2017-05-12 01:30:28 -07:00
Vladimír Čunát
165a6548ad
nvidia_x11_legacy340: fix patch URL to fix #25721
...
Using fixed-commit URLs and fetchpatch is just more robust.
2017-05-12 10:13:26 +02:00
Cray Elliott
11b8cfb506
nvidia_x11_beta: 378.13 -> 381.22
...
also remove nvidia 4.10 kernel patch as it is no longer needed
2017-05-11 17:53:19 -07:00
Linus Heckemann
89ce83688c
nvidia-x11: fix linux 4.10 patch URL
2017-05-11 17:29:57 -07:00
Linus Heckemann
995d41c091
nvidia stable: 375.39 -> 375.66
2017-05-11 17:29:57 -07:00
Tim Steinbach
8584a16922
linux: 4.10.14 -> 4.10.15
2017-05-09 08:43:37 -04:00
Jörg Thalheim
2e2a5af81f
sysdig: 0.15.0 -> 0.16.0
2017-05-09 09:21:44 +01:00
Joachim Fasting
996b65cfba
linux_hardened: enable structleak plugin
...
A port of the PaX structleak plugin. Note that this version of structleak
seems to cover less ground than the PaX original (only marked structs are
zeroed). [1]
[1]: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c61f13eaa1ee17728c41370100d2d45c254ce76f
2017-05-09 01:38:26 +02:00
Joachim Fasting
1816e2b960
linux_hardened: BUG on struct validation failure
2017-05-09 01:38:24 +02:00
Joachim Fasting
a7ecdffc28
linux_hardened: move to 4.11
...
Note that DEBUG_RODATA has been split into STRICT_KERNEL_RWX &
STRICT_MODULE_RWX, which are on by default (non-optional).
2017-05-09 01:38:22 +02:00
Joachim Fasting
42c58cd2e8
linux_hardened: compile with stackprotector-strong
...
Default is regular, which we need to unset for kconfig to accept the new
value.
2017-05-09 01:38:21 +02:00
Eelco Dolstra
e2700861fb
shadow: Fix hash
2017-05-08 16:56:05 +02:00
Tim Steinbach
8c74ff6534
linux: 4.9.26 -> 4.9.27
2017-05-08 09:26:26 -04:00
Tim Steinbach
4e2c67ff76
linux: 4.4.66 -> 4.4.67
2017-05-08 09:23:52 -04:00
Eelco Dolstra
7f6abddcd7
shadow: Fix using default shell in useradd
...
This caused "useradd xyzzy" to produce a user with no shell:
xyzzy❌ 1002💯 :/home/xyzzy:
https://github.com/shadow-maint/shadow/pull/33
2017-05-08 15:10:50 +02:00
Jörg Thalheim
192f8e7699
broadcom-bt-firmware: revert to unfree
...
license was misinterpreted, it is now only conditionally in the all
firmware list included, if `allowUnfree` is set.
fixes #25567
2017-05-08 09:18:11 +01:00
Joachim F
5250d3ec3d
Merge pull request #25561 from joachifm/linux-gcc-plugins
...
linux: support using gcc plugins
2017-05-07 12:31:32 +01:00
Jörg Thalheim
cc75ccbf64
broadcom-bt-firmware: change license to redistributal
...
see also: https://github.com/winterheart/broadcom-bt-firmware/blob/master/LICENSE.broadcom_bcm20702
fixes #25567
2017-05-07 07:33:41 +01:00
Joachim Fasting
a04d8532c2
linux: support using gcc plugins
...
linux 4.8 onwards support gcc plugins. This patch adds build inputs
required to make use of gcc plugins to the generic kernel build
environment.
2017-05-06 19:47:27 +02:00
Jörg Thalheim
7765e5971c
kernelPackages.zfsUnstable: 0.7.0-rc3 -> 0.7.0-rc4
2017-05-06 07:40:42 +01:00
Jörg Thalheim
4ea961ccc3
kernelPackages.splUnstable: 0.7.0-rc3 -> 0.7.0-rc4
2017-05-06 07:40:28 +01:00
Jörg Thalheim
3156ef2dfd
Merge pull request #25478 from zraexy/zraexy-broadcom-bt-firmware
...
broadcom-bt-firmware: init at 12.0.1.1011
2017-05-04 22:33:06 +01:00
Jörg Thalheim
d072ef956d
broadcom-bt-firmware: mention package limitations
2017-05-04 22:32:55 +01:00
Tim Steinbach
2a38ecc055
linux: 4.10.13 -> 4.10.14
2017-05-03 20:46:48 -04:00
Tim Steinbach
6076843be3
linux: 4.9.25 -> 4.9.26
2017-05-03 20:44:09 -04:00
Tim Steinbach
af933bc7d3
linux: 4.4.65 -> 4.4.66
2017-05-03 20:41:46 -04:00
zraexy
d900478e3c
broadcom-bt-firmware: init at 12.0.1.1011
...
broadcom-bt-firmware: init at 12.0.1.1011
2017-05-03 12:51:32 -08:00
zraexy
7845163d6a
bt-fw-converter: init at 2017-02-19
2017-05-03 12:51:24 -08:00
Cray Elliott
cebce78be9
mwprocapture: fix compile on linux 4.11
2017-05-03 00:11:22 -07:00
Victor Calvert
3d27a84a1c
tomb: 2.2 -> 2.4 ( #25465 )
2017-05-03 00:32:51 +01:00
Jörg Thalheim
7be7902990
zfsUnstable: mark as incompatible with 4.11 (since rc3)
2017-05-02 18:15:53 +02:00
Tim Steinbach
b5169fd277
linux: Add cgroups patches for 4.9, 4.10, 4.11
2017-05-02 08:49:39 -04:00
Vladimír Čunát
d7501b986a
luajit: 2.1.0-beta2 -> 2.1.0-beta3
...
The removal of `luaL_reg` alias caused lots of breakage.
Only sysdig and knot-resolver needed (also) other changes.
2017-05-02 14:00:45 +02:00
Shea Levy
207a0af06a
Add linux 4.11
2017-05-01 19:04:45 -04:00
Jörg Thalheim
95f6bece88
wpa_supplicant: upgrade to qt5
...
also inkscape removal patch, as it introduced a bug: #25320
fixes #25320 #25325
2017-05-01 21:23:22 +02:00
Armijn Hemel
5b0dcf95a0
atop: 2.2-3 -> 2.3.0
2017-05-01 14:45:27 +02:00
Michael Raskin
9c39666613
Merge pull request #25107 from armijnhemel/guvcview
...
guvcview: 2.0.4 -> 2.0.5
2017-05-01 14:15:07 +02:00
Michael Raskin
1cce0887ee
Merge branch 'master' into mptcp-v91.3
2017-05-01 00:43:08 +02:00
michael bishop
70863d5326
ioport: init at 1.2
2017-04-30 18:34:17 -03:00
Michael Raskin
763ed66c24
bluez5: install gatttool; reported by @husnoo
2017-04-30 21:12:37 +02:00
Michael Raskin
929eed352b
Merge pull request #22410 from adnelson/upstart_improvements
...
upstart: wrap binaries and patch hard-coded paths
2017-04-30 18:29:33 +02:00
Tim Steinbach
0c4de3c0c9
linux: 4.4.64 -> 4.4.65
2017-04-30 08:58:44 -04:00
Michael Raskin
b5c3586289
Merge pull request #25333 from zraexy/zraexy-nvidia-x11
...
nvidia-x11: switch download urls to https
2017-04-30 12:23:54 +02:00
Joachim Fasting
ab4fa1cce4
tree-wide: prune some dead grsec leaves
...
The beginning of pruning grsecurity/PaX from the tree.
2017-04-30 12:05:41 +02:00
Joachim Fasting
62f2a1c2be
linux_hardened: init
...
The rationale for this is to have a place to enable hardening features
that are either too invasive or that may be speculative/yet proven to be
worthwhile for general-purpose kernels.
2017-04-30 12:05:39 +02:00
zraexy
563fa2c034
nvidia-x11: switch download urls to https
2017-04-29 13:19:04 -08:00
Jörg Thalheim
6af952fac8
rtkit: fix meta attr
2017-04-29 10:49:12 +02:00
Dan Peebles
90b9719f4f
treewide: fix the remaining issues with meta attributes
2017-04-29 04:24:34 +00:00
Joachim Fasting
32b8512e54
grsecurity: discontinue support
...
Upstream has decided to make -testing patches private, effectively ceasing
free support for grsecurity/PaX [1]. Consequently, we can no longer
responsibly support grsecurity on NixOS.
This patch turns the kernel and patch expressions into build errors and
adds a warning to the manual, but retains most of the infrastructure, in
an effort to make the transition smoother. For 17.09 all of it should
probably be pruned.
[1]: https://grsecurity.net/passing_the_baton.php
2017-04-28 12:35:15 +02:00
Tim Steinbach
7f3b857d0d
linux: 4.4.63 -> 4.4.64
2017-04-27 22:12:35 -04:00
Tim Steinbach
08c44a5cac
linux: 4.10.12 -> 4.10.13
2017-04-27 22:10:06 -04:00
Tim Steinbach
903fec9922
linux: 4.9.24 -> 4.9.25
2017-04-27 22:07:34 -04:00
Kranium Gikos Mendoza
e57bcc7106
facetimehd-firmware: disable aarch64-linux builds
2017-04-26 03:09:24 +03:00
Kranium Gikos Mendoza
88be2f7080
facetimehd: disable aarch64-linux builds
2017-04-26 03:09:24 +03:00
Jörg Thalheim
bd47d04294
Merge pull request #25146 from zx2c4/remove-old-chromiumos
...
linux-chromiumos: remove 3.14
2017-04-25 07:32:51 +02:00
Daniel Peebles
3ae7f249da
Merge pull request #25187 from obsidiansystems/remove-stray-kernel-headers
...
linux-headers: Remove stray linux headers 3.18 nix file
2017-04-24 23:07:58 -04:00
Vladimír Čunát
d965e119f2
Merge #24749 : amdgpu-pro: 16.60 -> 17.10
2017-04-24 21:53:50 +02:00