The web_access.patch would no longer apply.
It disabled a check that required the static files
for the web UI to be owned by the user the daemon runs as
(not root, so it doesn't work well with nix).
Besides updating netdata, this commit removes that patch,
changes the netdata service config to set the "web files owner/group"
option to "root" and adds a test that checks that the web UI is being served.
This allows the web files to be owned by root without patching.
I *want* cross-specific overrides to be verbose, so I rather not have
this shorthand. This makes the syntactic overhead more proportional to
the maintainence cost. Hopefully this pushes people towards fewer
conditionals and more abstractions.
Since the switch to using python3Packages in commit
72934aa94e, the plugins no longer build
because they end up with a mix of Python 2 and Python 3 packages.
The reason for this is that the Beets package itself uses callPackage to
reference the plugins, however the overrides are not applied there and
thus the plugins end up getting pythonPackages from the top-level which
is Python 2 and beets with Python 3 dependencies.
Unfortunately this is not the only reason for the builds to fail,
because both plugins did not actually support Python 3.
For the copyartifacts plugin, the fix is rather easy because we only
need to advance to two more recent commits from upstream, which already
contain fixes for Python 3.
The alternatives plugin on the other hand is not maintained anymore, but
there is a fork at https://github.com/wisp3rwind/beets-alternatives
which has a bunch of fixes. In 2e4aded366
I already backported one of these fixes to the version from
https://github.com/geigerzaehler/beets-alternatives, but for Python 3
support it's a bit more complicated than just one little fix.
So instead of adding another series of patches which replicate the code
base of the fork and become a maintenance burden, I opted to directly
switch to the fork and remove the patch on our side.
Signed-off-by: aszlig <aszlig@nix.build>
Cc: @domenkozar, @pjones, @Profpatsch
`ocserv` is a VPN server which follows the openconnect protocol
(https://github.com/openconnect/protocol). The packaging is slightly
inspired by the AUR version
(https://aur.archlinux.org/packages/ocserv/).
This patch initializes the package written in C, the man pages and a
module for a simple systemd unit to run the VPN server. The package
supports the following authentication methods for the server:
* `plain` (mostly username/password)
* `pam`
The third method (`radius`) is currently not supported since `nixpkgs`
misses a packaged client.
The module can be used like this:
``` nix
{
services.ocserv = {
enable = true;
config = ''
...
'';
};
}
```
The option `services.ocserv.config` is required on purpose to
ensure that nobody just enables the service and experiences unexpected
side-effects on the system. For a full reference, please refer to the
man pages, the online docs or the example value.
The docs recommend to simply use `nobody` as user, so no extra user has
been added to the internal user list. Instead a configuration like
this can be used:
```
run-as-user = nobody
run-as-group = nogroup
```
/cc @tenten8401
Fixes#42594
coreutils is part of stdenv, which doesn't allow openssl currently.
It's unclear that adding openssl to stdenv was intended,
but if it was it was not discussed or mentioned.
To unbreak "all the things", reverting until this
has been discussed and a proper fix has been put together.
This reverts commit df9f76c62d, reversing
changes made to 585ded7329.
Unlike on linux these are not namespaced per user so this will cause
build failures if /tmp/nix-test was not removed by a previous build if
the nixbld user id doesn't match by accident. Nix already creates a
unique tempdir for builds so we can use that instead.
Fixes#44172
* The ELK stack is upgraded to 6.3.2.
* `elasticsearch6`, `logstash6` and `kibana6` now come with X-Pack which is
a suite of additional features. These are however licensed under the unfree
"Elastic License".
* Fortunately they also provide OSS versions which are now packaged
under: `elasticsearch6-oss`, `logstash6-oss` and `kibana6-oss`.
Note that the naming of the attributes is consistent with upstream.
* The test `nix-build nixos/tests/elk.nix -A ELK-6` will test the OSS
version by default. You can also run the test on the unfree ELK using:
`NIXPKGS_ALLOW_UNFREE=1 nix-build nixos/tests/elk.nix -A ELK-6 --arg enableUnfree true`
The fzf vim plugin wasn't working because it was making a symlink to a
directory with the full source code. This directory isn't present
anymore since the commit e95f17e272 wich
removes it because it isn't so useful for the go packages.
I fixed it by manually copying the plugin/ directory into the out
derivation, which is the only part of the source that contains the vim
plugin.
* substitute(): --subst-var was silently coercing to "" if the variable does not exist.
* libffi: simplify using `checkInputs`
* pythonPackges.hypothesis, pythonPackages.pytest: simpify dependency cycle fix
* utillinux: 2.32 -> 2.32.1
https://lkml.org/lkml/2018/7/16/532
* busybox: 1.29.0 -> 1.29.1
* bind: 9.12.1-P2 -> 9.12.2
https://ftp.isc.org/isc/bind9/9.12.2/RELEASE-NOTES-bind-9.12.2.html
* curl: 7.60.0 -> 7.61.0
* gvfs: make tests run, but disable
* ilmbase: disable tests on i686. Spooky!
* mdds: fix tests
* git: disable checks as tests are run in installcheck
* ruby: disable tests
* libcommuni: disable checks as tests are run in installcheck
* librdf: make tests run, but disable
* neon, neon_0_29: make tests run, but disable
* pciutils: 3.6.0 -> 3.6.1
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools. This update was made based on information from https://repology.org/metapackage/pciutils/versions.
* mesa: more include fixes
mostly from void-linux (thanks!)
* npth: 1.5 -> 1.6
minor bump
* boost167: Add lockfree next_prior patch
* stdenv: cleanup darwin bootstrapping
Also gets rid of the full python and some of it's dependencies in the
stdenv build closure.
* Revert "pciutils: use standardized equivalent for canonicalize_file_name"
This reverts commit f8db20fb3a.
Patching should no longer be needed with 3.6.1.
* binutils-wrapper: Try to avoid adding unnecessary -L flags
(cherry picked from commit f3758258b8895508475caf83e92bfb236a27ceb9)
Signed-off-by: Domen Kožar <domen@dev.si>
* libffi: don't check on darwin
libffi usages in stdenv broken darwin. We need to disable doCheck for that case.
* "rm $out/share/icons/hicolor/icon-theme.cache" -> hicolor-icon-theme setup-hook
* python.pkgs.pytest: setupHook to prevent creation of .pytest-cache folder, fixes#40273
When `py.test` was run with a folder as argument, it would not only
search for tests in that folder, but also create a .pytest-cache folder.
Not only is this state we don't want, but it was also causing
collisions.
* parity-ui: fix after merge
* python.pkgs.pytest-flake8: disable test, fix build
* Revert "meson: 0.46.1 -> 0.47.0"
With meson 0.47.0 (or 0.47.1, or git)
things are very wrong re:rpath handling
resulting in at best missing libs but
even corrupt binaries :(.
When we run patchelf it masks the problem
by removing obviously busted paths.
Which is probably why this wasn't noticed immediately.
Unfortunately the binary already
has a long series of paths scribbled
in a space intended for a much smaller string;
in my testing it was something like
lengths were 67 with 300+ written to it.
I think we've reported the relevant issues upstream,
but unfortunately it appears our patches
are what introduces the overwrite/corruption
(by no longer being correct in what they assume)
This doesn't look so bad to fix but it's
not something I can spend more time on
at the moment.
--
Interestingly the overwritten string data
(because it is scribbled past the bounds)
remains in the binary and is why we're suddenly
seeing unexpected references in various builds
-- notably this is is the reason we're
seeing the "extra-utils" breakage
that entirely crippled NixOS on master
(and probably on staging before?).
Fixes#43650.
This reverts commit 305ac4dade.
(cherry picked from commit 273d68eff8f7b6cd4ebed3718e5078a0f43cb55d)
Signed-off-by: Domen Kožar <domen@dev.si>
Since years I'm not maintaining anything of the list below other
than some updates when I needed them for some reason. Other people
is doing that maintenance on my behalf so I better take me out but
for very few packages. Finally!
The updated version brings selective whitelisting, i.e. when some CVEs
of a package are whitelisted and others are not, only the new CVEs are
reported.
Also correct license to match upstream BSD-3-Clause and clean up source.
This makes the command ‘nix-env -qa -f. --arg config '{skipAliases =
true;}'’ work in Nixpkgs.
Misc...
- qtikz: use libsForQt5.callPackage
This ensures we get the right poppler.
- rewrites:
docbook5_xsl -> docbook_xsl_ns
docbook_xml_xslt -> docbook_xsl
diffpdf: fixup
Latest bugfix release with the following notable changes:
* Memory leak resolve for dispatcher
(06d4865445)
* Fix include path on status.h
(5bd4984f2a)
Additionally the patch had to be rebased onto the 3.2.9 branch as it
added XCode support including some CLang flags (namely `-fno-limit-debug-info`)
which are unsupported on GCC.
(see bccc28dd98)
> whois (5.3.2) unstable; urgency=medium
>
> * Added the .ge TLD server.
> * Updated the charset for whois.nic.cl. (Closes: #900047)
> * Updated the list of new gTLDs.
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.
This update was made based on information from https://repology.org/metapackage/hdf/versions.
These checks were done:
- built on NixOS
- /nix/store/f243368z016v0mwcx99gs6zc49nxyg55-hdf-4.2.14-bin/bin/hdfls passed the binary check.
- /nix/store/f243368z016v0mwcx99gs6zc49nxyg55-hdf-4.2.14-bin/bin/hdfed passed the binary check.
- Warning: no invocation of /nix/store/f243368z016v0mwcx99gs6zc49nxyg55-hdf-4.2.14-bin/bin/gif2hdf had a zero exit code or showed the expected version
- Warning: no invocation of /nix/store/f243368z016v0mwcx99gs6zc49nxyg55-hdf-4.2.14-bin/bin/hdf2gif had a zero exit code or showed the expected version
- Warning: no invocation of /nix/store/f243368z016v0mwcx99gs6zc49nxyg55-hdf-4.2.14-bin/bin/hdf2jpeg had a zero exit code or showed the expected version
- Warning: no invocation of /nix/store/f243368z016v0mwcx99gs6zc49nxyg55-hdf-4.2.14-bin/bin/hdf24to8 had a zero exit code or showed the expected version
- Warning: no invocation of /nix/store/f243368z016v0mwcx99gs6zc49nxyg55-hdf-4.2.14-bin/bin/hdf8to24 had a zero exit code or showed the expected version
- Warning: no invocation of /nix/store/f243368z016v0mwcx99gs6zc49nxyg55-hdf-4.2.14-bin/bin/hdfcomp had a zero exit code or showed the expected version
- Warning: no invocation of /nix/store/f243368z016v0mwcx99gs6zc49nxyg55-hdf-4.2.14-bin/bin/hdfpack had a zero exit code or showed the expected version
- Warning: no invocation of /nix/store/f243368z016v0mwcx99gs6zc49nxyg55-hdf-4.2.14-bin/bin/hdftopal had a zero exit code or showed the expected version
- Warning: no invocation of /nix/store/f243368z016v0mwcx99gs6zc49nxyg55-hdf-4.2.14-bin/bin/hdftor8 had a zero exit code or showed the expected version
- Warning: no invocation of /nix/store/f243368z016v0mwcx99gs6zc49nxyg55-hdf-4.2.14-bin/bin/hdfunpac had a zero exit code or showed the expected version
- Warning: no invocation of /nix/store/f243368z016v0mwcx99gs6zc49nxyg55-hdf-4.2.14-bin/bin/jpeg2hdf had a zero exit code or showed the expected version
- Warning: no invocation of /nix/store/f243368z016v0mwcx99gs6zc49nxyg55-hdf-4.2.14-bin/bin/paltohdf had a zero exit code or showed the expected version
- Warning: no invocation of /nix/store/f243368z016v0mwcx99gs6zc49nxyg55-hdf-4.2.14-bin/bin/r8tohdf had a zero exit code or showed the expected version
- Warning: no invocation of /nix/store/f243368z016v0mwcx99gs6zc49nxyg55-hdf-4.2.14-bin/bin/ristosds had a zero exit code or showed the expected version
- /nix/store/f243368z016v0mwcx99gs6zc49nxyg55-hdf-4.2.14-bin/bin/vmake passed the binary check.
- /nix/store/f243368z016v0mwcx99gs6zc49nxyg55-hdf-4.2.14-bin/bin/vshow passed the binary check.
- /nix/store/f243368z016v0mwcx99gs6zc49nxyg55-hdf-4.2.14-bin/bin/hdp passed the binary check.
- /nix/store/f243368z016v0mwcx99gs6zc49nxyg55-hdf-4.2.14-bin/bin/hdfimport passed the binary check.
- /nix/store/f243368z016v0mwcx99gs6zc49nxyg55-hdf-4.2.14-bin/bin/hdiff passed the binary check.
- /nix/store/f243368z016v0mwcx99gs6zc49nxyg55-hdf-4.2.14-bin/bin/hrepack passed the binary check.
- /nix/store/f243368z016v0mwcx99gs6zc49nxyg55-hdf-4.2.14-bin/bin/hrepack_check passed the binary check.
- /nix/store/f243368z016v0mwcx99gs6zc49nxyg55-hdf-4.2.14-bin/bin/ncgen passed the binary check.
- /nix/store/f243368z016v0mwcx99gs6zc49nxyg55-hdf-4.2.14-bin/bin/ncdump passed the binary check.
- 11 of 25 passed binary check by having a zero exit code.
- 0 of 25 passed binary check by having the new version present in output.
- found 4.2.14 with grep in /nix/store/f243368z016v0mwcx99gs6zc49nxyg55-hdf-4.2.14-bin
- directory tree listing: https://gist.github.com/c7f58f2da962d8b753b08b12178766f7
- du listing: https://gist.github.com/7d3dcd67602a8e6ffc864f5f43080c1d