Commit Graph

1502 Commits

Author SHA1 Message Date
Frederik Rietdijk
1d3bff25db Merge staging-next into staging 2018-11-11 14:28:08 +01:00
Jörg Thalheim
7a86bc32cb
docker-compose: rename from docker_compose, python3 by default
The command is called docker-compose hence the package should be called the same.
Also prefer python3.
2018-11-11 11:16:44 +00:00
Tim Steinbach
68c3e5f38b
docker: Fix binary names 2018-11-10 19:26:12 -05:00
Renaud
16c5a71ea8
Merge pull request #49909 from r-ryantm/auto-update/virt-what
virt-what: 1.18 -> 1.19
2018-11-09 10:07:16 +01:00
R. RyanTM
2d9a8df3df virt-what: 1.18 -> 1.19
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/virt-what/versions
2018-11-08 07:28:44 -08:00
Tim Steinbach
ff2b0316b4
docker: 18.06.1 -> 18.09 2018-11-08 08:40:33 -05:00
Gabriel Ebner
db7e9408a1 virtmanager: 1.5.1 -> 2.0.0 2018-11-07 22:25:09 +01:00
Patrick Hilhorst
9ec40cc3bf
treewide: Fix overrides having wrong versions 2018-11-06 00:06:21 +01:00
Vincent Demeester
a9c0329c08
containerd: 1.1.4 -> 1.2.0
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2018-10-25 15:28:17 +02:00
Jörg Thalheim
84e915a779
cntr: init at 1.2.0 2018-10-25 10:19:41 +01:00
Joachim F
7c436b9cdc
Merge pull request #48472 from joachifm/lkl-bump
lkl: 2018-03-10 -> 2018-08-22
2018-10-16 19:40:46 +00:00
Joachim Fasting
dd1b66e5d4
lkl: 2018-03-10 -> 2018-08-22
Among other things, this brings lkl up to linux 4.16
2018-10-15 19:17:09 +02:00
Yegor Timoshenko
475da25b40
qemu: enable smartcard support 2018-10-12 20:38:55 +00:00
Benjamin Hipple
87a089bacc xen: add license 2018-10-09 21:29:08 -04:00
Ji-Haeng Huh
3115f8dffb tinyemu: init at 2018-09-23 2018-10-06 18:53:10 +00:00
R. RyanTM
75e4fcf267 containerd: 1.1.2 -> 1.1.4 (#47807)
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/containerd/versions
2018-10-05 15:14:50 +02:00
Will Dietz
eb91037e7b tree-wide: patchelf used during build -> nativeBuildInputs
In a few cases it wasn't clear so I left them as-is.

While visiting these moved other things to nativeBuildInputs
when it was clear they were one of these cases:

* makeWrapper
* archive utilities (in order to unpack src)
  * a few of these might no longer be needed but leaving for another day
2018-09-28 11:43:16 -05:00
xeji
4ad424fbd6
qboot: 20150603 -> 20170330, fix build (#47364)
Switch back to original upstream project which is more recent
than the fork we used.
2018-09-25 22:32:46 +02:00
adisbladis
54cbcdf6a9
Merge pull request #46921 from rawtaz/open-vm-tools
open-vm-tools: 10.1.10 -> 10.3.0
2018-09-22 19:17:52 +08:00
Daiderd Jordan
33f818198b
docker-proxy: mark linux only
Unlike docker (cli only) this probably won't work on darwin.

    github.com/docker/libnetwork/networkdb
    can't load package: package github.com/docker/libnetwork/ns: build constraints exclude all Go files in /private/tmp/nix-build-docker-proxy-7b2b1feb1de4817d522cc372af149ff48d25028e.drv-0/go/src/github.com/docker/libnetwork/ns

/cc ZHF #45961
2018-09-20 22:22:53 +02:00
Leo R. Lundgren
bbb30c320e open-vm-tools: 10.1.10 -> 10.3.0 2018-09-20 02:08:45 +02:00
Adam Finn Tulinius
8b8474b1b5
OVMF: update homepage
Tianocore was apparently moved from SourceForge to GitHub.
2018-09-18 13:18:41 +02:00
Linus Heckemann
f11f709c6d win-virtio: 0.1.105-1 -> 0.1.141-1 (#46783) 2018-09-17 16:04:51 +02:00
Will Dietz
8fc2799e02 qemu: port musl patch to new version (#46449) 2018-09-10 08:14:37 +02:00
Markus Kowalewski
8fb523ab7d
containerd: update homepage 2018-09-02 01:46:26 +02:00
John Ericson
2c4a75e9ef
Merge pull request #45820 from obsidiansystems/dont-use-obsolete-platform-aliases
treewide: Dont use obsolete platform aliases
2018-08-31 09:56:10 -04:00
John Ericson
0828e2d8c3 treewide: Remove usage of remaining redundant platform compatability stuff
Want to get this out of here for 18.09, so it can be deprecated
thereafter.
2018-08-30 17:20:32 -04:00
John Ericson
2c2f1e37d4 reewide: Purge all uses stdenv.system and top-level system
It is deprecated and will be removed after 18.09.
2018-08-30 17:20:32 -04:00
Vincent Laporte
8a23558db1
xen_4_10: use OCaml 4.05 2018-08-29 12:49:35 +00:00
Vincent Laporte
6a220840af
xen_4_8: use OCaml 4.05 2018-08-29 12:49:34 +00:00
xeji
b2dc75cd03
Merge pull request #43736 from volth/patch-208
qemu: 2.12.1 -> 3.0.0
2018-08-26 01:28:12 +02:00
Jan Tojnar
7a0dfc93bc
virtviewer: clean up 2018-08-25 15:57:24 +02:00
Jan Tojnar
05992b9b1b
gtk-vnc: rename from gtkvnc
Upstream uses gtk-vnc, let’s be consistent.
2018-08-25 15:57:23 +02:00
Vladimír Čunát
7db611f2af
Merge branch 'staging'
Includes libX11 security update.
2018-08-24 09:19:43 +02:00
Tim Steinbach
54ba2c9afc
docker: 18.06.0 -> 18.06.1 2018-08-22 16:08:54 -04:00
Matthew Bauer
f7bc33abf0 Revert "treewide: fixup breakage due to absolute compiler path"
This reverts commit d0888d1503.
2018-08-22 01:14:53 +02:00
Vladimír Čunát
765d695b89
Merge branch 'staging-next'
Security fixes for a few packages are included.
2018-08-21 15:36:02 +02:00
Vladimír Čunát
d0888d1503
treewide: fixup breakage due to absolute compiler path
Some packages just can't handle them #44767.  It was tempting to try
to abstract this in some way, but I didn't do that ATM.
2018-08-21 12:34:33 +02:00
volth
341250fa10 qemu: 2.12.1 -> 3.0.0 2018-08-20 22:02:02 +00:00
Vincent Demeester
2b36ced49e
Adding vdemeester (myself) as runc and containerd package maintainer
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2018-08-20 16:36:48 +02:00
R. RyanTM
5828cb3af7 containerd: 1.1.1 -> 1.1.2
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/containerd/versions.
2018-08-17 20:47:25 -07:00
Vladimír Čunát
cbabebcc2e
Merge branch 'master' into staging-next
Hydra: ?compare=1473892
2018-08-17 13:45:21 +02:00
Timo Kaufmann
62b603e060
Merge pull request #45142 from r-ryantm/auto-update/singularity
singularity: 2.5.2 -> 2.6.0
2018-08-16 22:32:24 +02:00
R. RyanTM
64a39339f6 singularity: 2.5.2 -> 2.6.0
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/singularity/versions.
2018-08-16 12:43:31 -07:00
R. RyanTM
f5bd6b8bfe qemu: 2.12.0 -> 2.12.1 (#44711)
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools. This update was made based on information from https://repology.org/metapackage/qemu/versions.
2018-08-16 21:33:50 +02:00
zimbatm
9976f37c77
Merge pull request #44896 from cdepillabout/vbox-extpack
add derivation for the virtualbox oracle extension pack
2018-08-15 18:05:07 +01:00
(cdep)illabout
e04e92d38b
Merge remote-tracking branch 'origin/master' into vbox-extpack 2018-08-16 00:40:09 +09:00
Izorkin
e2c98528e9 qemu: add path to bin utilites 2018-08-15 11:17:44 +03:00
Vladimír Čunát
00df25ee57
Merge branch 'master' into staging-next
Hydra: ?compare=1472947
2018-08-12 10:33:41 +02:00
(cdep)illabout
d2b5e6eafe
Start trying to actually use the extpack in the virtualbox derivation. 2018-08-10 14:28:57 +09:00
R. RyanTM
f5366e9163 virt-viewer: 6.0 -> 7.0 (#44666)
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools. This update was made based on information from https://repology.org/metapackage/virt-viewer/versions.
2018-08-09 21:50:21 +02:00
(cdep)illabout
8ccfb99ac0
Add a derivation that downloads the virtualbox extension pack. 2018-08-08 23:22:02 +09:00
John Ericson
db965063b3 treewide: Make configureFlags lists 2018-08-03 17:06:03 -04:00
Lluís Batlle i Rossell
66d7126255 Take me (viric) out of most maintenance
Since years I'm not maintaining anything of the list below other
than some updates when I needed them for some reason. Other people
is doing that maintenance on my behalf so I better take me out but
for very few packages. Finally!
2018-07-22 21:50:19 +02:00
volth
52f53c69ce pkgs/*: remove unreferenced function arguments 2018-07-21 02:48:04 +00:00
Frederik Rietdijk
1a6af9f88e
Merge pull request #43857 from volth/unused
[bot] treewide: remove unreferenced code
2018-07-20 21:06:32 +02:00
volth
87f5930c3f [bot]: remove unreferenced code 2018-07-20 18:48:37 +00:00
Tim Steinbach
e953d314a8
docker: 18.03 -> 18.06 2018-07-19 08:34:13 -04:00
Matthew Bauer
76999cc40e treewide: remove aliases in nixpkgs
This makes the command ‘nix-env -qa -f. --arg config '{skipAliases =
true;}'’ work in Nixpkgs.

Misc...

- qtikz: use libsForQt5.callPackage

  This ensures we get the right poppler.

- rewrites:

  docbook5_xsl -> docbook_xsl_ns
  docbook_xml_xslt -> docbook_xsl

diffpdf: fixup
2018-07-18 23:25:20 -04:00
Florian Klink
fa4c1eeae6 virtualbox: 5.2.12 -> 5.2.14 2018-07-17 12:40:20 +02:00
Frederik Rietdijk
0d499686c6
Merge pull request #43157 from r-ryantm/auto-update/singularity
singularity: 2.5.1 -> 2.5.2
2018-07-12 07:21:33 +02:00
R. RyanTM
e552861295 containerd: 1.1.0 -> 1.1.1
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools. This update was made based on information from https://repology.org/metapackage/containerd/versions.
2018-07-11 05:46:32 -07:00
R. RyanTM
4bb61a3ba4 singularity: 2.5.1 -> 2.5.2
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.

This update was made based on information from https://repology.org/metapackage/singularity/versions.

<details><summary>Version release notes (from GitHub)</summary>
Greetings Singularity containerizers!

This release contains fixes for a _high severity_ security issue affecting Singularity 2.3.0 through 2.5.1 on kernels that support overlay file systems (CVE-2018-12021). A malicious user with network access to the host system (e.g. ssh) could exploit this vulnerability to access sensitive information on disk and bypass directory image restrictions like those preventing the root file system from being mounted into the container.

Singularity 2.5.2 should be installed immediately, and all previous versions of Singularity should be removed. The vulnerability addressed in this release affects kernels that support overlayfs. If you are unable to upgrade immediately, you should set `enable overlay = no` in `singularity.conf`.

In addition, this release contains a large number of bug fixes.  Details follow:

## [Security related fixes](https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-12021)
 - Removed the option to use overlay images with `singularity mount`.  This
   flaw could allow a malicious user accessing the host system to access
   sensitive information when coupled with persistent ext3 overlay.
 - Fixed a race condition that might allow a malicious user to bypass directory
   image restrictions, like mounting the host root filesystem as a container
   image

## Bug fixes
 - Fix an error in malloc allocation #1620
 - Honor debug flag when pulling from docker hub #1556
 - Fix a bug with passwd abort #1580
 - Allow user to override singularity.conf "mount home = no" with --home option
   #1496
 - Improve debugging output #1535
 - Fix some bugs in bind mounting #1525
 - Define PR_(S|G)ET_NO_NEW_PRIVS in user space so that these features will
   work with kernels that implement them (like Cray systems) #1506
 - Create /dev/fd and standard streams symlinks in /dev when using minimal dev
   mount or when specifying -c/-C/--contain option #1420
 - Fixed * expansion during app runscript creation #1486

As always, please report any bugs to:
https://github.com/singularityware/singularity/issues/new</details>

These checks were done:

- built on NixOS
- /nix/store/3igwiqi311c18w13y5r7zrgpcnzylg9l-singularity-2.5.2/bin/singularity passed the binary check.
- Warning: no invocation of /nix/store/3igwiqi311c18w13y5r7zrgpcnzylg9l-singularity-2.5.2/bin/run-singularity had a zero exit code or showed the expected version
- 1 of 2 passed binary check by having a zero exit code.
- 0 of 2 passed binary check by having the new version present in output.
- found 2.5.2 with grep in /nix/store/3igwiqi311c18w13y5r7zrgpcnzylg9l-singularity-2.5.2
- directory tree listing: https://gist.github.com/ed6db09ad43a19c6abf2d35d15ef489c
- du listing: https://gist.github.com/9bd23f4d6ee86a9eb2ba7ec5c986741d
2018-07-07 16:41:51 -07:00
Silvan Mosberger
57bccb3cb8 treewide: http -> https sources (#42676)
* treewide: http -> https sources

This updates the source urls of all top-level packages from http to
https where possible.

* buildtorrent: fix url and tab -> spaces
2018-06-28 20:43:35 +02:00
Andrea Bedini
134eca9993 ecs-agent: 1.14.0 -> 1.18.0 (#42359) 2018-06-25 11:15:40 +02:00
R. RyanTM
593ab50d69 spice-vdagent: 0.17.0 -> 0.18.0 (#42204)
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.

This update was made based on information from https://repology.org/metapackage/spice-vdagent/versions.

These checks were done:

- built on NixOS
- /nix/store/jn5icaw3pkbvyh2j34lqnx8w1ikqj7k2-spice-vdagent-0.18.0/bin/spice-vdagent passed the binary check.
- /nix/store/jn5icaw3pkbvyh2j34lqnx8w1ikqj7k2-spice-vdagent-0.18.0/bin/spice-vdagentd passed the binary check.
- 2 of 2 passed binary check by having a zero exit code.
- 0 of 2 passed binary check by having the new version present in output.
- found 0.18.0 with grep in /nix/store/jn5icaw3pkbvyh2j34lqnx8w1ikqj7k2-spice-vdagent-0.18.0
- directory tree listing: https://gist.github.com/b66bf12f870f109e97e063ee890be440
- du listing: https://gist.github.com/6bd67c42fafb9c4b45a004edcf1807fb
2018-06-24 19:08:31 +02:00
Jörg Thalheim
9da836dd03 rancher-compose: remove
I no longer use rancher and can test this derivation.
Also rancher-compose should have the same version as the rancher cluster
used. So it is better to be build by the user using it rather having a
random version in nixpkgs.
2018-06-21 11:11:41 +01:00
Kevin Liu
3e1acfd824 looking-glass-client: a10 -> a11 (#42098)
Requires new dependencies libconfig and nettle.
2018-06-17 18:33:32 +02:00
Bastian Köcher
4f33a90a5e virtualbox: Fixes build with Qt5.11 2018-06-12 16:42:29 +02:00
Sarah Brofeldt
c80e0fbb08 docker: Ensure references to go are removed from docker-containerd (#41849) 2018-06-11 19:45:34 +02:00
Ruben Maher
0b3f13d442 pkgs/qemu: tell qemu where to find smbd if smbdSupport is true (#41615) 2018-06-11 00:18:31 +02:00
Orivej Desh
b42cf67084 xen: enable parallel building 2018-06-09 07:22:29 +00:00
Matthew Justin Bauer
0135f04d77
Merge pull request #40242 from gnidorah/gvt
linux: enable support for iGVT-g VGPU
2018-06-01 23:14:35 -04:00
Orivej Desh
7cadf50be2 virtualbox: fix build after #28029 2018-05-29 23:16:51 +00:00
gnidorah
30dc291331 virt-viewer: support ALSA 2018-05-29 19:25:52 +03:00
John Ericson
8e891e6ed4 Merge remote-tracking branch 'upstream/master' into staging 2018-05-14 10:57:33 -04:00
xeji
66d204188b
virtmanager: add missing virt-install runtime deps (#40380)
virt-install calls some programs from initrdinject.py
that were missing on PATH
2018-05-13 19:58:10 +02:00
John Ericson
2c5d915200 Merge commit '92b7a814f26ee1d37e989431c18518c67285a332' into staging 2018-05-13 01:02:09 -04:00
obadz
f0057a2f27
Merge pull request #40313 from r-ryantm/auto-update/virtualbox
virtualbox: 5.2.10 -> 5.2.12
2018-05-12 14:35:38 +02:00
obadz
d4ec02fa7b Revert "Fix pci_get_bus_and_slot removed in kernel 4.17"
This reverts commit d25607c79d.

Reverted as part of #40313 based on commit author's comment:
https://github.com/NixOS/nixpkgs/pull/40313#issuecomment-388409185
2018-05-12 13:16:10 +01:00
Florian Klink
b6708a4c9a virtualbox: update extpack and guest additions checksums 2018-05-12 13:15:28 +01:00
John Ericson
ee4b56edd3 Merge remote-tracking branch 'upstream/master' into staging 2018-05-11 14:36:08 -04:00
Tim Steinbach
46440d3426
docker-edge: 18.04.0-ce -> 18.05.0-ce 2018-05-11 09:19:41 -04:00
R. RyanTM
2c591d6622 virtualbox: 5.2.10 -> 5.2.12
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.

This update was made based on information from https://repology.org/metapackage/virtualbox/versions.

These checks were done:

- built on NixOS
- ran ‘/nix/store/6769l9s88jlcv3qgxpjsfr1ybkq3yvvb-virtualbox-5.2.12/bin/VBoxManage -h’ got 0 exit code
- ran ‘/nix/store/6769l9s88jlcv3qgxpjsfr1ybkq3yvvb-virtualbox-5.2.12/bin/VBoxManage --help’ got 0 exit code
- ran ‘/nix/store/6769l9s88jlcv3qgxpjsfr1ybkq3yvvb-virtualbox-5.2.12/bin/VBoxManage help’ got 0 exit code
- ran ‘/nix/store/6769l9s88jlcv3qgxpjsfr1ybkq3yvvb-virtualbox-5.2.12/bin/VBoxBalloonCtrl -h’ got 0 exit code
- ran ‘/nix/store/6769l9s88jlcv3qgxpjsfr1ybkq3yvvb-virtualbox-5.2.12/bin/VBoxBalloonCtrl --help’ got 0 exit code
- found 5.2.12 with grep in /nix/store/6769l9s88jlcv3qgxpjsfr1ybkq3yvvb-virtualbox-5.2.12
- directory tree listing: https://gist.github.com/f9bf852a0a8e6e0b4c44a9b68764850b
2018-05-10 21:10:34 -07:00
Frederik Rietdijk
a18b493e02 Merge master into staging 2018-05-09 10:48:01 +02:00
Justin Bedo
48808f1c93
singularity: add missing file dependency 2018-05-09 10:19:38 +10:00
Matthew Bauer
6748534d83 Merge remote-tracking branch 'upstream/master' into staging 2018-05-08 09:36:00 -05:00
scalavision
aad0a825f9 singularity: 2.4.6 -> 2.5.1 2018-05-08 10:40:10 +02:00
Florian Klink
70c57fe363 qemu: fix spaces in postInstall 2018-05-07 19:23:47 +03:00
Unknown
d25607c79d Fix pci_get_bus_and_slot removed in kernel 4.17 2018-05-05 11:22:32 +03:00
John Ericson
cf06e42d1c Merge remote-tracking branch 'upstream/master' into staging 2018-05-03 16:35:36 -04:00
Matthew Justin Bauer
eeb016e8f0
Merge branch 'staging' into fix-ncurses-darwin-extensions 2018-05-02 15:40:38 -05:00
xeji
cd0d2f448b
Merge pull request #39868 from r-ryantm/auto-update/remotebox
remotebox: 2.4 -> 2.5
2018-05-02 20:32:44 +02:00
R. RyanTM
a9f78307e6 remotebox: 2.4 -> 2.5
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.

This update was made based on information from https://repology.org/metapackage/remotebox/versions.

These checks were done:

- built on NixOS
- ran ‘/nix/store/lqc90dpw05j8jvi8n0klma3cipg70h6l-remotebox-2.5/bin/remotebox -h’ got 0 exit code
- found 2.5 with grep in /nix/store/lqc90dpw05j8jvi8n0klma3cipg70h6l-remotebox-2.5
- directory tree listing: https://gist.github.com/52fb098e7f7315de708c331b65eadfb4
2018-05-02 10:11:10 -07:00
Florian Klink
0a80a37672 virtulabox: update guest additions hash
missed in 8eb3167e2e
2018-05-02 08:55:08 +02:00
xeji
f50e688816
Merge pull request #39663 from xeji/xen-4-10-memfd
xen_4_10: fix qemu-xen build error (memfd)
2018-05-02 05:29:43 +02:00
Florian Klink
8eb3167e2e virtualbox: 5.2.8 -> 5.2.10
closes #39182.
2018-05-01 22:50:19 +02:00
Matthew Justin Bauer
a1664a4c53
Merge pull request #39549 from r-ryantm/auto-update/containerd
containerd: 1.0.3 -> 1.1.0
2018-05-01 10:24:34 -05:00
xeji
8b6fe6680f
Merge pull request #39513 from xeji/qemu-2-12
qemu: 2.11.1 -> 2.12.0
2018-04-29 18:41:18 +02:00
xeji
3c4efe448d xen_4_10: fix build (qemu-xen memfd patch) 2018-04-29 00:58:50 +02:00
xeji
00610fe090 qemu-riscv: remove, obsolete with qemu 2.12
upstream qemu 2.12 includes riscv support
2018-04-26 18:15:21 +02:00
Will Dietz
3d4aa7e95d qemu: workaround 'struct sysinfo' conflict musl <--> linux
Most everyone using musl patches the linux headers instead,
but various software uses a local workaround like the
one added in this commit (psutils, for example).

It's not obvious to me which project has the "bug",
and I'm reluctant to even propose modifying our headers
without clear answer on the issue.

Also, modifying those headers triggers rebuild-all-the-things.

Hopefully upstream projects sort this out, in the meantime
adding this define is a bit of a kludge but does the job.

-------

For the curious, the patch usually is something like this:
https://patchwork.kernel.org/patch/3833241/

Here's an updated version that also ensures
kernel users get the sysinfo struct as expected too:
https://raw.githubusercontent.com/openwrt/openwrt/e3c43ade0bae9491aeea50fa361e846bb5002dc0/target/linux/generic/pending-4.14/270-uapi-kernel.h-glibc-specific-inclusion-of-sysinfo.h.patch

(cherry picked from commit dtzWill/nixpkgs@91b5f5a463)
2018-04-26 17:58:16 +02:00
R. RyanTM
8a3cdb993d containerd: 1.0.3 -> 1.1.0
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.

This update was made based on information from https://repology.org/metapackage/containerd/versions.

These checks were done:

- built on NixOS
- ran ‘/nix/store/lmnlz9w8fhf71pxl7wlhv9vsv4k3bnxd-containerd-1.1.0/bin/containerd -h’ got 0 exit code
- ran ‘/nix/store/lmnlz9w8fhf71pxl7wlhv9vsv4k3bnxd-containerd-1.1.0/bin/containerd --help’ got 0 exit code
- ran ‘/nix/store/lmnlz9w8fhf71pxl7wlhv9vsv4k3bnxd-containerd-1.1.0/bin/containerd help’ got 0 exit code
- ran ‘/nix/store/lmnlz9w8fhf71pxl7wlhv9vsv4k3bnxd-containerd-1.1.0/bin/containerd-release -h’ got 0 exit code
- ran ‘/nix/store/lmnlz9w8fhf71pxl7wlhv9vsv4k3bnxd-containerd-1.1.0/bin/containerd-release --help’ got 0 exit code
- ran ‘/nix/store/lmnlz9w8fhf71pxl7wlhv9vsv4k3bnxd-containerd-1.1.0/bin/containerd-release help’ got 0 exit code
- ran ‘/nix/store/lmnlz9w8fhf71pxl7wlhv9vsv4k3bnxd-containerd-1.1.0/bin/ctr -h’ got 0 exit code
- ran ‘/nix/store/lmnlz9w8fhf71pxl7wlhv9vsv4k3bnxd-containerd-1.1.0/bin/ctr --help’ got 0 exit code
- ran ‘/nix/store/lmnlz9w8fhf71pxl7wlhv9vsv4k3bnxd-containerd-1.1.0/bin/ctr help’ got 0 exit code
- found 1.1.0 with grep in /nix/store/lmnlz9w8fhf71pxl7wlhv9vsv4k3bnxd-containerd-1.1.0
- directory tree listing: https://gist.github.com/7b4a990853acfbf946f8abe02582f41d
2018-04-26 06:18:41 -07:00
Tim Steinbach
e0ad325cd4
docker: 18.03.0 -> 18.03.1 2018-04-26 08:02:21 -04:00
adisbladis
d479f3aa8e
Merge pull request #39521 from r-ryantm/auto-update/tini
tini: 0.17.0 -> 0.18.0
2018-04-26 15:29:54 +08:00
R. RyanTM
518eca8256 tini: 0.17.0 -> 0.18.0
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.

This update was made based on information from https://repology.org/metapackage/tini/versions.

These checks were done:

- built on NixOS
- ran ‘/nix/store/h0h2qyxwrvsjy47m1xyv7sxzd2j0ilsi-tini-0.18.0/bin/tini -h’ got 0 exit code
- ran ‘/nix/store/h0h2qyxwrvsjy47m1xyv7sxzd2j0ilsi-tini-0.18.0/bin/tini --version’ and found version 0.18.0
- found 0.18.0 with grep in /nix/store/h0h2qyxwrvsjy47m1xyv7sxzd2j0ilsi-tini-0.18.0
- directory tree listing: https://gist.github.com/c992fd0a24dfc0365d6b62ac567d395c
2018-04-25 21:45:09 -07:00
xeji
3e3b39f173 qemu: 2.11.1 -> 2.12.0 2018-04-26 01:41:53 +02:00
John Ericson
ba52ae5048 treewide: isArm -> isAarch32
Following legacy packing conventions, `isArm` was defined just for
32-bit ARM instruction set. This is confusing to non packagers though,
because Aarch64 is an ARM instruction set.

The official ARM overview for ARMv8[1] is surprisingly not confusing,
given the overall state of affairs for ARM naming conventions, and
offers us a solution. It divides the nomenclature into three levels:

```
ISA:             ARMv8   {-A, -R, -M}
                 /    \
Mode:     Aarch32     Aarch64
             |         /   \
Encoding:   A64      A32   T32
```

At the top is the overall v8 instruction set archicture. Second are the
two modes, defined by bitwidth but differing in other semantics too, and
buttom are the encodings, (hopefully?) isomorphic if they encode the
same mode.

The 32 bit encodings are mostly backwards compatible with previous
non-Thumb and Thumb encodings, and if so we can pun the mode names to
instead mean "sets of compatable or isomorphic encodings", and then
voilà we have nice names for 32-bit and 64-bit arm instruction sets
which do not use the word ARM so as to not confused either laymen or
experienced ARM packages.

[1]: https://developer.arm.com/products/architecture/a-profile
2018-04-25 15:28:55 -04:00
Jan Malakhovski
7438083a4d tree-wide: disable doCheck and doInstallCheck where it fails (the trivial part) 2018-04-25 04:18:46 +00:00
Daiderd Jordan
bca24c02ac
qemu: fix darwin build 2018-04-24 00:19:34 +02:00
Jörg Thalheim
942bc44c55
Merge pull request #39196 from r-ryantm/auto-update/singularity
singularity: 2.4.5 -> 2.4.6
2018-04-21 19:23:59 +01:00
xeji
5be6943696 qemu: add separate output for qemu-ga guest agent 2018-04-20 11:05:50 +02:00
R. RyanTM
8929690cd1 singularity: 2.4.5 -> 2.4.6
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.

This update was made based on information from https://repology.org/metapackage/singularity/versions.

These checks were done:

- built on NixOS
- ran ‘/nix/store/0rcn1kn4j7rmr0qn314g28vpa4xf230d-singularity-2.4.6/bin/singularity -h’ got 0 exit code
- ran ‘/nix/store/0rcn1kn4j7rmr0qn314g28vpa4xf230d-singularity-2.4.6/bin/singularity --help’ got 0 exit code
- ran ‘/nix/store/0rcn1kn4j7rmr0qn314g28vpa4xf230d-singularity-2.4.6/bin/singularity help’ got 0 exit code
- found 2.4.6 with grep in /nix/store/0rcn1kn4j7rmr0qn314g28vpa4xf230d-singularity-2.4.6
- directory tree listing: https://gist.github.com/e2f21872e885760acf461b07dd5b4f86
2018-04-20 00:28:23 -07:00
Tim Steinbach
7a424800a0
rkt: 1.29.0 -> 1.30.0 2018-04-17 20:41:08 -04:00
Matthew Bauer
52893d5276 treewide: move "extensions" drvs to dir
This cleans up the tree for pkgs/applications somewhat. Should not
change any hashes.
2018-04-17 13:50:49 -05:00
Peter Hoeg
9131f2d005 virtmanager-qt: 0.52.80 -> 0.60.88 2018-04-17 22:11:25 +08:00
xeji
10149ef5e3 qemu: add option to build with gtk support 2018-04-15 23:31:42 +02:00
Herwig Hochleitner
d81f3ecb83 xen-4.8: fix qemu-xen build error in memfd.c
Apply 75e5b70e6b
see also https://www.mail-archive.com/xen-devel@lists.xenproject.org/msg08648.html

cc @eelco @tstrobel @oxij
2018-04-13 22:06:52 +02:00
Frederik Rietdijk
ee6894ca12 Merge staging into master 2018-04-11 14:55:52 +02:00
Tim Steinbach
d76725f3a5
docker-edge: 18.03 -> 18.04 2018-04-10 18:28:35 -04:00
Frederik Rietdijk
0aa59a08d6 Merge master into staging 2018-04-09 15:12:32 +02:00
Jörg Thalheim
5d332cf758
Merge pull request #38580 from r-ryantm/auto-update/containerd
containerd: 1.0.2 -> 1.0.3
2018-04-08 11:26:48 +01:00
Frederik Rietdijk
595a72589f Merge master into staging 2018-04-08 10:54:17 +02:00
Austin Seipp
4b7f2dd622 qemu-riscv: update to qemu-2.11.92pre60378_f733c7b5f
This obsoletes two of the included patches, one of them RISC-V specific,
since they've been picked up by upstream.

This build has been confirmed as being able to build and run an (extremely
recent) RISC-V Fedora 28 Rawhide image, available from:

    https://fedorapeople.org/groups/risc-v/disk-images/

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2018-04-07 22:25:30 -05:00
R. RyanTM
ed0146d1f8 containerd: 1.0.2 -> 1.0.3
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.

This update was made based on information from https://repology.org/metapackage/containerd/versions.

These checks were done:

- built on NixOS
- ran ‘/nix/store/qmgzfad2cazgv7j1k31pqs512b59b8hp-containerd-1.0.3/bin/containerd -h’ got 0 exit code
- ran ‘/nix/store/qmgzfad2cazgv7j1k31pqs512b59b8hp-containerd-1.0.3/bin/containerd --help’ got 0 exit code
- ran ‘/nix/store/qmgzfad2cazgv7j1k31pqs512b59b8hp-containerd-1.0.3/bin/containerd help’ got 0 exit code
- ran ‘/nix/store/qmgzfad2cazgv7j1k31pqs512b59b8hp-containerd-1.0.3/bin/containerd-release -h’ got 0 exit code
- ran ‘/nix/store/qmgzfad2cazgv7j1k31pqs512b59b8hp-containerd-1.0.3/bin/containerd-release --help’ got 0 exit code
- ran ‘/nix/store/qmgzfad2cazgv7j1k31pqs512b59b8hp-containerd-1.0.3/bin/containerd-release help’ got 0 exit code
- ran ‘/nix/store/qmgzfad2cazgv7j1k31pqs512b59b8hp-containerd-1.0.3/bin/containerd-stress -h’ got 0 exit code
- ran ‘/nix/store/qmgzfad2cazgv7j1k31pqs512b59b8hp-containerd-1.0.3/bin/containerd-stress --help’ got 0 exit code
- ran ‘/nix/store/qmgzfad2cazgv7j1k31pqs512b59b8hp-containerd-1.0.3/bin/containerd-stress help’ got 0 exit code
- ran ‘/nix/store/qmgzfad2cazgv7j1k31pqs512b59b8hp-containerd-1.0.3/bin/ctr -h’ got 0 exit code
- ran ‘/nix/store/qmgzfad2cazgv7j1k31pqs512b59b8hp-containerd-1.0.3/bin/ctr --help’ got 0 exit code
- ran ‘/nix/store/qmgzfad2cazgv7j1k31pqs512b59b8hp-containerd-1.0.3/bin/ctr help’ got 0 exit code
- found 1.0.3 with grep in /nix/store/qmgzfad2cazgv7j1k31pqs512b59b8hp-containerd-1.0.3
- directory tree listing: https://gist.github.com/b830fb8c24834f83e627fd6d567eae87
2018-04-07 16:39:07 -07:00
Tuomas Tynkkynen
747ebe3f66 Merge remote-tracking branch 'upstream/master' into staging
Conflicts:
	pkgs/top-level/all-packages.nix
2018-04-03 02:22:54 +03:00
Michael Weiss
a4dc9ef13e dynamips: 0.2.17 -> 0.2.18 2018-04-01 00:05:29 +02:00
R. RyanTM
3fdf0a656a singularity: 2.4.2 -> 2.4.5
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.

This update was made based on information from https://repology.org/metapackage/singularity/versions.

These checks were done:

- built on NixOS
- ran `/nix/store/893zy5r9ih8lp9p24s9l198jdjdwadj4-singularity-2.4.5/bin/singularity -h` got 0 exit code
- ran `/nix/store/893zy5r9ih8lp9p24s9l198jdjdwadj4-singularity-2.4.5/bin/singularity --help` got 0 exit code
- ran `/nix/store/893zy5r9ih8lp9p24s9l198jdjdwadj4-singularity-2.4.5/bin/singularity help` got 0 exit code
- ran `/nix/store/893zy5r9ih8lp9p24s9l198jdjdwadj4-singularity-2.4.5/bin/singularity -v` and found version 2.4.5
- found 2.4.5 with grep in /nix/store/893zy5r9ih8lp9p24s9l198jdjdwadj4-singularity-2.4.5
- directory tree listing: https://gist.github.com/f42298f39e3c1c4832de9817cc1fc5bf
2018-03-30 20:02:44 -07:00
Matthew Justin Bauer
75616ceb49
Merge pull request #37840 from matthewbauer/unixtools
Cross-platform "unixtools"
2018-03-27 18:43:03 -05:00
Jan Malakhovski
228eee6cd4 qemu: fix options 2018-03-26 14:02:06 +03:00
Nikolay Amiantov
e2d59e06bf qemu: add virgl renderer support 2018-03-26 14:01:49 +03:00
Nikolay Amiantov
1de04e45cb qemu: add OpenGL support 2018-03-26 14:01:49 +03:00
Nikolay Amiantov
5f44faaca9 qemu: use SDL2 as SDL library
This is needed for OpenGL support.
2018-03-26 14:01:49 +03:00
Will Dietz
55e59e4557 qemu: musl patches
(cherry picked from commit 1bf8ff49d55fc7dfdd460f3d4f02c148ed2a2b40)
2018-03-25 18:41:11 -05:00
Shea Levy
9bfd74deff
qemu-riscv: Don't apply already-applied glibc-2.27 patch 2018-03-24 07:33:04 -04:00
Tim Steinbach
b072dcffae
docker: 18.02 -> 18.03 2018-03-23 17:37:30 -04:00
Shea Levy
d0a8866622
Merge branch 'binutils-2.30' into staging 2018-03-22 07:28:10 -04:00
Tuomas Tynkkynen
f59eab75d2 edk2, OVMF: Build on aarch64
And also build in parallel.

I don't understand why we manually tediously link every single directory
from the source, but I don't want to investigate too much.
2018-03-21 23:19:26 +02:00
Tuomas Tynkkynen
1645011983 OVMF: Reformat a bit for readability
- Use 'somePkg == null' instead of 'somePkg == false' which is more
  conventional in rest of Nixpkgs
- Use lib.optionalString where applicable
2018-03-21 23:19:26 +02:00
Jörg Thalheim
86dd3f854b
Merge pull request #35687 from volth/libvirt-4.1.0
libvirt: 3.10.0 -> 4.1.0
2018-03-19 11:42:06 +00:00
Yuriy Taraday
691fe19db9 lkl: 2017-11-10 -> 2018-03-10
Bump lkl version to latest that includes merge of Linux 4.15 and fix for
an issue where cptofs wasn't returning failure when image size was too
small and file copying failed with:

  error writing file: No space left on device

(see lkl/linux#427)
2018-03-18 08:38:26 +02:00
Shea Levy
34898469f7
qemu: Add upstream glibc 2.27-compat patch 2018-03-17 21:58:14 -04:00
Joachim F
1af9958f09
Merge pull request #36704 from ryantm/auto-update/tini
tini: 0.16.1 -> 0.17.0
2018-03-14 21:15:59 +00:00
lewo
65e5bc713b
Merge pull request #36845 from jbedo/singularity
singularity: 2.4 -> 2.4.2
2018-03-14 10:19:10 +01:00
Will Dietz
273fd896bc
virtualbox: 5.2.6 -> 5.2.8
Tested against all the VirtualBox VM tests.

Signed-off-by: aszlig <aszlig@nix.build>
Closes: #36127
2018-03-13 22:07:25 +01:00
Justin Bedo
5c1e42276d
singularity: 2.4 -> 2.4.2 2018-03-12 15:13:31 +11:00
Will Dietz
c2c9d393a8 runc: 1.0.0rc4 -> 1.0.0rc5
https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc5
2018-03-11 15:42:36 -05:00
Jan Malakhovski
3e3d72b95a xenPackages: deprecate Xen 4.5, security support ended 2018-03-10 21:35:55 +00:00
Ryan Mulligan
6baeaa0e1b tini: 0.16.1 -> 0.17.0
Semi-automatic update. These checks were done:

- built on NixOS
- ran `/nix/store/p41wb0fqnvn4bx6jjs7hs98xlrzp8s79-tini-0.17.0/bin/tini -h` got 0 exit code
- ran `/nix/store/p41wb0fqnvn4bx6jjs7hs98xlrzp8s79-tini-0.17.0/bin/tini --version` and found version 0.17.0
- ran `/nix/store/p41wb0fqnvn4bx6jjs7hs98xlrzp8s79-tini-0.17.0/bin/tini -h` and found version 0.17.0
- found 0.17.0 with grep in /nix/store/p41wb0fqnvn4bx6jjs7hs98xlrzp8s79-tini-0.17.0
- found 0.17.0 in filename of file in /nix/store/p41wb0fqnvn4bx6jjs7hs98xlrzp8s79-tini-0.17.0
2018-03-09 14:39:48 -08:00
volth
632e9e62c8 libvirt: 3.10.0 -> 4.1.0 2018-03-08 23:45:28 +00:00
Will Dietz
4191058bdd virtualbox: drop headless patch that no longer applies, fixed upstream 2018-03-07 18:12:02 -06:00
xeji
fc790cb0f6 xen: add v 4.10 2018-03-07 22:38:45 +01:00
xeji
fbc0b8282e xen: fix broken version comparisons
string compare breaks with xen 4.10 (because "4.10" < "4.8")
2018-03-07 22:37:40 +01:00
xeji
2b14491a77 xen 4.8.3: fix qemu-xen hash 2018-03-06 22:40:27 +01:00
xeji
1c357efdfc xen: 4.8.2 -> 4.8.3 2018-03-06 19:59:33 +01:00
xeji
73dbc73196 xen 4.8: add xsa security patches 252-256 2018-03-06 16:17:30 +01:00
Jörg Thalheim
c7a92f3fee
Merge pull request #36353 from xeji/xen-4-8
xen 4.8: fix gcc7-related build errors
2018-03-05 23:55:11 +00:00
xeji
c84cf5f642 xen 4.8: fix gcc7-related build errors 2018-03-05 20:54:55 +00:00
Franz Pletz
d21e682dde
virtmanager: 1.5.0 -> 1.5.1 2018-03-05 18:06:29 +01:00
Vladimír Čunát
565bd805e6
Merge branch 'master' 2018-03-05 14:53:27 +01:00
Ryan Mulligan
348f4b05dc seabios: 1.9.3 -> 1.11.0
Semi-automatic update. These checks were performed:

- built on NixOS
- found 1.11.0 with grep in /nix/store/m55my69q0dc6rbvf7sfz3mln7vca1d53-seabios-1.11.0
- found 1.11.0 in filename of file in /nix/store/m55my69q0dc6rbvf7sfz3mln7vca1d53-seabios-1.11.0

cc "@tstrobel"
2018-03-04 17:33:29 +00:00
Tuomas Tynkkynen
984fa1c2ee cbfstool: 4.5 -> 4.7, fixes build 2018-03-03 22:06:35 +02:00
Ryan Mulligan
1cddc1ecaf remotebox: 2.2 -> 2.4
Semi-automatic update. These checks were performed:

- built on NixOS
- found 2.4 with grep in /nix/store/5p43l2r5y6m0sdpyxwcwiv381ycglami-remotebox-2.4
- found 2.4 in filename of file in /nix/store/5p43l2r5y6m0sdpyxwcwiv381ycglami-remotebox-2.4
2018-03-01 15:41:37 +01:00
Jörg Thalheim
8ed4e67235
Merge pull request #33066 from Mic92/rkt
rkt: needs libacl in LD_LIBRARY_PATH at runtime
2018-03-01 09:14:59 +00:00
Tim Steinbach
3b9cf7aadc
docker: 17.12.0 -> 17.12.1 2018-02-28 12:48:17 -05:00
Tim Steinbach
3187f3fe25
containerd: 1.0.1 -> 1.0.2 2018-02-25 13:32:12 -05:00
Jan Tojnar
a31d98f312
tree-wide: autorename gnome packages to use dashes 2018-02-25 17:41:16 +01:00
Alexander V. Nikolaev
0acec7e984 treewide: transition mesa to libGLU_combined 2018-02-24 17:06:49 +02:00
Jörg Thalheim
aa6d6cc78f
Merge pull request #35151 from xeji/virtmanager-cleanup
virtmanager: 1.4.3 -> 1.5.0, cleanup dependencies
2018-02-23 11:31:21 +00:00
Peter Hoeg
af2d94fed5 virtmanager-qt: 0.48.79 -> 0.52.80 2018-02-23 13:19:05 +08:00
Shea Levy
0022708d6d
qemu-riscv: Add initrd support patch 2018-02-20 09:11:06 -05:00
xeji
1cbccb95a7 virtmanager: set platforms to linux
since dependency libvirt-glib currently doesn't build on Darwin
2018-02-20 12:47:34 +01:00
Shea Levy
2f310cfa8b
qemu: Fix statfs flag.
Compile-tested the right package this time...
2018-02-18 21:47:07 -05:00
xeji
7460dc318b virtmanager: 1.5.0: sha512->sha256 (readability) 2018-02-19 01:15:47 +01:00
xeji
b0eb4d6390 virtmanager: 1.5.0: add gtk3 dependency
otherwise virt-manager startup fails with
Typelib file for namespace 'Pango', version '1.0' not found: Could not open display: :0
2018-02-19 01:02:47 +01:00
xeji
911f408b5e virtmanager: 1.4.3 -> 1.5.0, cleanup dependencies
remove unneeded dependencies, see issue #34043
2018-02-18 23:19:41 +01:00
Shea Levy
e3f947a19a
Add missing files 2018-02-18 14:33:43 -05:00
Shea Levy
4839b568de
qemu: Add patch for statfs f_flags in Linux user mode. 2018-02-18 14:08:22 -05:00
Joachim F
20815fc80b
Merge pull request #35112 from oxij/pkgs/fix-xen
xen_4_8: fix build
2018-02-18 17:27:03 +00:00
Shea Levy
d4e1ef7b7b
qemu-riscv: 2.11.50pre57991_713f2c1164 -> 2.11.50pre58771_af435b709d 2018-02-18 09:28:54 -05:00
Jan Malakhovski
23e68d119d xenPackages.xen_4_8-vanilla: stop overriding cc
Nothing requires gcc49 in this version.
2018-02-18 13:46:51 +00:00
Jan Malakhovski
b1047f34f7 xenPackages.xen_4_8-vanilla: fix build of qemu-xen
They merged that XSA and moved the tag.
2018-02-18 13:46:44 +00:00
Shea Levy
890c0b9654
qemu-riscv: Init at 2.11.50pre57991_713f2c1164.
Fixes #35087
2018-02-17 20:29:11 -05:00
Shea Levy
ecf4825f32
qemu: 2.11.0 -> 2.11.1 2018-02-17 19:32:13 -05:00
Graham Christensen
5aabf0fc34
Merge pull request #33898 from oxij/nixos/related-packages-v5
nixos: doc: implement related packages in the manual (again)
2018-02-09 20:36:27 -05:00
Kevin Liu
a5524e46f9
looking-glass-client: restrict to x86_64-linux
The AArch64 build fails after trying to pull in tmmintrin.h:

```
../common/memcpySSE.h:24:23: fatal error: tmmintrin.h: No such file or directory
 #include <tmmintrin.h>
                       ^
compilation terminated.
make: *** [Makefile:29: .build/renderers/opengl.o] Error 1
```

Which are SSSE3 intrinsics unsupported on ARM. This package also likely would
not be useful on ARM, as it requires KVM and a compatible KVM guest running
the frame relay (usually Windows).
2018-02-09 15:48:18 -05:00
Jan Malakhovski
06adc17455 xen, qemu: passthru the path to qemu-system-i386 2018-02-09 19:51:07 +00:00
Tim Steinbach
4ffe462b10
docker-edge: 18.01.0 -> 18.02.0 2018-02-09 10:25:58 -05:00
Kevin Liu
93532b0d3a
looking-glass-client: init at a10 2018-02-02 01:46:00 +01:00
aszlig
f96aafd403
virtualbox: 5.2.4 -> 5.2.6
Upstream changes without issue IDs:

 * GUI: fixed occasional screen corruption when host screen resolution
        is changed
 * User interface: increase proposed disk size when creating new VMs for
                   Windows 7 and newer
 * User interface: various improvements for high resolution screens
 * VMM: Fixed problems using 256MB VRAM in raw-mode VMs
 * Audio: implemented support for audio playback and recording for macOS
          guests
 * Audio: further timing improvements for Windows 10 guests
 * Linux hosts: fixed problem accessing mini-toolbar under XFCE

The full changelog including issue IDs can be found at:

https://www.virtualbox.org/wiki/Changelog#v6

What was not mentioned in the changelog is that this release fixes
compiling the VirtualBox modules against kernel 4.15, which was added in
commit 61043ad4d1.

Tested this by running all of the tests in nixos/tests/virtualbox.nix.

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @flokli, @svanderburg
2018-01-31 23:38:35 +01:00
Tim Steinbach
078fc69425
Merge pull request #33746 from NeQuissimus/docker_18_01
docker-edge: 17.12.0 -> 18.01.0
2018-01-30 14:06:19 +00:00
Franz Pletz
0cecf0b548
virt-viewer: 5.0 -> 6.0 2018-01-28 18:52:27 +01:00
Tim Steinbach
3d2948e009
docker: Fix build after containerd update 2018-01-19 11:26:59 -05:00
Tim Steinbach
d45b33fbaa
Merge pull request #29300 from vdemeester/update-containerd-1
containerd: 0.2.9 -> 1.0.1
2018-01-18 23:10:13 +00:00
Vincent Demeester
ef07118a80
containerd: 0.2.9 -> 1.0.1
Update containerd to its latest release !

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2018-01-18 13:31:53 -08:00
Tobias Geerinckx-Rice
0f84673f3d
Remove nckx as a maintainer for all packages
Goodbye, and thanks for all the Nix...
2018-01-16 23:00:49 +01:00
Andrey Golovizin
3eb0ddcfc4
virt-manager: add gobjectIntrospection to nativeBuildInputs 2018-01-14 13:31:03 +01:00
Tim Steinbach
438452f07a
docker-edge: 17.12.0 -> 18.01.0 2018-01-11 09:15:47 -05:00
Peter Hoeg
7e8e582e0c virtmanager-qt: 0.45.75 -> 0.48.79 2018-01-06 22:12:42 +08:00
Samuel Dionne-Riel
7b97c8c0c8 treewide: homepage+src updates (found by repology, #33263) 2018-01-05 20:42:46 +01:00
Tim Steinbach
b084b36010
docker: 17.{09,11} -> 17.12 2018-01-02 09:11:33 -05:00
David Guibert
1e77d0b975 kernel 4.14 require libelf to compile modules.
[...]
make modules -C /nix/store/h1vzl6bq4wif3m8dd1bw2p3fv4shjg3n-linux-4.14.9-dev/lib/modules/4.14.9/build EXTRA_CFLAGS=-Werror-implicit-function-declaration M=/tmp/nix-build-spl-kernel-2017-11-16-4.14.9.drv-0/source/build
/nix/store/h1vzl6bq4wif3m8dd1bw2p3fv4shjg3n-linux-4.14.9-dev/lib/modules/4.14.9/source/Makefile:939: *** "Cannot generate ORC metadata for CONFIG_UNWINDER_ORC=y, please install libelf-dev, libelf-devel or elfutils-libelf-devel". Stop.

This patch introduces kernel.moduleBuildDependencies to avoid the logic "stdenv.lib.optional (stdenv.lib.versionAtLeast kernel.version "4.14") libelf" in multiple places.

[dezgeg did some minor tweaks on top]
2017-12-29 23:08:17 +02:00
Jörg Thalheim
40658a4886 rkt: needs libacl in LD_LIBRARY_PATH at runtime
Rkt opens libacl at runtime to apply acls to the journal directory.
2017-12-26 09:12:17 +01:00
Joachim F
e6542d0609
Merge pull request #32916 from jbedo/singularity-2.4
singularity: 2.2 -> 2.4
2017-12-25 13:30:42 +00:00
Orivej Desh
c3cfdc17bf
Merge pull request #32983 from flokli/virtualbox-5.2.4
virtualbox: 5.2.2 -> 5.2.4
2017-12-23 16:29:59 +00:00
Graham Christensen
b5a61f2c59
Revert "nixos: doc: implement related packages in the manual" 2017-12-23 07:19:45 -05:00
Florian Klink
eb12741c7a virtualbox: add license 2017-12-23 03:16:18 +00:00
Florian Klink
035dfacf43 virtualbox: add flokli as maintainer 2017-12-23 03:16:18 +00:00
Florian Klink
e2c6ea72a1 virtualbox: 5.2.2 -> 5.2.4 2017-12-23 03:16:18 +00:00
Arseniy Seroka
36e02645eb
Merge pull request #32424 from oxij/nixos/related-packages
nixos: doc: implement related packages in the manual
2017-12-23 03:34:58 +03:00
Justin Bedo
db927ea35b
singularity: 2.2 -> 2.4 2017-12-21 10:50:06 +11:00
volth
489d3e7d06 qemu: fix bin/qemu-kvm on aarch64 + minor fixes
* $out/bin/qemu-kvm should point to qemu-system-aarch64 on aarch64, libvirt expect it
 * makeWrapper codes are separated as some architectures might require additional command flags (https://github.com/NixOS/nixpkgs/issues/31606#issuecomment-349675127)
 * x86_64-on-i686 is not a native emulation and not supported by KVM, so it is removed from the list
2017-12-19 06:22:16 +02:00
Orivej Desh
24b7408881
Merge pull request #32703 from volth/patch-80
qemu: 2.10.1 -> 2.11.0
2017-12-17 02:23:17 +00:00
makefu
7d5692c9ed
neutron: rip
part of openstack cleanup
2017-12-15 16:08:37 +01:00
makefu
71767ee3c7
glance: rip
part of openstack cleanup
2017-12-15 16:08:10 +01:00
makefu
d3d94992cf
keystone: rip
part of openstack cleanup
2017-12-15 16:06:44 +01:00
volth
fbaa749621
qemu: 2.10.1 -> 2.11.0 2017-12-15 08:49:32 +00:00
makefu
5369400bb0
nova: rip
part of openstack cleanup
2017-12-13 18:16:29 +01:00
Andreas Rammhold
276683071b
xen: Added patches for XSA-248, XSA-249, XSA-250, XSA-251 2017-12-12 13:34:35 +01:00
Andreas Rammhold
834bdd25a3 xen: apply patches for XSA-246 & XSA-247 (CVE-2017-{17044,17045}) 2017-12-12 13:20:03 +01:00
John Doe
750a7c677b libvirt: remove xen dependency on aarch64 2017-12-11 19:46:05 +02:00
Tim Steinbach
0781951e75
docker: 17.09.0 -> 17.09.1 2017-12-10 14:16:27 -05:00
Jörg Thalheim
379907ca1a
Merge pull request #32394 from flokli/virtualbox-headless
virtualboxHeadless: fix build, cleanup buildInputs
2017-12-09 09:46:24 +00:00
Jan Malakhovski
7a92c2074d xen, qemu: passthru the path to qemu-system-i386 2017-12-07 21:27:32 +00:00
Florian Klink
7441e007b4 virtualbox: add docbook_xsl, docbook_xml_dtd_43
These threw warnings when building man pages.

Also move some buildInputs to nativeBuildInputs.
2017-12-07 01:55:58 +01:00
Florian Klink
c8ee4d0928 virtualbox: patch HostServices/SharedClipboard/x11-stub.cpp to use RT_NOREF
Signed-off-by: Florian Klink <flokli@flokli.de>
2017-12-07 01:46:18 +01:00
Frederik Rietdijk
a2adaf21f8
Merge pull request #32070 from adisbladis/virt-manager-1_4_3
virt-manager: 1.4.2 -> 1.4.3
2017-12-05 20:38:52 +01:00
Andreas Rammhold
d72974a207 qemu: apply patch for CVE-2017-17381
More details at [1].

[1] http://www.openwall.com/lists/oss-security/2017/12/05/2
2017-12-05 10:18:42 +01:00
Tuomas Tynkkynen
8c3b96e58c virtualbox: Broken on non-x86
https://hydra.nixos.org/build/65212946
2017-12-03 19:51:59 +02:00
Tuomas Tynkkynen
56ecf95468 open-vm-tools: Broken on non-x86
https://hydra.nixos.org/build/65049444
2017-12-03 19:51:58 +02:00
Antoine Eiche
268d3656db qemu: fix CVE-2017-15118
See https://lists.gnu.org/archive/html/qemu-devel/2017-11/msg05045.html
2017-11-29 11:19:50 +01:00
adisbladis
92edbb0a71
virt-manager: 1.4.2 -> 1.4.3 2017-11-26 18:41:41 +08:00
Tuomas Tynkkynen
3b2056536c qemu: Rename x86Only option to hostCpuOnly
And also make it work on ARM and Aarch64.
2017-11-26 11:13:20 +02:00
Tuomas Tynkkynen
eb3925ff62 qemu: Disable numactl on ARM
32-bit ARM doesn't do numa.
2017-11-26 11:13:20 +02:00
aszlig
e5c24abf3b
virtualbox: 5.2.0 -> 5.2.2
Upstream changes without issue IDs:

 * User interface: various improvements for high resolution screens
 * User interface: added functionality to duplicate optical and floppy
                   images
 * User interface: various improvements for the virtual media manager
 * VMM: fixed emulation so that Plan 9 guests can start once more (5.1.0
        regression)
 * Storage: fixed regression breaking iSCSI
 * Audio: added HDA support for more exotic guests (e.g. Haiku)
 * Serial: fixed hanging I/O when using named pipes on Windows (5.2.0
           regression)
 * Serial: fixed broken communication with certain devices on Linux
           hosts
 * USB/OHCI: improved behavior so that the controller state after a VM
             reset is closer to the initial state after VM start
 * EFI: fixed HFS+ driver which in rare cases failed to access most
        files on a volume
 * Shared clipboard: fixed hang with OS X host and Linux guest
 * Linux hosts: fixed kernel module compilation and start failures with
                Linux kernel 4.14
 * X11 hosts: better handle WM_CLASS setting
 * Linux guests: fixed kernel module compilation and other problems with
                 Linux kernel 4.14
 * Linux guests: fixed various 5.2.0 regressions
 * Bridged networking: fixed duplicate EtherType in VLAN/priority tags
                       on Linux (5.2.0 regression)

The full changelog including issue IDs can be found at:

https://www.virtualbox.org/wiki/Changelog

Aside from just bumping the version number I also had to strip 3 levels
of the paths included in the guest-additions patches, because the
version was hardcoded in there and the patches still apply as-is.

I've re-added the stripped path using patchFlags and the -d option of
the patch utility.

Tested this by running all of the tests in the "virtualbox" NixOS VM
test module, here is the URL to the finished evaluation on my Hydra:

https://headcounter.org/hydra/eval/380191

Signed-off-by: aszlig <aszlig@nix.build>
Cc: @NeQuissimus, @orivej, @etu, @vcunat
Issue: https://github.com/NixOS/nixpkgs/issues/31640
Issue: https://github.com/NixOS/nixpkgs/pull/31037
2017-11-24 23:10:57 +01:00
Tim Steinbach
44f1d45833
Merge pull request #31899 from NeQuissimus/docker_17_11
docker-edge: 17.10 -> 17.11
2017-11-22 13:05:49 +00:00
Tuomas Tynkkynen
91d2cf9642 lkl: Supports aarch64
ARMv6 and ARMv7 didn't work when I tried.
2017-11-22 00:01:13 +02:00
Tim Steinbach
3901f08f10
docker-edge: 17.10 -> 17.11 2017-11-21 09:23:48 -05:00
Periklis Tsirakidis
1434c5ed9c fixup! docker-cli: enable darwin support 2017-11-20 20:30:46 +01:00
Periklis Tsirakidis
4a2bd8ed14 fixup! docker-cli: enable darwin support 2017-11-20 20:16:08 +01:00
Periklis Tsirakidis
0f0ffa70a0 docker-cli: enable darwin support 2017-11-20 20:07:00 +01:00
Orivej Desh
4cc5d222ce bochs: fix build with glibc 2.26
Tracking issue: #31696
2017-11-16 13:00:28 +00:00
Orivej Desh
41e0d4b68d vpcs: fix build with glibc 2.26
Tracking issue: #31696
2017-11-16 12:30:39 +00:00
Tim Steinbach
dd53d0f1a0
virtualbox: 5.1.26 -> 5.2.0 2017-11-15 10:14:44 -05:00
Orivej Desh
b8cc69b31e lkl: 2017-10-18 -> 2017-11-10 2017-11-11 20:25:18 +00:00
Pascal Wittmann
24e87b49b6
Change many homepage urls from http to https #30636 2017-11-10 22:13:46 +01:00
adisbladis
849dd43891
tini: 0.13.1 -> 0.16.1 2017-11-11 01:54:57 +08:00
Vladimír Čunát
18aada9c4c
virtualbox: fixup build with glibc-2.26
Explanation:
https://www.linuxquestions.org/questions/slackware-14/sbo-scripts-not-building-on-current-read-1st-post-pls-4175561999/page46.html#post5753698
2017-11-08 10:00:32 +01:00
José Romildo Malaquias
62204a59c7
Merge branch 'master' into upd.lxqt 2017-11-02 10:27:39 -02:00
José Romildo Malaquias
82e75a0bac Merge branch 'upd.lxqt' of github.com:romildo/nixpkgs into upd.lxqt 2017-11-02 10:22:22 -02:00
José Romildo Malaquias
d9f9c0d0d1 qtermwidget: keep version 0.7.1, needed by virt-manager-qt 2017-11-02 10:15:48 -02:00
Peter Hoeg
7c83413a7d virtmanager-qt: 0.43.72 -> 0.45.75 2017-11-02 14:03:58 +08:00
Tim Steinbach
69050c7077
Merge pull request #30896 from NeQuissimus/xen_xsa
xen: 4.8.1 -> 4.8.2; apply XSAs
2017-10-31 07:03:23 -04:00
Herwig Hochleitner
2ede55a37b virtualbox: move extensionPack from meta to passthru 2017-10-29 02:03:46 +02:00
Tim Steinbach
54f8dfda53
xen: Create XSA patch directory 2017-10-28 10:19:12 -04:00
Herwig Hochleitner
e05135d80e virtualbox: expose extensionPack in meta
This way it can be added to system.extraDependencies to save it from gc
2017-10-28 15:10:34 +02:00
Franz Pletz
b3dc24c8c8
qemu: 2.9.1 -> 2.10.1 2017-10-25 17:49:35 +02:00
Wout Mertens
7144f88c48 open-vm-tools: Fix rebooting on NixOS 2017-10-23 13:59:37 +02:00
Vincent Laporte
1923cabeb4 ocamlPackages: default to 4.04 2017-10-19 17:57:14 +02:00
Tim Steinbach
606487e19c Merge pull request #30522 from NeQuissimus/docker_17_10
docker: add 17.10.0-ce
2017-10-19 07:39:50 -04:00
Joachim Fasting
a8a38feeeb
lkl: 2017-08-09 -> 2017-10-18
Based on linux 4.13
2017-10-18 22:11:37 +02:00
Tim Steinbach
de3d191b91
docker: add 17.10.0-ce 2017-10-18 08:25:25 -04:00
Tim Steinbach
7fa69c4e8c Merge pull request #30126 from NeQuissimus/rkt_1_29_0
rkt: 1.28.1 -> 1.29.0
2017-10-07 15:45:39 -04:00
Tim Steinbach
f192ce9730
rkt: 1.28.1 -> 1.29.0 2017-10-05 09:47:30 -04:00
Orivej Desh
fda26c8476 Merge branch 'master' into staging
* master: (271 commits)
  pysmbc: clarify license
  pysmbc: fix license
  bazel: 0.5.4 -> 0.6.0 (#29990)
  googler: init at 3.3
  go: declare support for aarch64
  firefox-beta-bin: 56.0b5 -> 57.0b4
  spotify: 1.0.64.401.g9d720389-21 -> 1.0.64.407.g9bd02c2d-26
  gogs: 0.11.19 -> 0.11.29
  grafana: 4.5.1 -> 4.5.2
  mopidy-iris: 3.4.1 -> 3.4.9
  nextcloud: 12.0.2 -> 12.0.3
  haskell-json-autotype: jailbreak to fix build within LTS 9.x
  kore: fix up
  kore: init at 2.0.0
  glusterfs service: fix issues with useRpcbind
  tig: 2.2.2 -> 2.3.0
  haskell-hspec-core: enable test suite again
  hackage-packages.nix: automatic Haskell package set update
  librsvg: fix thumbnailer path
  awscli: 1.11.108 -> 1.11.162
  ...
2017-10-02 00:22:12 +00:00
Franz Pletz
df86f19968
virt-what: init at 1.18 2017-09-29 00:07:37 +02:00
John Ericson
f037625f87 Merge remote-tracking branch 'upstream/staging' into deps-reorg 2017-09-28 12:32:57 -04:00
Franz Pletz
536ab403d4
qemu: 2.9.0 -> 2.9.1
Security and bugfix release.
2017-09-28 16:59:41 +02:00
Orivej Desh
f1ffca9ac6 docker: fix docker_17_06 build
Broken by #29843
2017-09-28 11:59:53 +02:00
Tim Steinbach
825e417457
docker: add 17.09.0-ce 2017-09-27 08:18:40 -04:00
Peter Hoeg
4f25b7b6b3 open-vm-tools: 10.1.0 -> 10.1.10 2017-09-25 09:41:29 +08:00
John Ericson
ed14223f8c treewide: Manual fix more pkg-config build-inputs 2017-09-21 15:49:54 -04:00
John Ericson
531e4b80c9 misc pkgs: Basic sed to get fix pkgconfig and autoreconfHook buildInputs
Only acts on one-line dependency lists.
2017-09-21 15:49:53 -04:00
Vincent Demeester
19ba982b40
runc: 1.0.0-rc3 -> 1.0.0-rc4
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2017-09-19 11:55:01 +02:00
Bjørn Forsman
67c70aa581 OVMF: add 'src' attribute
No functional change, but allows getting the source via the standard
attribute: `nix-build -A OVMF.src`.
2017-09-13 17:30:28 +02:00
Tuomas Tynkkynen
84544c5bc2 seabios: Only works on x86
https://hydra.nixos.org/build/60949790
2017-09-13 15:18:15 +03:00
Michael Weiss
6373c9606d vpcs: init at 0.8 2017-09-11 18:54:30 +02:00
Michael Weiss
1011c76598 dynamips: init at 0.2.17 2017-09-11 15:17:56 +02:00
Tim Steinbach
054ed6abc3 Merge pull request #29042 from NeQuissimus/docker_17_06_2
docker: 17.06.1-ce -> 17.06.2-ce
2017-09-06 15:04:22 -04:00
Tim Steinbach
8bd1a220d9
docker: 17.06.1-ce -> 17.06.2-ce 2017-09-05 19:57:29 -04:00
Jaka Hudoklin
3ca311d74d spice-vdagent: systemd-logind integration
This change adds systemd as dependency to enable user session
integration with systemd-logind
2017-09-03 16:14:17 +02:00
Heitham Omar
6dcc77bdb8 docker: add libseccomp to build 2017-08-30 20:28:43 +02:00
Tim Steinbach
693d2403f1 docker-edge: 17.06 -> 17.07 2017-08-30 13:04:45 +02:00
Tim Steinbach
52b56bf02d
containerd: 0.2.5 -> 0.2.9 2017-08-28 20:22:00 -04:00
Robin Gloster
815cffc3f2
docker-distribution: 2.6.0 -> 2.6.2 2017-08-28 12:54:41 +02:00
Jörg Thalheim
0f789e7a0c Merge pull request #28618 from lheckemann/edk2-2017
edk2: 2014-12-10 -> UDK2017
2017-08-28 11:03:47 +01:00
Linus Heckemann
f6afe064a0 edk2: 2014-12-10 -> UDK2017 2017-08-27 19:41:10 +01:00
Tim Steinbach
5b1134cb79
docker: 17.06.0-ce -> 17.06.1-ce 2017-08-18 16:39:43 -04:00
Matthew Bauer
725f7ca2ef coreboot: use https for homepage 2017-08-17 15:04:37 -07:00
Tim Jäger
0c1c3d2b99 qemu: fix HDA recording latency
Very long latency occurs for audio inputs when simulating an Intel HDA device.

Patch courtesy of Volker Rümeling.
https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg03336.html
2017-08-16 09:48:49 +02:00
Frederik Rietdijk
13bbaee21d Merge pull request #27881 from mimadrid/fix/http-https
Update homepage attributes: http -> https
2017-08-13 21:53:20 +02:00
Frederik Rietdijk
7ebcd39a0f Merge commit '4c49205' into HEAD 2017-08-13 18:34:59 +02:00
Franz Pletz
9ac5525f87
virtmanager: 1.4.1 -> 1.4.2 2017-08-12 11:05:22 +02:00
Joachim F
9dfc290027 Merge pull request #28045 from roberth/fix-xen-216-qemuu
xen-4.8: update changed patch hash
2017-08-11 20:08:52 +00:00
Domen Kožar
486e1c3c16 Merge pull request #27998 from davidak/macOS
replace "Mac OS X" and "OS X" with "macOS"
2017-08-11 13:01:36 +02:00
Robin Gloster
700f7614cd Partly revert "python.buildEnv: only wrap executables"
This partly reverts commit 4495bfe138.

The xen changes should not have been commited.

(cherry picked from commit 206a4c9aba)
2017-08-10 19:28:07 +02:00
Frederik Rietdijk
9f73f22c64 Merge commit 'b1f5305abd7b1b3d7ed180d9d00301da6e323e41' into HEAD 2017-08-10 19:26:16 +02:00
Robin Gloster
206a4c9aba
Partly revert "python.buildEnv: only wrap executables"
This partly reverts commit 4495bfe138.

The xen changes should not have been commited.
2017-08-10 12:55:46 +02:00
Frederik Rietdijk
b0c30f436e Merge remote-tracking branch 'upstream/master' into HEAD 2017-08-10 10:41:23 +02:00
Dan Peebles
ed55bdb501 lkl: 2017-06-27 -> 2017-08-09
Just bumping the package version to pick up a bugfix.

Fixes #28055
2017-08-09 14:23:27 +00:00
Robin Gloster
4495bfe138
python.buildEnv: only wrap executables 2017-08-09 15:07:03 +02:00
Robert Hensing
57506bbb28 xen-4.8: update changed patch hash 2017-08-08 17:40:50 +00:00
davidak
3270aa896b replace "Mac OS X" and "OS X" with "macOS"
as it is the official name since 2016

https://en.wikipedia.org/wiki/Macintosh_operating_systems#Desktop

exception are parts refering to older versions of macOS like

"GUI support for Mac OS X 10.6 - 10.12. Note that Emacs 23 and later [...]"
2017-08-07 21:41:30 +02:00
Tim Steinbach
d3203c7876 Merge pull request #27938 from NeQuissimus/rkt_1_28_1
rkt: 1.28.0 -> 1.28.1
2017-08-04 22:18:56 -04:00
Benno Fünfstück
268374cafe docker: update runc commit
This updates to the new runc as was also done upstream:

f3ef17e47d

In particular, it fixes an issue where output of interactive docker containers
would not reset correctly to the beginning of a line.
2017-08-04 23:04:08 +02:00
Tim Steinbach
92461b8f9c
rkt: 1.28.0 -> 1.28.1 2017-08-04 12:06:00 -04:00
mimadrid
09e0cc7cc7
Update homepage attributes: http -> https
Homepage link "http://.../" is a permanent redirect to "https://.../" and should be updated
https://repology.org/repository/nix_stable/problems
2017-08-03 11:56:15 +02:00
Silvan Mosberger
f5fa5fa4d6 pkgs: refactor needless quoting of homepage meta attribute (#27809)
* pkgs: refactor needless quoting of homepage meta attribute

A lot of packages are needlessly quoting the homepage meta attribute
(about 1400, 22%), this commit refactors all of those instances.

* pkgs: Fixing some links that were wrongfully unquoted in the previous
commit

* Fixed some instances
2017-08-01 22:03:30 +02:00
Frederik Rietdijk
740d76371e Merge commit 'ba68231273bea4cba01413fd2a0e56d68db9234c' into HEAD 2017-07-31 09:12:15 +02:00
Robin Gloster
88ca4724b2
virtualboxGuestAdditions: fix hash 2017-07-30 13:29:57 +02:00
Frederik Rietdijk
b2608b8910 Merge remote-tracking branch 'upstream/master' into HEAD 2017-07-29 13:08:11 +02:00
Tim Steinbach
321438d786
rkt: 1.27.0 -> 1.28.0 2017-07-29 00:16:44 -04:00
Franz Pletz
b116fa5ff2
Merge branch 'master' into staging 2017-07-28 16:08:30 +02:00
Tim Steinbach
147477b048
virtualbox: 5.1.24 -> 5.1.26
Fix #27666
2017-07-27 22:14:17 -04:00
John Ericson
9be40841ea Merge remote-tracking branch 'upstream/master' into staging-base
Conflicts:
	pkgs/build-support/cc-wrapper/default.nix
	pkgs/build-support/gcc-wrapper-old/builder.sh
	pkgs/build-support/trivial-builders.nix
	pkgs/desktops/kde-4.14/kde-package/default.nix
	pkgs/development/compilers/openjdk-darwin/8.nix
	pkgs/development/compilers/openjdk-darwin/default.nix
	pkgs/development/compilers/openjdk/7.nix
	pkgs/development/compilers/openjdk/8.nix
	pkgs/development/compilers/oraclejdk/jdk-linux-base.nix
	pkgs/development/compilers/zulu/default.nix
	pkgs/development/haskell-modules/generic-builder.nix
	pkgs/misc/misc.nix
	pkgs/stdenv/generic/builder.sh
	pkgs/stdenv/generic/setup.sh
2017-07-26 13:46:04 -04:00
Tim Steinbach
ee6edb8af5
virtualbox: 5.1.22 -> 5.1.24 2017-07-23 22:22:33 -04:00
Frederik Rietdijk
29f91c107f Merge remote-tracking branch 'upstream/master' into HEAD 2017-07-23 11:23:43 +02:00
Thomas Tuegel
fe800447c2
qemu: unset CPP
Commit 093cc00cdd sets the environment variable
`CPP' by default, but this interferes with dependency calculation.
2017-07-21 16:49:24 -05:00
Vincent Demeester
19325558f1 Fix docker packaging without sandbox
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2017-07-21 10:00:47 +02:00
AndersonTorres
a3aa0ba18b bochs: 2.6.8 -> 2.6.9 2017-07-15 08:53:15 -03:00
Vincent Demeester
ec570448a0
docker-ce: 17.03.02-ce -> 17.06.0-ce
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2017-07-10 09:58:32 +02:00
aszlig
12ee0fbd88
virtualbox: Add patch for Linux 4.12
Compiling the kernel modules on Linux 4.12 fails, so I've included an
upstream patch from:

https://www.virtualbox.org/changeset/66927/vbox

The patch is applied against the guest additions as well, where we need
to transform the patch a bit so that we get CR LF line endings (DOS
format), which is what is the case for the guest additions ISO.

I've tested this with all the subtests of the "virtualbox" NixOS VM
tests and they all succeed on x86_64-linux.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-07-04 20:08:42 +02:00
Joachim F
a8ba50db3e Merge pull request #26492 from michalpalka/new-xen
xen_4_8: init at 4.8.1
2017-06-30 20:27:04 +01:00
Tim Steinbach
4cc729644e Merge pull request #26867 from michalpalka/xen-security-2017.06-new
xen: patch for XSAs: 216, 217, 218, 219, 220, 221, 222, and 224
2017-06-28 22:43:46 -04:00
Tim Steinbach
fb8a66dcc9 Merge pull request #26945 from NeQuissimus/virtualbox_32bit
virtualbox: Add ability to disable 32-bit guest support
2017-06-28 22:32:12 -04:00
Tim Steinbach
312c2f7961
virtualbox: Add ability to disable 32-bit guest support 2017-06-28 22:24:19 -04:00
Joachim Fasting
0bc3429e77
lkl: 2017-03-24 -> 2017-06-27
Now based on Linux 4.11
2017-06-28 20:14:00 +02:00
Tim Steinbach
add90948bc
docker: 17.03.1-ce -> 17.03.2-ce 2017-06-28 12:49:59 -04:00
Michał Pałka
7b5d72ce04 xen: patch for XSAs: 216, 217, 218, 219, 220, 221, 222, and 224 (xen 4.8)
This commit contains security patches for xen 4.8. The patches
for XSA-216 applied to the kernel are omitted, as they are part of
80e0cda7ff.

XSA-216 Issue Description:

> The block interface response structure has some discontiguous fields.
> Certain backends populate the structure fields of an otherwise
> uninitialized instance of this structure on their stacks, leaking
> data through the (internal or trailing) padding field.

More: https://xenbits.xen.org/xsa/advisory-216.html

XSA-217 Issue Description:

> Domains controlling other domains are permitted to map pages owned by
> the domain being controlled.  If the controlling domain unmaps such a
> page without flushing the TLB, and if soon after the domain being
> controlled transfers this page to another PV domain (via
> GNTTABOP_transfer or, indirectly, XENMEM_exchange), and that third
> domain uses the page as a page table, the controlling domain will have
> write access to a live page table until the applicable TLB entry is
> flushed or evicted.  Note that the domain being controlled is
> necessarily HVM, while the controlling domain is PV.

More: https://xenbits.xen.org/xsa/advisory-217.html

XSA-218 Issue Description:

> We have discovered two bugs in the code unmapping grant references.
>
> * When a grant had been mapped twice by a backend domain, and then
> unmapped by two concurrent unmap calls, the frontend may be informed
> that the page had no further mappings when the first call completed rather
> than when the second call completed.
>
> * A race triggerable by an unprivileged guest could cause a grant
> maptrack entry for grants to be "freed" twice.  The ultimate effect of
> this would be for maptrack entries for a single domain to be re-used.

More: https://xenbits.xen.org/xsa/advisory-218.html

XSA-219 Issue Description:

> When using shadow paging, writes to guest pagetables must be trapped and
> emulated, so the shadows can be suitably adjusted as well.
>
> When emulating the write, Xen maps the guests pagetable(s) to make the final
> adjustment and leave the guest's view of its state consistent.
>
> However, when mapping the frame, Xen drops the page reference before
> performing the write.  This is a race window where the underlying frame can
> change ownership.
>
> One possible attack scenario is for the frame to change ownership and to be
> inserted into a PV guest's pagetables.  At that point, the emulated write will
> be an unaudited modification to the PV pagetables whose value is under guest
> control.

More: https://xenbits.xen.org/xsa/advisory-219.html

XSA-220 Issue Description:

> Memory Protection Extensions (MPX) and Protection Key (PKU) are features in
> newer processors, whose state is intended to be per-thread and context
> switched along with all other XSAVE state.
>
> Xen's vCPU context switch code would save and restore the state only
> if the guest had set the relevant XSTATE enable bits.  However,
> surprisingly, the use of these features is not dependent (PKU) or may
> not be dependent (MPX) on having the relevant XSTATE bits enabled.
>
> VMs which use MPX or PKU, and context switch the state manually rather
> than via XSAVE, will have the state leak between vCPUs (possibly,
> between vCPUs in different guests).  This in turn corrupts state in
> the destination vCPU, and hence may lead to weakened protections
>
> Experimentally, MPX appears not to make any interaction with BND*
> state if BNDCFGS.EN is set but XCR0.BND{CSR,REGS} are clear.  However,
> the SDM is not clear in this case; therefore MPX is included in this
> advisory as a precaution.

More: https://xenbits.xen.org/xsa/advisory-220.html

XSA-221 Issue Description:

> When polling event channels, in general arbitrary port numbers can be
> specified.  Specifically, there is no requirement that a polled event
> channel ports has ever been created.  When the code was generalised
> from an earlier implementation, introducing some intermediate
> pointers, a check should have been made that these intermediate
> pointers are non-NULL.  However, that check was omitted.

More: https://xenbits.xen.org/xsa/advisory-221.html

XSA-222 Issue Description:

> Certain actions require removing pages from a guest's P2M
> (Physical-to-Machine) mapping.  When large pages are in use to map
> guest pages in the 2nd-stage page tables, such a removal operation may
> incur a memory allocation (to replace a large mapping with individual
> smaller ones).  If this allocation fails, these errors are ignored by
> the callers, which would then continue and (for example) free the
> referenced page for reuse.  This leaves the guest with a mapping to a
> page it shouldn't have access to.
>
> The allocation involved comes from a separate pool of memory created
> when the domain is created; under normal operating conditions it never
> fails, but a malicious guest may be able to engineer situations where
> this pool is exhausted.

More: https://xenbits.xen.org/xsa/advisory-222.html

XSA-224 Issue Description:

> We have discovered a number of bugs in the code mapping and unmapping
> grant references.
>
> * If a grant is mapped with both the GNTMAP_device_map and
> GNTMAP_host_map flags, but unmapped only with host_map, the device_map
> portion remains but the page reference counts are lowered as though it
> had been removed. This bug can be leveraged cause a page's reference
> counts and type counts to fall to zero while retaining writeable
> mappings to the page.
>
> * Under some specific conditions, if a grant is mapped with both the
> GNTMAP_device_map and GNTMAP_host_map flags, the operation may not
> grab sufficient type counts.  When the grant is then unmapped, the
> type count will be erroneously reduced.  This bug can be leveraged
> cause a page's reference counts and type counts to fall to zero while
> retaining writeable mappings to the page.
>
> * When a grant reference is given to an MMIO region (as opposed to a
> normal guest page), if the grant is mapped with only the
> GNTMAP_device_map flag set, a mapping is created at host_addr anyway.
> This does *not* cause reference counts to change, but there will be no
> record of this mapping, so it will not be considered when reporting
> whether the grant is still in use.

More: https://xenbits.xen.org/xsa/advisory-224.html
2017-06-27 12:02:59 +00:00
Michał Pałka
9e6bfbb2f9 xen_4_8: init at 4.8.1
This commit adds the xen_4_8 package to be used instead of
xen (currently at 4.5.5):
 * Add packages xen_4_8, xen_4_8-slim and xen_4_8-light
 * Add packages qemu_xen_4_8 and qemu_xen_4_8-light to be used
   with xen_4_8-slim and xen_4_8-light respectively.
 * Add systemd to buildInputs of xen (it is required by oxenstored)
 * Adapt xen service to work with the new version of xen
 * Use xen-init-dom0 to initlilise dom0 in xen-store
 * Currently, the virtualisation.xen.stored option is ignored
   if xen 4.8 is used
2017-06-27 12:01:53 +00:00
Michał Pałka
80e0cda7ff xen: patch for XSAs: 216, 217, 218, 219, 220, 221, 222, and 224
XSA-216 Issue Description:

> The block interface response structure has some discontiguous fields.
> Certain backends populate the structure fields of an otherwise
> uninitialized instance of this structure on their stacks, leaking
> data through the (internal or trailing) padding field.

More: https://xenbits.xen.org/xsa/advisory-216.html

XSA-217 Issue Description:

> Domains controlling other domains are permitted to map pages owned by
> the domain being controlled.  If the controlling domain unmaps such a
> page without flushing the TLB, and if soon after the domain being
> controlled transfers this page to another PV domain (via
> GNTTABOP_transfer or, indirectly, XENMEM_exchange), and that third
> domain uses the page as a page table, the controlling domain will have
> write access to a live page table until the applicable TLB entry is
> flushed or evicted.  Note that the domain being controlled is
> necessarily HVM, while the controlling domain is PV.

More: https://xenbits.xen.org/xsa/advisory-217.html

XSA-218 Issue Description:

> We have discovered two bugs in the code unmapping grant references.
>
> * When a grant had been mapped twice by a backend domain, and then
> unmapped by two concurrent unmap calls, the frontend may be informed
> that the page had no further mappings when the first call completed rather
> than when the second call completed.
>
> * A race triggerable by an unprivileged guest could cause a grant
> maptrack entry for grants to be "freed" twice.  The ultimate effect of
> this would be for maptrack entries for a single domain to be re-used.

More: https://xenbits.xen.org/xsa/advisory-218.html

XSA-219 Issue Description:

> When using shadow paging, writes to guest pagetables must be trapped and
> emulated, so the shadows can be suitably adjusted as well.
>
> When emulating the write, Xen maps the guests pagetable(s) to make the final
> adjustment and leave the guest's view of its state consistent.
>
> However, when mapping the frame, Xen drops the page reference before
> performing the write.  This is a race window where the underlying frame can
> change ownership.
>
> One possible attack scenario is for the frame to change ownership and to be
> inserted into a PV guest's pagetables.  At that point, the emulated write will
> be an unaudited modification to the PV pagetables whose value is under guest
> control.

More: https://xenbits.xen.org/xsa/advisory-219.html

XSA-220 Issue Description:

> Memory Protection Extensions (MPX) and Protection Key (PKU) are features in
> newer processors, whose state is intended to be per-thread and context
> switched along with all other XSAVE state.
>
> Xen's vCPU context switch code would save and restore the state only
> if the guest had set the relevant XSTATE enable bits.  However,
> surprisingly, the use of these features is not dependent (PKU) or may
> not be dependent (MPX) on having the relevant XSTATE bits enabled.
>
> VMs which use MPX or PKU, and context switch the state manually rather
> than via XSAVE, will have the state leak between vCPUs (possibly,
> between vCPUs in different guests).  This in turn corrupts state in
> the destination vCPU, and hence may lead to weakened protections
>
> Experimentally, MPX appears not to make any interaction with BND*
> state if BNDCFGS.EN is set but XCR0.BND{CSR,REGS} are clear.  However,
> the SDM is not clear in this case; therefore MPX is included in this
> advisory as a precaution.

More: https://xenbits.xen.org/xsa/advisory-220.html

XSA-221 Issue Description:

> When polling event channels, in general arbitrary port numbers can be
> specified.  Specifically, there is no requirement that a polled event
> channel ports has ever been created.  When the code was generalised
> from an earlier implementation, introducing some intermediate
> pointers, a check should have been made that these intermediate
> pointers are non-NULL.  However, that check was omitted.

More: https://xenbits.xen.org/xsa/advisory-221.html

XSA-222 Issue Description:

> Certain actions require removing pages from a guest's P2M
> (Physical-to-Machine) mapping.  When large pages are in use to map
> guest pages in the 2nd-stage page tables, such a removal operation may
> incur a memory allocation (to replace a large mapping with individual
> smaller ones).  If this allocation fails, these errors are ignored by
> the callers, which would then continue and (for example) free the
> referenced page for reuse.  This leaves the guest with a mapping to a
> page it shouldn't have access to.
>
> The allocation involved comes from a separate pool of memory created
> when the domain is created; under normal operating conditions it never
> fails, but a malicious guest may be able to engineer situations where
> this pool is exhausted.

More: https://xenbits.xen.org/xsa/advisory-222.html

XSA-224 Issue Description:

> We have discovered a number of bugs in the code mapping and unmapping
> grant references.
>
> * If a grant is mapped with both the GNTMAP_device_map and
> GNTMAP_host_map flags, but unmapped only with host_map, the device_map
> portion remains but the page reference counts are lowered as though it
> had been removed. This bug can be leveraged cause a page's reference
> counts and type counts to fall to zero while retaining writeable
> mappings to the page.
>
> * Under some specific conditions, if a grant is mapped with both the
> GNTMAP_device_map and GNTMAP_host_map flags, the operation may not
> grab sufficient type counts.  When the grant is then unmapped, the
> type count will be erroneously reduced.  This bug can be leveraged
> cause a page's reference counts and type counts to fall to zero while
> retaining writeable mappings to the page.
>
> * When a grant reference is given to an MMIO region (as opposed to a
> normal guest page), if the grant is mapped with only the
> GNTMAP_device_map flag set, a mapping is created at host_addr anyway.
> This does *not* cause reference counts to change, but there will be no
> record of this mapping, so it will not be considered when reporting
> whether the grant is still in use.

More: https://xenbits.xen.org/xsa/advisory-224.html
2017-06-26 07:01:24 +00:00
Tim Steinbach
328617accd
rkt: 1.26.0 -> 1.27.0 2017-06-23 19:24:19 -04:00
aszlig
63fb845fcf
virtualbox: Rebase hardened.patch on top of 5.1.22
The merge of the version bump in
6fb9f89238 didn't take care of our patch
for the hardening mode and thus enabling VirtualBox without also
force-disabling hardening mode will result in a build error.

While the patch is largely identical with the old version, I've removed
one particular change around the following code:

    if (pFsObjState->Stat.st_mode & S_IWOTH)
        return supR3HardenedSetError3(VERR_SUPLIB_WORLD_WRITABLE, pErrInfo,
                                      "World writable: '", pszPath, "'");

In the old version of the patch we have checked whether the path is
within the Nix store and suppressed the error return if that's the case.

The reason why I did that in the first place was because we had a bunch
of symlinks which were writable.

In VirtualBox 5.1.22 the code specifically checks whether the file is a
symlink, so we can safely drop our change.

Tested via all of the "virtualbox" NixOS VM subtests and they now all
succeed.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-06-23 05:48:54 +02:00
Tim Steinbach
6fb9f89238 Merge pull request #25368 from bachp/virtualbox-5.1.22
virtualbox: 5.1.18 -> 5.1.22
2017-06-22 21:23:47 -04:00
Peter Hoeg
63011015b9 virtmanager-qt: 0.43.70.2 -> 0.43.72 2017-06-19 19:26:19 +08:00
Thomas Tuegel
c816bbc8a8
qt5: remove makeQtWrapper 2017-06-18 08:44:42 -05:00
Jörg Thalheim
f2e1e7f3cd Merge pull request #26503 from vdemeester/update-runc
Update runc to 1.0.0-rc3
2017-06-10 22:48:03 +01:00
Vincent Demeester
46b00e0b15
Update runc to 1.0.0-rc3
- Fix compilation problems
- Remove patches as those are included in the sources now

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2017-06-10 18:05:57 +02:00
Graham Christensen
7d8218a351 Merge pull request #26489 from michalpalka/xen-security
xen: patch for XSAs: 206, 211, 212, 213, 214 and 215
2017-06-09 09:31:42 -04:00
Michał Pałka
dd3dcceb23 xen: patch for XSAs: 206, 211, 212, 213, 214 and 215
XSA-206 Issue Description:

> xenstored supports transactions, such that if writes which would
> invalidate assumptions of a transaction occur, the entire transaction
> fails.  Typical response on a failed transaction is to simply retry
> the transaction until it succeeds.
>
> Unprivileged domains may issue writes to xenstore which conflict with
> transactions either of the toolstack or of backends such as the driver
> domain. Depending on the exact timing, repeated writes may cause
> transactions made by these entities to fail indefinitely.

More: https://xenbits.xen.org/xsa/advisory-206.html

XSA-211 Issue Description:

> When a graphics update command gets passed to the VGA emulator, there
> are 3 possible modes that can be used to update the display:
>
> * blank - Clears the display
> * text - Treats the display as showing text
> * graph - Treats the display as showing graphics
>
> After the display geometry gets changed (i.e., after the CIRRUS VGA
> emulation has resized the display), the VGA emulator will resize the
> console during the next update command. However, when a blank mode is
> also selected during an update, this resize doesn't happen. The resize
> will be properly handled during the next time a non-blank mode is
> selected during an update.
>
> However, other console components - such as the VNC emulation - will
> operate as though this resize had happened. When the display is
> resized to be larger than before, this can result in a heap overflow
> as console components will expect the display buffer to be larger than
> it is currently allocated.

More: https://xenbits.xen.org/xsa/advisory-211.html

XSA-212 Issue Description:

> The XSA-29 fix introduced an insufficient check on XENMEM_exchange
> input, allowing the caller to drive hypervisor memory accesses outside
> of the guest provided input/output arrays.

More: https://xenbits.xen.org/xsa/advisory-212.html

XSA-213 Issue Description:

> 64-bit PV guests typically use separate (root) page tables for their
> kernel and user modes.  Hypercalls are accessible to guest kernel
> context only, which certain hypercall handlers make assumptions on.
> The IRET hypercall (replacing the identically name CPU instruction)
> is used by guest kernels to transfer control from kernel mode to user
> mode.  If such an IRET hypercall is placed in the middle of a multicall
> batch, subsequent operations invoked by the same multicall batch may
> wrongly assume the guest to still be in kernel mode.  If one or more of
> these subsequent operations involve operations on page tables, they may
> be using the wrong root page table, confusing internal accounting.  As
> a result the guest may gain writable access to some of its page tables.

More: https://xenbits.xen.org/xsa/advisory-213.html

XSA-214 Issue Description:

> The GNTTABOP_transfer operation allows one guest to transfer a page to
> another guest.  The internal processing of this, however, does not
> include zapping the previous type of the page being transferred.  This
> makes it possible for a PV guest to transfer a page previously used as
> part of a segment descriptor table to another guest while retaining the
> "contains segment descriptors" property.
>
> If the destination guest is a PV one of different bitness, it may gain
> access to segment descriptors it is not normally allowed to have, like
> 64-bit code segments in a 32-bit PV guest.
>
> If the destination guest is a HVM one, that guest may freely alter the
> page contents and then hand the page back to the same or another PV
> guest.
>
> In either case, if the destination PV guest then inserts that page into
> one of its own descriptor tables, the page still having the designated
> type results in validation of its contents being skipped.

More: https://xenbits.xen.org/xsa/advisory-214.html

XSA-215 Issue Description:

> Under certain special conditions Xen reports an exception resulting
> from returning to guest mode not via ordinary exception entry points,
> but via a so call failsafe callback.  This callback, unlike exception
> handlers, takes 4 extra arguments on the stack (the saved data
> selectors DS, ES, FS, and GS).  Prior to placing exception or failsafe
> callback frames on the guest kernel stack, Xen checks the linear
> address range to not overlap with hypervisor space.  The range spanned
> by that check was mistakenly not covering these extra 4 slots.

More: https://xenbits.xen.org/xsa/advisory-215.html
2017-06-09 13:09:01 +00:00
Vladimír Čunát
cc9a72a286
virtualboxGuestAdditions: don't install setuid/setgid 2017-06-09 13:09:21 +02:00
Michał Pałka
965668903a xen: fix pygrub by making sure it is wrapped
Recent commit #c10af9e744c91dff1ccc07a52a0b57d1e4d339f3 changed the
behaviour of wrapPythonPrograms, which caused pygrub to no longer
being wrapped. This commit fixes this.
2017-06-09 06:22:03 +00:00
midchildan
7060a692c5
virtmanager: Fix python import error 2017-06-05 23:42:25 +09:00
Robin Gloster
13f2f8673b
OVMF: fix build
$fd for the output was overwritten during the build
2017-05-29 12:21:17 +02:00
Tim Steinbach
9237459d60
rkt: 1.25.0 -> 1.26.0 2017-05-25 18:13:54 -04:00
Joachim Fasting
49ecd62c08
lkl: split outputs
Breaking out lib allows users to link against lkl without pulling the
kitchen sink into their closure.
2017-05-24 01:07:26 +02:00
Joachim Fasting
e0b623a56d
lkl: break description into longDescription and a briefer descr 2017-05-24 01:07:24 +02:00
Joachim Fasting
8c8f40a128
lkl: d747073 -> 2017-03-24
- Moves to a more recent kernel (4.10, I think ...)
- API break re the previous version
- cptofs: fix root directory copy
- add support for disks with custom ops
- add LKL_HIJACK_NET_QDISC to configure qdisc policy
- add LKL_HIJACK_SYSCTL to configure sysctl values
2017-05-24 01:07:23 +02:00
Joachim Fasting
e983d4306e
lkl: bc & python are native build inputs 2017-05-24 01:07:22 +02:00
Joachim Fasting
e845495edb
lkl: add meta.homepage 2017-05-24 01:07:14 +02:00
Peter Hoeg
5b45342832 virtmanager-qt: 0.43.70 -> 0.43.70.2 2017-05-23 17:54:20 +08:00
Joachim F
07ceaa2ec8 Merge pull request #25896 from joachifm/ovmf
ovmf: split firmware image files
2017-05-21 14:48:29 +01:00
Joachim Fasting
874b81b31f
treewide: s,enableParallelBuild(s),enableParallelBuilding,g 2017-05-20 17:16:17 +02:00
Joachim Fasting
252dcd62f3
OVMF: separate output for ovmf binaries
OVMF{,CODE,VARS}.fd are now available in a dedicated fd output, greatly
reducing the closure in the common case where only those files are used (a
few MBs versus several hundred MBs for the full OVMF).

Note: it's unclear why `dontPatchELF` is now necessary for the build to
pass (on my end, at any rate) but it doesn't make much sense to run this
fixup anyway,

Note: my reading of xen's INSTALL suggests that --with-system-ovmf should
point directly to the OVMF binary.  As such, the previous invocation was
incorrect (it pointed to the root of the OVMF tree).  In any case, I have
only built xen with `--with-system-ovmf`, I have not tested it.

Fixes https://github.com/NixOS/nixpkgs/issues/25854
Closes https://github.com/NixOS/nixpkgs/pull/25855
2017-05-20 12:33:48 +02:00
Jörg Thalheim
618f9aa52c
docker-proxy: remove go references
related to #25861
2017-05-17 22:14:34 +01:00
Peter Hoeg
68f335c6cd virtmanager-qt: 0.42.67 -> 0.43.70 2017-05-14 11:21:51 +08:00
Vincent Demeester
398f6ed7d3
docker-edge: 17.04 to 17.05
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2017-05-09 10:11:05 +02:00
Frederik Rietdijk
ef4442e827 Python: replace requests2 with requests tree-wide
See f63eb58573

The `requests2` attribute now throws an error informing that `requests`
should be used instead.
2017-05-07 12:56:09 +02:00
Olegs Jeremejevs
670afd010c virt-manager: add requests as dependency 2017-05-07 12:15:19 +03:00
Frederik Rietdijk
95534bc4ee virtinst: do not depend on glanceclient
because its not a dependency and because its broken.
2017-05-07 10:02:33 +02:00
Frederik Rietdijk
e184e02e7a virt-manager: do not depend on glanceclient
because its not a dependency and because its broken.
2017-05-07 10:01:47 +02:00
Pascal Bach
c4a48600bf virtualbox: 5.1.18 -> 5.1.22 2017-04-30 22:55:23 +02:00
Michał Pałka
7c918ff7d4 virtualisation-xen: Fix xendomains startup
* Revert to using bash, not sh for the xendomains script to avoid syntax error
* Rewrite /bin/ls to ls in the xendomains script
2017-04-27 07:55:34 +00:00
Bjørn Forsman
ddb788b671 OVMF: get version number from edk2
OVMF is built from edk2 sources so that's where its version number comes
from (logically). The edk2 version number is 2014-12-10, so this change
only ensures the version numbers won't drift apart in the future. (There
is no hash change.)
2017-04-23 19:28:34 +02:00
Volth
1931ad0e2c qemu: 2.8.1 -> 2.9.0 2017-04-23 14:20:48 +02:00
Michael Raskin
f45f2fb67a Merge pull request #24549 from volth/qemu-2.8.1
qemu: 2.8.0 -> 2.8.1
2017-04-23 11:07:44 +02:00
Tim Steinbach
d95fb5f2ac Merge pull request #24632 from NeQuissimus/docker_17_04
docker-edge: init at 17.04
2017-04-05 20:51:14 -04:00
Tim Steinbach
1e589239b3
docker-edge: init at 17.04 2017-04-05 20:49:26 -04:00
Tim Steinbach
89188e2972
docker-distribution: 2.5.1 -> 2.6.0 2017-04-04 21:01:27 -04:00
Tim Steinbach
aefb9671bf
docker: 17.03.0 -> 17.03.1 2017-04-04 13:43:57 -04:00
Volth
160a84013e qemu: 2.8.0 -> 2.8.1 2017-04-02 00:21:56 +00:00
Franz Pletz
0018cd5a2d
libvirt packages: fix & clean up dependencies 2017-03-28 19:45:01 +02:00
Kosyrev Serge
0c3138e602 virtualbox: a more maintenance-free way of patching refs to dlopen()-affected dependencies 2017-03-28 01:32:11 +03:00
Nikolay Amiantov
52451067c7 virtualbox: wrap with Qt dependencies
Fixes GTK file open dialogs. Also make sure that linked applications really
exist, and update their list.
2017-03-28 00:29:40 +03:00
Franz Pletz
160fd7231e
virt-manager: needs file for building translations 2017-03-25 14:57:45 +01:00
volth
4e749683e6 virt-manager: 1.4.0 -> 1.4.1 (#24149) 2017-03-21 10:20:55 +01:00
Robin Gloster
07252dc83b
virtualbox: 5.1.14 -> 5.1.18 2017-03-20 16:05:20 +01:00
Michael Raskin
dfbd2dd659 Merge pull request #23624 from volth/virt-viewer-5.0
virt-viewer: 2.0 -> 5.0
2017-03-18 19:05:11 +01:00
Peter Hoeg
ee20e89644 virtmanager-qt: 0.39.60 -> 0.42.67 2017-03-18 12:32:49 +08:00
Tim Steinbach
f1c2d047ed Merge pull request #23872 from NeQuissimus/docker_17_03_0
docker: 1.13.1 -> 17.03.0-ce
2017-03-17 10:07:04 -04:00
Dan Peebles
dc61ff31a7 xhyve: update and fix to use our Hypervisor framework
(this is a cherry-picked version of f3b65f67d9,
which got reverted because it depended on my 10.11 frameworks, which were
flawed)
2017-03-14 22:38:35 -04:00
Tim Steinbach
aed4918795
docker: 1.13.1 -> 17.03.0-ce 2017-03-14 08:02:35 -04:00
Volth
d4294265fd virt-viewer: 2.0 -> 5.0 2017-03-14 04:54:11 +00:00
Joachim Fasting
d082a29c3a
runc: use removeReferencesTo 2017-03-11 15:17:36 +01:00
Joachim Fasting
c4fe196087
docker: use removeReferencesTo 2017-03-11 15:17:34 +01:00
Joachim Fasting
0c6a1eaa43
containerd: use removeReferencesTo 2017-03-11 15:17:32 +01:00
aszlig
0a7673d202
qemu_test: Rebase force-uid0-on-9p.patch
This reverts commit 3a4e2376e4.

The reverted commit caused the fix for CVE-2016-9602 not to be applied
for qemu_test because it conflicts with the force-uid0-on-9p.patch.

So with the rebase of the patch on top of the changes of the
CVE-2016-9602.patch, both patches no longer conflict with each other.

I've tested this with the "misc" NixOS test and it succeeds.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-03-11 15:16:49 +01:00
Franz Pletz
3a4e2376e4
qemu_test: don't apply patch for CVE-2016-9602
Both patches are conflicting. Keeping the vulnerability unpatched in qemu
binaries used for nixos test is tolerable.
2017-03-11 13:43:42 +01:00
Franz Pletz
621e7a9945
qemu: fetch vnc bugfix patch from debian
This version of the patch applies cleanly to the 2.8.0 release.
2017-03-11 09:32:48 +01:00
Franz Pletz
c512180f9c
qemu: add patches for multiple CVEs
New upstream patch function and patches for fixing a bug in the patch for
CVE-2017-5667 and the following security issues:

  * CVE-2016-7907
  * CVE-2016-9602
  * CVE-2016-10155
  * CVE-2017-2620
  * CVE-2017-2630
  * CVE-2017-5525
  * CVE-2017-5526
  * CVE-2017-5579
  * CVE-2017-5856
  * CVE-2017-5857
  * CVE-2017-5987
  * CVE-2017-6058
2017-03-11 08:14:29 +01:00
Peter Hoeg
bce352949e virtmanager-qt: init at 0.39.60 2017-03-10 11:08:19 +08:00
Jan Malakhovski
916fa0a610 xen: rewrite build expression to be more modular, support upstream qemu and seabios
Also:

* provides a bunch of build options
* documents build options config in longDescription
* provides a bunch of predefined packages and documents them some more
* sources' hashes stay the same
2017-03-05 13:59:28 +00:00
Jan Malakhovski
1c8940a2b8 qemu: add xen support 2017-03-05 13:59:28 +00:00
Jan Malakhovski
eff9b09fb7 qemu: separate usbredirSupport option out of spiceSupport option 2017-03-05 13:59:28 +00:00
Tuomas Tynkkynen
439facec2a lkl: Broken on i686
http://hydra.nixos.org/build/49534265
2017-03-02 03:59:31 +02:00
Alexey Shmalko
0d31a76813
virtualbox: fix build
The issue was caused by upgrading `qt` from `qt56` to `qt57`, which
now requires C++11.

For more info, see https://github.com/NixOS/nixpkgs/issues/23257.
2017-02-28 05:35:52 +02:00
Franz Pletz
6bafe64a20
qemu: apply patches for multiple CVEs
Fixes:

  * CVE-2017-2615
  * CVE-2017-5667
  * CVE-2017-5898
  * CVE-2017-5931
  * CVE-2017-5973

We are vulnerable to even more CVEs but those are either not severe like
memory leaks in obscure situations or upstream hasn't acknowledged the
patch yet.

cc #23072
2017-02-25 09:40:53 +01:00
Vladimír Čunát
145d3ea81c
Merge branch 'master' into staging 2017-02-22 17:47:49 +01:00
Vladimír Čunát
1d1dc2dcc3
open-vm-tools: fixup build with glibc-2.25 2017-02-22 16:54:07 +01:00
Graham Christensen
cc4919da89
xen: patch for XSAs: 197, 199, 207, 208, 209
XSA-197 Issue Description:

> The compiler can emit optimizations in qemu which can lead to double
> fetch vulnerabilities.  Specifically data on the rings shared
> between qemu and the hypervisor (which the guest under control can
> obtain mappings of) can be fetched twice (during which time the
> guest can alter the contents) possibly leading to arbitrary code
> execution in qemu.

More: https://xenbits.xen.org/xsa/advisory-197.html

XSA-199 Issue Description:

> The code in qemu which implements ioport read/write looks up the
> specified ioport address in a dispatch table.  The argument to the
> dispatch function is a uint32_t, and is used without a range check,
> even though the table has entries for only 2^16 ioports.
>
> When qemu is used as a standalone emulator, ioport accesses are
> generated only from cpu instructions emulated by qemu, and are
> therefore necessarily 16-bit, so there is no vulnerability.
>
> When qemu is used as a device model within Xen, io requests are
> generated by the hypervisor and read by qemu from a shared ring.  The
> entries in this ring use a common structure, including a 64-bit
> address field, for various accesses, including ioport addresses.
>
> Xen will write only 16-bit address ioport accesses.  However,
> depending on the Xen and qemu version, the ring may be writeable by
> the guest.  If so, the guest can generate out-of-range ioport
> accesses, resulting in wild pointer accesses within qemu.

More: https://xenbits.xen.org/xsa/advisory-199.html

XSA-207 Issue Description:

> Certain internal state is set up, during domain construction, in
> preparation for possible pass-through device assignment.  On ARM and
> AMD V-i hardware this setup includes memory allocation.  On guest
> teardown, cleanup was erroneously only performed when the guest
> actually had a pass-through device assigned.

More: https://xenbits.xen.org/xsa/advisory-207.html

XSA-209 Issue Description:

> When doing bitblt copy backwards, qemu should negate the blit width.
> This avoids an oob access before the start of video memory.

More: https://xenbits.xen.org/xsa/advisory-208.html

XSA-208 Issue Description:

> In CIRRUS_BLTMODE_MEMSYSSRC mode the bitblit copy routine
> cirrus_bitblt_cputovideo fails to check wethehr the specified memory
> region is safe.

More: https://xenbits.xen.org/xsa/advisory-209.html
2017-02-22 08:00:45 -05:00
Tim Steinbach
8b60413e95
rkt: 1.24.0 -> 1.25.0 2017-02-21 18:51:34 -05:00
Vladimír Čunát
3d600726b3
xen: fixup build with glibc-2.25 2017-02-21 18:26:52 +01:00
Benjamin Staffin
b42f820bdc Merge pull request #22745 from vdemeester/docker_1_13_1
docker: 1.13.0 -> 1.13.1
2017-02-14 11:47:40 -05:00
Parnell Springmeyer
9e36a58649
Merging against upstream master 2017-02-13 17:16:28 -06:00
Vincent Demeester
a50b4d0e03
docker: 1.13.0 -> 1.13.1
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2017-02-13 16:42:39 +01:00
Vladimír Čunát
31eba21d1d
virtualbox: force xorg-server-1.18 for now
This is getting a little hacky, but hopefully it won't break anything.
2017-02-12 21:07:49 +01:00
Tuomas Tynkkynen
a14ef4ad52 open-vm-tools: 10.0.7 -> 10.1.0
Also add an option to disable all the X11 stuff.
2017-02-10 20:12:00 +02:00
Christoph Hrdinka
de9720b65f
aqemu: init at 0.9.2 2017-02-10 12:48:29 +01:00
Dan Peebles
03cab2d923 ecs-agent: init at 1.14.0 2017-02-10 04:33:48 +00:00
Tim Steinbach
f65a3515f4
rkt: 1.23.0 -> 1.24.0 2017-02-05 11:51:05 -05:00
volth
762cc106b4 virt-top: init at 1.0.8 (#21536) 2017-02-04 16:07:45 +01:00
Pascal Bach
5ca3a7e56f virtualbox: remove upstream-info.json as it is no longer used
We keep the script as it might be useful in the future.
2017-02-02 21:11:08 +01:00
Pascal Bach
599df5e108 virtualbox: 5.1.10 -> 5.1.14 2017-02-02 21:10:01 +01:00
Eelco Dolstra
c20cc6d0b3
Excise use of importJSON
Putting information in external JSON files is IMHO not an improvement
over the idiomatic style of Nix expressions. The use of JSON doesn't
add anything over Nix expressions (in fact it removes expressive
power). And scattering package info over lots of little files makes
packages less readable over having the info in one file.
2017-01-30 11:44:08 +01:00
Parnell Springmeyer
6777e6f812
Merging with upstream 2017-01-29 05:54:01 -06:00
Parnell Springmeyer
4aa0923009
Getting rid of the var indirection and using a bin path instead 2017-01-29 04:11:01 -06:00
Parnell Springmeyer
e92b8402b0
Addressing PR feedback 2017-01-28 20:48:03 -08:00
Graham Christensen
f46c5b293b
qemu: 2.7 -> 2.8, drop 2.7 2017-01-26 20:23:40 -05:00
Parnell Springmeyer
a26a796d5c
Merging against master - updating smokingpig, rebase was going to be messy 2017-01-26 02:00:04 -08:00
Dan Peebles
ed83ec1b65 lkl: fix impure reference to /usr/bin/env 2017-01-25 21:30:59 +00:00
Parnell Springmeyer
bae00e8aa8
setcap-wrapper: Merging with upstream master and resolving conflicts 2017-01-25 11:08:05 -08:00
Tim Steinbach
6aae00edfc rkt: 1.22.0 -> 1.23.0 2017-01-23 17:56:46 +01:00
Vincent Demeester
d79fa8850a
Fixing the wrong Git Commit hash in docker version
`DOCKER_GITCOMMIT` needs to match the tagged commit used to build the
binary. The current commit refers to 1.12.1 and wasn't update each
time we updated the package. Using a variable near the version and
adding a comment so we don't forget to update next time.

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2017-01-23 10:32:17 +01:00
Jaka Hudoklin
4884fa4502 Merge pull request #20656 from vdemeester/docker_1_13
Update to docker 1.13.x
2017-01-21 12:19:06 +01:00
Vladimír Čunát
6b6553c768
Merge branch 'staging'
It contains security updates.  I somehow forgot to push this yesterday.
2017-01-20 16:33:59 +01:00
Michael Raskin
ac27b9d836 Merge pull request #22001 from nlewo/qemu-cve
Qemu CVEs
2017-01-20 11:28:14 +00:00
Antoine Eiche
9f1514f086 qemu: fix several CVEs
- CVE 2016-9845
- CVE-2016-9846
- CVE-2016-9907
- CVE-2016-9912
2017-01-20 11:09:02 +01:00
Antoine Eiche
0bd3f82a67 qemu: fix the url of patch for CVE-2016-9921 and CVE-2016-9922 2017-01-20 11:02:22 +01:00
Vincent Demeester
74d4d3e4f9
docker: 1.12.6 -> 1.13.0
- Update docker version to 1.13.0.
- Introduce now docker-proxy package (from libnetmork).
- Use overrideDerivation to set the correct version for docker.
- Update tini to make sure we can build it static.

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2017-01-18 21:33:37 +01:00
Vladimír Čunát
0dc43ab9d6
virt-manager: fixup evaluation to unbreak Hydra
The package itself is probably still broken.  /cc @fridh e94d9cdfaa
2017-01-18 16:07:25 +01:00
Vladimír Čunát
40003aa2ed
Merge branch 'master' into staging 2017-01-18 15:54:04 +01:00
Dan Peebles
3ab26fdb70 lkl: update to d7470730 2017-01-17 18:40:58 +00:00
Dan Peebles
f1a9bc356e lkl: init 2017-01-16 21:24:32 +00:00
Tim Steinbach
490c109928
rkt: 1.21.0 -> 1.22.0 2017-01-11 17:27:19 -05:00
Frederik Rietdijk
e94d9cdfaa virtmanager: use python2 2017-01-11 18:25:10 +01:00
Franz Pletz
260d97ca25
runc: add patches to fix CVE-2016-9962 2017-01-11 12:11:29 +01:00
Franz Pletz
0aa4931671
runc: 2016-06-15 -> 1.0.0-rc2 2017-01-11 10:59:27 +01:00
Franz Pletz
4df30fc74f
containerd: 0.2.3 -> 0.2.5 2017-01-11 10:59:26 +01:00
Franz Pletz
cb07316773
docker: 1.12.5 -> 1.12.6
Fixes CVE-2016-9962.
2017-01-11 10:59:24 +01:00
Graham Christensen
f5ca9a4212
Merge branch 'roundup-15' 2016-12-28 21:04:51 -05:00
Antoine Eiche
bc63738c6f
qemu: fix CVE-2016-9921 and CVE-2016-9922 2016-12-28 20:37:00 -05:00
Antoine Eiche
a5dd311208
qemu: fix CVE-2016-9911 2016-12-28 20:36:53 -05:00
Michael Raskin
442623e499 qemu_28: init at 2.8.0; not updating the main Qemu expression yet because there were some claims about NixOS test fragility 2016-12-28 15:04:51 +01:00
Graham Christensen
4e6c7faf36
xen: patch for many XSAs
- XSA-190
 - XSA-191
 - XSA-192
 - XSA-193
 - XSA-195
 - XSA-196
 - XSA-198
 - XSA-200
 - XSA_202
 - XSA-204
2016-12-21 14:37:47 -05:00
Daiderd Jordan
49e3190efa
Revert "xhyve: update and fix to use our Hypervisor framework"
This reverts commit f3b65f67d9.
2016-12-20 13:02:27 +01:00
Eelco Dolstra
8a0843c3c4
qemu-kvm: Mark the version for tests
(cherry picked from commit d58a4ec1ba77e390c53c09ba6198b78f8568d495)
2016-12-20 10:52:46 +01:00
Dan Peebles
f3b65f67d9 xhyve: update and fix to use our Hypervisor framework 2016-12-19 19:47:24 -05:00
aszlig
c5e5dccd13
Merge pull request #21201 (VirtualBox 5.1.10)
This brings VirtualBox to the latest upstream version, which also fixes
building the modules against kernel 4.9.0.

Tested against all the the "virtualbox" subtests on x86_64-linux.
2016-12-17 15:46:06 +01:00
Tim Steinbach
a5a98290b7
docker: 1.12.3 -> 1.12.5 2016-12-16 08:57:08 -05:00
aszlig
38ea64e867
qemu_test: Make chown() calls to the store a no-op
The "misc" NixOS test is using Nix to query the store and it tries to
change the ownership of it while doing so.

This fails if Nix is not in a seccomp-sandboxed userid namespace, so
let's make chown() a no-op when applied to store paths.

Fixes the misc test (and possibly future tests) on older Nix versions.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-12-16 13:06:25 +01:00