Commit Graph

5901 Commits

Author SHA1 Message Date
Jörg Thalheim
87e1c49298
android-udev-rules: 20170106 -> 20170109 2017-01-09 13:40:31 +01:00
Jörg Thalheim
adbcb37db5
android-udev-rules: 20161014 -> 20170106 2017-01-08 23:40:40 +01:00
Michael Raskin
9653be493a firejail: 0.9.44.2 -> 0.9.44.4 2017-01-08 13:58:24 +01:00
Joachim Fasting
d6ff445f10
grsecurity: 4.8.15-201612301949 -> 4.8.16-201701062021 2017-01-07 08:01:41 +01:00
Tim Steinbach
c1d20ea50c
kernel: 4.9.0 -> 4.9.1 2017-01-06 16:15:18 -05:00
Tim Steinbach
ecf87b11f2
kernel: 4.8.15 -> 4.8.16 2017-01-06 16:15:02 -05:00
Tim Steinbach
8fda707027
kernel: 4.4.39 -> 4.4.40 2017-01-06 16:14:30 -05:00
Vladimír Čunát
07bf828bd9
Merge branch 'staging'; security /cc #21642 2017-01-06 16:32:47 +01:00
Jörg Thalheim
ca0d747d6d Merge pull request #21578 from Mic92/zfs
zfs: add unstable variant
2017-01-05 12:52:56 +01:00
Jason A. Donenfeld
1ba9a3cd9b wireguard: 0.0.20161230 -> 0.0.20170105
Version bump that contains some new tools.

fixes #21666
2017-01-05 10:38:58 +00:00
Jörg Thalheim
4029470a6f
zfs: add unstable variant
Until now nixos only delivered the latest zfs release. This release is often not
compatible with the latest mainline kernel. Therefor an unstable variant is
added, which might be based on testing releases or git revisions.

fixes #21359
2017-01-05 08:40:50 +01:00
Franz Pletz
08d1f28818
Revert "iproute: remove broken fan patch"
This reverts commit 0d5a5307be because it
breaks evaluation. See #21561.
2017-01-04 22:30:55 +01:00
Jörg Thalheim
0779fdb3e4 Merge pull request #21561 from Mic92/iproute
iproute: remove broken fan patch
2017-01-04 21:47:54 +01:00
Daiderd Jordan
27660cfdc0
Merge branch 'master' into staging 2017-01-04 01:42:26 +01:00
Alexander Kahl
61d125b842 sssd: init at 1.14.2
perlPackages.TextWrapI18N: init at 0.06
perlPackages.Po4a: init at 0.47
jade: init at 1.2.1
ding-libs: init at 0.6.0

Switch nscd to no-caching mode if SSSD is enabled.

abbradar: disable jade parallel building.

Closes #21150
2017-01-04 03:07:20 +03:00
Daiderd Jordan
6158604d8a Merge pull request #21603 from abuibrahim/master
ofp: init at 2.0.0
2017-01-04 00:12:58 +01:00
Ruslan Babayev
f3e2feb057 ofp: init at 2.0.0 2017-01-03 10:28:46 -08:00
Tim Steinbach
92d0a977d9 Merge pull request #21614 from NeQuissimus/busybox_1_26_1
busybox: 1.25.1 -> 1.26.1
2017-01-03 13:09:35 -05:00
Tim Steinbach
9bd93ac6e0
busybox: 1.25.1 -> 1.26.1 2017-01-03 08:40:32 -05:00
Tuomas Tynkkynen
2a4c8313e4 linux_testing: 4.10-rc1 -> 4.10-rc2 2017-01-03 13:51:23 +02:00
Michael Raskin
237629a090 eudev: 3.2 -> 3.2.1 2017-01-02 20:18:49 +01:00
Michael Raskin
11bfe01846 firejail: 0.9.42 -> 0.9.44.2 2017-01-02 20:18:47 +01:00
Balletie
66c745e30d
pommed-light: init at 1.50lw 2017-01-02 19:40:43 +01:00
Jörg Thalheim
1fa75a5bb7
sysdig: 0.12.0 -> 0.13.0 2017-01-02 08:10:47 +01:00
Daiderd Jordan
5a67b130b9
Merge branch 'master' into staging 2017-01-02 00:54:17 +01:00
Ruslan Babayev
1bead81275 pktgen: fix runtime paths
The Lua and lscpu path substitution got accidentally removed in
with commit 605b8095ca
2017-01-01 15:44:21 -08:00
Jörg Thalheim
f3052035ee
wireguard: 0.0.20161223 -> 0.0.20161230
fixes #21572
2017-01-01 21:24:33 +01:00
Jörg Thalheim
db8c9ef3ff
bcc: git-2016-08-30 -> 0.2.0 2017-01-01 10:29:17 +01:00
Joachim Fasting
75ce714818
grsecurity: 4.8.15-201612151923 -> 201612301949 2017-01-01 06:01:04 +01:00
Jörg Thalheim
0d5a5307be
iproute: remove broken fan patch 2017-01-01 05:17:53 +01:00
Ruslan Babayev
605b8095ca pktgen: 3.0.13 -> 3.1.0 2016-12-31 16:43:11 -08:00
Ruslan Babayev
aeb41bbf75 odp-dpdk: 2016-08-16 -> 1.12.0.0 2016-12-31 16:23:47 -08:00
Ruslan Babayev
dd45691fe0 dpdk: 16.07 -> 16.07.2 2016-12-31 16:22:52 -08:00
Vladimír Čunát
6bded45883
flex: 2.6.1 -> 2.6.3
This resolves some warnings and errors introduced in 2.6.x.
2016-12-30 23:17:08 +01:00
Aneesh Agrawal
652a87018b
googleAuthenticator: 1.0 -> 1.03 2016-12-30 06:49:17 -05:00
Eelco Dolstra
bbd03e236a
Use looser 9pfs caching in VM tests/builds
This can give significant speed ups, see
7e20254412.
2016-12-29 21:26:16 +01:00
Robin Gloster
3fcdbedbef
iproute: 4.8.0 -> 4.9.0 2016-12-29 02:52:55 +01:00
Franz Pletz
1cbb04e72e
iproute: 4.7.0 -> 4.8.0 2016-12-29 02:52:55 +01:00
Robin Gloster
3e8bb7237d
cryptsetup: 1.7.1 -> 1.7.3 2016-12-29 02:52:54 +01:00
Franz Pletz
c2a979fbfd
cryptsetup: 1.7.0 -> 1.7.1 2016-12-29 02:52:54 +01:00
Nikolay Amiantov
cdf306909f udev182: remove 2016-12-29 00:11:40 +03:00
Nikolay Amiantov
a36a2412ee libudev0-shim: init at 1 2016-12-29 00:11:40 +03:00
Tuomas Tynkkynen
45338a3077 fuse: Minor cleanup 2016-12-28 17:37:10 +02:00
Franz Pletz
c6bcc485de
linux_4_8: add patch to fix CVE-2016-9919 2016-12-28 06:35:11 +01:00
Tuomas Tynkkynen
5ba7f33e3a linux_testing: 4.9-rc8 -> 4.10-rc1 2016-12-27 01:35:10 +02:00
Tuomas Tynkkynen
e60bb86d00 kexectools: 2.0.13 -> 2.0.14
ARM patch is included upstream now.
2016-12-26 18:54:34 +02:00
Michael Raskin
2c616b0473 xf86-input-wacom: 0.32.0 -> 0.34.0 2016-12-25 22:56:32 +01:00
aszlig
6af6cec8b2
Revert "thin-provisioning-tools: init at 0.6.1"
This reverts commit 55b18ac486.

There is already a "thin-provisioning-tools" package (see
cd1ec18b42).

Although this one was committed earlier, I'm reverting it because it's
not only older, but it's unreferenced within <nixpkgs>.

Apart from that the packaging of the other package is of higher
packaging quality (maintainer and license, doesn't use "descriptionS",
uses autoreconfHook).

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @globin, @dwe11er, @jagajaga
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-12-25 02:05:49 +01:00
Tuomas Tynkkynen
0e3b56c7b9 alsa-lib: Remove unnecessary crossAttrs
It's breaking the cross build.
2016-12-24 22:41:32 +02:00
Jörg Thalheim
c98f3ffea8
wireguard: 0.0.20161218 -> 0.0.20161223 2016-12-24 13:55:32 +01:00
Frederik Rietdijk
9f6bd82364 nvidia-x11: 375.20 -> 375.26 2016-12-23 10:57:28 +01:00
Graham Christensen
3ffb5ba60c
linux:3.18.44 -> 3.18.45 2016-12-21 21:08:47 -05:00
Graham Christensen
53e21529d4
linux:3.12.68 -> 3.12.69 2016-12-21 21:08:47 -05:00
Jason A. Donenfeld
77588ca442 wireguard: 20161209 -> 20161218 (#21288) 2016-12-22 03:04:55 +01:00
Joachim Fasting
6758d157d2
multipath-tools: ensure gzip does not capture timestamp
gzip is originally called as 'gzip -9 -c'

This is a port of
a8e7ddd1df

Note that it does not seem to make a difference to `nix-build --check`.
2016-12-20 15:31:55 +01:00
Rok Garbas
b7cfbf96d6 tp_smapi: updateScript added 2016-12-18 16:45:33 +01:00
Franz Pletz
eb559d2b07
batman-adv: 2016.4 -> 2016.5 2016-12-18 05:23:38 +01:00
aszlig
ffe71cbe19
kexec-tools: Add patch to fix build on ARM
Building on ARM fails with the following error:

kexec/arch/arm/phys_to_virt.o kexec/arch/arm/phys_to_virt.c
kexec/arch/arm/phys_to_virt.c:3:26: fatal error: phys_to_virt.h: No such file or directory

The patch I'm using is from Fedora:

http://pkgs.fedoraproject.org/cgit/rpms/kexec-tools.git/tree/kexec-tools-2.0.13-fix-armv7-build-failure.patch?id=97581f1a435aafa298a4d0bbcfaf40c63a41ce92

It has been reported upstream as well:

http://lists.infradead.org/pipermail/kexec/2016-September/017352.html

I'm adding the patch for all architectures, so that the next person to
upgrade kexec-tools doesn't forget that even while on x86.

Tested building with i686-linux, x86_64-linux and armv7l-linux.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-12-18 04:49:39 +01:00
Tim Steinbach
0e8e4a08f3
linux: 4.8.14 -> 4.8.15 2016-12-16 08:16:45 -05:00
Tim Steinbach
cb9ff3f7f9
linux: 4.4.38 -> 4.4.39 2016-12-16 08:16:22 -05:00
Joachim Fasting
f0e77cd07d
grsecurity: 4.8.14-201612110933 -> 4.8.15-201612151923 2016-12-16 12:46:44 +01:00
Franz Pletz
a4586f87dc
wireguard: 20161129 -> 20161209 2016-12-16 12:16:39 +01:00
Will Dietz
be24f1d364 musl: 1.1.11 -> 1.1.15, add security patch. (#21023) 2016-12-16 11:32:28 +01:00
Jörg Thalheim
4714ca8b56 kexec-tools: 2.0.12 -> 2.0.13 (#21158)
also fix kexec by removing faulty hardeningFlags
2016-12-15 20:48:03 +01:00
Graham Christensen
01d022e16b Merge pull request #21118 from grahamc/fix-rsa-build-failure
linux_{4_8,grsec_nixos}: patch to fix build failure
2016-12-13 09:15:50 -05:00
Joachim Fasting
d918c80e13
grsecurity: disable verbose initify
Not as useful/informative as I had hoped.
2016-12-13 15:12:34 +01:00
Graham Christensen
7a813d3f6d
linux_{4_8,grsec_nixos}: patch to fix build failure
crypto/rsa_helper.c:18:28: fatal error: rsapubkey-asn1.h: No such file or directory
2016-12-13 07:25:46 -05:00
Jörg Thalheim
7c8d4cd9a9
wireguard: 0.0.20161116.1 -> 0.0.20161129 2016-12-12 14:41:43 +01:00
Shea Levy
f6daae391f linux: add 4.9 2016-12-11 19:33:05 -05:00
Joachim Fasting
601058e0e2
grsecurity: 4.8.13-201612082118 -> 4.8.14-201612110933 2016-12-11 19:09:16 +01:00
Tim Steinbach
f576c490e3
linux: 4.4.37 -> 4.4.38 2016-12-10 15:18:52 -05:00
Tim Steinbach
b69822c505
linux: 4.8.13 -> 4.8.14 2016-12-10 15:15:44 -05:00
Tuomas Tynkkynen
bdab6fe5a1 kernel: Use built-in dtbs_install target instead of rolling our own
In particular, on aarch64 all the .dtb files will be in subdirectories
and *.dtb won't match anything.
2016-12-10 20:24:08 +02:00
Franz Pletz
9074d9859e
linux: add patch to fix CVE-2016-8655
See https://lwn.net/Articles/708319/ for more information.
2016-12-10 17:08:42 +01:00
Frederik Rietdijk
033525c6b8 dstat: fix bad interpreter: No such file 2016-12-10 14:21:51 +01:00
Bjørn Forsman
2077385421 kernel: enable CONFIG_DYNAMIC_DEBUG (like Fedora and Ubuntu)
It was useful in tracking down CIFS + DFS issue, and it's apparently
enabled by default in two major distros.
2016-12-10 00:01:21 +02:00
Bjørn Forsman
d429520b13 kernel: add CONFIG_CIFS_* like Fedora, Ubuntu
The plan is to fix mounting DFS shares on NixOS (for which some of these
options are needed), but I figured it might be a good idea to enable all
CONFIG_CIFS_* like Fedora 24 and Ubuntu 16.04 while at it. Ubuntu even
has CONFIG_CIFS_SMB311, but as Fedora do not, I left it out.

Mounting DFS shares still doesn't work; need to configure cifs.upcall
and /etc/request-key.conf. Until then, using GVFS as a workaround.
2016-12-10 00:01:21 +02:00
Bjørn Forsman
fc6d82cf76 cifs-utils: add 'talloc' to buildInputs, to build cifs.upcall
Fixes this ./configure symptom:

  configure: WARNING: talloc.h not found, consider installing libtalloc-devel. Disabling cifs.upcall.

and is needed to (eventually) fix CIFS + DFS kernel mount on NixOS.
2016-12-10 00:01:21 +02:00
Joachim Fasting
d1a5dc0b1c
grsecurity: 4.8.12-201612062306 -> 4.8.13-201612082118 2016-12-09 15:31:02 +01:00
Joachim Fasting
9a63779d64
grsecurity: use upstream url as the primary source 2016-12-09 15:31:00 +01:00
Joachim Fasting
ca7cc96ee8
grsecurity: enable PAX_INITIFY
Uses gcc plugin to detect more instances where memory used during init
can be freed.
2016-12-09 15:30:40 +01:00
Tim Steinbach
bfffbb5ea6
linux: 4.8.12 -> 4.8.13 2016-12-09 08:27:11 -05:00
Tim Steinbach
e861a5f7af
linux: 4.4.36 -> 4.4.37 2016-12-09 08:26:46 -05:00
Joachim Fasting
af1202434a
ndiswrapper: mark as broken
Build fails across all our kernels.  There is a new version 1.60, but
it, too, fails to build.  Until somebody comes along to patch around it,
we might as well mark this as broken.
2016-12-08 23:12:32 +01:00
Joachim Fasting
5fd4ffe00f
grsecurity: 4.8.12-201612031658 -> 201612062306 2016-12-08 12:22:13 +01:00
Dmytro Rets
e8220d3264
Update broadcom URL for broadcom-sta driver. 2016-12-08 11:50:31 +02:00
Tim Steinbach
c9d1d430ec
linux: 4.9-rc7 -> 4.9-rc8 2016-12-05 19:40:11 -05:00
Joachim Fasting
9578299bbe
grsecurity: 4.8.11-201611271225 -> 4.8.12-201612031658 2016-12-06 01:24:32 +01:00
Joachim Fasting
cc396697a6
grsecurity: enable ability to lock in readonly mounts 2016-12-06 01:24:12 +01:00
Joachim Fasting
0e765c72e5
grsecurity: enable module hardening 2016-12-06 01:23:58 +01:00
Joachim Fasting
071fbcda24
grsecurity: enable optional sysfs restrictions
Fairly severe, but can be disabled at bootup via
grsec_sysfs_restrict=0. For the NixOS module we ensure that it is
disabled, for systemd compatibility.
2016-12-06 01:23:36 +01:00
Joachim Fasting
8c1f5afdf3
grsecurity: delay toggling of sysctls until system is up
We generally trust init, so there's little point in having these enabled
during early bootup; it accomplishes little except fill our logs with
spam.
2016-12-06 01:22:53 +01:00
Tuomas Tynkkynen
9ccc14b1bc linux_rpi: Add some feature flags
Copied from linux_4_4 (except for the EFI stub thing).

Otherwise the firewall module fails to evaluate:
Failed assertions:
- This kernel does not support rpfilter
2016-12-04 18:18:06 +02:00
Jörg Thalheim
e00632e200 Merge pull request #20858 from Mic92/lxcfs
lxcfs: init at 2.0.4
2016-12-04 11:33:07 +01:00
Tim Steinbach
4f8b74b401 Merge pull request #20866 from NeQuissimus/linux_4_8_12
linux: 4.8.11 -> 4.8.12
2016-12-02 18:28:46 -05:00
Tim Steinbach
853b6493c8
linux: 4.8.11 -> 4.8.12 2016-12-02 14:29:00 -05:00
Tim Steinbach
654f5df5dc
linux: 4.4.35 -> 4.4.36 2016-12-02 14:28:26 -05:00
Jörg Thalheim
af609b0254
lxcfs: init at 2.0.4 2016-12-02 13:52:03 +01:00
Tim Steinbach
5afc6b506c
linux: 4.1.35 -> 4.1.36 2016-12-01 20:34:02 -05:00
Joachim F
85ecde87c8 Merge pull request #20804 from danbst/fix-shadow
shadow: fix collision with coreutils (man groups.1.gz)
2016-12-01 23:08:30 +01:00
danbst
ac51528df8 shadow: fix collision with coreutils (man groups.1.gz)
The `groups.1.gz` collides with one from coreutils. The code to fix this
was already present in expression, but wrongly assumes that share/man/man1
directory will be copied to `man` output after `installPhase`.

It turned out, that man directory is set at configure step, so we should
remove file from `man` output.
2016-11-30 01:44:28 +02:00
Tim Steinbach
18a3225dac
linux: 3.12.67 -> 3.12.68 2016-11-29 17:40:17 -05:00
Tuomas Tynkkynen
8a4d6516ee Merge remote-tracking branch 'upstream/staging' into master 2016-11-30 00:34:23 +02:00
Franz Pletz
e43f2fc868
Revert "lxc: 2.0.4 -> 2.0.6"
This reverts commit 5d804566df.

This was an error on my part. I had the commit sitting on my local master
and pulled upstream to rebase my commit before pushing. I didn't notice
there was a commit bumping lxc and the auto-merge on the rebase.
2016-11-29 15:42:37 +01:00
Matt McHenry
f0bdca82c0 linuxPackages.ati_drivers_x11: patch for kernel 4.7+ (#19810) 2016-11-28 19:56:50 +01:00
Franz Pletz
5d804566df
lxc: 2.0.4 -> 2.0.6
Fixes CVE-2016-8649.

See https://lists.linuxcontainers.org/pipermail/lxc-users/2016-November/012597.html.
2016-11-28 19:04:42 +01:00
Alexander V. Nikolaev
a8eeef62e6 lxc: 2.0.4 -> 2.0.6 (security)
https://security-tracker.debian.org/tracker/CVE-2016-8649
2016-11-28 15:17:06 +02:00
Alexander V. Nikolaev
121da5e938 lxc: fix sandbox builds
Package attempt to write /etc/bash_completion.d, I directed it to
"${out}/etc/bash_completion.d" as it was suggested.
2016-11-28 15:17:05 +02:00
Joachim Fasting
5da1394a58
Revert "gradm: fix using gradm while the RBAC system is active"
This reverts commit fdbf7dc8b3.

Unfortunately, while gradm now works when the RBAC system is enabled,
gradm still fails when full system learning is enabled, so I probably
need to try again later.
2016-11-28 11:41:12 +01:00
Joachim Fasting
b90ed0cc80
grsecurity: 4.8.10-201611232213 -> 4.8.11-201611271225 2016-11-28 11:41:10 +01:00
Joachim Fasting
4c7323545b
Revert "grsecurity: work around for #20490"
This reverts commit e38b74ba89.

I failed to notice f19c961b4e461da045f2e72e73701059e5117be0; better
use that fix instead.
2016-11-28 11:40:55 +01:00
Tim Steinbach
eecf76eaa2
linux: 4.9-rc6 -> 4.9-rc7 2016-11-27 19:48:24 -05:00
Tuomas Tynkkynen
86ea3126bc linux_rpi: 1.20160620 -> 1.20161020 2016-11-28 00:24:00 +02:00
Tuomas Tynkkynen
25d6bfa258 raspberrypifw: 1.20160620 -> 1.20161020 2016-11-28 00:23:40 +02:00
Tim Steinbach
b47307bd74
linux: 4.8.10 -> 4.8.11 2016-11-26 16:29:23 -05:00
Tim Steinbach
cc77360bed
linux: 4.4.34 -> 4.4.35 2016-11-26 16:28:58 -05:00
Jörg Thalheim
01172c2ccf Merge pull request #20591 from NeQuissimus/linux_4_9_rc6
linux: 4.9-rc5 -> 4.9-rc6
2016-11-26 16:00:16 +01:00
Vladimír Čunát
925b335607
Merge branch 'master' into staging 2016-11-26 11:27:09 +01:00
Frederik Rietdijk
231cd277df nvidia-x11: 367.57 -> 375.20 2016-11-26 09:31:10 +01:00
Joachim Fasting
fdbf7dc8b3
gradm: fix using gradm while the RBAC system is active
The built-in ACL prevents the gradm binary from loading dynamic
libraries from the Nix store.  Thus, once the RBAC system is activated,
the gradm binary cannot be used.

Fix by patching in rules to allow references to the Nix store where
appropriate.
2016-11-26 02:59:35 +01:00
Frederik Rietdijk
6a8c708d6d cryptsetup: use python2 2016-11-24 22:28:04 +01:00
Frederik Rietdijk
d8b0096704 dstat: use python2 2016-11-24 22:28:03 +01:00
Joachim Fasting
f9d787c67b
grsecurity: 4.8.10-201611210813 -> 201611232213 2016-11-24 12:08:12 +01:00
Nikolay Amiantov
be95ceaff2 treewide: quote URLs in my packages 2016-11-24 01:17:52 +03:00
Franz Pletz
7974d7493a
linux: compress kernel image with xz 2016-11-23 02:24:13 +01:00
Tim Steinbach
e4a1b76457
linux: 4.8.9 -> 4.8.10 2016-11-21 18:07:17 -05:00
Tim Steinbach
d62069aca4
linux: 4.4.33 -> 4.4.34 2016-11-21 18:06:57 -05:00
Joachim Fasting
96194467e6
grsecurity: 4.8.8-201611150756 -> 4.8.10-201611210813 2016-11-21 23:15:14 +01:00
Tim Steinbach
f6bbc6c477
linux: 4.9-rc5 -> 4.9-rc6 2016-11-20 17:23:32 -05:00
Joachim Fasting
6d428242a9
linuxPackages.spl: now builds against grsecurity kernel 2016-11-20 23:01:34 +01:00
Joachim Fasting
0df3553a38
paxtest: 0.9.14 -> 0.9.15 2016-11-20 23:01:31 +01:00
Joachim Fasting
32c71c06d2
pax-utils: 1.1.6 -> 1.1.7 2016-11-20 23:01:28 +01:00
Pascal Wittmann
f7e0bc2ae7
Make all meta.maintainers attributes lists 2016-11-20 18:06:03 +01:00
Franz Pletz
1fec301ac5
zfs: remove zfs-tests
Removes runtime dependency on gcc and reduces closure size by more than 110MB.
2016-11-20 04:49:42 +01:00
Franz Pletz
94731510c4
wireguard: 0.0.20161110 -> 0.0.20161116.1 2016-11-20 04:48:56 +01:00
Tim Steinbach
13491f9f48 Merge pull request #20552 from NeQuissimus/linux_4_8_9
linux: 4.8.8 -> 4.8.9
2016-11-19 09:03:00 -05:00
Tim Steinbach
d3b8a77834
linux: 4.4.32 -> 4.4.33 2016-11-19 08:56:31 -05:00
Tim Steinbach
250224bf01
linux: 4.8.8 -> 4.8.9 2016-11-19 08:55:57 -05:00
Vladimír Čunát
b69f568f4c
Merge branch 'staging'
Hydra rebuild looks fine; only a few Darwin jobs is queued:
http://hydra.nixos.org/eval/1304891?compare=1304807
2016-11-19 04:35:51 +01:00
Joachim Fasting
e38b74ba89
grsecurity: work around for #20490
In `scripts/Makefile.modinst`, the code that generates the list of
modules to install passes file names via the command line.  When
installing a grsecurity kernel, this list appears to exceed the
shell's argument list limit, as in

    make[2]: execvp: /nix/store/[...]-bash-4.3-p46/bin/bash: Argument list too long

The build does not fail, however, but the list of modules to be installed ends
up being empty.  Thus, the resulting kernel package output contains no modules,
rendering it useless.

We work around this by patching the makefile to use `find -exec` to
process files.  Why this would occur for grsecurity and not other
kernels is unknown, most likely there's something *else* that is
actually causing this behaviour, so this is a temporary fix until that
cause is found.

Fixes https://github.com/NixOS/nixpkgs/issues/20490
2016-11-18 16:14:26 +01:00
Vladimír Čunát
8b565d6478
Merge #20081: update alsa lib, plugins and utils 2016-11-17 11:26:00 +01:00
Franz Pletz
ba73dbbda6
batman-adv: 2016.3 -> 2016.4 2016-11-17 08:14:18 +01:00
Tim Steinbach
a4cd6f1378 Merge pull request #20441 from NeQuissimus/linux_4_4_32
linux: 4.4.31 -> 4.4.32
2016-11-15 17:49:00 -05:00
Tim Steinbach
819884119c Merge pull request #20439 from NeQuissimus/linux_4_8_8
linux: 4.8.7 -> 4.8.8
2016-11-15 17:48:07 -05:00
Joachim Fasting
0d4e1b5edd
grsecurity: 4.8.7-201611142350 -> 4.8.8-201611150756 2016-11-15 22:57:25 +01:00
Tim Steinbach
24c342fde7
linux: 4.4.31 -> 4.4.32 2016-11-15 12:31:27 -05:00
Tim Steinbach
9e851d3b11
linux: 4.8.7 -> 4.8.8 2016-11-15 12:30:55 -05:00
Joachim Fasting
afab1a948e
grsecurity: 4.8.7-201611102210 -> 201611142350 2016-11-15 13:11:47 +01:00
Franz Pletz
c9bd751a16 Merge pull request #20405 from Mic92/wireguard
wireguard: 2016-10-25 -> 0.0.20161110
2016-11-15 01:54:17 +01:00
Thomas Tuegel
ad7d59c59f Merge pull request #20369 from asymmetric/bluez
bluez: 5.40 -> 5.43
2016-11-14 15:27:41 -06:00
Tim Steinbach
f7fd568678 Merge pull request #20413 from NeQuissimus/linux_4_9_rc5
linux: 4.9-rc4 -> 4.9-rc5
2016-11-14 10:05:20 -05:00
Tim Steinbach
a87c8ad05f
linux: 4.9-rc4 -> 4.9-rc5 2016-11-14 09:40:27 -05:00
Tim Steinbach
91ae568ec7
broadcom_sta: Fix hash 2016-11-14 09:36:06 -05:00
Jörg Thalheim
c0f9bc9b4e
wireguard: 2016-10-25 -> 0.0.20161110 2016-11-14 09:29:58 +01:00
Joachim Fasting
cad9212813
grsecurity: 4.7.10-201611011946 -> 4.8.7-201611102210 2016-11-14 00:16:19 +01:00
Vladimír Čunát
1ac5869907
Merge #19936: vulkan / amdgpu-pro update 2016-11-13 20:06:40 +01:00
David McFarland
3d4a280c35 amdgpu-pro: 16.30.3-315407 -> 16.40-348864 2016-11-13 12:44:28 -04:00
David McFarland
e1a25aeb65 amdgpu-pro: fix kernel module for linux-4.8 2016-11-13 12:44:28 -04:00
David McFarland
6bf27c2cae vulkan-loader: allow validation layers to be enabled
The loader now uses XDK_DATA_DIRS to find drivers and layers.
2016-11-13 12:44:27 -04:00
Lorenzo Manacorda
b83c0783d3 bluez: 5.40 -> 5.43 2016-11-12 18:12:10 +01:00
Joachim Fasting
081a871771
Revert "Merge pull request #20302 from spacekitteh/patch-10"
This reverts commit e02173c70c, reversing
changes made to c2b4a0d266.

Breaks all grsec packages; Not having binary substitutes for no good
reason is disruptive to my workflow, so I'll just revert this for now.
2016-11-12 14:02:20 +01:00
Tim Steinbach
e02173c70c Merge pull request #20302 from spacekitteh/patch-10
grsecurity_testing: 4.7.10 -> 4.8.7
2016-11-11 22:03:39 -05:00
Sophie Taylor
fa180d0d63 grsec: 4.8.6 -> 4.8.7 2016-11-12 12:54:47 +10:00
Tim Steinbach
c2b4a0d266 Merge pull request #20327 from NeQuissimus/linux_4_9_rc4
linux: 4.9-rc3 -> 4.9-rc4
2016-11-11 18:11:02 -05:00
Tim Steinbach
52cc30cd87 Merge pull request #20326 from NeQuissimus/linux_3_12_67
linux: 3.12.66 -> 3.12.67
2016-11-11 18:10:16 -05:00
Tim Steinbach
933dfca167 Merge pull request #20322 from NeQuissimus/linux_4_8_7
linux: 4.8.6 -> 4.8.7
2016-11-10 21:12:06 -05:00
Tim Steinbach
ad19b9bde5
linux: 4.9-rc3 -> 4.9-rc4 2016-11-10 21:08:28 -05:00
Tim Steinbach
0a1f39eb91
linux: 4.8.6 -> 4.8.7 2016-11-10 21:07:56 -05:00
Tim Steinbach
579f5fd9dd
linux: 4.4.30 -> 4.4.31 2016-11-10 21:07:24 -05:00
Tim Steinbach
cc62ecc2d9
linux: 3.12.66 -> 3.12.67 2016-11-10 21:06:54 -05:00
Tuomas Tynkkynen
74ecbbe4e3 kernel config: Ensure SECCOMP_FILTER is enabled
As noted in a97db109a2, SECCOMP_FILTER must be enabled or systemd gets
very unhappy.
2016-11-11 02:10:20 +02:00
Peter Hoeg
cb93b34999 SMB2 support for CIFS
[tuomas: removed unneeded kernel version check]
Signed-off-by: Tuomas Tynkkynen <tuomas@tuxera.com>
2016-11-11 02:10:20 +02:00
Sophie Taylor
6476f11f40 grsecurity patch update to kernel 4.8.6 2016-11-10 12:44:22 +10:00
Tim Digel
4a7cf195a4 molly-guard: init at 0.6.3 2016-11-09 14:39:44 +01:00
Tobias Geerinckx-Rice
ea301adfd1
pagemon: 0.01.08 -> 0.01.10 2016-11-09 02:24:50 +01:00
Tobias Geerinckx-Rice
11dacb7e2c
mcelog: 142 -> 144 2016-11-09 02:24:45 +01:00
Kjetil Ørbekk
0d5caf138a tpacpi-bat: init at 3.0 (#20213) 2016-11-08 02:46:34 +01:00
Guillaume Maudoux
eb9d126d2c linux_mptcp: 0.91 -> 0.91.2 2016-11-07 14:15:33 +01:00
Joachim Fasting
ae5d404509
lttng-modules: 2.8.0 -> 2.8.3
Fixes build against linux >=4.8

Full changelog at
https://git.lttng.org/?p=lttng-tools.git;a=blob_plain;f=ChangeLog;hb=13dc409a5ea439b96b805c3c71886a3fcfad18e8

Tested with nix-build -A linuxPackages.lttng-modules -A linuxPackages_latest.lttng-modules
2016-11-06 13:57:34 +01:00
Lorenzo Manacorda
98fb9ded4e light: 0.9 -> 1.0 (#20193)
Update to version 1.0
2016-11-06 03:47:22 +01:00
Tobias Geerinckx-Rice
cd2d81ab52
mcelog: 138 -> 142 2016-11-05 18:44:10 +01:00
Tim Steinbach
cc7c28332b
Remove ttysnoop
No longer exists
2016-11-04 11:18:52 -04:00
Tim Steinbach
20c2980640
Remove cryopid
No longer builds / exists
2016-11-03 21:43:17 -04:00
Yochai Meir
e70560ff98 rtl8812au: compiles on linux 4.8 2016-11-03 19:53:37 +02:00
Bjørn Forsman
a6283c1126 devmem2: init at 2004-08-05
A simple program to read/write from/to any location in memory.

Unfortunately the homepage doesn't have a versioned source code download
URL. On the other hand, the program is pretty stable, with no change for
the last 12 years...
2016-11-03 15:44:56 +01:00
Joachim Fasting
d9b5cd41c5
grsecurity: 4.7.10-201610262029 -> 201611011946 2016-11-03 13:55:23 +01:00
Bart Brouns
af0f12299b alsa-utils: 1.1.0 -> 1.1.2 2016-11-02 13:07:28 +01:00
Bart Brouns
01fe648552 alsa-plugins: 1.1.0 -> 1.1.1 2016-11-02 13:07:21 +01:00
Bart Brouns
2e1871fdd9 alsa-lib: 1.1.1 -> 1.1.2 2016-11-02 13:07:15 +01:00
Tim Steinbach
874abe694a
linux: 4.8.5 -> 4.8.6 2016-11-01 08:58:53 -04:00
Shea Levy
2dbaf3a336 lksctp-tools: init at 1.0.17 2016-11-01 07:28:41 -04:00
Eelco Dolstra
ef1a188e07 linux: 4.4.28 -> 4.4.30 2016-11-01 11:31:00 +01:00
Franz Pletz
cbd4c9f78b
iputils: install manpage for traceroute6 2016-10-31 14:33:59 +01:00
Moritz Ulrich
7e4c7d6af0 wpa_supplicant_gui: Add forgotten patch. 2016-10-30 22:29:44 +01:00
Moritz Ulrich
19bdc31ed6 wpa_supplicant_gui: Replace inkscape with imagemagick in build process. 2016-10-30 22:28:08 +01:00
Vladimír Čunát
3be635b9b5
Merge linux kernel maintenance updates
PRs: #19995 #19996 #19997
2016-10-30 17:29:43 +01:00
Jörg Thalheim
c1b0ec5266
android-udev-rules: 20160805 -> 20161014 2016-10-30 17:05:11 +01:00
Tim Steinbach
f154459cf4
linux: 4.9-rc2 -> 4.9-rc3 2016-10-30 10:30:07 -04:00
Tim Steinbach
1af5b2a80c
linux: 4.4.27 -> 4.4.28 2016-10-30 10:29:37 -04:00
Tim Steinbach
8073430d95
linux: 4.8.4 -> 4.8.5 2016-10-30 10:28:55 -04:00
Tim Steinbach
4a70445fff Merge pull request #19903 from carlsverre/update/sysdig
sysdig: 0.10.0 -> 0.12.0
2016-10-27 14:10:39 -04:00
Tim Steinbach
81b0db3915 Merge pull request #19910 from NeQuissimus/busybox_1_25_1
busybox: 1.24.2 -> 1.25.1
2016-10-27 12:47:46 -04:00
Tim Steinbach
a5c1985fef
busybox: 1.24.2 -> 1.25.1 2016-10-27 09:31:21 -04:00
Joachim Fasting
dfdaea1240
grsecurity: 4.7.10-201610222037 -> 201610262029 2016-10-27 15:03:27 +02:00
Graham Christensen
2f3b62375f Merge pull request #19891 from NeQuissimus/kernel_4_9_rc2
kernel: 4.9-rc1 -> 4.9-rc2
2016-10-27 08:36:23 -04:00
Graham Christensen
ad2deee7d1 Merge pull request #19894 from NeQuissimus/kernel_3_18_44
kernel: 3.18.42 -> 3.18.44
2016-10-27 08:36:17 -04:00
Graham Christensen
c654ec0f25 Merge pull request #19893 from NeQuissimus/kernel_3_12_66
kernel: 3.12.63 -> 3.12.66
2016-10-27 08:36:10 -04:00
Graham Christensen
00e2bc22db Merge pull request #19890 from NeQuissimus/kernel_3_10_104
kernel: 3.10.103 -> 3.10.104
2016-10-27 08:35:54 -04:00
Tim Steinbach
b86310fccf wpa_supplicant: 2.5 -> 2.6 (#19913) 2016-10-27 13:57:56 +02:00
Tim Steinbach
b02646f93b
kernel: 3.18.42 -> 3.18.44 2016-10-26 19:23:43 -04:00
Tim Steinbach
e5e84ecbbd
kernel: 3.12.63 -> 3.12.66 2016-10-26 19:17:46 -04:00
Tim Steinbach
e4773819f4
kernel: 3.10.103 -> 3.10.104 2016-10-26 19:13:21 -04:00
Vladimír Čunát
6404a30afb
Merge #19892: kernel: 4.1.33 -> 4.1.35 2016-10-26 22:11:30 +02:00
Carl Sverre
96a3e00929 sysdig: 0.10.0 -> 0.12.0 2016-10-26 11:19:41 -07:00
Franz Pletz
6e17ee638c
wireguard: 2016-10-01 -> 2016-10-25 2016-10-26 16:49:52 +02:00
Tim Steinbach
e9a5cf3f6f
kernel: 4.9-rc1 -> 4.9-rc2 2016-10-26 09:11:00 -04:00
Tim Steinbach
89cd922a6a
kernel: 4.1.33 -> 4.1.35 2016-10-26 09:04:37 -04:00
Frederik Rietdijk
7077a270bf Merge remote-tracking branch 'upstream/master' into HEAD 2016-10-26 13:06:43 +02:00
Tim Steinbach
b3f7d626c1
kernel: remove 4.7 2016-10-24 21:30:00 -04:00
Joachim Fasting
5440c1a64c
grsecurity: 4.7.9-201610200819 -> 4.7.10-201610222037
Notably, this pulls in the dirtycow fix from upstream (but I've been
unable to execute the POC exploits on grsec kernels without that fix
...)
2016-10-23 17:14:40 +02:00
Tim Steinbach
a3989b87df Merge pull request #19772 from NeQuissimus/linux_4_8_4
linux: 4.8.3 -> 4.8.4
2016-10-22 12:14:59 -04:00
Tim Steinbach
72d91f95cb Merge pull request #19771 from NeQuissimus/linux_4_7_10
linux: 4.7.9 -> 4.7.10
2016-10-22 12:14:26 -04:00
Tim Steinbach
8d0ca31849
linux: 4.8.3 -> 4.8.4 2016-10-22 12:11:37 -04:00
Tim Steinbach
adbe0e0a13
linux: 4.7.9 -> 4.7.10 2016-10-22 12:11:09 -04:00
Tim Steinbach
4489454b83
linux: 4.4.26 -> 4.4.27 2016-10-22 12:10:34 -04:00
Frederik Rietdijk
e56832d730 Merge remote-tracking branch 'upstream/master' into HEAD 2016-10-22 17:23:24 +02:00
Joachim Fasting
ed5d146e9d
grsecurity: 4.7.7-201610101902 -> 4.7.9-201610200819 2016-10-21 01:50:53 +02:00
Vladimír Čunát
4d5b893002 Merge #19081: gnome-3.22
Also master commits are brought in.
2016-10-20 23:04:10 +02:00
Vladimír Čunát
fabfb0a900 Merge #19725: kernel: 4.7.8 -> 4.7.9 2016-10-20 19:45:25 +02:00
Tim Steinbach
963804ba8e
kernel: 4.7.8 -> 4.7.9 2016-10-20 13:08:53 -04:00
Tim Steinbach
0c3e5217fc
kernel: 4.8.2 -> 4.8.3 2016-10-20 13:06:03 -04:00
Eelco Dolstra
76a57d83b5 linux: 4.4.25 -> 4.4.26 2016-10-20 13:37:19 +02:00
Tim Steinbach
dac481d999 Merge pull request #19648 from NeQuissimus/linux_4_7_8
linux_4_7: 4.7.7 -> 4.7.8
2016-10-19 14:48:47 -04:00
Tim Steinbach
84e4dcb34b Merge pull request #19649 from NeQuissimus/linux_4_8_2
linux_4_8: 4.8.1 -> 4.8.2
2016-10-19 14:38:11 -04:00
Tim Steinbach
70c8de0536 Merge pull request #19652 from NeQuissimus/linux_4_9_rc1
linux_testing: 4.8-rc6 -> 4.9-rc1
2016-10-19 14:35:21 -04:00
Eelco Dolstra
13f43c7ebc linux: 4.4.24 -> 4.4.25 2016-10-19 17:11:53 +02:00
Tuomas Tynkkynen
59f12d9394 kernel config: Add some filesystem options
Enable encryption support for both F2FS and ext4. For ext4 this is a bit
tricky, since pre-4.8 the way to enable it as a module was just
"EXT4_ENCRYPTION=m" but after that it changed to "FS_ENCRYPTION=m &&
EXT4_ENCRYPTION=y".

Also make sure UDF is enabled.
2016-10-19 16:44:08 +03:00
Frederik Rietdijk
58c41ecd35 crda: use python2 2016-10-18 23:16:08 +02:00
Frederik Rietdijk
e9f8ee3ab4 iotop: use python2 2016-10-18 23:14:35 +02:00
Tuomas Tynkkynen
ba42683e9a libselinux: Fix ARM build failure
Avoid this warning (which is in turn an error via -Werror):
````
avc_internal.c: In function 'avc_netlink_receive':
avc_internal.c:105:25: error: cast increases required alignment of target type [-Werror=cast-align]
 struct nlmsghdr *nlh = (struct nlmsghdr *)buf;
                        ^
````

The code allocates abuffer with "__attribute__ ((aligned))",
then passes it via a 'char*' parameter, which is then finally cast,
causing the warning. So the code is ok but compiler is not smart
enough to see it.

It seems that -Wcast-align is a no-op on x86, so this shows up on ARM
only.
2016-10-18 23:54:29 +03:00
Tim Steinbach
51c9c2f851
linux_testing: 4.8-rc6 -> 4.9-rc1 2016-10-18 11:19:46 -04:00
Tim Steinbach
0acfbaa5b2
linux_4_8: 4.8.1 -> 4.8.2 2016-10-18 10:13:02 -04:00
Tim Steinbach
55adff59f1
linux_4_7: 4.7.7 -> 4.7.8 2016-10-18 10:12:26 -04:00
Graham Christensen
3bd1e62a6d Merge pull request #19578 from grahamc/facetimehd
facetimehd: 2016-05-02 -> 2016-10-09
2016-10-17 17:11:18 -04:00
Jörg Thalheim
756a6949f8 Merge pull request #19603 from aneeshusa/adopt-google-authenticator
[WIP] Adopt google authenticator
2016-10-16 22:06:40 +02:00
Nikolay Amiantov
40547dd4c4 cachefilesd: init at 0.10.9 2016-10-16 19:58:29 +03:00
Aneesh Agrawal
31b4fcd0b7 google-authenticator: adopt package 2016-10-16 12:42:51 -04:00
Graham Christensen
634a098940
linuxPackages.nvidia_x11: Remove us prefix from mirror
At the time of the last upgrade, the new driver wasn't available on
anything but their US mirror. Pinning to the US mirror isn't
recommended or preferable, but I did it anyway to be able to get the
upgrade out.
2016-10-16 11:08:17 -04:00
Graham Christensen
37bc2c0bbf
broadcom-sta: Support linux-4.8 2016-10-15 08:06:30 -04:00
Graham Christensen
2525a3d682
facetimehd: 2016-05-02 -> 2016-10-09 2016-10-15 07:42:08 -04:00