If running NixOS inside a container where the host's root-owned files
and directories have been mapped to some other uid (like nobody), the
ssh daemon fails to start, producing this error message:
fatal: /nix/store/...-openssh-7.2p2/empty must be owned by root and not group or world-writable.
The reason for this is that when openssh is built, we explicitly set
`--with-privsep-path=$out/empty`. This commit removes that flag which
causes the default directory /var/empty to be used instead. Since NixOS'
activation script correctly sets up that directory, the ssh daemon now
also works within containers that have a non-root-owned nix store.
- Fix a bug in the script which prevented it from finding its helper script.
- Automatically redirect the output of the script to make it even easier
to use.
- Update from Applications 16.04.2 to 16.04.3.
- Remove the version number from the directory storing the Applications
Nix expressions. It is not necessary to version the Nix expressions
now that we keep only one version in Nixpkgs.
- Fix a bug in generate-kde-applications.sh which prevented it from
finding its helper script.
- Automatically redirect the output of generate-kde-applications.sh to
make the update script even easier to use.
- Update from Plasma 5.7.0 to 5.7.1.
- Remove the version number from the directory storing the Plasma Nix
expressions. It is not necessary to version the Nix expressions now
that we keep only one version in Nixpkgs.
- Fix a bug in generate-kde-plasma.sh which prevented it from finding
its helper script.
- Automatically redirect the output of generate-kde-plasma.sh to make
the update script even easier to use.
Minor OTP releases (and their manpages) are not available for dowload at
http://erlang.org/download
But e.g.:
- 18.3.1 contains an important fix for mnesia
- 18.3.1-18.3.4 has a lot of SSL/TLS fixes
So we have to fetch from GitHub and build everything ourselves.
Also replace explicit path patching with upstream patches:
- https://github.com/erlang/otp/pull/1023
- https://github.com/erlang/otp/pull/1103 - with this patch it's now
possible to build erlang in sandboxed mode
