Commit Graph

36086 Commits

Author SHA1 Message Date
Luca Bruno
b01a49c14d xdg-user-dirs: fix finding default directory names 2014-04-22 22:17:20 +02:00
Luca Bruno
8846019fca libmediaart: new library used by gnome-music
Library tasked with managing, extracting and handling media art caches
2014-04-22 22:17:20 +02:00
Luca Bruno
5a332242ea gnome3: moved gnome-desktop from desktop/ to core/ 2014-04-22 22:17:19 +02:00
Luca Bruno
8f1b59189d gnome3: moved gtksourceview from desktop/ to core/ 2014-04-22 22:17:19 +02:00
Luca Bruno
5881705342 gnome3: moved file-roller from desktop/ to apps/ 2014-04-22 22:17:19 +02:00
Luca Bruno
bfbdbc19eb gedit: new package
Official text editor of the GNOME desktop environment

https://wiki.gnome.org/Apps/Gedit
2014-04-22 22:17:19 +02:00
Shea Levy
1c84988594 Merge branch 'gdk-pixbuf' of git://github.com/lethalman/nixpkgs 2014-04-22 16:01:19 -04:00
Rickard Nilsson
e87343f5d4 haveged: Update from 1.7c to 1.9.1 2014-04-22 21:55:41 +02:00
Bjørn Forsman
a70197a653 wireshark: add patch to lookup "dumpcap" in PATH
What this allows us to do is define a "dumpcap" setuid wrapper in NixOS
and have wireshark use that instead of the non-setuid dumpcap binary
that it normally uses.

As far as I can tell, the code that is changed to do lookup in PATH is
only used by wireshark/tshark to find dumpcap. dumpcap, the thing that's
typically setuid, is not affected by this patch. wireshark and tshark
should *not* be installed setuid, so the fact that they now do lookup in
PATH is not a security concern.

With this commit, and the following config, only "root" and users in the
"wireshark" group will have access to capturing network traffic with
wireshark/dumpcap:

  environment.systemPackages = [ pkgs.wireshark ];
  security.setuidOwners = [
    { program = "dumpcap";
      owner = "root";
      group = "wireshark";
      setuid = true;
      setgid = false;
      permissions = "u+rx,g+x";
    }
  ];
  users.extraGroups.wireshark.gid = 500;

(This wouldn't have worked before, because then wireshark would not use
our setuid dumpcap binary.)
2014-04-22 21:33:11 +02:00
Bjørn Forsman
cbd4650a1a wireshark: add myself (bjornfor) as maintainer 2014-04-22 21:33:11 +02:00
Bjørn Forsman
27477f1fac wireshark: build with libcap (POSIX capabilities)
This makes running wireshark (or more specifically, dumpcap) as root a
bit more secure. From <wireshark-1.11.2>/doc/README.packaging:

  The "--with-libcap" option is only useful when dumpcap is installed
  setuid. If it is enabled dumpcap will try to drop any setuid privileges
  it may have while retaining the CAP_NET_ADMIN and CAP_NET_RAW
  capabilities. It is enabled by default, if the Linux capabilities
  library (on which it depends) is found.
2014-04-22 21:33:11 +02:00
Luca Bruno
4a3508ad1a gdk-pixbuf: check for writable $out/.., closes #2115 2014-04-22 21:10:16 +02:00
Eelco Dolstra
5ba24cc8ea Typo/comment 2014-04-22 18:42:44 +02:00
Eelco Dolstra
83b43cfe51 dbus: Merge tools and daemon
This resolves a cyclic dependency: the daemon depends on tools (for
dbus-send) while tools depends on the daemon.  Keeping them separate
doesn't seem very useful in any case.
2014-04-22 17:38:53 +02:00
aszlig
52769d5c17
perl-dbix-class: Fix tests with newer SQLite.
Our version of SQLite causes the tests to fail, so I'm hereby adding a
patch from dbsrgits/dbix-class@ed5550d36 with the hunk for the Changes
file dropped.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-22 16:27:28 +02:00
Rob Vermaas
1b2b9761b4 dd-agent: update from 4.2.0 to 4.2.1 2014-04-22 15:47:06 +02:00
Eelco Dolstra
6fe24bda2d nss: Update to 3.16 2014-04-22 14:55:51 +02:00
Eelco Dolstra
393c9f2e02 nspr: Update to 4.10.4 2014-04-22 14:55:00 +02:00
Eelco Dolstra
a96b1eb745 firefox: Update to 28.0 2014-04-22 14:45:27 +02:00
Vladimír Čunát
662b92e608 liferea: bugfix update
Looks good after some basic testing.
2014-04-22 13:22:14 +02:00
Eelco Dolstra
27a8cada79 openvpn: Add systemd startup notification
This causes OpenVPN services to reach the "active" state when the VPN
connection is up (i.e., after OpenVPN prints "Initialization Sequence
Completed"). This allows units to be ordered correctly after openvpn-*
units, and makes systemctl present a password prompt:

  $ start openvpn-foo
  Enter Private Key Password: *************

(I first tried to implement this by calling "systemd-notify --ready"
from the "up" script, but systemd-notify is not reliable.)
2014-04-22 13:14:58 +02:00
Eelco Dolstra
33b4ab3ac1 openvpn: Update to 2.3.3 2014-04-22 13:14:58 +02:00
aszlig
396da20739
miro: Fix desktop schema GSettings path.
The real path of the schemas is:

$out/share/gsettings-schemas/gsettings-desktop-schemas-3.10.1/glib-2.0/schemas

While the previous approach was to load schemas from:

$out/share/glib-2.0/schemas

So, we're now relying on the setup hook of glib to find the right schema
path.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-22 10:32:54 +02:00
Eelco Dolstra
6fec10dda3 libmicrohttpd: Disable tests
http://hydra.nixos.org/build/10584971
2014-04-22 10:05:51 +02:00
aszlig
f122e0e229
dmenu: Patch in store path to dmenu_run.
If dmenu isn't installed in the user environment, dmenu_run will fail
because it searches $PATH for its own binaries.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-22 07:22:00 +02:00
aszlig
65fcb8d503
miro: Fix parsing of youtube feeds.
Youtube feeds now don't append a "sig" query string argument anymore, so
all those feeds would fail without this patch. For the latter, a pull
request already exists on upstream at pculture/miro#428, so I guess we
can drop our patch upon release of the next new upstream bugfix release.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-22 06:14:01 +02:00
aszlig
28229d8ef1
SDL: Add alsaLib to propagatedNativeBuildInputs.
This is needed because the pkgconfig file contains linker flags for
alsa-lib. And we had it propagated before already.

Should fix build of quite a lot of SDL dependencies, such as SDL_image:

https://hydra.nixos.org/build/10558332

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-22 05:54:39 +02:00
Sander van der Burg
281126d7ee Merge pull request #2346 from cpages/android
Add android ndk support
2014-04-21 23:27:10 +02:00
Rickard Nilsson
0f9499887e pulseaudio: Update from 4.0 to 5.0 2014-04-21 23:22:10 +02:00
Rickard Nilsson
5db9287b7c rtkit: Update from 0.10 to 0.11 2014-04-21 23:22:10 +02:00
Arseniy Seroka
ad8aeebad8 vim-plugins: update and upgrade 2014-04-21 19:21:18 +02:00
Ricardo M. Correia
5d5ca7b260 grsecurity: Update all patches
stable:  3.0-3.2.57-201404131252            -> 3.0-3.2.57-201404182109
test:    3.0-3.13.10-201404141717           -> 3.0-3.14.1-201404201132
vserver: 3.0-3.2.57-vs2.3.2.16-201404131253 -> 3.0-3.2.57-vs2.3.2.16-201404182110
2014-04-21 18:46:41 +02:00
Eelco Dolstra
19e9d25e8f Remove KDE 4.11 2014-04-21 18:13:17 +02:00
Eelco Dolstra
99907f5bd7 kde: Update to 4.12.4 2014-04-21 18:13:17 +02:00
Eelco Dolstra
ee798c5c0f Use KDE 4.12 2014-04-21 18:13:17 +02:00
Vladimír Čunát
f3ec500d48 libarchive: move patch into nixpkgs
Unfortunately, github periodically changes output even for raw diffs
(not just raw patches). I'm including the patch in nixpkgs.

I was unable to do it without hash change. Even if I added binary equal file.
2014-04-21 17:57:20 +02:00
Shea Levy
3b93b7bfe6 nodejs: Fix configuration 2014-04-21 09:05:34 -04:00
Jaka Hudoklin
b12b180fc2 meshlab: fix build
Patches are from the Arch Linux package.
2014-04-21 11:24:26 +02:00
aszlig
625d7b9043
Merge pull request #1928 from 'cross-win-osx'.
This includes a lot of fixes for cross-building to Windows and Mac OS X
and could possibly fix things even for non-cross-builds, like for
example OpenSSL on Windows.

The main reason for merging this in 14.04 already is that we already
have runInWindowsVM in master and it doesn't work until we actually
cross-build Cygwin's setup binary as the upstream version is a fast
moving target which gets _overwritten_ on every new release.

Conflicts:
	pkgs/top-level/all-packages.nix
2014-04-21 10:00:35 +02:00
aszlig
cdd1c9caa5
Merge branch 'chromium-refactor', closes #1798.
This implements some longstanding work of getting the Chromium
derivation more modular. Unfortunately, I didn't manage to decrease the
compile time, which was one of the primary goal for doing the refactor.
A main reason this didn't work out well was the fact that most bundled
libraries are so heavily patched that it's not possible within a limited
time frame to decouple it from the main derivation.

However, it should now be easier to build other derivations that build
upon Chromium, like libcef. Also, it finally adds support for the
non-free PepperAPI Flash and PDF plugins and support for fetching the
corresponding versions through the updater.
2014-04-21 09:50:50 +02:00
Shea Levy
5701e4e15a Add buildLocalCabalWithArgs for providing extra arguments to callPackage 2014-04-20 22:57:03 -04:00
Rickard Nilsson
6b634673f9 Add remarkjs 0.6.4, a markdown-driven slideshow tool
Also, add required node packages (and update generated node pkgs).
2014-04-21 01:27:23 +02:00
AndersonTorres
31a94915d2 mpv: minor updates and cleanup
E.g. parameterize lua.
2014-04-20 19:46:21 +02:00
AndersonTorres
193dd39d8c mpv: update to stable version 0.3.7
Also:
* minor waf update (reflecting bootstrap.py)
* lua5_sockets inclusion (not detected yet)
2014-04-20 19:46:21 +02:00
Eelco Dolstra
4e8c2f0ff9 Merge branch 'systemd-update' 2014-04-20 19:31:01 +02:00
Eelco Dolstra
a0c0dfb647 Revert accidental change 2014-04-20 19:29:53 +02:00
Vladimír Čunát
cb83796abb elfutils: update 0.155 -> 0.158 2014-04-20 18:24:11 +02:00
Vladimír Čunát
b4df087f14 elfutils: fix CVE-2014-0172
Patch taken from upstream mailing-list.
2014-04-20 18:24:11 +02:00
aszlig
18234b6768
chromium: Fix package name for browser derivation.
The packageName attribute defines the output path and binary name of the
product that's going to be created, so we really want to have "chromium"
instead of "chromium-browser" here, especially for the resulting binary.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-20 17:46:18 +02:00
aszlig
35944168e4
Merge pull request #1970 from @ambrop72.
We already have a desktop icon from the browser wrapper, so this is only
for people who do not use the wrapper (for example if you don't want to
use Mozilla plugins).

Also, we someday might want to propagate the desktop item to the browser
wrapper as well.

Conflicts:
	pkgs/applications/networking/browsers/chromium/default.nix
2014-04-20 17:46:18 +02:00