Commit Graph

143297 Commits

Author SHA1 Message Date
SLNOS
2de3c4bd78 nixos/tor: add tor-init service to fix directory ownerships, fix hardenings
This reverts a part of 5bd12c694b.

Apparently there's no way to specify user for RuntimeDirectory in systemd
service file (it's always root) but tor won't create control socket if the dir
is owned by anybody except the tor user.

These hardenings were adopted from the upstream service file, checked
against systemd.service(5) and systemd.exec(5) manuals, and tested to
actually work with all the options enabled.

`PrivateDevices` implies `DevicePolicy=closed` according to systemd.exec(5),
removed.

`--RunAsDaemon 0` is the default value according to tor(5), removed.
2018-06-11 15:52:24 +00:00
Mitsuhiro Nakamura
3e766a56c4 trash-cli: enable darwin build 2018-06-12 00:42:25 +09:00
Will Dietz
5f165fd2fc mendeley: 1.18 -> 1.19.1
1.19 had show-stopper bugs,
but 1.19.1 seems to work well :).
2018-06-11 10:37:31 -05:00
Raymond Gauthier
3dfc9cd826 nixos/uvcvideo.dynctrl: Init 2018-06-11 11:33:49 -04:00
Robert Schütz
2b1daeb285 borgbackup: 1.1.5 -> 1.1.6 2018-06-11 17:22:24 +02:00
Matthew Justin Bauer
55282f339b
unix-tools: add glibc 2018-06-11 11:19:31 -04:00
Florian Klink
cb7f7fd094 pythonPackages.GitPython: set path to git executable 2018-06-11 17:10:53 +02:00
SLNOS
bb3984f709 tor-browser: drop 7.0.x expression 2018-06-11 15:10:00 +00:00
SLNOS
de117c1ef9 tor-browser: 52.8.0esr-7.5-1 -> 52.8.1esr-7.5-1 2018-06-11 15:10:00 +00:00
Jörg Thalheim
a1f226b78b
Merge pull request #41829 from volth/patch-151
nixos/initrd-network: support hetzner
2018-06-11 15:58:02 +01:00
Robert Schütz
1b452e46ac
Merge pull request #41474 from andreabedini/aws-sam-translator
pythonPackages.aws-sam-translator: init at 1.5.4
2018-06-11 16:53:03 +02:00
Tuomas Tynkkynen
e3875883cc libbass: Fix src hash 2018-06-11 17:36:24 +03:00
Matthew Bauer
340bc74a2b ghcjs: remove old-time
This attribute is no longer available
2018-06-11 10:29:12 -04:00
Tim Steinbach
e0d1c6315a
Merge pull request #41776 from pclewis/openjdk-jdk10-truststore-from-env
openjdk: fix truststore-from-env patch for jdk10
2018-06-11 09:35:12 -04:00
Andrea Bedini
b7a6dbec9c pythonPackage.aws-sam-translator: init -> 1.5.4 2018-06-11 21:15:39 +08:00
Andrea Bedini
9f7cb7da18 andreabedini: adding myself as a maintainer 2018-06-11 21:15:29 +08:00
Kamil Chmielewski
0cc063ebae ponyc: 0.22.6 -> 0.23.0 (#41833)
https://github.com/ponylang/ponyc/issues/2764
2018-06-11 15:09:29 +02:00
adisbladis
b325fc7d02
Merge pull request #41828 from tokudan/ff-bin6002-sec
firefox-bin: 60.0.1 -> 60.0.2 critical security update
2018-06-11 20:28:04 +08:00
Jörg Thalheim
c9206cdd97
Merge pull request #41831 from cleverca22/fix-ntpd-openat
ntp: fix a missed syscall in seccomp
2018-06-11 12:04:53 +01:00
Jörg Thalheim
8ba3df7687
Merge pull request #41566 from krav/fix-gitaly
gitaly: Cause ruby-cd to be wrapped so bundler will work
2018-06-11 11:58:27 +01:00
Michael Bishop
f115afa5d5 ntp: fix a missed syscall in seccomp
ntpd uses openat to adjust the drift file, which it only does after a few hours of uptime
2018-06-11 07:40:26 -03:00
Jan Tojnar
f4fdc8b06b
Merge pull request #41827 from jtojnar/libgtop-darwin
libgtop: fix darwin build
2018-06-11 12:36:39 +02:00
volth
4c3352896e
nixos/initrd-network: support hetzner 2018-06-11 10:35:02 +00:00
Daniel Frank
3df3e155f0 firefox-bin: 60.0.1 -> 60.0.2 critical security update 2018-06-11 12:02:40 +02:00
Jan Tojnar
2443a602de
libgtop: fix darwin build 2018-06-11 12:01:34 +02:00
Frank Doepper
ed657a98c7 nwipe: init at 0.24 (#41664)
* nwipe: init at 0.24

* nwipe: cleanup deps
2018-06-11 11:41:59 +02:00
Jörg Thalheim
053f927e63
Merge pull request #41821 from volth/patch-150
perlPackages.JSON: fix cross-compilation
2018-06-11 10:33:00 +01:00
Orivej Desh
796fa8190e clickhouse: 1.1.54310 -> 1.1.54385 2018-06-11 09:26:07 +00:00
Orivej Desh
63a5b85b2a cctz: init at 2.2 2018-06-11 09:26:07 +00:00
Rolf Schröder
979ac47cd8 doc/languages-frameworks/python.section.md: fix typo (#41824) 2018-06-11 10:24:07 +01:00
Uli Baum
93cbb9b72f nixos/tomcat: fix eval error introduced by #40657 2018-06-11 11:02:54 +02:00
volth
7f3db0dd72
perlPackages.JSON: fix cross-compilation 2018-06-11 07:46:04 +00:00
Matthew Bauer
eca521aea7 libcanberra: supports darwin 2018-06-10 22:45:40 -04:00
Matthew Bauer
b0cb40ed4b samba: support darwin
- add macos patch
2018-06-10 22:45:40 -04:00
Yegor Timoshenko
da038b1bfc
Merge pull request #40948 from r-ryantm/auto-update/whois
whois: 5.3.0 -> 5.3.1
2018-06-11 05:27:59 +03:00
Yegor Timoshenko
f44012ba10
lib.release -> lib.trivial.release 2018-06-11 02:14:18 +00:00
Matthew Justin Bauer
51aec3b2ad
Merge pull request #41817 from bgamari/T41816
cmake: Only apply application-services.patch with 3.11
2018-06-10 22:02:25 -04:00
Jan Tojnar
e7b304e60b
Merge pull request #41785 from etu/sequeler-update
sequeler: 0.5.4 -> 0.5.5
2018-06-11 04:00:11 +02:00
Yegor Timoshenko
5a232b0f5b
Leverage lib.release 2018-06-11 01:50:06 +00:00
Yegor Timoshenko
a26d9e3ba8
Readd --retry 3 2018-06-11 01:48:00 +00:00
Ben Gamari
5962d0d5f3 cmake: Only apply application-services.patch with 3.11
The patch doesn't apply with earlier versions. Fixes #41816.
2018-06-10 21:32:49 -04:00
Tobias Happ
4d48694901 dwm-status: add xsetroot and alsaUtils as runtime deps 2018-06-11 03:26:11 +02:00
Yegor Timoshenko
2391e836f9 wireguard-go: drop redundant relative import patch 2018-06-11 01:26:04 +00:00
Tim Steinbach
a444dcad03
linux-copperhead: LTS based on regular 4.14 2018-06-10 21:00:47 -04:00
Matthew Bauer
7eb169a257 avian: use no error
Currently a warning breaks an otherwise working package
2018-06-10 20:34:40 -04:00
Matthew Bauer
f522c9c3b9 dxx-rebirth: disable format hardening 2018-06-10 20:32:31 -04:00
Matthew Bauer
8eabbf1f17 dnsperf: supports darwin 2018-06-10 20:32:17 -04:00
Matthew Bauer
7e63a205da treewide: disable some darwin checks
Some network tests frequently fail on darwin. It’s easiest to disable
them for now.
2018-06-10 20:31:06 -04:00
Matthew Bauer
4b213588f9 ffmpeg: needs gcc
https://hydra.nixos.org/build/75640051/nixlog/2
2018-06-10 20:29:40 -04:00
Matthew Justin Bauer
6af1426421
bind: only include libcap on linux 2018-06-10 20:04:29 -04:00