Commit Graph

97352 Commits

Author SHA1 Message Date
Bjørn Forsman
ebe67d69d0 collectd service: change /var/lib/collectd perms: 700 -> 755
The collectd service runs as an unprivileged user by default, so it does
not leak more information to its data directory than any user can obtain
elsewhere by other means.

If people are running it as root and are worried about information leak,
we can add collectd group and set perms to 750.

CC @offlinehacker.

Fixes #21198.
2016-12-16 23:04:42 +01:00
Peter Simons
e18dac705a Merge pull request #21214 from NixOS/haskell-parallel-builds
Haskell generic builder: enable parallel builds for GHC 8.0.2
2016-12-16 22:27:41 +01:00
Domen Kožar
d0250ad884 Haskell generic builder: enable parallel builds for GHC 8.0.2
This reverts https://github.com/NixOS/nixpkgs/pull/4554
2016-12-16 22:25:40 +01:00
Antoine Eiche
086e5d09a1 nixos/keystone: add test in release.nix 2016-12-16 20:53:32 +01:00
Antoine Eiche
a932f68d9c nixos/keystone: secrets can be read from files
A secret can be stored in a file. It is written at runtime in the
configuration file.
Note it is also possible to write them in the nix store for dev
purposes.
2016-12-16 20:53:32 +01:00
Antoine Eiche
415c9ff90b nixos/keystone: init at liberty version
This commit introduces a nixos module for the Openstack Keystone
service. It also provides a optional bootstrap step that creates some
basic initial resources (tenants, endpoints,...).

The provided test starts Keystone by enabling bootstrapping and checks
if user creation works well.

This commit is based on initial works made by domenkozar.
2016-12-16 20:53:32 +01:00
michael bishop
656cc3acaf fix 2 xml errors in the description of boot.loader.grub.efiInstallAsRemovable 2016-12-16 20:39:40 +01:00
Dan Peebles
1eb9fe3696 awscli, boto{core,3}: update to 1.11.30, 1.4.87, and 1.4.2, respectively
These packages like being updated together which is why I put all three
of them into the same commit.
2016-12-16 12:39:08 -05:00
michael bishop
e5cefadef7 fix indentation in several nixos option descriptions 2016-12-16 18:29:25 +01:00
Fatih Altinok
1946e872c0 flow: 0.36.0 -> 0.37.1 2016-12-16 16:02:27 +00:00
Franz Pletz
f97bfcec99
rspamd: 1.2.7 -> 1.4.1 2016-12-16 15:52:27 +01:00
Franz Pletz
60d29f526d
rmilter: 1.8.5 -> 1.10.0 2016-12-16 15:52:27 +01:00
Franz Pletz
3d1206dfcc
ragel: add stable version, default to stable 2016-12-16 15:52:27 +01:00
Nikolay Amiantov
664cc49b19 gbenchmark: init at 1.1.0 2016-12-16 17:44:21 +03:00
Tim Steinbach
0e8e4a08f3
linux: 4.8.14 -> 4.8.15 2016-12-16 08:16:45 -05:00
Tim Steinbach
cb9ff3f7f9
linux: 4.4.38 -> 4.4.39 2016-12-16 08:16:22 -05:00
aszlig
38ea64e867
qemu_test: Make chown() calls to the store a no-op
The "misc" NixOS test is using Nix to query the store and it tries to
change the ownership of it while doing so.

This fails if Nix is not in a seccomp-sandboxed userid namespace, so
let's make chown() a no-op when applied to store paths.

Fixes the misc test (and possibly future tests) on older Nix versions.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-12-16 13:06:25 +01:00
Joachim Fasting
f0e77cd07d
grsecurity: 4.8.14-201612110933 -> 4.8.15-201612151923 2016-12-16 12:46:44 +01:00
Joachim F
7aa8fa28ae Merge pull request #21190 from mdorman/emacs-updates
Emacs package updates: 2016-12-15
2016-12-16 12:34:09 +01:00
Profpatsch
52c34f626c liquibase: improve external jar integration (#20818)
This replaces the upstream wrapper script with one tailored for nixpkgs.
We gain the ability to selectively enable/disable jdbc backends.
2016-12-16 12:19:59 +01:00
Bart Brouns
3fc60ec351
remove mutt-kz: deprecated in favor of neomutt
Removed reference in all-packages.nix. Fixes #20952.
2016-12-16 12:16:39 +01:00
Franz Pletz
a4586f87dc
wireguard: 20161129 -> 20161209 2016-12-16 12:16:39 +01:00
Domen Kožar
8b9ced0181 rocksdb: build also static lib for rocksdb-haskell 2016-12-16 12:01:14 +01:00
Maximilian Güntner
dec91d3b19 gem-config: add postgresql buildInput for sequel_pg (#20981)
Signed-off-by: Maximilian Güntner <code@klandest.in>
2016-12-16 11:36:05 +01:00
Will Dietz
be24f1d364 musl: 1.1.11 -> 1.1.15, add security patch. (#21023) 2016-12-16 11:32:28 +01:00
Luis Pedro Coelho
f3108c5bd2 pythonPackages.natbib: fix for Python 3.5 (#21114)
pathlib is part of the standard library starting in version 3.5.
2016-12-16 11:22:06 +01:00
Paul Liu
1b6e2b9a19 Fix netpbm installation for OS X (#21194)
* Update meta.platform to linux ++ darwin for netpbm
2016-12-16 09:30:50 +00:00
Graham Christensen
96c05c1400 Merge pull request #21193 from tsaeger/patch-1
Fixup description of ripgrep.
2016-12-15 20:17:20 -05:00
Tom Saeger
e0e1bdc25c Fixup description of ripgrep. 2016-12-15 17:41:22 -06:00
Jascha Geerds
2bcdc8c913 pythonPackages.virtualenvwrapper: Fix post install (closes #21168) 2016-12-16 00:31:35 +01:00
John Ericson
63bf5f3ba3 Merge pull request #21189 from Ericson2314/mea-culpa
Mea culpa. Tests should pass now
2016-12-15 17:59:24 -05:00
Michael Alan Dorman
8cd481b5fd org-packages: 2016-12-15 2016-12-15 17:55:56 -05:00
Michael Alan Dorman
01d5fda8c1 melpa-stable-packages: 2016-12-15
Removals:
 - dummy-h-mode: github account no longer exists
 - judge-indent: github account no longer exists
2016-12-15 17:55:56 -05:00
Michael Alan Dorman
c5e64ba4c8 melpa-packages: 2016-12-15
Removals:
 - cursor-in-brackets: github account no longer exists
 - dummy-h-mode: github account no longer exists
 - general-close: removed from melpa
 - judge-indent: github account no longer exists
2016-12-15 17:55:55 -05:00
Michael Alan Dorman
994b243dd3 elpa-packages: 2016-12-15 2016-12-15 17:55:55 -05:00
Jascha Geerds
4af2328e5c discord: Fix missing desktop entry (closes #21045) 2016-12-15 23:52:50 +01:00
Daiderd Jordan
891e391cdb
go: 1.7.3 -> 1.7.4 2016-12-15 17:17:58 -05:00
Graham Christensen
8800ea7617
zabbix22: 2.2.2 -> 2.2.16 for CVE-2016-4338 CVE-2016-9140 2016-12-15 17:17:58 -05:00
Graham Christensen
503c57237f
go_1_6: 1.6.3 -> 1.6.4 for DoS vector 2016-12-15 17:17:58 -05:00
Graham Christensen
5cbb0f7fbf
unzip: patch for CVE-2014-9913 and CVE-2016-9844 2016-12-15 17:17:58 -05:00
Graham Christensen
4fa5237984
libgsf: 1.14.36 -> 1.14.41 for CVE-2016-9888 2016-12-15 17:17:57 -05:00
Graham Christensen
971ae27526
perlPackages.DBDmysql: 4.039 -> 4.041 for CVE-2016-1251 2016-12-15 17:17:57 -05:00
Graham Christensen
ca6463ef90
sqlite: 3.15.0 -> 3.15.2 for null pointer dereference
https://sqlite.org/releaselog/3_15_2.html
2016-12-15 17:17:57 -05:00
Graham Christensen
eb7ea181f1
jasper: 1.900.28 -> 2.0.6 2016-12-15 17:17:57 -05:00
John Ericson
19fbe80c3d top-level: avoid another assert false while we're at it 2016-12-15 17:09:46 -05:00
John Ericson
7960a1b1b8 linux stdenv: Avoid assert false
On one hand, don't want to pass garbage that affects hash, on the other
hand footguns are bad.

Now, factored out the derivation so only need to pass in what is used.
2016-12-15 17:09:29 -05:00
John Ericson
670256dc39 linux stdenv: Rename the bootstrap directory to bootstrap-files 2016-12-15 17:05:39 -05:00
Jascha Geerds
f92544fe12 falcon: Fix typo in derivation name (closes #21112) 2016-12-15 22:47:45 +01:00
John Ericson
a94af71da7 linux stdenv: Fix assert that broke tests...and hydra 2016-12-15 16:45:08 -05:00
romildo
2e7105467b lxqt: better organize system packages
Split packages in three categories, all of them going into the system
package list:
- pre-requisite packages
- core packages
- optional packages

Add a new configuration option 'environment.lxqt.excludePackages' to
specify optional LXQt packages that should be excluded from system
packages.

Add 'gvfs' as a pre-requisite package, needed by 'pcmanfm-qt' to
handle virtual places, like "Computer" and "Network".
2016-12-15 22:45:06 +01:00