Commit Graph

104402 Commits

Author SHA1 Message Date
Joachim Fasting
ecd0e1a2c7
torbrowser: reduce risk of stale Nix store references
This patch restructures the expression and wrapper to minimize Nix store
references captured by the user's state directory.

The previous version would write lots of references to the Nix store into
the user's state directory, resulting in synchronization issues between
the Store and the local state directory.  At best, this would cause TBB to
stop working when the version used to instantiate the local state was
garbage collected; at worst, a user would continue to use the old version
even after an upgrade.

To solve the issue, hard-code as much as possible at the Store side and
minimize the amount of stuff being copied into the local state dir.
Currently, only a few files generated at firefox startup and fontconfig
cache files end up capturing store paths; these files are simply removed
upon every startup.  Otherwise, no capture should occur and the user
should always be using the TBB associated with the tor-browser wrapper
script.

To check for stale Store paths, do
   `grep -Ero '/nix/store/[^/]+' ~/.local/share/tor-browser`
This command should *never* return any other store path than the one
associated with the current tor-browser wrapper script, even after an
update (assuming you've run tor-browser at least once after updating).
Deviations from this general rule are considered bugs from now on.

Note that no attempt has been made to support pluggable transports; they
are still broken with this patch (to be fixed in a follow-up patch).

User visible changes:
- Wrapper retains only environment variables required for TBB to work
- pulseaudioSupport can be toggled independently of mediaSupport (the
  latter weakly implies the former).
- Store local state under $TBB_HOME.  Defaults to $XDG_DATA_HOME/tor-browser
- Stop obnoxious first-run stuff (NoScript redirect, in particular)
- Set desktop item GenericName to Web Browser

Some minor enhancements:
- Disable Hydra builds
- Specify system -> source mapping to make it easier to
  extend supported platforms.
2017-03-25 15:59:18 +01:00
Nikolay Amiantov
417844b596 phpfpm service: don't use private /tmp
This breaks local PostgreSQL connections.
2017-03-25 14:52:44 +01:00
Thomas Tuegel
a9172891d9 Merge pull request #24139 from periklis/topic_qt58_darwin_compatibility
qt58: enable darwin compatibility
2017-03-25 08:50:00 -05:00
Robin Gloster
6b8ad8b581
networkd: fix setting both defaultGateway{,6} 2017-03-25 14:30:05 +01:00
Pascal Wittmann
54c15923c2 Merge pull request #24285 from Ma27/update-composer
phpPackages.composer: 1.3.2 -> 1.4.1
2017-03-25 14:28:48 +01:00
zimbatm
f77de6d3dc arcanist: 20160825 -> 20170323 2017-03-25 12:32:14 +00:00
goibhniu
170b8da281 Merge pull request #24304 from matklad/uefi-install-docs
docs: clarify UEFI bootloader setup
2017-03-25 13:08:06 +01:00
goibhniu
efc457c6e2 Merge pull request #23251 from juliendehos/hieroglyph
hieroglyph: init at 0.7.1
2017-03-25 13:00:34 +01:00
Robin Gloster
4f9e590c06
gitkraken: clean-up 2017-03-25 12:52:01 +01:00
Nikolay Amiantov
a381ee89cd zenity: fix for non-GNOME 3 2017-03-25 14:40:17 +03:00
Robin Gloster
bb5d0f3ded
gdm: the patch is still necessary 2017-03-25 12:13:45 +01:00
Joachim Fasting
101cb04b6a
surf-webkit2: 2017-03-06 -> 2017-03-22
Fixes a race condition
2017-03-25 11:58:30 +01:00
Michael Raskin
b9f35c12ec Merge pull request #24312 from kamilchm/ponyc
ponyc: 0.11.3 -> 0.11.4
2017-03-25 11:58:03 +01:00
Vincent Laporte
e3fd4ec6ce ocamlPackages.ocaml_mysql: 1.1.1 -> 1.2.1 2017-03-25 09:54:46 +00:00
Vincent Laporte
6c9bfa3bd7 ocamlPackages.angstrom: 0.3.0 -> 0.4.0 2017-03-25 09:27:29 +00:00
Kamil Chmielewski
c7cd4fec60 ponyc: 0.11.3 -> 0.11.4 2017-03-25 09:52:46 +01:00
Periklis Tsirakidis
b97dd5f560 qt58: enable darwin compatibility 2017-03-25 09:48:17 +01:00
Daiderd Jordan
7dc489d95a Merge pull request #24275 from spacekitteh/fetchFromGitRepo
fetchRepoProject: Fix buildCommand
2017-03-25 09:45:11 +01:00
Vincent Laporte
6e0b7273a2 ocamlPackages.stdio: init at 0.9.0
Stdio implements simple input/output functionalities for OCaml.

Homepage: https://github.com/janestreet/stdio
2017-03-25 07:06:49 +00:00
Vincent Laporte
a7a3d91039 ocamlPackages.ppx_traverse_builtins: init at 0.9.0
This OCaml library defines the default methods for builtin types
(int, string, list, ...) for Ppx_traverse.

Homepage: https://github.com/janestreet/ppx_traverse_builtins
2017-03-25 06:57:46 +00:00
ndowens
5f61654864 Merge pull request #24225 from rlupton20/cde
cde: init at 0.1
2017-03-24 21:52:21 -05:00
Tuomas Tynkkynen
186cc512a6 freicoin: Fix eval 2017-03-25 02:12:14 +02:00
Tuomas Tynkkynen
60788745c9 channel.nix: Use filterSource to exclude unnecessary files from nixpkgs
Currently, if you try to build a NixOS config including channel.nix, e.g.:

nix-build -I nixpkgs=. -I nixos-config=nixos/modules/installer/cd-dvd/installation-cd-minimal.nix nixos -A config.system.build.isoImage

twice in a row, you end up with two different build results. This is
caused by the 'result' symlink of the first build affecting the channel
contents of the second build.

If we use filterSource with a predicate that ignores the 'result'
symlinks, the problem is gone. Do the same thing for VIM/Emacs
swap/backup files to avoid even more 'spurious' rebuilds.

Additionally, filter out the '.git' directory at the same time, as we
'rm -rf' it from the result anyway. This avoids a considerable amount of
unnecessary file I/O copying and deleting the .git directory.
2017-03-25 01:42:28 +02:00
Daiderd Jordan
00f472a563
fetchrepoproject: cleanup extra flags 2017-03-25 00:35:20 +01:00
Sophie Taylor
2078c34dad fetchRepoProject: Fix buildCommand 2017-03-25 00:24:43 +01:00
Joachim F
872a15a0ba Merge pull request #24301 from winniequinn/gitkraken-2.2.1
gitkraken: 2.2.0 -> 2.2.1
2017-03-25 00:14:08 +01:00
Joachim F
550459c11f Merge pull request #24284 from Ma27/update-geogebra
geogebra: 5-0-338-0 -> 5-0-346-0
2017-03-24 23:51:12 +01:00
Michael Raskin
0aa11219b5 Merge pull request #24224 from ndowens/freicoin
freicoin: 0.8.3-1 -> 0.8.6-2; Moved to correct category
2017-03-24 23:42:52 +01:00
Peter Simons
24a69286e9 Merge pull request #23610 from ljli/hs-ghcjs-pkgs-inherit
haskellPackages: apply GHC specific overrides before GHCJS
2017-03-24 23:15:41 +01:00
Peter Simons
011466857b Merge pull request #24279 from LumiGuide/ghcjsHEAD-upgrade-to-latest-LTS
ghcjsHEAD: upgrade ghcjs-boot packages
2017-03-24 23:13:55 +01:00
Aleksey Kladov
edac1d3e7a docs: clarify UEFI bootloader setup 2017-03-25 00:48:27 +03:00
Michael Raskin
6bdf8cc015 Merge pull request #24300 from winniequinn/vscode-1.10.2
vscode: 1.10.0 -> 1.10.2
2017-03-24 22:42:35 +01:00
Michael Raskin
7a412ef61d Merge pull request #24302 from ndowens/dar
dar: 2.5.3 -> 2.5.9
2017-03-24 22:40:06 +01:00
Winnie Quinn
8c2f986ed1 gitkraken: 2.2.0 -> 2.2.1 2017-03-24 17:31:41 -04:00
Maximilian Bosch
9787b2b808
geogebra: 5-0-338-0 -> 5-0-346-0 2017-03-24 22:16:57 +01:00
Maximilian Bosch
73edc1d5f8
phpPackages.composer: 1.3.2 -> 1.4.1 2017-03-24 22:16:10 +01:00
ndowens
1e6fd6f901 dar: 2.5.3 -> 2.5.9 2017-03-24 16:06:41 -05:00
Michael Raskin
82adcd6cfb pythonPackages.BTrees: fix evaluation; builds fine 2017-03-24 22:01:55 +01:00
Winnie Quinn
1b4151b12f vscode: 1.10.0 -> 1.10.2
In addition to the version bump, this also fixes a broken install phase
on macOS. The install now completes properly on macOS 10.12 and
"bin/code" is now correctly linked to the binary within the bundle.
2017-03-24 16:48:24 -04:00
Vladimír Čunát
455ce3528c
Merge branch 'staging' 2017-03-24 21:07:55 +01:00
Shea Levy
9a777013d1 Add setupSystemdUnits function.
Allows setting up and managing a set of systemd units on any systemd distribution.
2017-03-24 15:47:51 -04:00
Vincent Laporte
e3c1e37823 ocamlPackages.ppx_ast: init at 0.9.0
Ppx_ast selects a specific version of the OCaml Abstract Syntax
Tree from the migrate-parsetree project that is not necessarily
the same one as the one being used by the compiler.

Homepage: https://github.com/janestreet/ppx_ast
2017-03-24 19:09:43 +00:00
Tobias Geerinckx-Rice
ef69326e99 Merge pull request #23360 from ndowens/pcapc
pcapc: 2015-03.06 -> 1.0.0
2017-03-24 18:44:53 +00:00
Bjørn Forsman
6b6454f190
perlPackages.OpenGL: 0.6703 -> 0.70
Fixes https://github.com/NixOS/nixpkgs/issues/19271 ("slic3r gui
fails").
2017-03-24 19:15:20 +01:00
Robin Gloster
dd385d9468
qt57.makeQtWrapper: fix eval 2017-03-24 18:20:01 +01:00
Domen Kožar
c24e7f786a Merge pull request #24258 from deepfire/travis-pr-repair
travis: sudo: true, to gain 4G of RAM, as per @domenkozar suggestion to fix #24200
2017-03-24 17:51:26 +01:00
ndowens
bc4dc9cb75 codeblocks: 13.12 -> 16.01
(@7c6f434c) move the buildInputs missed in the initial version to
nativeBuildInputs, too.

Pushed instead of #24074
2017-03-24 17:49:30 +01:00
Peter Hoeg
317734f99c speedcrunch: stick to qt 5.7 as 5.8 is broken 2017-03-25 00:39:30 +08:00
Joachim F
5c045afddd Merge pull request #24257 from pjones/pjones/geda-guile
geda: fix build by using guile_2_0 instead of latest ver
2017-03-24 17:39:15 +01:00
Kosyrev Serge
8d97ee2a97 Fix a missed sudo: true line 2017-03-24 16:38:42 +00:00