Fixes problems such as:
systemd[1]: Failed to put bus name to hashmap: File exists
systemd[1]: dbus-org.freedesktop.nm-dispatcher.service: Two services allocated for the same bus name org.freedesktop.nm_dispatcher, refusing operation.
Problem is that systemd treats symlinks to files outside the service
path differently, causing our old workaround to look like two separate services.
These symlinks are intended to be a means for manually emulating
the behavior of the `Alias=` directive in these services.
Unfortunately even making these symlinks relative isn't enough,
since they don't make it to where it matters--
that only makes the links in /etc/static/systemd/system/*
relative, with systemd still being shown non-relative links
in /etc/systemd/system/*.
To fix this, drop all of this at the package level
and instead simply specify the aliases in the NixOS modules.
Also handle the same for modemmanager,
since the networkmanager NixOS module also handles that.
* freetype: Remove unnecessary `--disable-static`.
The true-by-default `dontDisableStatic` already takes care of it.
Fixes freetype not being overridable to have static libs.
* treewide: Remove unnecessary `--disable-static`.
The true-by-default `dontDisableStatic` already takes care of it.
Fixes these packages not being overridable to have static libs.
Fixes:
* CVE-2019-6472 affects the Kea DHCPv6 server, which can exit
with an assertion failure if the DHCPv6 server process receives
a request containing DUID value which is too large.
(https://kb.isc.org/docs/cve-2019-6474)
* CVE-2019-6473 affects the Kea DHCPv4 server, which can exit with
an assertion failure if it receives a packed containing a malformed
option. (https://kb.isc.org/docs/cve-2019-6473)
* CVE-2019-6474 can cause a condition where the server cannot be
restarted without manual operator intervention to correct a problem
that can be deliberately introduced into the stored leases.
CVE-2019-6474 can only affect servers which are using memfile
for lease storage. (https://kb.isc.org/docs/cve-2019-6474)
Annoucement: https://www.openwall.com/lists/oss-security/2019/08/29/1
This package explicitly depends on `python2` which will be EOLed at the
end of the year[1]. This package provides python bindings for `python2`,
however the latest release (also used by other distros) is from 2011[2]
and doesn't support v3. For instance, debian ships `vde2` without
`python2` support since Debian Jessie[3].
KVM and QEMU appear to build fine, also NixOS tests and ISO builds are
still functional.
By running `nix-review` against this change, only `xen` packages failed,
but those were already broken on master[4].
Finally it's also worth mentioning that the closure size of `vde2` drops
from 99.5M to 33.5M without `python2` according to `nix path-info -S -h`.
[1] https://pythonclock.org/
[2] https://github.com/virtualsquare/vde-2/releases/tag/vde-2
(vde.sourceforge.net redirects to this github page)
[3] https://packages.debian.org/en/jessie/vde2
[4] https://hydra.nixos.org/build/99185451, https://hydra.nixos.org/build/99187262
