MirrorHub/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-19 00:08:32 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
93904 commits 272 branches 124 tags 6.3 GiB
Commit graph

5456 commits

Author SHA1 Message Date
Tuomas Tynkkynen
ba42683e9a libselinux: Fix ARM build failure 
Avoid this warning (which is in turn an error via -Werror):
````
avc_internal.c: In function 'avc_netlink_receive':
avc_internal.c:105:25: error: cast increases required alignment of target type [-Werror=cast-align]
 struct nlmsghdr *nlh = (struct nlmsghdr *)buf;
                        ^
````

The code allocates abuffer with "__attribute__ ((aligned))",
then passes it via a 'char*' parameter, which is then finally cast,
causing the warning. So the code is ok but compiler is not smart
enough to see it.

It seems that -Wcast-align is a no-op on x86, so this shows up on ARM
only.
 2016-10-18 23:54:29 +03:00
Graham Christensen
3bd1e62a6d Merge pull request #19578 from grahamc/facetimehd 
facetimehd: 2016-05-02 -> 2016-10-09
 2016-10-17 17:11:18 -04:00
Jörg Thalheim
756a6949f8 Merge pull request #19603 from aneeshusa/adopt-google-authenticator 
[WIP] Adopt google authenticator
 2016-10-16 22:06:40 +02:00
Nikolay Amiantov
40547dd4c4 cachefilesd: init at 0.10.9 2016-10-16 19:58:29 +03:00
Aneesh Agrawal
31b4fcd0b7 google-authenticator: adopt package 2016-10-16 12:42:51 -04:00
Graham Christensen
634a098940
linuxPackages.nvidia_x11: Remove us prefix from mirror 
At the time of the last upgrade, the new driver wasn't available on
anything but their US mirror. Pinning to the US mirror isn't
recommended or preferable, but I did it anyway to be able to get the
upgrade out.
 2016-10-16 11:08:17 -04:00
Graham Christensen
37bc2c0bbf
broadcom-sta: Support linux-4.8 2016-10-15 08:06:30 -04:00
Graham Christensen
2525a3d682
facetimehd: 2016-05-02 -> 2016-10-09 2016-10-15 07:42:08 -04:00
Tim Steinbach
b43c0dab8e
conky: 1.10.3 -> 1.10.5 2016-10-14 23:16:45 -04:00
Franz Pletz
f30f7d0cff
powertop: add homepage, cleanup 2016-10-14 00:02:30 +02:00
Graham Christensen
88a47f1950 Merge pull request #19467 from grahamc/nvidia-x11-master 
nvidia-x11: 367.35 -> 367.57
 2016-10-12 19:07:29 -04:00
Graham Christensen
b98c0a668e
nvidia-x11: 367.35 -> 367.57 2016-10-11 19:43:58 -04:00
Vladimír Čunát
9d1dfc9ed0 Merge #18861: add AMDGPU-PRO driver 2016-10-11 19:57:30 +02:00
David McFarland
3b4ce62451 amdgpu-pro: Init at 16.30.3-315407 2016-10-11 14:19:38 -03:00
Joachim Fasting
ce73a3ea0f grsecurity: 4.7.6-201609301918 -> 4.7.7-201610101902 2016-10-11 13:15:16 +02:00
Eelco Dolstra
88f10ad409 aggregateModules: Preserve kernel's modules.{builtin,order} 
Fixes #19426.
 2016-10-11 11:42:41 +02:00
sternenseemann
3fb2993cb3 maintainers: rename lukasepple according to github account name 2016-10-09 22:04:22 +02:00
Aneesh Agrawal
f0602d2d36 kernel: Make SECURITY_YAMA optional 
It's highly recommended, but not required to run NixOS.
 2016-10-08 17:46:33 +02:00
Aneesh Agrawal
a000ed181c linux config: enable the Yama LSM (#14392) 
The Yama Linux Security Module restricts the use of ptrace so that
processes cannot ptrace processes that are not their children. This
prevents attackers from compromising one user-level processes and
snooping on the memory and runtime state of other processes owned
by the same user.
 2016-10-08 16:40:12 +02:00
Tim Steinbach
a699eb4798 linux: 4.4.23 -> 4.4.24 (#19346) 2016-10-08 07:02:07 +02:00
Tim Steinbach
9481edec56 linux: 4.7.6 -> 4.7.7 (#19345) 2016-10-08 07:01:51 +02:00
Tim Steinbach
07e67b33af linux: 4.8.0 -> 4.8.1 (#19344) 2016-10-08 07:01:27 +02:00
Marco Maggesi
435673b948 Revert "Revert "linux*: remove 3.14, as it's no longer maintained"" 
In the end, it is too dangerous to have an unmaintained kernel in
nixpkgs.  Revert the revert.

This reverts commit e921725176.
 2016-10-07 23:26:32 +02:00
Marco Maggesi
e921725176 Revert "linux*: remove 3.14, as it's no longer maintained" 
This is the simplest way to reenable the use of BLCR
(which at present requires linux version >3.12 <3.18)
until we find a better solution.

This reverts commit 6a9e765e27.
 2016-10-07 14:31:24 +02:00
Thomas Tuegel
2e255a2edd
Merge branch 'staging' 2016-10-06 09:51:02 -05:00
Eelco Dolstra
a8b61b0aad Merge pull request #19278 from anderspapitto/local 
perf: add dependency on libaudit
 2016-10-06 11:45:54 +02:00
Anders Papitto
aa44330963 perf: add dependency on libaudit 
the `trace` subcommand of perf is only enabled when libaudit is
available at compile time
 2016-10-05 17:59:44 -07:00
Jörg Thalheim
638d4b4d71 Merge pull request #19265 from Mic92/rtkit 
rtkit: apply security relevant patch
 2016-10-06 00:07:35 +02:00
Eelco Dolstra
f084274eeb Merge pull request #19251 from groxxda/patch-2 
kernel: Disable RT_GROUP_SCHED
 2016-10-05 20:05:18 +02:00
Vladimír Čunát
30f551d8b2 Merge branch 'master' into staging 2016-10-05 19:02:48 +02:00
Jörg Thalheim
c684eb756a
rtkit: *security* Pass uid of caller to polkit 
Otherwise, we force polkit to look up the uid itself in /proc, which is racy if
they execve() a setuid binary.
 2016-10-05 18:11:02 +02:00
Alexander Ried
96fbdf8594 kernel: Disable RT_GROUP_SCHED 
Follow systemd recommendation
fd74fa791f/README (L96-L103)
 2016-10-05 12:52:45 +02:00
Alexander Ried
4e91e8cb3d rtkit: add patch from debian to remove ControlGroup stanza 
fixes log clutter:
systemd[1]: [/nix/store/....-rtkit-0.11/etc/systemd/system/rtkit-daemon.service:32] Unknown lvalue 'ControlGroup' in section 'Service'
 2016-10-05 11:23:11 +02:00
Thomas Tuegel
d067b7bd35
Merge branch 'kde-5' into staging 2016-10-04 21:50:17 -05:00
Shea Levy
e54313d183 Revert "Revert "Linux 4.8"" 
Now featuring @aszlig's modinst_arg_list_too_long patch.

This reverts commit 43bedb970d.

Fixes #19213
 2016-10-04 10:10:36 -04:00
Shea Levy
43bedb970d Revert "Linux 4.8" 
This reverts commit e4958d54b1.
 2016-10-03 22:04:43 -04:00
Vladimír Čunát
1525568c74 util-linux: fixup patch hash from grandparent merge 
And name the file, too.
 2016-10-03 23:06:51 +02:00
Jörg Thalheim
45f64a37c9 Merge pull request #19175 from Mic92/util-linux 
util-linux: workaround CVE-2016-2779
 2016-10-03 22:53:21 +02:00
Jörg Thalheim
888f6a1280 Merge pull request #19199 from wizeman/u/fix-help2man-hash 
help2man: fix hash
 2016-10-03 19:26:44 +02:00
Franz Pletz
beca8946ee
jool: 3.4.5 -> 3.5.0 2016-10-03 18:25:28 +02:00
Shea Levy
e4958d54b1 Linux 4.8 2016-10-03 08:45:45 -04:00
Eric Sagnes
58d44a376e wireguard: 2016-08-08 -> 2016-10-01 2016-10-03 17:06:11 +09:00
Jörg Thalheim
ba00ba65eb
util-linux: workaround CVE-2016-2779 
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2779
 2016-10-03 08:49:56 +02:00
Joachim Fasting
9a9237e0aa
grsecurity: revamp nixos kernel config 
Cleanup:
- Restructure & add some commentary
- Remove redundant option specs given the auto config
  constraints (some are left in for documentation purposes)

Changes:
- GRKERNSEC_CONFIG_VIRT_HOST -> GUEST
  The former deselects paravirtualization and friends
- PAX_LATENT_ENTROPY n -> y (implied by auto)
- GRKERNSEC_ACL_HIDEKERN y -> n
  Possibly useless with redistribution
 2016-10-02 19:25:58 +02:00
Joachim Fasting
1bb7b44cd7
grsecurity: make GRKERNSEC y and PAX y implicit 
These options should always be specified. Note, an implication of this
change is that not specifying any grsec/PaX options results in a build
failure.
 2016-10-02 19:25:58 +02:00
Tuomas Tynkkynen
19225bf5cc Merge remote-tracking branch 'upstream/master' into staging 2016-10-02 10:36:47 +03:00
Tuomas Tynkkynen
f5dd3a703d treewide: Fix more lib.optional misuses 2016-10-02 00:44:10 +03:00
Aneesh Agrawal
fcee1d0b28
Remove redundant -DCMAKE_BUILD_TYPE=Release flags 
Since commit 183d05a0 in 2012, this is the default.

fixes #18000
 2016-10-01 16:13:41 +02:00
Joachim Fasting
2ec9a1a955
grsecurity: 4.7.5-201609261522 -> 4.7.6-201609301918 2016-10-01 08:47:30 +02:00
Joachim Fasting
22108b7a10
linux_4_7: 4.7.5 -> 4.7.6 2016-10-01 08:46:31 +02:00