public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge master into staging-next

Browse Source
This commit is contained in:
github-actions[bot]
2020-12-21 18:23:29 +00:00
committed by GitHub
parent d442b912ae b333263534
commit 85b7955180
26 changed files with 176 additions and 186 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
pkgs/os-specific/linux/kernel/linux-5.10.nix
View File

@@ -3,7 +3,7 @@
with stdenv.lib;
buildLinux (args // rec {
version = "5.10.1";
version = "5.10.2";
# modDirVersion needs to be x.y.z, will automatically add .0 if needed
modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg;
@@ -13,6 +13,6 @@ buildLinux (args // rec {
src = fetchurl {
url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz";
sha256 = "0p2fl7kl4ckphq17xir7n7vgrzlhbdqmyd2yyp4yilwvih9625pd";
sha256 = "18l1ywp99inm90434fm74w8rjfl4yl974kfcpizg2sp2p8xf311v";
};
} // (args.argsOverride or {}))

4
pkgs/os-specific/linux/kernel/linux-5.4.nix
View File

@@ -3,7 +3,7 @@
with stdenv.lib;
buildLinux (args // rec {
version = "5.4.84";
version = "5.4.85";
# modDirVersion needs to be x.y.z, will automatically add .0 if needed
modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg;
@@ -13,6 +13,6 @@ buildLinux (args // rec {
src = fetchurl {
url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz";
sha256 = "058mhczv6whjwxn7jjh1c6n5zrqjdnvbl2mp7jkfrg6frpvgr189";
sha256 = "0220k327aa7gg48fqw171mcng8h717c4a1v14r3q36ksirnmiqqx";
};
} // (args.argsOverride or {}))

4
pkgs/os-specific/linux/kernel/linux-5.9.nix
View File

@@ -3,7 +3,7 @@
with stdenv.lib;
buildLinux (args // rec {
version = "5.9.15";
version = "5.9.16";
# modDirVersion needs to be x.y.z, will automatically add .0 if needed
modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg;
@@ -13,6 +13,6 @@ buildLinux (args // rec {
src = fetchurl {
url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz";
sha256 = "1vhaayqjv1ha3nsxy9zbsz497ba4d4a1g0gfhgxcvci8dp8djh2p";
sha256 = "11mbnjvb5d5gwbrwlkqvzpg1ij4m19l5wr3wca9iiyg5i2papmxh";
};
} // (args.argsOverride or {}))

4
pkgs/os-specific/linux/kernel/linux-rt-5.10.nix
View File

@@ -6,7 +6,7 @@
, ... } @ args:
let
version = "5.10.1-rt19"; # updated by ./update-rt.sh
version = "5.10.1-rt20"; # updated by ./update-rt.sh
branch = lib.versions.majorMinor version;
kversion = builtins.elemAt (lib.splitString "-" version) 0;
in buildLinux (args // {
@@ -25,7 +25,7 @@ in buildLinux (args // {
name = "rt";
patch = fetchurl {
url = "mirror://kernel/linux/kernel/projects/rt/${branch}/older/patch-${version}.patch.xz";
sha256 = "0hihi7p866alh03ziz8q1l0p3sxi437h4a45c5dlv9lrg6f177qb";
sha256 = "0z8ljfcn908hzjl11fkmwrx2r7j0hcgpx07g21ag162qrn6g5qby";
};
}; in [ rt-patch ] ++ lib.remove rt-patch kernelPatches;

68
pkgs/os-specific/linux/pam_ssh_agent_auth/default.nix
View File

@@ -1,46 +1,52 @@
{ stdenv, fetchpatch, fetchurl, pam, openssl, perl }:
{ stdenv, fetchpatch, fetchFromGitHub, pam, openssl, perl }:
stdenv.mkDerivation rec {
name = "pam_ssh_agent_auth-0.10.3";
pname = "pam_ssh_agent_auth";
version = "0.10.4";
src = fetchurl {
url = "mirror://sourceforge/pamsshagentauth/${name}.tar.bz2";
sha256 = "0qx78x7nvqdscyp04hfijl4rgyf64xy03prr28hipvgasrcd6lrw";
src = fetchFromGitHub {
owner = "jbeverly";
repo = "pam_ssh_agent_auth";
rev = "pam_ssh_agent_auth-${version}";
sha256 = "YD1R8Cox0UoNiuWleKGzWSzxJ5lhDRCB2mZPp9OM6Cs=";
};
patches =
[ # Allow multiple colon-separated authorized keys files to be
# specified in the file= option.
./multiple-key-files.patch
(fetchpatch {
name = "openssl-1.1.1-1.patch";
url = "https://sources.debian.org/data/main/p/pam-ssh-agent-auth/0.10.3-3/debian/patches/openssl-1.1.1-1.patch";
sha256 = "1ndp5j4xfhzshhnl345gb4mkldx6vjfa7284xgng6ikhzpc6y7pf";
})
(fetchpatch {
name = "openssl-1.1.1-2.patch";
url = "https://sources.debian.org/data/main/p/pam-ssh-agent-auth/0.10.3-3/debian/patches/openssl-1.1.1-2.patch";
sha256 = "0ksrs4xr417by8klf7862n3dircvnw30an1akq4pnsd3ichscmww";
})
];
ed25519-donna = fetchFromGitHub {
owner = "floodyberry";
repo = "ed25519-donna";
rev = "8757bd4cd209cb032853ece0ce413f122eef212c";
sha256 = "ETFpIaWQnlYG8ZuDG2dNjUJddlvibB4ukHquTFn3NZM=";
};
buildInputs = [ pam openssl perl ];
# It's not clear to me why this is necessary, but without it, you see:
#
# checking OpenSSL header version... 1010104f (OpenSSL 1.1.1d 10 Sep 2019)
# checking OpenSSL library version... 1010104f (OpenSSL 1.1.1d 10 Sep 2019)
# checking whether OpenSSL's headers match the library... no
# configure: WARNING: Your OpenSSL headers do not match your
# library. Check config.log for details.
#
# ...despite the fact that clearly the values match
configureFlags = [ "--without-openssl-header-check" ];
patches = [
# Allow multiple colon-separated authorized keys files to be
# specified in the file= option.
./multiple-key-files.patch
];
configureFlags = [
# It's not clear to me why this is necessary, but without it, you see:
#
# checking OpenSSL header version... 1010108f (OpenSSL 1.1.1h 22 Sep 2020)
# checking OpenSSL library version... 1010108f (OpenSSL 1.1.1h 22 Sep 2020)
# checking whether OpenSSL's headers match the library... no
# configure: WARNING: Your OpenSSL headers do not match your
# library. Check config.log for details.
#
# ...despite the fact that clearly the values match
"--without-openssl-header-check"
# Make sure it can find ed25519-donna
"--with-cflags=-I$PWD"
];
prePatch = "cp -r ${ed25519-donna}/. ed25519-donna/.";
enableParallelBuilding = true;
meta = {
homepage = "http://pamsshagentauth.sourceforge.net/";
homepage = "https://github.com/jbeverly/pam_ssh_agent_auth";
description = "PAM module for authentication through the SSH agent";
maintainers = [ stdenv.lib.maintainers.eelco ];
platforms = stdenv.lib.platforms.linux;

12
pkgs/os-specific/linux/pam_ssh_agent_auth/multiple-key-files.patch
View File

@@ -87,21 +87,27 @@ diff -u pam_ssh_agent_auth-0.10.3-orig/pam_ssh_agent_auth.c pam_ssh_agent_auth-0
/*
* PAM_USER and PAM_RUSER do not necessarily have to get set by the calling application, and we may be unable to divine the latter.
@@ -187,16 +184,17 @@
@@ -184,5 +181,5 @@
*/
if(user && strlen(ruser) > 0) {
- pamsshagentauth_verbose("Attempting authentication: `%s' as `%s' using %s", ruser, user, authorized_keys_file);
+ pamsshagentauth_verbose("Attempting authentication: `%s' as `%s' using %s", ruser, user, authorized_keys_file_input);
@@ -201,3 +197,3 @@
retval = PAM_SUCCESS;
- pamsshagentauth_logit("Authenticated (sshd): `%s' as `%s' using %s", ruser, user, authorized_keys_file);
+ pamsshagentauth_logit("Authenticated (sshd): `%s' as `%s' using %s", ruser, user, authorized_keys_file_input);
@@ -211,11 +208,12 @@
/*
* this pw_uid is used to validate the SSH_AUTH_SOCK, and so must be the uid of the ruser invoking the program, not the target-user
*/
- if(pamsshagentauth_find_authorized_keys(user, ruser, servicename)) { /* getpwnam(ruser)->pw_uid)) { */
- pamsshagentauth_logit("Authenticated: `%s' as `%s' using %s", ruser, user, authorized_keys_file);
- pamsshagentauth_logit("Authenticated (agent): `%s' as `%s' using %s", ruser, user, authorized_keys_file);
+ const char *key_file;
+ if((key_file = pamsshagentauth_find_authorized_keys(user, ruser, servicename))) { /* getpwnam(ruser)->pw_uid)) { */
+ pamsshagentauth_logit("Authenticated: `%s' as `%s' using %s", ruser, user, key_file);
+ pamsshagentauth_logit("Authenticated (agent): `%s' as `%s' using %s", ruser, user, key_file);
retval = PAM_SUCCESS;
} else {
- pamsshagentauth_logit("Failed Authentication: `%s' as `%s' using %s", ruser, user, authorized_keys_file);