diff --git a/nixos/modules/config/ldap.nix b/nixos/modules/config/ldap.nix index 1a5dbcd4e26..e63f8c0d43e 100644 --- a/nixos/modules/config/ldap.nix +++ b/nixos/modules/config/ldap.nix @@ -59,30 +59,28 @@ in users.ldap = { - enable = mkOption { - type = types.bool; - default = false; - description = "Whether to enable authentication against an LDAP server."; - }; + enable = mkEnableOption "authentication against an LDAP server"; loginPam = mkOption { type = types.bool; default = true; - description = "Whether to include authentication against LDAP in login PAM"; + description = "Whether to include authentication against LDAP in login PAM."; }; nsswitch = mkOption { type = types.bool; default = true; - description = "Whether to include lookup against LDAP in NSS"; + description = "Whether to include lookup against LDAP in NSS."; }; server = mkOption { + type = types.str; example = "ldap://ldap.example.org/"; description = "The URL of the LDAP server."; }; base = mkOption { + type = types.str; example = "dc=example,dc=org"; description = "The distinguished name of the search base."; }; @@ -129,7 +127,7 @@ in type = types.lines; description = '' Extra configuration options that will be added verbatim at - the end of the nslcd configuration file (nslcd.conf). + the end of the nslcd configuration file (nslcd.conf(5)). '' ; } ; @@ -180,7 +178,7 @@ in description = '' Specifies the time limit (in seconds) to use when connecting to the directory server. This is distinct from the time limit - specified in users.ldap.timeLimit and affects + specified in and affects the initial server connection only. ''; }; @@ -197,7 +195,7 @@ in actually contact the directory server, and it is possible that a malformed configuration file will trigger reconnection. If soft is specified, then - nss_ldap will return immediately on server + nss_ldap will return immediately on server failure. All hard reconnect policies block with exponential backoff before retrying. ''; @@ -209,10 +207,10 @@ in type = types.lines; description = '' Extra configuration options that will be added verbatim at - the end of the ldap configuration file (ldap.conf). - If users.ldap.daemon is enabled, this + the end of the ldap configuration file (ldap.conf(5)). + If is enabled, this configuration will not be used. In that case, use - users.ldap.daemon.extraConfig instead. + instead. '' ; }; @@ -276,7 +274,12 @@ in } >"$conf" mv -fT "$conf" /run/nslcd/nslcd.conf ''; - restartTriggers = [ "/run/nslcd/nslcd.conf" ]; + + restartTriggers = [ + nslcdConfig + cfg.bind.passwordFile + cfg.daemon.rootpwmodpwFile + ]; serviceConfig = { ExecStart = "${nslcdWrapped}/bin/nslcd"; diff --git a/nixos/modules/misc/locate.nix b/nixos/modules/misc/locate.nix index 92aa3be0a36..426281c9412 100644 --- a/nixos/modules/misc/locate.nix +++ b/nixos/modules/misc/locate.nix @@ -73,7 +73,72 @@ in { pruneFS = mkOption { type = listOf str; - default = ["afs" "anon_inodefs" "auto" "autofs" "bdev" "binfmt" "binfmt_misc" "cgroup" "cifs" "coda" "configfs" "cramfs" "cpuset" "debugfs" "devfs" "devpts" "devtmpfs" "ecryptfs" "eventpollfs" "exofs" "futexfs" "ftpfs" "fuse" "fusectl" "gfs" "gfs2" "hostfs" "hugetlbfs" "inotifyfs" "iso9660" "jffs2" "lustre" "misc" "mqueue" "ncpfs" "nnpfs" "ocfs" "ocfs2" "pipefs" "proc" "ramfs" "rpc_pipefs" "securityfs" "selinuxfs" "sfs" "shfs" "smbfs" "sockfs" "spufs" "nfs" "NFS" "nfs4" "nfsd" "sshfs" "subfs" "supermount" "sysfs" "tmpfs" "ubifs" "udf" "usbfs" "vboxsf" "vperfctrfs" ]; + default = [ + "afs" + "anon_inodefs" + "auto" + "autofs" + "bdev" + "binfmt" + "binfmt_misc" + "cgroup" + "cifs" + "coda" + "configfs" + "cramfs" + "cpuset" + "debugfs" + "devfs" + "devpts" + "devtmpfs" + "ecryptfs" + "eventpollfs" + "exofs" + "futexfs" + "ftpfs" + "fuse" + "fusectl" + "fuse.sshfs" + "gfs" + "gfs2" + "hostfs" + "hugetlbfs" + "inotifyfs" + "iso9660" + "jffs2" + "lustre" + "misc" + "mqueue" + "ncpfs" + "nnpfs" + "ocfs" + "ocfs2" + "pipefs" + "proc" + "ramfs" + "rpc_pipefs" + "securityfs" + "selinuxfs" + "sfs" + "shfs" + "smbfs" + "sockfs" + "spufs" + "nfs" + "NFS" + "nfs4" + "nfsd" + "sshfs" + "subfs" + "supermount" + "sysfs" + "tmpfs" + "ubifs" + "udf" + "usbfs" + "vboxsf" + "vperfctrfs" + ]; description = '' Which filesystem types to exclude from indexing ''; diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 807a4bcdd9b..de77bef2535 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -195,6 +195,7 @@ in lidarr = handleTest ./lidarr.nix {}; lightdm = handleTest ./lightdm.nix {}; limesurvey = handleTest ./limesurvey.nix {}; + locate = handleTest ./locate.nix {}; login = handleTest ./login.nix {}; loki = handleTest ./loki.nix {}; lsd = handleTest ./lsd.nix {}; diff --git a/nixos/tests/locate.nix b/nixos/tests/locate.nix new file mode 100644 index 00000000000..8818607f955 --- /dev/null +++ b/nixos/tests/locate.nix @@ -0,0 +1,62 @@ +import ./make-test-python.nix ({ lib, pkgs, ... }: + let inherit (import ./ssh-keys.nix pkgs) snakeOilPrivateKey snakeOilPublicKey; + in { + name = "locate"; + meta.maintainers = with pkgs.stdenv.lib.maintainers; [ chkno ]; + + nodes = rec { + a = { + environment.systemPackages = with pkgs; [ sshfs ]; + fileSystems = lib.mkVMOverride { + "/ssh" = { + device = "alice@b:/"; + fsType = "fuse.sshfs"; + options = [ + "allow_other" + "IdentityFile=/privkey" + "noauto" + "StrictHostKeyChecking=no" + "UserKnownHostsFile=/dev/null" + ]; + }; + }; + services.locate = { + enable = true; + interval = "*:*:0/5"; + }; + }; + b = { + services.openssh.enable = true; + users.users.alice = { + isNormalUser = true; + openssh.authorizedKeys.keys = [ snakeOilPublicKey ]; + }; + }; + }; + + testScript = '' + start_all() + + # Set up sshfs mount + a.succeed( + "(umask 077; cat ${snakeOilPrivateKey} > /privkey)" + ) + b.succeed("touch /file-on-b-machine") + b.wait_for_open_port(22) + a.succeed("mkdir /ssh") + a.succeed("mount /ssh") + + # Core locatedb functionality + a.succeed("touch /file-on-a-machine-1") + a.wait_for_file("/var/cache/locatedb") + a.wait_until_succeeds("locate file-on-a-machine-1") + + # Wait for a second update to make sure we're using a locatedb from a run + # that began after the sshfs mount + a.succeed("touch /file-on-a-machine-2") + a.wait_until_succeeds("locate file-on-a-machine-2") + + # We shouldn't be able to see files on the other machine + a.fail("locate file-on-b-machine") + ''; + }) diff --git a/pkgs/applications/audio/musikcube/default.nix b/pkgs/applications/audio/musikcube/default.nix index dc936083cae..10a3b3b8735 100644 --- a/pkgs/applications/audio/musikcube/default.nix +++ b/pkgs/applications/audio/musikcube/default.nix @@ -17,13 +17,13 @@ stdenv.mkDerivation rec { pname = "musikcube"; - version = "0.96.1"; + version = "0.96.2"; src = fetchFromGitHub { owner = "clangen"; repo = pname; rev = version; - sha256 = "0gpyr25q6g9b8f9hi6jx3p4ijl7xrrjc78vw1fyjd59a7690d7kr"; + sha256 = "1vvc8295yadprfqpmk9i43ghymgsqxsg8zfx3p5i86a8xrdhd9vn"; }; nativeBuildInputs = [ diff --git a/pkgs/applications/misc/rofimoji/default.nix b/pkgs/applications/misc/rofimoji/default.nix index b76b1d6d21e..ed97c17bfd9 100644 --- a/pkgs/applications/misc/rofimoji/default.nix +++ b/pkgs/applications/misc/rofimoji/default.nix @@ -33,7 +33,10 @@ buildPythonApplication rec { # The 'extractors' sub-module is used for development # and has additional dependencies. - postPatch = "rm -rf extractors"; + postPatch = '' + rm -rf extractors + substituteInPlace setup.py --replace 'pyxdg==0.26' 'pyxdg' + ''; meta = with lib; { description = "A simple emoji and character picker for rofi"; diff --git a/pkgs/applications/networking/browsers/firefox/wrapper.nix b/pkgs/applications/networking/browsers/firefox/wrapper.nix index 7f0b826f905..a9888c3c47b 100644 --- a/pkgs/applications/networking/browsers/firefox/wrapper.nix +++ b/pkgs/applications/networking/browsers/firefox/wrapper.nix @@ -1,5 +1,5 @@ { stdenv, lib, makeDesktopItem, makeWrapper, lndir, config -, replace, fetchurl, zip, unzip, jq +, replace, fetchurl, zip, unzip, jq, xdg_utils ## various stuff that can be plugged in , flashplayer, hal-flash @@ -251,6 +251,7 @@ let --suffix LD_LIBRARY_PATH ':' "$libs" \ --suffix-each GTK_PATH ':' "$gtk_modules" \ --suffix-each LD_PRELOAD ':' "$(cat $(filterExisting $(addSuffix /extra-ld-preload $plugins)))" \ + --prefix PATH ':' "${xdg_utils}/bin" \ --prefix-contents PATH ':' "$(filterExisting $(addSuffix /extra-bin-path $plugins))" \ --suffix PATH ':' "$out${browser.execdir or "/bin"}" \ --set MOZ_APP_LAUNCHER "${browserName}${nameSuffix}" \ diff --git a/pkgs/applications/networking/remote/citrix-workspace/sources.nix b/pkgs/applications/networking/remote/citrix-workspace/sources.nix index bbeed5b779c..eb59f90e6dd 100644 --- a/pkgs/applications/networking/remote/citrix-workspace/sources.nix +++ b/pkgs/applications/networking/remote/citrix-workspace/sources.nix @@ -54,6 +54,17 @@ let x86hash = "04cr2da25v8x098ccyjwa47d4krk3jpldqkyf4kk2j3hwzbqh9yx"; x64suffix = "6"; x86suffix = "6"; + homepage = "https://www.citrix.com/de-de/downloads/workspace-app/legacy-workspace-app-for-linux/workspace-app-for-linux-2010.html"; + }; + + "20.12.0" = { + major = "20"; + minor = "12"; + patch = "0"; + x64hash = "1268nriqjp27nxqqi4dvkv8r01yj3bhglxv21xd185761da2mzry"; + x86hash = "0f982d5y9k4hscqfmqpfs277cqw1pvp191ybvg5p8rxk12fh67vf"; + x64suffix = "12"; + x86suffix = "12"; homepage = "https://www.citrix.com/de-de/downloads/workspace-app/linux/workspace-app-for-linux-latest.html"; }; }; diff --git a/pkgs/development/compilers/rgbds/default.nix b/pkgs/development/compilers/rgbds/default.nix index 499a0a5f936..4c8a4cfd4ef 100644 --- a/pkgs/development/compilers/rgbds/default.nix +++ b/pkgs/development/compilers/rgbds/default.nix @@ -6,12 +6,12 @@ stdenv.mkDerivation rec { pname = "rgbds"; - version = "0.4.1"; + version = "0.4.2"; src = fetchFromGitHub { owner = "rednex"; repo = "rgbds"; rev = "v${version}"; - sha256 = "05djzl3h18zg2z5p2a881wjbmgikzkhf67cgk00frhw4v05sq0lf"; + sha256 = "0lygj7jzjlq4w0mkiir7ycysrd1p1akyvzrppjcchja05mi8wy9p"; }; nativeBuildInputs = [ bison flex pkg-config libpng ]; installFlags = [ "PREFIX=\${out}" ]; diff --git a/pkgs/development/libraries/libff/default.nix b/pkgs/development/libraries/libff/default.nix index 8413d5be441..874f45cae70 100644 --- a/pkgs/development/libraries/libff/default.nix +++ b/pkgs/development/libraries/libff/default.nix @@ -14,6 +14,12 @@ stdenv.mkDerivation rec { cmakeFlags = [ "-DWITH_PROCPS=Off" ]; + # CMake is hardcoded to always build static library which causes linker + # failure for Haskell applications depending on haskellPackages.hevm on macOS. + postPatch = stdenv.lib.optionalString stdenv.isDarwin '' + substituteInPlace libff/CMakeLists.txt --replace "STATIC" "SHARED" + ''; + nativeBuildInputs = [ cmake pkg-config ]; buildInputs = [ boost gmp openssl ]; diff --git a/pkgs/games/tdm/default.nix b/pkgs/games/tdm/default.nix deleted file mode 100644 index 98b7ecdc477..00000000000 --- a/pkgs/games/tdm/default.nix +++ /dev/null @@ -1,105 +0,0 @@ -{ stdenv, fetchurl, binutils-unwrapped, sconsPackages, gnum4, p7zip, glibc_multi, mesa -, xorg, libGLU, libGL, openal -, lib, makeWrapper, makeDesktopItem }: - -let - pname = "tdm"; - version = "2.08"; - - desktop = makeDesktopItem { - desktopName = pname; - name = pname; - exec = "@out@/bin/${pname}"; - icon = pname; - terminal = "false"; - comment = "The Dark Mod - stealth FPS inspired by the Thief series"; - type = "Application"; - categories = "Game;"; - genericName = pname; - fileValidation = false; - }; -in stdenv.mkDerivation { - name = "${pname}-${version}"; - src = fetchurl { - url = "https://www.thedarkmod.com/sources/thedarkmod.${version}.src.7z"; - sha256 = "0bmv07j6s6q3m7hnpx7cwrycjkbvlf0y9sg9migakni0jg9yz5ps"; - }; - nativeBuildInputs = [ - p7zip sconsPackages.scons_3_1_2 gnum4 makeWrapper - ]; - buildInputs = [ - glibc_multi mesa.dev xorg.libX11.dev openal - xorg.libXext.dev xorg.libXxf86vm.dev - libGL libGLU - ]; - unpackPhase = '' - 7z x $src - ''; - - # I'm pretty sure there's a better way to build 2 targets than a random hook - preBuild = '' - pushd tdm_update - scons BUILD=release TARGET_ARCH=x64 - install -Dm755 bin/tdm_update.linux64 $out/share/libexec/tdm_update.linux - popd - ''; - - # why oh why can it find ld but not strip? - postPatch = '' - sed -i 's!strip \$!${binutils-unwrapped}/bin/strip $!' SConstruct - # This adds math.h needed for math::floor - sed -i 's|#include "Util.h"|#include "Util.h"\n#include |' tdm_update/ConsoleUpdater.cpp - ''; - - installPhase = '' - runHook preInstall - - install -Dm644 ${desktop}/share/applications/${pname}.desktop $out/share/applications/${pname}.desktop - substituteInPlace $out/share/applications/${pname}.desktop --subst-var out - install -Dm755 thedarkmod.x64 $out/share/libexec/tdm - - # The package doesn't install assets, these get installed by running tdm_update.linux - # Provide a script that runs tdm_update.linux on first launch - install -Dm755 <(cat <<'EOF' -#!/bin/sh -set -e -DIR="$HOME/.local/share/tdm" -mkdir -p "$DIR" -cd "$DIR" -exec "PKGDIR/share/libexec/tdm_update.linux" --noselfupdate -EOF - ) $out/bin/tdm_update - - install -Dm755 <(cat <<'EOF' -#!/bin/sh -set -e -DIR="$HOME/.local/share/tdm" -if [ ! -d "$DIR" ]; then - echo "Please run tdm_update to (re)download game data" -else - cd "$DIR" - exec "PKGDIR/share/libexec/tdm" -fi -EOF - ) $out/bin/tdm - sed -i "s!PKGDIR!$out!g" $out/bin/tdm_update - sed -i "s!PKGDIR!$out!g" $out/bin/tdm - - runHook postInstall - ''; - - postInstall = '' - wrapProgram $out/bin/tdm --suffix LD_LIBRARY_PATH : ${lib.makeLibraryPath [ libGL libGLU ]} - ''; - - enableParallelBuilding = true; - sconsFlags = [ "BUILD=release" "TARGET_ARCH=x64" ]; - NIX_CFLAGS_COMPILE = "-Wno-error=format-security"; - meta = with stdenv.lib; { - description = "The Dark Mod - stealth FPS inspired by the Thief series"; - homepage = "http://www.thedarkmod.com"; - license = licenses.gpl3; - maintainers = with maintainers; [ cizra ]; - platforms = with platforms; [ "x86_64-linux" ]; # tdm also supports x86, but I don't have a x86 install at hand to test. - }; -} diff --git a/pkgs/servers/consul/default.nix b/pkgs/servers/consul/default.nix index 81cd2db7bd0..5d741cf0bba 100644 --- a/pkgs/servers/consul/default.nix +++ b/pkgs/servers/consul/default.nix @@ -2,7 +2,7 @@ buildGoModule rec { pname = "consul"; - version = "1.9.0"; + version = "1.9.1"; rev = "v${version}"; # Note: Currently only release tags are supported, because they have the Consul UI @@ -17,7 +17,7 @@ buildGoModule rec { owner = "hashicorp"; repo = pname; inherit rev; - sha256 = "06brmzj3h6my0pvi5n261180bfwgfn923702837jmkz7snpsdr9q"; + sha256 = "06nw27crcrmz9p0hdc6g8ycq8p0kpbgf1g3i879f6h4jp4ca6zi3"; }; passthru.tests.consul = nixosTests.consul; @@ -26,7 +26,7 @@ buildGoModule rec { # has a split module structure in one repo subPackages = ["." "connect/certgen"]; - vendorSha256 = "1mc567zgymfz8iy6bg603f857c05xfna1npk2hh490dsnskkfag0"; + vendorSha256 = "01fwbgdr4kxq4li83xxadl33ry1lkb3zhmcf2yrimfk042zabpck"; doCheck = false; diff --git a/pkgs/tools/misc/diffoscope/default.nix b/pkgs/tools/misc/diffoscope/default.nix index 76c868f9b58..b910f3f9699 100644 --- a/pkgs/tools/misc/diffoscope/default.nix +++ b/pkgs/tools/misc/diffoscope/default.nix @@ -16,11 +16,11 @@ let in python3Packages.buildPythonApplication rec { pname = "diffoscope"; - version = "161"; + version = "163"; src = fetchurl { url = "https://diffoscope.org/archive/diffoscope-${version}.tar.bz2"; - sha256 = "sha256-Frk+aVUQhWn/TvlG4zy5+R2z92rFIwO4NPRXYkS0rN4="; + sha256 = "sha256-pCAOMRZ3sn1jhdT5RuIZoMR1e6GEYJYyd4mZt7+0lWE="; }; outputs = [ "out" "man" ]; diff --git a/pkgs/tools/misc/direnv/default.nix b/pkgs/tools/misc/direnv/default.nix index 050dcf2955f..185b97d7273 100644 --- a/pkgs/tools/misc/direnv/default.nix +++ b/pkgs/tools/misc/direnv/default.nix @@ -2,7 +2,7 @@ buildGoModule rec { pname = "direnv"; - version = "2.25.0"; + version = "2.25.1"; vendorSha256 = null; @@ -10,7 +10,7 @@ buildGoModule rec { owner = "direnv"; repo = "direnv"; rev = "v${version}"; - sha256 = "00bvznswmz08s2jqpz5xxmkqggd06h6g8cwk242aaih6qajxfpsn"; + sha256 = "0bwr7zdzjm5p6bjyzafc2n57y83f0pv2bmj99rhi8f94hhfydlsf"; }; # we have no bash at the moment for windows diff --git a/pkgs/top-level/aliases.nix b/pkgs/top-level/aliases.nix index b99ab6eb32d..3d4ce4b4536 100644 --- a/pkgs/top-level/aliases.nix +++ b/pkgs/top-level/aliases.nix @@ -607,6 +607,7 @@ mapAliases ({ systool = sysfsutils; # added 2018-04-25 tahoelafs = tahoe-lafs; # added 2018-03-26 tangogps = foxtrotgps; # added 2020-01-26 + tdm = throw "tdm has been removed because nobody can figure out how to fix OpenAL integration. Use precompiled binary and `steam-run` instead."; telepathy_farstream = telepathy-farstream; # added 2018-02-25 telepathy_gabble = telepathy-gabble; # added 2018-02-25 telepathy_glib = telepathy-glib; # added 2018-02-25 diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 61c43289a62..c9b4e34c0ae 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -2935,13 +2935,14 @@ in circus = callPackage ../tools/networking/circus { }; - citrix_workspace = citrix_workspace_20_10_0; + citrix_workspace = citrix_workspace_20_12_0; inherit (callPackage ../applications/networking/remote/citrix-workspace { }) citrix_workspace_20_04_0 citrix_workspace_20_06_0 citrix_workspace_20_09_0 citrix_workspace_20_10_0 + citrix_workspace_20_12_0 ; citra = libsForQt5.callPackage ../misc/emulators/citra { }; @@ -28801,8 +28802,6 @@ in gcc-armhf-embedded = pkgsCross.armhf-embedded.buildPackages.gcc; }; - tdm = callPackage ../games/tdm { }; - newlib = callPackage ../development/misc/newlib { }; newlibCross = callPackage ../development/misc/newlib { stdenv = crossLibcStdenv;