diff --git a/nixos/modules/config/ldap.nix b/nixos/modules/config/ldap.nix
index 1a5dbcd4e26..e63f8c0d43e 100644
--- a/nixos/modules/config/ldap.nix
+++ b/nixos/modules/config/ldap.nix
@@ -59,30 +59,28 @@ in
users.ldap = {
- enable = mkOption {
- type = types.bool;
- default = false;
- description = "Whether to enable authentication against an LDAP server.";
- };
+ enable = mkEnableOption "authentication against an LDAP server";
loginPam = mkOption {
type = types.bool;
default = true;
- description = "Whether to include authentication against LDAP in login PAM";
+ description = "Whether to include authentication against LDAP in login PAM.";
};
nsswitch = mkOption {
type = types.bool;
default = true;
- description = "Whether to include lookup against LDAP in NSS";
+ description = "Whether to include lookup against LDAP in NSS.";
};
server = mkOption {
+ type = types.str;
example = "ldap://ldap.example.org/";
description = "The URL of the LDAP server.";
};
base = mkOption {
+ type = types.str;
example = "dc=example,dc=org";
description = "The distinguished name of the search base.";
};
@@ -129,7 +127,7 @@ in
type = types.lines;
description = ''
Extra configuration options that will be added verbatim at
- the end of the nslcd configuration file (nslcd.conf).
+ the end of the nslcd configuration file (nslcd.conf(5)).
'' ;
} ;
@@ -180,7 +178,7 @@ in
description = ''
Specifies the time limit (in seconds) to use when connecting
to the directory server. This is distinct from the time limit
- specified in users.ldap.timeLimit and affects
+ specified in and affects
the initial server connection only.
'';
};
@@ -197,7 +195,7 @@ in
actually contact the directory server, and it is possible that
a malformed configuration file will trigger reconnection. If
soft is specified, then
- nss_ldap will return immediately on server
+ nss_ldap will return immediately on server
failure. All hard reconnect policies block with exponential
backoff before retrying.
'';
@@ -209,10 +207,10 @@ in
type = types.lines;
description = ''
Extra configuration options that will be added verbatim at
- the end of the ldap configuration file (ldap.conf).
- If users.ldap.daemon is enabled, this
+ the end of the ldap configuration file (ldap.conf(5)).
+ If is enabled, this
configuration will not be used. In that case, use
- users.ldap.daemon.extraConfig instead.
+ instead.
'' ;
};
@@ -276,7 +274,12 @@ in
} >"$conf"
mv -fT "$conf" /run/nslcd/nslcd.conf
'';
- restartTriggers = [ "/run/nslcd/nslcd.conf" ];
+
+ restartTriggers = [
+ nslcdConfig
+ cfg.bind.passwordFile
+ cfg.daemon.rootpwmodpwFile
+ ];
serviceConfig = {
ExecStart = "${nslcdWrapped}/bin/nslcd";
diff --git a/nixos/modules/misc/locate.nix b/nixos/modules/misc/locate.nix
index 92aa3be0a36..426281c9412 100644
--- a/nixos/modules/misc/locate.nix
+++ b/nixos/modules/misc/locate.nix
@@ -73,7 +73,72 @@ in {
pruneFS = mkOption {
type = listOf str;
- default = ["afs" "anon_inodefs" "auto" "autofs" "bdev" "binfmt" "binfmt_misc" "cgroup" "cifs" "coda" "configfs" "cramfs" "cpuset" "debugfs" "devfs" "devpts" "devtmpfs" "ecryptfs" "eventpollfs" "exofs" "futexfs" "ftpfs" "fuse" "fusectl" "gfs" "gfs2" "hostfs" "hugetlbfs" "inotifyfs" "iso9660" "jffs2" "lustre" "misc" "mqueue" "ncpfs" "nnpfs" "ocfs" "ocfs2" "pipefs" "proc" "ramfs" "rpc_pipefs" "securityfs" "selinuxfs" "sfs" "shfs" "smbfs" "sockfs" "spufs" "nfs" "NFS" "nfs4" "nfsd" "sshfs" "subfs" "supermount" "sysfs" "tmpfs" "ubifs" "udf" "usbfs" "vboxsf" "vperfctrfs" ];
+ default = [
+ "afs"
+ "anon_inodefs"
+ "auto"
+ "autofs"
+ "bdev"
+ "binfmt"
+ "binfmt_misc"
+ "cgroup"
+ "cifs"
+ "coda"
+ "configfs"
+ "cramfs"
+ "cpuset"
+ "debugfs"
+ "devfs"
+ "devpts"
+ "devtmpfs"
+ "ecryptfs"
+ "eventpollfs"
+ "exofs"
+ "futexfs"
+ "ftpfs"
+ "fuse"
+ "fusectl"
+ "fuse.sshfs"
+ "gfs"
+ "gfs2"
+ "hostfs"
+ "hugetlbfs"
+ "inotifyfs"
+ "iso9660"
+ "jffs2"
+ "lustre"
+ "misc"
+ "mqueue"
+ "ncpfs"
+ "nnpfs"
+ "ocfs"
+ "ocfs2"
+ "pipefs"
+ "proc"
+ "ramfs"
+ "rpc_pipefs"
+ "securityfs"
+ "selinuxfs"
+ "sfs"
+ "shfs"
+ "smbfs"
+ "sockfs"
+ "spufs"
+ "nfs"
+ "NFS"
+ "nfs4"
+ "nfsd"
+ "sshfs"
+ "subfs"
+ "supermount"
+ "sysfs"
+ "tmpfs"
+ "ubifs"
+ "udf"
+ "usbfs"
+ "vboxsf"
+ "vperfctrfs"
+ ];
description = ''
Which filesystem types to exclude from indexing
'';
diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix
index 807a4bcdd9b..de77bef2535 100644
--- a/nixos/tests/all-tests.nix
+++ b/nixos/tests/all-tests.nix
@@ -195,6 +195,7 @@ in
lidarr = handleTest ./lidarr.nix {};
lightdm = handleTest ./lightdm.nix {};
limesurvey = handleTest ./limesurvey.nix {};
+ locate = handleTest ./locate.nix {};
login = handleTest ./login.nix {};
loki = handleTest ./loki.nix {};
lsd = handleTest ./lsd.nix {};
diff --git a/nixos/tests/locate.nix b/nixos/tests/locate.nix
new file mode 100644
index 00000000000..8818607f955
--- /dev/null
+++ b/nixos/tests/locate.nix
@@ -0,0 +1,62 @@
+import ./make-test-python.nix ({ lib, pkgs, ... }:
+ let inherit (import ./ssh-keys.nix pkgs) snakeOilPrivateKey snakeOilPublicKey;
+ in {
+ name = "locate";
+ meta.maintainers = with pkgs.stdenv.lib.maintainers; [ chkno ];
+
+ nodes = rec {
+ a = {
+ environment.systemPackages = with pkgs; [ sshfs ];
+ fileSystems = lib.mkVMOverride {
+ "/ssh" = {
+ device = "alice@b:/";
+ fsType = "fuse.sshfs";
+ options = [
+ "allow_other"
+ "IdentityFile=/privkey"
+ "noauto"
+ "StrictHostKeyChecking=no"
+ "UserKnownHostsFile=/dev/null"
+ ];
+ };
+ };
+ services.locate = {
+ enable = true;
+ interval = "*:*:0/5";
+ };
+ };
+ b = {
+ services.openssh.enable = true;
+ users.users.alice = {
+ isNormalUser = true;
+ openssh.authorizedKeys.keys = [ snakeOilPublicKey ];
+ };
+ };
+ };
+
+ testScript = ''
+ start_all()
+
+ # Set up sshfs mount
+ a.succeed(
+ "(umask 077; cat ${snakeOilPrivateKey} > /privkey)"
+ )
+ b.succeed("touch /file-on-b-machine")
+ b.wait_for_open_port(22)
+ a.succeed("mkdir /ssh")
+ a.succeed("mount /ssh")
+
+ # Core locatedb functionality
+ a.succeed("touch /file-on-a-machine-1")
+ a.wait_for_file("/var/cache/locatedb")
+ a.wait_until_succeeds("locate file-on-a-machine-1")
+
+ # Wait for a second update to make sure we're using a locatedb from a run
+ # that began after the sshfs mount
+ a.succeed("touch /file-on-a-machine-2")
+ a.wait_until_succeeds("locate file-on-a-machine-2")
+
+ # We shouldn't be able to see files on the other machine
+ a.fail("locate file-on-b-machine")
+ '';
+ })
diff --git a/pkgs/applications/audio/musikcube/default.nix b/pkgs/applications/audio/musikcube/default.nix
index dc936083cae..10a3b3b8735 100644
--- a/pkgs/applications/audio/musikcube/default.nix
+++ b/pkgs/applications/audio/musikcube/default.nix
@@ -17,13 +17,13 @@
stdenv.mkDerivation rec {
pname = "musikcube";
- version = "0.96.1";
+ version = "0.96.2";
src = fetchFromGitHub {
owner = "clangen";
repo = pname;
rev = version;
- sha256 = "0gpyr25q6g9b8f9hi6jx3p4ijl7xrrjc78vw1fyjd59a7690d7kr";
+ sha256 = "1vvc8295yadprfqpmk9i43ghymgsqxsg8zfx3p5i86a8xrdhd9vn";
};
nativeBuildInputs = [
diff --git a/pkgs/applications/misc/rofimoji/default.nix b/pkgs/applications/misc/rofimoji/default.nix
index b76b1d6d21e..ed97c17bfd9 100644
--- a/pkgs/applications/misc/rofimoji/default.nix
+++ b/pkgs/applications/misc/rofimoji/default.nix
@@ -33,7 +33,10 @@ buildPythonApplication rec {
# The 'extractors' sub-module is used for development
# and has additional dependencies.
- postPatch = "rm -rf extractors";
+ postPatch = ''
+ rm -rf extractors
+ substituteInPlace setup.py --replace 'pyxdg==0.26' 'pyxdg'
+ '';
meta = with lib; {
description = "A simple emoji and character picker for rofi";
diff --git a/pkgs/applications/networking/browsers/firefox/wrapper.nix b/pkgs/applications/networking/browsers/firefox/wrapper.nix
index 7f0b826f905..a9888c3c47b 100644
--- a/pkgs/applications/networking/browsers/firefox/wrapper.nix
+++ b/pkgs/applications/networking/browsers/firefox/wrapper.nix
@@ -1,5 +1,5 @@
{ stdenv, lib, makeDesktopItem, makeWrapper, lndir, config
-, replace, fetchurl, zip, unzip, jq
+, replace, fetchurl, zip, unzip, jq, xdg_utils
## various stuff that can be plugged in
, flashplayer, hal-flash
@@ -251,6 +251,7 @@ let
--suffix LD_LIBRARY_PATH ':' "$libs" \
--suffix-each GTK_PATH ':' "$gtk_modules" \
--suffix-each LD_PRELOAD ':' "$(cat $(filterExisting $(addSuffix /extra-ld-preload $plugins)))" \
+ --prefix PATH ':' "${xdg_utils}/bin" \
--prefix-contents PATH ':' "$(filterExisting $(addSuffix /extra-bin-path $plugins))" \
--suffix PATH ':' "$out${browser.execdir or "/bin"}" \
--set MOZ_APP_LAUNCHER "${browserName}${nameSuffix}" \
diff --git a/pkgs/applications/networking/remote/citrix-workspace/sources.nix b/pkgs/applications/networking/remote/citrix-workspace/sources.nix
index bbeed5b779c..eb59f90e6dd 100644
--- a/pkgs/applications/networking/remote/citrix-workspace/sources.nix
+++ b/pkgs/applications/networking/remote/citrix-workspace/sources.nix
@@ -54,6 +54,17 @@ let
x86hash = "04cr2da25v8x098ccyjwa47d4krk3jpldqkyf4kk2j3hwzbqh9yx";
x64suffix = "6";
x86suffix = "6";
+ homepage = "https://www.citrix.com/de-de/downloads/workspace-app/legacy-workspace-app-for-linux/workspace-app-for-linux-2010.html";
+ };
+
+ "20.12.0" = {
+ major = "20";
+ minor = "12";
+ patch = "0";
+ x64hash = "1268nriqjp27nxqqi4dvkv8r01yj3bhglxv21xd185761da2mzry";
+ x86hash = "0f982d5y9k4hscqfmqpfs277cqw1pvp191ybvg5p8rxk12fh67vf";
+ x64suffix = "12";
+ x86suffix = "12";
homepage = "https://www.citrix.com/de-de/downloads/workspace-app/linux/workspace-app-for-linux-latest.html";
};
};
diff --git a/pkgs/development/compilers/rgbds/default.nix b/pkgs/development/compilers/rgbds/default.nix
index 499a0a5f936..4c8a4cfd4ef 100644
--- a/pkgs/development/compilers/rgbds/default.nix
+++ b/pkgs/development/compilers/rgbds/default.nix
@@ -6,12 +6,12 @@
stdenv.mkDerivation rec {
pname = "rgbds";
- version = "0.4.1";
+ version = "0.4.2";
src = fetchFromGitHub {
owner = "rednex";
repo = "rgbds";
rev = "v${version}";
- sha256 = "05djzl3h18zg2z5p2a881wjbmgikzkhf67cgk00frhw4v05sq0lf";
+ sha256 = "0lygj7jzjlq4w0mkiir7ycysrd1p1akyvzrppjcchja05mi8wy9p";
};
nativeBuildInputs = [ bison flex pkg-config libpng ];
installFlags = [ "PREFIX=\${out}" ];
diff --git a/pkgs/development/libraries/libff/default.nix b/pkgs/development/libraries/libff/default.nix
index 8413d5be441..874f45cae70 100644
--- a/pkgs/development/libraries/libff/default.nix
+++ b/pkgs/development/libraries/libff/default.nix
@@ -14,6 +14,12 @@ stdenv.mkDerivation rec {
cmakeFlags = [ "-DWITH_PROCPS=Off" ];
+ # CMake is hardcoded to always build static library which causes linker
+ # failure for Haskell applications depending on haskellPackages.hevm on macOS.
+ postPatch = stdenv.lib.optionalString stdenv.isDarwin ''
+ substituteInPlace libff/CMakeLists.txt --replace "STATIC" "SHARED"
+ '';
+
nativeBuildInputs = [ cmake pkg-config ];
buildInputs = [ boost gmp openssl ];
diff --git a/pkgs/games/tdm/default.nix b/pkgs/games/tdm/default.nix
deleted file mode 100644
index 98b7ecdc477..00000000000
--- a/pkgs/games/tdm/default.nix
+++ /dev/null
@@ -1,105 +0,0 @@
-{ stdenv, fetchurl, binutils-unwrapped, sconsPackages, gnum4, p7zip, glibc_multi, mesa
-, xorg, libGLU, libGL, openal
-, lib, makeWrapper, makeDesktopItem }:
-
-let
- pname = "tdm";
- version = "2.08";
-
- desktop = makeDesktopItem {
- desktopName = pname;
- name = pname;
- exec = "@out@/bin/${pname}";
- icon = pname;
- terminal = "false";
- comment = "The Dark Mod - stealth FPS inspired by the Thief series";
- type = "Application";
- categories = "Game;";
- genericName = pname;
- fileValidation = false;
- };
-in stdenv.mkDerivation {
- name = "${pname}-${version}";
- src = fetchurl {
- url = "https://www.thedarkmod.com/sources/thedarkmod.${version}.src.7z";
- sha256 = "0bmv07j6s6q3m7hnpx7cwrycjkbvlf0y9sg9migakni0jg9yz5ps";
- };
- nativeBuildInputs = [
- p7zip sconsPackages.scons_3_1_2 gnum4 makeWrapper
- ];
- buildInputs = [
- glibc_multi mesa.dev xorg.libX11.dev openal
- xorg.libXext.dev xorg.libXxf86vm.dev
- libGL libGLU
- ];
- unpackPhase = ''
- 7z x $src
- '';
-
- # I'm pretty sure there's a better way to build 2 targets than a random hook
- preBuild = ''
- pushd tdm_update
- scons BUILD=release TARGET_ARCH=x64
- install -Dm755 bin/tdm_update.linux64 $out/share/libexec/tdm_update.linux
- popd
- '';
-
- # why oh why can it find ld but not strip?
- postPatch = ''
- sed -i 's!strip \$!${binutils-unwrapped}/bin/strip $!' SConstruct
- # This adds math.h needed for math::floor
- sed -i 's|#include "Util.h"|#include "Util.h"\n#include |' tdm_update/ConsoleUpdater.cpp
- '';
-
- installPhase = ''
- runHook preInstall
-
- install -Dm644 ${desktop}/share/applications/${pname}.desktop $out/share/applications/${pname}.desktop
- substituteInPlace $out/share/applications/${pname}.desktop --subst-var out
- install -Dm755 thedarkmod.x64 $out/share/libexec/tdm
-
- # The package doesn't install assets, these get installed by running tdm_update.linux
- # Provide a script that runs tdm_update.linux on first launch
- install -Dm755 <(cat <<'EOF'
-#!/bin/sh
-set -e
-DIR="$HOME/.local/share/tdm"
-mkdir -p "$DIR"
-cd "$DIR"
-exec "PKGDIR/share/libexec/tdm_update.linux" --noselfupdate
-EOF
- ) $out/bin/tdm_update
-
- install -Dm755 <(cat <<'EOF'
-#!/bin/sh
-set -e
-DIR="$HOME/.local/share/tdm"
-if [ ! -d "$DIR" ]; then
- echo "Please run tdm_update to (re)download game data"
-else
- cd "$DIR"
- exec "PKGDIR/share/libexec/tdm"
-fi
-EOF
- ) $out/bin/tdm
- sed -i "s!PKGDIR!$out!g" $out/bin/tdm_update
- sed -i "s!PKGDIR!$out!g" $out/bin/tdm
-
- runHook postInstall
- '';
-
- postInstall = ''
- wrapProgram $out/bin/tdm --suffix LD_LIBRARY_PATH : ${lib.makeLibraryPath [ libGL libGLU ]}
- '';
-
- enableParallelBuilding = true;
- sconsFlags = [ "BUILD=release" "TARGET_ARCH=x64" ];
- NIX_CFLAGS_COMPILE = "-Wno-error=format-security";
- meta = with stdenv.lib; {
- description = "The Dark Mod - stealth FPS inspired by the Thief series";
- homepage = "http://www.thedarkmod.com";
- license = licenses.gpl3;
- maintainers = with maintainers; [ cizra ];
- platforms = with platforms; [ "x86_64-linux" ]; # tdm also supports x86, but I don't have a x86 install at hand to test.
- };
-}
diff --git a/pkgs/servers/consul/default.nix b/pkgs/servers/consul/default.nix
index 81cd2db7bd0..5d741cf0bba 100644
--- a/pkgs/servers/consul/default.nix
+++ b/pkgs/servers/consul/default.nix
@@ -2,7 +2,7 @@
buildGoModule rec {
pname = "consul";
- version = "1.9.0";
+ version = "1.9.1";
rev = "v${version}";
# Note: Currently only release tags are supported, because they have the Consul UI
@@ -17,7 +17,7 @@ buildGoModule rec {
owner = "hashicorp";
repo = pname;
inherit rev;
- sha256 = "06brmzj3h6my0pvi5n261180bfwgfn923702837jmkz7snpsdr9q";
+ sha256 = "06nw27crcrmz9p0hdc6g8ycq8p0kpbgf1g3i879f6h4jp4ca6zi3";
};
passthru.tests.consul = nixosTests.consul;
@@ -26,7 +26,7 @@ buildGoModule rec {
# has a split module structure in one repo
subPackages = ["." "connect/certgen"];
- vendorSha256 = "1mc567zgymfz8iy6bg603f857c05xfna1npk2hh490dsnskkfag0";
+ vendorSha256 = "01fwbgdr4kxq4li83xxadl33ry1lkb3zhmcf2yrimfk042zabpck";
doCheck = false;
diff --git a/pkgs/tools/misc/diffoscope/default.nix b/pkgs/tools/misc/diffoscope/default.nix
index 76c868f9b58..b910f3f9699 100644
--- a/pkgs/tools/misc/diffoscope/default.nix
+++ b/pkgs/tools/misc/diffoscope/default.nix
@@ -16,11 +16,11 @@ let
in
python3Packages.buildPythonApplication rec {
pname = "diffoscope";
- version = "161";
+ version = "163";
src = fetchurl {
url = "https://diffoscope.org/archive/diffoscope-${version}.tar.bz2";
- sha256 = "sha256-Frk+aVUQhWn/TvlG4zy5+R2z92rFIwO4NPRXYkS0rN4=";
+ sha256 = "sha256-pCAOMRZ3sn1jhdT5RuIZoMR1e6GEYJYyd4mZt7+0lWE=";
};
outputs = [ "out" "man" ];
diff --git a/pkgs/tools/misc/direnv/default.nix b/pkgs/tools/misc/direnv/default.nix
index 050dcf2955f..185b97d7273 100644
--- a/pkgs/tools/misc/direnv/default.nix
+++ b/pkgs/tools/misc/direnv/default.nix
@@ -2,7 +2,7 @@
buildGoModule rec {
pname = "direnv";
- version = "2.25.0";
+ version = "2.25.1";
vendorSha256 = null;
@@ -10,7 +10,7 @@ buildGoModule rec {
owner = "direnv";
repo = "direnv";
rev = "v${version}";
- sha256 = "00bvznswmz08s2jqpz5xxmkqggd06h6g8cwk242aaih6qajxfpsn";
+ sha256 = "0bwr7zdzjm5p6bjyzafc2n57y83f0pv2bmj99rhi8f94hhfydlsf";
};
# we have no bash at the moment for windows
diff --git a/pkgs/top-level/aliases.nix b/pkgs/top-level/aliases.nix
index b99ab6eb32d..3d4ce4b4536 100644
--- a/pkgs/top-level/aliases.nix
+++ b/pkgs/top-level/aliases.nix
@@ -607,6 +607,7 @@ mapAliases ({
systool = sysfsutils; # added 2018-04-25
tahoelafs = tahoe-lafs; # added 2018-03-26
tangogps = foxtrotgps; # added 2020-01-26
+ tdm = throw "tdm has been removed because nobody can figure out how to fix OpenAL integration. Use precompiled binary and `steam-run` instead.";
telepathy_farstream = telepathy-farstream; # added 2018-02-25
telepathy_gabble = telepathy-gabble; # added 2018-02-25
telepathy_glib = telepathy-glib; # added 2018-02-25
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 61c43289a62..c9b4e34c0ae 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -2935,13 +2935,14 @@ in
circus = callPackage ../tools/networking/circus { };
- citrix_workspace = citrix_workspace_20_10_0;
+ citrix_workspace = citrix_workspace_20_12_0;
inherit (callPackage ../applications/networking/remote/citrix-workspace { })
citrix_workspace_20_04_0
citrix_workspace_20_06_0
citrix_workspace_20_09_0
citrix_workspace_20_10_0
+ citrix_workspace_20_12_0
;
citra = libsForQt5.callPackage ../misc/emulators/citra { };
@@ -28801,8 +28802,6 @@ in
gcc-armhf-embedded = pkgsCross.armhf-embedded.buildPackages.gcc;
};
- tdm = callPackage ../games/tdm { };
-
newlib = callPackage ../development/misc/newlib { };
newlibCross = callPackage ../development/misc/newlib {
stdenv = crossLibcStdenv;