public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
202,948 Commits 1 Branch 0 Tags
Commit Graph

15220 Commits

Author SHA1 Message Date
Vladimír Čunát
02217bf697 Merge #17838: postgresql: Fix use with extensions 2016-09-02 20:09:40 +02:00
Octavian Cerna
eb14130934 quagga test: Add test for the quagga service. 2016-09-02 14:00:32 +03:00
Octavian Cerna
a30d4654f2 quagga service: New NixOS module. 2016-09-02 13:59:51 +03:00
Rob Vermaas
d6dbe43af2 bightbox-image.nix: use lib in stead of stdenv.lib. Fixes #18208 2016-09-02 10:04:09 +00:00
Lancelot SIX
5b8072fff6
postgresql: Fix use with extensions 
Fixes #15512 and #16032

With the multi output, postgresql cannot find at runtime what is its
basedir when looking for libdir and pkglibdir. This commit fixes that.
 2016-09-02 11:51:21 +02:00
Nikolay Amiantov
608ee1c7b3 mjpg-streamer service: restart on failure 2016-09-02 11:44:16 +03:00
Luca Bruno
15bb6bb9d6 Merge pull request #15893 from groxxda/fix/accountsservice 
accountsservice: refactor package and service
 2016-09-02 08:16:10 +00:00
Domen Kožar
b84b523baf unstable is now 17.03 2016-09-02 08:47:21 +02:00
Parnell Springmeyer
1f9494b752 Need to create a new build to see why it's failing 2016-09-01 19:47:41 -05:00
Parnell Springmeyer
d60581d4d6 Resolving that silly bad argument error. 2016-09-01 19:26:54 -05:00
Parnell Springmeyer
c686da8655 Updatig the chromium-suid-sandbox module 2016-09-01 19:26:30 -05:00
Parnell Springmeyer
849dcde2a5 Wonder why this wasn't removed in the rebase? 2016-09-01 19:22:37 -05:00
Parnell Springmeyer
98c058a1ee Adapting everything for the merged permissions wrappers work. 2016-09-01 19:21:06 -05:00
Parnell Springmeyer
390ab0b3ef everything?: Updating every package that depended on the old setuidPrograms configuration. 2016-09-01 19:17:43 -05:00
Parnell Springmeyer
81b33eb466 security: Updating the machinery for creating the wrapper programs dir in var and updating ping and ping6 for changed config interface. 2016-09-01 19:16:36 -05:00
Parnell Springmeyer
79e81aa31b security: Removing the old wrappers and replacing with 'permissions-wrappers' 2016-09-01 19:15:56 -05:00
Parnell Springmeyer
c16647ec29 security: switching to linuxHeaders so we always stay current with the selected kernel. 2016-09-01 19:15:56 -05:00
Parnell Springmeyer
79f1a1e07a security: need to specify the ping binary paths for setcap wrappers. 2016-09-01 19:15:56 -05:00
Parnell Springmeyer
2efb60c8e9 security: tweaking the setcap-wrapper example to be more relevant 2016-09-01 19:15:56 -05:00
Parnell Springmeyer
4e98aa639f module-list: adding setcap-wrappers to the import list 2016-09-01 19:15:56 -05:00
Parnell Springmeyer
1c0f672f7a security: update setcap-wrappers dir to match the system-level dir we're creating on init 2016-09-01 19:15:56 -05:00
Parnell Springmeyer
12a23b3d91 boot: create setcap-wrappers dir as a tmpfs 2016-09-01 19:15:56 -05:00
Parnell Springmeyer
6fe93ae42a installer: adding perl 'next if' skip command for setcap-wrappers dir 2016-09-01 19:15:09 -05:00
Parnell Springmeyer
00dc2c559c installer: adding mkdir command for the setcap-wrappers dir 2016-09-01 19:15:09 -05:00
Parnell Springmeyer
b3d63f8191 security: whitespace wibble 2016-09-01 19:13:54 -05:00
Parnell Springmeyer
bfc3956376 security: adding setcap-wrapper functionality 2016-09-01 19:13:54 -05:00
Parnell Springmeyer
5deed1cb86 network-interfaces: use setcap-wrappers for ping and ping6 iff linux kernel is at-least 4.3 2016-09-01 19:13:54 -05:00
Domen Kožar
a6670c1a0b Fixes #18124: atomically replace /var/setuid-wrappers/ (#18186) 
Before this commit updating /var/setuid-wrappers/ folder introduced
a small window where NixOS activation scripts could be terminated
and resulted into empty /var/setuid-wrappers/ folder.

That's very unfortunate because one might lose sudo binary.

Instead we use two atomic operations mv and ln (as described in
https://axialcorps.com/2013/07/03/atomically-replacing-files-and-directories/)
to achieve atomicity.

Since /var/setuid-wrappers is not a directory anymore, tmpfs mountpoints
were removed in installation scripts and in boot process.

Tested:

- upgrade /var/setuid-wrappers/ from folder to a symlink
- make sure /run/setuid-wrappers-dirs/ legacy symlink is really deleted
 2016-09-01 20:57:51 +02:00
Данило Глинський (Danylo Hlynskyi)
78cd9f8ebc virtualbox: add headless build (without Qt dependency) (#18026) 2016-09-01 20:54:58 +02:00
Domen Kožar
d163882770 Merge pull request #18172 from Profpatsch/startAt-type 
systemd-unit-options: startAt can be a list
 2016-09-01 20:44:32 +02:00
Alexander Ried
1529641b52 accountsservice: add support for mutableUsers = false 
Add code to accountsservice that returns an error if the environment
variable NIXOS_USERS_PURE is set. This variable is set from the nixos
accountsservice module if mutableUsers = false
 2016-09-01 15:25:28 +02:00
Joachim Fasting
6df8de50f3
unbound service: whitespace fixes 2016-09-01 14:51:33 +02:00
Joachim Fasting
03c2c87ed6
unbound service: use mkEnableOption 2016-09-01 14:51:32 +02:00
Tuomas Tynkkynen
8c4aeb1780 Merge staging into master 
Brings in:
    - changed output order for multiple outputs:
      https://github.com/NixOS/nixpkgs/pull/14766
    - audit disabled by default
      https://github.com/NixOS/nixpkgs/pull/17916

 Conflicts:
	pkgs/development/libraries/openldap/default.nix
 2016-09-01 13:27:27 +03:00
Tuomas Tynkkynen
d02e5a7d8f nixos/filesystems: Drop compat code for filesystems.*.options type 2016-09-01 12:18:33 +03:00
Eelco Dolstra
8172cd734c docdev -> devdoc 
It's "developer documentation", not "documentation developer" after
all.
 2016-09-01 11:07:23 +02:00
Domen Kožar
f5271680c4 Fixes #14831 by using full path for binaries used in install-grub.pl 
Both btrfs-progs and utillinux are ~5MB, we may discuss in future
to handle this better but I see no better way at the moment than
increaing purity in the install process.
 2016-09-01 10:36:38 +02:00
Domen Kožar
2a7293fd9d install-grub.pl: fix a double slash prefix bug 2016-09-01 10:14:44 +02:00
Domen Kožar
5e5b0d039c install-grub.pl: add comments 2016-09-01 10:14:44 +02:00
Profpatsch
488f0d9cb3 systemd-unit-options: startAt can be a list 
OnCalendar entrys can be specified multiple times in a systemd timer, to
make more complex scheduling possible.

Tested by manually checking the timer generated by the following:

    systemd = {
      services.huhu = {
        description = "meh";
        wantedBy = [ "default.target" ];
        serviceConfig.ExecStart = "/bin/sh -c 'printf HUHU!'";
        startAt = [ "*:*:0/30" "*:0/1:15" ];
      };
    };

It prints HUHU to the log at seconds 0, 15 and 30 of each minute.
 2016-09-01 00:39:36 +02:00
Tuomas Tynkkynen
838c75398c release notes: Fix unclosed tag 2016-09-01 01:11:50 +03:00
Tuomas Tynkkynen
5ad122b500 release notes: Add note about audit being disabled by default 2016-08-31 23:15:47 +03:00
Tuomas Tynkkynen
16b3e26da4 audit: Disable by default 
Because in its default enabled state it it causes a global performance
hit on all system calls (https://fedorahosted.org/fesco/ticket/1311) and
unwanted spam in dmesg, in particular when using Chromium
(https://github.com/NixOS/nixpkgs/issues/13710).
 2016-08-31 23:15:41 +03:00
Tuomas Tynkkynen
5eff0b990c audit service: Explicitly call auditctl to disable everything 
Otherwise, journald might be starting auditing.
Some reading:
    - https://fedorahosted.org/fesco/ticket/1311
    - https://github.com/systemd/systemd/issues/959
    - 64f83d3087
 2016-08-31 23:15:32 +03:00
obadz
a3621b1047 nixos/…/swap.nix: add some safety assertions for randomEncryption 2016-08-31 15:29:11 +01:00
Domen Kožar
d8d75ddec6 Revert "setuid-wrappers: Update wrapper dir atomically." 
This reverts commit ee535056ce01514854cdd1c2d56faad84ae347af.

It doesn't work yet.
 2016-08-31 16:25:18 +02:00
Nikolay Amiantov
4499a505ed hidepid service: use new boot.specialFileSystems 2016-08-31 17:16:41 +03:00
Nikolay Amiantov
a4879c44c9 Merge pull request #18160 from obadz/swap-encryption 
nixos/…/swap.nix: remove backslashes from deviceName
 2016-08-31 17:59:45 +04:00
Nikolay Amiantov
7fa8c424bd nixos filesystems: move special filesystems to a dedicated option 
Fixes #18159.
 2016-08-31 16:50:13 +03:00
obadz
a7d238136d nixos/…/swap.nix: remove backslashes from deviceName 
Fixes #8277

Prior to this, backslashes would end up in fstab and the swap partition
was not activated.  Swap files seemed to work fine.
 2016-08-31 14:40:21 +01:00