public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
259,997 Commits 1 Branch 0 Tags
Commit Graph

259997 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Klemens Nanni
8833983f26 nixos/users-groups: createHome: Ensure HOME permissions, fix description 
configuration.nix(1) states

    users.extraUsers.<name>.createHome
        [...] If [...] the home directory already exists but is not
        owned by the user, directory owner and group will be changed to
        match the user.

i.e. ownership would change only if the user mismatched;  the code
however ignores the owner, it is sufficient to enable `createHome`:

    if ($u->{createHome}) {
        make_path($u->{home}, { mode => 0700 }) if ! -e $u->{home};
        chown $u->{uid}, $u->{gid}, $u->{home};
    }

Furthermore, permissions are ignored on already existing directories and
therefore may allow others to read private data eventually.

Given that createHome already acts as switch to not only create but
effectively own the home directory, manage permissions in the same
manner to ensure the intended default and cover all primary attributes.

Avoid yet another configuration option to have administrators make a
clear and simple choice between securely managing home directories
and optionally defering management to own code (taking care of custom
location, ownership, mode, extended attributes, etc.).

While here, simplify and thereby fix misleading documentation.
 2020-12-16 03:40:29 +01:00
Aaron Andersen
3557bb49b0 sqitch: package cleanup 2020-12-15 21:12:03 -05:00
Jan Solanti
63889b0267 pipewire: 0.3.17 -> 0.3.18 2020-12-16 02:55:07 +02:00
github-actions[bot]
bc3c95481e
Merge staging-next into staging 2020-12-16 00:41:26 +00:00
github-actions[bot]
41d1ebd7df
Merge master into staging-next 2020-12-16 00:41:23 +00:00
Sam Bickley
e924c5d80f tor-browser-bundle-bin: 10.0.6 -> 10.0.7 2020-12-15 17:40:01 -06:00
Aaron Andersen
5d5e970ce0
Merge pull request #103596 from matt-snider/sqitch-mysql 
sqitchMysql: init at 1.1.0
 2020-12-15 18:01:14 -05:00
Lassulus
00b8fa792b
Merge pull request #106000 from Luis-Hebendanz/firefoxWrapperAddonSettings 
firefox: wrapper updating an addon perserves addon settings
 2020-12-15 22:16:48 +01:00
Luis Hebendanz
1c8c134972 firefox: wrapper updating an addon perserves addon settings 2020-12-15 22:02:34 +01:00
Vincent Laporte
de8205f8bb coq_8_13: init at 8.13+β1 2020-12-15 21:13:40 +01:00
eyjhb
2636ff59fb
evdi: unstable-20200416 -> v1.7.2 2020-12-15 21:02:30 +01:00
Austin Seipp
f808840020
Merge pull request #106644 from raboof/libseccomp-reproducible-pythonsrc 
libseccomp: make pythonsrc reproducible
 2020-12-15 13:57:24 -06:00
0x4A6F
75b1ba928a dasel: 1.9.0 -> 1.9.1 2020-12-16 05:55:36 +10:00
0x4A6F
bd247b7ca5 dasel: 1.8.0 -> 1.9.0 2020-12-16 05:55:36 +10:00
Mauricio Collares
8100c5a44b sage: 8.9 -> 9.2 fixups 2020-12-15 16:51:42 -03:00
zowoq
ee275b02c1 gitAndTools.gh: 1.3.1 -> 1.4.0 
https://github.com/cli/cli/releases/tag/v1.4.0
 2020-12-16 05:50:32 +10:00
Guillaume Girol
824d2c92bd
Merge pull request #82584 from Atemu/dnscrypt-default-config 
dnscrypt-proxy2: base settings on example config
 2020-12-15 19:47:43 +00:00
Mauricio Collares
795baaa89e cypari2: revert 2.1.1 -> 2.1.2 update, sync with pip-install-hook.sh 
pip install deprecated the --build flag. The standard python
installPhase (in pip-install-hook.sh) got updated in commit
76966f8dddf9b0b5bb2d21128c5fd3e4cf3d6256, but we use a custom one so
we need to update it separately.
 2020-12-15 16:46:44 -03:00
Mauricio Collares
88cfc7f87b ppl: fetch clang patch from alternate location (that doesn't require auth) 2020-12-15 16:46:44 -03:00
Mauricio Collares
8b8cae779f pari: update tarball location, since it moved 2020-12-15 16:46:43 -03:00
Mauricio Collares
4058e45736 nauty: update tarball sha256 
The old `nauty` tarball is currently accessible at
https://distfiles.macports.org/nauty/nauty27r1.tar.gz. The diff is a
single line in genbg.c:

-    SUMMARY(&nout,t2-t1);
+    SUMMARY(nout,t2-t1);
 2020-12-15 16:46:43 -03:00
Tim Steinbach
853bac5b2b
linux/hardened/patches/5.8: remove 2020-12-15 14:34:44 -05:00
Tim Steinbach
a83bf32bab
linux: 5.10 -> 5.10.1 2020-12-15 14:34:40 -05:00
Jan Tojnar
f5525b73a2
python3.pkgs.lml: fix build 
0.1.0 switched from nose to pytest. But it fails even with that.
 2020-12-15 20:32:11 +01:00
Guillaume Girol
43acd21b06
Merge pull request #106762 from symphorien/thunar-send-email 
xfce.exo: fix $out/lib/xfce4/exo/exo-compose-mail
 2020-12-15 19:19:39 +00:00
Mario Rodas
9c8a7716d3 docker-slim: 1.32.0 -> 1.33.0 
https://github.com/docker-slim/docker-slim/releases/tag/1.33.0
 2020-12-15 13:45:00 -05:00
Mario Rodas
a4d86d5425
Merge pull request #106969 from marsam/update-go-tools 
go-tools: 2020.1.6 -> 2020.2
 2020-12-15 13:36:13 -05:00
Thiago Franco de Moraes
e78a2d39f0
vtk: qt514 -> qt515 2020-12-15 15:31:55 -03:00
github-actions[bot]
6e0acbf2ec
Merge staging-next into staging 2020-12-15 18:20:53 +00:00
github-actions[bot]
21b31ca4d3
Merge master into staging-next 2020-12-15 18:20:49 +00:00
Jan Tojnar
7e8b2b7e98
phpPackages: convert to scope 
This will make it easier to make overridable.

Had to rename `packages` attribute to `tools` in `php-packages.nix` because `packages` is shadowed by `makeScope`.
 2020-12-15 17:57:40 +01:00
Severyn Lisovskyi
a8d2b7b42e
hstr: add darwin support (#106798) 2020-12-15 11:50:46 -05:00
Tim Steinbach
a7c6597772
Merge pull request #106966 from r-ryantm/auto-update/sbt 
sbt: 1.4.4 -> 1.4.5
 2020-12-15 11:17:19 -05:00
Vladimír Čunát
818c3001e8
knot-dns: 3.0.2 -> 3.0.3 
https://gitlab.nic.cz/knot/knot-dns/-/tags/v3.0.3
 2020-12-15 16:58:56 +01:00
Graham Christensen
9612cb9092
Merge pull request #84062 from abathur/fix/yadm_src_usage 
yadm: install from build directory instead of $src
 2020-12-15 10:39:20 -05:00
Daniël de Kok
a3ad080853
Merge pull request #106965 from Flakebi/amdvlk 
amdvlk: 2020.Q4.5 -> 2020.Q4.6
 2020-12-15 16:32:28 +01:00
Kevin Cox
55cd0a3c81
Merge pull request #106668 from bbigras/tailscale 
tailscale: 1.2.8 -> 1.2.10
 2020-12-15 10:26:37 -05:00
Ben Siraphob
20a9e43d60 archivy: 0.9.2 -> 0.9.3 2020-12-15 22:21:51 +07:00
Ben Siraphob
fecbcb7681 knightos-kcc: 4.0.0 -> 4.0.4 2020-12-15 22:11:13 +07:00
Robert Hensing
408e703eed
Merge pull request #106958 from NixOS/doc-cross-compilation-remove-confusing-reexplanation 
doc/cross-compilation: Remove confusing re-explanation
 2020-12-15 15:57:53 +01:00
Robert Hensing
3393e110a9
doc/stdenv/cross-compilation.chapter.md typo 
Co-authored-by: John Ericson <git@JohnEricson.me>
 2020-12-15 15:57:27 +01:00
adisbladis
250cacea8c
Merge pull request #105674 from xwvvvvwx/radicle-upstream 
radicle-upstream: init at 0.1.5
 2020-12-15 15:38:17 +01:00
R. RyanTM
800c4724b7 sbt: 1.4.4 -> 1.4.5 2020-12-15 14:30:32 +00:00
Tim Steinbach
ba31c04641
lsd: Fix test 
CLI arguments changes in 0.19.0
See https://github.com/Peltoche/lsd/issues/461
 2020-12-15 09:10:34 -05:00
Kevin Cox
da5e0d3df8
Merge pull request #106677 from tfmoraes/vtk9_qt515 
vtk_9: qt514 -> qt515
 2020-12-15 08:59:30 -05:00
Sebastian Neubauer
89ce7a70f1 amdvlk: 2020.Q4.5 -> 2020.Q4.6 2020-12-15 14:56:14 +01:00
R. RyanTM
bc0d65919f obsidian: 0.9.20 -> 0.9.22 2020-12-15 13:06:39 +00:00
Arnout Engelen
40b1f0d473 pyopenssl: skip test that fails on i686 
Found in https://github.com/NixOS/nixpkgs/pull/105454#issuecomment-743973848

Upstream issue https://github.com/pyca/pyopenssl/issues/974
 2020-12-15 13:49:21 +01:00
Ryan Mulligan
d094f26f32
Merge pull request #106938 from r-ryantm/auto-update/python3.8-dtschema 
dt-schema: 2020.11 -> 2020.12
 2020-12-15 04:21:43 -08:00
github-actions[bot]
77b786a5d9
Merge staging-next into staging 2020-12-15 12:20:58 +00:00