additional changes:
- tmate now depends on external libmsgpack and libssh
- postPatch is no longer useful as it applied to embedded msgpack
- regular automake can now be used
‘When upgrading to 0.29.0 you need to upgrade client as well as server
installations due to the locking and commandline interface changes
otherwise you’ll get an error msg about a RPC protocol mismatch or a
wrong commandline option. if you run a server that needs to support both
old and new clients, it is suggested that you have a “borg-0.28.2” and a
“borg-0.29.0” command. clients then can choose via e.g. “borg
–remote-path=borg-0.29.0 ...”.’
‘The default waiting time for a lock changed from infinity to 1 second
for a better interactive user experience. if the repo you want to access
is currently locked, borg will now terminate after 1s with an error
message. if you have scripts that shall wait for the lock for a longer
time, use –lock-wait N (with N being the maximum wait time in seconds).’
All changes: http://borgbackup.readthedocs.org/en/stable/changes.html
This patch is borrowed verbatim from Debian, where it is actively
maintained for each openssh update. It's also included in Fedora's
openssh package, in Arch linux as openssh-gssapi in the AUR, in MacOS
X, and presumably various other platforms and linux distros.
The main relevant parts of this patch:
- Adds several ssh_config options:
GSSAPIKeyExchange, GSSAPITrustDNS,
GSSAPIClientIdentity, GSSAPIServerIdentity
GSSAPIRenewalForcesRekey
- Optionally use an in-memory credentials cache api for security
My primary motivation for wanting the patch is the GSSAPIKeyExchange
and GSSAPITrustDNS features. My user ssh_config is shared across
several OSes, and it's a lot easier to manage if they all support the
same options.
added tldr to all-packages.nix
cleaned up style
added metadata
semicolons
didn't test on mac. removed platform
wrong types
fixed duplication of version
Currently the package is built with /var in $out/var. That fails when it
tries to create/write things at runtime (nix store is read-only).
Instead, tell it to use /var (global directory) and fixup the
installation phase so it doesn't touch /var (leave that for runtime).
This unbreaks the colord dbus service, which apparently is needed by
cups to create color profiles for printers.
Otherwise it will try to guess the log directory, and the guess might
not be the same if chroot builds are enabled or not.
The gruesome details from m4/sudo.m4:
````
dnl
dnl Where the I/O log files go, use /var/log/sudo-io if
dnl /var/log exists, else /{var,usr}/adm/sudo-io
dnl
AC_DEFUN([SUDO_IO_LOGDIR], [
AC_MSG_CHECKING(for I/O log dir location)
if test "${with_iologdir-yes}" != "yes"; then
iolog_dir="$with_iologdir"
elif test -d "/var/log"; then
iolog_dir="/var/log/sudo-io"
elif test -d "/var/adm"; then
iolog_dir="/var/adm/sudo-io"
else
iolog_dir="/usr/adm/sudo-io"
fi
if test "${with_iologdir}" != "no"; then
SUDO_DEFINE_UNQUOTED(_PATH_SUDO_IO_LOGDIR, "$iolog_dir")
fi
AC_MSG_RESULT($iolog_dir)
])dnl
````
Running zpaq on an older but not ancient 64-bit Intel server aborts
with an ‘Illegal instruction’ error. Turns out the build expression
was using -march=native to generate distibution binaries...
Change this to more conservative, portable settings which should
cover ‘all’ CPUs. It may run slightly slower — but that at least
implies running.
As a nice side effect, all common compile flags are now back in
`compileFlags` whence they came, and actually used consistently.
http://hydra.nixos.org/eval/1234895
The mass errors on Hydra seem transient; I verified ghc on i686-linux.
Only darwin jobs are queued ATM. There's a libpng security update
included in this merge, so I don't want to wait too long.
The configure script tries to probe whether /var/run exists when
determining the location for the pid file, which is not very nice when
doing chroot builds. Just set it explicitly to avoid the problem.
For reference, the culprit in configure.ac:
````
piddir=/var/run
if test ! -d $piddir ; then
piddir=`eval echo ${sysconfdir}`
case $piddir in
NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
esac
fi
AC_ARG_WITH([pid-dir],
[ --with-pid-dir=PATH Specify location of ssh.pid file],
...
````
Also, use the `install-nokeys` target in installPhase so we avoid
installing useless host keys into $out/etc/ssh and improve built purity
as well.
Relevant changes:
- Python version switched to Python 3
- ssdeep library got replaced with tlsh
- the 'magic' Python package got replaced with a different one
- Minor build system improvements == less work for us
Currently, building RPM with `python = python3` causes this:
checking for a Python interpreter with version >= 2.6... python3
checking for python3... /nix/store/dykqxnrwiz9drlcv2wy8lpvl3xvklx0g-python3-3.4.3/bin/python3
checking for python3 version... 3.4
checking for Python.h... yes
checking for library containing Py_Main... no
configure: error: missing python library
That comes from this snippet in configure.ac:
AC_SEARCH_LIBS([Py_Main],[python${PYTHON_VERSION} python],[
WITH_PYTHON_LIB="$ac_res"
],[AC_MSG_ERROR([missing python library])
])
So it's looking for (e.g) `libpython3.4.so` wheras we have `libpython3.4m.so`.
Patching the configure script to match seems to make that work (although
I don't really understand what the heck is this 'm' business about).
Arseniy Seroka
Matthew O'Gorman
Yann Hodique
Svend Sorensen
Tobias Geerinckx-Rice
Daniel Peebles
Jakob Gillich
Pascal Wittmann
Robin Gloster
Vladimír Čunát
noctuid
Robert Helgesson
Peter Simons
Jos van den Oever
Benjamin Staffin
Domen Kožar
Moritz Ulrich
Bjørn Forsman
Arseniy Seroka
Tomasz Kontusz
Radvendii
Mateusz Kowalczyk
Pascal Wittmann
Tuomas Tynkkynen
Fabian Schmitthenner
Damien Cassou
davidak
Benno Fünfstück
Michael Raskin
Kranium Gikos Mendoza
Dan Peebles
Eelco Dolstra
Edward Tjörnhammar
Arda Xi
codsl