diff options
| author | Shea Levy <shea@shealevy.com> | 2018-02-28 17:07:13 -0500 |
|---|---|---|
| committer | Shea Levy <shea@shealevy.com> | 2018-02-28 17:07:13 -0500 |
| commit | 4d5be58a8f5c06953a01c39848c62788985c0609 (patch) | |
| tree | ea7db5be8ce1a43a10241e69fbef0c33eb1d1648 | |
| parent | 942855c8bd01dd0c571eb7b10859d9225445502a (diff) | |
| parent | 5ff15fbf7d3b6e8eb9aac982459ebd8d081c97f0 (diff) | |
| download | nixlib-4d5be58a8f5c06953a01c39848c62788985c0609.tar nixlib-4d5be58a8f5c06953a01c39848c62788985c0609.tar.gz nixlib-4d5be58a8f5c06953a01c39848c62788985c0609.tar.bz2 nixlib-4d5be58a8f5c06953a01c39848c62788985c0609.tar.lz nixlib-4d5be58a8f5c06953a01c39848c62788985c0609.tar.xz nixlib-4d5be58a8f5c06953a01c39848c62788985c0609.tar.zst nixlib-4d5be58a8f5c06953a01c39848c62788985c0609.zip | |
Merge remote-tracking branch 'origin/master' into cross-nixos
33 files changed, 174 insertions, 145 deletions
diff --git a/nixos/doc/manual/release-notes/rl-1803.xml b/nixos/doc/manual/release-notes/rl-1803.xml index 29b252753830..9f80dcc29341 100644 --- a/nixos/doc/manual/release-notes/rl-1803.xml +++ b/nixos/doc/manual/release-notes/rl-1803.xml @@ -430,6 +430,13 @@ following incompatible changes:</para> and <literal>stopJob</literal> provide an optional <literal>$user</literal> argument for that purpose. </para> </listitem> + <listitem> + <para> + Enabling bash completion on NixOS, <literal>programs.bash.enableCompletion</literal>, will now also enable + completion for the Nix command line tools by installing the + <link xlink:href="https://github.com/hedning/nix-bash-completions">nix-bash-completions</link> package. + </para> + </listitem> </itemizedlist> </section> diff --git a/nixos/modules/programs/bash/bash.nix b/nixos/modules/programs/bash/bash.nix index 1abdb4973a44..1a62f04972df 100644 --- a/nixos/modules/programs/bash/bash.nix +++ b/nixos/modules/programs/bash/bash.nix @@ -211,6 +211,9 @@ in "/share/bash-completion" ]; + environment.systemPackages = optional cfg.enableCompletion + pkgs.nix-bash-completions; + environment.shells = [ "/run/current-system/sw/bin/bash" "/var/run/current-system/sw/bin/bash" diff --git a/nixos/modules/services/misc/disnix.nix b/nixos/modules/services/misc/disnix.nix index e96645c79c77..39d23610b064 100644 --- a/nixos/modules/services/misc/disnix.nix +++ b/nixos/modules/services/misc/disnix.nix @@ -32,11 +32,17 @@ in description = "Whether to enable Disnix"; }; + enableMultiUser = mkOption { + type = types.bool; + default = true; + description = "Whether to support multi-user mode by enabling the Disnix D-Bus service"; + }; + useWebServiceInterface = mkOption { default = false; description = "Whether to enable the DisnixWebService interface running on Apache Tomcat"; }; - + package = mkOption { type = types.path; description = "The Disnix package"; @@ -52,7 +58,7 @@ in config = mkIf cfg.enable { dysnomia.enable = true; - + environment.systemPackages = [ pkgs.disnix ] ++ optional cfg.useWebServiceInterface pkgs.DisnixWebService; services.dbus.enable = true; @@ -71,7 +77,7 @@ in }; systemd.services = { - disnix = { + disnix = mkIf cfg.enableMultiUser { description = "Disnix server"; wants = [ "dysnomia.target" ]; wantedBy = [ "multi-user.target" ]; @@ -92,7 +98,7 @@ in } // (if config.environment.variables ? DYSNOMIA_CONTAINERS_PATH then { inherit (config.environment.variables) DYSNOMIA_CONTAINERS_PATH; } else {}) // (if config.environment.variables ? DYSNOMIA_MODULES_PATH then { inherit (config.environment.variables) DYSNOMIA_MODULES_PATH; } else {}); - + serviceConfig.ExecStart = "${cfg.package}/bin/disnix-service"; }; diff --git a/nixos/modules/services/misc/nix-ssh-serve.nix b/nixos/modules/services/misc/nix-ssh-serve.nix index 66148431709f..5bd9cf9086f1 100644 --- a/nixos/modules/services/misc/nix-ssh-serve.nix +++ b/nixos/modules/services/misc/nix-ssh-serve.nix @@ -1,8 +1,12 @@ { config, lib, pkgs, ... }: with lib; - -{ +let cfg = config.nix.sshServe; + command = + if cfg.protocol == "ssh" + then "nix-store --serve" + else "nix-daemon --stdio"; +in { options = { nix.sshServe = { @@ -10,7 +14,7 @@ with lib; enable = mkOption { type = types.bool; default = false; - description = "Whether to enable serving the Nix store as a binary cache via SSH."; + description = "Whether to enable serving the Nix store as a remote store via SSH."; }; keys = mkOption { @@ -20,14 +24,20 @@ with lib; description = "A list of SSH public keys allowed to access the binary cache via SSH."; }; + protocol = mkOption { + type = types.enum [ "ssh" "ssh-ng" ]; + default = "ssh"; + description = "The specific Nix-over-SSH protocol to use."; + }; + }; }; - config = mkIf config.nix.sshServe.enable { + config = mkIf cfg.enable { users.extraUsers.nix-ssh = { - description = "Nix SSH substituter user"; + description = "Nix SSH store user"; uid = config.ids.uids.nix-ssh; useDefaultShell = true; }; @@ -41,11 +51,11 @@ with lib; PermitTTY no PermitTunnel no X11Forwarding no - ForceCommand ${config.nix.package.out}/bin/nix-store --serve + ForceCommand ${config.nix.package.out}/bin/${command} Match All ''; - users.extraUsers.nix-ssh.openssh.authorizedKeys.keys = config.nix.sshServe.keys; + users.extraUsers.nix-ssh.openssh.authorizedKeys.keys = cfg.keys; }; } diff --git a/nixos/modules/services/security/usbguard.nix b/nixos/modules/services/security/usbguard.nix index 4e685e633354..5d469cabe2cb 100644 --- a/nixos/modules/services/security/usbguard.nix +++ b/nixos/modules/services/security/usbguard.nix @@ -192,7 +192,7 @@ in { serviceConfig = { Type = "simple"; - ExecStart = ''${pkgs.usbguard}/bin/usbguard-daemon -d -k -c ${daemonConfFile}''; + ExecStart = ''${pkgs.usbguard}/bin/usbguard-daemon -P -d -k -c ${daemonConfFile}''; Restart = "on-failure"; }; }; diff --git a/nixos/release.nix b/nixos/release.nix index 23f050367d69..558bbbf9a9d4 100644 --- a/nixos/release.nix +++ b/nixos/release.nix @@ -319,6 +319,7 @@ in rec { tests.nfs4 = callTest tests/nfs.nix { version = 4; }; tests.nginx = callTest tests/nginx.nix { }; tests.nghttpx = callTest tests/nghttpx.nix { }; + tests.nix-ssh-serve = callTest tests/nix-ssh-serve.nix { }; tests.novacomd = callTestOnTheseSystems ["x86_64-linux"] tests/novacomd.nix { }; tests.leaps = callTest tests/leaps.nix { }; tests.nsd = callTest tests/nsd.nix {}; diff --git a/nixos/tests/nix-ssh-serve.nix b/nixos/tests/nix-ssh-serve.nix new file mode 100644 index 000000000000..aa366d8612d7 --- /dev/null +++ b/nixos/tests/nix-ssh-serve.nix @@ -0,0 +1,39 @@ +import ./make-test.nix ({ pkgs, lib, ... }: +let inherit (import ./ssh-keys.nix pkgs) + snakeOilPrivateKey snakeOilPublicKey; + ssh-config = builtins.toFile "ssh.conf" '' + UserKnownHostsFile=/dev/null + StrictHostKeyChecking=no + ''; +in + { name = "nix-ssh-serve"; + meta.maintainers = [ lib.maintainers.shlevy ]; + nodes = + { server.nix.sshServe = + { enable = true; + keys = [ snakeOilPublicKey ]; + protocol = "ssh-ng"; + }; + server.nix.package = pkgs.nixUnstable; + client.nix.package = pkgs.nixUnstable; + }; + testScript = '' + startAll; + + $client->succeed("mkdir -m 700 /root/.ssh"); + $client->copyFileFromHost("${ssh-config}", "/root/.ssh/config"); + $client->succeed("cat ${snakeOilPrivateKey} > /root/.ssh/id_ecdsa"); + $client->succeed("chmod 600 /root/.ssh/id_ecdsa"); + + $client->succeed("nix-store --add /etc/machine-id > mach-id-path"); + + $server->waitForUnit("sshd"); + + $client->fail("diff /root/other-store\$(cat mach-id-path) /etc/machine-id"); + # Currently due to shared store this is a noop :( + $client->succeed("nix copy --to ssh-ng://nix-ssh\@server \$(cat mach-id-path)"); + $client->succeed("nix-store --realise \$(cat mach-id-path) --store /root/other-store --substituters ssh-ng://nix-ssh\@server"); + $client->succeed("diff /root/other-store\$(cat mach-id-path) /etc/machine-id"); + ''; + } +) diff --git a/nixos/tests/openssh.nix b/nixos/tests/openssh.nix index 291544996889..b2d254e9d9d9 100644 --- a/nixos/tests/openssh.nix +++ b/nixos/tests/openssh.nix @@ -1,20 +1,7 @@ import ./make-test.nix ({ pkgs, ... }: -let - snakeOilPrivateKey = pkgs.writeText "privkey.snakeoil" '' - -----BEGIN EC PRIVATE KEY----- - MHcCAQEEIHQf/khLvYrQ8IOika5yqtWvI0oquHlpRLTZiJy5dRJmoAoGCCqGSM49 - AwEHoUQDQgAEKF0DYGbBwbj06tA3fd/+yP44cvmwmHBWXZCKbS+RQlAKvLXMWkpN - r1lwMyJZoSGgBHoUahoYjTh9/sJL7XLJtA== - -----END EC PRIVATE KEY----- - ''; - - snakeOilPublicKey = pkgs.lib.concatStrings [ - "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHA" - "yNTYAAABBBChdA2BmwcG49OrQN33f/sj+OHL5sJhwVl2Qim0vkUJQCry1zFpKTa" - "9ZcDMiWaEhoAR6FGoaGI04ff7CS+1yybQ= sakeoil" - ]; - +let inherit (import ./ssh-keys.nix pkgs) + snakeOilPrivateKey snakeOilPublicKey; in { name = "openssh"; meta = with pkgs.stdenv.lib.maintainers; { diff --git a/nixos/tests/ssh-keys.nix b/nixos/tests/ssh-keys.nix new file mode 100644 index 000000000000..07d422196efa --- /dev/null +++ b/nixos/tests/ssh-keys.nix @@ -0,0 +1,15 @@ +pkgs: +{ snakeOilPrivateKey = pkgs.writeText "privkey.snakeoil" '' + -----BEGIN EC PRIVATE KEY----- + MHcCAQEEIHQf/khLvYrQ8IOika5yqtWvI0oquHlpRLTZiJy5dRJmoAoGCCqGSM49 + AwEHoUQDQgAEKF0DYGbBwbj06tA3fd/+yP44cvmwmHBWXZCKbS+RQlAKvLXMWkpN + r1lwMyJZoSGgBHoUahoYjTh9/sJL7XLJtA== + -----END EC PRIVATE KEY----- + ''; + + snakeOilPublicKey = pkgs.lib.concatStrings [ + "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHA" + "yNTYAAABBBChdA2BmwcG49OrQN33f/sj+OHL5sJhwVl2Qim0vkUJQCry1zFpKTa" + "9ZcDMiWaEhoAR6FGoaGI04ff7CS+1yybQ= sakeoil" + ]; +} diff --git a/pkgs/applications/misc/redshift/default.nix b/pkgs/applications/misc/redshift/default.nix index c0e481ae8788..594886149c5f 100644 --- a/pkgs/applications/misc/redshift/default.nix +++ b/pkgs/applications/misc/redshift/default.nix @@ -1,6 +1,6 @@ { stdenv, fetchFromGitHub, fetchurl, autoconf, automake, gettext, intltool , libtool, pkgconfig, wrapGAppsHook, wrapPython, geoclue2, gobjectIntrospection -, gtk3, python, pygobject3, pyxdg, libdrm, libxcb }: +, gtk3, python, pygobject3, pyxdg, libdrm, libxcb, hicolor-icon-theme }: stdenv.mkDerivation rec { name = "redshift-${version}"; @@ -36,6 +36,7 @@ stdenv.mkDerivation rec { libdrm libxcb python + hicolor-icon-theme ]; pythonPath = [ pygobject3 pyxdg ]; diff --git a/pkgs/applications/misc/tilda/default.nix b/pkgs/applications/misc/tilda/default.nix index 7378950b189b..d5b927bb536c 100644 --- a/pkgs/applications/misc/tilda/default.nix +++ b/pkgs/applications/misc/tilda/default.nix @@ -6,11 +6,11 @@ stdenv.mkDerivation rec { name = "tilda-${version}"; - version = "1.3.3"; + version = "1.4.1"; src = fetchurl { url = "https://github.com/lanoxx/tilda/archive/${name}.tar.gz"; - sha256 = "1cc4qbg1m3i04lj5p6i6xbd0zvy1320pxdgmjhz5p3j95ibsbfki"; + sha256 = "0w2hry2bqcqrkik4l100b1a9jlsih6sq8zwhfpl8zzfq20i00lfs"; }; nativeBuildInputs = [ autoreconfHook pkgconfig ]; diff --git a/pkgs/applications/misc/urh/default.nix b/pkgs/applications/misc/urh/default.nix index 78305675f17f..6aba4e751503 100644 --- a/pkgs/applications/misc/urh/default.nix +++ b/pkgs/applications/misc/urh/default.nix @@ -2,13 +2,13 @@ python3Packages.buildPythonApplication rec { name = "urh-${version}"; - version = "1.7.1"; + version = "1.9.2"; src = fetchFromGitHub { owner = "jopohl"; repo = "urh"; rev = "v${version}"; - sha256 = "00l1zs3qw89z1hlylprzrpf6nf7h22h0nw43h97gv775vaqqgczv"; + sha256 = "02jq2jas6gm08z4l09azi6dcsydaaaqbxfv4mb7pnrc1w8m593zr"; }; buildInputs = [ hackrf rtl-sdr ]; diff --git a/pkgs/applications/networking/tcpkali/default.nix b/pkgs/applications/networking/tcpkali/default.nix index 79bc32dfa40d..8a056e21692b 100644 --- a/pkgs/applications/networking/tcpkali/default.nix +++ b/pkgs/applications/networking/tcpkali/default.nix @@ -1,6 +1,6 @@ {stdenv, autoreconfHook, fetchFromGitHub, bison}: -let version = "0.9"; in +let version = "1.1.1"; in stdenv.mkDerivation rec { name = "tcpkali-${version}"; @@ -8,7 +8,7 @@ stdenv.mkDerivation rec { owner = "machinezone"; repo = "tcpkali"; rev = "v${version}"; - sha256 = "03cbmnc60wkd7f4bapn5cbm3c4zas2l0znsbpci2mn8ms8agif82"; + sha256 = "09ky3cccaphcqc6nhfs00pps99lasmzc2pf5vk0gi8hlqbbhilxf"; }; nativeBuildInputs = [ autoreconfHook ]; buildInputs = [ bison]; diff --git a/pkgs/applications/science/misc/tulip/default.nix b/pkgs/applications/science/misc/tulip/default.nix index 9b8035fcefe7..af58aaafc9c9 100644 --- a/pkgs/applications/science/misc/tulip/default.nix +++ b/pkgs/applications/science/misc/tulip/default.nix @@ -1,13 +1,13 @@ { fetchurl, stdenv, libxml2, freetype, mesa, glew, qt4 , cmake, makeWrapper, libjpeg, python }: -let version = "4.9.0"; in +let version = "5.1.0"; in stdenv.mkDerivation rec { name = "tulip-${version}"; src = fetchurl { url = "mirror://sourceforge/auber/${name}_src.tar.gz"; - sha256 = "0phc7972brvm0v6lfk4ghq9b2b4jsj6c15xlbgnvhhcxhc99wba3"; + sha256 = "1i70y8b39gkpxfalr9844pa3l4bnnyw5y7ngxdqibil96k2b9q9h"; }; buildInputs = [ libxml2 freetype glew mesa qt4 libjpeg python ]; diff --git a/pkgs/applications/search/recoll/default.nix b/pkgs/applications/search/recoll/default.nix index ada68e47aa04..da6ccf940c7a 100644 --- a/pkgs/applications/search/recoll/default.nix +++ b/pkgs/applications/search/recoll/default.nix @@ -15,37 +15,44 @@ stdenv.mkDerivation rec { sha256 = "186bj8zx2xw9hwrzvzxdgdin9nj7msiqh5j57w5g7j4abdlsisjn"; }; - configureFlags = [ "--with-inotify" ]; + configureFlags = [ "--enable-recollq" ] ++ + (if stdenv.isLinux then [ "--with-inotify" ] else [ "--without-inotify" ]); - buildInputs = [ qt4 xapian file python bison]; + buildInputs = [ qt4 xapian file python bison ]; + + patchPhase = stdenv.lib.optionalString stdenv.isDarwin '' + sed -i 's/-Wl,--no-undefined -Wl,--warn-unresolved-symbols//' Makefile.am + sed -i 's/-Wl,--no-undefined -Wl,--warn-unresolved-symbols//' Makefile.in + ''; # the filters search through ${PATH} using a sh proc 'checkcmds' for the # filtering utils. Short circuit this by replacing the filtering command with # the absolute path to the filtering command. postInstall = '' for f in $out/share/recoll/filters/* ; do - substituteInPlace $f --replace antiword ${lib.getBin antiword}/bin/antiword - substituteInPlace $f --replace awk ${lib.getBin gawk}/bin/awk - substituteInPlace $f --replace catppt ${lib.getBin catdoc}/bin/catppt - substituteInPlace $f --replace djvused ${lib.getBin djvulibre}/bin/djvused - substituteInPlace $f --replace djvutxt ${lib.getBin djvulibre}/bin/djvutxt - substituteInPlace $f --replace egrep ${lib.getBin gnugrep}/bin/egrep - substituteInPlace $f --replace groff ${lib.getBin groff}/bin/groff - substituteInPlace $f --replace gunzip ${lib.getBin gzip}/bin/gunzip - substituteInPlace $f --replace iconv ${lib.getBin libiconv}/bin/iconv - substituteInPlace $f --replace lyx ${lib.getBin lyx}/bin/lyx - substituteInPlace $f --replace pdftotext ${lib.getBin poppler_utils}/bin/pdftotext - substituteInPlace $f --replace pstotext ${lib.getBin ghostscript}/bin/ps2ascii - substituteInPlace $f --replace sed ${lib.getBin gnused}/bin/sed - substituteInPlace $f --replace tar ${lib.getBin gnutar}/bin/tar - substituteInPlace $f --replace unzip ${lib.getBin unzip}/bin/unzip - substituteInPlace $f --replace xls2csv ${lib.getBin catdoc}/bin/xls2csv - substituteInPlace $f --replace xsltproc ${lib.getBin libxslt}/bin/xsltproc - substituteInPlace $f --replace unrtf ${lib.getBin unrtf}/bin/unrtf - substituteInPlace $f --replace untex ${lib.getBin untex}/bin/untex - substituteInPlace $f --replace wpd2html ${lib.getBin libwpd}/bin/wpd2html + substituteInPlace $f --replace '"antiword"' '"${lib.getBin antiword}/bin/antiword"' + substituteInPlace $f --replace '"awk"' '"${lib.getBin gawk}/bin/awk"' + substituteInPlace $f --replace '"catppt"' '"${lib.getBin catdoc}/bin/catppt"' + substituteInPlace $f --replace '"djvused"' '"${lib.getBin djvulibre}/bin/djvused"' + substituteInPlace $f --replace '"djvutxt"' '"${lib.getBin djvulibre}/bin/djvutxt"' + substituteInPlace $f --replace '"egrep"' '"${lib.getBin gnugrep}/bin/egrep"' + substituteInPlace $f --replace '"groff"' '"${lib.getBin groff}/bin/groff"' + substituteInPlace $f --replace '"gunzip"' '"${lib.getBin gzip}/bin/gunzip"' + substituteInPlace $f --replace '"iconv"' '"${lib.getBin libiconv}/bin/iconv"' + substituteInPlace $f --replace '"pdftotext"' '"${lib.getBin poppler_utils}/bin/pdftotext"' + substituteInPlace $f --replace '"pstotext"' '"${lib.getBin ghostscript}/bin/ps2ascii"' + substituteInPlace $f --replace '"sed"' '"${lib.getBin gnused}/bin/sed"' + substituteInPlace $f --replace '"tar"' '"${lib.getBin gnutar}/bin/tar"' + substituteInPlace $f --replace '"unzip"' '"${lib.getBin unzip}/bin/unzip"' + substituteInPlace $f --replace '"xls2csv"' '"${lib.getBin catdoc}/bin/xls2csv"' + substituteInPlace $f --replace '"xsltproc"' '"${lib.getBin libxslt}/bin/xsltproc"' + substituteInPlace $f --replace '"unrtf"' '"${lib.getBin unrtf}/bin/unrtf"' + substituteInPlace $f --replace '"untex"' '"${lib.getBin untex}/bin/untex"' + substituteInPlace $f --replace '"wpd2html"' '"${lib.getBin libwpd}/bin/wpd2html"' substituteInPlace $f --replace /usr/bin/perl ${lib.getBin perl}/bin/perl done + '' + stdenv.lib.optionalString stdenv.isLinux '' + substituteInPlace $f --replace lyx ${lib.getBin lyx}/bin/lyx ''; enableParallelBuilding = true; diff --git a/pkgs/development/interpreters/supercollider/default.nix b/pkgs/development/interpreters/supercollider/default.nix index 19abfe1cea27..13184ad50e86 100644 --- a/pkgs/development/interpreters/supercollider/default.nix +++ b/pkgs/development/interpreters/supercollider/default.nix @@ -9,12 +9,12 @@ in stdenv.mkDerivation rec { name = "supercollider-${version}"; - version = "3.8.1"; + version = "3.9.1"; src = fetchurl { url = "https://github.com/supercollider/supercollider/releases/download/Version-${version}/SuperCollider-${version}-Source-linux.tar.bz2"; - sha256 = "1y8yb20k3lvj7c93qz2srrkvfv175n4n7p3qj89w0dp085mj0qmw"; + sha256 = "150fgnjcmb06r3pa3mbsvb4iwnqlimjwdxgbs6p55zz6g8wbln7a"; }; hardeningDisable = [ "stackprotector" ]; diff --git a/pkgs/development/libraries/soundtouch/default.nix b/pkgs/development/libraries/soundtouch/default.nix index 729967ea1b7f..c338d6762a4d 100644 --- a/pkgs/development/libraries/soundtouch/default.nix +++ b/pkgs/development/libraries/soundtouch/default.nix @@ -2,10 +2,10 @@ stdenv.mkDerivation rec { pName = "soundtouch"; - name = "${pName}-1.9.2"; + name = "${pName}-2.0.0"; src = fetchurl { url = "http://www.surina.net/soundtouch/${name}.tar.gz"; - sha256 = "04y5l56yn4jvwpv9mn1p3m2vi5kdym9xpdac8pmhwhl13r8qdsya"; + sha256 = "09cxr02mfyj2bg731bj0i9hh565x8l9p91aclxs8wpqv8b8zf96j"; }; buildInputs = [ autoconf automake libtool ]; diff --git a/pkgs/development/libraries/unixODBC/default.nix b/pkgs/development/libraries/unixODBC/default.nix index 99ab8a056162..7d59866d0431 100644 --- a/pkgs/development/libraries/unixODBC/default.nix +++ b/pkgs/development/libraries/unixODBC/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { name = "unixODBC-${version}"; - version = "2.3.4"; + version = "2.3.5"; src = fetchurl { url = "ftp://ftp.unixodbc.org/pub/unixODBC/${name}.tar.gz"; - sha256 = "0f8y88rcc2akjvjv5y66yx7k0ms9h1s0vbcfy25j93didflhj59f"; + sha256 = "0ns93daph4wmk92d7m2w48x0yki4m1yznxnn97p1ldn6bkh742bn"; }; configureFlags = [ "--disable-gui" "--sysconfdir=/etc" ]; diff --git a/pkgs/development/tools/build-managers/waf/default.nix b/pkgs/development/tools/build-managers/waf/default.nix index 61184cb6ba1a..65501b2b9350 100644 --- a/pkgs/development/tools/build-managers/waf/default.nix +++ b/pkgs/development/tools/build-managers/waf/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { name = "waf-${version}"; - version = "1.9.0"; + version = "2.0.4"; src = fetchurl { url = "https://waf.io/waf-${version}.tar.bz2"; - sha256 = "1sjpqzm2fzm8pxi3fwfinpsbw4z9040qkrzbg3lxik7ppsbjhn58"; + sha256 = "0zmnwgccq5j7ipfi2j0k5s40q27krp1m6v2bd650axgzdbpa7ain"; }; buildInputs = [ python2 ]; diff --git a/pkgs/development/tools/database/squirrel-sql/default.nix b/pkgs/development/tools/database/squirrel-sql/default.nix index afac17e121ad..7d4cf6ea5d5e 100644 --- a/pkgs/development/tools/database/squirrel-sql/default.nix +++ b/pkgs/development/tools/database/squirrel-sql/default.nix @@ -5,13 +5,13 @@ , drivers ? [] }: let - version = "3.7.1"; + version = "3.8.1"; in stdenv.mkDerivation rec { name = "squirrel-sql-${version}"; src = fetchurl { url = "mirror://sourceforge/project/squirrel-sql/1-stable/${version}-plainzip/squirrelsql-${version}-standard.zip"; - sha256 = "1v141ply57k5krwbnnmz4mbs9hs8rbys0bkjz69gvxlqjizyiq23"; + sha256 = "1vv38i4rwm8c8h0p9mmz21dyafd71pqprj7b8i5vx7f4q8xns2d2"; }; buildInputs = [ diff --git a/pkgs/development/tools/wiggle/default.nix b/pkgs/development/tools/wiggle/default.nix index ffa6d4aac0ca..df32d68767fb 100644 --- a/pkgs/development/tools/wiggle/default.nix +++ b/pkgs/development/tools/wiggle/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation { - name = "wiggle-1.0"; + name = "wiggle-1.1"; src = fetchurl { - url = "https://github.com/neilbrown/wiggle/archive/v1.0.tar.gz"; - sha256 = "0552dkdvl001b2jasj0jwb69s7zy6wbc8gcysqj69b4qgl9c54cs"; + url = "https://github.com/neilbrown/wiggle/archive/v1.1.tar.gz"; + sha256 = "0gg1c0zcrd5fgawvjccmdscm3fka8h1qz4v807kvy1b2y1cf9c4w"; }; buildInputs = [ ncurses groff ]; diff --git a/pkgs/os-specific/linux/usbguard/daemon_read_only_config.patch b/pkgs/os-specific/linux/usbguard/daemon_read_only_config.patch deleted file mode 100644 index eb4d5df698ac..000000000000 --- a/pkgs/os-specific/linux/usbguard/daemon_read_only_config.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff --git a/src/Library/ConfigFilePrivate.cpp b/src/Library/ConfigFilePrivate.cpp -index 8aefa65..40914f7 100644 ---- a/src/Library/ConfigFilePrivate.cpp -+++ b/src/Library/ConfigFilePrivate.cpp -@@ -51,7 +51,7 @@ namespace usbguard - - void ConfigFilePrivate::open(const std::string& path) - { -- _stream.open(path, std::ios::in|std::ios::out); -+ _stream.open(path, std::ios::in); - if (!_stream.is_open()) { - throw std::runtime_error("Can't open " + path); - } diff --git a/pkgs/os-specific/linux/usbguard/default.nix b/pkgs/os-specific/linux/usbguard/default.nix index 8ed4735dd278..2ca825a27d71 100644 --- a/pkgs/os-specific/linux/usbguard/default.nix +++ b/pkgs/os-specific/linux/usbguard/default.nix @@ -1,7 +1,8 @@ { stdenv, fetchurl, lib, - libxslt, pandoc, pkgconfig, + libxslt, pandoc, asciidoctor, pkgconfig, dbus-glib, libcap_ng, libqb, libseccomp, polkit, protobuf, qtbase, qttools, qtsvg, + audit, libgcrypt ? null, libsodium ? null }: @@ -11,23 +12,19 @@ with stdenv.lib; assert libgcrypt != null -> libsodium == null; stdenv.mkDerivation rec { - version = "0.7.0"; + version = "0.7.2"; name = "usbguard-${version}"; - repo = "https://github.com/dkopecek/usbguard"; + repo = "https://github.com/USBGuard/usbguard"; src = fetchurl { url = "${repo}/releases/download/${name}/${name}.tar.gz"; - sha256 = "1e1485a2b47ba3bde9de2851b371d2552a807047a21e0b81553cf80d7f722709"; + sha256 = "5bd3e5219c590c3ae27b21315bd10b60e823cef64e5deff3305ff5b4087fc2d6"; }; - patches = [ - ./daemon_read_only_config.patch - ./documentation.patch - ]; - nativeBuildInputs = [ libxslt + asciidoctor pandoc # for rendering documentation pkgconfig ]; @@ -39,6 +36,7 @@ stdenv.mkDerivation rec { libseccomp polkit protobuf + audit qtbase qtsvg @@ -61,7 +59,7 @@ stdenv.mkDerivation rec { meta = { description = "The USBGuard software framework helps to protect your computer against BadUSB."; - homepage = "https://dkopecek.github.io/usbguard/"; + homepage = "https://usbguard.github.io/"; license = licenses.gpl2; maintainers = [ maintainers.tnias ]; }; diff --git a/pkgs/os-specific/linux/usbguard/documentation.patch b/pkgs/os-specific/linux/usbguard/documentation.patch deleted file mode 100644 index 89de627131f5..000000000000 --- a/pkgs/os-specific/linux/usbguard/documentation.patch +++ /dev/null @@ -1,32 +0,0 @@ -diff --git a/doc/usbguard-daemon.conf.5.md b/doc/usbguard-daemon.conf.5.md -index ea86ad1..63aec70 100644 ---- a/doc/usbguard-daemon.conf.5.md -+++ b/doc/usbguard-daemon.conf.5.md -@@ -30,21 +30,21 @@ The **usbguard-daemon.conf** file is loaded by the USBGuard daemon after it pars - **RestoreControllerDeviceState**=<*boolean*> - : The USBGuard daemon modifies some attributes of controller devices like the default authorization state of new child device instances. Using this setting, you can control whether the daemon will try to restore the attribute values to the state before modification on shutdown. - -+**DeviceManagerBackend**=<*backend*> -+: Which device manager backend implementation to use. Backend should be one of `uevent` (default) or `dummy`. -+ - **IPCAllowedUsers**=<*username*> [<*username*> ...] - : A space delimited list of usernames that the daemon will accept IPC connections from. - - **IPCAllowedGroups**=<*groupname*> [<*groupname*> ...] - : A space delimited list of groupnames that the daemon will accept IPC connections from. - --**IPCAccessControlFiles**=<*path*> --: Path to a directory holding the IPC access control files. -- --**DeviceManagerBackend**=<*backend*> --: Which device manager backend implementation to use. Backend should be one of `uevent` (default) or `dummy`. -- - **IPCAccessControlFiles**=<*path*> - : The files at this location will be interpreted by the daemon as IPC access control definition files. See the **IPC ACCESS CONTROL** section for more details. - -+**DeviceRulesWithPort**=<*boolean*> -+: Generate device specific rules including the "via-port" attribute. -+ - **AuditFilePath**=<*filepath*> - : USBGuard audit events log file path. - diff --git a/pkgs/servers/computing/slurm/default.nix b/pkgs/servers/computing/slurm/default.nix index 59d627901131..fe028cf812e7 100644 --- a/pkgs/servers/computing/slurm/default.nix +++ b/pkgs/servers/computing/slurm/default.nix @@ -4,11 +4,11 @@ stdenv.mkDerivation rec { name = "slurm-${version}"; - version = "17.02.9"; + version = "17.11.3"; src = fetchurl { url = "https://download.schedmd.com/slurm/${name}.tar.bz2"; - sha256 = "0w8v7fzbn7b3f9kg6lcj2jpkzln3vcv9s2cz37xbdifz0m2p1x7s"; + sha256 = "1x3i6z03d9m46fvj1cslrapm1drvgyqch9pn4xf23kvbz4gkhaps"; }; outputs = [ "out" "dev" ]; diff --git a/pkgs/shells/nix-bash-completions/default.nix b/pkgs/shells/nix-bash-completions/default.nix index fb6fa24ac334..c8582366d1a3 100644 --- a/pkgs/shells/nix-bash-completions/default.nix +++ b/pkgs/shells/nix-bash-completions/default.nix @@ -1,14 +1,14 @@ { stdenv, fetchFromGitHub }: stdenv.mkDerivation rec { - version = "0.6.3"; + version = "0.6.4"; name = "nix-bash-completions-${version}"; src = fetchFromGitHub { owner = "hedning"; repo = "nix-bash-completions"; rev = "v${version}"; - sha256 = "1zmk9f53xpwk5j6qqisjlddgm2fr68p1q6pn3wa14bd777lranhj"; + sha256 = "1kdysrfc8dx24q438wj3aisn64g2w5yb6mx91qa385p5hz7b1yz2"; }; # To enable lazy loading via. bash-completion we need a symlink to the script diff --git a/pkgs/tools/archivers/xarchiver/default.nix b/pkgs/tools/archivers/xarchiver/default.nix index 1c8d8367793a..189035a8c8b7 100644 --- a/pkgs/tools/archivers/xarchiver/default.nix +++ b/pkgs/tools/archivers/xarchiver/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, gtk3, pkgconfig, intltool, libxslt }: +{ stdenv, fetchFromGitHub, gtk3, pkgconfig, intltool, libxslt, hicolor-icon-theme }: stdenv.mkDerivation rec { version = "0.5.4.12"; @@ -12,7 +12,7 @@ stdenv.mkDerivation rec { }; nativeBuildInputs = [ pkgconfig ]; - buildInputs = [ gtk3 intltool libxslt ]; + buildInputs = [ gtk3 intltool libxslt hicolor-icon-theme ]; meta = { description = "GTK+ frontend to 7z,zip,rar,tar,bzip2, gzip,arj, lha, rpm and deb (open and extract only)"; diff --git a/pkgs/tools/misc/unclutter-xfixes/default.nix b/pkgs/tools/misc/unclutter-xfixes/default.nix index dd13a0d9adce..9f43a7bd699f 100644 --- a/pkgs/tools/misc/unclutter-xfixes/default.nix +++ b/pkgs/tools/misc/unclutter-xfixes/default.nix @@ -2,7 +2,7 @@ xlibsWrapper, libev, libXi, libXfixes, pkgconfig, asciidoc, libxslt, docbook_xsl }: -let version = "1.2"; in +let version = "1.3"; in stdenv.mkDerivation { name = "unclutter-xfixes-${version}"; @@ -12,7 +12,7 @@ stdenv.mkDerivation { owner = "Airblader"; repo = "unclutter-xfixes"; rev = "v${version}"; - sha256 = "1pw567mj7mq5kr8mqnyrvy7jj62qfg6zgqfyzz21nncslddnjzg8"; + sha256 = "1iikrz0023wygv29ny20xj1hlv9ry7hghlwjii6rj4jm59vl0mlz"; }; nativeBuildInputs = [pkgconfig]; diff --git a/pkgs/tools/networking/surfraw/default.nix b/pkgs/tools/networking/surfraw/default.nix index 8624efeb3f77..b23616c57e92 100644 --- a/pkgs/tools/networking/surfraw/default.nix +++ b/pkgs/tools/networking/surfraw/default.nix @@ -1,11 +1,11 @@ {stdenv, fetchurl, perl}: stdenv.mkDerivation rec { - name = "surfraw-2.2.9"; + name = "surfraw-2.3.0"; src = fetchurl { - url = "http://surfraw.alioth.debian.org/dist/surfraw-2.2.9.tar.gz"; - sha256 = "1fy4ph5h9kp0jzj1m6pfylxnnmgdk0mmdppw76z9jhna4jndk5xa"; + url = "http://surfraw.alioth.debian.org/dist/surfraw-2.3.0.tar.gz"; + sha256 = "099nbif0x5cbcf18snc58nx1a3q7z0v9br9p2jiq9pcc7ic2015d"; }; configureFlags = [ diff --git a/pkgs/tools/networking/swagger-codegen/default.nix b/pkgs/tools/networking/swagger-codegen/default.nix index 0c3af79628e1..4fc456523f7d 100644 --- a/pkgs/tools/networking/swagger-codegen/default.nix +++ b/pkgs/tools/networking/swagger-codegen/default.nix @@ -1,7 +1,7 @@ { stdenv, fetchurl, jre, makeWrapper }: stdenv.mkDerivation rec { - version = "2.2.1"; + version = "2.3.1"; pname = "swagger-codegen"; name = "${pname}-${version}"; @@ -13,7 +13,7 @@ stdenv.mkDerivation rec { src = fetchurl { url = "https://oss.sonatype.org/content/repositories/releases/io/swagger/${pname}-cli/${version}/${jarfilename}"; - sha256 = "1pwxkl3r93c8hsif9xm0h1hmbjrxz1q7hr5qn5n0sni1x3c3k0d1"; + sha256 = "171qr0zx7i6cykv54vqjf3mplrf7w4a1fpq47wsj861lbf8xm322"; }; phases = [ "installPhase" ]; diff --git a/pkgs/tools/package-management/mynewt-newt/default.nix b/pkgs/tools/package-management/mynewt-newt/default.nix index 1b8c1b2f6402..74c2fd59d4e3 100644 --- a/pkgs/tools/package-management/mynewt-newt/default.nix +++ b/pkgs/tools/package-management/mynewt-newt/default.nix @@ -2,7 +2,7 @@ buildGoPackage rec { name = "mynewt-newt-${version}"; - version = "1.0.0"; + version = "1.3.0"; goPackagePath = "mynewt.apache.org/newt"; goDeps = ./deps.nix; @@ -11,7 +11,7 @@ buildGoPackage rec { owner = "apache"; repo = "incubator-mynewt-newt"; rev = "mynewt_${builtins.replaceStrings ["."] ["_"] version}_tag"; - sha256 = "1ixqxqizd957prd4j2nijgnkv84rffj8cx5f7aqyjq9nkawjksf6"; + sha256 = "0ia6q1wf3ki2yw8ngw5gnbdrb7268qwi078j05f8gs1sppb3g563"; }; meta = with stdenv.lib; { diff --git a/pkgs/tools/system/sleuthkit/default.nix b/pkgs/tools/system/sleuthkit/default.nix index c4347da44607..616498593972 100644 --- a/pkgs/tools/system/sleuthkit/default.nix +++ b/pkgs/tools/system/sleuthkit/default.nix @@ -1,14 +1,14 @@ { stdenv, fetchFromGitHub, autoreconfHook, libewf, afflib, openssl, zlib }: stdenv.mkDerivation rec { - version = "4.5.0"; + version = "4.6.0"; name = "sleuthkit-${version}"; src = fetchFromGitHub { owner = "sleuthkit"; repo = "sleuthkit"; rev = name; - sha256 = "0h9l9yl5ibbgriq12gizg8k0r6jw6bnii3iljjp4p963wc0ms9b9"; + sha256 = "0m5ll5sx0pxkn58y582b3v90rsfdrh8dm02kmv61psd0k6q0p91x"; }; postPatch = '' diff --git a/pkgs/tools/system/ts/default.nix b/pkgs/tools/system/ts/default.nix index 0e51b0610910..79ba7d893040 100644 --- a/pkgs/tools/system/ts/default.nix +++ b/pkgs/tools/system/ts/default.nix @@ -4,7 +4,7 @@ stdenv.mkDerivation rec { - name = "ts-0.7.6"; + name = "ts-1.0"; installPhase=''make install "PREFIX=$out"''; @@ -14,7 +14,7 @@ stdenv.mkDerivation rec { src = fetchurl { url = "http://viric.name/~viric/soft/ts/${name}.tar.gz"; - sha256 = "07b61sx3hqpdxlg5a1xrz9sxww9yqdix3bmr0sm917r3rzk87lwk"; + sha256 = "15dkzczx10fhl0zs9bmcgkxfbwq2znc7bpscljm4rchbzx7y6lsg"; }; meta = with stdenv.lib; { |