diff options
author | Peter Simons <simons@cryp.to> | 2015-01-19 18:41:17 +0100 |
---|---|---|
committer | Peter Simons <simons@cryp.to> | 2015-01-19 18:41:17 +0100 |
commit | ec6b82a0c2a6bffa2f76a9744105d6d7257c2636 (patch) | |
tree | 9a8fd3d92fd40dc4fa0ca646bc351b8df16e370f /pkgs/build-support | |
parent | a0bf07827bbf031d90ecb03f4e7345576208214a (diff) | |
parent | d957d9e6bc8c252123a921541ad17eb6041406cd (diff) | |
download | nixlib-ec6b82a0c2a6bffa2f76a9744105d6d7257c2636.tar nixlib-ec6b82a0c2a6bffa2f76a9744105d6d7257c2636.tar.gz nixlib-ec6b82a0c2a6bffa2f76a9744105d6d7257c2636.tar.bz2 nixlib-ec6b82a0c2a6bffa2f76a9744105d6d7257c2636.tar.lz nixlib-ec6b82a0c2a6bffa2f76a9744105d6d7257c2636.tar.xz nixlib-ec6b82a0c2a6bffa2f76a9744105d6d7257c2636.tar.zst nixlib-ec6b82a0c2a6bffa2f76a9744105d6d7257c2636.zip |
Merge branch 'master' into staging.
Diffstat (limited to 'pkgs/build-support')
-rw-r--r-- | pkgs/build-support/grsecurity/default.nix | 2 | ||||
-rw-r--r-- | pkgs/build-support/vm/default.nix | 12 |
2 files changed, 8 insertions, 6 deletions
diff --git a/pkgs/build-support/grsecurity/default.nix b/pkgs/build-support/grsecurity/default.nix index 919728382301..b2bffc781b30 100644 --- a/pkgs/build-support/grsecurity/default.nix +++ b/pkgs/build-support/grsecurity/default.nix @@ -10,6 +10,7 @@ let mode = "auto"; sysctl = false; denyChrootChmod = false; + denyUSB = false; restrictProc = false; restrictProcWithGroup = true; unrestrictProcGid = 121; # Ugh, an awful hack. See grsecurity NixOS gid @@ -106,6 +107,7 @@ let GRKERNSEC_SYSCTL ${boolToKernOpt cfg.config.sysctl} GRKERNSEC_CHROOT_CHMOD ${boolToKernOpt cfg.config.denyChrootChmod} + GRKERNSEC_DENYUSB ${boolToKernOpt cfg.config.denyUSB} GRKERNSEC_NO_RBAC ${boolToKernOpt cfg.config.disableRBAC} ${restrictLinks} diff --git a/pkgs/build-support/vm/default.nix b/pkgs/build-support/vm/default.nix index 10bb59ccae03..ba916c12cfca 100644 --- a/pkgs/build-support/vm/default.nix +++ b/pkgs/build-support/vm/default.nix @@ -1604,22 +1604,22 @@ rec { debian70x86_64 = debian7x86_64; debian7i386 = { - name = "debian-7.7-wheezy-i386"; - fullName = "Debian 7.7 Wheezy (i386)"; + name = "debian-7.8-wheezy-i386"; + fullName = "Debian 7.8 Wheezy (i386)"; packagesList = fetchurl { url = mirror://debian/dists/wheezy/main/binary-i386/Packages.bz2; - sha256 = "f2fd890597b6f0d82c5d66ccc8b12a963937a0576a377dd0ccbe47de4c1b09c8"; + sha256 = "d86c28cb4f1aa178e678c253944c674a60991a367349e58a90d9a3e939e4e4bc"; }; urlPrefix = mirror://debian; packages = commonDebianPackages; }; debian7x86_64 = { - name = "debian-7.7-wheezy-amd64"; - fullName = "Debian 7.7 Wheezy (amd64)"; + name = "debian-7.8-wheezy-amd64"; + fullName = "Debian 7.8 Wheezy (amd64)"; packagesList = fetchurl { url = mirror://debian/dists/wheezy/main/binary-amd64/Packages.bz2; - sha256 = "8ce14e88febc58310a1c13350f016ce583f068d10031ed4f0cb50985707786d8"; + sha256 = "c8257d74c9411e2f0b9891a21f5dbf5fb088b46d1df043907a4d390b32da2931"; }; urlPrefix = mirror://debian; packages = commonDebianPackages; |