diff options
24 files changed, 220 insertions, 99 deletions
diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix index d51b29b99dae..feecee3225be 100644 --- a/nixos/modules/misc/ids.nix +++ b/nixos/modules/misc/ids.nix @@ -288,6 +288,7 @@ kresd = 270; rpc = 271; geoip = 272; + fcron = 273; # When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399! @@ -545,6 +546,7 @@ kresd = 270; #rpc = 271; # unused #geoip = 272; # unused + fcron = 273; # When adding a gid, make sure it doesn't match an existing # uid. Users and groups with the same name should have equal diff --git a/nixos/modules/services/scheduling/fcron.nix b/nixos/modules/services/scheduling/fcron.nix index e4ada2768715..bd1ecb40969b 100644 --- a/nixos/modules/services/scheduling/fcron.nix +++ b/nixos/modules/services/scheduling/fcron.nix @@ -23,7 +23,8 @@ let allowdeny = target: users: { source = pkgs.writeText "fcron.${target}" (concatStringsSep "\n" users); target = "fcron.${target}"; - mode = "600"; # fcron has some security issues.. So I guess this is most safe + mode = "644"; + gid = config.ids.gids.fcron; }; in @@ -89,7 +90,7 @@ in [ (allowdeny "allow" (cfg.allow)) (allowdeny "deny" cfg.deny) # see man 5 fcron.conf - { source = pkgs.writeText "fcon.conf" '' + { source = pkgs.writeText "fcron.conf" '' fcrontabs = /var/spool/fcron pidfile = /var/run/fcron.pid fifofile = /var/run/fcron.fifo @@ -97,16 +98,40 @@ in fcrondeny = /etc/fcron.deny shell = /bin/sh sendmail = /run/wrappers/bin/sendmail - editor = /run/current-system/sw/bin/vi + editor = ${pkgs.vim}/bin/vim ''; target = "fcron.conf"; - mode = "0600"; # max allowed is 644 + gid = config.ids.gids.fcron; + mode = "0644"; } ]; environment.systemPackages = [ pkgs.fcron ]; - - security.wrappers.fcrontab.source = "${pkgs.fcron.out}/bin/fcrontab"; + users.extraUsers.fcron = { + uid = config.ids.uids.fcron; + home = "/var/spool/fcron"; + group = "fcron"; + }; + users.groups.fcron.gid = config.ids.gids.fcron; + + security.wrappers = { + fcrontab = { + source = "${pkgs.fcron}/bin/fcrontab"; + owner = "fcron"; + group = "fcron"; + setgid = true; + }; + fcrondyn = { + source = "${pkgs.fcron}/bin/fcrondyn"; + owner = "fcron"; + group = "fcron"; + setgid = true; + }; + fcronsighup = { + source = "${pkgs.fcron}/bin/fcronsighup"; + group = "fcron"; + }; + }; systemd.services.fcron = { description = "fcron daemon"; after = [ "local-fs.target" ]; @@ -118,14 +143,17 @@ in }; preStart = '' - ${pkgs.coreutils}/bin/mkdir -m 0700 -p /var/spool/fcron + ${pkgs.coreutils}/bin/mkdir -m 0770 -p /var/spool/fcron + ${pkgs.coreutils}/bin/chown -R fcron:fcron /var/spool/fcron # load system crontab file - ${pkgs.fcron}/bin/fcrontab -u systab ${pkgs.writeText "systab" cfg.systab} + set -x + #${pkgs.fcron}/bin/fcrontab -u systab ${pkgs.writeText "systab" cfg.systab} ''; - serviceConfig.Type = "forking"; - - script = "${pkgs.fcron}/sbin/fcron -m ${toString cfg.maxSerialJobs} ${queuelen}"; + serviceConfig = { + Type = "forking"; + ExecStart = "${pkgs.fcron}/sbin/fcron -m ${toString cfg.maxSerialJobs} ${queuelen}"; + }; }; }; } diff --git a/pkgs/applications/networking/browsers/firefox/wrapper.nix b/pkgs/applications/networking/browsers/firefox/wrapper.nix index ad1091c9d39e..f2ca9eaa622b 100644 --- a/pkgs/applications/networking/browsers/firefox/wrapper.nix +++ b/pkgs/applications/networking/browsers/firefox/wrapper.nix @@ -17,7 +17,7 @@ browser: , desktopName ? # browserName with first letter capitalized (lib.toUpper (lib.substring 0 1 browserName) + lib.substring 1 (-1) browserName) , nameSuffix ? "" -, icon ? browserName, libtrick ? true +, icon ? browserName }: let @@ -52,16 +52,15 @@ let gst-plugins = with gst_all; [ gst-plugins-base gst-plugins-good gst-plugins-bad gst-plugins-ugly gst-ffmpeg ]; gtk_modules = [ libcanberra_gtk2 ]; -in -stdenv.mkDerivation { +in stdenv.mkDerivation { inherit name; desktopItem = makeDesktopItem { name = browserName; - exec = browserName + " %U"; + exec = "${browserName}${nameSuffix} %U"; inherit icon; comment = ""; - desktopName = desktopName; + desktopName = "${desktopName}${nameSuffix}"; genericName = "Web Browser"; categories = "Application;Network;WebBrowser;"; mimeType = stdenv.lib.concatStringsSep ";" [ @@ -84,39 +83,27 @@ stdenv.mkDerivation { exit 1 fi - makeWrapper "${browser}/bin/${browserName}" \ + makeWrapper "$(readlink -v --canonicalize-existing "${browser}/bin/${browserName}")" \ "$out/bin/${browserName}${nameSuffix}" \ --suffix-each MOZ_PLUGIN_PATH ':' "$plugins" \ --suffix LD_LIBRARY_PATH ':' "$libs" \ --suffix-each GTK_PATH ':' "$gtk_modules" \ --suffix-each LD_PRELOAD ':' "$(cat $(filterExisting $(addSuffix /extra-ld-preload $plugins)))" \ --prefix-contents PATH ':' "$(filterExisting $(addSuffix /extra-bin-path $plugins))" \ - --set MOZ_OBJDIR "$(ls -d "${browser}/lib/${browserName}"*)" \ + --suffix PATH ':' "$out/bin" \ + --set MOZ_APP_LAUNCHER "${browserName}${nameSuffix}" \ ${lib.optionalString (!ffmpegSupport) ''--prefix GST_PLUGIN_SYSTEM_PATH : "$GST_PLUGIN_SYSTEM_PATH"''} - ${ lib.optionalString libtrick - '' - libdirname="$(echo "${browser}/lib/${browserName}"*)" - libdirbasename="$(basename "$libdirname")" - mkdir -p "$out/lib/$libdirbasename" - ln -s "$libdirname"/* "$out/lib/$libdirbasename" - script_location="$(mktemp "$out/lib/$libdirbasename/${browserName}${nameSuffix}.XXXXXX")" - mv "$out/bin/${browserName}${nameSuffix}" "$script_location" - ln -s "$script_location" "$out/bin/${browserName}${nameSuffix}" - '' - } - if [ -e "${browser}/share/icons" ]; then mkdir -p "$out/share" ln -s "${browser}/share/icons" "$out/share/icons" else mkdir -p "$out/share/icons/hicolor/128x128/apps" - ln -s "$out/lib/$libdirbasename/browser/icons/mozicon128.png" \ + ln -s "${browser}/lib/${browserName}-"*"/browser/icons/mozicon128.png" \ "$out/share/icons/hicolor/128x128/apps/${browserName}.png" fi - mkdir -p $out/share/applications - cp $desktopItem/share/applications/* $out/share/applications + install -D -t $out/share/applications $desktopItem/share/applications/* # For manpages, in case the program supplies them mkdir -p $out/nix-support diff --git a/pkgs/applications/networking/corebird/default.nix b/pkgs/applications/networking/corebird/default.nix index 3ceb9c4d8164..95a2e8877c31 100644 --- a/pkgs/applications/networking/corebird/default.nix +++ b/pkgs/applications/networking/corebird/default.nix @@ -1,5 +1,6 @@ { stdenv, fetchFromGitHub, gtk3, json_glib, sqlite, libsoup, gettext, vala_0_32 -, automake, autoconf, libtool, pkgconfig, gnome3, gst_all_1, wrapGAppsHook }: +, automake, autoconf, libtool, pkgconfig, gnome3, gst_all_1, wrapGAppsHook +, glib_networking }: stdenv.mkDerivation rec { version = "1.3.3"; @@ -19,7 +20,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ automake autoconf libtool pkgconfig wrapGAppsHook ]; buildInputs = [ - gtk3 json_glib sqlite libsoup gettext vala_0_32 gnome3.rest + gtk3 json_glib sqlite libsoup gettext vala_0_32 gnome3.rest glib_networking ] ++ (with gst_all_1; [ gstreamer gst-plugins-base gst-plugins-good gst-plugins-bad gst-libav ]); meta = { diff --git a/pkgs/applications/video/openshot-qt/default.nix b/pkgs/applications/video/openshot-qt/default.nix index eb184933964b..ca44742b0461 100644 --- a/pkgs/applications/video/openshot-qt/default.nix +++ b/pkgs/applications/video/openshot-qt/default.nix @@ -42,7 +42,7 @@ stdenv.mkDerivation rec { homepage = "http://openshot.org/"; description = "Free, open-source video editor"; license = licenses.gpl3Plus; - maintainers = [maintainers.tohl]; + maintainers = []; platforms = platforms.linux; }; } diff --git a/pkgs/applications/video/openshot-qt/libopenshot-audio.nix b/pkgs/applications/video/openshot-qt/libopenshot-audio.nix index fdaa049fa428..069c3ba7800b 100644 --- a/pkgs/applications/video/openshot-qt/libopenshot-audio.nix +++ b/pkgs/applications/video/openshot-qt/libopenshot-audio.nix @@ -25,7 +25,7 @@ stdenv.mkDerivation rec { homepage = "http://openshot.org/"; description = "Free, open-source video editor"; license = licenses.gpl3Plus; - maintainers = [maintainers.tohl]; + maintainers = []; platforms = platforms.linux; }; } diff --git a/pkgs/applications/video/openshot-qt/libopenshot.nix b/pkgs/applications/video/openshot-qt/libopenshot.nix index 841587fcab30..b0891a3d69f3 100644 --- a/pkgs/applications/video/openshot-qt/libopenshot.nix +++ b/pkgs/applications/video/openshot-qt/libopenshot.nix @@ -42,7 +42,7 @@ stdenv.mkDerivation rec { homepage = "http://openshot.org/"; description = "Free, open-source video editor"; license = licenses.gpl3Plus; - maintainers = [maintainers.tohl]; + maintainers = []; platforms = platforms.linux; }; } diff --git a/pkgs/desktops/mate/mate-common/default.nix b/pkgs/desktops/mate/mate-common/default.nix index 7a7ad23c6bdd..b020351afe21 100644 --- a/pkgs/desktops/mate/mate-common/default.nix +++ b/pkgs/desktops/mate/mate-common/default.nix @@ -3,12 +3,12 @@ stdenv.mkDerivation rec { name = "mate-common-${version}"; version = "${major-ver}.${minor-ver}"; - major-ver = "1.16"; + major-ver = "1.17"; minor-ver = "0"; src = fetchurl { url = "http://pub.mate-desktop.org/releases/${major-ver}/${name}.tar.xz"; - sha256 = "02pj5ry3c7p5sd2mp9dsshy0ij0xgv00bxr4vvmnm027hv2silrl"; + sha256 = "06pvbi2kk39ysd9dfi6ljkncm53hn02n7dygax6ig4p9qd750sdc"; }; meta = { diff --git a/pkgs/desktops/mate/mate-icon-theme/default.nix b/pkgs/desktops/mate/mate-icon-theme/default.nix index 8acef0338715..ab699c78c0ef 100644 --- a/pkgs/desktops/mate/mate-icon-theme/default.nix +++ b/pkgs/desktops/mate/mate-icon-theme/default.nix @@ -3,12 +3,12 @@ stdenv.mkDerivation rec { name = "mate-icon-theme-${version}"; version = "${major-ver}.${minor-ver}"; - major-ver = "1.16"; + major-ver = "1.17"; minor-ver = "0"; src = fetchurl { url = "http://pub.mate-desktop.org/releases/${major-ver}/${name}.tar.xz"; - sha256 = "1zldw22p1i76iss8car39pmfagpfxxlfk1fdhvr4x5r6gf36gv7d"; + sha256 = "1kxpckaksaz5g3c4jjkh4pdm9yhbjda5835am3wg2iyy2p7rjn8n"; }; nativeBuildInputs = [ pkgconfig intltool iconnamingutils ]; diff --git a/pkgs/desktops/xfce/default.nix b/pkgs/desktops/xfce/default.nix index ace5f289ab4d..36ef85aeb124 100644 --- a/pkgs/desktops/xfce/default.nix +++ b/pkgs/desktops/xfce/default.nix @@ -32,9 +32,9 @@ xfce_self = rec { # the lines are very long but it seems better than the even-od thunar = callPackage ./core/thunar.nix { }; thunarx-2-dev = thunar-build; # Plugins need only the `thunarx-2` part of the package. Awaiting multiple outputs. thunar_volman = callPackage ./core/thunar-volman.nix { }; # ToDo: probably inside Thunar now - thunar-archive-plugin + thunar-archive-plugin = callPackage ./thunar-plugins/archive { }; - thunar-dropbox-plugin + thunar-dropbox-plugin = callPackage ./thunar-plugins/dropbox { }; tumbler = callPackage ./core/tumbler.nix { }; xfce4panel = callPackage ./core/xfce4-panel.nix { }; # ToDo: impure plugins from /run/current-system/sw/lib/xfce4 @@ -89,8 +89,11 @@ xfce_self = rec { # the lines are very long but it seems better than the even-od xfce4-hardware-monitor-plugin = callPackage ./panel-plugins/xfce4-hardware-monitor-plugin.nix { }; xfce4_netload_plugin = callPackage ./panel-plugins/xfce4-netload-plugin.nix { }; xfce4_notes_plugin = callPackage ./panel-plugins/xfce4-notes-plugin.nix { }; + xfce4_mailwatch_plugin = callPackage ./panel-plugins/xfce4-mailwatch-plugin.nix { }; + xfce4_mpc_plugin = callPackage ./panel-plugins/xfce4-mpc-plugin.nix { }; xfce4-sensors-plugin = callPackage ./panel-plugins/xfce4-sensors-plugin.nix { }; xfce4_systemload_plugin = callPackage ./panel-plugins/xfce4-systemload-plugin.nix { }; + xfce4_timer_plugin = callPackage ./panel-plugins/xfce4-timer-plugin.nix { }; xfce4_verve_plugin = callPackage ./panel-plugins/xfce4-verve-plugin.nix { }; xfce4_xkb_plugin = callPackage ./panel-plugins/xfce4-xkb-plugin.nix { }; xfce4_weather_plugin = callPackage ./panel-plugins/xfce4-weather-plugin.nix { }; diff --git a/pkgs/desktops/xfce/panel-plugins/xfce4-mailwatch-plugin.nix b/pkgs/desktops/xfce/panel-plugins/xfce4-mailwatch-plugin.nix new file mode 100644 index 000000000000..dd80259db5fa --- /dev/null +++ b/pkgs/desktops/xfce/panel-plugins/xfce4-mailwatch-plugin.nix @@ -0,0 +1,25 @@ +{ stdenv, fetchurl, pkgconfig, intltool, libxfce4util, xfce4panel, libxfce4ui, +libxfcegui4, xfconf, gtk, exo, gnutls, libgcrypt }: + +with stdenv.lib; +stdenv.mkDerivation rec { + p_name = "xfce4-mailwatch-plugin"; + ver_maj = "1.2"; + ver_min = "0"; + + src = fetchurl { + url = "mirror://xfce/src/panel-plugins/${p_name}/${ver_maj}/${name}.tar.bz2"; + sha256 = "1bfw3smwivr9mzdyq768biqrl4aq94zqi3xjzq6kqnd8561cqjk2"; + }; + name = "${p_name}-${ver_maj}.${ver_min}"; + + buildInputs = [ pkgconfig intltool libxfce4util libxfce4ui xfce4panel + libxfcegui4 xfconf gtk exo gnutls libgcrypt ]; + + meta = { + homepage = "http://goodies.xfce.org/projects/panel-plugins/${p_name}"; + description = "Mailwatch plugin for Xfce panel"; + platforms = platforms.linux; + maintainers = [ maintainers.matthiasbeyer ]; + }; +} diff --git a/pkgs/desktops/xfce/panel-plugins/xfce4-mpc-plugin.nix b/pkgs/desktops/xfce/panel-plugins/xfce4-mpc-plugin.nix new file mode 100644 index 000000000000..6a2f5bd50849 --- /dev/null +++ b/pkgs/desktops/xfce/panel-plugins/xfce4-mpc-plugin.nix @@ -0,0 +1,25 @@ +{ stdenv, fetchurl, pkgconfig, intltool, libxfce4util, xfce4panel, libxfce4ui, +libxfcegui4, xfconf, gtk, exo }: + +with stdenv.lib; +stdenv.mkDerivation rec { + p_name = "xfce4-mpc-plugin"; + ver_maj = "0.4"; + ver_min = "5"; + name = "${p_name}-${ver_maj}.${ver_min}"; + + src = fetchurl { + url = "mirror://xfce/src/panel-plugins/${p_name}/${ver_maj}/${name}.tar.bz2"; + sha256 = "1kvgq1pq7cykqdc3227dq0izad093ppfw3nfsrcp9i8mi6i5f7z7"; + }; + + buildInputs = [ pkgconfig intltool libxfce4util libxfce4ui xfce4panel + libxfcegui4 xfconf gtk exo ]; + + meta = { + homepage = "http://goodies.xfce.org/projects/panel-plugins/${p_name}"; + description = "MPD plugin for Xfce panel"; + platforms = platforms.linux; + maintainers = [ maintainers.matthiasbeyer ]; + }; +} diff --git a/pkgs/desktops/xfce/panel-plugins/xfce4-timer-plugin.nix b/pkgs/desktops/xfce/panel-plugins/xfce4-timer-plugin.nix new file mode 100644 index 000000000000..17dcb10c9d1e --- /dev/null +++ b/pkgs/desktops/xfce/panel-plugins/xfce4-timer-plugin.nix @@ -0,0 +1,29 @@ +{ stdenv, fetchurl, pkgconfig, intltool, libxfce4util, xfce4panel, libxfce4ui, libxfcegui4, xfconf, gtk}: + +with stdenv.lib; +stdenv.mkDerivation rec { + p_name = "xfce4-timer-plugin"; + ver_maj = "1.6"; + ver_min = "0"; + + src = fetchurl { + url = "mirror://xfce/src/panel-plugins/${p_name}/${ver_maj}/${name}.tar.bz2"; + sha256 = "0z46gyw3ihcd1jf0m5z1dsc790xv1cpi8mk1dagj3i4v14gx5mrr"; + }; + name = "${p_name}-${ver_maj}.${ver_min}"; + + buildInputs = [ intltool libxfce4util libxfce4ui xfce4panel libxfcegui4 xfconf + gtk ]; + + nativeBuildInputs = [ pkgconfig ]; + + hardeningDisable = [ "format" ]; + + meta = { + homepage = "http://goodies.xfce.org/projects/panel-plugins/${p_name}"; + description = "Battery plugin for Xfce panel"; + platforms = platforms.linux; + license = licenses.gpl2; + maintainers = [ maintainers.matthiasbeyer ]; + }; +} diff --git a/pkgs/development/haskell-modules/configuration-ghc-7.10.x.nix b/pkgs/development/haskell-modules/configuration-ghc-7.10.x.nix index 6a7fe29b80fa..54cd16957edc 100644 --- a/pkgs/development/haskell-modules/configuration-ghc-7.10.x.nix +++ b/pkgs/development/haskell-modules/configuration-ghc-7.10.x.nix @@ -191,6 +191,7 @@ self: super: { unordered-containers = dontCheck super.unordered-containers; # GHC versions prior to 8.x require additional build inputs. + dependent-map = addBuildDepend super.dependent-map self.semigroups; distributive = addBuildDepend super.distributive self.semigroups; mono-traversable = addBuildDepend super.mono-traversable self.semigroups; attoparsec = addBuildDepends super.attoparsec (with self; [semigroups fail]); diff --git a/pkgs/development/libraries/unittest-cpp/default.nix b/pkgs/development/libraries/unittest-cpp/default.nix index bc9035d479b5..cee71df4849a 100644 --- a/pkgs/development/libraries/unittest-cpp/default.nix +++ b/pkgs/development/libraries/unittest-cpp/default.nix @@ -21,7 +21,7 @@ stdenv.mkDerivation rec { homepage = "https://github.com/unittest-cpp/unittest-cpp"; description = "Lightweight unit testing framework for C++"; license = licenses.mit; - maintainers = [maintainers.tohl]; + maintainers = []; platforms = stdenv.lib.platforms.unix; }; } diff --git a/pkgs/servers/emby/default.nix b/pkgs/servers/emby/default.nix index 340e376e9ed6..a9b1333fb0fa 100644 --- a/pkgs/servers/emby/default.nix +++ b/pkgs/servers/emby/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { name = "emby-${version}"; - version = "3.2.4"; + version = "3.2.5"; src = fetchurl { url = "https://github.com/MediaBrowser/Emby/releases/download/${version}/Emby.Mono.zip"; - sha256 = "0a14wr2yal9q5vlwadyki9w35bn4f3r7r5w3zynp4f7460lfapmf"; + sha256 = "1vgn3k57pgj4prndhjshzkwchj9igpagmmlrbkvqdj4axw762i9g"; }; buildInputs = with pkgs; [ diff --git a/pkgs/tools/backup/borg/default.nix b/pkgs/tools/backup/borg/default.nix index b27d5c834b1b..476c42504a26 100644 --- a/pkgs/tools/backup/borg/default.nix +++ b/pkgs/tools/backup/borg/default.nix @@ -2,13 +2,13 @@ python3Packages.buildPythonApplication rec { name = "borgbackup-${version}"; - version = "1.0.9"; + version = "1.0.10"; namePrefix = ""; src = fetchurl { url = "https://github.com/borgbackup/borg/releases/download/" + "${version}/${name}.tar.gz"; - sha256 = "1ciwp9yilcibk0x82y5nn8ps95jrm8rxvff8mjrlp7a2w100i1im"; + sha256 = "1sarmpzwr8dhbg0hsvaclcsjfax36ssb32d9klhhah4j8kqji3wp"; }; nativeBuildInputs = with python3Packages; [ diff --git a/pkgs/tools/misc/tmate/default.nix b/pkgs/tools/misc/tmate/default.nix index baadd6f30646..f02c41484818 100644 --- a/pkgs/tools/misc/tmate/default.nix +++ b/pkgs/tools/misc/tmate/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { name = "tmate-${version}"; - version = "2.2.0"; + version = "2.2.1"; src = fetchFromGitHub { - owner = "nviennot"; + owner = "tmate-io"; repo = "tmate"; rev = version; - sha256 = "1w3a7na0yj1y0x24qckc7s2y9xfak5iv6vyqrd0iibn3b7dxarli"; + sha256 = "0pfl9vrswzim9ydi1n652h3rax2zrmy6sqkp0r09yy3lw83h4y1r"; }; buildInputs = [ autoconf automake pkgconfig libtool zlib openssl libevent ncurses cmake ruby libmsgpack libssh ]; diff --git a/pkgs/tools/networking/openresolv/default.nix b/pkgs/tools/networking/openresolv/default.nix index 7d9062c08db7..f22ad32aaa4e 100644 --- a/pkgs/tools/networking/openresolv/default.nix +++ b/pkgs/tools/networking/openresolv/default.nix @@ -1,11 +1,12 @@ { stdenv, fetchurl, makeWrapper, coreutils }: stdenv.mkDerivation rec { - name = "openresolv-3.8.1"; + name = "openresolv-${version}"; + version = "3.9.0"; src = fetchurl { url = "mirror://roy/openresolv/${name}.tar.xz"; - sha256 = "0hqxvrhc4r310hr59bwi1vbl16my27pdlnbrnbqqihiav67xfnfj"; + sha256 = "1f2dccc52iykbpma26fbxzga2l6g4njm3bgaxz4rgdrb4cwlv82i"; }; buildInputs = [ makeWrapper ]; diff --git a/pkgs/tools/networking/pptp/default.nix b/pkgs/tools/networking/pptp/default.nix index e7f40ade77ea..8fcdb49b2b1e 100644 --- a/pkgs/tools/networking/pptp/default.nix +++ b/pkgs/tools/networking/pptp/default.nix @@ -1,11 +1,12 @@ { stdenv, fetchurl, perl, ppp, iproute, which }: stdenv.mkDerivation rec { - name = "pptp-1.8.0"; + name = "pptp-${version}"; + version = "1.9.0"; src = fetchurl { url = "mirror://sourceforge/pptpclient/${name}.tar.gz"; - sha256 = "1nmvwj7wd9c1isfi9i0hdl38zv55y2khy2k0v1nqlai46gcl5773"; + sha256 = "00cj3jqj1hqri856jif4kkzan684qv1cb1zf2amzblvqqnzqq7hb"; }; patchPhase = diff --git a/pkgs/tools/networking/sstp/default.nix b/pkgs/tools/networking/sstp/default.nix index 6dbd62679939..dce6d1acb776 100644 --- a/pkgs/tools/networking/sstp/default.nix +++ b/pkgs/tools/networking/sstp/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { name = "sstp-client-${version}"; - version = "1.0.10"; + version = "1.0.11"; src = fetchurl { url = "mirror://sourceforge/sstp-client/sstp-client/${version}/sstp-client-${version}.tar.gz"; - sha256 = "096lw3a881hjqnffms3bl077pjyq77870kjaf83chhjcakc8942z"; + sha256 = "087vp3n7nv001fsgbmkjpgl3a2vhbix22cflrqi5bv9h8181p18v"; }; patchPhase = diff --git a/pkgs/tools/system/fcron/default.nix b/pkgs/tools/system/fcron/default.nix index f546cd8f5ffc..ec52b5b3db8e 100644 --- a/pkgs/tools/system/fcron/default.nix +++ b/pkgs/tools/system/fcron/default.nix @@ -1,58 +1,61 @@ -# I've only worked on this till it compiled and worked. So maybe there are some things which should be done but I've missed # restart using 'killall -TERM fcron; fcron -b # use convert-fcrontab to update fcrontab files { stdenv, fetchurl, perl, busybox, vim }: stdenv.mkDerivation rec { - name = "fcron-3.1.2"; + name = "fcron-${version}"; + version = "3.2.1"; src = fetchurl { url = "http://fcron.free.fr/archives/${name}.src.tar.gz"; - sha256 = "0p8sn4m3frh2x2llafq2gbcm46rfrn6ck4qi0d0v3ql6mfx9k4hw"; + sha256 = "0sjz7r050myj6zgixzx3pk5ff819v6b0zfn0q1lkd19jkaix0531"; }; buildInputs = [ perl ]; + patches = [ ./relative-fcronsighup.patch ]; + configureFlags = [ "--with-sendmail=${busybox}/sbin/sendmail" "--with-editor=${vim}/bin/vi" # TODO customizable "--with-bootinstall=no" + "--localstatedir=/var" "--sysconfdir=/etc" - # fcron would have been default user/grp - "--with-username=root" - "--with-groupname=root" "--with-rootname=root" "--with-rootgroup=root" "--disable-checks" ]; - + installTargets = "install-staged"; # install does also try to change permissions of /etc/* files - - preConfigure = - '' - sed -i 's@/usr/bin/env perl@${perl}/bin/perl@g' configure script/* - # Don't let fcron create the group fcron, nix(os) should do this - sed -i '2s@.*@exit 0@' script/user-group - - # --with-bootinstall=no shoud do this, didn't work. So just exit the script before doing anything - sed -i '2s@.*@exit 0@' script/boot-install - - # also don't use chown or chgrp for documentation (or whatever) when installing - find -type f | xargs sed -i -e 's@^\(\s\)*chown@\1:@' -e 's@^\(\s\)*chgrp@\1:@' - ''; - - patchPhase = - '' - # don't try to create /etc/fcron.{allow,deny,conf} - sed -i -e 's@test -f $(DESTDIR)$(ETC)/fcron.conf @ # @' \ - -e 's@if test ! -f $(DESTDIR)$(ETC)/fcron.allow@ # @' Makefile.in - ''; - - meta = { + + # fcron tries to install pid into system directory on install + installFlags = [ + "ETC=." + "PIDDIR=." + "PIDFILE=fcron.pid" + "REBOOT_LOCK=fcron.reboot" + "FIFODIR=." + "FIFOFILE=fcron.fifo" + "FCRONTABS=." + ]; + + preConfigure = '' + sed -i 's@/usr/bin/env perl@${perl}/bin/perl@g' configure script/* + # Don't let fcron create the group fcron, nix(os) should do this + sed -i '2s@.*@exit 0@' script/user-group + + # --with-bootinstall=no shoud do this, didn't work. So just exit the script before doing anything + sed -i '2s@.*@exit 0@' script/boot-install + + # also don't use chown or chgrp for documentation (or whatever) when installing + find -type f | xargs sed -i -e 's@^\(\s\)*chown@\1:@' -e 's@^\(\s\)*chgrp@\1:@' + ''; + + meta = with stdenv.lib; { description="A command scheduler with extended capabilities over cron and anacron"; homepage = http://fcron.free.fr; - license = stdenv.lib.licenses.gpl2; - platforms = stdenv.lib.platforms.all; + license = licenses.gpl2; + }; } diff --git a/pkgs/tools/system/fcron/relative-fcronsighup.patch b/pkgs/tools/system/fcron/relative-fcronsighup.patch new file mode 100644 index 000000000000..c0bbfc1ee3ef --- /dev/null +++ b/pkgs/tools/system/fcron/relative-fcronsighup.patch @@ -0,0 +1,16 @@ +Use relative fcronsighup to prefer setuid executable over package binary. +--- fcron-3.2.1.orig/fcrontab.c 2016-06-26 17:02:48.000000000 +0200 ++++ fcron-3.2.1/fcrontab.c 2017-03-05 21:54:24.676871335 +0100 +@@ -154,10 +154,10 @@ + fcrontab_gid); + exit(ERR); + } +- execl(BINDIREX "/fcronsighup", BINDIREX "/fcronsighup", fcronconf, ++ execlp("fcronsighup", "fcronsighup", fcronconf, + NULL); + +- error_e("Could not exec " BINDIREX " fcronsighup"); ++ error_e("Could not exec fcronsighup"); + exit(ERR); + break; + diff --git a/pkgs/tools/system/logcheck/default.nix b/pkgs/tools/system/logcheck/default.nix index 9934175ae3b6..9c2a42eeb5ae 100644 --- a/pkgs/tools/system/logcheck/default.nix +++ b/pkgs/tools/system/logcheck/default.nix @@ -1,13 +1,13 @@ { stdenv, fetchurl, lockfileProgs, perl, mimeConstruct }: stdenv.mkDerivation rec { - _name = "logcheck"; - version = "1.3.17"; - name = "${_name}-${version}"; + name = "logcheck-${version}"; + version = "1.3.18"; + _name = "logcheck_${version}"; src = fetchurl { - url = "mirror://debian/pool/main/l/${_name}/${_name}_${version}.tar.xz"; - sha256 = "0fphzaljc9ddv1x6l3zdf9cbarqgzpdqaqwm3plmarcc7qrgrly2"; + url = "mirror://debian/pool/main/l/logcheck/${_name}.tar.xz"; + sha256 = "1x4skb5nmv2xj8cygj8pq1rd1ws4m2fsibw54yslgdyjri4r2yq7"; }; preConfigure = '' @@ -28,7 +28,7 @@ stdenv.mkDerivation rec { "SHAREDIR=share/logtail/detectrotate" ]; - meta = { + meta = with stdenv.lib; { description = "Mails anomalies in the system logfiles to the administrator"; longDescription = '' Mails anomalies in the system logfiles to the administrator. @@ -37,9 +37,8 @@ stdenv.mkDerivation rec { Logcheck was part of the Abacus Project of security tools, but this version has been rewritten. ''; homepage = http://logcheck.org; - license = stdenv.lib.licenses.gpl2; - - maintainers = [ stdenv.lib.maintainers.bluescreen303 ]; - platforms = stdenv.lib.platforms.all; + license = licenses.gpl2; + maintainers = [ maintainers.bluescreen303 ]; + }; } |