diff options
Diffstat (limited to 'nixpkgs/pkgs/tools/security')
21 files changed, 192 insertions, 81 deletions
diff --git a/nixpkgs/pkgs/tools/security/argocd-vault-plugin/default.nix b/nixpkgs/pkgs/tools/security/argocd-vault-plugin/default.nix index d2557b36dc2e..bd6e4c15fa27 100644 --- a/nixpkgs/pkgs/tools/security/argocd-vault-plugin/default.nix +++ b/nixpkgs/pkgs/tools/security/argocd-vault-plugin/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "argocd-vault-plugin"; - version = "1.16.1"; + version = "1.17.0"; src = fetchFromGitHub { owner = "argoproj-labs"; repo = pname; rev = "v${version}"; - hash = "sha256-7bUpshg+OqlS5wvFkZkovQVaLglvSpp7FsVA9qNOk1U="; + hash = "sha256-YH7yNRaKdYzasaxYSManuiImyxglmIwgLvDKjUg3MR8="; }; - vendorHash = "sha256-r9Pcm95gU0QTiREdiQiyJMOKZb5Lt2bIJywLerzgbdg="; + vendorHash = "sha256-0PrGrcS8Gx0cVImGrlmXlycFgWCTLjg2ISi0OhYoPpw="; # integration tests require filesystem and network access for credentials doCheck = false; diff --git a/nixpkgs/pkgs/tools/security/clevis/default.nix b/nixpkgs/pkgs/tools/security/clevis/default.nix index 0498f0599052..fa1be45a5b99 100644 --- a/nixpkgs/pkgs/tools/security/clevis/default.nix +++ b/nixpkgs/pkgs/tools/security/clevis/default.nix @@ -16,6 +16,7 @@ , ninja , pkg-config , tpm2-tools +, nixosTests }: stdenv.mkDerivation rec { @@ -29,6 +30,12 @@ stdenv.mkDerivation rec { hash = "sha256-3J3ti/jRiv+p3eVvJD7u0ko28rPd8Gte0mCJaVaqyOs="; }; + patches = [ + # Replaces the clevis-decrypt 300s timeout to a 10s timeout + # https://github.com/latchset/clevis/issues/289 + ./tang-timeout.patch + ]; + postPatch = '' for f in $(find src/ -type f); do grep -q "/bin/cat" "$f" && substituteInPlace "$f" \ @@ -65,6 +72,14 @@ stdenv.mkDerivation rec { "man" ]; + passthru.tests = { + inherit (nixosTests.installer) clevisBcachefs clevisBcachefsFallback clevisLuks clevisLuksFallback clevisZfs clevisZfsFallback; + clevisLuksSystemdStage1 = nixosTests.installer-systemd-stage-1.clevisLuks; + clevisLuksFallbackSystemdStage1 = nixosTests.installer-systemd-stage-1.clevisLuksFallback; + clevisZfsSystemdStage1 = nixosTests.installer-systemd-stage-1.clevisZfs; + clevisZfsFallbackSystemdStage1 = nixosTests.installer-systemd-stage-1.clevisZfsFallback; + }; + meta = with lib; { description = "Automated Encryption Framework"; homepage = "https://github.com/latchset/clevis"; diff --git a/nixpkgs/pkgs/tools/security/clevis/tang-timeout.patch b/nixpkgs/pkgs/tools/security/clevis/tang-timeout.patch new file mode 100644 index 000000000000..454541d5e77c --- /dev/null +++ b/nixpkgs/pkgs/tools/security/clevis/tang-timeout.patch @@ -0,0 +1,13 @@ +diff --git a/src/pins/tang/clevis-decrypt-tang b/src/pins/tang/clevis-decrypt-tang +index 72393b4..40b660f 100755 +--- a/src/pins/tang/clevis-decrypt-tang ++++ b/src/pins/tang/clevis-decrypt-tang +@@ -101,7 +101,7 @@ xfr="$(jose jwk exc -i '{"alg":"ECMR"}' -l- -r- <<< "$clt$eph")" + + rec_url="$url/rec/$kid" + ct="Content-Type: application/jwk+json" +-if ! rep="$(curl -sfg -X POST -H "$ct" --data-binary @- "$rec_url" <<< "$xfr")"; then ++if ! rep="$(curl --connect-timeout 10 -sfg -X POST -H "$ct" --data-binary @- "$rec_url" <<< "$xfr")"; then + echo "Error communicating with server $url" >&2 + exit 1 + fi diff --git a/nixpkgs/pkgs/tools/security/cnspec/default.nix b/nixpkgs/pkgs/tools/security/cnspec/default.nix index 25b866285e95..b1f8cbb81b2a 100644 --- a/nixpkgs/pkgs/tools/security/cnspec/default.nix +++ b/nixpkgs/pkgs/tools/security/cnspec/default.nix @@ -5,17 +5,17 @@ buildGoModule rec { pname = "cnspec"; - version = "9.8.0"; + version = "9.9.3"; src = fetchFromGitHub { owner = "mondoohq"; repo = "cnspec"; rev = "refs/tags/v${version}"; - hash = "sha256-XxjFmFU6G7pTJCkWUYadFTEAQh5HZigfvUNoNNw1DOM="; + hash = "sha256-OlM/gcwHQWfXmKLcDDHh3okvqHIELRL+dRQJ6dOcItc="; }; proxyVendor = true; - vendorHash = "sha256-Ykb1dmvdOgOBqgsCJbLGwUbbMfsao0is95g8a2chVME="; + vendorHash = "sha256-yhPixXldWUhJURZ/lIScIAbhsw/b/JCjYi1+Y5UOnnQ="; subPackages = [ "apps/cnspec" diff --git a/nixpkgs/pkgs/tools/security/exploitdb/default.nix b/nixpkgs/pkgs/tools/security/exploitdb/default.nix index cd54bad53de0..acfbad10cd55 100644 --- a/nixpkgs/pkgs/tools/security/exploitdb/default.nix +++ b/nixpkgs/pkgs/tools/security/exploitdb/default.nix @@ -6,13 +6,13 @@ stdenv.mkDerivation rec { pname = "exploitdb"; - version = "2023-12-01"; + version = "2023-12-02"; src = fetchFromGitLab { owner = "exploit-database"; repo = pname; rev = "refs/tags/${version}"; - hash = "sha256-tWwcNZ4xyeNMhIyH6cYfW910syfZd4KF9G73XItz8hk="; + hash = "sha256-rITeDc1PQFjV4ZlBK97T+hvIzuWMIoPxBLscqkXiMwc="; }; nativeBuildInputs = [ diff --git a/nixpkgs/pkgs/tools/security/gopass/default.nix b/nixpkgs/pkgs/tools/security/gopass/default.nix index 10efc22d4a1b..6573c511474a 100644 --- a/nixpkgs/pkgs/tools/security/gopass/default.nix +++ b/nixpkgs/pkgs/tools/security/gopass/default.nix @@ -13,7 +13,7 @@ buildGoModule rec { pname = "gopass"; - version = "1.15.10"; + version = "1.15.11"; nativeBuildInputs = [ installShellFiles makeWrapper ]; @@ -21,10 +21,10 @@ buildGoModule rec { owner = "gopasspw"; repo = "gopass"; rev = "v${version}"; - hash = "sha256-6s4rg2+oC+RB2gE4FQIY2MPmFSh+RxiZxaIuMI/T8hE="; + hash = "sha256-wgrZkRRMEWA9Lk9eW+iGi+dZNYfDVhRu1phimZC079c="; }; - vendorHash = "sha256-tbZpNraGVC+p6O1MOh4vPmcwUgW5ykg7rGTNOWKFk0M="; + vendorHash = "sha256-TvohrwSFVv5ylVRd6jPdRDyRRhqqWa0xey9KN9vtyY8="; subPackages = [ "." ]; diff --git a/nixpkgs/pkgs/tools/security/gopass/git-credential.nix b/nixpkgs/pkgs/tools/security/gopass/git-credential.nix index 038cdaf84167..8654d05d9d13 100644 --- a/nixpkgs/pkgs/tools/security/gopass/git-credential.nix +++ b/nixpkgs/pkgs/tools/security/gopass/git-credential.nix @@ -7,16 +7,16 @@ buildGoModule rec { pname = "git-credential-gopass"; - version = "1.15.10"; + version = "1.15.11"; src = fetchFromGitHub { owner = "gopasspw"; repo = "git-credential-gopass"; rev = "v${version}"; - hash = "sha256-DQPjnCwpFOKN0ObPXPbwy7GK1VsPSj+pcLKjfSPPPRo="; + hash = "sha256-qnWgrpcj3DZQu5haP/5xqoO7eogkRjBmc8XpgFFNT6I="; }; - vendorHash = "sha256-gvnBlf0JfdrHSHTF+OQxBHFER5F910mruzCa/prvIYA="; + vendorHash = "sha256-bit4+YgQ+Y/TA2q7KdZwYTE3ZKBwL6tUam+tHzBMiQw="; subPackages = [ "." ]; diff --git a/nixpkgs/pkgs/tools/security/gopass/hibp.nix b/nixpkgs/pkgs/tools/security/gopass/hibp.nix index 79a72bf891f8..11ee0a94dbf9 100644 --- a/nixpkgs/pkgs/tools/security/gopass/hibp.nix +++ b/nixpkgs/pkgs/tools/security/gopass/hibp.nix @@ -7,16 +7,16 @@ buildGoModule rec { pname = "gopass-hibp"; - version = "1.15.10"; + version = "1.15.11"; src = fetchFromGitHub { owner = "gopasspw"; repo = "gopass-hibp"; rev = "v${version}"; - hash = "sha256-v3FtWBi5H9LiFN/mowufonABr+aV3Z8MWBKiIUoy0NE="; + hash = "sha256-2XhvUIa8RxQ6CAKPGpL8/rBiJSX/WsSGtIpaHLIBM1E="; }; - vendorHash = "sha256-c4kk1RrvB+c+8IfbIsLRvG7O3cy+u9l+pDZ52XX1AhI="; + vendorHash = "sha256-i9PUqircNf+jz5gcr3rVIR4tD9/bkV2h6LiDFhjiLaw="; subPackages = [ "." ]; diff --git a/nixpkgs/pkgs/tools/security/gopass/jsonapi.nix b/nixpkgs/pkgs/tools/security/gopass/jsonapi.nix index 21345240a647..37ac46356c3a 100644 --- a/nixpkgs/pkgs/tools/security/gopass/jsonapi.nix +++ b/nixpkgs/pkgs/tools/security/gopass/jsonapi.nix @@ -8,16 +8,16 @@ buildGoModule rec { pname = "gopass-jsonapi"; - version = "1.15.10"; + version = "1.15.11"; src = fetchFromGitHub { owner = "gopasspw"; repo = "gopass-jsonapi"; rev = "v${version}"; - hash = "sha256-3E55MNS9QBLeae+Dc7NqbVMGie6NUKMBMGvkMqKeWoE="; + hash = "sha256-wJlnm+sgFg55LW4RWGjcT538DgNhJtFjwgwgqwLWH50="; }; - vendorHash = "sha256-sarNWeBi93oXL9v2EkP/z2+Bd4TyNy+z6576hOCf1/Q="; + vendorHash = "sha256-qRmPO2WM9RD43twl5a47IT3xC1LGFwNF99ojIU2xg6A="; subPackages = [ "." ]; diff --git a/nixpkgs/pkgs/tools/security/gopass/summon.nix b/nixpkgs/pkgs/tools/security/gopass/summon.nix index 48740f91954c..97aed94c05fe 100644 --- a/nixpkgs/pkgs/tools/security/gopass/summon.nix +++ b/nixpkgs/pkgs/tools/security/gopass/summon.nix @@ -7,16 +7,16 @@ buildGoModule rec { pname = "gopass-summon-provider"; - version = "1.15.10"; + version = "1.15.11"; src = fetchFromGitHub { owner = "gopasspw"; repo = "gopass-summon-provider"; rev = "v${version}"; - hash = "sha256-S4BPUl7KuRakHr2fvNobChfevFw1UAbAdpFUkwXcmxs="; + hash = "sha256-rbfzmr6HtGUBCjO9jkocSghTAN+aNXTsSsMC38HqgW0="; }; - vendorHash = "sha256-gvnBlf0JfdrHSHTF+OQxBHFER5F910mruzCa/prvIYA="; + vendorHash = "sha256-bit4+YgQ+Y/TA2q7KdZwYTE3ZKBwL6tUam+tHzBMiQw="; subPackages = [ "." ]; diff --git a/nixpkgs/pkgs/tools/security/metasploit/Gemfile b/nixpkgs/pkgs/tools/security/metasploit/Gemfile index e7de6a9a982e..b16aa8a0ddb3 100644 --- a/nixpkgs/pkgs/tools/security/metasploit/Gemfile +++ b/nixpkgs/pkgs/tools/security/metasploit/Gemfile @@ -1,4 +1,4 @@ # frozen_string_literal: true source "https://rubygems.org" -gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/6.3.44" +gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/6.3.45" diff --git a/nixpkgs/pkgs/tools/security/metasploit/Gemfile.lock b/nixpkgs/pkgs/tools/security/metasploit/Gemfile.lock index 9a129de0728c..bdef38c32aad 100644 --- a/nixpkgs/pkgs/tools/security/metasploit/Gemfile.lock +++ b/nixpkgs/pkgs/tools/security/metasploit/Gemfile.lock @@ -1,9 +1,9 @@ GIT remote: https://github.com/rapid7/metasploit-framework - revision: 54a9eee7f85d369feef55d6a340340ad965f80a0 - ref: refs/tags/6.3.44 + revision: dd2f4b923912fc2ffc84d4a1d5e3bbccd5a8efc1 + ref: refs/tags/6.3.45 specs: - metasploit-framework (6.3.44) + metasploit-framework (6.3.45) actionpack (~> 7.0.0) activerecord (~> 7.0.0) activesupport (~> 7.0.0) diff --git a/nixpkgs/pkgs/tools/security/metasploit/default.nix b/nixpkgs/pkgs/tools/security/metasploit/default.nix index 6f9af0634e97..842fc64b6440 100644 --- a/nixpkgs/pkgs/tools/security/metasploit/default.nix +++ b/nixpkgs/pkgs/tools/security/metasploit/default.nix @@ -15,13 +15,13 @@ let }; in stdenv.mkDerivation rec { pname = "metasploit-framework"; - version = "6.3.44"; + version = "6.3.45"; src = fetchFromGitHub { owner = "rapid7"; repo = "metasploit-framework"; rev = "refs/tags/${version}"; - hash = "sha256-LBmyFE617G2ryEAp5fig3G2T/goa9NXUggu0XH4X1xs="; + hash = "sha256-vDTbuvMkudwV3rCEEwE62emXNSMgXR1XHyVB3sDN56Y="; }; nativeBuildInputs = [ diff --git a/nixpkgs/pkgs/tools/security/metasploit/gemset.nix b/nixpkgs/pkgs/tools/security/metasploit/gemset.nix index 5f3386d4f2eb..d6d0ced8a5d1 100644 --- a/nixpkgs/pkgs/tools/security/metasploit/gemset.nix +++ b/nixpkgs/pkgs/tools/security/metasploit/gemset.nix @@ -654,12 +654,12 @@ platforms = []; source = { fetchSubmodules = false; - rev = "54a9eee7f85d369feef55d6a340340ad965f80a0"; - sha256 = "06yp2xz5rd0bhbadbx0s1bz96vfwl3wfaaa0r2mnvv5m9qab469c"; + rev = "dd2f4b923912fc2ffc84d4a1d5e3bbccd5a8efc1"; + sha256 = "19p7rp0dwh953xbisp904csrgsfr780i715hvqaxrf94yfxdnd5w"; type = "git"; url = "https://github.com/rapid7/metasploit-framework"; }; - version = "6.3.44"; + version = "6.3.45"; }; metasploit-model = { groups = ["default"]; diff --git a/nixpkgs/pkgs/tools/security/oauth2c/default.nix b/nixpkgs/pkgs/tools/security/oauth2c/default.nix index c4e187ea53ed..b36eebea7b5f 100644 --- a/nixpkgs/pkgs/tools/security/oauth2c/default.nix +++ b/nixpkgs/pkgs/tools/security/oauth2c/default.nix @@ -5,16 +5,16 @@ buildGoModule rec { pname = "oauth2c"; - version = "1.12.1"; + version = "1.12.2"; src = fetchFromGitHub { owner = "cloudentity"; repo = pname; rev = "v${version}"; - hash = "sha256-Qb4eES7xT/bQTMtcpFy6aQ7n5U/0yA1GXdTR9ga3aYU="; + hash = "sha256-iFYKAdoeCvyhAeZ5K3CHSsHG0Uq+Ok0C8ACe9RztDmY="; }; - vendorHash = "sha256-+rkRo9zY3dRqElKApkbaBrDW8SqilqlGAhOM9vDeQps="; + vendorHash = "sha256-olDtsLoslxOsbAq60RnLp9MGZOt17/BPo9E9SgWOqoQ="; doCheck = false; # tests want to talk to oauth2c.us.authz.cloudentity.io diff --git a/nixpkgs/pkgs/tools/security/pinentry-bemenu/default.nix b/nixpkgs/pkgs/tools/security/pinentry-bemenu/default.nix index aec655d0b559..ed43ee382597 100644 --- a/nixpkgs/pkgs/tools/security/pinentry-bemenu/default.nix +++ b/nixpkgs/pkgs/tools/security/pinentry-bemenu/default.nix @@ -3,13 +3,13 @@ stdenv.mkDerivation rec { pname = "pinentry-bemenu"; - version = "0.12.0"; + version = "0.13.1"; src = fetchFromGitHub { owner = "t-8ch"; repo = pname; rev = "v${version}"; - sha256 = "sha256-5ll4a/1Ughx0s2l/mcIsp1g4oNoNhm0RWvY/tXDvPGE="; + sha256 = "sha256-h+PC8IGwCW5ZroLGpypcmpejOo+JGM7zG4N5fguBWvM="; }; nativeBuildInputs = [ meson ninja pkg-config ]; diff --git a/nixpkgs/pkgs/tools/security/pynitrokey/default.nix b/nixpkgs/pkgs/tools/security/pynitrokey/default.nix index 690d566c476d..2d1979c1b0c1 100644 --- a/nixpkgs/pkgs/tools/security/pynitrokey/default.nix +++ b/nixpkgs/pkgs/tools/security/pynitrokey/default.nix @@ -1,63 +1,82 @@ { lib -, python3Packages +, buildPythonApplication , fetchPypi -, nrfutil +, pythonRelaxDepsHook +, installShellFiles , libnitrokey -, nix-update-script +, flit-core +, certifi +, cffi +, click +, cryptography +, ecdsa +, fido2 +, intelhex +, nkdfu +, python-dateutil +, pyusb +, requests +, spsdk +, tqdm +, tlv8 +, typing-extensions +, pyserial +, protobuf +, click-aliases +, semver +, nethsm +, importlib-metadata }: -with python3Packages; - -buildPythonApplication rec { +let pname = "pynitrokey"; - version = "0.4.40"; - format = "pyproject"; + version = "0.4.43"; + mainProgram = "nitropy"; +in + +buildPythonApplication { + inherit pname version; + pyproject = true; src = fetchPypi { inherit pname version; - hash = "sha256-Hu+8UooDzv4GhkWt0sCckQQyHjWn4V/zt2ADlVCoHmk="; + hash = "sha256-dYOdokqALDg4Xn7N6Yd0skM/tit+j5+xY73sm9k76hE="; }; propagatedBuildInputs = [ certifi cffi click - click-aliases cryptography ecdsa - frozendict fido2 intelhex nkdfu - nrfutil python-dateutil pyusb requests - semver spsdk tqdm - urllib3 tlv8 typing-extensions + pyserial + protobuf + click-aliases + semver + nethsm importlib-metadata ]; nativeBuildInputs = [ flit-core + installShellFiles pythonRelaxDepsHook ]; - # FIXME: does pythonRelaxDepsHook not work for pypaBuildHook + flit-core? - pypaBuildFlags = [ "--skip-dependency-check" ]; + pythonRelaxDeps = true; - pythonRelaxDeps = [ - "click" - "cryptography" - "protobuf" - "python-dateutil" - "spsdk" - "typing_extensions" - ]; + # pythonRelaxDepsHook runs in postBuild so cannot be used + pypaBuildFlags = [ "--skip-dependency-check" ]; # libnitrokey is not propagated to users of the pynitrokey Python package. # It is only usable from the wrapped bin/nitropy @@ -70,13 +89,19 @@ buildPythonApplication rec { pythonImportsCheck = [ "pynitrokey" ]; - passthru.updateScript = nix-update-script { }; + postInstall = '' + installShellCompletion --cmd ${mainProgram} \ + --bash <(_NITROPY_COMPLETE=bash_source $out/bin/${mainProgram}) \ + --zsh <(_NITROPY_COMPLETE=zsh_source $out/bin/${mainProgram}) \ + --fish <(_NITROPY_COMPLETE=fish_source $out/bin/${mainProgram}) + ''; meta = with lib; { description = "Python client for Nitrokey devices"; homepage = "https://github.com/Nitrokey/pynitrokey"; + changelog = "https://github.com/Nitrokey/pynitrokey/releases/tag/v${version}"; license = with licenses; [ asl20 mit ]; maintainers = with maintainers; [ frogamic ]; - mainProgram = "nitropy"; + inherit mainProgram; }; } diff --git a/nixpkgs/pkgs/tools/security/qdigidoc/default.nix b/nixpkgs/pkgs/tools/security/qdigidoc/default.nix index 8a8fa4496c38..097ef5023974 100644 --- a/nixpkgs/pkgs/tools/security/qdigidoc/default.nix +++ b/nixpkgs/pkgs/tools/security/qdigidoc/default.nix @@ -2,6 +2,7 @@ , mkDerivation , fetchurl , cmake +, flatbuffers , gettext , pkg-config , libdigidocpp @@ -16,12 +17,12 @@ mkDerivation rec { pname = "qdigidoc"; - version = "4.2.12"; + version = "4.4.0"; src = fetchurl { url = "https://github.com/open-eid/DigiDoc4-Client/releases/download/v${version}/qdigidoc4-${version}.tar.gz"; - hash = "sha256-6bso1qvhVhbBfrcTq4S+aHtHli7X2A926N4r45ztq4E="; + hash = "sha256-5zo0yoY0wufm9DWRIccxJ5g4DXn75nT4fd2h+5QP4oQ="; }; tsl = fetchurl { @@ -37,6 +38,7 @@ mkDerivation rec { ''; buildInputs = [ + flatbuffers libdigidocpp opensc openldap diff --git a/nixpkgs/pkgs/tools/security/srm/default.nix b/nixpkgs/pkgs/tools/security/srm/default.nix index ba776b8af3e3..7cde2be4fbc5 100644 --- a/nixpkgs/pkgs/tools/security/srm/default.nix +++ b/nixpkgs/pkgs/tools/security/srm/default.nix @@ -1,14 +1,18 @@ -{ lib, stdenv, fetchurl }: +{ lib, stdenv, fetchsvn, autoreconfHook }: -stdenv.mkDerivation rec { +stdenv.mkDerivation { pname = "srm"; - version = "1.2.15"; + version = "1.2.15-unstable-2017-12-18"; - src = fetchurl { - url = "mirror://sourceforge/project/srm/${version}/srm-${version}.tar.gz"; - sha256 = "10sjarhprs6s4zandndg720528rcnd4xk8dl48pjj7li1q9c30vm"; + src = fetchsvn { + url = "svn://svn.code.sf.net/p/srm/srm/trunk/"; + rev = "268"; + sha256 = "sha256-bY8p6IS5zeByoe/uTmvBAaBN4Wu7J19dVSpbtqx4OeQ="; }; + patches = [ ./fix-output-in-verbose-mode.patch ]; + nativeBuildInputs = [ autoreconfHook ]; + meta = with lib; { description = "Delete files securely"; longDescription = '' @@ -22,5 +26,4 @@ stdenv.mkDerivation rec { maintainers = with maintainers; [ edwtjo ]; platforms = platforms.unix; }; - } diff --git a/nixpkgs/pkgs/tools/security/srm/fix-output-in-verbose-mode.patch b/nixpkgs/pkgs/tools/security/srm/fix-output-in-verbose-mode.patch new file mode 100644 index 000000000000..966d7ba4612e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/srm/fix-output-in-verbose-mode.patch @@ -0,0 +1,57 @@ +diff --git a/src/sunlink.c b/src/sunlink.c +index 7050713..ffcb8d3 100644 +--- a/src/sunlink.c ++++ b/src/sunlink.c +@@ -468,6 +468,8 @@ static int overwrite_selector(struct srm_target *srm) + if(overwrite_byte(srm, 5, 0x00) < 0) return -1; + if(overwrite_byte(srm, 6, 0xFF) < 0) return -1; + if(overwrite_random(srm, 7, 1) < 0) return -1; ++ if((srm->options&SRM_OPT_V) > 1) ++ printf("\n"); + } + else if(srm->options & SRM_MODE_DOE) + { +@@ -475,6 +477,8 @@ static int overwrite_selector(struct srm_target *srm) + error("US DoE mode"); + if(overwrite_random(srm, 1, 2) < 0) return -1; + if(overwrite_bytes(srm, 3, 'D', 'o', 'E') < 0) return -1; ++ if((srm->options&SRM_OPT_V) > 1) ++ printf("\n"); + } + else if(srm->options & SRM_MODE_OPENBSD) + { +@@ -483,12 +487,16 @@ static int overwrite_selector(struct srm_target *srm) + if(overwrite_byte(srm, 1, 0xFF) < 0) return -1; + if(overwrite_byte(srm, 2, 0x00) < 0) return -1; + if(overwrite_byte(srm, 3, 0xFF) < 0) return -1; ++ if((srm->options&SRM_OPT_V) > 1) ++ printf("\n"); + } + else if(srm->options & SRM_MODE_SIMPLE) + { + if((srm->options&SRM_OPT_V) > 1) + error("Simple mode"); + if(overwrite_byte(srm, 1, 0x00) < 0) return -1; ++ if((srm->options&SRM_OPT_V) > 1) ++ printf("\n"); + } + else if(srm->options & SRM_MODE_RCMP) + { +@@ -497,6 +505,8 @@ static int overwrite_selector(struct srm_target *srm) + if(overwrite_byte(srm, 1, 0x00) < 0) return -1; + if(overwrite_byte(srm, 2, 0xFF) < 0) return -1; + if(overwrite_string(srm, 3, "RCMP") < 0) return -1; ++ if((srm->options&SRM_OPT_V) > 1) ++ printf("\n"); + } + else + { +@@ -535,6 +545,8 @@ static int overwrite_selector(struct srm_target *srm) + if(overwrite_random(srm, 32, 4) < 0) return -1; + /* if you want to backup your partition or shrink your vmware image having the file zero-ed gives best compression results. */ + if(overwrite_byte(srm, 36, 0x00) < 0) return -1; ++ if((srm->options&SRM_OPT_V) > 1) ++ printf("\n"); + } + #if 0 + if((srm->options & SRM_OPT_V) > 1) diff --git a/nixpkgs/pkgs/tools/security/sudo/default.nix b/nixpkgs/pkgs/tools/security/sudo/default.nix index e286f7e7aee3..40056ec72eb8 100644 --- a/nixpkgs/pkgs/tools/security/sudo/default.nix +++ b/nixpkgs/pkgs/tools/security/sudo/default.nix @@ -71,9 +71,8 @@ stdenv.mkDerivation rec { passthru.tests = { inherit (nixosTests) sudo; }; - meta = { + meta = with lib; { description = "A command to run commands as root"; - longDescription = '' Sudo (su "do") allows a system administrator to delegate @@ -81,13 +80,10 @@ stdenv.mkDerivation rec { to run some (or all) commands as root or another user while providing an audit trail of the commands and their arguments. ''; - homepage = "https://www.sudo.ws/"; - - license = "https://www.sudo.ws/sudo/license.html"; - - maintainers = with lib.maintainers; [ delroth ]; - - platforms = lib.platforms.linux; + # From https://www.sudo.ws/about/license/ + license = with licenses; [ sudo bsd2 bsd3 zlib ]; + maintainers = with maintainers; [ delroth ]; + platforms = platforms.linux; }; } |