| Commit message (Collapse) | Author | Age |
| |
|
|\
| |
| | |
ntpd: Add patch to allow getpid syscall in seccomp filter.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fixes issue #21136.
The problem is that the seccomp system call filter configured by ntpd did not
include some system calls that were apparently needed. For example the
program hanged in getpid just after the filter was installed:
prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) = 0
seccomp(SECCOMP_SET_MODE_STRICT, 1, NULL) = -1 EINVAL (Invalid argument)
seccomp(SECCOMP_SET_MODE_FILTER, 0, {len=41, filter=0x5620d7f0bd90}) = 0
getpid() = ?
I do not know exactly why this is a problem on NixOS only, perhaps we have getpid
caching disabled.
The fcntl and setsockopt system calls also had to be added.
|
|\ \
| | |
| | | |
networkmanager: 1.4.4 -> 1.6.4
|
| | | |
|
| | | |
|
| | | |
|
|/ / |
|
|\ \ |
|
| |/
| |
| |
| | |
http://nwtime.org/network-time-foundation-publishes-ntp-4-2-8-p10/
|
| | |
|
|/ |
|
| |
|
|\
| |
| | |
haproxy: PCRE and LUA support via configurable options
|
| | |
|
| |
| |
| |
| |
| | |
Both are enabled by default. Except for LUA on Darwin where
compilation fails. (See #23901.)
|
| |
| |
| |
| |
| |
| |
| | |
`preConfigure` line became too long to edit comfortably. Split up
flags into ones necessary during both build and install phase and
install phase only. Makefile defines a target for OS X/Darwin which
automatically sets the `KQUEUE` flag.
|
|\ \
| | |
| | | |
keepalived: 1.3.4 -> 1.3.5
|
| | | |
|
| | |
| | |
| | |
| | | |
This has the side effect of now building on darwin. Previously, the
vendored luajit would fail to build.
|
| | | |
|
| | |
| | |
| | |
| | | |
(cherry picked from commit f79be2cfa321617314aa253a8a6341a2f0ab7816)
|
| | | |
|
| |/
|/|
| |
| |
| | |
It's sad, but he's been inactive for the last five years.
Keeping such people in meta.maintainers is counter-productive.
|
| |
| |
| |
| | |
This also fixes the build on clang 4
|
| |
| |
| |
| |
| |
| | |
The configure scripts have been changed so that `--build` is now the
way to specify (non-cross compiling) build target, which is necessary
on darwin for binary compatibility across darwin versions.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
execline: 2.1.4.5 -> 2.2.0.0
s6-dns: 2.0.0.7 -> 2.1.0.0
s6-linux-utils: 2.0.2.3 -> 2.2.0.0
s6-networking: 2.1.0.4 -> 2.2.1.0
s6-portable-utils: 2.1.0.0 -> 2.1.0.0 (no version change)
s6-rc: 0.0.2.1 -> 0.1.0.0
s6: 2.2.4.3 -> 2.4.0.0
skalibs: 2.3.9.0 -> 2.4.0.1
Also use new --enable-absolute-paths configure arg to correctly set
paths to runtime executables to point within the nix store rather than
relying on PATH resolution.
|
| | |
|
|\ \ |
|
| |\ \
| | | |
| | | | |
git, curl, openssl: Refactor $NIX_SSL_CERT_FILE handling
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Having curl fall back to openssl's CA means that we need not patch curl
to respect NIX_SSL_CERT_FILE. It will work in all the cases.
This reverts commit fb4c43dd8adbd7a10d1c52539b36e2da269f3f7f "curl: Use CA bundle in nix default profile by default"
If we want to reintroduce that feature, this needs to go inside openssl
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Improve patching of curl to use NIX_SSL_CERT_FILE as default CA
Remove patches from git, as git uses curl and passes its environment
variables to curl.
|
| |\ \ \
| | |/ /
| |/| /
| | |/ |
|
| | |
| | |
| | |
| | | |
Slightly modified version of 942dbf89c6120cb5b52fb2ab456855d1fbf2994e
|
|\ \ \
| |_|/
|/| | |
pcapc: 2015-03.06 -> 1.0.0
|
| | | |
|
| |/
|/| |
|
|\ \
| | |
| | |
| | | |
Nontrivial rebuilds from master, again :-/
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Adding ldns builds additional plugins for rewriting DNS queries,
such as blocking and forwarding.
For example, to use a custom domain blocklist, you can do
```nix
let
myBlockListFile = writeText "blocked-domains" ''
*.example.com
'';
in
{
services.dnscrypt-proxy.extraArgs = [
"-X libdcplugin_example_ldns_blocking.so,--domains=${myBlockListFile}"
];
}
```
|
|\| |
| | |
| | |
| | | |
More larger rebuilds from master, unfortunately.
|
| | | |
|
|\| |
| | |
| | |
| | |
| | | |
Conflicts:
pkgs/development/libraries/qt-5/5.7/qtbase/default.nix
|
| |\ \
| | | |
| | | | |
gupnp-tools: 0.8.8 -> 0.8.13
|
| | | | |
|
| |/ / |
|
| | | |
|
| | | |
|
| | |
| | |
| | |
| | |
| | | |
- native build inputs
- allow building with hardening
|
| | |
| | |
| | |
| | | |
Closes https://github.com/NixOS/nixpkgs/pull/23679
|