Commit graph

20476 commits

Author SHA1 Message Date
Eelco Dolstra 2bc9508034 Prevent the JDK from appearing in the Nixpkgs channel 2012-08-22 15:43:19 -04:00
Eelco Dolstra 8020c37f55 Remove obsolete JDK versions
These are the JDK 5 on powerpc-linux (no longer a maintained Nixpkgs
platform), JDK 1.4 (required a manual download) and JDK 5 on Linux
(idem).
2012-08-22 15:43:19 -04:00
Eelco Dolstra bf2b75ca7e Add hacky way to prevent Hydra from building/distributing unfree packages
If the environment variable HYDRA_DISALLOW_UNFREE is set to "1", then
evaluation of a package with license "unfree" will throw an error.
Thus such packages or any packages that depend on them will fail to
evaluate.
2012-08-22 15:43:18 -04:00
Eelco Dolstra 85047983a1 stdenv/generic/default.nix: Simplify the code using the "or" construct 2012-08-22 15:43:18 -04:00
Shea Levy cdc0c13c00 buildNodePackage: Remove absolute path to source tarball to avoid runtime dependency 2012-08-22 15:35:00 -04:00
Andres Loeh 39cfbf6163 Set platforms for packages depending on CUDA to none. 2012-08-22 17:52:18 +02:00
Mathijs Kwik 48d98bd582 gimp28 should probably be gimp_2_8 2012-08-22 17:49:56 +02:00
Mathijs Kwik af3a95d6f3 libiconvOrEmpty: always return a list
- fixes nixpkgs-tarball
2012-08-22 16:57:13 +02:00
Shea Levy aa4ce18077 node-packages.nix: Export buildNodePackage 2012-08-22 09:44:38 -04:00
Shea Levy 695ca8c498 node.js: Bump 2012-08-22 09:14:05 -04:00
Peter Simons 1f18f24387 gcc-4.7: download source code from a mirror instead of hard-coding the URL of the master site 2012-08-22 14:30:15 +02:00
Peter Simons 966b4c336d mirrors.nix: use GNU mirrors before hitting the master site
Our first download URL of choice is http://ftpmirror.gnu.org/, which is an
automatic re-director.
2012-08-22 14:28:50 +02:00
Peter Simons 30a36ad6e5 hadoop: add version 2.0.1-alpha 2012-08-22 14:13:40 +02:00
Shea Levy f34225c440 Merge branch 'chromium-updater' of https://github.com/aszlig/nixpkgs
chromium: Improve update script and update to latest versions.

Previously, we had a single hash of the whole version response from
omahaproxy.

Unfortunately the dev version is released quite frequently, so the hash
is of no use at all (we could rather directly fetch rather than
executing the script, because it will fetch all channels anyway).

This pull request adds two methods of caching:

* First of all, if a perticular version/channel is already in the
previous version of the sources.nix file, don't download it again.

* And the second method is to check if the current sha256 is already
downloaded and reads the corresponding sha256 from the lookup table.

So, this should really help to avoid flooding the download servers and
to not stress impatient users too much.
2012-08-22 06:36:33 -04:00
Shea Levy e375671437 Merge branch 'fix-nss' of https://github.com/aszlig/nixpkgs
Fix NSS library not finding root CA certificates.

This now uses more or less hardcoded CA certificates from Mozilla, which
is the case on Debian and Gentoo aswell. And it fixes the root CA
loading issue, as i discovered that firefox builds with the bundled
version of NSS. With this branch this is no longer the case.

My long-term plans are to integrate an automatic chainloader for
OPENSSL_X509_CERT_FILE, but I'm not sure if this is really a good idea
(hence not included in this branch), as the nss-pem module is still
somewhat experimental. Regardless of it's experimental nature i'm still
including it in order to make it possible for users to load custom PEM
encoded certificates into the NSS database.

This fixups also makes it possible to enable FIPS mode, in case someone
might be interested in that.

And finally, we have a Chromium without quirky bugs from the
experimental OpenSSL integration, which was my original motivation to do
this.

See #112 for further comments.
2012-08-22 06:24:09 -04:00
Michael Raskin 559f5be097 release.nix: use the freshest release GIMP version (2.8.0) 2012-08-22 13:08:49 +04:00
aszlig ec6926bf7e ncdu: New package, starting at version 1.8.
`ncdu` is a little ncurses tool to browse the filesystem tree sorted by disk
usage.
2012-08-22 10:02:19 +02:00
aszlig 5df4e12c92 firefox: Build against system NSS.
So, now even Firefox can be built with our shiny new fixed up NSS derivation,
and as this is desired (especially if we want to support certificates from the
CA bundle), let's make it the default.
2012-08-22 08:29:10 +02:00
aszlig 8b4fae76b3 chromium: Build with NSS by default.
Hurray! This is the first time chromium is working with NSS _and_ is able to
verify certificates using the root certificates built in into NSS.

Optimally it would use certs from OPENSSL_X509_CERT_FILE, but at least it's
working, so let's add that at some later point.
2012-08-22 08:29:10 +02:00
aszlig 808108105d nss: Just delete files if includeTools is false.
Before, the entire directory was deleted and recreated, which fails if we want
to sign libraries (shlibsign is obviously deleted in that step as well), so we
delete everything but "nss-config" on postFixup.
2012-08-22 08:29:10 +02:00
aszlig c672997dc6 nss: Remove redundant nss-config.in.
This file is already contained in nss-3.12.5-gentoo-fixups.diff, so we don't
need to do all that cruft twice.
2012-08-22 08:29:10 +02:00
aszlig 38a4d77665 nss: Fix referencePath to security modules.
This adds a patch from Debian, as they're already have security modules from NSS
in it's own library directory rather than /usr/lib{,64}/ and patch in loading of
libsoftokn as well.

The patch and our own fix of the patch (well, they hardcode Debian specific
stuff in there) ensures that SECMOD_AddNewModule() will find the right module
from the derivation's output path, so the built-in CA root certificates are
recognized and verified correctly.
2012-08-22 08:29:09 +02:00
aszlig 9e0aaf30aa nss: Sign libraries after striping.
Running NSS in FIPS mode is only possible if the libraries are signed correctly,
so we're doing this in the postFixup hook, to insure nothing gets altered after
that phase.

For more information about FIPS mode, please see:
https://developer.mozilla.org/en-US/docs/NSS/FIPS_Mode_-_an_explanation
2012-08-22 08:29:09 +02:00
aszlig 29fce94665 nss: Clean up build/make flags.
First of all, let's remove that redundant BUILD_OPT variable.

This variable already is in makeFlags, so we really don't want it to be lurking
around in the attribute set of the derivation, and it annoys me for being there
for days.

We now state build targets explicitly rather than relying on "nss_build_all".
This makes NSPR_CONFIG_STATUS and the touch of build_nspr stamp obsolete, as
only nss_build_all includes build_nspr.

In addition, we don't need the -lz hack anymore, as this has been fixed in
recent NSS versions, so we can completly remove the postBuild hook.

And while we're at it, we're removing those outdated build instructions as well,
especially because we don't and can't follow official building guidelines
anymore, as those are difficult to apply to Nix.
2012-08-22 08:29:09 +02:00
aszlig 5f4ca8ec18 nss: Add nss-pem module from fedora.
This is a compatibility module which adds suport for PEM certificates used by
OpenSSL and compatible libraries. The module gets built but isn't used at the
moment, so we're going to work on integration of it later.
2012-08-22 08:29:09 +02:00
aszlig 485dcc9152 nss: Build using system libsqlite.
Let's use system SQLite library, which makes sense anyway. More importantly
because it conflicts with the sqlite package, as NSS is building this as a
shared library aswell.
2012-08-22 08:29:09 +02:00
aszlig 0e768ba98d nss: Update NSS to version 3.13.6.
So to begin with fixing NSS let's get to the latest upstream release and start
fixing, so we won't carry around historic crap we then will throw away anyway.
2012-08-22 08:29:09 +02:00
Eelco Dolstra d7fc07705a Add latest patchelf prerelease 2012-08-21 15:57:41 -04:00
Eelco Dolstra e3605e7e76 Merge branch 'master' of github.com:NixOS/nixpkgs 2012-08-21 14:27:18 -04:00
Eelco Dolstra dc2f0f6474 gdb: Update to 7.5 2012-08-21 14:27:00 -04:00
Ludovic Courtès 45ce8c915d libiconvOrNull: Fix libc check. 2012-08-21 16:58:55 +02:00
Ludovic Courtès 11602dad82 glib: Use libiconvOrNull' instead of libiconv'. 2012-08-21 15:53:43 +02:00
Ludovic Courtès f959a26e33 stdenv: Fix typo. 2012-08-21 15:30:50 +02:00
Ludovic Courtès d53cb937f5 libiconvOrNull: Do not use an external libiconv on glibc systems. 2012-08-21 15:29:37 +02:00
Ludovic Courtès 6adc5cedae stdenv: Add `isGlibc' function. 2012-08-21 15:29:07 +02:00
Eelco Dolstra 606e6acd6f postgresql: Update to latest versions
Fixes CVE-2012-3488, CVE-2012-3489.
2012-08-21 08:42:44 -04:00
Eelco Dolstra 8b6edfe78d polkit: Update to 0.105 and enable systemd (logind) support
There are even newer polkit releases, but they have a spidermonkey
dependency which I don't want to bother with right now.
2012-08-21 08:42:44 -04:00
Eelco Dolstra ab3788b382 upower: Update to 0.9.18 and enable systemd support 2012-08-21 08:42:44 -04:00
Eelco Dolstra 6121046a1c systemd: Set the path to pkttyagent
This allows commands like "systemctl reboot" to ask for authentication
when run by mere mortals.
2012-08-21 08:42:44 -04:00
Eelco Dolstra 1dadeaeb18 man-pages: Update to 3.42 2012-08-21 08:42:44 -04:00
Eelco Dolstra c557db2d5c nix: Update to 1.2pre2793_d950cfe
Necessary for systemd.
2012-08-21 08:42:44 -04:00
Mathijs Kwik 00fa89e41f pv: upgrade to 1.3.4 2012-08-21 12:38:44 +02:00
Mathijs Kwik a5663aee4d emacs: add "sunrise commander" 2012-08-21 10:33:20 +02:00
Mathijs Kwik 85c88d473b emacs: add "rect-mark" 2012-08-21 10:33:06 +02:00
Mathijs Kwik 192b29181b linux-3.4: upgrade to 3.4.9
- aufs patch: upgrade to latest stable 3.4
2012-08-21 10:27:13 +02:00
Mathijs Kwik 6e9a6a5924 linux-3.3: upgrade to 3.3.8
- aufs patch: upgrade to latest stable 3.3
2012-08-21 10:26:44 +02:00
Shea Levy 265b8c565b gptfdisk: Bump 2012-08-20 22:22:02 -04:00
Shea Levy 1b2acb25e6 xclip: Bump 2012-08-20 16:36:10 -04:00
Peter Simons 970a326ebb bash-completion: automatically source any completion files that the user might have installed in ~/.nix-profile/etc/bash_completion.d 2012-08-20 16:36:20 +02:00
Eelco Dolstra e91a4fb1e4 linux: Update to 3.2.28 2012-08-20 09:56:39 -04:00