This takes another approach at binding FHS directory structure. We
now bind-mount all the root filesystem to directory "/host" in the target tree.
From that we symlink all the directories into the tree if they do not already
exist in FHS structure.
This probably makes `CHROOTENV_EXTRA_BINDS` unnecessary -- its main usecase was
to add bound directories from the host to the sandbox, and we not just symlink
all of them. I plan to get some feedback on its usage and maybe deprecate it.
This also drops old `buildFHSChrootEnv` infrastructure. The main problem with it
is it's very difficult to unmount a recursive-bound directory when mount is not
sandboxed. This problem is a bug even without these changes -- if
you have for example `/home/alice` mounted to somewhere, you wouldn't see
it in `buildFHSChrootEnv` now. With the new directory structure, it's
impossible to use regular bind at all. After some tackling with this I realized
that the fix would be brittle and dangerous (if you don't unmount everything
clearly and proceed to removing the temporary directory, bye-bye fs!). It also
probably doesn't worth it because I haven't heard that someone actually uses it
for a long time, and `buildFHSUserEnv` should cover most cases while being much
more maintainable and safe for the end-user.
This reverts commit 112d4c71b2.
This upgrade causes a serious Plasma performance degradation and causes
incorrect font rendering. Reverting until the cause is known.
* removing luaMessagePack (only used by neovim)
* using libmpack (updated to latest master since they fixed a lot of packaging
issues)
* package libmpack lua bidnings
* neovim expression now excepts luaPackages as an input and not individual
lua packages (to avoid depending on different lua version)
It's a driver module for PCSC-Lite, which allows to use the USB readers
from REINER SCT, a reader that is very commonly used in Germany for
online banking and for reading/writing data from/to the national
identity card.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
As of 4.15.3, gwenhywfar works with the latest version of GNUTLS, so we
no longer need to reside to using an older version.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This should make it easier to deduplicate things, such as fetching
upstream sources and the plugin paths, because after all these libraries
are aqbanking-related and maintained by the same author on the same
site.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @cillianderoiste, @urkud
Another library that is part of aqbanking and needed in order to access
various chip cards. It's essentially useful for doing online banking via
FinTS/HBCI without PIN/TAN (or iTAN, mobileTAN, whatnot...).
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This was originally removed in d4d0e449d7.
The intent was not to maintain hydra expression at two places.
Nowadays we have enough devs to maintain this despite copy/pasta.
This should encourage more people to use Hydra, which is a really
great piece of software together with Nix.
Tested a deploy using https://github.com/peti/hydra-tutorial