Commit graph

21000 commits

Author SHA1 Message Date
Sergey Mironov
222b6e21a5 gimp: revert broken gimp-2.6 dependencies 2012-08-23 03:09:19 +04:00
Shea Levy
270c7f2209 nodejs: Bump and backport fix to support ESPIPE 2012-08-22 18:54:47 -04:00
Ludovic Courtès
a167fadc07 gnutls: Disable tests on FreeBSD. 2012-08-23 00:37:29 +02:00
Lluís Batlle i Rossell
9b1c34f8f2 qemu-kvm: Revert the qemu update to 1.1.1
This reverts commit 607c28ea38
and c43f385e67.

Some builds hang, as they did with 1.1.0.
http://hydra.nixos.org/build/2963125
2012-08-23 00:07:51 +02:00
Lluís Batlle i Rossell
607c28ea38 qemu-kvm: I missed a change present in a previous reverted update
Eelco pointed it out.
2012-08-22 23:27:58 +02:00
Lluís Batlle i Rossell
c43f385e67 qemu-kvm: update to 1.1.1 2012-08-22 23:20:57 +02:00
Eelco Dolstra
e188f8ec66 virtualbox: Update to 4.1.20 2012-08-22 16:48:03 -04:00
Eelco Dolstra
22b545c325 nvidia-x11: Update to 304.37 2012-08-22 15:59:26 -04:00
Eelco Dolstra
964880ec8f virtualbox: Drop accidental JDK dependency 2012-08-22 15:55:46 -04:00
Eelco Dolstra
ac73fc486c Removed unused jdkPlugin attribute 2012-08-22 15:43:19 -04:00
Eelco Dolstra
2bc9508034 Prevent the JDK from appearing in the Nixpkgs channel 2012-08-22 15:43:19 -04:00
Eelco Dolstra
8020c37f55 Remove obsolete JDK versions
These are the JDK 5 on powerpc-linux (no longer a maintained Nixpkgs
platform), JDK 1.4 (required a manual download) and JDK 5 on Linux
(idem).
2012-08-22 15:43:19 -04:00
Eelco Dolstra
bf2b75ca7e Add hacky way to prevent Hydra from building/distributing unfree packages
If the environment variable HYDRA_DISALLOW_UNFREE is set to "1", then
evaluation of a package with license "unfree" will throw an error.
Thus such packages or any packages that depend on them will fail to
evaluate.
2012-08-22 15:43:18 -04:00
Eelco Dolstra
85047983a1 stdenv/generic/default.nix: Simplify the code using the "or" construct 2012-08-22 15:43:18 -04:00
Shea Levy
cdc0c13c00 buildNodePackage: Remove absolute path to source tarball to avoid runtime dependency 2012-08-22 15:35:00 -04:00
Andres Loeh
39cfbf6163 Set platforms for packages depending on CUDA to none. 2012-08-22 17:52:18 +02:00
Mathijs Kwik
48d98bd582 gimp28 should probably be gimp_2_8 2012-08-22 17:49:56 +02:00
Mathijs Kwik
af3a95d6f3 libiconvOrEmpty: always return a list
- fixes nixpkgs-tarball
2012-08-22 16:57:13 +02:00
Shea Levy
aa4ce18077 node-packages.nix: Export buildNodePackage 2012-08-22 09:44:38 -04:00
Shea Levy
695ca8c498 node.js: Bump 2012-08-22 09:14:05 -04:00
Peter Simons
1f18f24387 gcc-4.7: download source code from a mirror instead of hard-coding the URL of the master site 2012-08-22 14:30:15 +02:00
Peter Simons
966b4c336d mirrors.nix: use GNU mirrors before hitting the master site
Our first download URL of choice is http://ftpmirror.gnu.org/, which is an
automatic re-director.
2012-08-22 14:28:50 +02:00
Peter Simons
30a36ad6e5 hadoop: add version 2.0.1-alpha 2012-08-22 14:13:40 +02:00
Shea Levy
f34225c440 Merge branch 'chromium-updater' of https://github.com/aszlig/nixpkgs
chromium: Improve update script and update to latest versions.

Previously, we had a single hash of the whole version response from
omahaproxy.

Unfortunately the dev version is released quite frequently, so the hash
is of no use at all (we could rather directly fetch rather than
executing the script, because it will fetch all channels anyway).

This pull request adds two methods of caching:

* First of all, if a perticular version/channel is already in the
previous version of the sources.nix file, don't download it again.

* And the second method is to check if the current sha256 is already
downloaded and reads the corresponding sha256 from the lookup table.

So, this should really help to avoid flooding the download servers and
to not stress impatient users too much.
2012-08-22 06:36:33 -04:00
Shea Levy
e375671437 Merge branch 'fix-nss' of https://github.com/aszlig/nixpkgs
Fix NSS library not finding root CA certificates.

This now uses more or less hardcoded CA certificates from Mozilla, which
is the case on Debian and Gentoo aswell. And it fixes the root CA
loading issue, as i discovered that firefox builds with the bundled
version of NSS. With this branch this is no longer the case.

My long-term plans are to integrate an automatic chainloader for
OPENSSL_X509_CERT_FILE, but I'm not sure if this is really a good idea
(hence not included in this branch), as the nss-pem module is still
somewhat experimental. Regardless of it's experimental nature i'm still
including it in order to make it possible for users to load custom PEM
encoded certificates into the NSS database.

This fixups also makes it possible to enable FIPS mode, in case someone
might be interested in that.

And finally, we have a Chromium without quirky bugs from the
experimental OpenSSL integration, which was my original motivation to do
this.

See #112 for further comments.
2012-08-22 06:24:09 -04:00
Michael Raskin
559f5be097 release.nix: use the freshest release GIMP version (2.8.0) 2012-08-22 13:08:49 +04:00
Michael Raskin
fc3c71cb04 Merge pull request #113 from aszlig/ncdu
ncdu: New package, starting at version 1.8.
2012-08-22 01:07:03 -07:00
aszlig
ec6926bf7e ncdu: New package, starting at version 1.8.
`ncdu` is a little ncurses tool to browse the filesystem tree sorted by disk
usage.
2012-08-22 10:02:19 +02:00
aszlig
5df4e12c92 firefox: Build against system NSS.
So, now even Firefox can be built with our shiny new fixed up NSS derivation,
and as this is desired (especially if we want to support certificates from the
CA bundle), let's make it the default.
2012-08-22 08:29:10 +02:00
aszlig
8b4fae76b3 chromium: Build with NSS by default.
Hurray! This is the first time chromium is working with NSS _and_ is able to
verify certificates using the root certificates built in into NSS.

Optimally it would use certs from OPENSSL_X509_CERT_FILE, but at least it's
working, so let's add that at some later point.
2012-08-22 08:29:10 +02:00
aszlig
808108105d nss: Just delete files if includeTools is false.
Before, the entire directory was deleted and recreated, which fails if we want
to sign libraries (shlibsign is obviously deleted in that step as well), so we
delete everything but "nss-config" on postFixup.
2012-08-22 08:29:10 +02:00
aszlig
c672997dc6 nss: Remove redundant nss-config.in.
This file is already contained in nss-3.12.5-gentoo-fixups.diff, so we don't
need to do all that cruft twice.
2012-08-22 08:29:10 +02:00
aszlig
38a4d77665 nss: Fix referencePath to security modules.
This adds a patch from Debian, as they're already have security modules from NSS
in it's own library directory rather than /usr/lib{,64}/ and patch in loading of
libsoftokn as well.

The patch and our own fix of the patch (well, they hardcode Debian specific
stuff in there) ensures that SECMOD_AddNewModule() will find the right module
from the derivation's output path, so the built-in CA root certificates are
recognized and verified correctly.
2012-08-22 08:29:09 +02:00
aszlig
9e0aaf30aa nss: Sign libraries after striping.
Running NSS in FIPS mode is only possible if the libraries are signed correctly,
so we're doing this in the postFixup hook, to insure nothing gets altered after
that phase.

For more information about FIPS mode, please see:
https://developer.mozilla.org/en-US/docs/NSS/FIPS_Mode_-_an_explanation
2012-08-22 08:29:09 +02:00
aszlig
29fce94665 nss: Clean up build/make flags.
First of all, let's remove that redundant BUILD_OPT variable.

This variable already is in makeFlags, so we really don't want it to be lurking
around in the attribute set of the derivation, and it annoys me for being there
for days.

We now state build targets explicitly rather than relying on "nss_build_all".
This makes NSPR_CONFIG_STATUS and the touch of build_nspr stamp obsolete, as
only nss_build_all includes build_nspr.

In addition, we don't need the -lz hack anymore, as this has been fixed in
recent NSS versions, so we can completly remove the postBuild hook.

And while we're at it, we're removing those outdated build instructions as well,
especially because we don't and can't follow official building guidelines
anymore, as those are difficult to apply to Nix.
2012-08-22 08:29:09 +02:00
aszlig
5f4ca8ec18 nss: Add nss-pem module from fedora.
This is a compatibility module which adds suport for PEM certificates used by
OpenSSL and compatible libraries. The module gets built but isn't used at the
moment, so we're going to work on integration of it later.
2012-08-22 08:29:09 +02:00
aszlig
485dcc9152 nss: Build using system libsqlite.
Let's use system SQLite library, which makes sense anyway. More importantly
because it conflicts with the sqlite package, as NSS is building this as a
shared library aswell.
2012-08-22 08:29:09 +02:00
aszlig
0e768ba98d nss: Update NSS to version 3.13.6.
So to begin with fixing NSS let's get to the latest upstream release and start
fixing, so we won't carry around historic crap we then will throw away anyway.
2012-08-22 08:29:09 +02:00
Eelco Dolstra
d7fc07705a Add latest patchelf prerelease 2012-08-21 15:57:41 -04:00
Eelco Dolstra
e3605e7e76 Merge branch 'master' of github.com:NixOS/nixpkgs 2012-08-21 14:27:18 -04:00
Eelco Dolstra
dc2f0f6474 gdb: Update to 7.5 2012-08-21 14:27:00 -04:00
Ludovic Courtès
45ce8c915d libiconvOrNull: Fix libc check. 2012-08-21 16:58:55 +02:00
Ludovic Courtès
11602dad82 glib: Use libiconvOrNull' instead of libiconv'. 2012-08-21 15:53:43 +02:00
Ludovic Courtès
f959a26e33 stdenv: Fix typo. 2012-08-21 15:30:50 +02:00
Ludovic Courtès
d53cb937f5 libiconvOrNull: Do not use an external libiconv on glibc systems. 2012-08-21 15:29:37 +02:00
Ludovic Courtès
6adc5cedae stdenv: Add `isGlibc' function. 2012-08-21 15:29:07 +02:00
Eelco Dolstra
606e6acd6f postgresql: Update to latest versions
Fixes CVE-2012-3488, CVE-2012-3489.
2012-08-21 08:42:44 -04:00
Eelco Dolstra
8b6edfe78d polkit: Update to 0.105 and enable systemd (logind) support
There are even newer polkit releases, but they have a spidermonkey
dependency which I don't want to bother with right now.
2012-08-21 08:42:44 -04:00
Eelco Dolstra
ab3788b382 upower: Update to 0.9.18 and enable systemd support 2012-08-21 08:42:44 -04:00
Eelco Dolstra
6121046a1c systemd: Set the path to pkttyagent
This allows commands like "systemctl reboot" to ask for authentication
when run by mere mortals.
2012-08-21 08:42:44 -04:00