cafkafk/nixpkgs
cafkafk/nixpkgs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2
nixpkgs/pkgs/tools/networking
History
Ambroz Bizjak 35e0eea053 ntpd: Allow additional syscalls in seccomp filter. 
Fixes issue #21136.

The problem is that the seccomp system call filter configured by ntpd did not
include some system calls that were apparently needed. For example the
program hanged in getpid just after the filter was installed:

prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)  = 0
seccomp(SECCOMP_SET_MODE_STRICT, 1, NULL) = -1 EINVAL (Invalid argument)
seccomp(SECCOMP_SET_MODE_FILTER, 0, {len=41, filter=0x5620d7f0bd90}) = 0
getpid()                                = ?

I do not know exactly why this is a problem on NixOS only, perhaps we have getpid
caching disabled.

The fcntl and setsockopt system calls also had to be added.
2017-04-02 21:44:06 +02:00
..
ahcpd
aiccu aiccu: fix unavailable source url, use debian mirror 2017-01-26 03:52:46 +01:00
aircrack-ng aircrack-ng: 1.2-rc3 -> 1.2-rc4 2017-02-17 00:11:32 +01:00
airfield
altermime
argus
argus-clients
aria2 aria2: 1.29.0 -> 1.31.0 2017-01-23 19:16:05 -02:00
asynk Remove myself from maintainers 2017-01-31 11:00:14 +01:00
atftp
autossh
axel axel: 2.11 -> 2.12 2017-01-09 21:32:30 +01:00
babeld babeld: 1.7.1 -> 1.8.0 2017-02-02 19:19:28 +01:00
badvpn
biosdevname biosdevname: 0.6.1 -> 0.7.2 2017-01-26 03:52:45 +01:00
bsd-finger
bud
bully
burpsuite
bwm-ng
cadaver
carddav-util
ccnet
chrony chrony: 2.4.1 -> 3.0, enable seccomp 2017-01-26 03:52:45 +01:00
cjdns cjdns: fix build with glibc-2.25 via upstream patch 2017-02-21 13:30:50 +01:00
cksfv
cmst cmst: 2016.04.03 -> 2016.10.03 2016-10-18 15:31:51 -02:00
cntlm
connect connect: 1.104 -> 1.105 2017-03-01 20:09:46 -06:00
connman
connman-notify
connman_dmenu
connmanui
corkscrew
curl curl: Use default trust store of TLS backend 2017-03-22 11:54:20 +01:00
curl-unix-socket
cutter
darkstat
davix
dd-agent dd-agent: fix by adding uptime as dependency. 2017-03-29 14:56:01 +00:00
ddclient
dhcp
dhcpcd dhcpcd: 6.11.3 -> 6.11.5 2016-12-04 01:40:26 +01:00
dhcpdump
dhcping
dibbler
dirb dirb: init at 2.22 2016-11-07 00:52:13 +01:00
dnscrypt-proxy dnscrypt-proxy: enable additional plugins 2017-03-16 16:15:33 +01:00
dnscrypt-wrapper dnscrypt-wrapper: 0.2.1 -> 0.2.2 2016-10-29 03:04:03 +02:00
dnsmasq dnsmasq: install launchd plist on darwin 2017-03-09 11:30:50 +13:00
dnsperf dnsperf: init at 2.1.0.0 2017-02-23 14:03:49 +01:00
dnstop
driftnet driftnet: 0.7 -> 1.1.5 2017-03-06 07:58:38 -05:00
dropbear
easyrsa
eggdrop
email
fakeroute fakeroute: init at 0.3 2016-11-23 15:22:55 +01:00
fastd
fdm
ferm ferm: 2.3 -> 2.3.1 2017-01-08 23:40:40 +01:00
filegive
flannel
flvstreamer
fping fping: 3.15 -> 3.16 2017-02-17 23:44:48 +01:00
gandi-cli
getmail getmail: 4.53.0 -> 4.54.0 2017-03-05 00:48:29 +01:00
gftp
gmvault
gupnp-tools gupnp-tools: 0.8.8 -> 0.8.13 2017-03-12 20:55:07 -05:00
gvpe gvpe: 2.25 -> 3.0 2017-03-09 03:12:26 +02:00
hans hans: 0.4.4 -> 1.0 2017-03-01 19:18:29 -06:00
haproxy haproxy: added fuzzy-id to the list of maintainers 2017-03-29 12:27:50 +02:00
horst horst: git-2016-03-15 -> 5.0 2017-03-01 19:16:03 -06:00
hping
htpdate
http-prompt http-prompt: 0.8.0 -> 0.9.1 2017-02-15 13:45:58 +01:00
httpie httpie: 0.9.8 -> 0.9.9 2017-02-27 12:41:51 +01:00
httping httping 2.5: fetch over https + license 2017-03-02 19:20:26 +01:00
httplab httplab: init at 0.1.0 2017-03-03 17:35:31 +01:00
httpstat Merge remote-tracking branch 'upstream/master' into HEAD 2016-10-26 13:06:43 +02:00
httptunnel
hyenae
i2p i2p: 0.9.26 -> 0.9.28 2017-01-02 13:14:42 +01:00
i2pd i2pd: 2.11.0 -> 2.12.0 2017-03-25 21:42:32 +01:00
iftop
imapproxy
imapsync
inadyn
inetutils inetutils: Add patch for Canadian TLD server 2017-03-07 21:30:03 +01:00
iodine
ip2location
ipcalc
iperf iperf2: 2.0.5 -> 2.0.9 2017-03-26 21:41:22 -04:00
ipv6calc
isync isyncUnstable: add ttuegel to maintainers 2017-02-16 09:50:31 -06:00
jnettop
jwhois
kea kea: init at 1.1.0 2016-10-24 20:02:23 +02:00
keepalived keepalived: 1.3.4 -> 1.3.5 2017-03-24 00:28:43 +01:00
lftp lftp: 4.7.3 -> 4.7.6 2017-03-06 22:06:43 +01:00
libreswan
linkchecker linkchecker: fix darwin build 2017-02-26 12:30:14 +01:00
logmein-hamachi logmein-hamachi: 2.1.0.165 -> 2.1.0.174 2016-11-24 01:17:58 +03:00
lsh
maildrop
mailsend
mailutils
maphosts maphosts: use gemdir 2017-01-18 00:52:48 +01:00
megatools megatools: 1.9.97 -> 1.9.98 2017-02-27 22:42:49 +01:00
minidlna
minio-client minio-client: 20160821 -> 20170206 2017-03-28 20:04:53 +02:00
minissdpd
miniupnpc miniupnpc: switch to old version by default 2017-03-02 19:30:37 +01:00
miniupnpd
miredo miredo: init at 1.2.6 2016-12-31 21:03:27 +01:00
mitmproxy mitmproxy: 1.0.2 -> 2.0.6 2017-03-04 12:58:29 +02:00
modemmanager treewide: purge maintainers.urkud 2017-03-27 19:52:29 +02:00
mosh mosh: use ssh from nixpkgs 2017-01-28 13:21:24 -05:00
mpack
mtr mtr: 0.86 -> 0.87 2017-03-13 04:31:00 +00:00
mu mu: run tests 2017-03-06 21:46:25 +08:00
nbd
ncftp
ndisc6
ndjbdns
netboot
netcat-gnu netcat: make netcat-openbsd the default netcat (#19411) 2016-10-30 15:06:04 +01:00
netcat-openbsd netcat-openbsd: install man page 2016-10-30 15:06:16 +01:00
nethogs
netkit/tftp
netrw
netselect
netsniff-ng netsniff-ng: 0.6.1 -> 0.6.2 2016-11-09 02:24:45 +01:00
network-manager treewide: purge maintainers.urkud 2017-03-27 19:52:29 +02:00
network-manager-applet treewide: purge maintainers.urkud 2017-03-27 19:52:29 +02:00
ngrep ngrep: fix build due to new libpcap, use debian patches 2017-01-22 14:09:50 +01:00
ngrok
noip
nss-mdns
nss-pam-ldapd
ntopng
ntp ntpd: Allow additional syscalls in seccomp filter. 2017-04-02 21:44:06 +02:00
nuttcp Adding nuttcp. 2017-01-28 20:40:21 +01:00
nylon
nzbget nzbget: 17.1 -> 18.0 2017-02-26 13:36:36 +01:00
ocproxy ocproxy: 1.50 -> 1.60 2017-03-06 07:50:50 -05:00
offlineimap offlineimap: install man pages 2017-02-14 12:37:35 -06:00
olsrd olsrd: 0.6.6.1 -> 0.9.6.1 2017-03-12 08:38:24 +01:00
openconnect openconnect_openssl: added missing dependecy gmp 2017-02-28 17:57:21 +01:00
openfortivpn openfortivpn: 1.1.4 -> 1.2.0 2017-02-17 00:11:55 +01:00
openntpd openntpd: v6+ requires libressl for constraints 2016-12-28 13:35:42 +10:00
openresolv openresolv: 3.8.1 -> 3.9.0 (#23362) 2017-03-05 21:49:48 +01:00
openssh openssh: update the gssapi patch 2016-12-29 17:04:58 -05:00
openvpn openvpn: 2.3.13 -> 2.4.0 2017-01-02 15:38:46 +01:00
p2p Merge branch 'master' into staging 2017-03-18 11:00:31 +01:00
packetdrill packetdrill: minor packaging tweaks 2017-03-10 23:35:29 +01:00
par2cmdline par2cmdline: 0.6.11 -> 0.6.13 (#23361) 2017-03-02 11:02:08 +01:00
pcapc pcapc: 2015-03.06 -> 1.0.0 2017-03-01 18:01:42 -06:00
pcapfix
pdnsd pdnsd: fix darwin build 2017-03-08 00:25:15 +01:00
pdsh
philter
pingtcp
pixiewps pixiewps: init at 1.2.2 2016-11-03 23:45:14 +02:00
polygraph
polysh Add tools/networking/polysh 2016-11-29 17:32:21 +03:00
ppp ppp: add patch to fix CVE-2015-3310 2017-01-25 20:53:43 -05:00
pptp treewide: purge maintainers.urkud 2017-03-27 19:52:29 +02:00
pptpd
privoxy privoxy: homepage now reachable via https 2016-12-06 15:48:39 +01:00
proxychains proxychains: fix build, add -ldl to LDFLAGS 2016-11-25 12:17:11 +01:00
pssh pssh: init at 2.3.1 2016-12-06 00:46:48 -05:00
pwnat
quicktun quicktun: 2.2.4 -> 2.2.5 2017-03-02 08:19:25 +01:00
radvd radvd: 2.15 -> 2.16 2017-02-02 19:33:21 +01:00
ratools
reaver-wps
reaver-wps-t6x reaverwps-t6x: init at 1.5.2 2016-11-03 23:45:14 +02:00
redir redir: 2.2.1 -> 3.1 2017-02-02 18:59:07 +01:00
redsocks redsocks: init at 0.5 2017-02-05 01:20:03 +01:00
ripmime
rp-pppoe
s3cmd s3cmd: use python2 2016-11-24 22:28:02 +01:00
s3gof3r
s6-dns skarnet.org packages: fix darwin build 2017-03-26 17:30:41 -05:00
s6-networking skarnet.org packages: fix darwin build 2017-03-26 17:30:41 -05:00
samplicator samplicator: 1.3.7-beta6 -> 1.3.8rc1 2017-02-26 10:05:18 +01:00
shadowsocks-libev shadowsocks-libev: 2.5.0 -> 2.5.5 2016-10-16 22:41:50 +08:00
shncpd
siege
sipcalc
sipsak
slimrat
smbldaptools
smokeping
snabb
socat socat: 1.7.3.1 -> 1.7.3.2 2017-02-17 00:11:03 +01:00
speedtest-cli speedtest-cli: 1.0.2 -> 1.0.3 (#24535) 2017-04-01 14:45:58 +01:00
spiped
srelay
ssh-ident
sshpass
ssldump ssldump: init at 09b3 2016-10-19 14:15:42 +00:00
ssmtp
sstp sstp: 1.0.10 -> 1.0.11 2017-03-01 16:48:07 -06:00
statsd statsd: 0.7.2 -> 0.8.0 2016-10-20 17:35:03 -04:00
strongswan strongswan: enable charon-systemd (#21872) 2017-01-14 20:41:51 +01:00
stun stun: gzip -9 -> gzip -9n 2016-12-20 15:32:14 +01:00
stunnel stunnel: 5.38 -> 5.39 2017-01-26 03:52:50 +01:00
surfraw
swaks swaks:20130209.0 -> 20170101.0 2017-03-02 08:19:41 +01:00
swec
tcpdump tcpdump: 4.8.1 -> 4.9.0 for multiple CVEs 2017-01-31 17:17:12 +01:00
tcpflow
telnet
tftp-hpa
tgt
tinc tinc: 1.0.29 -> 1.0.31 2017-01-30 12:38:02 +01:00
tlsdate
tlspool tlspool: init at 20170123 (#23437) 2017-03-03 17:38:33 +01:00
toxvpn toxvpn: 20160909 -> 20161230 2017-02-14 14:59:59 +08:00
tracebox
traceroute
trickle
ucspi-tcp
udptunnel
uget gst-plugins-base: align attrname with pkgname 2017-02-27 12:16:26 +01:00
unbound unbound: only use the two-phase build on Linux 2017-02-28 22:32:20 +01:00
urlwatch urlwatch: 2.2 -> 2.5 2016-12-02 13:14:22 +09:00
uwimap
vde2 vde2: use python2 2016-11-24 22:28:03 +01:00
vlan
vpnc
vtun vtun: 3.0.3 -> 3.0.4 2016-11-20 16:36:52 +01:00
wakelan wakelan: refactor allow builds on non linux 2016-12-26 15:04:45 -06:00
wavemon
wbox
webalizer
weighttp
wget wget: add patch for CVE-2017-6508 2017-03-11 08:18:57 +01:00
whois whois: 5.2.12 -> 5.2.14 2017-02-02 19:19:28 +01:00
wicd wicd: use python2 2017-01-11 18:25:10 +01:00
wol
wolfebin
wrk wrk: use packaged openssl, luajit (#24481) 2017-03-30 23:09:42 +01:00
wuzz wuzz: 0.1.0 -> 0.2.0 (#23002) 2017-02-19 19:11:00 +00:00
x11-ssh-askpass
xl2tpd
zap
zerotierone zerotierone: 1.1.12 -> 1.1.14 2016-12-27 17:47:41 +00:00